ORACLE
deloitte US third-party failures [shutterstock: 304657877, AVN Photo Lab]
[shutterstock: 304657877, AVN Photo Lab]
Management Press Release

Deloitte: Third-Party Failures Can Cost Companies Up To US$1 Billion

One in two companies believe the cost of a third-party risk incident – such as a supply chain failure, data privacy breach or disruption to IT services – has at least doubled in the past five years (2015 to 2020), according to Deloitte.

The Deloitte research shows that companies estimate a third-party failure would cost them between US$0.5 to $1 billion, or more. These figures show a marked increase since 2015, when large multinational businesses estimated the cost of a third-party failure at between US$2 to $50 million.

Deloitte’s Extended Enterprise Risk Management (EERM) survey was undertaken between November 2019 and January 2020, prior to the outbreak of COVID-19 being declared a global pandemic. The global survey collates results of more than 1,145 respondents in all major industry segments, from 20 countries around the world. At this point in January 2020, 17 percent of organizations had faced a high-impact third-party risk incident in the past three years (up from 11 percent of organizations in 2019). High-impact third-party risk incidents relate to incidents with a severe impact on customer service, financial position, regulatory compliance and/or reputation.

Looking at the ways in which they could be financially affected, 30 percent of organizations surveyed thought share prices could fall by 10 percent or more if a third-party incident was not adequately managed.

Anzeige

 
 

Investment in responsible business

For the first time in five years, a desire to be a responsible business that effectively manages social and environmental issues throughout its supply chain was one of the key reasons companies invest in third-party risk management. Almost half (43 percent) cited it as a reason for investment. Despite this, a large proportion were still not allocating budget to associated areas – 74 percent of respondents had not allocated funds to managing climate risk, 57 percent to environmental risk and 54 percent to modern slavery and labor.

Over half (59 percent) of respondents thought they were under-investing in EERM, though this fell from 70 percent last year. Budget for managing third-party risk was skewed towards certain areas, including information security, cyber risk, data privacy, and health and safety. This is largely in line with the largest proportion of third-party incidents, which were related to cyber risk, bribery corruption and information security.

Source:
Deloitte

About the author

E-3 Magazine

Articles published through E-3 Magazine International. This includes press releases by our partners as well as articles and reports from the E-3 team of journalists.

Add Comment

Click here to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Social Media

ad_banner

Newsbites Sidebar Header

Our Authors
Anzeige