Outsourcing and third party suppliers were highly fashionable a few years ago. Now the enthusiasm is somewhat tempered by a number of realisations. Increased risk and in some cases outright failure have incited enterprises to take a closer look at third party impacts on business continuity. Recent figures from auditing and consulting company Deloitte in the UK state that 87% of organisations surveyed have suffered business disruption due to third parties, whether from loss of data, failure to deliver on time, or other causes. Confidence in managing third party risk was low to moderate for over 94%, yet over 73% thought third parties would be critical to their business in the coming year. So how big are the risks and what are the solutions?
Fines imposed on companies whose third parties fail them are just part of the total costs, but they already give an indication of the prejudice suffered. Deloitte found that fines could range from £1.3 million to £650 million (currently around AUD 2.4 million to AUD 1.2 billion). Consequently, shareholders might lose as much as ten times the amount of the fine, because of a drop in share price, on average of 2.55%. In another survey presented by the legal firm Baker and McKenzie from 2013, third party risk internationally was held to be highest in China, then India, Russia, South America and the Middle East, in that order.
The Baker and McKenzie report also went on to report on ways to mitigate third party risk. Respondents said that training was the best way to reduce this risk, in particular training for employees and suppliers on identifying and handling compliance issues. In second place came better processes for monitoring contractual compliance, and at almost the same level in third place came better protocols for vetting suppliers and partners. While cost was still an important criterion (in third place) for judging the suitability of a supplier or partner, reputation (second place) was more important and experience and track record (in first place) were the most important.