The Humanitarian Side of Vendor Management

A report on human rights published by the Ethisphere Institue, BDP International, Human Rights First, Thompson Reuters Foundation, Cordery and Marriott International, Inc,   details how technology can be used to monitor compliance with anti-human trafficking and anti-corruption policies.  G2Link's platform is used by BDP International to monitor their vendor compliance real time. 

Read More

NACUSO 2016 Wrapup: Vendor Management and Compliance for Credit Unions

Last Wednesday (April 6, 2016), I had the opportunity to participate in a panel discussion regarding vendor management.  The session was titled "Vendor Management:  Annoying Chore or Strategic Tool?" and was moderated by Guy Messick, from Messick and Lauer (, and included Mike Scully, CEO of S3 Shared Services (, Jim Vilker, VP of Professional Services at Auditlink (, Christopher Sachse, CEO of Apogge IQ ( and our CEO Ed Sullivan ( The discussion was informative and well attended demonstrating the emerging interest in this topic. 

Guy Messick initiated the discussion by focusing on the strategic value of vendor management and the impact of CUSO and non-CUSO vendors with regards to vendor management. Jim Vilker from Audit Link (part of CU*Answers) spoke from the unique position of being a "super vendor" CUSO for many credit unions and delineated the related complexities inherent in the typical CUSO business arrangement. 

The discussion quickly turned towards vendor compliance and the particularly complex challenge CUSO's have in maintaining their compliance and enabling the compliance of their credit union clients.   They have several layers of "nested" connections that need to be monitored.  The discussion wrapped up with a review of the available tools and methods credit unions could leverage to effectively manage this problem. 

The new requirements for vendor monitoring and compliance are an exponential increase in activities that need to be completed or tracked.  The tools of the present are linear...basically spreadsheets and databases that enable individuals to manually enter data.  These types of solutions don't scale to solve the problem. 

G2Link has a unique approach to this challenge which we have written about here:  "The CUSO Vendor Management Knot."




B2B Credit Industry is Broken

Why is the credit industry so hard to understand? Credit Key

Why is it shrouded in secrecy?

Why is it so expensive?

Why is the information I pay for not current?

Why do I feel like my business is always the last to know when a supplier is in trouble?

Why indeed. These questions, and others, were the same questions I asked myself prior to creating the original idea behind G2Link. What I quickly found out is that I was not alone in asking these very questions. The status quo for determining trust and reputation has not changed for decades. It’s outdated, inaccurate and expensive. Why has no one come with an alternative? No one had; so I did. It’s called G2Link.

Here are a few reasons why the industry has remained the same for years:

They make a ton of money on data. Selling data is a primary revenue source for the credit bureau industry, which had US revenue of roughly $4B in 2011, according to Consumer Financial Protection Bureau (CFPB). With data, comes power. Even though this data maybe largely inaccurate (one in five consumers has an error in their credit report), without a better methodology, we are beholden to its output – and pay big money for mis-information.

They have 200 million files on consumers. Mistakes will be made. In fact, in the last three months of 2011, 33% of credit disputes by consumers regarding an item in their file were due to errors on behalf of the credit reporting agency, according to the CFPB. In another report issued by the CFPB, only an average of 15% of these disputes was resolved by the credit agencies.

Just exactly what are you paying for? A primary reason for inaccuracy in the data is that there are actually many different “scores” that the credit bureaus are selling. The result being a score that could be “meaningful different” then the true credit score, which could result in an unfair determination of creditworthiness, or worse yet, a favorable rating when the business is going out of business.

So, what is a business to do? Use G2Link to understand and monitor in real time business performance. Business relationships are built around daily interactions between companies, suppliers and customers. Through social media based partner, vendor and supplier interactions, our algorithm uses this data to establish in real time a company’s ability to meet its obligations. By capturing these “smart crowd” interactions, G2Link has developed a software platform that measures and scores these interactions to monitor, track and predict business performance. Instead of pulling an outdated, expensive and inaccurate credit report, the team at G2Link has built a software platform that provides more timely, actionable and clearer visibility into a company’s business performance. Better insight, means better decisions. Since our journey began in February, 2012, we are now tracking over 88,000 companies and have over 5,000 users that are experiencing a better way to measure financial performance.

