Third Party Compliance Systems: Are They Worth It?

Breaking Down The Benefits

According to new research from The Risk Advisory Group, third party risk is the number one priority for compliance professionals in 2018. In order to manage their third party relationships efficiently and mitigate the risk, compliance professionals are increasingly turning to technology to help. But what are the benefits and what is the real value of moving to an online system?

Third party risk is at the top of the agenda for compliance professionals in 2018. This is hardly surprising when you consider that businesses are increasingly reliant on networks of third parties to take their services and products to market, and evidence shows that these third parties pose a significant risk. This is not lost on businesses. Most have compliance programmes in place which set out what work needs to be done to limit the risk.

The challenge for compliance teams is how best to manage these relationships. Many compliance professionals are turning to technology for help. 52% of the respondents to this year’s Compliance Horizon survey told us they believed the more effective use of technology would make the biggest difference to their ability to protect the business and 59% expect to use compliance technology more in 2018. But what are the benefits and what is the real value of moving to an online system?

Making the transition from a paper-based – or spreadsheet – system to a dedicated third party compliance system is a big undertaking. But the longer-term benefits are so significant that one compliance director we spoke to went as far as to say that “it is almost impossible to manage a program without technology” these days.

Online third party management systems can help teams in a number of ways:

1. Efficiency The automation that technology offers helps to free up time within the compliance team to deal with the more demanding, strategic issues. Within any compliance process, there are lots of important elements that can be undertaken programmatically. Some of these areas, where automation can be applied easily and create significant efficiencies within the process, are the calculation of risk rankings, reminders for renewals, pre-programmed follow-up with third parties who haven’t completed their questionnaires and ongoing monitoring against watchlists.
2. Consistency: The automation of programmed, day-to-day tasks also ensures that your compliance process is being followed consistently. More importantly, by embedding your workflow, approvals processes and risk matrix into an online system you can demonstrate to the regulators that your process is operational and is being followed.
3. Centralization of Data: By creating a one-stop-shop for all your compliance data you can drill down into your data and review how your compliance programme is working and refine it to meet the ever-changing needs of the business. It also means that you can deal quickly and efficiently with evolving regulatory requirements, such as the challenge of determining where your risks lie when sanctions regimes are amended.
4. Audit Trail: Some systems also generate an audit trail of all of the work done on the platform. This is invaluable. It means you can determine who did what, when, allowing you to prove what steps were taken, and the decisions that were made at any point in time.

By looking at each of the separate stages of your compliance process in detail, it is easy to find areas where automation and centralization would save hours, if not days. Those efficiencies soon add up and by reviewing how long you spend on tasks that could be easily automated you will soon have a compelling figure for how much time your team could save by using technology.

Outside of the day-to-day savings for the business, however, technology acts as an insurance policy. Between the fines and settlements, the fees for professional advisors to investigate alleged breaches, the impact on senior management time, and the overall damage to the company’s reputation, the financial costs of breaching anti-bribery or -corruption legislation are huge. In comparison, the costs of adopting and running a third party compliance management system pale in significance.

So is it worth adopting a third party compliance management system? I would say so.