Categories
Corruption, Crime and Compliance

Episode 235 – Third-Party Risk Management


The global economy has suffered two significant shocks — first, the pandemic sent shockwaves through every organization, and second, the war in Ukraine. Both of these events exposed the importance of risk management, especially with regard to supply chain and distribution operations. Hence, the renewed focus on third-party risk management and the repetitive description of “holistic” third-party risk management. Reality forces change, and we are now experiencing significant adjustments to overall risk management procedures. At the top of every list has to be third-party risk management beyond legal and compliance risks — we have new disruptive risks that have to be identified, quantified, or ranked and then addressed.
Michael Volkov outlines the new reality and opportunities stemming from holistic third-party risk management in this episode.

Categories
Innovation in Compliance

Exiger’s Fight to Secure Supply Chains: Spotlight on Energy


Welcome to a podcast series on the fight to secure Supply Chains through cross-industry innovation. Exiger sponsors this series. In this series, we will explore the ongoing efforts of Exiger to lead the discussion and enhancement of Supply Chain Risk Management.
Over this series, I visit with Erika Peters, Senior Vice President and Global Head of Third Party & Supply Chain Risk Management;  Tim Stone, Senior Director, Supply Chain Risk Management for Exiger Federal Solutions; Kim Lee, Director who focuses on risk and compliance; Nick Wildgoose, a Consultant at Exiger; Skyler Chi, Director and Deputy Head of Supply Chain and Third-Party Risk Management;  Andrew Lehmann, Associate Director at Exiger; Jennifer Nestor, Vice President at Exiger, Americas and Public Sector; Theresa Campobasso, Senior Director for Defense Programs at Exiger; Dan Banes President of Commercial Technology, and Mark Henderson, Director of Solution Design Lead.
In this concluding episode 5, we discuss Supply Chain issues with Dan Banes and Mark Henderson in the energy sector. Highlights of this podcast include:

  • Key drivers for change within the energy industry around Third-Party and Supply Chain risk management
  • The impact of Russian sanctions on the energy industry; and
  • How ESG regulatory risk management has evolved within the energy industry.

Resources
Dan Banes Profile
Mark Henderson Profile
Exiger Website
Exiger’s Supply Chain Explorer

Categories
Presidential Leadership Lessons for the Business Executive

Presidential Leadership Lessons from Theodore Roosevelt, Part 3-Ascension to Presidency


Richard Lummis and Tom Fox continue their series on leadership lessons from Theodore Roosevelt. We looked at lessons from Roosevelt’s early years in New York up to his cowboying days in Montana; the second phase of his public career, from NYC Police Commission to Assistant Secretary of the Navy, San Juan Hill, and the Vice Presidency; his leadership from his Presidency; his life in the post-Presidency and the election of 1912 and we will end with leadership lessons from his post-Bull Moose Party life, World War I and event surrounding his death. In this third episode, we consider the leadership lessons learned by Roosevelt in his ascension to the Presidency and his first and second terms as 26th President.
Highlights of this podcast include:
Roosevelt’s ascension to the Presidency after the assassination of President McKinley; his domestic policies included: trust-busting, issues with railroads, starting the American conservation movement, and regulation of food and drugs. We then turn to foreign policy and his arbitration of the Russo-Japanese War, which won him the Nobel Prize, the Roosevelt Corollary to Monroe Doctrine, and the construction of the Panama Canal. We look at the clection of 1904 and his second term. We conclude with three key leadership lessons: 1. Surround yourself with other leaders; 2. Maintain an Open Channel with Adversaries; and 3. Be able to take criticism.
Resources
Doris Kearns Goodwin’s 10 Leadership Lessons from the White House
6 Leadership Hacks From The Rise of Theodore Roosevelt
10 top Leadership Principles of Teddy Roosevelt
The Roosevelts: Eight presidential lessons in Leadership
Lessons in Leadership from 100 years ago
Theodore Roosevelt on Leadership
10 Theodore Roosevelt Leadership Lessons

Categories
Daily Compliance News

May 27, 2022 the Don’t Be Evil-Part II Edition

In today’s edition of Daily Compliance News:

  • EY looks at splitting its services into 2 companies. (WSJ)
  • Ex-world leaders call for an investigation into Putin’s corruption. (WaPo)
  • Pigs really don’t fly. (NYT)
  • The UK launches a second probe into Google. (Reuters)
Categories
Blog

