Ahead of the Storm: Exploring the Projected Impact of Climate Change in TPRM

September 18th, 2024 Loren Johnson Reading Time: 4 minutes
24 1752 Rsk Blg Feature Image 1200x628

The third-party risk management (TPRM) marketplace is especially dynamic these days. There are expanding challenges across risk categories that are ever-changing. We now assess, track, and measure how a third party aligns to our regulatory requirements, ethical business practices, cyber security and data privacy expectations, as well as on additional topics centered on third-party conduct, performance, and good behavior.

In the last two years, concerns about how third parties may or may not use AI in the services they provide have increased the profile of good TPRM coverage and programs.

Yet, when the World Economic Forum surveys business leaders around the world about the most important current and long-term risks to their businesses and across their supplier landscape, the top concerns are focused on climate change.

Rising Stakeholder Pressure

Whether or not a business leader believes that climate change is associated with their business, market trends show many global consumers expect organizations to do more to ensure improved environmental and social best practices.

And governments around the world are actively passing and pursuing regulations that require businesses to report on and improve their ESG priorities. Not only that, but organizations must also be aware of, report on, and manage environmental-related activities across their third parties.

Ultimately, it makes sense for businesses to pay attention to climate change and to anticipate required adaptations to their business and third-party activities. The US Department of Defense has famously modeled scenarios for various impacts of climate change and identified expected outcomes and best defenses should any degree of instability ensue.

The Urgency of Climate Risk Management Within TPRM

For many businesses, the urgency and strategies for dealing with climate change within their third-party ecosystem remain unclear. And, as new regulations are enacted around the world, too many businesses are seeking a means to align strictly to a specific requirement, standard, or reporting framework and not considering the big picture.

Third-party supplier, vendor, reseller, and partner climate risks are critical to understand and act upon. For example, where changes in climate and precipitation patterns may affect a US business’s local facilities with more hot or dry days, those same changes may impact the climate and likelihood and severity of natural disasters at a supplier’s facilities in a different region.

It should matter to the business and to its risk management team to better understand and anticipate how even seemingly slight changes in their own climate activities may affect their third parties and their ability to continue working with their organization.

Climate Change in TPRM in Action

In the last year, I’ve seen multiple stories where changes in climate unexpectedly affected businesses’ abilities to continue operating and delivering products to their customers. For example, disruptions to the flow of materials through the Panama Canal due to drought slowed down production and increased costs.

In another instance, when the single chili farm sourced by Huy Fong Foods to produce their Sriracha Sauce experienced a drought and a long series of hot days, production – and profitability – suffered.

For many businesses, the effects of a changing climate impact them whether directly or indirectly. Planning accordingly, diversifying suppliers, and developing resiliency strategies to adapt to a changing world is smart business.

Bringing it Home: Thinking About Big Picture Resiliency

While the impacts of climate change on the Panama Canal and the Sriracha chili source may seem distant or unrelated to your own business, they demonstrate how even small unanticipated changes can affect entire business ecosystems. The businesses that will best manage seemingly unanticipated changes occur are those that actually do anticipate them. And in a competitive environment, risk management and resiliency management can make all the difference.

For example, in the days of the Covid pandemic there were businesses within industries that performed better than others. Analysis has shown that not only did many of these businesses have risk management plans that included seemingly unlikely and unpredictable impact risks (like a pandemic), they also had resiliency strategies in place.

Best Practice Resiliency Strategies

Defining how to get back up and running quickly through defined steps, processes, and people is a plan, not luck. Similarly, even while many see climate change as a slowly evolving challenge, those who are prepared are going to perform better than those that are not. Resiliency strategies are in your best interest.

A good resiliency strategy will mirror a good risk management strategy, with well-defined evaluations, controls, people, roles, processes, and technologies. Ideally, you can:

  • Define priorities and strategies in advance to ensure your business can continue to deliver products and services to your customers after virtually any risk event. Proactively define people and processes that will ensure a facility or a team can efficiently communicate, deliver services, and understand the hierarchy of authority in any risk event scenario.
  • Predefine backups and secondary options as well as a “what if” model for critical connections across your supply chain. Model, test, and prepare for risk events, supply chain disruptions, and their likelihood, potential impact, and recovery requirements.
  • Inform teams of your resiliency strategies, noting leadership buy-in, local authority – if communications lines are cut, who’s in charge? – and strategic priorities to ensure the organization is aligned, prepared, and can execute as easily as possible.

Sustainable Supplier Relationship Management (SSRM)

Another area of resiliency that is rising on TPRM agendas is sustainable supplier relationship management (SSRM). These initiatives are the strategic incorporation of ethical, social, and environmental practices and awareness into supplier management, and supply chain management.

Ensuring sustainable supplier practices throughout your entire extended enterprise is big picture thinking, and allows for proactive identification, management, and mitigation of unethical activities, rather than one-and-done reactions.

Examples of steps taken within SSRM can include choosing to work with suppliers that uphold ethical labor and environmental practices, reducing waste, sustainable procurement practices, ensuring modern slavery and human trafficking is not being practiced within third, fourth, and nth parties- just to name a few.

Those businesses and leaders who do not see climate change as urgent should keep an eye on their market cap. Denial will not make it go away. Regulator and consumer demands, expectations, and spending are intensifying and should nudge decisions. Taking steps today to prepare and adapt for changes that will inevitably impact your business is a wise investment in the future.

Aravo and Risk Intelligence Partners

Aravo partners with multiple organizations that help businesses assess and plan for climate risk, including DisasterAWARE and Probable Futures. With complementary data and reporting, these two partners help Aravo customers better evaluate and build adaptable resiliency strategies for anticipated changes in precipitation, heat, and climate-related natural disasters. Planning is a good thing, luck is not.

Interested in learning more? Contact us today.

Loren Johnson

Senior Director, Product Marketing

Loren Johnson leads Aravo’s product marketing function, covering how Aravo builds, markets, and sells its market-leading third-party risk management solution. Driven by a passion for innovation and solving business challenges, Loren brings an international business perspective and desire to deliver measurable customer success. Loren is a long-term TPRM advocate with an MBA in International Management from Thunderbird, and more than 30 years working in the technology sector. With eight years in the GRC market, Loren brings enthusiasm and an informed perspective to his work with Aravo.

Senior Director, Product Marketing

Loren Johnson leads Aravo’s product marketing function, covering how Aravo builds, markets, and sells its market-leading third-party risk management solution. Driven by a passion for innovation and solving business challenges, Loren brings an international business perspective and desire to deliver measurable customer success.

Share with Your Friends:

Subscribe to Blog Updates

Tags
Our Expertise
Expertise
Who We Help
Customers

Ready to get started?

Get in touch for a better approach to third-party risk management