Many mid-market firms recognize the risks third-party relationships present, but few get it right when it comes to budgeting. This is particularly true of firms whose third-party ecosystems have grown enough to require a more sophisticated approach, but whose compliance practices remain trapped in a small-company mentality. I recently contributed an article to Entrepreneur that outlines how to develop a cost effective, holistic risk-management approach. In part:
“It’s common to find firms that have cobbled together compliance budgets as they’ve grown and never stopped to think about it holistically. They end up with critical gaps that cost more to set right later. The erroneous belief that smaller companies are less likely to draw the attention of regulators often underpins this haphazard approach.
Compliance program budget battles are an inevitable reality for mid-sized company GCs and procurement professionals. Fortunately, there’s growing evidence to justify the expense. In particular, technology that centralizes, automates and controls the compliance response is becoming essential to cope with rapidly changing regulation and digitalization of customers’ private data.
But it’s not enough to simply buy some software and put up your feet. Budget should also be allocated to follow up on problems identified by technology, such as cutting relationships or remediating them. ”
READ THE FULL ARTICLE – “What Your Company Gets Wrong About Compliance”