Inside Supply Management Magazine

Third-Party Risk Management and Compliance Pressures Mounting

March 18, 2019

Dun & Bradstreet has released its third Compliance and Procurement Sentiment Report — and the good news is that 86 percent of those surveyed say they are confident in the current effectiveness of their functions. And 87 percent say are confident in their future effectiveness.

However, both percentages are down slightly from those of the two previous reports; in the first, released in June, the current-effectiveness confidence rating was 93 percent and the future rating 91 percent. In the second report, released in February, both confidence ratings were 88 percent. (The most recent survey, conducted by ComRes, involved 620 procurement and compliance professionals, 71 percent of whom are decision makers.)

What is causing the decline? Author Brian Alster, global head of supply and compliance at Short Hills, New Jersey-based Dun & Bradstreet, writes in the executive summary that professionals are recognizing that there are “increased pressures to develop and maintain third-party risk management and compliance programs.”

Among those pressures:

Environmental, social and governance (ESG) concerns. According to respondents, these are a growing concern. The survey found that 43 percent acknowledge that it’s difficult to identify ESG within customer due-diligence processes. This indicates there is a lack of clarity regarding screening and planning for ESG in third-party risk management, Alster writes.

ESG is expected to be the top concern over the next six months.

Regulations. Meeting ever-changing regulations and requirements that differ by locale can be difficult for procurement and compliance professionals. More than half (53 percent) of those surveyed say that in the last three months, existing regulations have increased business risk, while 43 percent say they’re concerned that regulations will increase business risk in the next six months. Also, 56 percent say that regulations create a barrier to doing their jobs effectively.

Specific governmental regulations and proposals also are having an impact. When asked about Brexit, a third of United Kingdom (U.K.) respondents felt that the U.K.’s leaving the European Union (EU), scheduled for March 29, would be a liability for their business, while 38 percent were ambivalent, and 21 percent saw it as an opportunity. Many felt that treating the EU as a second country would add to the complexity in procurement and due-diligence processes.

The survey also asked about Iran sanctions imposed by President Donald Trump’s administration. While most weren’t concerned about the new sanctions, they consider the suddenness of the change and the ability to identify risks in the supply chain as top concerns.

The convergence of supplier risk management and compliance. Both functions are about mitigating risk, and if they were to merge, the outcome would vary, according to respondents. About half say this dynamic would be fairly or very positive; for 13 percent of respondents, it would be negative.

Fraud. Procurement and compliance professionals continue be concerned about this issue, with 10 percent reporting that they had experienced fraud in the past three months, 19 percent in the past six months and 27 percent in the past 12 months. Fifty-six percent of respondents say that technology and policy are the top contributing factors to fraud.