Stop asking why and join the B2B trust and business reputation revolution at G2Link!




Failure Leaves Clues

When a business fails, the damage can be deep and wide.  Customers, vendors, partners, employees and even competitors all suffer.  Often the implosion of a business is a drawn out tragedy with a messy aftermath.  Rarely is a business’s demise quick and painless.  The good news:  failure leaves clues. 


 "It's difficult to make predictions, especially about the future." Yogi Berra


Businesses and industries fail for a multitude of reasons.  Bad management, too much risk, lack of information or a changing world have caused some of the best businesses to fail.  Business failure is a process, not an event. The bigger the business, the longer the process. For instance, it was two years from groundbreaking to bankruptcy for Solyndra. In that interim period of time there was a lot of positive news: $500M government loan, rising sales, and even an IPO filing. But, I bet, if you were in Solyndra’s ecosystem of customers, vendors and partners, there were a lot of clues. If these clues were communicated in a way that was available, a lot of the damage in Solyndra’s wake could have been minimized.

“Live in such a way that you would not be ashamed to sell your parrot to the town gossip. “
--Will Rogers

One of our key findings at G2Link is that our business peers may have the best clues.  A company is more than its payment history and its interactions with all players is key in assessing the reputation of a given company.  These business peers make up what we called a “smart crowd,” and by monitoring peer generated quality trends, we can get a view into future performance and hopefully the viability of a company over the long and short term.  As a company begins to fail several things happen before the reaper shows up. Quality starts to slip, key team members move on, payment history slides etc.  Individually, these events may seem normal in the course of business but cumulatively, they could be a big red flag.

In order to spot this information proactively, the information needs to be formalized and monitored.  At G2Link, we enable companies to monitor their key relationships and get alerts when things change....good news and bad news.  We're helping companies in many industries such as manufacturing, banking and healthcare.  Some use it for mission critical functions such as regulatory compliance while others use it to track competitors or sales prospects.

The basic service is free but we offer a tiered suite of services to meet the needs of companies of any size.  If you're interested, you can start a free trial by following the link below.


Proactive vs. Reactive Risk Management

Today, most companies, especially small and medium sized businesses perform reactive risk management. That is, when a key customer or vendor fails, it is an “all hands on deck” emergency to replace the revenue or key part of the supply chain.

This is due, in large part, to two main causes. First, the death of a business is usually a drawn out process which takes weeks to months. Second, the tools available for businesses to manage their risk are based on accounting principals which, by design are backwards looking. To practice proactive risk management, businesses need a tool which will enable them to be future focused.

For the purposes of this post, when we refer to risk, we mean the probability of a financial loss due to the failure of a customer, vendor or partner and not a catastrophic loss due to force majeure, project execution etc. which are also common point of discussion related to business risk. These types of risk are impossible to foresee and make insurance companies a lot of revenue.

“When beggars die there are no comets seen” (Julius Caesar (II, ii, 30-31))

Business failure is a process, not an event. The bigger the business, the longer the process. For instance, it was two years from groundbreaking to bankruptcy for Solyndra. In that interim period of time there was a lot of positive news: $500M government loan, rising sales, and even an IPO filing. But, I bet, if you were in Solyndra’s ecosystem of customers, vendors and partners, there were a lot of clues. If these clues were communicated in a way that was transparent, a lot of the damage in Solyndra’s wake could have been minimized.

