Third party compliance without slowing down the business

By James Crookston, Associate, The Red Flag Group

Effective procurement and purchasing processes are vital for any company. If these processes are slowed down or delayed, it can cause ripples throughout a company’s entire supply chain, leading to missed commitments and financial losses.

While it is crucial that procurement and purchasing happen promptly, measures also need to be taken to ensure that goods are procured in a manner that complies with company policies and government regulations.

Government agencies are pushing for greater visibility to ethical issues hidden within supply chains. Anti-bribery legislation (Foreign Corrupt Practices Act, UK Anti-bribery Act) have been front and centre to organisations’ compliance and integrity programs, however regulations extends to other risks. Human rights concerns have brought about legislation such as the UK Modern Slavery Act, the California Transparency in Supply Chains Act and the Dodd Frank Act, section 1502, to give consumers greater visibility into the use of child labour, forced labour, slavery or human trafficking to produce goods. More recently, data privacy regulation, such as the EU General Data Protection Regulation (GDPR) have significantly impacted how organisations share data with partners. These regulations have established real and significant penalties for organisations - and their partners - if acting unethically.

The amount of approvals needed and points of concern to be reviewed for a compliant procurement process can be daunting. It is common that stakeholders across the organisation (Legal, HR, Operations, sales, Procurement and Supply Chain) are required in order to perform an effective assessment of supply chain partners. The high pressure to ensure timely sourcing can lead to bypassing stakeholders and assessment steps in order to resolve short-term concerns, opening the company up to longer-term risks.

Downstream compliance issues are often fairly straightforward: do not pay bribes, do not illegally manipulate prices, do not export to places that are prohibited by law, and so on. These issues tend to be concentrated in either sales or third-party distributors, over which the company has at least some semblance of control or influence.

Upstream compliance, on the other hand, is far more complex, with risks spread across a greater portion of the company, and overlapping various stakeholders, often stemming from issues that are largely out of the company’s control.

Each department has their own requirements, timelines and compliance concerns, and these are often not in line with those of other departments. This inconsistency, compounded by the distributed and sometimes siloed nature of large corporations, can make it difficult for all the stakeholders concerned with procurement compliance to communicate – let alone build an efficient process to ensure the required steps are done in a timely manner.

Yet there is a solution that can alleviate many of the issues noted above: automating the compliance portion of the procurement process. With a clear process that is executed by capable technology, an automated compliance programme can streamline the approval process to ensure that all stakeholders maintain control over their particular risk areas without getting in each other’s way or unnecessarily slowing down the process.

Third party integrity assessment activities are often distributed across groups, and activities may be directed to different team simply based on the business team sourcing material.

For example, all materials going to line A’s operations would be verified for approved use by the corresponding stakeholders, while those going to line B’s would do the same for its corresponding stakeholders, without any unnecessary overlap or delays caused by someone not involved in that particular approval process being alerted or waited for.

Automation ensures that any deviation from the standard approval process can only occur with the approval of a programme administrator, and that each department spends less time taking care of clerical tasks such as requesting documents or filing questionnaires. This allows departments to retain control over their third party compliance, but adds administrative efficiency and process consistency across the organisation.

Having that automation take place within an established technology solution also allows for the archiving of information on suppliers that have been reviewed in the past, potentially expediting the approval process of a new vendor and maintaining business continuity when a supplier is suddenly unable to fulfil a request.

The long-term success of any company depends on whether it meets its short-term financial goals while doing business in an ethical and compliant manner to build confidence in its brand. While these two points can often be at odds with one another, having a clearly-defined, automated procurement approval system can cut time and resources spent on compliance. The saved time and money can then be spent building up the business, while still ensuring that suppliers are providing ethically produced goods and materials that meet all of the requirements for their given use.

Automating compliance allows all stakeholders to maintain oversight of their various responsibilities and limits the impact that compliance approvals will have on the overall procurement process.
 

To find out more about our products and services, please visit www.redflaggroup.com. If you have any enquiries, please contact info@redflaggroup.com.

At The Red Flag Group®, we believe that supply chains represent significant reputation and regulatory risk when the integrity of third parties are not verified. We offer Supplier Integrity®, an innovative supply chain ethics, integrity and compliance risk management solution that automates your supplier onboarding process and continually monitors for new risks. Learn More

 

Previous Article
Why you need a subscription service to effectively monitor compliance and integrity in your third parties
Why you need a subscription service to effectively monitor compliance and integrity in your third parties

IntegraAlert® | Integrity and Risk Monitoring, a simple subscription service that helps you to extend the l...

Next Article
Top ten things that internal audit needs to understand when working with compliance people
Top ten things that internal audit needs to understand when working with compliance people

The following are the top ten things that internal audit teams need to keep in mind when working with compl...

Looking to build a perfect due diligence programme for your business?

Contact us