Our IntegrityRisk team has been around the risk management industry for decades, and we’ve seen tremendous change in the types of business risk companies must contend with. Digital technology has disrupted the way organizations operate, introducing immense cyber risk and an imperative to manage tremendous information security challenges. Environmental, social, and governance (ESG) concerns are moving to front of mind for investors and consumers as warnings about climate risk and human rights abuses come to light. Geopolitical upheaval is a constant, affecting supply chains, employee safety, and the potential for global expansion. Finally, regulatory reform places an enormous due diligence responsibility on the shoulders of risk and compliance professionals charged with safeguarding a company’s reputation and bottom line.
Despite devoting time and resources to these challenges, organizations still struggle to respond quickly. Nearly three quarters of risk executives say complex, interconnected risks are emerging faster than ever, and regulators around the world are signaling that further legislative developments are in store.
The approach to risk management needs to reflect the global, interconnected, and always-on world we live in. The times demand a proactive, responsive approach to risk management, an approach that goes beyond checking boxes and standardized solutions to instead identify and manage risks as they appear on the ground.
Breaking the Risk Management Status Quo
The traditionally rigid and siloed risk and compliance industry finds itself in times that demand greater agility and collaboration with related risk disciplines. Meanwhile, many providers of risk management services provide one-size-fits all solutions that aren’t tailored to a specific industry and that are not backed up by ongoing information gathering and due diligence.
Organizations can’t afford to be left in the dark and must be agile in their approach to operational, reputational, or regulatory risks. Therefore, a responsive risk management framework is essential, and we advocate three core aspects to this approach.
Combining technology and human expertise
There is no substitute for human analysis and expertise. Our analysts are trained to think through and analyze each report on its own merits and findings, not to simply follow a checklist without regard for context. Technology helps distill and aggregate data, but it still needs a human eye to ensure quality and reflect jurisdiction-specific risk insights.
Mike Short, IntegrityRisk Senior Executive Advisor, explained: “One of the biggest groans that I hear in the market is that ‘I met with so-and-so’ on the day we signed the contract and then never saw or heard from him or her again.” The reality is that organizations regularly need timely, in-the-moment analysis to stay ahead of risk. At IntegrityRisk, senior executives actively work side-by-side with clients and can be reached any time if clients have questions or requests.
We believe the most important thing is getting it right for our clients. We don’t take shortcuts, and remain flexible when it comes to shifting requirements. As we prepare our research process, we customize the scope, our approach, how we report findings, and the organization of our reports to meet client needs.
The Risk Management Landscape
As a risk manager, keeping on top of current compliance trends is vital. We look at how responsive risk management can help you meet challenges head on.
1. The Continued Rise of the Global Regulator
2020 started with a record-breaking fine paid by Airbus to the tune of $4 billion to settle a long-standing corruption inquiry. This follows years of high levels of enforcement actions for Foreign Corrupt Practices Act (FCPA) failings and aligns with the continuing trend of cross-border regulatory cooperation.
In April 2019 the Department of Justice (DOJ) released updates to its Evaluation of Corporate Compliance Programs, spelling out three fundamental considerations it considers when undertaking investigations. In addition, it updated the FCPA Corporate Enforcement Policy, providing greater clarity on successor liability. By encouraging firms to garner greater insight into its assessments and voluntarily disclose in exchange for more lenient enforcement, regulators are signalling that they will come down hard on firms that are failing to meet their expectations.
How can responsive risk management help? Being able to identify, understand and act on red flags quickly is critical for firms who want to stay on the right side of the regulator. Escalating issues as soon as they have been identified allows a business to act quickly.
2. A Growing Focus on Sanctions Compliance
Sanctions have been changing at breakneck speed as they are used by governments to manage major political upheaval in countries such as Turkey and Iran. For risk management teams, this is a complex problem that, if not managed successfully, can have costly repercussions. The US Treasury’s Office of Foreign Assets Control (OFAC) issued its first framework for sanctions compliance commitments in April 2019, and this was widely welcomed by compliance teams. Achieving strong sanctions compliance must be on the radar for businesses who want to avoid regulatory scrutiny.
