Legal issues are only one element of third-party risk. Learn what other risks your program should detect and mitigate.
Beyond Legal Risks in Third-Party Risk Management - Transcript
Chris Sindik: My name is Christopher Sindik, I'm the Director of Third Party Risk and Due Diligence here at Blue Umbrella, and I'm very happy today to be joined by one of my colleagues and friends, Mossimo Bronzetti.
Mossimo, do you want to introduce yourself?
Massimo Brozzetti: Yes, thank you, Chris, for the introduction. I'm Massimo Brunzetti. I graduated in law. I have a legal background, graduated in Italy, and then I attended a master in sports law and management in Barcelona. And I've been joining the AML and Blue Umbrella team recently. And I've been working in the industry for more than six years. And before I was working in the legal industry.
Chris Sindik: Thanks for your overview of your background there, Mossimo. And I know you come from a very diverse background and have seen a lot of different things in your career too, which is why I'm really looking forward to hearing your perspective on today's topic.
Again, it's looking beyond legal risks and third party risk management. What I'm seeing in my career and no doubt, you and our listeners have seen the same thing where a lot of times companies, when they're starting to go down the path of third party risk management and compliance and legal and ethics, it really does start with a focus on the legal risk, the baseline requirements, the legal requirements, those sort of compliance failures that come with a lot of zeros behind them and a lot of heartache too if a government regulator would come knocking.
But we've seen recently, more of a focus on reputational risks and other things like that. With the focus on the due diligence process, typically being on legal risk, things like bribery, fraud, sanctions areas like that, what else should organizations be thinking about today that maybe they weren't thinking about 10 years ago or five years ago or just last year?
Massimo Brozzetti: That's a good question Chris. I must say that for my experience one of the most important aspect in my debate taking into consideration that our clients, maybe sometimes they're not even aware that are reputational concerns. Because sometimes the reputational concern might be even more severe than the criminal liability itself.
Now with the social media risk of the reputational damage is much higher than before. I can say that now reputational risk are big, severe aspect that we might take in consideration were like a screening the third party for the clients also because the reputational concerns is something that I said was the arrival of social media it's a really something very difficult to control.
And sometimes I would say most of the times the reputational concern much bigger impact than a criminal scandal. Because just to make an example the average duration of a criminal trial from let's say the preliminary investigation phase until the ruling of the court of concession in Italy takes as an average about four and a half years.
So it means that even if the company will be acquitted of all charges. It will take a lot of time to be formally acquitted. And, the reputational of the scandal that goes in newspapers is something that goes immediately and will create a huge reputational impact for a possible dealing with that person or with that company.
This is something that our clients might really bear in mind especially if the person is well known or the company, I would say.
Chris Sindik: I think you've hit upon one of the really important points there too, which is that, the courts of law, can move very slowly, but the court of public opinion, moves at light speed. You don't want to be trending online, going viral for the wrong reasons.
And, people can turn on an individual or a company relatively quickly when there are some of those serious allegations that come through. And, I think it's something that although there may not be as many of those kind of legal risks involved with them. The damage to the brand, product sales boycotts, things like that are definitely a consideration that are real that people need to think about, specifically as it relates to their third parties that they're working with.
A lot of times the media if there's a reputational concern they won't always name and shame the small third party, the supplier, distributor, agent, reseller, etc. They'll go after the bigger name. Putting the name of the large company in the headline to, garner a little bit more attention to them. Again the notion there being that companies are on the hook a lot of times for their actions of their third parties, not only legally, but reputationally as well.
And I think that brings us to, another question, which is, who cares about the reputational risks? If there's a failure, or there's a concern, or, a new media story that pops up, or a wave of public attention, who's paying attention to that? Is it specific to certain industries, parts of the world? What are you seeing in that regard?
Massimo Brozzetti: I can say that the reputable risk are even more prone to severe consequences provided the outcome from the criminal liability itself. I can say that like a public investors, they do care about reputation risk because what they really want to know if their money are safe for investment, or maybe there are risks for I would say boycott or the so called reverse boycott.
And in the same way, investors do care about what the public cares about. As I said, during, especially with the social media period, like the public the public opinion, they tend to create a sort of hype on the reputational concern related, especially to the corporations. Corporation. So I should say that the public investors and the public itself, the public opinion, really interested about reputational risk, especially, I can say on the industry that can create public scandals. For example, environmental issues, animal testing, so something that public opinion do really care and something that my like, or the environmental footprint. So something that is really easy to create a hype on social media, especially during this transition for reducing the carbon footprint on the planet. People do care more about taking care of the environment, on animals. This I would say is really crucial, especially, but not just limited with this industry and stakeholders. For example, I would say that also there is a big difference between EMEA and APEC regions, because maybe on APEC regions do care more with something related on the reputation for unfair working practices or selling in certain markets they are more exposed to sanctions or violations. And on EMEA, for my experience, I see they're more related with some issues related with product failure or quality issues, or maybe data breaches or industry where a lot of licenses are needed in order to work in.
