Entity monitoring to reduce third party risk

January 01, 1970 by Mark Dunn

More than insurance

An important piece in the risk management jigsaw is ongoing entity monitoring to manage the financial, reputational and strategic risks that are inherent parts of doing business with third parties. While most third parties are honest, does your company know whether others are engaged in bribery, corruption, money laundering or other illegal activities?  What strategies do you have in place to deal with the fallout should one of your clients or suppliers face an investigation?

Entity monitoring to manage third party risk is not just an insurance policy.  Properly implemented, it can build stronger supply-side relationships, resulting in a more proactive, responsive and more profitable relationship for both parties.

Heading danger off at the pass

Company leaders are increasingly recognising the need for a new approach to identify third party risks to be able to take remedial action quickly to prevent reputational, regulatory or financial damage.  Entity monitoring allows compliance staff to identify high risk third parties, act on the information received and escalate if it represents a threat.  What many companies do not realise is that traditional internal due diligence procedures for identifying third party risk may not be enough, particularly in high risk industries.

The UK Financial Conduct Authority (FCA) makes it clear in 'Financial crime: a guide for firms', that a "firm's compliance function has oversight of all third-party relationships and monitors this list to identify risk indicators… Firms must therefore put in place systems and controls to identify, assess, monitor and manage money- laundering risk".

A similar publication by the US Department of Justice (DoJ) and Securities and Exchange Commission (SEC) on the Foreign Corrupt Practices Act (FCPA) says: "Companies should undertake some form of ongoing monitoring of third-party relationships."

Who, what and how to monitor

An effective third party monitoring campaign encompasses suppliers, partners, agents and any other third party a company has dealings with to identify red flag issues.  It involves monitoring international watchlists, news providers, sanctions lists and alerts on Politically Exposed Persons (PEPs).

The sheer volume of information that is now available means that manual checking and monitoring is not an effective option: companies now need to automate this process – usually through a specialised risk and compliance provider.

The wider picture of a third party's partners, associates and suppliers that a specialist service provides will help a company meet enhanced due diligence requirements, while advanced data analytics, media monitoring services and screening will help improve relationships, leading to smoother processes and higher profitability..

Different levels of monitoring services are available and a company's choice of service should depend on the degree of risk inherent in a third party relationship.  One-time checks, for instance, can usually be achieved through individual subscription services where selected content is purchased to meet a specific requirement.  Aggregated subscription services, however, are more appropriate where ongoing monitoring is required, where significant language or cultural barriers exist, and when the company is operating in high risk industries or territories.

Related Blogs

ps 3 ways you can apply this information right now to…

  1. To protect your business and reputation you need to understand your customers and your third parties.Lexis Diligence brings together all the intelligence you need in one place to conduct consistent due diligence and comply with anti-money laundering and anti-bribery regulatory requirements.
  2. Keep up to speed on developing news and expert opinion with our regular posts on Anti-Bribery & Corruption and Anti Money Laundering. Subscribe to our blog to have updates delivered directly to your inbox.
  3. Leave a comment below. Let's start a conversation!