Third-party risk management (TPRM) entails the policies, processes, operating models and tools which are targeted to identify and manage risks of suppliers, potentially also customers and partners, resulting from engaging with them.

Organisations today, not only but also due to extended outsourcing and offshoring, tend to be embedded in an increasing network of third parties. This creates a dependency on a worldwide ecosystem that is difficult to understand and to predict. Proactive and continuous smart investments will address the growing importance and constant need for improvement to navigate through an organisation’s internal and external risk universe.

There is no doubt attention toward TPRM at the executive level is growing.

External drivers are often the cause. The regulatory world is tightening its grip on TPRM. The UK Modern Slavery Act already feels like a longstanding fact. Recently, Australia has announced a similar regulation, while Germany, Switzerland and other countries are working on one as well. The new General Data Protection Regulation (GDPR) became a reality last year. The fast-developing human rights agenda, which is gaining ground in the corporate world, is evolving its strategies, while investor groups and the public demand that companies walk the talk, supported by evidence.

What is the main objective of TPRM? The ultimate goal cannot be to ensure risk-free interactions. Organisations strive to create value, which always requires some form of investment. Every investment bears some form of risk. If you want to be absolutely risk-free, you cannot make any investments. No investments, no value creation.

Look at TPRM as an integral part of the value creation chain – it should be focused primarily on making potential risks transparent, fostering a real risk awareness versus just a tick-the-box exercise and enabling the organisation to make the best possible informed decisions, taking into consideration its own defined risk appetite, leading to an outcome ideally free of unwanted surprises.

Oct-Dec 2019 Issue