Third Party Due Diligence – What Can We Learn From The Horse Meat Scandal Engulfing Europe?
The year 2013 has gotten off to a tumultuous start for the food industry as every week has brought news of supermarkets, fast-food chains, and processed-food brands announcing they have found horsemeat in their beef products across Europe.
Initial analysis indicates that weak supply chain and third-party vendor management processes are to blame.
The fall-out is still continuing, governments and regulators have vowed to identify what went wrong, how this occurred, and how to put in place processes to make sure this never happens again.
The key takeaway for compliance and ethics executives should be what we can do to improve third party due diligence processes.
The challenging economic climate and increased government scrutiny over supermarket expansion has heightened competition in the food and retail industry, and such competition has caused an increase in deep product discounting aimed at enticing customers.
This deep discounting has come at a cost. Most notably, supermarkets are devising longer supply chains enabling them to buy ingredients from wherever they are cheapest at any point, as determined by exchange rates and prices on the global commodity markets. This wide variation of lengthy point-to-point supply chains has created additional risks as the network of third parties such as agents, slaughterhouses, meat-cutting plants, and cold storage units form a chain where accountability and integrity could be subject to scrutiny.
The Chartered Institute of Purchasing & Supply (CIPS), an international trade body and watchdog for buyers, suppliers, and the procurement industry, has commented that supermarkets have “fallen woefully short” in the management of their supply chains. CIPS also warns that companies will continue to be “found out” unless investors, analysts, and boardrooms “place appropriate emphasis on the importance of their supply chain to their business and take steps to ensure they are fit for purpose.” These comments are given further weight by a survey CIPS conducted, illustrating the following:
• 36% of respondents claim their chief executive is not engaged about potential risks in the supply chain.
• 53% of companies surveyed have a strategy to mitigate risk in their supply chain.
So it would seem that companies are not sufficiently prepared to manage risks in the supply chain. Perhaps the business should look to their compliance function for guidance?
CEB’s Compliance & Ethics State of the Function study reports that whilst a large proportion of compliance and ethics programs participate in third party review and monitoring processes, only a small percentage of compliance and ethics programs own this initiative, and almost one-third of programs do not participate in these activities at all, despite the fact that a majority of programs own the third-party risk.
A similar comparison can be drawn with Compliance and Ethics’ role in reviewing new business partners.
Applying this analysis to the priorities of compliance and ethics programs, monitoring third-party controls and reviewing new business partners are among programs’ leading priorities as, overall, these are areas where they find themselves to be less effective.
Approaches to Third-Party Due Diligence
CEB research indicates that the most effective approaches to third-party due diligence include the following:
- Screen potential agents for potential risk factors: As the complexity of supply chains increases, so does the risk. Undertaking screening of agents will highlight potential risks e.g. if agents will be using third parties in providing services.
- Triage potential third parties to determine the appropriate level of due diligence: The vetting of all third party relationships can add a significant premium to the cost of doing business. Our members have benefited from using pre-established risk classification to determine the type of due diligence undertaken (basic vs. advanced).
- Going beyond the due diligence questionnaire: Conducting face to face interviews provides the opportunity to identify nuances in the third party’s questionnaire responses as well as probe further any ‘red flags’ raised during the interview process.
What CEB Compliance and Ethics is doing for its members:
- Revisiting the Due Diligence Process: CEB has launched a step-by-step third-party risk management guide.
- Screening New Business Partners: CEB members have access to a due diligence checklist to use when hiring agents, a framework for determining type of due diligence required and enhanced screening processes to go beyond standard questionnaires.
- Supporting Continuous Monitoring: To ensure compliance, some companies conduct onsite audits/reviews of third parties and their facilities. Use this checklist to guide your compliance audits of third parties during onsite visits.
- Use Technology to Help The Due Diligence Process: The compliance market places presents many different technology offerings related to third party due diligence. Prior to investing in one of these, our members have used our vendor product profiles to understand the differences between the providers.