“I’m digging in the dirt, To find the places I got hurt, Open up the places I got hurt.” (Peter Gabriel, Digging in the Dirt)

Accountants are sort of archaeologists. In fact, the four primary financial statements are all rear view mirror tools. Accountants dig through all of the financial transactions in a given period of time (in the past) and provide a window into a company’s financial fitness through the balance sheet, income statement, cash flow statement and statement of changes in equity. All of these tools analyze past events and have little if any future predictive value. Most small and medium businesses don’t freely share accurate financial statements and the business world is littered with examples of companies with stellar financial statements failing or behaving badly. Therefore, credit tools and risk tools which utilize or depend upon data from these financial statements are close to useless.

“You can never plan the future by the past.” (Edmund Burke)

From a risk management perspective, it’s hard to be proactive when you’re looking in the rear view mirror. As we discussed before, all of these decisions are basically trust evaluations. Imagine if all of Solyndra’s customers, vendors and partners had the ability to rate Solyndra’s performance and share the data either publicly or privately? Could they have eliminated or minimized their losses?

Crowdsourced business ratings can provide a meaningful tool for evaluating a company’s future performance. Especially when participation is maximized and data comes from the various aspects of the business (not just payment history) including a company’s performance as a partner and service provider. A bad rating from a vendor may not cause you to pull a company’s credit line, but it may prompt a conversation or cause you to modify payment terms. A yellow flag in the future is always better than a red flag in the past.


Hard facts on ROI on using G2Link to monitor vendors

If you’ve followed our press announcements or blog postings, by now you probably understand the benefits of smart crowd interaction to help measure and understand a company’s financial performance. As well, given this capability and the enormous pressure banks are under from a compliance perspective, G2Link becomes a very real and tangible game changing technology.

Related whitepaper: Vendor Monitoring ROI

What about costs? What about the accelerating costs of compliance? What might your costs be if you don’t take advantage of G2Link’s trust and reputation platform? Some good questions.

To get the answers we performed in-depth interviews with several banks in the Mid-Atlantic region with assets in the $200M to $2B range. The institutions were rated based on the self-assessed quality of their program and interviews were performed to determine the hard and soft costs of maintaining vendor compliance. The tasks measured were commonly performed by vendor managers and included the following:

  • New vendor due diligence
  • Contract management
  • Service level collection and review
  • Vendor review calls
  • Data acquisition
  • Site visits
  • Report compilation

The average number of vendors managed per employee at the highly graded institutions was 33. If we estimate the fully loaded rate per hour to $45, the average cost of compliance is detailed below.

Or a cost per vendor per year of $2,498. But wait there’s more. The latest guidelines from the regulators (OCC 2013-29) place an additional monitoring burden and cost on managing risk of 3rd party relationships. Below is an estimate of these new costs of compliance:

These new requirements add an additional $2,609/vendor/year. This brings the total cost per vendor to:

Average cost of compliance —– $2,498

New requirements ————— $2,609

Total ————————– $5,107/vendor/year

Wow! Over $5,000/vendor/year, and these costs are only going to increase as mounting pressure for compliance increases.

Let’s look at how the G2Link vendor monitoring platform can have a direct impact on the average cost of compliance (we won’t include the cost of new requirements in this analysis as they are, well, relatively new, and G2Link already saves you a bundle on just the average cost of compliance).

Two key features in our platform that automate the manual labor of collecting and analyzing data:

1). The G2Link dashboard provides a summary of all vendors at a glance. When combined with our alerts capabilities the vendor managers can monitor compliance proactively.

2). With G2Link Custom Trust vendor manager can establish custom criteria for each class of vendors. This feature requires the vendors to PUSH the data to vendor managers instead of them seeking it – virtually eliminating contract management and vendor review costs. See the chart below on how G2Link can help control vendor management costs.

Join other banks that are experiencing the movement to better vendor management. For $1,500/month, or $18,000/year gain better insight and be more compliant with G2Link.


Speed of Trust

I recently re-read Stephen Covey’s “The Speed of Trust:  The One Thing that Changes Everything,” and in light of our recent thinking on Trust and Reputation, I would like to emphasize a few points. First, that while Trust is important on a personal level, it is absolutely critical for business interactions. Second, Trust is not static. It can go up or down with the ebb and tide of normal business but it can be proactively managed and maintained.

