The Emtrasur plane carrying parts for a VW supplier was arrested at Ezeiza airport. AP photo.
Globalization, the possibility of being able to expand operations more rapidly in different locations, the dynamics of change of shareholders make it a necessity or obligatory know who we relate to in business.
We have seen it on several occasions how a company can be influenced in economic or reputational terms for not having verified with whom you are starting or maintaining a business relationship.
We have seen the worldwide increase in laws, regulations, procedures and best practices aimed at preventing or minimizing these economic and reputational risks. For this, it is established within organizations a third-party control and verification framework, through organizational units in the different areas of the companies.
However, the creation of these control structures becomes an extremely bureaucratic task, where investment of time, human and financial resources which is dedicated to its fulfillment is remarkable, which, not in a few situations, leads to the omission of the same, which derives from a lack of control or a lack of control in the verification structure aimed at preventing relationships with third parties that may have repercussions on the companies.
Organizations must ensure the control and monitoring of the third parties with which they are related, such as eg workers, subcontractors, customers, suppliers, partners business, inter alia, as the activities of these third parties can cause risks for the organization itself.
For this reason, third-party Due Diligence processes are a fundamental element of control within organizations. They seek a correct and accurate selection of third parties with which the companies are connected. The ultimate goal is to verify that the behaviors and actions of third parties are legally and ethically aligned with those of the organization. That is why implementing an adequate third-party management system can minimize these risks.
The Volkswagen case and the Venezuelan-Iranian plane
We recently saw it the case of the Boeing 747 of the Emtrasur companywhere is it Volkswagen Argentina declares to respect all compliance processes of its suppliers.
In this case it would apply to the supplier from which the seats and instrument cluster for the Taos model are purchased. However, indicates that he does not know the relationship between the promoter (freight forwarder) and the airline used to send the pieces to Argentina.
This case shows us the importance of extending and requiring the due diligence process to all third parties which constitute the value chain of a process and which can be monitored.
In this sense, it should be emphasized that the due diligence processes of third parties should include the verification of aspects such as art financial situation, its administrative and judicial history, its possible relationships with public scandals, terrorism and validations that allow us to have an initial vision of the third party we interact with.
Likewise, use this process for communicating the organization’s principles, ethical values and various aspects that lead to an integral performance and without violation of the organization’s internal regulations.
We have seen in some organizations that most of the processes mentioned above are performed manually or in excel sheets, with the absence of global visions in terms of verification carried out on legal persons or on the representatives of the companies or third parties with which they are connected, with a high participation of areas of the organization that carry out individual assessments with archiving of information in each of them, these areas, e absence of centralized risk quantification found in each of these assessments, which does not allow for a timely determination when a relationship may or may not be beneficial to the organization.
Current technology e speed with which information is generated they are factors to be considered when assessing the risk levels of the companies or people we interact with, therefore organizations need to be able to analyze information in real timeallowing its categorization and assessment of its risk levels, establishing a prevention framework for our third parties.
Organizations should think about due diligence processes with high levels of automationit being understood that this would generate advantages linked to the number of hours invested by the staff in the search for information, to the centralization and maintenance of documentation to support the verification processes, as this it can be an element of defense when you want to demonstrate performance and management of organizations in the verification process.
Process automation
Among the advantages that we can obtain with automation through software that support the due diligence process we have:
- Maintain evaluation standards.
- Define the review periodicities from the beginning of the report.
- Manage the entire risk lifecycle and manage them visually.
- Centralize the monitoring of all third parties.
- Centralization of documentation to support due diligence processes.
- Ease and speed in compiling and updating the policies and regulations that the organization applies to its third parties.
- Simplify the decision-making process by relying on reliable and up-to-date information.
Everything indicates that the dynamics of information and the increase in risks lead organizations to think more about moving towards decision-making and monitoring models that have a high level of automation and where the software or tools used are consistent with their processes of business, generating trust and added value to internal processes.
* Carlos García is partner of the Compliance Department of Lisicki, Litvin y Asociados.
NEITHER
Carlos Garcia
Source: Clarin
