A growing trend among cyberattacks is targeting vendors to gain entry into larger corporations. The number of attacks is dire…and growing. Supply chain attacks increased more than 600 percent last year. By 2025, it’s estimated that 45 percent of organizations worldwide will have experienced attacks on their software supply chain, according to a Gartner report.
The explosion of outsourcing has created complex supply chains that often blur the line between employees and third parties. This tangled matrix of business relationships is further complicated by recent supply chain volatilities due to ongoing conflicts, extreme weather events, and the coronavirus pandemic.
Third-party management used to be mainly a logistics exercise. Now, new and expanded ESG regulations are driving organizations to develop more effective strategies to manage risk across vendors and supply chains to counter bribery and corruption and to measure the impact they have on people and the planet.
The recent increase in anti-human trafficking legislation around the world makes monitoring third-party compliance an urgent priority. The German Supply Chain Act, for example, includes a range of due diligence obligations aimed at reducing human rights risks in global supply chains. The proposed EU Supply Chain Law goes further and would require third-party compliance with applicable human rights standards and environmental protection to promote a fairer and more sustainable global economy, as well as responsible corporate governance.
Have you thought about how many areas in your organization are currently receiving third-party compliance training? In a recent webinar, SAI360 compliance experts Jon Bricker, VP of Sales, AMER Learning, and Julie Murphy, Sales Director, EMEA Learning, discussed reasons why third-party training should be a critical component of your 2023 training program.
The challenges are fewer with mobile and online compliance training
The increased scrutiny on third parties shines a spotlight on an area of training that generally needs more effort. Whether it’s in procurement, sales and marketing, finance, or HR, most organizations find it challenging to manage third-party training.
There is positive momentum. Some of the historic challenges involved in third-party training no longer carry much weight. Take, for instance, the challenge of delivering of it. Thanks to technology we now have easier, more effective ways to reach people that extend across geographic borders, thanks to increased smartphone usage and internet access:
- There are currently 4.9 billion active internet users worldwide (~66 percent of the world’s population)
- By 2024, the number of smartphones will hit 7.1 billion
- 87 percent of companies now expect their teams to use their personal devices
While technology makes third-party training easier, it’s important to recognize the challenges that remain:
- Delivering consistent messaging
- Harnessing existing tools and technology
- Tracking training completion rates and attestation
- Providing speak-up services and communicating them clearly
- Setting expectations with clear policies and supplier codes
- Reviewing and monitoring policy and training programs to ensure they meet changes in your business and supply chain
The benefits from training third parties
Beyond compliance requirements, and despite the challenges, driving third-party training through the entire organization can have a broad, positive impact:
- Provides an opportunity to expand training programs to include more topic areas like anti-bribery and human trafficking
- Sends a message that third-party training is as important as your core training program
- Ensures consistent messaging internally and externally so everyone’s on the same page
- Is a natural carryover from your existing ethics and compliance program—you don’t have to start from scratch
Tips for moving forward
Remember that third-party compliance training is no longer only about the harm suppliers could potentially inflict on an organization, it’s also about their impact on people and the environment. Here are a few tips to guide you as you move ahead with your training plans:
- Focus on training that prevents problems from arising in the first place
- Develop a Code of Conduct for third-party suppliers that includes clear compliance requirements
- Harness technology and training from your core E&C programs
- Regularly review and assess supply chain risks
To ensure compliance of your third-party suppliers and vendors, we offer a comprehensive suite of third-party training solutions, in addition to an Extended Enterprise solution that provides a simple solution for onboarding, tracking, and reporting on your suppliers and vendor training compliance.
To learn more, register here to view the complete Key Drivers for Your E&C Training in 2023 webinar.