How can responsive risk management help? A nimble vendor will be monitoring the global sanctions landscape and provide clients with ongoing updates as the situation changes. Having access to perpetual screening throughout the business lifecycle means there are no hidden surprises.
3. Getting to the Bottom of Ultimate Beneficial Ownership (UBO)
Beneficial ownership is one of the most pressing concerns for governments across the globe trying to tackle money laundering and financial crime. The US Treasury has identified it as a major vulnerability in the US financial system. It is hoped that the Senate’s ILLICIT CASH Act will help address this problem by requiring shell companies to disclose beneficial ownership immediately. In Europe, the 4th and 5th Anti-Money Laundering Directives have an increased focus on UBO with the establishment of public registers and enhanced AML due diligence checks. Wherever you are operating in the world today, getting to the bottom of UBO looms large on the horizon.
How can responsive risk management help? Having local, on-the-ground expertise is vital when it comes to unravelling complex international beneficial ownership structures. Agile firms will know how to access local source information even in the most complex situations.
4. The Third-Party Battle Isn’t Over
The threat of bribery and corruption still poses significant threats to today’s businesses despite years of targeted action. One of the weakest links in the chain continues to be third-party risk as businesses outsource to amplify strategic growth. While third parties provide an excellent opportunity to access new markets and bring in new skills, a lack of knowledge about a third party can expose a chink in an organization’s armor.
How can responsive risk management help? It is important to be able to monitor your third parties throughout the relationship, not just at the start. Spotting red flags quickly and efficiently will allow businesses to apply remedial action as required.
5. The Downside of Global Data Growth
Businesses rely on good quality data to make decisions, so it is great news that the volume of data available has grown exponentially in the past few years. Unfortunately there is a downside. The quality and accuracy of global data isn’t always consistent, adding an additional layer of complexity to the risk landscape. Getting the right information to make a decision can feel like looking for a needle in a haystack as the number of false positives goes through the roof. Gaps remain in data availability globally with many emerging markets still lacking in accessible and quality data sources.
How can responsive risk management help? Experienced analysts know that risk management is not just a check-the-box exercise. Context in research is vital to manage false positives and get to the right information quickly.
Furthering Your Business by Solving Key Types of Business Risk
At IntegrityRisk, our senior executives have decades of success in helping businesses get ahead of risk. We know what it is like to be in your shoes, and that is why we are working daily to elevate the way risk management services are provided. We listen to our clients’ needs and always take an approach that is personal and human. Here are a few of the ways we are supporting organizations like yours.
- Full-Spectrum Due Diligence: We help our clients find difficult-to-acquire information in markets where there are information gaps to support IPOs and acquisition transactions. Our flexible approach to due diligence means you can make smarter decisions, quicker.
- Executive Background Checks: Making a C-Suite level hire is a critical decision. Our comprehensive executive due diligence creates an exhaustive view of a subject’s background allowing you to make informed decisions to safeguard your brand and reputation.
- Third-Party Due Diligence: We’ve simplified third-party compliance to provide our clients with greater visibility, transparency, and assurance that global regulatory requirements are met for all of their partners, all of the time.
- Beneficial Ownership Compliance: We developed IntegrityRisk OwnerCheck to meet a growing requirement for the closer scrutiny of real estate transactions that conceal beneficial ownership. From private wealth matters to vendor diligence, our research allows you to answer the questions that regulators are asking.
- Wealth Intelligence: The combination of our smart technology, global network, and the skills of our experienced researchers provides crucial insight into high net worth (HNW) and ultra-high net worth (UHNW) subjects. Our actionable insight creates an exhaustive view of a subject’s source of wealth, from a basic check that verifies ID information and checks global sanctions all the way to a complete review of public records and local source enquiries.
Whatever your situation, we can help you make smarter decisions, quicker. To learn more about our responsive approach to risk management, contact our team.