Sections

Data-Driven Vigilance Shines A Light On The Shadows Of The Supply Chain

Kevin McCollom and Howard Presland

A growing sense of global responsibility is prompting consumers to make supply chains more ethical – one purchase at a time. There’s at least one organic food aisle in most grocery stores. Coffeehouse baristas are brewing fair-trade coffee. Food distributors and apparel retailers are offering products that are socially conscious and sustainable. Even natural resources providers are showing their commitment to the delivery of conflict-free supplies and removal of any hint of a connection with bribery and corruption.

Despite this wave of consumer activism, I am routinely surprised that many businesses have no idea how their supply chains impact the environment and entire societies. Far too many businesses still accidentally fall victim to the discovery of abuse and neglect somewhere within their supply network, which can lead to regulatory, operational, and reputational damage, not to mention the impact on those affected.

Globalization brings greater risk to the supply chain

As businesses onboard new vendors and providers outsource their operations to third parties, this adds not only complexity and depth to the supply chain, but also greater risk from an ecosystem that is largely unknown to the primary supply-chain owner.

Consider a global firm that leverages a network of local resellers. Most likely, there is little information on sales agents that operate as one-person businesses because they do not have an online presence. With no data available in-house, the company relies on a Web search to carry out compliance checks and stores data on sales agents and suppliers on spreadsheets.

For many businesses, such incomplete due diligence is all too familiar. The lack of management, transparency, and monitoring – from the procurement office to the end consumer and everything in between – is exposing many businesses to increased risk of regulatory noncompliance, reputational damage, adverse financial impacts, and operational inefficiency. According to Thomson Reuters 2016 Global Third Party Risk Survey, on average only 62% of suppliers, distributors, and third-party relationships are stringently reviewed. Also, only 36% of all those surveyed thoroughly monitor their suppliers for ongoing risks, while 61% have no knowledge of the extent to which third parties are outsourcing.

Exercise accurate and timely due diligence with business partner screening

When a company does not communicate with its entire supply chain, there are most likely things that are happening undetected. Some of these activities may be safe and compliant, but others may be dangerous and illegal. Nevertheless, it’s always a bad sign when the company behind the brand name on the label cannot tell what’s happening – or not happening – in its supply chain.

Although there is no “one size fits all” approach to supplier and third-party risk management, here are six opportunities to infuse data and intelligence into your existing procurement and supply chain processes to build awareness and safeguard operations.

  1. Supplier onboarding: Automate onboarding management to increase process efficiency. By connecting your enterprise resource planning (ERP) system with a global database that details supplier performance and compliance records, you can conduct due diligence and business partner screening with greater accuracy and speed.
  1. Risk assessment: Gain data-driven insight into the political, economic, and criminal risks of your suppliers and their country of origin. Support a risk-based approach using these data points, including access to a database that tracks global media coverage, helping ensure that you are aware of the most current negative news on the individual vendor or supplier entity under review.
  1. Third-party screening: Evaluate third parties to reveal connections and potential changes in risk status using a structured, up-to-date, and highly auditable risk intelligence database. This approach identifies and checks potential risks, including sanctions and politically exposed persons, as well as ultimate beneficial ownership – information that is typically hidden in business relationships and extended partner networks.
  1. Investigation of suppliers and third parties flagged for risk: Conduct further due diligence on heightened-risk individuals or entities. This step focuses on not only the supplier’s owners, operations, and litigation history, but also key management and decision makers.
  1. Ongoing monitoring and reporting: Check all saved database entries on a continuous basis for immediate alerts on any changes in risk status. Customizable searches lead to a simplified and accelerated due diligence process that increases the accuracy of name matching and lowers remediation time.
  1. Employee training and education: Raise enterprise-wide awareness of potential threats. A regular stream of education throughout the year to employees and third parties helps build awareness about compliance policies and regulatory updates, while bridging the knowledge gap.

Running ethical operations is the right thing to do, but it is the consumer who is the real force behind this change. Brand reputation alone no longer sells; people want to know what they’re buying no matter the name on the tag.

Luckily, data is on your side. The rise of 24×7 news cycles, government databases, and watchdog organizations has created a perfect environment for accessing risk data and intelligence. With this information, you can improve oversight of suppliers and other third parties to better anticipate and deflect potential regulatory, reputational, and operational risks; embed processes to detect and resolve them; and take action immediately.

