This is the first in a two-part series by Michael Rasmussen on how to take a strategic approach to effectively manage and mitigate third-party risk.
The Modern Organization: An Interconnected Mess of Relationships
Traditional brick and mortar business is a thing of the past – physical buildings and conventional employees no longer define organizations. The modern organization is an interconnected mess of relationships and interactions that span traditional business boundaries. To take some liberties with the seventeenth-century English poet John Donne, “No [organization] is an island unto itself, every [organization] is a piece of the broader whole.”1
Layers of relationships go beyond traditional employees to include suppliers, vendors, outsourcers, service providers, contractors, subcontractors, consultants, temporary workers, agents, brokers, intermediaries, and more. Complexity grows as these interconnected relationships, processes and systems nest themselves in intricacy, such as deep supply chains. Today, business is interconnected in a flat world in which over half of the organization’s ‘insiders’ are no longer traditional employees.
In this context, organizations struggle to identify and govern their third party business relationships with a growing awareness that they stand in the shoes of their third parties. Risk and compliance challenges do not stop at traditional organizational boundaries. An organization can face reputation and economic disaster by establishing or maintaining the wrong business relationships, or by allowing good business relationships to sour because of weak governance of the relationship. Third party problems are the organizations’ problems that directly impact the brand and reputation while increasing exposure to risk and compliance matters. When questions of business practice, ethics, safety, quality, human rights, corruption, security, and the environment arise, the organization is held accountable, and it must ensure that third party partners behave appropriately.
The Inevitability of Failure
The fragmented governance of third party relationships through disconnected silos leads the organization to . . .