U.K. businesses are failing to adequately vet their new suppliers, exposing those firms to risks that are poorly understood, according to new research from Dow Jones Risk & Compliance.
New analysis published Monday (Oct. 14) said corporates are inconsistently applying policies intended to mitigate supplier risk of corruption, bribery and other financial crimes. A survey of 250 U.K.-based procurement officials in a range of industries, including oil and gas, IT and technology, engineering and construction, found that nearly one-third of companies work with business partners or vendors that are considered “high risk.”
Half admitted that the time it takes to vet those suppliers leads procurement officials to “cut corners,” while researchers also found that one-third of all supplier on-boarding that occurred among the surveyed businesses in the past year was likely to have been done incorrectly.
The report also highlighted concerns over a lack of confidence among procurement officials with regard to their supplier on-boarding practices, as well as the level of influence that senior-level executives have over vetting processes.
In addition to exposing these companies to the non-compliance risks of their supplier base, the report also warned that the U.K.’s Serious Fraud Office is expected to ramp up enforcement that could lead to penalties, business disruptions, and damage to reputations.
“This research reveals significant gaps in the implementation of third-party risk management processes, as well as a lack of business-wide understanding about the risks such processes are designed to address,” stated Down Jones Risk & Compliance General Manager Guy Harrison in a statement. “With enforcement action on the rise, compliance simply isn’t the place to cut corners. U.K. businesses need to address blind spots around third-party risk management as a matter of urgency.”
Jim Lord, former U.S. Department of Justice prosecutor and Down Jones Risk & Compliance consultant, added that the research “suggests that compliance officers need to have visibility over the entire third party on-boarding process.”
“A consistent risk-based approach implemented throughout the organization with oversight from compliance is a critical component of having ‘adequate procedures’ in place,” he said.