When it comes to third-party risk management, organisations are redefining their approaches, with a focus on talent and strengthening the role of executive leadership on third-party risk management teams, said Deloitte recently when releasing results of a survey.
According to the firm’s third-party risk management (TPRM) survey of more than 1,300 TPRM leaders spanning 40 countries, 83% of respondents (83%) remain optimistic or neutral about managing third-party relationships moving forward.
Survey highlights
Navigating headwinds: Balancing expectations and capability
- When asked to identify the top headwinds impacting their third-party relationships, respondents highlighted geopolitical challenges (61%), inflationary trends (46%) and concerns about their ability to meet increasing environmental, social, and governance (ESG) expectations (40%).
- Despite these challenges, most leaders indicated that they feel optimistic or neutral about managing third-party relationships moving forward.
- Nearly two-thirds (63%) of respondents say their top focus area for investment is revisiting and refreshing the overall third-party management risk methodology used in the organization.
- Nearly half (48%) acknowledge they need to strengthen the role of executive leadership in managing and governing third-party relationships.
- While enhancing third-party risk management frameworks with technology will continue to be a focus, getting the right skills and talent into the program to leverage that technology has emerged as a newer and more immediate priority this year.
The pivotal role of third parties in meeting sustainability commitments
- The extended enterprise, with its complex third-party and subcontractor relationships, should be a key consideration as organizations increasingly focus on social purpose and sustainability.
- More than half (56%) of respondents believe their organisational culture has become much more supportive in understanding and managing ESG risks and opportunities in their third-party ecosystem, with greater adoption of quantitative scoring and assessments amid data quality concerns.
- However, to continue to improve focus on sustainability matters and other areas of ESG, companies will likely need to advance data tracking in their third-party relationships.
- Nearly one-third of respondents say internally or externally generated data on these topics is ‘low’ or ‘very low’ quality.
Embedding resilience in the extended enterprise
Enhancing trust in supply chain partners and other third parties
- Technology investments can play a vital role in protecting third-party relationships from cyber and information security risks, which nearly two-thirds of respondents (62%) ranked as the top third-party risk.
- This focus is part of a broader initiative to bolster trust between companies and their third parties, the approach to which varies by the relationship. Newer third parties may require a “track and react” strategy, while existing third-party relationships may only need efficient oversight.
- Moreover, as many global leaders embrace “nearshoring,” the study shows nearly half of respondents (45%) currently procure as locally as possible, due to higher levels of trust with those closer by and lower costs.
- Still, around one-third (34%) say their procurement is more globally centralized, indicating that decoupling is not as widespread as previously suggested.
