Philippe Noirot, president of AMRAE’s ERM 360° commission and moderator of today’s panel session ‘From outsourcing to the expanded company’, explains why expanded enterprise risks should be on risk managers’ radar
Risk managers must take ownership of risks to third-party providers and suppliers across their entire supply chain, despite not being directly responsible for them, urged Philippe Noirot, president of AMRAE’s ERM 360°, a committee on risk communication and governance.
For example, in a globalised world, information systems, even critical ones, are often outsourced to overseas providers, exposing the main company to new extra-territorial laws, with risk of international sanctions or fines, Noirot explained.
But just because elements of a business’ operation are outsourced to third-party suppliers, the company, or the buyer of an outsourced service, will still be affected by these threats.
The 2013 Rana Plaza building collapse in Bangladesh is a good example. More than 1,000 workers were killed when the eight-storey building – housing factories producing products for western retailers – collapsed under its own weight. Safety negligence on the part of the building managers, was said to be the cause of the collapse. But with a number of well-known low-cost clothing stores identified as buyers, they too were held accountable.
Noirot commented “It is very important companies reinforce their due diligence process prior to finalising a partner agreement.”
He said risk professionals can better manage extended enterprise risks by reviewing all partnership contracts. “Some [multinationals] will also have affiliations to several businesses and charities, so risk managers will have to assess whether the governance of those bodies is up to scratch and that they are following ethical rules.”
The French government is strengthening the law around the responsibility companies hiring subcontractors, which will have an effect on French businesses. This new law came into force after the Rana Plaza collapse.
No comments yet