More than a matter of trust: Managing risk in extended business relationships
by: Deloitte & Touche LLP
Extended enterprise business models, a valuable business strategy for supporting corporate growth and business objectives in the competitive global business economy, can just as easily inflict damage and jeopardize the viability of an organization. A well-conceived Contract Risk and Compliance (CRC) program, however, can help companies better identify and mitigate the risks, while enhancing the benefits of such arrangements, and is the subject of a new whitepaper from Deloitte & Touche LLP titled, “More than a Matter of Trust: Managing Risk in Extended Business Relationships.”
The complex financial and legal agreements that govern extended business relationships are often poorly monitored and can lead to brand or reputation damage and/or the loss of millions of dollars in revenue through uncollected royalties, misreported transactions, and inadequate inventory controls. Often ignored or underutilized, a CRC program is a risk management tool that can help companies significantly boost their bottom line; mitigate risk; improve operations, processes and controls; and strengthen business relationships.
“Extended business relationships hinge on the level of trust between the partners--trust that the information being reported by the business partner for numerous business activities is as reliable as a company’s own internal transaction data,” explains Dave Zechnich, partner and leader of Contract Risk & Compliance within Deloitte & Touche’s Internal Audit Services.
But the reality is that information reported by an external business partner is often reported on the honor system and management typically has limited visibility and control.
“Trust requires periodic validation and verification. This is where a CRC program fits in – to substantiate trust in business partners and promote the integrity and reliability of both contracts and relationships,” Zechnich adds. “Executed properly, a CRC program can produce substantial bottom-line benefits.”
Zechnich’s point is supported in the following examples that are noted in the Deloitte & Touche white paper:
* More than $30 million recovered in misreported transactions by a major telecom company
* 15,000 pirated software licenses in Europe with an estimated street value of $1.5 million discovered by a global software company
* More than $4 million in unreported royalties recovered by a multinational technology company
Beyond protecting revenue streams and revenue recovery, CRC programs are beneficial in other ways, including reducing operational expenses, improved metrics, cost containment,transparency of controls and control enhancement, asset integrity, and relationship enhancement.
The Deloitte & Touche whitepaper offers a brief overview of some key components of a CRC program: people, processes, and methodologies. In designing an appropriate CRC program, Deloitte & Touche suggests considering the following six factors:
* Business objectives
* Complexity of contractual relationships
* Company culture
* Business partner compliance program owner
* Relationship between business partners and future expectations
* Timing of renewals
“An intelligently run CRC program is simply good business,” said Zechnich.
A copy of Deloitte & Touche’s CRC white paper is available at the link below.