In the second in her blog series on protecting supply chain integrity, Holly Miller looks at why one-off, look-back, due diligence is no longer adequate. To read her first blog on this topic, click here.
Supply chain or third-party risk is nothing new. However, recent events such as the global pandemic, the war in Ukraine, and the economic turmoil in many major economies has significantly changed the third-party risk landscape for many organizations. This is why it’s more vital than ever for decision-makers to understand who they are doing business with and the risks their organizations are being exposed to as a result.
Despite these changes in the risk landscape, however, many organizations still only perform one-off screening or due diligence exercises for new suppliers at the time of onboarding. Very few monitor their existing suppliers for risk and the ones that do this may be basing their assessments on a one-dimensional view of data and/or risk.
This approach to due diligence screening can expose organizations to regulatory, financial, or reputational risks that may not have been apparent at the time of onboarding.
One-off Screenings & Supplier Audits: Why The World Has Changed
Many pieces of legislation, such as the Foreign Corrupt Practices Act 1977 or the UK Bribery Act 2010, recognize that compliance programs should be proportionate to risk. As such, there are very few rigid or prescriptive requirements in place from regulators regarding third-party management.
Since these legislations were initially implemented, the landscape has changed in several ways:
- Lessons have been learned in sectors such as Life Sciences, which has had to react to significant enforcement activity and supervision. There are now strong examples of analytics-led compliance programs to manage the risk of their third parties. In 2020, the US Department of Justice (DOJ) updated guidance on what makes an effective compliance program, and the message is clear: a stale “paper program” that is based on a snapshot in time doesn’t work in practice and is no longer good enough.
- There is an expectation from the DOJ and other regulators that continuous access to data be made available to compliance teams and that ongoing monitoring of third-party relationships be required.
- Technology in 2023 is light years ahead of the technology that existed – even in 2010. It’s now possible to continuously monitor third parties for integrity risks.
- Legislation is being enacted continuously around the world, increasing the expectations of organizations to own and manage integrity risks within their supply chain. This is not just about monitoring fraud and corruption. It also includes assessing the risks of human rights violations, environmental impacts, sanctions, financial crime, and more.
Based on this, the base line expectation of what is reasonable and adequate in response to changing risk has moved on. Continuous monitoring is no longer a best practice – it’s an expectation.
Why Continuous Monitoring is Necessary
Having a continuous approach to monitoring is necessary to ensure you have the fullest picture of the organizations you’re doing business with. At the time of onboarding, a new third party may look squeaky clean, but what happens if:
OFAC releases a new sanctions regime and several shareholders and directors of your organization’s supplier base are impacted?
- A new director is appointed at one of your suppliers, who is a senior politician in a significant growth jurisdiction?
- Recent adverse media identifies that a key supplier is accused of significant environmental violations?
- ESG reporting requirements in some of the origination’s jurisdictions have changed?
- A conflict of interest has been identified between a new employee and the CEO of a key supplier?
- A supplier recently changed their bank account details to an account in an offshore tax haven?
These examples expose an organization to possible regulatory, financial, or reputational risks, which would have been hidden without a continuous or at least periodic monitoring program.
Powering Decision Intelligence to Expose High Risk Activity
In legacy programs, compliance teams have had to compromise on screening and monitoring due to the effort and resources required to manually bring internal and external data together, sift through false positives, and review self-declarations from employees and third parties. In addition, siloed teams reviewing third parties for multiple, different risks result in additional inefficiencies and a lack of context. Organizations have often had to prioritize screening on a risk-based sample of organizations and often only refresh a smaller sample every couple of years.
To overcome these challenges, organizations need to be able to connect their data to derive the most meaningful insights. And this starts with context. Technology exists today that addresses many of the challenges organizations previously faced in managing the integrity of their supply chain:
- Technology that incorporates accurate Entity Resolution capabilities allows organizations to connect internal and external data at scale to create trusted, dynamic single views of suppliers. This can significantly reduce the vast number of false positives that can occur when screening against a fuzzy match of a supplier’s name.
- Network analytics allows an organization to automatically screen their suppliers, and their suppliers’ network including connections to other suppliers, businesses, and individuals.
- Contextual monitoring provides a 360-degree view of a supplier to provide intelligence-led detection of the highest risk suppliers and/or transactions to the top. Enhancing this approach with supervised or unsupervised machine learning techniques allows compliance teams to focus their efforts on third parties, which are most likely to expose the organization to risk.
Bringing it All Together
To surface genuine high-risk activity, organizations must put their data to work using the power of advanced AI and analytics technology. By bringing together both internal and external data and using a greater number of signals, you can filter out the riskiest activities, transactions, or third parties for review without creating high numbers of false positives. A Decision Intelligence Platform is proving to be the best line of defence.
You may be interested in…

