How Responsible Are Your Vendors? Incorporating ESG-Related Risks into VRM
Would you work with a company that has a massive carbon footprint? Would you trust a business with lenient workplace safety standards? Companies are increasingly taking these Environmental, Social, and Governance (ESG) issues into account when considering their global and reputational impact.
ESG screening and monitoring are also quickly becoming a vendor risk management (VRM) issue. ESG issues pose sustainability, non-financial, or extra-financial risks that can have a significant effect on your business.
Are you certain your vendors are operating responsibly? You need to have confidence in the face of digitalization, climate change, evolving regulations, and the ratcheting up of global tensions.
What are ESG-related risks?
In October 2018, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) and the World Business Council for Sustainable Development (WBCSD) partnered to help entities better interpret and manage ESG risks. The report, “Enterprise Risk Management: Applying Enterprise Risk Management to Environmental, Social and Governance-Related Risks,” provides an overview on handling ESG-related risks. Those guidelines include ESG risks related to third-party vendors.
The report advises that VRM programs need to consider ESG-related risks in several categories, including:
- Sustainability, such as a vendor’s emissions, how they manage water, etc.
- Reputation or brand
- Legal
- Technological
- Compliance
- Product or service quality
Examples of ESG-related vendor risk include avoiding raw materials from endangered forests or ensuring apparel suppliers abide by their country’s accords on factory safety and working conditions.
The report also suggests having clear lines of communication with suppliers and higher standards for reporting on material origins and manufacturing processes. The onboarding process and contracts should include a supplier code of conduct and report card specifications, including:
- Quality
- Delivery
- Quantity delivered
- Performance history
- Incident report
- Comments
- Regular meetings
Current reporting on vendor’s ESG compliance and policies is mostly voluntary — but that may change, and soon. How can you hope to escalate ESG-related risk in your VRM program?
Gain valuable visibility with a VRM solution
Find a VRM software solution with the right tools and features you need to handle this ESG-related paradigm shift in risk management. You’ll gain the ability to assess and mitigate ESG-related risks over the life of a vendor relationship.
VRM solutions can assist in performing onboarding reviews and due diligence reports, managing contracts, and reviewing vendor social media and complaints. You can also develop and issue various types of customizable questionnaires to vendors. Questionnaires provide compliance officers with valuable visibility into a vendor’s adherence to laws and regulations, including a vendor’s:
- Compliance program
- Monitoring and testing
- Training
- Reporting
- Legal/Management/Other
- BCP/DR
A report can then be generated from the vendor’s response that can be linked to supporting documents. Some VRM solutions are even supported by subject matter experts and analysts who can review submitted questionnaires and documents with you.
Your VRM program must consider ESG-related risks. A holistic view of risk will help protect your reputation, ease your mind, and – no small thing – contribute to a better world.
[bctt tweet=”A holistic view of risk will help protect your reputation, ease your mind, and contribute to a better world.” username=”Mitratech”]
Defend yourself against vendor and enterprise risk
Learn about our best-in-class VRM/ERM solutions.
English 
Deutsch 
English (UK) 
English (Australia) 
Français 
Español de México 
简体中文