Companies' Due Diligence on Third Parties Lacking, According to NAVEX Global Ethics & Compliance Third Party Risk Management Benchmark Report

Survey of more than 300 ethics & compliance professionals finds that despite concerns about compliance risks such as bribery and corruption, nearly a third of respondents don't vet outside vendors prior to engaging with them

Feb 10, 2016, 06:00 ET from NAVEX Global

PORTLAND, Ore., Feb. 10, 2016 /PRNewswire/ -- Ethics and compliance software and services leader NAVEX Global® today announced findings from its first-ever survey of professionals involved in third party management. The report revealed that 32 percent of respondents don't evaluate third parties before engaging with them.

This occurs despite some high-profile compliance failures in recent years stemming from third parties and serious concerns from survey respondents about third parties. Respondents' top three concerns about third parties included bribery and corruption (39 percent are concerned), fraud (23 percent are concerned) and conflicts of interest (19 percent are concerned).

"Though many organizations know which third party failures they should fear, they have not built sufficient programs and processes to identify and manage those risks," said Randy Stephens, J.D., Vice President, Advisory Services, NAVEX Global, who wrote the report.

Respondents are increasingly aware of third party risks but don't know specifics.

"That may indicate a disconnect between performance of individual programs and accountability for the pain of a third party failure," Stephens said. "Whoever is managing third parties and third party risk should understand the economic risk and impact of third party compliance on the company.

"There are signs that organizations—often at the behest of their boards—are ramping up third party due diligence and risk management programs. However, many are struggling to create scalable, solid, defensible third party risk management programs."

Stephens said that it's somewhat encouraging that about two-thirds of companies are vetting third parties prior to working with them. But he added that in many cases, the initial evaluation is not robust enough. "Strong third party risk practices need to be supported by a culture of compliance, which is best established by the right tone from top and middle managers," he said.

Further, deciding to go without a consistent, continuous, documented third party due diligence process  often comes back to haunt organizations. "Regulators, the press, and the public do not often distinguish between the engaging organization and third parties when unethical behaviors or compliance failures are revealed. Organizations cannot afford to take such significant risks with their reputations and bottom line."

The survey also found that organizations that worked with outside experts and automate the process to conduct ongoing third party due diligence were more satisfied with the effectiveness of their third party risk management programs than those who did not. Seventy-eight percent of respondents who used outside experts said they were satisfied with how they've met legal and regulatory demands, compared with 65 percent satisfaction with those who didn't automate and work with outside experts.

"Our research shows that investing in the expertise of automated third party screening and monitoring service providers has proven rewarding—particularly as companies trend toward using more third party providers and the risk environment becomes increasingly more complex," Stephens said. "Third party systems give organizations the flexibility and scalability they need to feel confident their program is protecting their organization."

To download NAVEX Global's 2016 Ethics & Compliance Third Party Risk Management Benchmark Report, please visit our website, or click here:

About NAVEX Global's Benchmark Reports 
NAVEX Global's trusted hotlinetrainingpolicy management and third party due diligence benchmark reports help ethics and compliance professionals measure their programs against peers and industry standards to make better decisions and increase ethics and compliance program effectiveness.

About NAVEX Global 
NAVEX Global's comprehensive suite of ethics and compliance software, content and services helps organizations protect their people, reputation and bottom line. Trusted by 95 of the FORTUNE 100 and more than 12,500 clients, our solutions are informed by the largest ethics and compliance community in the world. For more information, visit

Learn more about NAVEX Global ( online: Ethics & Compliance Matters™ Blog (, @NAVEXGlobal (, LinkedIn (, Facebook ( and SlideShare (