By Sanday Chongo Kabange, The Red Flag Group®
Effective third-party management
Many businesses fail to accurately assess their risk exposure because of an overly complex third-party management process, or an insufficient assessment as they simply want to meet their regulatory or legal requirements. The two crucial parts of an effective due diligence process are commonly treated as two separate phases: creating the risk matrix for your third parties, along with mitigating or remediating risks identified. Understandably, the actual due diligence phase is the core link and is also the easiest phase of the entire process. This is because most of the ingredients of due diligence are accessible and straightforward. The challenges you encounter are often related to the identification and mapping of risks, made more difficult due to the scarcity of information. Many elements require consideration, including local regulations and legislation; local cultures as well as the economic and political environment. For more than 12 years, The Red Flag Group® has been helping clients to get the most value of the entire third-party management process by providing counsel, guidance and advice on what to focus on or what to do by offering local insights and global expertise depending on the region and industry.
The pre-due diligence phase is where you outline the reasons why you want to perform due diligence on your channel partners, suppliers, distributors or prospective M&E deals. This is where you assess, prioritise and align your risk concerns with your business objectives, corporate goals and business strategy. After your assessment, categorising your third parties and determine which ones are high risk and which ones are low risk are straightforward. This is where you ascertain the level of due diligence needed to be conducted on your third party based on, among other things; what they do for you, where they are located and the monetary value of your engagement. In fact, most compliance practitioners fully understand that third parties located in high risk jurisdictions will require enhanced due diligence and may require constant ongoing monitoring. The Red Flag Group® has specialists and technology platforms that can help you manage this phase by clearly prioritising your risks concerns and suggesting the most appropriate due diligence. For instance, using our ComplianceDesktop® | Compliance Technology Platform you can access a complete platform for the identification and management of risks associated with channel partners. Additionally, you can outsource risk assessments, reviews, onboarding, and monitoring programme of third parties using our Compliance Managed Services: Onboarding Technology.
Additionally, in the risk assessment phase, we help you understand the ethics, compliance and integrity of your suppliers through Supplier Integrity® I Supplier Management Platform. Supplier Integrity® leverages a proprietary risk assessment methodology developed by The Red Flag Group® to protect your business from ethics, integrity and compliance risks.
Having assessed your risk exposure, you will embark on the easier but key phase of your due diligence process. This is where you access valuable meaningful research, data and intelligence to help you meet your due diligence obligations. You can access 12 year’s business intelligence and data on companies and individuals in over 200 jurisdictions through IntegraCheck® | Integrity Due Diligence reports. With our Research and Analysis teams in 15 global locations conducting due diligence research using proprietary and subscribed datasets, tailored risk ratings and scoring systems, we also include local insights depending on your risk appetite, industry and country where your partners are located in order to provide you with business intelligence and not simply research data.
IntegraCheck® 7.0 due diligence reports are embedded with IntegraRating® and Peer Benchmarking which helps to prioritise your risk concerns based on impact and visually shows you how your third parties rank when measured against peers in the same industry and country. We help companies to collect valuable data using a widespread network of industry experts and country specialists to explain what each risk means to you and the likely impact to your business in 45 languages.
The value to clients is that IntegraCheck® 7.0 due diligence reports supports an independent layer of interpretation data and business intelligence against a standard and gives the best possibility of a benchmarking standard that exists in the market.
Making informed decisions
This may be the most important part of the whole due diligence process because the decisions you make at this phase will potentially determine whether you have reduced or increased your risk exposure. Once you have received your due diligence report, you take control of the next steps to take. You can proceed with an acquisition or a merger, onboard a prospective partner, remediate or mitigate identified concerns, cancel a pending transaction or simply end your business relationship with unethical partners.
The Red Flag Group® provide access to over 200 compliance professionals to explain in detail and layman terms the issues identified, as well as offer suggestions on how to remediate or mitigate the uncovered concerns.
Additionally, once you have received your due diligence report, you can enrol in a subscription service that enables you to effectively monitor compliance and integrity in your third parties on an ongoing basis through IntegraAlert® | Integrity and Risk Monitoring. When an integrity or business issue is identified, an IntegraAlert® notification will be sent to you with customised advice to effectively manage the issue. By daily monitoring of our proprietary database called IntegraWatch® | Compliance Screening, clients have screening access to people and organisations who appear on government sanctions or watchlists, are Politically Exposed Persons (PEPs), State Owned Entities (SOEs), or have been identified by a reputable media source as presenting a risk as defined by The Red Flag Group®'s 23 risk areas.
You may equally opt to have you and your partners certified through our anti-corruption certification programme offered by the world’s leading anti-corruption certification agency, ETHIC Intelligence®. ETHIC Intelligence Certification helps organisations to choose the certificate which is best adapted to their structure, size, maturity and needs.
Furthermore, based on recommendations from compliance professionals, our team may suggest establishing whistleblower hotlines to report misconduct. We help clients to set up effective and cost-saving whistleblower hotlines through our IntegraCall® I Secure Compliance Hotline. IntegraCall® is an intelligent technology solution for misconduct reporting, where companies can manage their global hotline services through whistleblowers' own handheld devices, meaning they are more accessible, simpler to roll out and cost-effective because of its utilisation of artificial intelligence as opposed to operation a call centre manned by people.
As you get embark on a process of conducting due diligence on your third parties, ensure that you understand that you have a process that is proportionate and scalable. Utilising 12 years of due diligence, The Red Flag Group® has been helping clients to make better decision by providing the necessary solutions and services to meet their due diligence obligations.
Visit our website to find out more about our products and solutions: www.redflaggroup.com