The speakers also explored how AI can help keep track of these risks and deliver alerts when they occur, thus enabling faster, more efficient, and cost-effective due diligence.
The session revealed the following takeaways:
- Why is supplier due diligence important?
- How to develop an ESG risk framework
- The benefits of using multilingual natural language processing in due diligence
- Using generative AI in due diligence processes
- What corporations can learn from the experience of banks
- Success factors in implementing a third-party risk monitoring system
Takeaway 1: Why is supplier due diligence important?
For Corrigan, of critical importance is corporate reputation, a valuable intangible asset embedded in the balance sheets of businesses. Emphasising the intricate link between corporate goodwill, brand equity, and reputation, Corrigan underscores the vulnerability of reputation to the actions of third parties. The misdeeds of external entities pose a significant risk, potentially tarnishing the integrity of a company through association. Examples include displacing communities for dam construction or engaging in corrupt practices to secure contracts. Corrigan notes that this concern has gained prominence for several reasons.
Firstly, there is a growing corporate consciousness regarding ethical practises, particularly in areas such as diversity, inclusion, and ESG (Environmental, Social, and Governance) considerations. Secondly, awareness has heightened concerning the detrimental impact and costs of reputational damage, affecting share prices, sales, and overall brand value. The third driving force is the pervasive influence of social media, where instances of getting it wrong are amplified at an unprecedented pace. Adding another layer to this landscape is the regulatory dimension, exemplified by the EU’s Corporate Sustainability Due Diligence Directive (CS3D). Though yet to become international law, the directive imposes stringent due diligence requirements on companies operating in the EU, urging continuous diligence throughout business relationships. The low threshold for triggering these effects intensifies the need for companies to be vigilant. Consequently, the focus on diligence extends beyond onboarding and encompasses all facets of dealings, whether with suppliers or other value chain partners.
Takeaway 2: How to develop an ESG risk framework
“The EU Directive will expect corporations to be the first line of defence when it comes to ESG rectitude by making sure that in your supply chain, you’re doing the right thing.”— Dermot Corrigan, CEO
According to Corrigan, corporations think about ESG from a three-fold perspective: assessing one’s own credentials, scrutinising investment choices, and perhaps most crucially, evaluating the relationships forged with external parties. In this context, the significance of meticulous screening of third-party entities cannot be overstated.
For Corrigan, it is disheartening that the true essence of ESG remains somewhat elusive, often overshadowed by mere adherence to corporate sustainability goals. Corrigan stresses the importance of understanding what ‘bad’ ESG entails, particularly when engaging in screening processes.
For example, drawing a critical distinction between board conduct and the tangible actions of a business on the ground, the concept of ‘ground truth’ comes into focus. This entails an in-depth analysis of how a business actually behaves as opposed to what it says. Are they associated with bid rigging, cartel involvement, predatory pricing, and even the relatively obscure concept of astroturfing.
Corrigan also introduces the concept of a ‘gravity slider’, which adds a nuanced layer, allowing organisations to prioritise and calibrate risk based on their unique worldview.
Takeaway 3: The benefits of using multilingual natural language processing in due diligence
The investigative work of due diligence poses several challenges for analysts, particularly when dealing with unstructured information like web content and news items. The sheer volume and repetition inherent in such data is overwhelming, hindering the advancement of intelligence. This issue is compounded by the tendency to encounter similar information repeatedly, leading to a risk of falling down unproductive rabbit holes. The potential for false positives further complicates the task at hand.
Here, Corrigan emphasises the critical role of multilingual natural language processing (NLP) in alleviating these challenges. Multilingual NLP, with its ability to process and understand human language, becomes a valuable tool in sifting through vast datasets, reducing redundancy, and mitigating the risk of misinformation.
In addition, with suppliers and associated third parties operating in many different countries, it’s crucial that organisations can comprehend and process information in multiple languages. Multilingual NLP’s ability to understand text in various languages enables it to extract truly useful information to provide a comprehensive understanding of the third party.
Takeaway 4: Utilising generative AI in due diligence processes
“[What] would have taken a human being hours or days to produce can be produced in a minute or so.”—Dermot Corrigan, CEO
Corrigan highlights that in the next phase of smartKYC’s development, they will incorporate the capabilities of generative AI. This will involve combining their existing NLP engine with a dedicated generative AI layer, which will contribute to, as Corrigan describes, ‘the last mile.’
With the initial heavy lifting completed, wherein the NLP engine has meticulously analysed extensive documentation and extracted pertinent facts, the generative AI layer can auto-summarise findings, a task traditionally undertaken by human analysts to discern and articulate risks.
Takeaway 5: What corporations can learn from the experience of banks
Corrigan draws a compelling parallel between the evolution of regulations in banks and the emerging dynamics in corporate landscapes. The post-9/11 era led to the introduction of the Patriot Act, which placed a substantial responsibility, more than just an onus, on banks. They were mandated to function as the primary defence against money laundering, recognising a critical link between terrorism and the financing facilitated by such illicit activities.
A similar trajectory is now unfolding for corporations, this time in the realm of ESG considerations. Corrigan highlights the regulatory shift occurring within the corporate domain, especially in areas like supply chain and the broader value chain.
Much like how banks were designated as the frontline defenders against money laundering, corporations are now assuming a parallel role in upholding standards and rectitude in the context of ESG. This underlines the evolving regulatory landscape and the increasing expectations placed on corporations to take a proactive stance in safeguarding ethical practises, mirroring the historical transformation experienced by the banking sector in response to global security concerns.
Takeaway 6: Leveraging technology to implement a third-party risk monitoring system
The webinar rounded up with Corrigan discussing smartKYC’s latest product, smartEYE, an intelligent third-party risk monitoring solution that alerts you to new financial crime, ESG or reputational risks relating to your third party.
Whether about ESG criminality or adverse reputation, using advanced multilingual natural language processing (NLP) technology, smartEYE delivers precise, credible alerts, without the surrounding noise, regardless of the source, language or script. With smartEYE, corporations have the ultimate defence against ESG and reputational risk, effective continuous adverse media screening and the ability to act quickly and decisively.
See this process in action by booking a demo.
Conclusion
“Acting on a problem straight away and dealing with it and being seen to deal with it. is a much better risk mitigation strategy than if, you find out six months after it’s happened, and all of a sudden, it’s mushroomed into this kind of crisis and is somewhat out of control.”—Dermot Corrigan, CEO
Understanding the risks associated with third-party engagements reveals a formidable challenge—a challenge on an industrial scale. Organisations contend with an extensive network of third parties, extending beyond the entities themselves to encompass directors, shareholders, and what is aptly termed the ‘entourage.’ With tens or even hundreds of thousands of these interconnected parties, the need for exhaustive information and risk assessment becomes paramount. Complicating matters further, this information is dispersed across diverse sources, both structured and unstructured, accessible through various means such as web interfaces, APIs, and file-based systems. Language diversity adds an additional layer of complexity, as the information is often presented in multiple languages.
Importantly, the obligation to conduct this risk assessment is not a one-time, onboarding process, but ongoing due diligence throughout the entirety of the business relationship.
Faced with this monumental task, organisations have a choice: allocate more manpower, an approach increasingly deemed insufficient, or turn to technology for substantial support. By leveraging technology to shoulder the heavy lifting in due diligence processes, organisations can ensure efficiency, speed, and cost-effectiveness.
Corrigan advises against ‘one-size-fits-all’ solutions, instead advocating for tailoring solutions to an organisation’s unique approach and risk appetite to bring about faster, better, and more cost-efficient due diligence aligned precisely with the organisation’s needs.
Watch this informative webinar in full and download the slides.
