The podcast series that’s all about minding your business in contract management and source to pay.
Following on the heels of a webinar with SIG and Chris Monk of Determine partner Protiviti on Third Party Risk Management Efforts 101: Aligning Supplier Onboarding to Contract Onboarding, the discussion continues with Tony Abel, Managing Director and Chris’ colleague at Protiviti. With few exceptions, third-party risk has been one of our dominant topics over the past 12 months, with good reason. Risk is everywhere; it’s always growing, changing and adapting in order to seek and sneak its way into organizations by any means possible. As Tony points out regarding suppliers and vendors, companies are now largely responsible for those third-parties and the risks they create.
This, in turn, has led to a much more thorough vetting process of suppliers before they are even onboarded – or not. This level of scrutiny also needs to be applied to existing suppliers and contracts to see what levels of protection a company already has in place (or not). Critically, a company needs to know their rights concerning auditing how those third parties are adhering to requirements. Because there is so much interconnectedness between risk, suppliers and the contracting process, there has to be integration in how they are managed.
Source-to-pay technology as risk management partner.
Often, the shifting regulatory environment drives a need – money laundering, foreign corrupt practices, Stark’s Law, etc. – which causes companies to scramble for a solution. This is true across industries, from financial services to healthcare, manufacturing, energy and others. Statistics mentioned during the conversation highlight that over 40% of companies have 1,000 suppliers, and 29% of companies have upwards of 5,000 or more. But, the risk management need extends to 2nd- and 3rd-tier suppliers as well. Effectively managing that level of complexity cannot be done without advanced, seamlessly integrated supplier and contract management technology solutions.
According to Tony, Protiviti does a lot of work helping companies strategize and implement plans for the digitization of processes. For example, a lot the impetus for financial services to get a handle of supplier risk came out of the economic crisis ten years ago. But other industries, notably healthcare, have seen that regulatory impact, and are actively working to get ahead of any similar scenarios.
The ability for technology to aid that process depends a lot on where the need is coming from within an organization, and who’s driving that function. As Tony mentions, companies are not approaching Protiviti with any kind of holistic sense of third-party risk and what they need to manage it. And maybe, that’s exactly where they need to start.
Thanks for listening in.