Supply Chain and
Third-Party Risk Management Considerations for Manufacturers
By Gareth Montague-Smith
Supply chain disruption due to the pandemic has many manufacturers rationalizing their suppliers and giving more consideration to the locations from which their materials come . In addition to a more nationalist sentiment about sourcing domestically , there is also a trend toward qualifying secondary and back-up vendors . Although a good strategy , it ’ s important to perform the appropriate due diligence procedures to avoid potential risks and to utilize a thirdparty risk management ( TPRM ) program .
Management should create an inventory of their third parties , including those in the supply chain , by reaching out to all departments with authority to enter into third-party contracts . At a minimum , they should be able to identify all their third-party relationships and understand the nature of each one . Ideally , they should evaluate the types of risks associated with each third party and prioritize them by severity and likelihood of risk exposure . Third-party relationship analyses should be completed at an enterprise-wide level , which will highlight concentrations of exposures to individual third parties as well as concentrations by risk type .
Management will then be able to prioritize and focus on the highest concentrations with the greatest risks garnering the most attention . For example , consideration might include which raw materials are the most critical to have on hand versus those that have substitutes . It might also include the manufacturer ’ s ability to source the materials from a secondary vendor and the financial / operational impact .
Typically , third-party vendors are first subject to a due diligence review that evaluates the quality of their operations and helps define their inherent risk profiles and long-term viability . Once the review is completed , management must assess additional risks associated with the third party relative to data security , customer interaction , brand reputation , liability , fraud , intellectual property rights , business continuity and geo-political issues . A determination can then be made from a risk acceptance or mitigation perspective as to whether the risks posed by the potential third party can be remediated contractually or mitigated to an acceptable level by internal controls at the company . To achieve the most impactful program , companies should establish a single TPRM framework that is employed consistently across the entire company . The TPRM should address all dimensions of the company / third-party relationships , including alignment with the business strategies and goals of the company , the selection of third-party providers and the contractual agreements to be made with them , the necessary ongoing oversight and monitoring requirements and the processes to terminate relationships as risk exposures change .
Sourcing strategies will change , and a manufacturer ’ s inventory of third-party providers is dynamic with new risks and disruptors constantly emerging . These combined inputs create a highly complex situation that has the potential to create significant disruption and distraction if outlier risks are not adequately identified and controlled . A centralized , comprehensive and integrated third-party oversight framework should become the lever to managing the influence of outside sources on this system .
In 1908 , during the midst of an Oil and Gas boom in Roane County , West Virginia , the beginning of a strong community bank was founded on the banks of the Pocatalico River in Walton . Over the course of the next 112 years , Poca Valley Bank has expanded operations into Roane , Kanawha and Putnam counties with branches in Spencer , Walton , Clendenin , Elkview , Sissonville , Poca and Winfield . Our electronic and mobile banking options allow us to serve customers all over the United States .
At Poca Valley Bank , relationships matter ! We pride ourselves on being big enough to serve your financial needs — yet small enough to genuinely care about the residents of our local communities . Call 1-844-782-2651 for more information .
pocavalleybank . com