With an ever-growing practice of outsourcing functions across the entertainment industry and an overall increase in reliance on third-party contractors to perform what in-house employees had traditionally done in the past, a key question comes to mind: What should entertainment companies do to monitor such functions from a cost control, compliance and/or risk management standpoint?
While the decision to use a third-party vendor is likely supported by a positive cost-benefit analysis on the front-end, as a former director of internal audit and forensic accountants, we have witnessed so much that could potentially go wrong.
Here are some questions to consider as you evaluate your vendor-monitoring program:
- Are we being overcharged for the products and/or services? Are there any indications of past invoice errors that could represent a worrisome trend?
- Are we being charged for any indirect and/or overhead costs that were not agreed to?
- Are the goods and/or services provided up to our company’s standards?
- Is the vendor reliable and responsive to requests?
- If the vendor’s system is connected to our company’s system, have the proper security measures been implemented and are they being adhered to, or could our company’s system potentially be hacked?
- Is the vendor treating its employees and our customers (if applicable) fairly and in accordance with our company’s standards?
- Could there be any risk of fraud?
While there are inherent risks in outsourcing or relying heavily on vendors, your company should have a well-published, easy-to-follow vendor compliance program, which may include the following key elements:
- Acceptance and Termination of the Vendor Relationship:
- Set clear guidelines and expectations, both verbally and formally (in writing), of the goods and/or services that are to be provided by the vendor. In addition, set clear timelines for ordering and processing.
- Set a plan for receiving and reviewing budgets and seeking advance approval of the budgets by the company, where applicable.
- Identify a contact person for both the vendor and the company, and establish regular and frequent check-ins.
- Set a specific plan to address and resolve problems, if and when they occur.
- The acceptance process should require representation and verification of the minimum requirements of the vendor, vetting of references and a general background check. As part of the process, the company should require that the vendor agreement include audit rights and other periodic certifications and/or representations regarding system controls and other security and quality controls.
- If needed, the termination process should be triggered based on various criteria, such as noncompliance, missed deadlines, poor quality, fraud, etc.
- Periodic Desktop Monitoring of Vendor Compliance:
- Monitoring of employee and/or customer complaints to identify potential trends and the quality of process relating to vendors throughout the supply chain.
- On a rotation and sample basis, compare the costs incurred for vendors as compared to their budgets and the terms of their contracts.
- On a rotation basis, the company may consider reviewing the books and records of selected vendors based on an annual risk assessment.
GHJ can support your vendor compliance programs through reviews of the following:
- Sales agents, licensees and/or sub-distributors
- Media buys
- Print and advertising costs
- Production costs
- General outsourcing of other functions and/or costs
If you need assistance in developing a vendor compliance program, please contact us.