Gain more insight on using Data – The Hidden Treasure Inside Your Business.

Comments

Kevin McCollom

About Kevin McCollom

Kevin McCollom is global VP and general manager for SAP GRC Solutions, based in Palo Alto, California.

Howard Presland

About Howard Presland

Howard Presland is the global head of Third Party Risk at Thomson Reuters, where he has worked in Risk Management Solutions since 2013. In his prior role, he oversaw the global market launch of "World-Check One" – one of Thomson Reuters flagship screening solutions. Prior to joining Thomson Reuters, Howard worked in the information industry for over 10 years across various senior product and operation roles for Factiva & Dow Jones in the area of risk & compliance. Howard graduated from the University of Wales with a B.A. in Modern Languages with Computer Science and went on to study Project Management at the George Washington University School of Business.

Spring Will Be Critical For Revenue Recognition Implementation

Olivia Berkman

A Q&A with Deloitte’s Eric Knachel 

Revenue recognition implementation takes a lot longer than people think, and spring will be a critical time. As companies scramble to work on the new standard and focus their time and resources on satisfying the revenue and measurement requirements, many companies are ignoring the disclosure requirements. According to Eric Knachel, senior consultation partner, revenue recognition at Deloitte & Touche LLP, that’s a big mistake. FEI Daily spoke with Knachel about the progress that’s been made and how to catch up if you’ve fallen behind.

FEI Daily: We spoke in October about revenue recognition readiness after the release of Deloitte’s Revenue Recognition Roadmap, and, at that time, you shared that you thought most companies are in an “assessment phase.” What phase do you think they’re in now?

Eric Knachel: I’d say there are still many companies in the assessment phase, although I think that a number of them have moved from assessment to beginning the implementation. The thing about the assessment phase is that it’s pretty broad, you can be in that phase and working at it for a week or months. The reality is, for calendar year-end companies, between October and now, there probably hasn’t been a whole lot of activity on the new revenue standard, just because it’s their year-end close. So there probably hasn’t been an enormous amount of progress made in that time. The spring and summer become critical time periods.

FEI Daily: If many companies still have a lot of work to do and may not intend to consider the standard’s new disclosure requirements until early 2018, is that a risky strategy?

Knachel: It’s definitely a risky strategy. What we’ve seen is that the actual implementation takes longer than people imagine, and so as result you run into situations where there’s more to do than you actually have time for. As that runway gets shorter, you start making it a lot more difficult on yourself and you may run into resource issues, both internally and externally. External resources will become more difficult to find.

FEI Daily: You also shared that you thought more companies would be going to full retrospective route versus the modified retrospective route. Do you still find that to be the case?

Knachel: There’s probably been a bit of decrease in the number of companies that are doing full retrospective compared to where we were before. The business reasons for why someone would do full retrospective are their peers, investor relations, and the level of work and cost. Those business reasons haven’t changed. If companies have procrastinated in terms of implementation and were previously on the fence, they’re seeing the clock ticking and are saying, ‘We’re going to go modified retrospective because, while we didn’t think the difference in effort was enormous, there is a difference in effort, and our runway is shorter, and we’ve got to get this done.’

FEI Daily: Are you hearing different challenges from companies this year versus last year?

Knachel: For some of the companies that have done the assessment and the implementation, they’re moving into the disclosure. We’re seeing that that is proving to be a challenge. Most companies are scrambling to work on the new revenue standard and focusing the bulk of their time and resources on satisfying the revenue and measurement requirements, those are the high-profile elements. But in that process, many companies are largely ignoring the disclosure requirements. They may view it as a minor detail that can be dealt with once the standard goes into effect. I think that’s a mistake. Waiting for that until the end is proving to be problematic for companies.

FEI Daily: What is your recommendation to companies that have fallen behind when it comes to implementation at this point?

Knachel: There’s no time to lose. Not to suggest that crash diets work, but if you wanted to lose 20 lbs. in the span of six months, and you’ve gotten to month five and you hadn’t done anything, you could arguably get onto a crash diet and lose your 20 lbs. in a month.

Here, there’s really not a crash diet available to you. The work is still there, and if you didn’t do anything in six months, you’ll have to work a lot harder and be a lot more focused and intense. It probably gets back to resources.

