contact us
POV

A Strategic Role for Vendor Management -- Key to Effective Compliance

David-England-sq
by David England

Increasingly stringent regulatory compliance standards governing third-party relationships are becoming the order of the day in a number of industries, including banking, pharmaceuticals and healthcare.  Regardless of industry, the move towards closer oversight of third parties has been accompanied by increasingly complex service delivery models and supply chains with multiple vendors and sub-contractors. In other words, the rules of regulatory compliance are getting tougher precisely at a time when the game is becoming more complicated.

In this environment, global enterprises are recognizing the importance of enhanced Vendor Management and Governance (VMG) capabilities. Specifically, they’re looking to oversee each provider in the service delivery mix, while at the same time enhancing collaboration among all providers and aligning the overall sourcing model with the business. An effective VMG function can provide the global transparency and local insight required to connect myriad stakeholders, align operations with business strategy and position the enterprise to address today’s regulatory compliance challenges.

One key is to understand the regulatory rules and requirements to be followed, and to then define internal policies that align with regulatory guidelines and requirements. The real challenge, however, lies in converting those policies into rigorous and sustainable processes that operate seamlessly and consistently across multiple providers and business units. The compliance oversight of any given third party involves a wide range of functions, including operational, contractual, financial and legal, as well as different business groups.  Interactions between these various stakeholders can result in gray areas regarding responsibilities.  For example, does the task off assessing a particular provider’s sub-contractor reside with the vendor management team or with legal?

Whether related to service quality or regulatory compliance, effective vendor management is very much a case of “devil in the details,” and requires that specific responsibilities and owners be clearly spelled out. This granularity is essential to address the broader goal of collecting and analyzing operational data to drive continuous improvement and tracking and reporting activity within and between disparate organizations.

The VMG function has often struggled to achieve the enterprise-wide perspective required for effective oversight. Traditionally, VMG has been designed as an extension of sourcing procurement, and as such has often reverted to a narrow focus on cost.  This tactical role, moreover, has limited VMG’s involvement in pre-contract planning and development that is essential to gaining insight into the myriad service provider touch points that underlie the service delivery model. 

Recognizing the strategic importance of VMG, many enterprises are positioning the function to provide oversight of key supplier relationships and transparency deep into the chain of service delivery. From a regulatory compliance perspective, this enables vendor management to identify potential risks across the service delivery ecosystem at both a macro level, in terms of mobilizing global response to a new compliance requirement, and at a granular level, in terms of identifying a specific vulnerability within an individual provider.  In practice, this strategic role means that VMG is involved early and often in the sourcing lifecycle, so that the frameworks and communication guidelines essential to effective third-party oversight are clearly defined and baked into the relationship, rather than tacked on as an afterthought.

Top-performing organizations are also rethinking their approach to sourcing VMG.  The function has traditionally been retained by the client organization. While this approach enables consistent oversight of multiple agreements, mature enterprises are increasingly exploring the potential benefits of engaging third-party specialists to manage the day-to-day oversight of transactional activity and collection of operational data. Under this model, the client organization retains strategic, value-add activities, and hands off routine, administrative and tactical activities to the provider.

Outsourcing vendor management provides several key benefits. From a regulatory compliance perspective, a third party specializing in VMG is better positioned to drive the required process discipline, standardization and consistency.  In terms of cost, outsourcing VMG results in annual savings that average approximately 30 percent, primarily as a result of labor arbitrage that leverages cost-efficient offshore resources and delivers a five to one improvement in retained FTE requirements. Since additional workload can be absorbed primarily by offshore resources, the model is also more scalable.

This article originally appears in Supply & Demand Chain Executive.  

About the author

David England offers more than 25 years of experience in information technology outsourcing with extensive experience in vendor management, change management advisory services. He has provided outsourcing advisory services for a number of clients supporting RFP development, provider selection retained organization design, vendor governance and obligation management.