We began with a consider of the definition of third-party. Gellert related, “Historically, people talked about simply an entity outside of your organization as a third party. However, that definition is broadening, to mean really that entity with which your company works.” Obviously, this can be a supplier or vendor, it can be a service provider, a customer, a joint-venture (JV) partner and/or an intercompany affiliate. A broader view could include intercompany affiliates as third parties, even though many people would see them as just being another entity inside of a business. Gellert said, “the definition of third parties is expanding, which only makes life more complicated for anyone trying to do third party risk assessments and then the tiering just creates an exponential change.”
Specifically, “in supply chain, a tier one supplier is one of the suppliers your organization is directly purchasing from. Next a tier two is one that your company’s tier one is buying directly from. This means for risk managers assessing the various risks of their supply chain have to go deeper and deeper. One way to do so is through trying to understand the connection between tiers one, two, three, four and so on. The problem is there are many risks that companies do not manage because they cannot identify which companies are taking risks.” Gellert further noted, “one of the hottest topics in 2019 for a supply chain and risk managers is trying to get their arms around how to handle this particular question.”
I asked Gellert how would he suggest a supply chain professional began to think through some of these issues articulated but in the context of a global supply chain? He began by stating, “anyone who is involved in third party or supply chain risk management needs to try to map out and understand the suppliers whose exposure they need to assess for their organization. Obviously, this includes both direct and indirect suppliers but in terms of the tiering, the best way for anyone to understand the supply chain risk is to have really good communication with their tier one suppliers to be able to discuss the risks to both businesses.”
Moreover, “this means communicating with a tier one supplier about who their tier ones are that are providing product or service that are coming to that client. Only with that type of transparency and communication can businesses look through the tier one into the sub tiers to understand the risk your organization has and where there may be a risk concentration. Without effect communication and dialogue, created and fostered as part of the relationship, people are going to fly blind.” Finally, in this global economy with such internationalization and diversification of supply chains, organizations you “really do need to pull out all the stops to try to manage risk. Communication is one of the first places to start.”
Gellert concluded with some thoughts on transparency, which he believes is not only important but “should be applied everywhere.” He said you should begin with your tier ones but the ability “to look deeper into the supply chain is also really important.” Further, Gellert said, “a lot of supply chain risk professionals can go wrong if they use transparency as a bludgeon as opposed to as an opportunity. Then the company they are asking for information from only sees risks in disclosing information as opposed to seeing commercial value and we promote transparency as a means to commercial value.” But it is more about fostering the relationship so that you can adequately assess and then manage the risk. Gellert noted, “that’s the key part, that people have to embrace if they’re going to be able to look deeper into their supply chains.”
Please join us tomorrow when we consider some of the challenges Gellert is seeing in supply chain risk management for 2019 and going forward.
This podcast series is sponsored by Rapid Ratings International, Inc. For more information, check out their website at www.rapidratings.com.
Day: April 3, 2019
Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, Matt Kelly (the coolest guy in compliance) and I take a deep dive into resignation of now former Wells Fargo CEO Tim Sloan. We use his departure as a starting point to discuss some of the issues which continue to bedevil the organization some three years after the original fraudulent accounts scandal broke.
Some of the highlights include:
- Another tough Congressional hearing, another Wells Fargo CEO resigns.
- Why can’t Wells Fargo turn around its culture?
- Should an outsider (IE., non-long term Wells Fargo employee be brought in to right the ship?
- What is the difference in high-performing and high-pressure organizations?
- Why does Wells Fargo continue to resist whistleblower retaliation claims?
- Does Wells Fargo treat its customers as it treats its employees?
- What draconian sanctions are the OCC and Fed considering?
- What can Wells Fargo do to actually change its culture?
If you are in Houston on Friday, please plan to attend the South Texas College of Law 2019 Symposium on Compliance in international Corporate Legal Practices – Legal Development and the Talent Needs of the Future. Information and registration details available here.
Compliance and healthcare
Healthcare is a highly regulated industry that essentially boils down to having a comprehensive quality management system. Tests that detect things such as cancer, or HPV, or the Zika Virus need to work and deliver consistent and accurate results.
So there is no need to explain why compliance is important. The whole company gets it. These are test results that people rely on — it could be you, a parent, a sibling, or a grandparent, waiting to ensure that the test result they get is right. So the people working on this hold themselves to a higher standard and are making sure they cross all the t’s and dot all the i’s because it’s important. There’s a patient — a real person — on the other end of it.
