THIRD-PARTY RISK MANAGEMENT (TPRM) IN THE PHARMACEUTICAL INDUSTRY ENABLED BY BLOCKCHAIN TECHNOLOGY

When collaborating with third parties, companies face reputational and financial risks. Due to regulatory requirements and society’s scrutiny, as well as to manage risks, companies perform suppliers’ and customers’ risk assessments. In fact, the average large company may perform thousands of these every year, evaluating risks of corruption, health, safety, environment and labour rights, among others.

Each of these risk assessments requires considerable investment into resources, both from the risk-assessing company and the risk-assessed company. In specific industries, such as financial services and defence, security and aerospace, there are examples of collaboration where risk assessments are made based on predefined standards and can be leveraged across companies. These collaboration setups, henceforth defined as community models, required a facilitator to preserve confidentiality and trust.

For example, pharmaceutical company A wants to work with supplier B to outsource production, but before engaging, needs a risk assessment for environmental pollution. Supplier B would then engage and be risk assessed by the facilitator of the community model for its environmental standards, and the risk assessment shared with company A. Now, pharmaceutical company C is also interested in working with supplier B and requires the same risk assessment.

Since the facilitator of the community model has already assessed supplier B, the risk assessment is shared with company C. This saves time and effort for both supplier B and company C. Meanwhile, the facilitator is remunerated to operate the community model and maintains confidentiality. In this example, neither company A nor company C will know that supplier B is working with both.

Oct-Dec 2020 Issue

Novartis