5 Pitfalls of Vendor Risk Management Done by Humans

Categories
Tags

Identifying, evaluating, and prioritizing risks is essential if you want to avoid existential threats. It’s also necessary when it comes to your reputation and avoiding disastrous legal issues or data breaches. The problem, however, is that human error can only make matters worse. Specifically, there are five reasons why vendor risk management that’s done only by people does not produce the most accurate results.

1. Humans are not as detail-oriented as machines.

Being detail-oriented is a common qualification that employers look for among candidates. In fact, one survey found that over 67% of employers seek out this skill when reviewing resumes — it’s a competency that’s placed ahead of technical capabilities and interpersonal skills. 

Why is detail orientation such a sought-out after trait? Because “sloppy” isn’t in a detail-oriented individual’s vocabulary. As such, they tend to do great work because they’re efficient and commit to double-checking their work. And, they’re also reliable and trustworthy. 

However, there are some drawbacks to being detail-oriented. People possessing this trait can easily get overwhelmed and may even become micromanagers. Also, because they require a lot of information upfront it takes them longer to get started or fall into the trap of perfectionism. 

Even for the detail-oriented person, risk management can still be tedious and frustrating. For example, conducting vendor due diligence can be extremely time-consuming. An accurate vetting process or annual review of a vendor or, for instance, can take up to 12 hours or more. Obviously, you can’t shortcut this. But, this can be laborious and burdensome. 

Eventually, whether because you’re on autopilot or suffering from brain fatigue, you might make a costly mistake. But, that’s not the case with technology like AI. Artificial intelligence was designed to work on tasks that aren’t necessarily difficult, but tedious. And, whether you want to admit it or not, AI capability is much more detail-oriented than any human will ever be — they also don’t get burned and can remedy any potential human error.

2. Humans don’t have a catalog of all available risks in memory.

Are you old enough to remember the Sears catalog? If not, you could consider it the Amazon.com of its time. The difference was that this was a generous paper catalog delivered to your house. And, children couldn’t wait to flip the hundreds of pages of the iconic “Wish Book” that arrived for the holidays. 

Just like the famous Sears catalog, or Amazon, it would be impossible for you to recall every single item listed for sale. You just don’t have the real estate in your brain. And, besides, memory can also be influenced by factors like emotions

The same is true with risk management. 

While the human brain is amazing and you can without question remember most available risks, you simply can not recall them all. Also, you need to tailor risk to the vendor. Often, this involves assessing their strategic, reputation, operational, transaction, financial, and compliance risks. You may also have to consider other risks, such as liquidity or interest rate. 

Thanks to machine learning and dynamic risk assessment software, you don’t have to have all of this information stored in your mind. Instead, this data resides in the cloud and the real-time data you require can be accessed when needed.

3. Humans may manually accept unreasonable limits when forced to do require follow-up.

Have you ever visited a car dealer? They often promise to get you into a vehicle at a monthly payment that sounds too good to be true. And, it is. When you go to fill out the paperwork you might get disappointed to find out that your payments were much higher than previously promised. 

Risk managers tend to have the opposite ethos of a car dealer. However, as a part of your risk and portfolio management, you should have numerical thresholds that relate to exposures like credit, market, and liquidity risk. Having this data ensures that you can provide accurate and timely information when following up with a potential client. 

But, even if you’re relying on reputable databases, are you getting the most recent data? If not, then you may accept unreasonable limits that could be too high or low. If too high, the prospective, or even current, customers may search for a more favorable rate. If too low, you’re hurting your bottom line. 

Combining software with risk managers can quickly flag risks and provide access to real-time information so that you can accept reasonable limits. An example of this is Pharm3r that helps risk managers in the medical device and pharma manufacturing space understand their true supply chain and product liability risk.

4. Humans forget details. 

It happens to the best of us. You’re eating breakfast, as an example, and make a mental note that you need to buy more milk or bananas. But, then you get a notification on your phone. It’s a work-related email and now your mind is preoccupied with that.

Guess what? You completely forgot about your grocery list. 

Forgetting to pick up milk is a minor inconvenience. Forgetting important details when it comes to risk management could have serious implications ranging from legal, reputational, or operational risks. 

Even if you do jot down notes after a phone call, for example, will you be able to read your notes? If not, you’re also skipping out on the details. 

While technology won’t completely absolve this problem, it can help. You can use software to set reminders so that you won’t forget to contact a client. More importantly, automation in GRC software can flag risks that reoccur on an annual basis.

5. Humans are slower than machines.

Sorry. But, it’s true. 

There’s a robot that can lay 3,000 bricks per day — which is 500% faster than humans. Amazon boxing machines work faster than their human counterparts. And, AI-driven applications have a higher speed of execution, operational ability, and accuracy

Putting it all together. 

Despite these pitfalls, there will always be a need for a human element. Even though technology like machine learning and automation in GRC software can speed up processes and eliminate tedious tasks, it can not answer every unique question, perform deep-dive analysis, and critical thinking that’s involved with risk management.

In short, people and machines must work together. 

Related posts

August 14, 2021

Commercial Real Estate Liabilities Are Amplifying. How COVID’s Playing a Key Role

Read more
August 12, 2021

Economic Stress Tests Workers Comp Plans

Read more
August 7, 2021

Ripping off the Band-Aid

Read more