Exiger’s Fight to Secure Supply Chains: Spotlight on Energy

Welcome to a blog post series on Exiger’s fight to secure supply chains, sponsored by Exiger LLC. In this series, we have explored the ongoing efforts of Exiger to lead the discussion and enhancement of Supply Chain Risk Management. In our concluding episode 5, I visit with Dan Banes, President of Commercial Technology, and Mark Henderson, Director of Solution Design Lead, and discuss supply chain issues in the energy sector.
Energy is one of the high-profile natures of the energy business, with long-standing business relationships, literally around the globe. Due to this high-profile nature, anytime there is a cyber-breach, it garners much attention. To see this play out, one only has to look at the Colonial Pipeline hack. This profile means that the whole world is watching the energy and the energy ecosystem.
We discussed some of the key drivers for change within the energy industry around third-party and supply chain risk management. Banes believes there are a couple of key trends in energy around supply chain risk management. The first is transparency (or perhaps lack of transparency) and the fact that many energy companies only have visibility into the first layer of their supply chain. This could be in the company they purchase their hardware from or the software products they install. He believes energy companies need to go down into those next layers to understand the additional suppliers that feed into those pieces of hardware or software.
The second area we reviewed is the monitoring of cybersecurity risk. Henderson said typically, and the approach has focused on “things like questionnaires and attestations that companies sign that say that they have a robust cybersecurity program.” He said, “now data is available for companies to do their homework themselves. This allows companies to understand the different companies within their supply chain and have transparency of the third parties you deal with directly and those suppliers down the chain. It allows a company to be alerted to a vulnerability and then quickly mitigate before a cyber security breach or attack happens.”
He believes companies will have to continue to push down responsibilities to that wider supply chain ecosystem. Companies are starting with their highly critical supply chain partnerships and ecosystem vendors. This has led to a “quite a collective dialogue, which is beneficial for the industry. If you go back to the point, we made earlier, one successfully compromised entity can have a ripple effect across the supply chain. It is better equipped for a successful defense if the industry can move their standards and best practices forward together.”
We then turned specifically to Russia sanctions. Here Henderson returned to transparency; companies need to understand the networks of parties they are dealing with. But it is more than simply understanding the company; and it also understands the owners of that company, the ultimate beneficiary, the key management personnel, so you can make sure that none of the individuals associated with the company are sanctioned individuals or on a Specially Designated National (SDN) list. This level of transparency and screening should be maintained on an ongoing basis to ensure that you stay up to date with all new sanctions. This is a fast-paced environment and ensuring that you have controls in place and the transparency in the companies you deal with is very important. The second component is ensuring you have proper supply channels. Russia and Russian companies are large exporters of energy products. This will impact the supply chain for several energy companies and has already caused supply shortages in many cases.
We concluded by looking at Environmental, Social, and Governance (ESG) and how ESG regulatory risk management has evolved within the energy industry. While most compliance and supply chain professionals understand that the ‘E’ has traditionally been the most letter within the ESG acronym, the ‘S’ within ESG, the social issues, is rapidly becoming as important a focus area as the ‘E’ has traditionally been. Banes noted a “huge commercial incentive for companies to move forward in this space; appropriately and effectively.” It could be based on legislation, such as the UK Modern Slavery Act or its German equivalent, but it could also be pressure from key stakeholders such as customers or employees. He noted this “will require companies to identify, assess, prevent, and remedy human rights, risks, and impacts across their supply chains.”
The recently proposed Securities and Exchange Commission (SEC) rules on reporting material climate change risk point to many concepts we touched on herein. Henderson noted that initially, these proposed rules were “meaningful accountability.” But Scope 3 adds “the transparency component as you are also moving down the supply chain and leading to perhaps commercial opportunities that were not present before because of collaboration.” Banes noted, “it does come with an opportunity to have a more meaningful relationship across your supply chain and find those efficiencies even that we were discussing across the control environment but finding those efficiencies when it comes to environmental risk and emissions. To obtain the data required for Scope 3 requires that partnership and the industry come together to find those efficiencies within the supply chain.”
Resources
Dan Banes Profile
Mark Henderson Profile
Exiger Website
Exiger’s Supply Chain Explorer