Spot Non-Compliant Third Parties Early

The wrong business relationship can land your company in hot water. Partnering with a third party that isn’t insured or has a checkered background may result in monetary losses if an unexpected incident arises. 

But there is one proven way to reduce your risk: compliance monitoring. Making sure your third parties maintain their policies can protect your organization. If something happens and a partner is responsible, you can file a claim with their insurer rather than your own. 

How do you know if a company no longer has insurance or their coverage falls short of what’s necessary to protect your business? Try implementing a process to pinpoint missing documentation from your vendors. 

Step 1: Identify Non-Compliant Third Parties

Onboarding is part of signing on any new supplier, vendor, or third party. When you bring on a new vendor, you want a system to assess their compliance.

Review Insurance Coverage

Does your new vendor have valid insurance? You can find out more about this by requesting a Certificate of Insurance (COI). The COI: 

• Indicates the policy’s coverage dates and limits
• Shows the types of incidents it covers, from liability to workers’ compensation claims

Your vendor’s coverage should meet the terms of your contract and any regulatory requirements. Be sure to check for any policy gaps. Vendors might have policies from several different insurers, not just one. Creating a matrix of the coverage needed for each project helps prevent inconsistencies.

Verify Documentation Validity

Insurance policies don’t last forever. They have end dates, so confirming a policy is still active is important. Check the COI’s effective dates to be sure. If the policy will expire before your new business vendor finishes the project, ask for an up-to-date COI. That can help you avoid coverage lapses that expose your business to claims.

You should cross-check the details of your vendor’s COI with the contract terms and any relevant regulations. Also, check the coverage limits — if they fall below project requirements, your organization may be responsible for any losses the policy doesn’t cover.

It’s smart to verify your vendor’s COI directly with the insurer. While this requires a bit more effort, it may protect you from unscrupulous suppliers who use false documents. 

Leverage Risk Alerts

A monitoring system can alert you to expiring COIs and vendors with incomplete onboarding details. You want to know when a current vendor’s policy comes up for renewal so you can request a new certificate. 

Try setting up a calendar alert a few weeks before the renewal date. When the alert pops up, ask the vendor for a new COI. Regular check-ins can help you avoid missing or expired documentation. 

Our system takes this a step further by automatically notifying third parties 30 days before their certificate expires, prompting them to provide updated documentation and ensuring continuous compliance.

Assess Risk Profiles

Some vendors may be riskier to work with than others. Before hiring a new third party, do a complete background check. Verify their legitimacy by confirming registration status and official addresses. You might also confirm any individual contacts are company representatives.

Few companies operate without a web presence. Check their online footprint via their website and any third-party reviews. You might verify they provide consumer protection and use up-to-date security tools. 

Another factor to consider is legal history. Look at the vendor’s history of regulatory and legal actions and whether they’re subject to sanctions. These checks may be arduous, but they can help avoid future costly partnerships.

Step 2: Communicate Non-Compliance Issues

Clear correspondence may avoid disconnects with third-party vendors. Try creating workflows for common non-compliance issues like expiring COIs. Simple pre-filled messages allow them to address any compliance gaps without the need for back-and-forth communication. That can dramatically expedite issue resolution time for efficient risk management.

Give your vendors a clear timeline for resolving any issues. For example, you might ask for a new COI by a specific date and list the consequences if you don’t receive it on time. This may be enough to spur a non-compliant contractor into action.

Some companies use self-service tools that allow vendors to upload new COIs and other supplementary documentation. The Evident Network can help with that — our system offers a streamlined and simplified process for managing the credentialing process. Every time a vendor logs in to the system, they receive live status updates and recommended next steps.

Step 3: Monitor Compliance Continuously

Your responsibilities don’t stop after you onboard a new third-party vendor. Because things can change quickly, staying on top of your vendor’s documentation is critical.

Implement Ongoing Monitoring

A full-fledged compliance platform (like Evident’s) can immediately monitor a vendor’s certificates of insurance and other documentation. Knowing when their coverage is nearing expiration means you can ask for proof of their renewed policy. A well-developed platform alleviates the hassle of manual processes and reduces the risk of compliance oversight, which is a genuine concern for busy office staff. 

Keeping track of policy renewals and provider changes helps avoid coverage gaps. It can also flag inconsistent documentation, so you can ask the supplier to update their information before it becomes problematic. 

Utilize Reports

Whether you rely on manual processes or a dedicated compliance platform, a dashboard can provide insights into higher-risk third-party vendors. If you create one yourself, consider the criteria you want to monitor most and include them prominently. For example, you might include upcoming insurance policy renewal dates, business licenses, or other regulatory-related documentation. You can retrieve information for your dashboard from a spreadsheet or database.

Evident’s third-party risk management platform comes with a pre-configured dashboard. You can customize it to your organization’s needs, so you always know when a supplier poses a non-compliance risk.

If you work with a vendor that’s previously let their insurance expire or posed other risks to your business, pay particular attention to their compliance status. When it comes time to renew their documents, send a request well in advance. That allows them to update their records with you. It may also alleviate risk to your business should a claim arise. 

Step 4: Handle Persistent Non-Compliance

You may work with vendors who don’t stay on top of their compliance responsibilities. Try these techniques to address problem contractors.

Escalate Issues When Necessary

Is there someone in your organization who is the main point of contact with the vendor? Ask them for help. Explain the situation and how it may expose the organization to unnecessary risk. 

For example, suppose a third-party vendor is charged with maintaining heavy-duty equipment. They haven’t responded to your request for an updated liability insurance policy. If something happens to business property while they’re working on it, there’s a risk the insurer won’t cover it because of an expired policy. That’s a financial concern that exposes your organization to monetary losses. 

The stakeholder will likely contact the supplier with your concerns. Their relationship might help you get the documentation you need a little faster. But if the problem continues, it’s worth investigating other suppliers and terminating the partnership. 

Utilize Compliance Flags for Financial Controls

Delaying payments for contractors who fail to maintain their insurance may facilitate better adherence. Try integrating data with your enterprise resource planning (ERP) system and restricting payments to suppliers who fall behind on their documentation. A lack of incoming funds has repercussions for contractors who rely on them for business operations. Delaying payments will encourage them to update their details and may improve overall supplier compliance.

Document the Process

Whenever you send a non-compliance notice to a third-party vendor, save a copy for your records. Keep a thorough history of every supplier’s compliance documentation so it’s available if a legal issue or claim arises. Your records may be helpful if your organization ever faces a lawsuit involving the supplier. 

Non-compliance records help in other cases, too. If your organization opens up a new contract and accepts bids from local third parties, you can compare records of old suppliers that didn’t maintain compliance. That can save your business from working with a problem contractor again.

Audit Third Parties Regularly

A vendor may fall behind on compliance responsibilities after winning a contract because it no longer needs to go through the onboarding process. Consider random audits to encourage your vendors to maintain insurance and other documents. 

Let new vendors know your organization regularly spot-checks documents. You can also inform them of any consequences for non-compliance, like delayed payments or a canceled contract.

You can randomly select vendors for routine audits. Once vendors realize your organization takes compliance very seriously, they may work harder to keep their documents current.

Automate Compliance Activities With Evident

Manually tracking your vendor’s records can quickly become complicated. If you’re struggling with an outdated system and messy records, it’s time to upgrade to an automated compliance platform like Evident.

Our platform efficiently vets new third-party vendors with background and insurance checks. You can store all your COIs and documents in one place. Plus, you can set up automatic alerts when it’s time for a records update. To learn more about Evident, schedule a demo with our team.