Published by Gbaf News
Posted on November 1, 2017
More than half of organisations say their third-party risk management programmes are maturing or advanced – putting them in a stronger position to combat cyber-attacks, bribery, corruption and conflicts of interest.
Leading ethics and compliance software and services company NAVEX Global® today announced the release of its 2017 Ethics & Compliance Third-Party Risk Management Benchmark Report. While concerns about third-party risk remain high – particularly regarding cyber security – more than half of organisations (58%) ranked their programmes as maturing or advanced.
“We continue to see a move toward centralised and automated systems, which allow organisations to treat third parties the same way they treat their own employees with access to hotlines, training and policies,” said Randy Stephens, J.D., Vice President, NAVEX Global. “This is a smart approach, especially given the top concerns we see each year – even if some of those stated concerns fluctuate based on compliance failures in the headlines and shifting regulatory pressures.”
Forty-nine percent of respondents said cyber security and data protection was their top concern this year. This is the first time cyber security was the top concern in this annual report with a 10 percentage point increase from the 2016 survey. Bribery and corruption was the second most-common concern at 42 percent, ahead of conflicts of interest (the top choice in the 2016 survey) at 34 percent.
“There appears to be a fluidity in what respondents believe is the highest risk – even if the top three choices remain fairly consistent,” said Stephens. “Cyber security is always a major concern. But bribery and corruption has also been in the news of late. This issue is particularly significant for large organisations, given the regulatory guidance in the Foreign Corrupt Practices Act – which organisations are increasingly using to inform into their programmes.”
While survey respondents identified cyber security as the top concern overall, bribery and corruption was still the #1 issue among organisations with more than 5,000 employees and annual revenues of $1 billion or more. Bribery and corruption was also a greater concern among organisations where 20 percent or more of their annual revenue is related to or generated by their third parties.
Bribery and corruption was more of a concern in Europe, the Middle East and Africa (65%) and Asia-Pacific (64%) than it is in North America (32%). Conversely, North American organisations were far more concerned with cyber security (56%) than their counterparts in Europe the Middle East and Africa (39%) or Asia-Pacific (28%).
The number of third-party partners, and the complexity of the business relationships, has grown considerably for most organisations in recent years. According to Michael Volkov, former federal prosecutor and CEO of The Volkov Law Group, LLC. “Organisational size and geography play a large role in determining what keeps executives up at night. It has become increasingly necessary to automate third-party risk assessment and mitigation using a robust compliance management system.”
Other key findings include:
More than half of organisations say their third-party risk management programmes are maturing or advanced – putting them in a stronger position to combat cyber-attacks, bribery, corruption and conflicts of interest.
Leading ethics and compliance software and services company NAVEX Global® today announced the release of its 2017 Ethics & Compliance Third-Party Risk Management Benchmark Report. While concerns about third-party risk remain high – particularly regarding cyber security – more than half of organisations (58%) ranked their programmes as maturing or advanced.
“We continue to see a move toward centralised and automated systems, which allow organisations to treat third parties the same way they treat their own employees with access to hotlines, training and policies,” said Randy Stephens, J.D., Vice President, NAVEX Global. “This is a smart approach, especially given the top concerns we see each year – even if some of those stated concerns fluctuate based on compliance failures in the headlines and shifting regulatory pressures.”
Forty-nine percent of respondents said cyber security and data protection was their top concern this year. This is the first time cyber security was the top concern in this annual report with a 10 percentage point increase from the 2016 survey. Bribery and corruption was the second most-common concern at 42 percent, ahead of conflicts of interest (the top choice in the 2016 survey) at 34 percent.
“There appears to be a fluidity in what respondents believe is the highest risk – even if the top three choices remain fairly consistent,” said Stephens. “Cyber security is always a major concern. But bribery and corruption has also been in the news of late. This issue is particularly significant for large organisations, given the regulatory guidance in the Foreign Corrupt Practices Act – which organisations are increasingly using to inform into their programmes.”
While survey respondents identified cyber security as the top concern overall, bribery and corruption was still the #1 issue among organisations with more than 5,000 employees and annual revenues of $1 billion or more. Bribery and corruption was also a greater concern among organisations where 20 percent or more of their annual revenue is related to or generated by their third parties.
Bribery and corruption was more of a concern in Europe, the Middle East and Africa (65%) and Asia-Pacific (64%) than it is in North America (32%). Conversely, North American organisations were far more concerned with cyber security (56%) than their counterparts in Europe the Middle East and Africa (39%) or Asia-Pacific (28%).
The number of third-party partners, and the complexity of the business relationships, has grown considerably for most organisations in recent years. According to Michael Volkov, former federal prosecutor and CEO of The Volkov Law Group, LLC. “Organisational size and geography play a large role in determining what keeps executives up at night. It has become increasingly necessary to automate third-party risk assessment and mitigation using a robust compliance management system.”
Other key findings include:
Explore more articles in the Technology category
