A Blueprint for Better Third Parties
Even small manufacturers have remarkably complex supply chains, oftentimes global in nature, that need to be managed effectively and efficiently to mitigate the endless sources of risk. Hundreds or thousands of third-party relationships — and even more for large manufacturers — are a necessary evil in today’s economy, thanks to the efficiency that the system brings to a manufacturer’s operations. At the same time, this growing compendium of third parties must be held responsible for those risks. A few companies are looking into ways to help solve that dilemma.
Greg Dickinson, CEO of Hiperos, says that an average manufacturer today is dependent on third parties for 40 to 60 percent of its revenue, because such a system is more efficient. The supply chain can run from a handful of third parties, to hundreds of thousands, Dickinson says, with multiple contracts applicable for each.
Dickinson thinks his company has a solution. Most manufacturers today have ethical standards they want to uphold among their third party supply chain, not to mention thousands of regulations that must be upheld. The problem is, essentially, figuring out which third parties need to be more closely watched than others.
This is all the more important with is the threat of a third party violating the U.S. Foreign Corrupt Practices (FCPA) Act, which lays out ground rules when dealing with foreign officials or firms and gaining new business. Essentially, the Act makes direct or indirect payments — bribes — illegal, and forces public companies to maintain, with the SEC, record books that reflect positive business transactions. While global manufacturers strive hard to act in legal and ethical ways, they are often held responsible for the actions of their third parties.
Dickinson thinks his company has a solution. He says, “Hiperos provides a SAAS platform that helps businesses manage distinct business processes that fall into [the above challenges] around performance management, compliance, risk management, supplier on-boarding and more. Anything you could envision in your world of supply chain that is now a necessity when you’re dealing with third parties.”
Dickinson continues, “Clearly, FCPA has been one topic that third parties can subject companies to reputational risk and regulatory penalties. The penalties so far this year have been north of $10 billion. So, it’s on the minds of most boards.”
In order to help deal with the complexity of managing a global network of third parties, Hiperos has published a “blueprint” for creating an FCPA compliance program.
The first step into dealing with possible FCPA violations — along with the other concerns mentioned above — Dickinson says that manufacturers need to raise their own awareness of their current situation in relation to their third party network. He says that many Fortune 1,000 companies have endured an “event” that ran them afoul of regulations and cost them dearly in fines, leading to a more comprehensive planning phase, but others may be lacking. He says that while many companies have the necessary policies in place, there’s no way to keep it manageable.
Hiperos’ software-as-a-service (SaaS) application for Third Party Management (3PM) aims to help solve some of that managerial complexity. The application segments a manufacturer’s third parties into various categories based upon a wide-ranging selection of risks: geo-political, transactional, FCPA, operational and others. The application takes data on each of those parties and offers up which are most susceptible. In the case of FCPA, third parties in regions of geo-political instability may rank as riskier than others.
If a manufacturer uses the Hiperos 3PM software and discovers that some of its suppliers are high-risk, Dickinson says they will need to be subjugated to an “assessment” that helps determine what steps to take next. As explained within the blueprint, a manufacturer should invest in training its employee about compliance and “periodically remind third parties and relationship managers about the company’s compliance policies and gather attestations to uphold those policies.”
When it comes to manufacturers and the risks — reputational and otherwise — of third parties, there are few relationships more visible than Apple and Foxconn. Dickinson says this situation is a prime example of why 3PM software would be beneficial to manufacturers of all sizes. A company like Foxconn would likely trigger a high-risk warning. For Apple, this is nothing new, and the company has developed vast amounts of literature and guidelines that its suppliers must uphold.
The problem, as Dickinson explains, is that third party risk includes companies that won’t adhere to even the most prepared ethical guidelines. In Foxconn’s case, clearly was not honest in terms of hiring underage employees, which caught Apple some flak recently. This is where a compliance program, along with those assessments of various third parties, come in handy. While Foxconn continues to be the subject of criticism, Apple’s insistence that it forces suppliers to adhere to a stringent list of ethical regulations has helped maintain its reputation.
Dickinson says, “You can’t protect yourself from all bad people, but if you put a proactive approach in place, you will minimize the exposure to your company, and your reputation will be impacted least.”
For more information, please visit www.hiperos.com/pdf/Hiperos_FCPA_Blueprint.pdf.