Blog
Compliance due diligence processes increasingly require a deep understanding of data and its sources.
For compliance teams, establishing proper data management initiatives may not be high on the priority list, but they’re becoming more and more relevant to third-party due diligence programs. There are a variety of reasons for this, but two of the primary ones are: 1) the burgeoning volume and velocity of new business data being generated globally, and 2) intensifying compliance requirements by regulators seeking to protect the market, consumers, and businesses from misconduct and corruption.
In today’s global economy, we can confidently expect that compliance and fraud risk exposure will also continue to trend upward, fueled by the consistent progression of digital technology and the demand for faster, more agile financial transactions. In a recent risk management survey conducted by a leading global research and advisory firm, fully 89% of respondents said that they believed their organization’s level of risk had remained steady or increased in the past 12 months.1
Government regulatory bodies institute policies to help protect individuals and businesses from the effects of fraud and corruption. Failure to comply results in painful penalties, as well as reputational damage, which was named as the top concern of respondents to the risk management survey as a consequence of ineffective risk management.2 This tells us that there is much to do around data and third-party due diligence.
The due diligence process as it applies to suppliers and other third parties is used to detect and prevent events like money laundering, terrorism financing, financial fraud, and other improper activity. A reliable and effective data framework is the backbone of the effort to know your third parties (often abbreviated to KYTP).
We must ensure a thorough understanding of the data and its sources so that this backbone can properly support the entire process, from screening and onboarding to relationship management and onward through the life cycle of the business relationship. With this, you can avoid or minimize spending valuable time and resources collecting, fixing, and finding data you may or may not possess. Here are two key areas where an effective KYTP program would depend on proper data management:
Here are some introductory suggestions for compliance teams without much experience advocating for better governance of the third-party risk data they need to work with:
In the current business environment, remote and digital transactions have become much more common as compared to in-person traditional methods. This includes greater use of remote strategies for monitoring third-party relationships and for identifying risks in supply chains and other business networks.
This translates to a greater-than-ever reliance on properly managed data to enable due diligence programs to work as they should — to make screening more efficient and accurate, to make risk management more comprehensive, and to help compliance become better known as a business value creator rather than a cost center.
1“Change the Culture of Risk Management to Increase Business Resilience” (a commissioned study conducted by Forrester Consulting on behalf of Dun & Bradstreet), August 2022. | 2 Ibid. | 3 Ibid.
The information provided in articles are suggestions only and based on best practices. Dun & Bradstreet is not liable for the outcome or results of specific programs or tactics undertaken based on your use of the information. Please contact an attorney or financial/tax professional if you are in need of legal or financial/tax advice.
There are multiple Contact Forms popups in the page. Only one Contact Form popup could be present on single page. Please reconfigure Contact Forms and refresh the page.