Global values
Having products that need to be delivered all over the world means having to deal with wildly inconsistent regulations, and that’s where Roche values, leadership commitments, and cultural beliefs come into play. Much of their growth also comes from acquisitions, which means the merging of very different workplace cultures. But at the end of the day, everybody is in the healthcare space, and people understand that it’s about doing the right thing.
Diversity of women in compliance
Thirteen out of the fourteen people in Virginia’s team are women, and they have a diverse background of life experiences and skill sets, represent almost every race on the spectrum, speak different languages, married, divorced, single parents, single with no kids, some people with disabilities, and with ages ranging from their 20s to their 60s. Sometimes we think about diversity in pretty narrow terms, but it’s this diversity that brings richness and perspectives into the mix.
Virginia believes that the reason women are more prevalent in the field is because it’s new — there’s no need to start by breaking the glass ceiling, which is empowering.
The future of compliance
Compliance is only becoming more institutionalized. Her advice is to go to the conferences and begin to network. Start thinking about how you can write, speak, present, and share ideas. The best things this community has come up with has come from collaborating with people who share different perspectives and can take our ideas one step further.
In terms of looking forward, social media is changing the compliance landscape, and very rapidly! When a case has media coverage, you don’t have three weeks to prepare a press release. You have five minutes, if that. People are asking for opinions minutes after new laws are released. It’s going to affect our data, information, governance, and privacy.
Resources
Virginia MacSuibhne
APRIL 3, 2019 BY TOM FOX
nbsp;
In today’s edition of Daily Compliance News:
- Trial of ex-Malaysian PM Najib Razak to begin. (The Guardian)
- Shocked, just shocked to find out drug company pushed opioids. (NPR)
- Former Colombia official convicted of bribing government officials on behalf of Odebrecht. (Colombia Reports)
- UK’s Financial Reporting Council will examine KPMG. (Wall Street Journal)
Where does creativity fit into compliance? In more places than you think. Problem-solving, accountability, communication, and connection – they all take creativity. Join Tom Fox and Ronnie Feldman on Creativity and Compliance, part of the Compliance Podcast Network to explore these issues. In today’s episode A Video Isn’t a Video – we discuss some of the creative approaches to Ethics & Compliance training and communication videos. We break down some of the different types of videos and the benefits of each creative technique.
Scenario-Based Videos, Narrative (Live Action)
These are the most common and are great for showing real life situations. They can show a slice of life. However, it may be hard to represent your whole company, i.e. hard to show diversity of different environments, different people. Also, they can require context – you may well need to add the lesson. They are the most expensive and the hardest to pull off well and the hardest to successfully enact.
Animation – Scenario-based
The tend to be less real and unfortunately can be cheesy. However, they can be better for diversity and environment. They are usually the same per video, but you can do them one at a time.
Character Monologues (falls in the “real” category
They are a great way to show real people. They are also great for showing different types of personalities or different job functions. There is more telling than showing. Finally, they are less expensive and easier to produce.
Talking Head Videos
These are great for making a personal connection and for highlighting real people. They are best if you add some creativity usually by having an engaging host/personality. Make it a dialogue such as an interview or talk show. You have to work as this format can be boring.
Involve Your Employee Videos
This format is the best for going viral and for showing “who we are”. At times scenes can be hard to do well and there is the risk of employee embarrassment. The best results tend to be seen when you give employees something simple to do and let them be themselves. Once again it is best if you add some an engaging host/personality to lead interviews. Finally, this format can be an efficient way to generate a lot of content.
Storytelling Videos
This can be a great way to share interesting, real stories. It tends to be more telling than showing. It can easily involve real people or actors and can cover more nuance to share lots of context.
The bottom line is that a video isn’t a video. There are different creative devices that are better for different things. Typical Ethics & Compliance training doesn’t work, because it’s preachy and boring. Education = training and communication and serve two different purposes.
Ronnie Feldman
Ronnie Feldman (LinkedIn)
Learnings & Entertainments (LinkedIn)
Ronnie Feldman (Twitter)
Learnings & Entertainments (Website)
60-Second Communication & Awareness Shorts – A variety of short, customizable, quick-hitter “commercials” including songs & jingles, video shorts, newsletter graphics & Gifs, and more. Promote integrity, compliance, the Code, the helpline and the E&C team as helpful advisors and coaches.
Workplace Tonight Show! Micro-learning – a library of 1-10-minute trainings and communications wrapped in the style of a late-night variety show, that explains corporate risk topics and why employees should care.
Custom Live & Digital Programing – We’ll develop programming that fits your culture and balances the seriousness of the subject matter with a more engaging delivery.