Wednesday, January 20, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Risk

A Practical Approach to Supply Chain Risk

by Michael Volkov
December 16, 2015
in Risk

This article was republished with permission from Michael Volkov’s blog, Corruption, Crime & Compliance.

A Chief Compliance Officer can get so overwhelmed with risks that it is hard to keep their focus on priorities. Risks are everywhere and no compliance program can address every risk – the trick is keeping your eye on the ball and focusing on the significant risk.

There are lots of risks surrounding a company’s supply chain. Unfortunately, vendors, suppliers and their respective vendors and suppliers can drive you crazy when you start to calculate all the permutations. A supplier of a supplier of a supplier can create real risks for anyone in the chain.

In addressing this complex situation, a clear strategy has to be developed – predicated on defining the specific risks applicable to your supply chain.

As I have written on numerous occasions (and will not repeat here), in the absence of a representational interaction, a vendor or supplier cannot create liability for a company under the FCPA (and arguably the UK Bribery Act). This is an important point that limits the number of vendors and suppliers who can create FCPA liability since few of them act on a company’s behalf in a representational capacity.

The most significant risk for companies from their respective supply chain is reputational risks. For example, a company that deals with a vendor or supplier, who in turn relies on a supplier who uses child labor or violates human trafficking laws, can create real reputational risks. Such risks can have a devastating impact on a company’s trust factor and reputation for integrity, which in turn threatens the company’s financial performance and stock price.

Given this important principle, companies have to screen and carefully review their supply chain for reputational risks. Many companies subject to the conflict minerals rule have been through an excruciating exercise of defining their entire supply chain. It is not an easy process nor is it something that can be accomplished quickly.

One key factor in focusing on supply chain risk is to rank each vendor or supplier by the annual amount of money spent on each vendor or supplier. In this situation, most companies spend roughly 80 percent of their budget on their top 20 vendors and suppliers. Focusing risk management on those primary vendors and suppliers is an effective strategy for focusing risk profiles and priorities.

At some point, companies may find it costs more to collect information about companies in their supply chain than to mitigate the risks by representations and warranties from companies certifying as to standards they employ when contracting with vendors and suppliers.

Regulators are imposing more requirements on supply chain management. Government contractors have a myriad of requirements that they have to impose through flow down provisions on subcontractors.

In the end, companies are facing a straight-forward principle — no one wants to do business with an unethical, illegal or generally unpopular vendor or supplier. Apple suffered reputational harm with its reliance on Foxconn in China, Costco was hurt by its use of children who caught shrimp they resold and Nike suffered reputational damage from its use of child labor in making its sneakers.

To manage these risks, a CCO has to work closely with the head of procurement. Procurement professionals are very attuned to these risks because they do not want to be the person or office responsible for hiring the next vendor or supplier that results in reputational damage.


Previous Post

The 5 Worst Threats to Enterprise Cloud Security

Next Post

Security and Privacy: Head-on Collision or Blissful Matrimony?

Michael Volkov

Michael-Volkov-leclairryan Michael Volkov is the CEO of The Volkov Law Group LLC, where he provides compliance, internal investigation and white collar defense services.  He can be reached at mvolkov@volkovlaw.com. Michael has extensive experience representing clients on matters involving the Foreign Corrupt Practices Act, the UK Bribery Act, money laundering, Office of Foreign Asset Control (OFAC), export controls, sanctions and International Traffic in Arms, False Claims Act, Congressional investigations, online gambling and regulatory enforcement issues. Michael served for more than 17 years as a federal prosecutor in the U.S. Attorney’s Office in the District of Columbia; for five years as the Chief Crime and Terrorism Counsel for the Senate Judiciary Committee, and Chief Crime, Terrorism and Homeland Security Counsel for the Senate and House Judiciary Committees; and as a Trial Attorney in the Antitrust Division of the U.S. Department of Justice. Michael also maintains a well-known blog: Corruption Crime & Compliance, which is frequently cited by anti-corruption professionals and professionals in the compliance industry.

Related Posts

silhouette of businesspeople in meeting with blue cyber background

Cyber Risk Quantification and Prioritization is the Future of GRC

January 20, 2021
man working on smartphone and laptop

Adverse Media Screening: Relying on Google Alone Can Expose Organizations to Risk

January 19, 2021
challenge and solution concept with person standing at large gap

General Counsel Post-Pandemic: A Catalyst for Risk Fragmentation

January 18, 2021
green city papercut on recycled paper background

Managing the Climate Risk Mandate

January 7, 2021
Next Post
Security and Privacy: Head-on Collision or Blissful Matrimony?

Security and Privacy: Head-on Collision or Blissful Matrimony?

Access realtime data

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management culture of ethics cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security internal audit KYC/know your customer machine learning monitoring regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights