No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Featured

Relationship (Owner) Goals: Why Half Your TPRM Red Flags Stay Hidden

Gartner research reveals people closest to third-party relationships often fail to report critical risk indicators

by Chris Audet
April 9, 2025
in Featured, Risk
business relationship concept hands

The front-line staff who manage vendor relationships are uniquely positioned to spot problems before they escalate, yet many organizations fail to leverage this advantage. Gartner’s Chris Audet explores the psychological and structural barriers that prevent relationship owners from reporting concerns and maps out a comprehensive approach to turn these critical team members into proactive risk management partners.

In today’s rapidly evolving business landscape, third-party relationships have become indispensable. They accelerate growth, drive innovation and provide the competitive edge needed to thrive in a global market.

At the same time, these relationships also introduce an array of risks that can potentially jeopardize an organization’s reputation, financial stability and operational continuity. Recent Gartner data found a concerning trend: Nearly all third-party relationship owners annually identify red flags in third-party engagements but only about half report these concerns to compliance teams. 

Compliance teams must empower relationship owners to play a more active role in third-party risk management (TPRM). Relationship owners are on the front lines of third-party interactions. They are the first to observe discrepancies, inefficiencies or potential misconduct. Their unique vantage point allows them to identify risks that might not be immediately apparent to compliance teams. By empowering them to share insights more effectively, organizations can significantly enhance their TPRM capabilities.

Barriers to effective communication

The previously mentioned internal Gartner survey of about 1,000 third-party relationship owners observed several areas where relationship owners were commonly failing to disclose red flags to compliance teams.

Relationship owners who observed and reliably shared red flags in each category

  • Change to third-party risk landscape: 51%
  • Change to third-party risk profile: 52%
  • Change to scope of third-party relationship: 52%
  • Material inaccurate information from third party: 53%
  • Third-party failure to implement agreed risk mitigation: 54%
  • Third-party risk event: 62%

This reluctance to report can be attributed to three main factors:

Confidence in identifying red flags: Some relationship owners may lack the confidence to accurately identify and assess the severity of red flags. This can be addressed through targeted training and communication efforts that equip them with the necessary skills and knowledge.

Objectivity in prioritizing issues: Relationship owners often develop close ties with third parties, which can cloud their judgment. This affinity may lead them to downplay concerns to protect their relationships. Relationship owners may feel obligated to shield third parties from internal scrutiny, while others fear that involving compliance might harm these relationships.

Perceived value in sharing information: Relationship owners may not see the immediate benefits of sharing information with compliance teams. Instead, they may perceive the process as cumbersome or fear that it will not lead to meaningful action or action that may endanger their personal objectives.

supply chain shipping containers
Featured

‘You Don’t Want to Be the First Company to Not Comply’: How Trump’s Tariffs Are Shaking Supply Chains

by Cathy Siegner
March 31, 2025

Read moreDetails

Mitigate barriers to alleviate bias and strengthen transparency

Relationship owner bias is a common but complex tendency to show partiality toward a third party. Positive traits like frequent communication, trust and rapport can inadvertently lead to a reluctance to talk about issues. When relationship owners prioritize the needs of third parties over their organizations, risks can proliferate unchecked. To mitigate this, use training and ongoing conversations between relationship owners and their managers.

To enhance third-party risk management, organizations must foster a broad culture of transparency and collaboration. This includes four components that rely on training and ongoing communication between relationship owners and leadership.

  • Training and education: Provide relationship owners with the tools and knowledge to confidently identify and report red flags. This includes workshops, seminars and regular updates on emerging risks and compliance requirements.
  • Open communication channels: Establish clear and accessible channels for relationship owners to report concerns. This could involve regular check-ins, anonymous reporting mechanisms and a supportive environment that encourages open dialogue.
  • Recognition and incentives: Acknowledge and reward relationship owners who proactively identify and report risks. This not only reinforces positive behavior but also underscores the value of their contributions to the organization’s risk management efforts.
  • Leadership support: Ensure that senior leaders champion the importance of third-party risk management and demonstrate a commitment to addressing concerns raised by relationship owners.

Aligning with strategic goals while managing risk

Effective TPRM aligns with an organization’s strategic goals by safeguarding its reputation, ensuring compliance with regulatory standards and maintaining operational resilience. By empowering relationship owners to play a more active role in this process, organizations can mitigate risks more effectively and capitalize on the benefits of third-party engagements.

Heads of enterprise risk management (ERM) and compliance leaders face the daunting task of prioritizing third-party risks based on enterprise risk priorities. With an increased reliance on third parties, the majority of executive risk committee members now consider third-party risk a priority and have heightened expectations of ERM in this regard. However, a minority of ERM leaders feel capable of prioritizing and taking action to present third-party risks to the risk committee.

A complex matrix of functions and business units identifies, manages, assesses or responds to third-party risks. This compartmentalized approach can lead to blindspots as business units manage risks from a functional perspective, rather than an enterprise one. To address this, a tool that prioritizes third-party risks by residual risk score can be invaluable. It allows ERM and compliance leaders to analyze TPRM at the enterprise level, providing actionable insights to support the risk committee’s decision-making.

Relationship owners are the unsung heroes of third-party risk management. Their unique position allows them to identify potential risks early — but only if they are empowered to do so. By addressing the barriers to communication and fostering a culture of transparency, organizations can enhance their risk management capabilities and align with strategic goals. As the business landscape continues to evolve, the role of relationship owners will become increasingly critical in navigating the complexities of third-party engagements. By prioritizing effective communication and collaboration, organizations can turn potential risks into opportunities for growth and innovation.


Tags: Enterprise Risk Management (ERM)Risk AssessmentThird Party Risk Management
Previous Post

Uniting Forces: Cross-Functional Approaches to Insider Threat Prevention

Next Post

Instnt Launches Insurance-Backed Fraud Protection for Businesses

Chris Audet

Chris Audet

Chris Audet is a Senior Research Director within Gartner’s Assurance Practice. He is an experienced researcher and advisor across legal and compliance leader initiatives. In his current role, he is the primary research director for compliance leaders, covering topics that include compliance program management, corporate ethics and integrity culture and risk management. Prior to joining Gartner, Chris served general counsel and in-house legal departments in the legal resources department and large law department of the Association of Corporate Counsel.

Related Posts

GAN Integrity TPRM & AI

Where TPRM Meets AI: Balancing Risk & Reward

by Corporate Compliance Insights
May 13, 2025

Is your organization prepared for the dual challenges of AI in third-party risk management? Whitepaper Where TPRM Meets AI: Balancing...

ai policy

Planning Your AI Policy? Start Here.

by Bradford J. Kelley, Mike Skidgel and Alice Wang
May 7, 2025

Effective AI governance begins with clear policies that establish boundaries for workplace use. Bradford J. Kelley, Mike Skidgel and Alice...

robot reviewing contract

9 Emerging Use Cases for AI in TPRM

by Miriam Konradsen Ayed and Craig Moss
May 6, 2025

(Sponsored) As third-party ecosystems grow more complex, compliance teams face mounting pressure to assess and monitor external relationships effectively. Miriam...

avengers lego figures

Uniting Forces: Cross-Functional Approaches to Insider Threat Prevention

by Rachel L. Gerstein
April 8, 2025

Creating a structured framework that brings together security, HR, IT, legal and compliance teams to fight internal vulnerabilities

Next Post
Instnt Launch

Instnt Launches Insurance-Backed Fraud Protection for Businesses

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights