Skip to main content

Navigating the headwinds: enhancing agility to regain momentum

Global third-party risk management survey 2023

Our latest research shows how organizations with more mature Third Party Risk Management (TPRM) have augmented their current capabilities to help them adopt innovative or adaptive responses to the challenges (headwinds) in an ever-changing external environment. They are also more agile in navigating the growing complexity, speed, and ripple effect of new interconnected risks.

Our survey's results prove TPRM's potential to power organizational performance. Organizations with higher TPRM maturity are more resilient and adaptable to an ever-changing external environment due to their agility and capability to navigate the growing complexity and ripple effect of newer and interconnected risks.

This agility, resulting from enhanced capabilities, is reflected in the way they navigate the headwinds in the macroeconomic environment and ensure that their third parties act in a sustainable and socially responsible manner, while remaining resilient at the same time. They are also focused on building trust within their third-party ecosystem. Respondents believe these objectives are best achieved by using evolving technologies to be more efficient and effective in managing third-party relationships.

Overall respondent sentiment on organizational TPRM practices continues to be positive in terms of its ability to successfully navigate various headwinds. This is particularly true in organizations that continue to enhance their capability and agility to meet evolving (and ever-increasing) expectations.

Read more

Organizational cultures are becoming more supportive in understanding and managing ESG risks and opportunities related to third parties. They appear to have slightly improved in the last year in understanding and managing third party related ESG risks and opportunities by developing ESG scoring and assessment mechanisms despite data quality concerns. Despite this, many organizations still need to increase the level of coordinated synergies between sustainability and resilience initiatives.

Read more

Embedding robust resilience practices across the extended enterprise remains a significant priority, as organizations shift from a just-in-time to just-in-case approach. Resilience can be enhanced through better integration between business strategy, risk with a more centralised and coordinated approach that can be made possible using technology innovatively.

Read more

Astute organizations with more mature TPRM practices aspire to strengthen trust with third parties through transparency, reliability, capability, and humanity. This shifts the governance focus from administering questionnaires (and other such routine tasks) to more collaborative conversations around innovation, strategic growth, and enhanced performance. 

Read more

Ever-changing interconnected risks encourage organizations to pursue digital transformation to achieve operational excellence in TPRM. This includes revisiting fundamental third-party management processes by harnessing the power of internal and external data. This can also ensure an optimal mix of assurance and risk oversight with smarter segmentation in due diligence and monitoring activity.

Read more

Key findings

Navigating headwinds: balancing expectations and capability

The current business and macroeconomic environment has reconfirmed TPRM's potential in powering organizational performance. However, this is more achievable in organizations with relatively mature TPRM mechanisms. 

However, higher investment priority is needed to revisit existing TPRM frameworks/methodologies. This is to ensure these organizations remain environmentally fit-for-purpose.

In this section of the report, we recommend tangible actions such as the above that will be help organizations determine and develop the appropriate level of capability to balance the growing expectations and challenges.

Read more

The pivotal role of third parties in meeting sustainable commitments

Over the last year we tracked the progress made by respondents in ensuring that organizations and their third parties act responsibly and sustainably, reinforced by a stronger organizational resolve. Organizational cultures that support ESG initiatives are driven by emerging regulations and legislation, growing customer expectations, and tangible benefits that other stakeholders acknowledge. 

The increasing use of quantitative methods has been the most significant change since last year. It's starting to enable organizations move to a more robust quantitative/data-driven approach. However, data quality remains a concern.

Further opportunities exist to embed sustainability into the supply chain while considering its broader impact on resilience and vice versa. Taking advantage of the synergies between the two offers the potential for long-term optimization. Although many studies show that a stronger focus on ESG creates more resilient organizations, the two can conflict. Organizations may need to trade off and find a second supplier who may not be as ESG-focused as their primary supplier and enhance resilience by reducing concentration.

Read more

Embedding stronger resilience across the extended enterprise

Respondents are focused on being more resilient in their extended enterprise as an organizational priority. They recognize that supply chain and other third-party management have so far focused more on efficiency (just-in-time) rather than resilience (just-in-case). Many organizations have been slow to shift gears at a time when the business and macroeconomic environment has changed.  A higher degree of centralized control in the governance of third-party ecosystems, better coordination and the need to invest in real-time data-driven insights to thrive amid disruption can help organizations become more resilient.

Elevating resilience to a strategic priority requires focus and investment at the board and C-suite levels.  Our survey shows how personal optimism in achieving this transformation drops sharply in organizations where there are low levels of investment.

Another top priority is enhanced transparency, traceability, and trackability across third-party relationships and subcontractors. This helps organizations become more agile and better prepared to navigate unfamiliar or challenging situations.

Read more

Enhancing trust in supply chain partners and other third parties

Building or enhancing trust in third-party relationships is becoming an increasingly significant consideration. This is especially true for critical suppliers and other third-party relationships. More organizations recognise the correlation between trust, financial performance, and resilience. Our previous research on this emerging interrelationship identified four key factors that build and enhance trust: capability, reliability, transparency, and humanity. 

Our 2023 survey results suggest that only a few firms are prioritizing all these factors when trying to enhance the level of trust around third-party relationships and provide them with more flexibility on oversight.

Overall, further work needs to be done by many organizations to enhance trust as this topic continues to evolve.

Read more

Digital Transformation for operational excellence

There have been significant shifts around the enhanced use of TPRM tools and technologies. The challenging times we live in require the development of capability through smarter, real-time, and agile approaches underpinned by the innovative use of technology. This will help organizations to continue to be "brilliant at the basics" by intelligently refreshing the fundamental TPRM processes required for better decision-making related to third parties, while ensuring appropriate actions to risk management. 

Our survey data indicates that the adoption of smarter, digital TPRM mechanisms remains slower than expected in real-time due diligence and monitoring of specific third-party segments.

Accelerating this process must start by breaking down organizational silos to promote inter-connected thinking and acknowledge the high cost of doing nothing. Organizations that don't keep pace through ongoing digital transformation will fall behind the evolving definition of good practice.

Read more

Did you find this useful?

Thanks for your feedback

If you would like to help improve further, please complete a 3-minute survey

Previous third party risk management survey reports