The internal strategies we have discussed thus far are powerful approaches to building and maintaining trust in the marketplace. However, under certain circumstances they do not go far enough. When dealing with individuals, entities, and issues such as regulators, contracts, technology standards, supply chains, and sustainability matters, the assurance of a well-regarded independent third party can go a long way toward establishing and maintaining credibility with stakeholders.
Particularly in industries where increased regulation seems imminent, some companies see value in being at the forefront of providing the most credible information possible and potentially influencing how new reporting requirements are defined.
In the financial services industry, for example, institutional investors have begun seeking greater transparency around internal controls. In response, one major alternative-asset manager produced for investors a detailed, independent assessment of its trade flow processes and controls. While investors remain most interested in market performance, the fund’s reporting also offers substantive information about financial controls that most other funds do not.
In other industries or business areas where regulation is imminent but uncertain, companies are preparing for greater scrutiny—getting their houses in order, so to speak. For example, although not subject to SEC rules such as Sarbanes-Oxley, Duke University Health System voluntarily conducted a third-party review of critical processes and controls.
Not many business deals are based on a handshake. Most are sealed by a contract containing provisions to which both sides agree. Trust in those provisions, though, must be based on a level of transparency and validation associated with the business processes of all parties.
While this has always been true, it is particularly so in the digital age, where the procedures, controls, and infrastructure around electronic distribution and royalties associated with products such as MP3s, e-books, and ringtones can be difficult to manage. Also affected are such traditional services as audience measurement—critical in determining advertising rates—that are being dramatically impacted by the transition from a broadcast to an online environment. In this highly competitive landscape, the company that can assure its clients that they are being fairly compensated and that their intellectual property is safe can achieve a considerable competitive advantage.
Perhaps the biggest area of cross-sector risk today involves data privacy, integrity, and reliability, and concerns arising from IT trends, including cloud computing, offshore data centers, digital transformation, and social networking. Any large organization with consumer reach—from hospitals adopting electronic health records (EHRs), to banks responsible for safeguarding customers’ financial information, to any organization, online or brick-and-mortar, that accepts or issues credit cards—has a need to maintain information security, and more and more companies are working to provide their stakeholders with independent assurance that their personal data are safe.
One commuter bus and rail operator, for example, certifies its compliance with data security standards to reassure customers and payment card providers. With a significant amount of revenue coming from credit and debit cards, the organization must be sure that it is protecting customers’ personal information.
As supply chains, including outsourcing and offshoring partners, become longer and increasingly complex, companies are more vulnerable than ever to disruptions that can decimate shareholder value. In fact, an analysis of 600 companies experiencing supply chain disruptions found that their average shareholder value dropped, and their stock prices experienced greater volatility than their peers for years after the event.10 (See Figures 2 and 3.)
For companies dependent on their supply chains, poor quality, delivery failures, and even business failures can be catastrophic, making the transparency, financial security, and quality control of supply chain partners more important than ever before. As companies evaluate the trust issues around their supply chains, they are asking the following question: Will others protect my interests as well as I do myself?
The business press is brimming with examples of supply chain failures that have wreaked havoc on corporate reputations, and CEOs are taking note and providing independent verification that their promises to customers and business partners are true and that they have in place sustainable, repeatable processes for ensuring data, technology, or product quality.
For example, the CEO of one prominent consumer apparel company uses independent evaluations to certify that his factories meet global safety and human rights standards and that his products don’t contain lead or chemicals that could cause an allergic reaction.
To achieve similar ends, another company, American Semiconductor, is in the process of certifying the management practices of its supply chain. Company leaders believe the assessment on internationally recognized standards will be valuable in attracting new customers who view it as an important policy.