How Banks Can Use Supply Chain Analytics To Enhance Client Experience
Learn how supply chain analytics transform the way banks extract value from customer data, enhancing dynamic decision-making across all operations.

Detecting & Preventing Scams with Advanced Analytics
Find out how banks can detect and prevent the growing problem of scams using advanced analytics – and how scams have evolved since COVID-19.

Overcoming Investment Fraud with New Technology Solutions
Since the infamous Bernard Madoff Ponzi scheme, financial institutions are turning to fraud detection tech to protect them. Find out why.

Data Decision Gap Risks Holding Back Economic Recovery, Global Research Finds
Learn how to close the data decision gap in the first-ever Data in Context report based on interviews with 750 IT and data decision-makers.

Top 30 Data & Analytics Predictions for 2022
Explore Quantexa’s top 30 data and analytics predictions for 2022 that every forward-thinking business leader should know about.
Related Solutions

Tax Authorities
Reduce the tax gap, identify fraud and non-compliance, and operate as efficiently as possible with limited resources.

Anti-money laundering
Reveal hidden risks and detect criminal activity faster. Reduce false positives to manage the cost of compliance. And improve investigations to make faster and more consistent decisions at scale.

Customs Agencies & Border Control
Contextual Decision Intelligence enables faster decisions, increased revenue collection and enhanced compliance. The Quantexa platform enables Customs and Border agency teams to analyze data successfully, automate and accelerate decision-making, and achieve improved results.

Fraud
Identify potentially fraudulent activity by looking at people or transactions in isolation. Understand the context surrounding the organizations you do business with to make fast, accurate decisions.

Fraud, Waste & Abuse
Empower your team with the best tools available for today’s challenges to identify and prevent fraud, waste and abuse with contextual decision intelligence software.

Credit Risk
Understand your customers, their business structures and supply chains. Make better lending decisions, faster. And support digital risk transformation.

Customer Intelligence
Generate a complete view of the context around your customers and prospects to build better relationships, reduce attrition and find hidden opportunities.

Revolutionize Your Financial Crime and Fraud Detection

Investigations
Enhance the efficiency, effectiveness and consistency of your operational and complex investigations to empower your teams to expose and understand risk faster.

Master Data Management
Connect all data—internal and third party—to create a joined-up, contextual view of all the relationships between your customers and every other domain.

Compliance
See how we help to reduce costs and improve coverage for financial crime compliance.

CDO
See how our platform uses contextual analysis to turn data into a high value asset.

CIO
See how our platform uses financial crime technology to enhance your existing IT ecosystem.

Healthcare
Reduce the tax gap, identify fraud and non-compliance, and operate as efficiently as possible with limited resources.

Contextual Monitoring
Reveal hidden risks and detect criminal activity faster. Reduce false positives to manage the cost of compliance. And improve investigations to make faster and more consistent decisions at scale.

Unified CRM Solution

Know Your Customer
Reduce significant manual effort across onboarding, refreshes and remediation. Automate checks, implement continuous monitoring, and focus on contextual decision making.

Growth and Retention

Contextual Engagement
Generate a complete view of the context around your customers and prospects to build better relationships, reduce attrition and find hidden opportunities.

Data Management
Connect all data—internal and third party—to create a joined-up, contextual view of all the relationships between your customers and every other domain.

Connected Customer View
Generate a complete view of the context around your customers and prospects to build better relationships, reduce attrition and find hidden opportunities.