Unmasking Your Vendors: How to Create Vendor Transparency

We all wear masks, literally and figuratively. We wear them for fun, safety, privacy and lately we’ve been wearing them everywhere for protection, health and compliance. Some say that wearing makeup or feigning a smile is a form of wearing a mask by, in some way, showing an exterior that is slightly different than what is within.

We all know there is a darker side of mask-wearing; like Eric in “Phantom of the Opera,” Stanley Ipkiss in “The Mask” or the villains from Scooby Doo — sometimes masks are worn to deceptively hide the ugly or unfavorable truth.

Understanding Deceptive Practices in Vendor Management

I know what you’re thinking. “What, pray tell, does this have to do with vendor management?”

Everything! Whether it’s blatant or subtle, intentional or accidental, most people are somewhat concerned with the perception of who we are and what we do. This is especially true in the professional world, when our livelihood is directly or indirectly affected by the impression we give. This is true with individual people, and as a result, can permeate into teams, departments and organizations. Our success relies upon the success of our work product and that of our brand.

Generally speaking, this makes the task of understanding our vendors’ controls a bit complicated. Client assessments, much like any other audit, are unavoidably under the context of seeking to uncover your problems. It doesn’t help that sometimes auditors have a way of walking in the door and pulling at peoples’ faces with the assumption that everyone has something to hide. It is, after all their job, to “uncover” or “de-mask” the truth. So, how do we go about our vendor due diligence effectively when we know that our partners in business are prone to putting on a mask?

3 Tips for Successfully Creating Vendor Transparency

Many people aren’t accustomed to responding to client assessments. Since they look and feel very similar to any other audit, they’re often handled by the same people and in the same way; with masks on, and any skeletons securely hidden in the closet.

Here are a few best practices for creating better ease and transparency:

1. Remind them you’re a partner. Make it clear to your vendor that you are a partner, not a regulator. You have invested in their services and entrusted them with your assets, and so their success is just as important to you as your own. A “same team” mentality may help alleviate fear of what may happen should you find any skeletons. Sure, vendor vetting can sometimes uncover cause for termination of a contract, but it’s best to save those discussions for worst-case scenarios. 

2. Highlight mutual interests. When we assess a vendor and ask about their internal controls, we are essentially trying to find out if there are any issues or gaps. As we know, this will likely lead to defensiveness and limit how much they want to be transparent. Take the approach that you have a responsibility to protect the assets and interests of your organization, and therefore are only interested in that which applies to you. Knowing that you’re not there to create unnecessary work or peek into every dark corner of their space will certainly increase their willingness to work with and be open with you.

Pro tip: Catering vendor due diligence to the services provided is not only key for fostering a good vendor relationship, but also essential in effective risk management and resource allocation.

3. Set collaboration goals. As you set the tone of partnership, it’s good to take the same approach with setting goals for remediation and enhancing controls. Sure, you'll likely request they make some changes in order to meet your standards, but you’d be surprised how helpful it can be to highlight that remediating controls is a team effort. There may be things you can and should do internally to assist with control gaps. This makes it seem less like you’re barging into their house and telling them what to do, and more like you are solving problems together in a practical way.

I always say that you catch more flies with honey than you do with vinegar. Perhaps that comes with a little mask-wearing of our own, given that we really do want to catch those flies (or, in this case, the skeletons in our vendors’ closets). Either way, ethical business practices have no need for deception. Vendor engagements are partnerships and mitigating any associated risks should be a team-effort. So, sign the NDA, take off the mask and get down to the business of creating a low-risk, win-win relationship.

There are common vendor management myths you should ditch this year. Download the infographic.