- Case study
Raising the bar for regulatory compliance
Minimizing third-party risk in record time for a major brewing company
A multibillion dollar global brewer with hundreds of brands across the world
Using our expertise in third-party due diligence, we built a robust compliance-driven risk-management program
To reduce regulatory risk by centralizing supplier data so that the company could track and report on third-party risk assessments and deliver 95% supplier compliance
Near-real-time reporting on supplier compliance to track a multi-step process, and deliver its compliance goal within just six months
Organizations rely on third parties for business-critical services to improve quality, enhance efficiency, and cut costs. But there's a flip side – with heightened regulatory demands, they also face risks to their reputations, revenues, and operations. And that's just what this global brewer wanted to avoid. The company needed to address challenges managing third-party risk and compliance to boost stakeholder confidence and stay competitive.
Challenge
Having built an integrated sourcing and compliance team that evaluates social, ethical, regulatory requirements and environmental factors when selecting suppliers, the global brewer doubled down on reducing third-party risk.
The company's leadership committed to its investors and stakeholders that 95% of its in-scope suppliers would complete its third-party-risk procedures by the end of the year. At the time, only 71% of the suppliers could be accurately considered compliant with the multi-step TPRM process.
The company faced a number of key challenges: As it used multiple ERP systems to manage spend across business units, it could not uniquely identify the compliance status of individual suppliers. And with no single source of supplier data for centralized tracking, reporting errors cropped up.
This distributed global compliance team also had limited ability to cover assessments for all 50,000 suppliers worldwide. Because the team used spreadsheets to assess compliance, data discrepancies led to inconsistent methods, calculation errors, and slow manual processing.
It took three weeks every quarter to consolidate supplier data, track it across the compliance process, and publish status reports. In addition to low compliance rates, business units had little awareness of compliance objectives and requirements. Increasing compliance from 71% to 95% would require coordination and cooperation across multiple work streams, plus a digital framework for managing TPRM processes.
Solution
The brewer engaged Genpact to help achieve its goals and run workshops to identify the company's challenges. We immediately launched several initiatives to streamline and fast-track the risk-management process such as:
Data cleansing and migration of 50,000 supplier records spread across six different systems to a single platform
Implementation of Genpact's digital third-party-due-diligence (TPDD) solution
Seamless program management of third-party due diligence
Impact
The project achieved the company's objective of 95% compliance with the supplier assessment process by year-end, which included a 34% increase over six months. Along with improving business efficiency through automation and accelerating timelines, our solution now delivers near real-time compliance monitoring for more than 50,000 suppliers and produces quarterly compliance-tracking reports backed by a more consistent risk-scoring method.
Off the back of our work on supplier compliance, the company asked us to redesign its TPRM processes to address its regulatory and operational requirements, such as screening suppliers for anti-bribery and anti-corruption checks.
Genpact now manages suppliers' signing up to the brewer's code-of-conduct requirements and runs supplier-risk analysis, screening, questionnaire-based assessments, and financial risk assessments across countries.
Also, Genpact is implementing an enhanced version of its Third-Party Risk Manager digital solution, which can integrate with a company's procurement technology, automate the entire process for third-party-risk assessments, track suppliers, and deliver real-time reports.
The brewer's partnership with Genpact has allowed it to dramatically reduce third-party risk and take compliant procurement practices into its future.