About the author
Phoebe Jordan
Managing Director | TPRM
Phoebe Jordan is the Managing Director, Third-Party Risk Management. She first joined the company in 2014 as an intern in the Sub Custody Team. She introduced third-party risk management to Thomas Murray, and currently has responsibility for sales, marketing and product across our third-party risk solution.
Coronavirus is very much here to stay, though vaccination roll-outs and greater awareness of the risks have lessened its impact since the first lockdowns were initiated to contain it.
The single most important lesson is that viral outbreaks happen on a near-continuous basis, and in recent times coronavirus was simply the most devastating and had the greatest impact. What we need to be preparing for now is the next pandemic, while this one is still fresh in our minds.
Diversification and de-centralising dependencies
The coronavirus pandemic revealed the vulnerabilities of organisations that were over-reliant on a single supplier or geographic region (in other words, exposed to concentration risk). Third-party risk management should make diversifying the supply chain a priority, along with assessing dependencies to identify:
critical suppliers;
geographical risks; and
potential single points of failure.
All of this will make it much easier to create better risk mitigation strategies.
Continuity planning and operational resilience
It is not only your own organisation’s ability to withstand major disruption that needs to be taken into account. Lockdowns highlighted the importance of assessing your suppliers’ resilience, business continuity plans, and disaster recovery capabilities. This includes considering their ability to adapt to unforeseen events, maintain operations during disruptions, and recover quickly.
Real-time monitoring and early warning systems
Leveraging technology is the only way to meet the need for real-time monitoring of suppliers and the ability to receive early warnings of potential disruptions. Look for a solution that will enable continuous monitoring of your suppliers’ financial health, operational performance, and external factors.
Agility and flexibility
Organisations that were flexible and agile could adapt to rapidly changing circumstances, and so weathered the pandemic better than most. An embracing of digital solutions was at the heart of most of these success stories. They enable agile practices and flexible response mechanisms that allow for the swift adjustment of sourcing strategies, engagement of alternate suppliers, and risk mitigation during unforeseen events.
Collaboration and communication
Effective communication and collaboration with suppliers proved crucial during the pandemic. Joint problem-solving and proactive risk management requires clear lines of communication, maintaining regular dialogues with suppliers, and sharing information on risk assessments, mitigation plans, and changes in requirements.
Don’t overlook the importance of storing all of your essential vendor information in a single, secure hub that can be accessed by key, authorised personnel whenever they need real-time data.
Scenario planning and stress testing
It never hurts to use your imagination – asking “what if?” can be a valuable part of your TPRM process. Scenario-based assessments can help you to evaluate the impact on the supply chain of potential disruptions. By stress testing various scenarios, you can identify vulnerabilities, develop contingency plans, and enhance resilience.
Data and analytics
Leveraging data and analytics can provide valuable insights into supplier risk profiles and enable predictive risk assessments. A data-driven approach to monitoring supplier performance, assessing risk trends, and identifying potential indicators of future disruptions enhances risk visibility and supports informed decision-making.
Regulatory compliance and compliance monitoring
Around the world and across a range of industries, coronavirus led to numerous regulatory changes and challenges. As part of your TPRM, you need to stay updated on changes to regulations and be able to assess your suppliers’ compliance. Putting in place compliance monitoring and conducting regular audits can help mitigate compliance risks.
Ethical and social responsibility
Protecting your organisation from reputational risk through its association with third parties is becoming more important with the growing awareness among stakeholders of ESG issues. When an outbreak of coronavirus in a factory supplying fresh food to a range of supermarkets across the UK claimed the lives of two workers, one upmarket retailer in particular could not escape being mentioned in every news article about it.
Your vendor assessments should consider factors such as their labour conditions, environmental impact, and ethical standards. This will not only mitigate your own reputational risks, but help you to achieve your own ESG aims.
Continuous improvement
Post-pandemic, it’s important that your organisation keep conducting comprehensive reviews and analysis of its response to disruptions. Embedding continuous improvement processes in your TPRM will ensure that future risk management strategies are more robust and adaptive.