In the opening section he recounts a meeting he had where one of the attendees expressed to him privately how he had distrust for the other attendees and stated: “Either you have trust or your don’t.” Covey closes that section stating that in fact there is a LOT we can do to establish and increase trust and that by doing so, will have a huge positive impact. Trust will always affect two outcomes; speed and cost. When trust goes down, speed goes down and cost goes up. Just look at the time/cost of airport security after 9/11. The reverse is also true; when trust goes up, speed goes up and cost goes down. For example, Internet commerce was broadly criticized during its emerging days while now, almost 20 years in, it has grown and eclipsed many of the brick and mortar retailers of the day.

A little deeper into the book, Covey recounts his experience with the merger between Franklin Quest and Covey Leadership Center to form FranklinCovey. He goes on to define Trust as confidence vs. suspicion in interactions with others and interactions between businesses. In fact he quotes many great business leaders like Jack Welch, Alan Greenspan and Jeff Bezos to prove his point that in business Trust equals SPEED!

“Trust happens when leaders are transparent, candid and keep their word.  It’s that simple.”  -Jack Welch

He wraps up giving us a tool to enable businesses and individual to manage Trust related risk which he calls the “Smart Trust Matrix.”  Like Covey’s father’s explanation of the Priority Matrix, the Smart Trust Matrix helps individuals to operate in a space of high trust vs. distrust. It’s a great tool and critical for businesses who want to assess and manage their reputations.

I agree wholeheartedly with Covey’s assertion that you can control your Trust and that it can be impacted positively if managed proactively. In fact, in our next software release, we plan on introducing a way businesses can control, grow and disclose their trustworthiness to others. A central depository of Trust, or as we call like to call it, a Trust Exchange.

What An Amazing Headline

What an amazing headline out of Ireland:

Some credit unions ‘unwilling to comply with the law’ – Central Bank – Friday, May, 2nd, 2014

What impact, if any, does this have on Credit Unions here in the US?

The report states that some credit unions still view risk management as a one-off exercise, done only to fulfill regulatory requirements. Of particular worry, the report says, is the fact that many credit unions have not updated their lending practices.

“It is of considerable concern that some credit unions do not as yet appear to have realistically addressed necessary improvements to their lending practices and credit risk management systems.”

Why? Could it be that legacy systems are too burdensome, expensive and out dated? Could it be that regulation has overwhelmed many institutions? What does this mean for credit unions here in the US?

At G2Link, we don’t believe it’s unwillingness on behalf of credit unions to comply with the law, but simply a lack of tools and technology to stay up with the regulation. We understand their situation and that’s exactly why we developed our risk compliance platform. G2Link is the first social media based trust and reputation software platform for financial institutions. Most organizations, especially banks, want to adhere to all regulations. However, the regulatory burden has become overwhelming and with outdated and expensive credit measurement systems, credit unions and other banks just simply keep up.

Before G2Link, businesses had limited options to understand and measure the trust and reputation of other companies. They relied upon outdated payment history and accounting data from a credit bureau to understand a company’s ability to meet its obligations. Using social media to capture the wisdom of the smart crowd, G2Link is enabling companies to take control of risk management by providing actionable, accurate and inexpensive business performance data.

At G2Link, we’ve spent a great deal of time listening to and understanding the compliance requirements financial institutions are under today. Most recently, G2Link attended the National Association of Credit Union Service Organizations (NACUSO) annual conference last week in Lake Buena Vista, FL. With close to 500 attendees, the overwhelming theme was, “we live in fear that we don’t have enough visibility across our third party vendor relationships.” We believe that it’s hard to discern the health of a dynamic company by “checking” in on them at random time and that companies should be monitored continuously in order to truly understand their performance. G2Link provides an interface for each company that displays their performance over time and a history of key events that are generated by the company, its key relationships or regulatory bodies.

Stop running your compliance department in fear and take control of your risk management at