Policies designed to vet suppliers and vendors against indicators of bribery and corruption are poorly understood and inconsistently applied, according to research from Dow Jones Risk & Compliance into the third-party risk management practices of UK companies. The research, conducted in August 2019, surveyed 250 UK-based procurement professionals from five sectors: engineering and construction, oil and gas, IT and technology, media and telecoms, and manufacturing.
Some of the key findings from the research include:
- 31% of the third parties that businesses work with are considered ‘high risk’.
- 50% say that the time required to vet suppliers results in corners being cut to do business faster.
- A third of all new supplier onboarding undertaken in the past 12 months was likely to have been executed incorrectly.
- Over half of procurement professionals are not confident that existing suppliers have been vetted properly.
- 41% say senior-level relationships influence the level of supplier vetting.
- Less than half (45%) have regular and training certification programmes to ensure the code of conduct for third-party risk management is fully understood and applied.
With the promise of increased scrutiny from regulators, and stronger enforcement from prosecutors such as the Serious Fraud Office, change is needed - and quickly - if UK companies are to avoid disruption, financial penalties and reputational damage. A third of all new supplier onboarding undertaken in the past 12 months was likely to have been executed incorrectly, while more than 50% of the procurement professionals surveyed said they were not confident that existing suppliers had been vetted properly.
The research shows that procurement professionals expect a doubling of third-party relationships in the next three years, despite the challenges already faced in managing 2019 volumes. Two-fifths say that their approach needs an overhaul, but the majority do not expect to see an increase in budgets to prepare for future requirements. Half expect budgets for third-party vendor management to stay the same, while a quarter forecast their budget will be cut.
“This research reveals significant gaps in the implementation of third-party risk management processes, as well as a lack of business-wide understanding about the risks such processes are designed to address," said Guy Harrison, general manager of Dow Jones Risk & Compliance. "With enforcement action on the rise, compliance simply isn’t the place to cut corners. UK businesses need to address blind spots around third-party risk management as a matter of urgency.”
“This survey suggests that compliance officers need to have visibility over the entire third party onboarding process," commented Jim Lord, former US Department of Justice prosecutor and consultant to Dow Jones Risk & Compliance. "A consistent risk-based approach implemented throughout the organisation with oversight from compliance is a critical component of having ‘adequate procedures’ in place.”
“UK businesses are much less likely to be caught up in bribery overseas than they were ten years ago," added Charles Monteith, former head of Assurance for the Serious Fraud Office. "This is thanks to both the threat of prosecution and the stipulations of the UK Bribery Act. The demand side is also changing. Driven by the need to have anti-corruption laws of equal standing, and to protect domestic industry, other countries have instated tougher laws - although they haven’t entirely caught up with the UK. Overall, there is a sense amongst business that bribery is neither sustainable or worth the risk.”
Like this item? Get our Weekly Update newsletter. Subscribe today