The third-party risk management (TPRM) marketplace is especially dynamic these days. There are expanding challenges across risk categories that are ever-changing. We now assess, track, and measure how a third party aligns to our regulatory requirements, ethical business practices, cyber security and data privacy expectations, as well as on additional topics centered on third-party conduct, performance, and good behavior.
In the last two years, concerns about how third parties may or may not use AI in the services they provide have increased the profile of good TPRM coverage and programs.
Yet, when the World Economic Forum surveys business leaders around the world about the most important current and long-term risks to their businesses and across their supplier landscape, the top concerns are focused on climate change.
Whether or not a business leader believes that climate change is associated with their business, market trends show many global consumers expect organizations to do more to ensure improved environmental and social best practices.
And governments around the world are actively passing and pursuing regulations that require businesses to report on and improve their ESG priorities. Not only that, but organizations must also be aware of, report on, and manage environmental-related activities across their third parties.
Ultimately, it makes sense for businesses to pay attention to climate change and to anticipate required adaptations to their business and third-party activities. The US Department of Defense has famously modeled scenarios for various impacts of climate change and identified expected outcomes and best defenses should any degree of instability ensue.
For many businesses, the urgency and strategies for dealing with climate change within their third-party ecosystem remain unclear. And, as new regulations are enacted around the world, too many businesses are seeking a means to align strictly to a specific requirement, standard, or reporting framework and not considering the big picture.
Third-party supplier, vendor, reseller, and partner climate risks are critical to understand and act upon. For example, where changes in climate and precipitation patterns may affect a US business’s local facilities with more hot or dry days, those same changes may impact the climate and likelihood and severity of natural disasters at a supplier’s facilities in a different region.
It should matter to the business and to its risk management team to better understand and anticipate how even seemingly slight changes in their own climate activities may affect their third parties and their ability to continue working with their organization.
In the last year, I’ve seen multiple stories where changes in climate unexpectedly affected businesses’ abilities to continue operating and delivering products to their customers. For example, disruptions to the flow of materials through the Panama Canal due to drought slowed down production and increased costs.
In another instance, when the single chili farm sourced by Huy Fong Foods to produce their Sriracha Sauce experienced a drought and a long series of hot days, production – and profitability – suffered.
For many businesses, the effects of a changing climate impact them whether directly or indirectly. Planning accordingly, diversifying suppliers, and developing resiliency strategies to adapt to a changing world is smart business.
While the impacts of climate change on the Panama Canal and the Sriracha chili source may seem distant or unrelated to your own business, they demonstrate how even small unanticipated changes can affect entire business ecosystems. The businesses that will best manage seemingly unanticipated changes occur are those that actually do anticipate them. And in a competitive environment, risk management and resiliency management can make all the difference.
For example, in the days of the Covid pandemic there were businesses within industries that performed better than others. Analysis has shown that not only did many of these businesses have risk management plans that included seemingly unlikely and unpredictable impact risks (like a pandemic), they also had resiliency strategies in place.
Defining how to get back up and running quickly through defined steps, processes, and people is a plan, not luck. Similarly, even while many see climate change as a slowly evolving challenge, those who are prepared are going to perform better than those that are not. Resiliency strategies are in your best interest.
A good resiliency strategy will mirror a good risk management strategy, with well-defined evaluations, controls, people, roles, processes, and technologies. Ideally, you can:
Another area of resiliency that is rising on TPRM agendas is sustainable supplier relationship management (SSRM). These initiatives are the strategic incorporation of ethical, social, and environmental practices and awareness into supplier management, and supply chain management.
Ensuring sustainable supplier practices throughout your entire extended enterprise is big picture thinking, and allows for proactive identification, management, and mitigation of unethical activities, rather than one-and-done reactions.
Examples of steps taken within SSRM can include choosing to work with suppliers that uphold ethical labor and environmental practices, reducing waste, sustainable procurement practices, ensuring modern slavery and human trafficking is not being practiced within third, fourth, and nth parties- just to name a few.
Those businesses and leaders who do not see climate change as urgent should keep an eye on their market cap. Denial will not make it go away. Regulator and consumer demands, expectations, and spending are intensifying and should nudge decisions. Taking steps today to prepare and adapt for changes that will inevitably impact your business is a wise investment in the future.
Aravo partners with multiple organizations that help businesses assess and plan for climate risk, including DisasterAWARE and Probable Futures. With complementary data and reporting, these two partners help Aravo customers better evaluate and build adaptable resiliency strategies for anticipated changes in precipitation, heat, and climate-related natural disasters. Planning is a good thing, luck is not.
Share with Your Friends:
