Third Party Oversight: Is Location Risk Monitoring on your Radar?

Globalization has enabled, and in many cases demanded enterprises, both large and small, to generate value through a globally distributed third-party network. Manufacturing in China, IT from India, outsourcing to the Philippines, and near-shoring with Mexico are results of a willingness to source globally and extract value and realize the benefits and unique advantages that specific locations offer.

The consequence, though, is that an enterprise is now only as robust as its third parties. Global sourcing, while offering immense opportunities for value creation, magnifies supply and sourcing chain risks. We wrote about supplier risk and how Supply Wisdom quantifies supplier risk in an earlier blog.

An equally important component of third party operations is Location Risk. A Deloitte study points out that a breakdown in supply chains and sourcing chains is a critical third party risk vector.

Comprehensive Third Party Oversight (TPO) can help prevent or mitigate disruptions from location incidents and issues.

Developing an effective and comprehensive Third Party Risk Monitoring (TPRM) program must begin with an understanding on what constitutes Location Risk. Approaching city and country risk from the same perspective as supplier risk does not do justice to geography specific threat vectors that could have larger ramifications on supply and sourcing partners.

So, what constitutes Location Risk? A variety of geopolitical, economic, and legal factors contribute. Any of these factors can disrupt a supply or sourcing chain, potentially leading to reputation, operational, and financial losses.

Supply Wisdom’s proprietary, objective framework includes the following categories to quantify Location Risk:

  • Macro-Economic Risk
  • Financial Risk
  • Geo-Political Risk
  • Infrastructure Risk
  • Legal/Security and Compliance Risk
  • Business Risk
  • Scalability Risk
  • Quality of Life Risk

How can enterprises institute TPRM that is tailored for Location Risk?

Location Risk is not merely country risk. A substantial number of disruptions are localized to cities without influencing the overall country risk level. Ensure your TPRM captures the complex supply and sourcing chain interactions into a comprehensive list of locations that you must monitor. For instance, would country-level risk monitoring for India flag a highly localized disruption in Chennai and trigger your business continuity plans? Is your monitoring focused enough to alert you about the disruption caused by this strike in Bangalore, which did not impact the rest of the nation? What about alerts that are rarely reported on time in global English language sources, such as this incident in Guadalajara? Does your Location Risk monitoring capture power supply and weather disruptions in cities?

Supply Wisdom arms TPRM and GRC practitioners with proactive and continuous Location Risk monitoring, allowing them to focus on planning and managing responses to disruptive risk events. Supply Wisdom analysts research and grade risks and potential threats from a variety of sources and languages, bringing you only those risks that need your attention. We go beyond standard sources to ensure no risk, country or city, escapes your attention. Supply Wisdom recommends that you put stable and low risk countries on periodic risk reporting schedules while continuous Location Risk monitoring is essential for all critical and high risk countries and cities.

Contact us to see how Supply Wisdom’s early warning and real-time alerts for countries and cities that are critical to your supply and sourcing chains adds certainty to your Third Party Risk Management program!

This post was originally published on LinkedIn.

John Bree

John is a financial industry professional with a proven track record in developing and managing AML/CTF, KYC, Anti-Fraud and Vendor & Third Party Risk Management programs. He has held senior positions in New York, Tokyo, Singapore and London for Citi and Deutsche Bank covering corporate, investment, commercial and consumer banking operations. He has proficiency developing and implementing analysis, operations, monitoring and investigation systems and processes involving transaction accounts, credit cards, debit cards and online banking.

John has managed global staffs and corresponding budgets in multiple locations and delivered cost efficient and operationally effective programs ensuring compliance with local and global regulatory requirements. Through interaction with Internal Audit and regulatory agencies including FRB, OCC, ECB, UK-FSA, MAS and Japan-FSA resolved MRIAs, MRAs and Findings on time and without penalty.

IAOP connects you and your organization to our global community and resources.