For more on managing financial regulation, see Prioritizing The CFO’s To-Do List For 2017.

This article originally appeared in FEI Daily and is republished by permission.

Comments

Olivia Berkman

About Olivia Berkman

Olivia Berkman is the managing editor of FEI Daily, Financial Executives International’s daily newsletter delivering financial, business, and management news, trends, and strategies.

Why Your Lizard Brain Wants You To Keep Using Excel Forever

Susan Parcells

As human beings, we’re hardwired to resist change. For hundreds of thousands of years, a change in routine usually led to danger, like running into a toothy predator or being ostracized from the tribe.

To keep us alive, the oldest part of our brain—the “lizard brain”—ensures that once we find a “safe” activity, we repeat it. Billions of neurons work hard to create circuits that serve to reinforce our habits, good and bad. And the more often we do an activity the same way, the less likely we are to try something new, even if it’s an obvious improvement over the old.

This explains why, as accountants, we still rely on hundreds of spreadsheets to manage the financial close. Spreadsheets are no longer the best tool for ensuring a fast or accurate close, but repeated use has wired our brains to prefer using them.

Excel is the bad habit we can’t break. Even if the close still takes us an agonizing 10+ days, even if we shudder every time we remember that we have to manually aggregate hundreds of files at the end of the quarter, our lizard brain still loves Excel—because it’s safe.

What the lizard part of our brain doesn’t yet realize is that change is no longer enemy number one. Instead, the ability to manage change is how we survive—and thrive—in the modern world. In business, just keeping up, let alone staying competitive, now requires being flexible, creating new ideas, adopting and adapting to new technology.

For accountants, it’s no different. We know Excel, we understand it, and we’re really good at using it. But it’s holding us back in a multitude of ways: from improving efficiency, from increasing accuracy, and from contributing our best talents to the success of our company.

All those hours and days we spend manually entering data, double-checking that data, and emailing, saving, and filing spreadsheets is simply lost time. We’re so busy doing rote work that we can’t do our real work: providing crucial insight, strategy, and analysis.

To that end, changing the way we close every month requires changing our habits. The first step? Start slowly and simply be open to Excel alternatives. Then begin to research how one of these alternatives might help you improve the accuracy, visibility, and efficiency of your close.

Here are a few resources to get you started:

This article originally appeared in BlackLine Magazine and is republished by permission.

Comments

Susan Parcells

About Susan Parcells

Susan Parcells, CPA, CGMA, is senior director of Finance Transformation and Product Expert for BlackLine. Throughout her career as both an auditor and various management positions within accounting, Susan recognized that the traditionally manual processes within the financial close were not only inefficient, but often exposed companies to risk. She began to focus on process improvement around the close, helping accounting teams reduce their workload and instead use their analytical skills to focus on other value-added activities, all while enhancing controls around those processes. She now spends her time attending conferences, trade shows, and other venues to educate companies on ways in which they can optimize their financial close processes along with having great control around them. Her greatest passion is helping others, which makes her role at BlackLine a perfect fit.

The Future of Cybersecurity: Trust as Competitive Advantage

Justin Somaini and Dan Wellers

 

The cost of data breaches will reach US$2.1 trillion globally by 2019—nearly four times the cost in 2015.

Cyberattacks could cost up to $90 trillion in net global economic benefits by 2030 if cybersecurity doesn’t keep pace with growing threat levels.

Cyber insurance premiums could increase tenfold to $20 billion annually by 2025.

Cyberattacks are one of the top 10 global risks of highest concern for the next decade.


Companies are collaborating with a wider network of partners, embracing distributed systems, and meeting new demands for 24/7 operations.

But the bad guys are sharing intelligence, harnessing emerging technologies, and working round the clock as well—and companies are giving them plenty of weaknesses to exploit.

  • 33% of companies today are prepared to prevent a worst-case attack.
  • 25% treat cyber risk as a significant corporate risk.
  • 80% fail to assess their customers and suppliers for cyber risk.

The ROI of Zero Trust

Perimeter security will not be enough. As interconnectivity increases so will the adoption of zero-trust networks, which place controls around data assets and increases visibility into how they are used across the digital ecosystem.


