With third-party due diligence and supply chain security as increasingly critical components of organizations’ procurement operations, compliance executives are finding important positions in their firms’ purchasing processes. Understanding exposure to risk is essential for companies today, and Dun & Bradstreet (D&B) research suggests awareness is strong, with U.S. and U.K. procurement professionals identifying supplier due diligence, internal compliance training, social governance efforts and continued vendor monitoring as the biggest concerns.
Dun & Bradstreet Global Head of Compliance and Supply Products Brian Alster said that, as the once-separate procurement and compliance efforts within organizations continue to converge, technology is going to play an increasingly critical role for businesses to manage the bombardment of risks, including fraud, non-compliance and cyberattacks. The businesses that are going to succeed in their compliance and risk strategies, he added, are those that understand the relationship between procurement and compliance.
“While, in many cases, these functions are being done separately, what they’re doing — meaning the questions they ask and the information they need to collect — is very much in line with each other,” Alster said in an interview with PYMNTS. “[Therefore, those] companies that have more mature processes around their policies have figured this out, and have started to align their organizations in a way to collaborate.”
The kind of data that both procurement and compliance teams are looking to collect often involves information about third-party suppliers, including who their own third-party partners are, what their cybersecurity processes involve, whether they are on any sanction lists and even what the media is saying about that company. By fostering cooperation between procurement and compliance to streamline collection of this data, both functions of the enterprise can become significantly more efficient.
That’s only if analysis of that data can be done correctly, however. Automated risk management solutions can be helpful in theory. Yet, according to D&B’s report, about one-quarter of procurement professionals reported problems related to automation, data population and artificial intelligence (AI), as well as the failure of risk monitoring tools to pick up on any status changes of third parties, which contributed to the company being exposed to fraud.
Those shortcomings were in addition to the 37 percent of professionals who cited policy-related failures, including a lack of adequate internal training or understanding of a risk-based approach.
The lack of knowledge, training and clear policy can expose an organization to more risks, considering the changing nature of global regulations and threats. Alster said current market conditions, like the global economic slowdown and trade disputes, have forced businesses to adjust their supply chains, which, consequently, changes firms’ risk exposures. Particularly in industries like manufacturing, technology and energy, changing regulations have forced firms to adjust not only their procurement strategies, but their compliance efforts.
“The level of due diligence is greater than any time in the past several decades, because regulators around the world are requiring more,” he said. “In that environment, one would expect there would be significant investments in people or technology to keep up with the increased requirements — and, unfortunately, that’s just not the case.”
Organizations must do more with less, and they must do it quickly, he continued. That’s the idea behind Dun & Bradstreet’s D&B Compass solution, launched this week to automate third-party risk management for procurement and compliance professionals.
Procurement teams appear to understand the value of technology in their compliance and risk mitigation efforts, particularly when it comes to market research and analysis, monitoring supplier performance and compliance process management, D&B’s Compliance and Procurement Sentiment Report showed.
Corporate spend on RegTech in the first half of 2018 was larger than the entirety of RegTech spend in 2017, KPMG recently found. However, D&B data identified areas in which technology is not meeting procurement professionals’ compliance needs. Nearly one-third of D&B survey respondents identified technology as a barrier — not an aid — to some of the tasks executives must complete in their regulatory compliance efforts.
For technology to effectively support the procurement compliance process, it must not only be able to support data aggregation, but identify what data holds the correct information necessary for intelligence analysis as well.
Artificial intelligence, said Alster, has emerged as a pivotal technology to achieve that goal by accelerating the extraction of accurate data and combating false-positives. AI is able to assess information, not necessarily based on hard data, too — for instance, how a third party’s risk profile might be impacted by negative press and a degraded reputation.
The launch of D&B Compass reflects a changing ecosystem of corporate procurement compliance and the buyer-supplier relationship, noted Alster. As data integrations become more seamless, the ability for technologies like AI to collect and efficiently assess information on third-party suppliers will be imperative. For those technologies to be most effective, procurement and compliance teams must work together, too.