In today's dynamic and interconnected business world, third-party risk management emerges as a strategy for the success and sustainability of organizations. With the increasing complexity of supply chains and the need for external services, it becomes urgent to master the nuances of TPRM. Contractor risk management is an essential activity for any company, regardless of its size or segment. It is through it that suppliers can remain in compliance with laws and regulations, as well as continue to provide quality services with maximum security, and beyond. From ensuring regulatory compliance to optimizing operational efficiency and mitigating risks, effectiveness in managing external partners has become a competitive advantage, which is what contractor risk management focuses on. In this text, we will go through some important points of this growing area worldwide. What is Third-party risk management? Contractor Risk management is the process of controlling the risks of outsourcing through the identification, selection, evaluation, contracting, monitoring, and relationship with suppliers. It is the way in which the relationship between companies/entities/individuals is supervised in a way that provides the greatest possible security. Through the contractor risk management flow, suppliers provide information about their third parties, and the contracting company or consultancy analyzes the documents to understand if the legal and contractual requirements have been met. The goal here is to understand if the requirements established at the time of contracting are being followed. It is through contractor risk management that risks such as slave labor, deaths, accidents, and company bankruptcies are mapped preventively. After all, these are cases that can cause irreparable damage to the business and are not always observed naturally. Effective contractor risk management aims at more sustainable and mutually beneficial relationships between companies and suppliers. Why Implement Contractor Risk Management? Contractor risk management impacts the entire organization. The decision to implement it will define whether these impacts will be positive or negative. It is widely known that outsourcing services generates operational risks, both in compliance and security. One of the benefits of contractor risk management is to mitigate these risks generated by hiring suppliers, which will allow for the harmonious continuity of business. In addition, all companies are subject to regulations and laws, which must be followed. With active contractor risk management, it is possible to monitor suppliers and understand if they are operating in compliance with the legislation. This avoids fines and penalties that could eventually fall on your company. Not to mention that third-party services impact your operational efficiency. How? The quality of the products/services provided is directly linked to your product. Whether by labor or raw material, this relationship directly and deeply impacts your organization, so it is important to pay close attention. These are some of the strong points we highlight here, but there are many others related to them. Operational efficiency, focus on core business, innovation, strategy, all of this has an impact on your company. When Should I Start Contractor Risk Management? The most objective answer would be when your supplier brings some risk. However, there are suppliers that do not bring risks or have very low risk, this does not necessarily mean that there should not be any monitoring, only that it should be evaluated how the process fits each situation. Here at Bernhoeft, we recommend starting third-party management as soon as your company starts to rely on external suppliers for products, services, or resources essential to its operations. This usually happens as the company grows and/or expands its activities. However, even for smaller companies, it is important to consider third-party management from the start, especially if there are plans to outsource certain functions or processes. Furthermore, if your company is already involved with external suppliers but has not yet implemented a formal management of these relationships, it is recommended to start as soon as possible. As we read earlier, third-party management helps ensure that the company is prepared to deal with the challenges associated with outsourcing. How to Implement Effective Contractor Risk Management? The way that generates the best results is: integrating technology, a specialized team, and a system capable of operating with a large volume of data. Having a partner makes this process easier and safer, since they have all the skills to deal with the essential steps of the project. And here we are talking about LGPD, information flow, management of contractors, and more. By combining experienced and qualified professionals, we can establish solid third-party management. This not only encourages suppliers to become increasingly involved in the processes but also alleviates the work of contract managers We have gathered some steps of the process: Define objectives and goals; Identification and selection of suppliers; Supplier assessment; Contracting of suppliers; Relationship with suppliers. How to Find a Good Partner for Contractor Risk Management Finding the ideal partner for third-party management is just as important as implementing it. Below we have gathered two points that we consider objective and essential for your company to observe when searching for a partner. Understand your real needs first Before you start looking for a partner, it is essential to understand your specific third-party management needs. Consider the types of services or products that will be outsourced, the compliance requirements, the risks involved, and your strategic objectives. Some questions can guide you at this time: What services does the organization need to outsource? What are the quality and performance requirements that the organization expects from its suppliers? What are the risks that the