- More than six in ten compliance and legal leaders (62%) said they expect third-party risk management to be a heightened area of risk requiring additional focus this year, according to a survey report from Compliance Week and FTI Consulting.
- Other top-of-mind compliance risks for 2023 include litigation/regulatory exposure (45%); anti-bribery, anti-corruption and anti-money laundering fraud (38%); and ESG matters (38%).
- Respondents’ priorities for upgrading or implementing compliance-related technology over the next year include reporting and dashboarding (30%); transaction monitoring and audit tools (21%); and enterprise data management (18%).
Third-party risk management is a leading concern for compliance leaders across companies of different sizes, compliance program maturity and industries, the Compliance Week and FTI Consulting survey found.
One reason for the increased attention on third parties this year could be that more organizations are outsourcing work to address deficiencies amid labor shortages, according to Ann Marie Wick, a managing director in FTI’s forensic and litigation consulting segment.
“There’s a notable shift right now with companies that are starting to outsource more of their services,” Wick said in the report. “With that shift, third-party management will continue to be a challenge.”
Third-party risk management was also the most popular risk area for which respondents employ technology at 55%.
For those organizations without a mature third-party risk management program, due diligence and monitoring typically are challenges.
“Appropriate tools and technology can help organizations identify and address red flags during the due diligence process and assist in regular monitoring of their third parties to reduce outsourcing risks,” Wick said.
Other risk areas in which respondents said they currently employ technology include ethics and compliance (50%); communications/transaction monitoring (47%); and anti-bribery, anti-corruption and anti-money laundering fraud (42%).
Despite ESG ranking among the leading heightened areas of risk, just 10% of respondents said they employ technology to address such issues.
Additionally, only 13% of respondents described their compliance team’s use of technology as “very mature,” compared to 29% who responded that their team’s usage was “not mature.”
Respondents who said their compliance team’s tech usage was very mature were much more likely than other respondents to report that machine learning and artificial intelligence are important to their compliance strategy, with 84% from that category answering in the affirmative.
The Compliance Week and FTI Consulting survey results come from an online survey conducted with 151 legal and compliance decision-makers between February and March of this year. Respondents to the survey largely represented the technology, banking, healthcare and manufacturing sectors.