So it's really complex matter. I know it's not easy to summarize everything in just a few minutes. But there are very many difference of way of reputational concerns, depending on the industry, the client, the third parties working and also the, let's say on which industry they're working with.
Chris Sindik: And, certainly if we look at some industries that are a little bit more focused on, selling to consumers directly, as opposed to business, that's one where, the reputation can have more of an impact or the view of the reputation, the brand. if people just stop buying, it's it's something that can be done overnight, as opposed to, a long term contract that has to expire.
And I think, too, that, as we look at that, we have to say, why does it matter? What are some of these, risks that companies that should be taking into place now and how do they uncover them? Certainly in our role here at Blue Umbrella, we're conducting research and we're trying to find out about these reputational risks that third parties will present to our clients and, making them aware of them so that they can remediate as appropriate.
And we've heard feedback about how our reports are really taken to heart and some clients will not work with third parties based on some of the findings that are there about, various types of misconduct that we've discussed so far today, connections to some of these, concerning activities too. But, why do they matter? What are some of the risks that you're seeing, more so in your course of business?
Massimo Brozzetti: I can say that they do really care because they're really more aware and conscious that a reputational concern might be very critical for their operation, for their business, and as you correctly said, people would stop buying a specific brand because of this scandal. And it's really easy, we saw from the experience that even just a reputational scandal can really cause a crisis for the company that is involved in this scandal, even if at the end we'll be completely acquitted, but, the public opinion it's now an impact on reputation on the company and with social media it's really easy to create a huge damage on the company.
And that's why also we have in our reports, it's something check the most is the reputational concern from all the aspects we're already touched. Just to make a summarize, we have different level of scopes in our reports that of course they have the lowest one. They do really check just on the surface, about reputational concerns and others that go on deep dive on this possible risk.
So it depends also how much the client is interested considering the industry. The client is is working because as I said before, some industries, some regions are more sensitive to a possible reputational concerns. And as I said, usually this affects almost all the corporation are dealing on a daily basis.
Chris Sindik: I think one important notion too, is that, while right now they're considered, not as much of a legal risk. That's starting to change. We're seeing new laws being enacted all the time. One that's getting a lot of focus right now is the EU Corporate Sustainability Reporting Directive. That's one where, companies have certain obligations on themselves to report about sustainability, ESG, diversity, even bribery and corruption, which is, overlapping with other laws there.
But when you talk about some of those other things like, sustainability, ESG, etc. Those are becoming not just a nice to have, but a need to have as well. So there's certainly legislation that's, catching up with this in certain parts of the world. It's an area that although it's, often seen as, let's get our bribery and corruption program settled first, which is, probably a very prudent idea, then moving on if there are extra resources for these other areas.
I think they're just as important to it can carry as much, if not more risk sometimes. But with that Massimo, do you have any final thoughts for our listeners as we round out this episode?
Massimo Brozzetti: So I'd just like to summarize, to wrap up everything that in general the clients to really trust us for our experience in the industry, also the fact that we cover a dozen and a dozen of languages, so we can catch almost all the significant reputational concern all around the globe.
We have experienced analysts that cover all this regulation that you are just mentioned a couple of seconds ago. So that's why the clients usually, they go with us because they rely on us. They know we know. The regulation, we know the languages to cover all these aspects. And of course, as just to go on my side from the legal background perspective, most of the clients, they're not working with that particular jurisdiction.
They're not aware, for example, in Italy you have three stages of trial and we almost go with that because there are no specific limitation to appeal to the Court of Appeal, the Court of Cassation, and this is totally from, for example, from the U. S. that you have still a Court of Appeal and a Supreme Court, but it's really the case hard and tough to appeal to the second court or even to the Supreme Court. So there are different musings that the clients may not be aware and we can cover and explain in our reports.
Chris Sindik: It's something where, we're glad to lend our expertise wherever it's useful. Even if a client is very aware of their obligations, they may not have familiarity with a particular, market or just the language skills sometimes to, be confident in what they're gathering to as much as they would like to be. Mossimo, again, thank you very much for your expertise and time to talk about this.