Skip to main content

Navigating the headwinds: enhancing agility to regain momentum

Global third-party risk management survey 2023

Our latest research shows how organisations with more mature Third Party Risk Management (TPRM) have augmented their current capabilities to help them to adopt innovative or adaptive responses to the challenges (headwinds) in an ever-changing external environment. They are also more agile in navigating the growing complexity, speed and ripple effect of new interconnected risks.

Our survey's results prove TPRM's potential to power organisational performance. Organisations with higher TPRM maturity are more resilient and adaptable to an ever-changing external environment due to their agility and capability to navigate the growing complexity and ripple effect of newer and interconnected risks.

This agility, resulting from enhanced capabilities, is reflected in the way they navigate the headwinds in the macroeconomic environment and ensure that their third parties act in a sustainable and socially responsible manner, while remaining resilient at the same time. They are also focused on building trust within their third-party ecosystem. Respondents believe these objectives are best achieved by using evolving technologies to be more efficient and effective in managing third-party relationships.

Overall respondent sentiment on organisational TPRM practices continues to be positive in terms of its ability to successfully navigate various headwinds. This is particularly true in organisations that continue to enhance their capability and agility to meet evolving (and ever-increasing) expectations.

Read more

Organisational cultures are becoming more supportive in understanding and managing ESG risks and opportunities related to third parties. They appear to have slightly improved in the last year in understanding and managing third party related ESG risks and opportunities by developing ESG scoring and assessment mechanisms despite data quality concerns. Despite this, many organisations still need to increase the level of co-ordinated synergies between sustainability and resilience initiatives.

Read more

Embedding robust resilience practices across the extended enterprise remains a significant priority, as organisations shift from a just-in-time to just-in-case approach. Resilience can be enhanced through better integration between business strategy, risk with a more centralised and co-ordinated approach that can be made possible using technology innovatively.

Read more

Astute organisations with more mature TPRM practices aspire to strengthen trust with third parties through transparency, reliability, capability and humanity. This shifts the governance focus from administering questionnaires (and other such routine tasks) to more collaborative conversations around innovation, strategic growth and enhanced performance. 

Read more

Ever-changing interconnected risks encourage organisations to pursue digital transformation to achieve operational excellence in TPRM. This includes revisiting fundamental third-party management processes by harnessing the power of internal and external data. This can also ensure an optimal mix of assurance and risk oversight with smarter segmentation in due diligence and monitoring activity.

Read more

Key findings

Navigating headwinds: balancing expectations and capability

The current business and macroeconomic environment has reconfirmed TPRM's potential in powering organisational performance. However, this is more achievable in organisations with relatively mature TPRM mechanisms. 

However, higher investment priority is needed to revisit existing TPRM frameworks/methodologies. This is to ensure these organisations remain environmentally fit-for-purpose.

In this section of the report, we recommend tangible actions such as the above that will be help organisations determine and develop the appropriate level of capability to balance the growing expectations and challenges.

Read more

The pivotal role of third parties in meeting sustainable commitments

Over the last year we tracked the progress made by respondents in ensuring that organisations and their third parties act responsibly and sustainably, reinforced by a stronger organisational resolve. Organisational cultures that support ESG initiatives are driven by emerging regulations and legislation, growing customer expectations and tangible benefits that other stakeholders acknowledge. 

The increasing use of quantitative methods has been the most significant change since last year. It's starting to enable organisations move to a more robust quantitative/data-driven approach. However, data quality remains a concern.

Further opportunities exist to embed sustainability into the supply chain while considering its broader impact on resilience and vice versa. Taking advantage of the synergies between the two offers the potential for long-term optimisation. Although many studies show that a stronger focus on ESG creates more resilient organisations, the two can conflict. Organisations may need to trade off and find a second supplier who may not be as ESG-focused as their primary supplier and enhance resilience by reducing concentration.

Read more

Embedding stronger resilience across the extended enterprise

Respondents are focused on being more resilient in their extended enterprise as an organisational priority. They recognise that supply chain and other third-party management have so far focused more on efficiency (just-in-time) rather than resilience (just-in-case). Many organisations have been slow to shift gears at a time when the business and macroeconomic environment has changed.  A higher degree of centralised control in the governance of third-party ecosystems, better co-ordination and the need to invest in real-time data-driven insights to thrive amid disruption can help organisations become more resilient.

Elevating resilience to a strategic priority requires focus and investment at the board and C-suite levels.  Our survey shows how personal optimism in achieving this transformation drops sharply in organisations where there are low levels of investment.

Another top priority is enhanced transparency, traceability and trackability across third-party relationships and subcontractors. This helps organisations become more agile and better prepared to navigate unfamiliar or challenging situations.

Read more

Enhancing trust in supply chain partners and other third parties

Building or enhancing trust in third-party relationships is becoming an increasingly significant consideration. This is especially true for critical suppliers and other third-party relationships. More organisations recognise the correlation between trust, financial performance and resilience. Our previous research on this emerging interrelationship identified four key factors that build and enhance trust: capability, reliability, transparency and humanity. 

Our 2023 survey results suggest that only a few firms are prioritising all these factors when trying to enhance the level of trust around third-party relationships and provide them with more flexibility on oversight.

Overall, further work needs to be done by many organisations to enhance trust as this topic continues to evolve.

Read more

Digital Transformation for operational excellence

There have been significant shifts around the enhanced use of TPRM tools and technologies. The challenging times we live in require the development of capability through smarter, real-time and agile approaches underpinned by the innovative use of technology. This will help organisations to continue to be "brilliant at the basics" by intelligently refreshing the fundamental TPRM processes required for better decision-making related to third parties, while ensuring appropriate actions to risk management. 

Our survey data indicates that the adoption of smarter, digital TPRM mechanisms remains slower than expected in real-time due diligence and monitoring of specific third-party segments.

Accelerating this process must start by breaking down organisational silos to promote inter-connected thinking and acknowledge the high cost of doing nothing. Organisations that don't keep pace through ongoing digital transformation will fall behind the evolving definition of good practice.

Read more

Did you find this useful?

Thanks for your feedback

If you would like to help improve further, please complete a 3-minute survey

Previous third party risk management survey reports