Skip to content
Third party risk

Exposing the gaps: Risk survey exposes third party failures

Shaun Sibley  Managing Director of Supply Chain & Commodities

Shaun Sibley  Managing Director of Supply Chain & Commodities

Too many organizations are still exposed to risks such as bribery and corruption from their suppliers, distributors, agents and other third parties. To seek out the shortcomings and challenges firms face when trying to manage such risks Thomson Reuters conducted an extensive survey to highlight the key issues.

The survey found that only 62% of organizations are conducting due diligence on their third parties. And just as worryingly, 61% have no idea about the extent to which third parties are outsourcing their work.

These are just two of the key findings from the survey of more than 1,000 professionals in compliance, procurement and operations in nine countries that highlight the gaps in knowledge and processes around third party risk.

Is the pressure of winning new business taking priority over complying with regulations?

The financial impact of organizations not complying with regulations and suffering damage to their reputation as a result has never been greater. Yet 63% of all survey respondents described winning new business as a priority and that as a consequence might breach regulations.

This chart shows a breakout of how Thomson Reuters Third Party Risk Survey respondents answered responded to this statement: "Winning new business is a priority and as a consequence we might breach regulations."

Though recent enforcement actions in particular from the FCPA suggest that regulators are taking enforcement seriously, organizations have a misconstrued perception that they are unlikely to be prosecuted if caught breaching regulations. 61% of U.S. and 56% of U.K. respondents agreed with this sentiment, showing a serious disconnect between perception and reality.

This chart shows results and breakout of how survey respondents of Thomson Reuters Third Party Risk Survey felt about this statement: "We only conduct due diligence on our tier 1 third party relationships."

Retrospective action

Organizations might not be reluctant to take action against third party risk, but rather, might need to understand the impact first. Our results showed, 92% of respondents who have had enforcement actions taken against their organization then increased the amount their organization spends on compliance.

What are the benefits of working with third parties?

7 out of 10 respondents have claimed that third party relationships have allowed their company to be more flexible and competitive. Carrying out thorough third party due diligence not only ticks the regulatory box, but it also helps mitigate against reputational damage, financial risk and data security, and enables organizations to operate more efficiently and drive business growth.

This chart shows how much respondents to the Thomson Reuters Third Party Risk Survey answered the question: "Over the net 12 months, by how much do you expect the time and resources spent conducting due diligence on third party relationships to change?"

Biggest challenges

In order to continue reaping the benefits from both supplier and other third party relationships and mitigate against risks, the survey respondents cited the following challenges they are facing and looking for support on:

  1. Lack of data available – 41%
  2. Resource constraints including budget & time – 38%
  3. Limited knowledge of the risk – 32%
  4. Lack of support prioritization at a board level – 29%

These challenges as well as the failings outlined above highlight how accurate information and training is needed to conduct proper due diligence when working with third parties.

The full Third Party Risk survey report can be downloaded here.

More answers