By Adam Turteltaub
Third-party risk is the risk that keeps expanding. Data security and anticorruption risk have long been the focus. Now, though, the risks are broadening to include issues such as where materials are sourced and the labor that produces it.
Shu Min Ho, Partner in the Singapore office of the law firm Sidley and Sam Johnson, Senior Managing Associate there explain in this podcast that with the rapid adoption of ESG programs, the scope of risks is dramatically increasing, especially considering how much ESG encompasses.
To be effective, compliance teams need to focus their ESG third party risk efforts on those areas of the supply chain that are most likely to harm the business beyond the traditional legal framework. That means understanding your business and where the risks are. For example, in the technology hardware business that likely includes labor standards, worker protections and mineral sourcing.
Increasingly it also means looking beyond your suppliers to their major suppliers as well. That effort requires tremendous cooperation from the business unit, procurement and, of course, the suppliers themselves.
When looking at suppliers, take time to understand their business model to determine how they make money. Then watch out for signs that something may not be right. For example, if a product is suspiciously inexpensive, it may be the result of workers forced to labor long hours or outsourcing to companies with limited or no safeguards in place.
Be aware, too, that expectations are different. An environmental review in the past may have looked at how toxic waste is handled. Now, sustainability is likely much more of a consideration.
Finally, be especially sensitive to human trafficking and modern slavery. They are ESG issues increasingly subject to regulatory expectations. In fact, a separate due diligence effort may be necessary in this area.
Listen in to learn more about how ESG is calling for a second look at third party due diligence.