Home Banking How Can Banks Improve Supplier Resilience in an Era of Growing Risk?

How Can Banks Improve Supplier Resilience in an Era of Growing Risk?

by internationalbanker

By Keith Berry, General Manager, Compliance and Third-Party Risk Management, Moody’s





The connections between banks and their suppliers are both conduits of opportunity and potential vectors of risk. As global suppliers are stretched across increasingly complex networks, banks find themselves at a critical juncture.

Imperatives to increase visibility into all links within a supplier network are growing. Regulatory landscapes across the European Union (EU) and the United States have evolved in recent years, requiring banks to have greater insights into with whom they are doing business, whether suppliers or suppliers’ suppliers.

Similarly, changing market demands, such as the growing emphasis on ESG (environmental, social and governance), necessitate even more rigorous supplier risk assessments. Whereas previously, price was often the deciding factor in supplier relationships, reputational risk has reached equal significance. No bank wants to enable a supplier with operations and practices that are noncompliant, unethical or in conflict with its ESG goals.

Supplier-related risks, considering all these factors, are growing exponentially in an increasingly volatile geopolitical landscape. Global conflicts, elections and political tensions mean supplier relationships are becoming increasingly complex and multifaceted at a time when organisations should be diversifying their supplier networks to ensure resilience.

Regulatory and market drivers

Transparency across supplier operations is no longer a luxury but a regulatory and ethical obligation. Legislations such as the United States’ Uyghur Forced Labor Prevention Act and Germany’s Supply Chain Act exemplify a growing trend towards legal frameworks that mandate clear visibility into the origins and operations of suppliers. These laws, with their global reach, compel banks to look deeply into their supplier networks, ensuring that every link—from the largest corporate ally to the smallest subcontractor—meets stringent standards of ethical practice and legal compliance. Under the German Supply Chain Act, for example, the onus is on organisations to take action to address risks and then document and report on their efforts to ensure compliance with regulations.

Much EU regulation affecting supply chains encompasses similar reporting requirements, such as the Corporate Sustainability Reporting Directive (CSRD). Large companies and listed small-to-medium enterprises are required to report their businesses’ sustainability impacts, part of which includes sharing their due-diligence processes for ESG impacts within their supplier networks.

This drive for transparency isn’t merely about avoiding penalties; it’s about building trust with stakeholders and demonstrating a commitment to the ethical practices that resonate in today’s markets, with consumers and corporates equally conscious. Not doing so can have drastic impacts on an organisation’s reputation. 

Changing suppliers

Increased visibility into supply-chain operations may reveal risks associated with existing suppliers, prompting banks to reevaluate and potentially change their supplier networks. Driven by regulatory and reputational requirements, increasingly volatile geopolitical landscapes, trade tensions, regional conflicts and shifting alliances, banks may seek to diversify their supplier bases to mitigate risks.

However, diversifying supplier networks introduces new challenges and potential risks that must be carefully managed. Banks must conduct thorough due diligence on new suppliers to assess their financial stability, operational capabilities and compliance with relevant regulations and standards. This process should involve a comprehensive risk assessment that accounts for factors such as the supplier’s location, industry and reputation.

Moody’s data has found that US companies, in particular, have been diversifying their supply chains away from China. Yet there are, of course, risks associated with alternative markets—some of which may be less familiar. Countries such as India can be attractive options for supply-chain diversification, given their abilities to offer low costs and large, skilled workforces. Yet understanding the full risk picture before making decisions is important. For instance, Moody’s data found a 120-percent increase in supply-chain risk events associated with entities in India from 2018 to 2023. These must be understood and factored into a bank’s supplier due-diligence process.

Likewise, the COVID-19 pandemic exposed vulnerabilities in global supply chains, leading many organisations to prioritise resilience and agility, not just cost. As a result, many companies are now considering strategies to combat the disruptions caused by the pandemic, such as moving production closer to end markets, diversifying supplier bases or investing in digital technologies to enhance supply-chain transparency and responsiveness.

As banks adapt to these changing supply-chain strategies, they must also ensure their risk-assessment processes keep pace.

The role of robust risk assessments

Coping with global factors, regulations and compliance developments requires banks to understand the nuances of risk exposures through every tier of their supplier networks, and this is a challenge. A holistic supplier risk assessment is required, best defined by three key areas:

  • Regulatory-compliance risk: Ensuring regulatory compliance with legislations related to anti-money laundering (AML), sanctions, forced labour and more is a critical first step in managing supplier risk. By leveraging the right screening tools, hidden risks across supplier networks can be uncovered, including exposures to sanctioned entities and those sanctioned by extension.
  • Fraud risk: Fraud is constantly evolving and taking multiple new forms. While shell companies can be used for legitimate purposes, such as facilitating cross-border transactions, they can also be exploited for illegal activities, such as money laundering, tax evasion and fraud. Banks should pay particular attention to shell companies due to their often opaque natures, making it difficult to identify ultimate beneficial owners (UBOs) and the company’s true purpose. Compliance teams must screen shareholders, parent companies and directors against adverse media to uncover any fraud histories or known risky business behaviours that could bring underlying risks to the surface.
  • Potential reputational risk: Reputational damage can overlap with regulatory risk, as sanctions, bribery, corruption and environmental damage all have the potential to harm a bank’s brand significantly. Banks can use intelligent screening—automating adverse media screening, for example—to assess a supplier’s risk profile, determine if incidents are isolated or recurring and identify potential reputational risks outside tolerance. This screening helps banks make informed decisions about their supplier relationships and protect their reputations.

In dealing with complex supplier networks and multiple risk factors, companies that adopt a holistic approach that includes all risk areas across their supply chains will be best able to reduce these threats. While this approach will be informed by a company’s risk tolerance, changing markets and increasing imperatives necessitate greater insights.

The future of supplier risk management

The key to success lies in developing a comprehensive understanding of the risks within a supplier network at every level. Leveraging the right technologies to identify and address risks proactively enables mitigation and resilience.

By investing in advanced automated, intelligent screening tools and conducting thorough supplier due diligence, banks can build resilient, adaptable supplier networks that are well equipped to weather the challenges of the interconnected global landscape.

Ultimately, the banks that thrive in this new era of exponential risk management will be those that recognise the critical importance of balancing opportunity and risk and are willing to invest in the processes and technologies needed to strike this delicate balance.



Keith Berry is the General Manager of Compliance and Third-Party Risk Management at Moody’s. In this role, Keith leads a high-growth business segment that leverages data-led technologies to help organisations conduct effective due diligence in the era of exponential risk.


Related Articles

Leave a Comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.