Nick Ralphs – NJR Procurement

Third Party Risk Management In A Start Up

£270m  spend  p.a.    approx  1000  contracts  

300  branches  and  5000  staff  

£20bn    loans  

William

s and Glyn

Context

£1.8bn spend. 2000 contracts

Influence over £1bn cash

20m policies

Direct Line G

roup

Large Start Ups

What Are The Risks ?

Non - Compliance to external legislation and regulation plus W&G internal policy framework

Inappropriate Supplier Selection

Poor In Contract Performance

Fraud

Keeping it simple

End to End Purchasing and Contract Management Approach

Data  Gather  &  Analyse  

Iden@fy  Opportuni@es  

Define  Selec@on  Approach  

Conduct  Supplier  Selec@on  

Finalise  Supplier  Selec@on  

Governance   Implementa@on  Supplier  &  Contract  

Management  Iden@fy  &  Tier  Requirements    

Supplier  Deployment  

Category  Strategy  

Mandatory  Ac0vity  

Core  RFP  using  Esourcing  pla;orm  

Mandatory  Documents  

Sourcing  Plan  

Mandatory  Documents  

Supplier  Selec@on  /  Due  Diligence  Output  

Mandatory  Documents  

1.  Contract  Checklist  Form  2.  BCAP  3.  Contract  

Mandatory  Document  **  

Tier  Services  

Category  Strategy  

** = only when applicable

Carry  out  1st  LOD  Assurance    Ac0vity  

Mandatory  Documents  

Contract  Control  Sheet  

Governance  Select  Supply  Base  Define  Sourcing  Plan  Define  Business  Need  

Mandatory  Ac0vity  

**  

Mandatory  Ac0vity  

Tiering

5

• The  supply  of  an  outsource  services  of  such  importance  that  weakness,  or  failure,  of  the  services  would  cast  serious  doubt  upon  the  firm’s  con@nuing  sa@sfac@on  of  the  FCA  threshold  condi@ons  or  compliance  with  the  FCA  Principles    

Material  Outsource  

• The  failure  or  poor  performance  of  the  supplier  would  have  a  direct  and  immediate  impact  on  the  customer  experience  and  the  impact  would  be  significant  or  major  as  defined  within  W&G  Impact  Assessment  Criteria;  or  • The  supplier  will  be  represen@ng  W&G  directly  with  our  customers  

Customer  Cri@cal  

• The  supplier  handles/hosts  secret/classified  W&G  informa@on;  or  • The  supplier  will  be  handling  confiden@al  customer  or  any  other  personal  data;  or  • The  supplier  has  staff  accessing  W&G  systems  or  staff  with  unaccompanied  access  to  W&G  sites  

Informa@on  Security  

• The  suppliers  opera@ons  based  outside  the  UK  or  Europe  Offshore  

Tiering will influence legal agreement, sourcing requirements and on-going contract management

Where Purchasing are engaged the Strategic Purchasing Approach (SPA) is followed. The SPA follows a risk based approach and sets out minimum standards to be employed on the activities below :

Purchasing Approach - Controls

Sourcing  Plan  

Due  Diligence  

Selec0on  Outcomes  

Financial  Governance  

Contract  /  Contract  Checklist  

Contract Management Activities - Overview

•  Understand  the  contract    

•   Contract  Management  

Control  Document  

•   Risks  and    Issues    

•  Due  diligence,    *  Policy  compliance    *  Contract  change  

control        

•  Performance  reviews  

•  Purchase  To  Pay  

•  Con@ngency  plans,  *  Exit  plans  

•  Supplier  BC  plans  in  place  

Contract  Start   Contract  End  Contract  Performance  

8

Policy Assurance

Adequacy  

Process  Review    

Control  Environment  Assessments  

Excep@ons  To  Policy  

Issues    

Effec@veness  Results  

Best  Prac@ce  

Biannual  Cross  Business  Forums  

Effec@veness  

FLOD  Reviews  

Mandatory  and  Non  Mandatory  Ac@vi@es  

Contract  Control  Documents  

Key Lessons

Resource for Design and Implementation

Judgement Requires Strong Performers

Simplicity And Clarity Drive Compliance

Specialist Contract Managers

Collaboration, Testing and Testing