Global third party risk management survey 2022
Business responsibility and social purpose is a key element of integrated business strategies, this is demonstrated by significant growth in the level of awareness and focus on ESG in the extended enterprise. However, many organisations don’t have the formal mechanisms to assess or prioritise ESG risks in their extended enterprise and don’t trust internal/external data available to them.
Recent events, such as the global pandemic and Ukraine invasion, highlight the huge strategic impact of third-party failures and how quickly risk strikes. Organisations know they need to improve the resiliency of their supply chains and critical third parties. One way to enhance resilience is to reduce third-party concentration yet many organisations are choosing to work with a very small number of cloud service providers (CSPs) to gain more thorough oversight.
Organisations have made incremental improvements to the way they manage third party relations, from an efficiency, cost effectiveness and decision-making perspective. Hindered by functional silos and decentralised systems, they aspire to develop a more holistic and integrated approach. Greater alignment between risk management and legal and contract management processes represents a critical milestone in the journey towards fully integrated third-party management.
Managed services solutions are rapidly evolving to provide more comprehensive and tailored, end-to-end, insights-driven services. External assistance often contributes to the creation of successful target operating models and the effective running of day-to-day TPRM activities. However, organisations are often challenged with the need to balance cost management with the pace and agility required to respond to market disruptors.
Post-pandemic trends show an increase in leadership focus and investment in third party risk management, driving transformational change. This is characterised by smarter third-party segmentation, increased focus on sell-side third parties and integrated technology solutions that improve efficiency and reduce cost. However, organisations face challenges from newer risk domains – including geopolitical and climate change – across multiple tiers of subcontractor relationships.