Deloitte Business Intelligence Services ("Deloitte BIS")<BIS 2.0 Pointers>

(1) Third party suppliers background due diligence

Suppliers assume an indispensable and important role in the modern days' supply chain. Depending on the industry, the "demand and supply" for third party suppliers varies, so does the scale and quality of the suppliers, but they have a decisive impact on the business of an enterprise. The question is: How much do you really know about your existing suppliers?

In today's global business environment, businesses are increasingly relying on hundreds of third-party suppliers, subcontractors, and partners to achieve their strategic objectives.  Collaboration with a third party can increase an enterprise's competitive advantage by streamlining resources, enhancing expertise, and opening up markets and clients.  However, at the same time, the enterprise may face various potential risks, including reputational, compliance and integrity risk.

These problems are often closer and more severe than one can imagine.  According to a recent media report, a well-known high-tech company suffered substantial economic losses due to supply chain issues.  Specifically, the perpetrators defrauded the company and other employees through various means, including:

  • The use of inferior suppliers, which resulted in the company's long-term use of low-quality but high-price materials;
  • Setting up front companies to divert orders and benefit the perpetrators, while subcontracting those orders to other factories at a lower price to earn the margin; or
  • Colluding with suppliers by reporting a higher price than the suppliers' base price to the company, and then sharing the margin with the suppliers.

The case above is an alarm for management on the potential risks from the third-party supply chain. A company could continue to enhance business development and avoid unnecessary economic and reputational losses with a better understanding of the background information of third-party suppliers, continually strengthening the awareness of compliance, and improving the compliance management mechanism.

Deloitte BIS finds that enterprises typically, as the best practice, develop at least two lines of defense when managing the third-party supplier relationships.  Firstly, before establishing business relationship with third parties, in addition to paying attention to the production scale, financial strength, qualification, and industry status of third-party suppliers, they also collect further information on management's credit status, supplier's compliance status, upstream and downstream relationship and other potential warning signals, in order to comprehensively evaluate third-party relations.  Secondly, after establishing business relationship, they conduct more in-depth background due diligence periodically or sporadically on third-party suppliers in a risk-based approach, effectively assessing and grasping their potential operational or compliance-related risks and information, is an important barricade that helps enterprises to prevent and control potential threats, and can help avoid issues such as quality defects caused by third-party supplies with fictitious qualifications, or prevent financial loss or reputation damage caused by internal or external fraud, corruption or sanctions.

Today, many enterprises still use traditional methods to carry out due diligence which translates to "more investment", "more time-consuming" and "lower efficiency", and has become the current challenges for third-party risk management.  In this regard, Deloitte BIS launched a new solution - Deloitte Diligent Insights (DI) Platform, which automates information collection from publicly available sources, simplifying the screening, verification and monitoring of compliance of business partners.

In addition, the DI Platform integrates business intelligence and data analytics capabilities to help enterprises better utilize information and assess risks, such as:

  • Potential conflict of interests of your employees
  • Operational or reputational risk of third parties
  • Ongoing evaluation of third parties' performance and monitoring on the dynamic risk exposure

The DI Platform can integrate standalone datasets from various internal systems, such as HR, Procurement, and Finance, and overlay them with external information collected.  With advanced network analytics built on the Platform, organizations can focus on networks, hidden relationships, connected events, rather than viewing each transaction, employee or vendor in isolation.  This can identify potential conflicts of interest and can help organizations better monitor and safeguard their assets.

Based on the information gathered and analyzed, the DI Platform can develop individual risk profiles for third-parties, with supporting risk ratings based on the risk indicators and thresholds tailored to meet the organization's risk appetite.  Compliance resources can divert their focus to higher risk third-party relationships to better address any potential reputational concerns.

Once the relationship is formed, the DI Platform can support the continuous monitoring of performance and risk exposure with analytics and visualization of key operational, financial and compliance metrics.  This allows business and compliance professionals to make better-informed decisions on whether to maintain and extend the business relationship, and identify the operational synergies from working with the third party.

Deloitte BIS, with its deep industry focus and innovative technology, has established business solutions in various use cases.  In addition to the third-party supplier due diligence introduced in this issue, we will also launch a series of articles on how Business Intelligence is acquired from social media, how it benefits mergers and acquisitions and builds a stronger human resources function.  Please follow us for our next issue.

Did you find this useful?