Raising the bar for regulatory compliance

Organizations rely on third parties for business-critical services to improve quality, enhance efficiency, and cut costs. But there's a flip side – with heightened regulatory demands, they also face risks to their reputations, revenues, and operations. And that's just what this global brewer wanted to avoid. The company needed to address challenges managing third-party risk and compliance to boost stakeholder confidence and stay competitive.

Challenge

A bold compliance promise on a tight year-end timeline

Having built an integrated sourcing and compliance team that evaluates social, ethical, regulatory requirements and environmental factors when selecting suppliers, the global brewer doubled down on reducing third-party risk.

The company's leadership committed to its investors and stakeholders that 95% of its in-scope suppliers would complete its third-party-risk procedures by the end of the year. At the time, only 71% of the suppliers could be accurately considered compliant with the multi-step TPRM process.

The company faced a number of key challenges: As it used multiple ERP systems to manage spend across business units, it could not uniquely identify the compliance status of individual suppliers. And with no single source of supplier data for centralized tracking, reporting errors cropped up.

This distributed global compliance team also had limited ability to cover assessments for all 50,000 suppliers worldwide. Because the team used spreadsheets to assess compliance, data discrepancies led to inconsistent methods, calculation errors, and slow manual processing.

It took three weeks every quarter to consolidate supplier data, track it across the compliance process, and publish status reports. In addition to low compliance rates, business units had little awareness of compliance objectives and requirements. Increasing compliance from 71% to 95% would require coordination and cooperation across multiple work streams, plus a digital framework for managing TPRM processes.

Solution

Accelerating compliance with data expertise, digital technology, and program management

The brewer engaged Genpact to help achieve its goals and run workshops to identify the company's challenges. We immediately launched several initiatives to streamline and fast-track the risk-management process such as:

Data cleansing and migration of 50,000 supplier records spread across six different systems to a single platform

• Eliminated duplicates and errors in supplier identities, and corrected the links with all relevant legal entities across systems for each supplier
• Consolidated and labeled cleansed data before migrating it to a centralized system
• Identified which suppliers required reporting and tracking to close open tasks

Implementation of Genpact's digital third-party-due-diligence (TPDD) solution

• Determined the compliance status for each supplier and calculated the overall compliance rate for in-scope suppliers
• Enabled tracking and near-real-time compliance monitoring for over 50,000 suppliers
• Created consistent, accurate compliance reporting from a single source of data

Seamless program management of third-party due diligence

• Coordinated with suppliers throughout the company's 74 operating entities around the world to have them comply with each step of the multi-step TPRM process
• Communicated compliance requirements and objectives to business unit leaders
• Tracked and reported changes in compliance status and brought challenges to senior leadership

Impact

Delivering higher compliance standards with scalable, sustainable third-party risk management

The project achieved the company's objective of 95% compliance with the supplier assessment process by year-end, which included a 34% increase over six months. Along with improving business efficiency through automation and accelerating timelines, our solution now delivers near real-time compliance monitoring for more than 50,000 suppliers and produces quarterly compliance-tracking reports backed by a more consistent risk-scoring method.

Looking ahead

Off the back of our work on supplier compliance, the company asked us to redesign its TPRM processes to address its regulatory and operational requirements, such as screening suppliers for anti-bribery and anti-corruption checks.

Genpact now manages suppliers' signing up to the brewer's code-of-conduct requirements and runs supplier-risk analysis, screening, questionnaire-based assessments, and financial risk assessments across countries.

Also, Genpact is implementing an enhanced version of its Third-Party Risk Manager digital solution, which can integrate with a company's procurement technology, automate the entire process for third-party-risk assessments, track suppliers, and deliver real-time reports.

The brewer's partnership with Genpact has allowed it to dramatically reduce third-party risk and take compliant procurement practices into its future.