If you are in any way connected with the world of third party risk assessments and compliance, then you would have encountered the terminology being used to describe the vast scope of an organization’s third party ecosystem. ‘Third Party Network’ and ‘Third Party Vendors’ are among the phrases that I have come across. However, in my view those descriptors do not quite capture the true living intermingling characteristics of third party relationships. I call it a 3rd Party Ecosystem because the term ‘ecosystem’ most accurately captures not just the inter-dependence of all the components of the network, but also their joint and individual interaction with their environment.
A business ecosystem is a living system, dynamic, changing and constantly interacting with its own components and with those in the outside world. Every element in the system impacts the whole. That could be a distributor, a vendor, an ad agency, a subsidiary or a candidate for a merger, or even a joint venture partner in another hemisphere.
Let’s talk very briefly about Third Party Ecosystem Risks.
A seemingly minor incident involving your official working in an overseas business division who might have purchased gifts for a customer might be a violation of the FCPA or the UK Bribery Act. A component in a toy manufactured under a company’s brand name might require reporting under Section 1502 of the Dodd Frank Act. A fine print on the label of a bottled beverage might become the subject of an activist’s campaign triggering an investigation by the relevant government authorities. Third party ecosystem risks to business organizations are on the rise, both due to a changing legal climate, and increased activism from a socially aware global consumer-base in a wired world. Ignore third party ecosystem risks at your peril or take them by the horns.