A Layered Approach

Companies that embrace trust as a competitive advantage will build robust security on three core tenets:

  • Prevention: Evolving defensive strategies from security policies and educational approaches to access controls
  • Detection: Deploying effective systems for the timely detection and notification of intrusions
  • Reaction: Implementing incident response plans similar to those for other disaster recovery scenarios

They’ll build security into their digital ecosystems at three levels:

  1. Secure products. Security in all applications to protect data and transactions
  2. Secure operations. Hardened systems, patch management, security monitoring, end-to-end incident handling, and a comprehensive cloud-operations security framework
  3. Secure companies. A security-aware workforce, end-to-end physical security, and a thorough business continuity framework

Against Digital Armageddon

Experts warn that the worst-case scenario is a state of perpetual cybercrime and cyber warfare, vulnerable critical infrastructure, and trillions of dollars in losses. A collaborative approach will be critical to combatting this persistent global threat with implications not just for corporate and personal data but also strategy, supply chains, products, and physical operations.


Download the executive brief The Future of Cybersecurity: Trust as Competitive Advantage.


Comments

Tags:

To Get Past Blockchain Hype, We Must Think Differently

Susan Galer

Blockchain hype is reaching fever pitch, making it the perfect time to separate market noise from valid signals. As part of my ongoing conversations about blockchain, I reached out to several experts to find out where companies should consider going from here. Raimund Gross, Solution Architect and Futurist at SAP, acknowledged the challenges of understanding and applying such a complex leading-edge technology as blockchain.

“The people who really get it today are those able to put the hype in perspective with what’s realistically doable in the near future, and what’s unlikely to become a reality any time soon, if ever,” Gross said. “You need to commit the resources and find the right partners to lay the groundwork for success.”

Gross told me one of the biggest problems with blockchain – besides the unproven technology itself – was the mindset shift it demands. “Many people aren’t thinking about decentralized architectures with peer-to-peer networks and mash-ups, which is what blockchain is all about. People struggle because often discussions end up with a centralized approach based on past constructs. It will take training and experience to think decentrally.”

Here are several more perspectives on blockchain beyond the screaming headlines.

How blockchain disrupts insurance, banking

Blockchain has the potential to dramatically disrupt industries because the distributed ledger embeds automatic trust across processes. This changes the role of longstanding intermediaries like insurance companies and banks, essentially restructuring business models for entire industries.

“With the distributed ledger, all of the trusted intelligence related to insuring the risk resides in the cloud, providing everyone with access to the same information,” said Nadine Hoffmann, global solution manager for Innovation at SAP Financial Services. “Payment is automatically triggered when the agreed-upon risk scenario occurs. There are limitations given regulations, but blockchain can open up new services opportunities for established insurers, fintech startups, and even consumer-to-consumer offerings.”

Banks face a similar digitalized transformation. Long built on layers of steps to mitigate risk, blockchain offers the banking industry a network of built-in trust to improve efficiencies along with the customer experience in areas such as cross-border payments, trade settlements for assets, and other contractual and payment processes. What used to take days or even months could be completed in hours.

Finance departments evolve

Another group keenly watching blockchain developments are CFOs. Just as Uber and Airbnb have disrupted transportation and hospitality, blockchain has the potential to change not only the finance department — everything from audits and customs documentation to letters of credit and trade finance – but also the entire company.

“The distributed ledger’s capabilities can automate processes in shared service centers, allowing accountants and other employees in finance to speed up record keeping including proof of payment supporting investigations,” said Georg Koester, senior developer, LoB Finance at the Innovation Center Potsdam. “This lowers costs for the company and improves the customer experience.”

Koester said that embedding blockchain capabilities in software company-wide will also have a tremendous impact on product development, lean supply chain management, and other critical areas of the company.

While financial services dominate blockchain conversations right now, Gross named utilities, healthcare, public sector, real estate, and pretty much any industry as prime candidates for blockchain disruption. “Blockchain is specific to certain business scenarios in any industry,” said Gross. “Every organization can benefit from trust and transparency that mitigates risk and optimizes processes.”

Get started today! Run Live with SAP for Banking. Blast past the hype by attending the SAP Next-Gen Boot Camp on Blockchain in Financial Services and Public Sector event being held April 26-27 in Regensdorf, Switzerland.

Follow me on Twitter, SCN Business Trends, or Facebook. Read all of my Forbes articles here.

Comments