organization needs to mitigate? Research the market and seek references Conduct a detailed market research to identify potential third-party management partners. Understand the history of the chosen companies, check if they have the necessary qualifications to meet the needs identified in point "1", and if it makes you feel more secure, ask for references from other clients. Third-Party Risk Management x Bernhoeft We are the first company in Brazil to provide third-party management services. For over 20 years, the #WeLoveGRT movement has been running through our veins, driving innovation and the desire to do more and better. In Brazil, our work is already widely recognized and referenced. We were elected the best third-party management company in Brazil for four consecutive years, by the Inbrasc award 2020/2021/2022/2023. Now it's time to take on the world! Our team has over 650 qualified professionals to add value and make a difference in the lives of each of our clients. We work by helping client companies and their suppliers to reduce outsourcing risks, promoting greater security and compliance with current laws and regulations. To achieve this, we work on two fronts: Labor Analysis In labor analysis, we act proactively to ensure that outsourced workers receive their rights at the right time, reducing the chances of your company having to pay the severance pay of suppliers who have failed to pay or have not paid their employees correctly. If, even so, labor lawsuits arise, we will work together with your company's legal department, providing all information and documents for the preparation of the defense. Proving the values that have already been paid to employees and reducing your risks and those of your suppliers. Our differential is not to stay only in the analysis of the documentation, if any error is identified, we will work as a consultancy guiding the suppliers on the errors and how to correct them. Mobilization Third-party mobilization is a real challenge, as the documents vary according to the risk of the employee's activity. Each document has a different validity period to manage, and we need to be agile in releasing access quickly and without compromising the safety of the company and the outsourced employee. We work in the mobilization of outsourced workers and take on everything from the electronic receipt for analysis of occupational safety and health documents to the permission of access to your organization's entry control system. These more than 20 years represent a great growth in our operations, we feel ready to expand our work to the world. If you are interested and would like to receive a contact from a specialist consultant, simply click on the following link: Talk to a specialist
SEE MOREHomologation of Suppliers
A company that values safety needs to understand the risk a supplier can pose to its operation and implement a preventive homologation process to safeguard itself.
Nowadays, it’s clear to many organizations that choosing a supplier isn’t just about looking at costs but also assessing the risks associated with the contract that could lead to significant losses in the future. After all, a supplier’s cost isn’t only the value stated in the commercial proposal but also the risk it brings to the contracting party.
In a preventive homologation, we can evaluate items such as the Balance Sheet, Certificates, whether the supplier is economically dependent on any client, environmental matters, and more.
We offer different levels of homologation and can adapt them according to the needs and risks of the contracting party, especially concerning technical documents, Occupational Safety and Health, Environmental, and others.
Background Check
With the supplier’s background check, it’s possible to map risks and answer important questions with just the CNPJ, such as: who are the partners of this supplier? Are they politically exposed persons? Is there any history of forced labor? It can also identify labor disputes, public certificates, negative media coverage, among other things. It’s also possible to use the Background Check in Third-Party Management to map risks associated with the company’s partners with just the partner’s CPF!
Main activities of th Background Check
– Background check of the partner or economic group that makes up the supplier’s corporate structure.
– Unethical practices and negative media coverage (news related to corruption, fraud, money laundering, and other crimes).
– Whether they are considered Politically Exposed Persons (PEP).
– Search for notifications of forced labor and incidents on the Transparency Portal.
– Access to public proceedings in which the supplier is involved.
– Whether the supplier is listed in the National Registry of Unscrupulous and Suspended Companies (CIES).
– Whether the supplier is listed in the National Registry of Punished Companies (CNEP).
– And more…
Homologue
With our homologation software, our analyses and assessments can also be requested specifically according to your company’s segments and your clients’ needs, providing greater security for both parties. We also offer a customer database, making it possible to conduct research and establish connections between suppliers and clients who require their products or services.
Advantages of Homologue:
- Fast, simple, and secure process.
- Alignment with the procurement processes of large companies.
- A platform for connection between clients and suppliers.
- Analysis of the financial health and compliance of your company.
- Customized analysis based on the type of service.
Main activities
- Evaluation of the financial and labor situation of the suppliers.
- Assessment of municipal, state, and labor negative debt certificates.
- Evaluation of the Certificate of Regularity of the FGTS - CRF.
- Analysis of the financial statements for the last 2 years with the Income Statement (DRE).
- Assessment of the service contract.
- List of the last 12 invoices.
- Operating Permit - Municipal City Hall.
- Serasa Analysis (Provided by the supplier).