All blogs

RiskTalk: Sustainability in third-party risk management

jelle groenendaal co-founder & cmo 3rdrisk
Jelle Groenendaal
February 11, 2025
3
min read

Sustainability in third-party risk management is shifting from a PR focus to a business-critical priority. In the latest RiskTalk podcast, Jille Luijckx (Deloitte) and Bram Ketting (3rdRisk) discuss the impact of CSRD and CSDDD regulations, practical supplier segmentation, and the role of technology in managing ESG risks. Organisations must act now to build a competitive advantage—waiting is no longer an option.

RiskTalk

Sustainability in third-party risk management: From complexity to control

In the latest episode of RiskTalk, the 3rdRisk podcast, our guests share their insights on the future of sustainable risk management. Jille Luijckx (Partner Sustainable Supply Chains at Deloitte) and Bram Ketting (CEO of 3rdRisk) discuss how organisations can effectively manage sustainability risks in an increasingly complex world.

While sustainability was once primarily a PR topic, it has now become a business-critical risk. The Corporate Sustainability Reporting Directive (CSRD) requires large organisations to provide detailed sustainability reports from 2024 onwards, while the Corporate Sustainability Due Diligence Directive (CSDDD) demands concrete action throughout the entire value chain.

"Legislation plays a key role," Jille explains. "Of course, there are societal discussions, but Europe is now also enforcing various regulations. This creates awareness and focus." These developments push organisations to look beyond just their direct suppliers.

Bram (left), Rudy (middle) and Jille (right).

Impact across different sectors

The impact of these changes varies by sector. In manufacturing and industry, electronics manufacturers, for example, deal with thousands of Tier 1 suppliers. Jille shares an interesting example: "Feed additives for livestock directly reduce emissions across the entire supply chain. It’s fascinating how something as simple as animal feed supplements can lower the total carbon footprint of a product in stores."

In retail, we are already seeing concrete examples of this transformation. Albert Heijn now displays CO₂ impact on packaging, which, according to Bram, not only improves transparency but also helps consumers make better choices. The financial sector is under perhaps the greatest pressure, with strict ESG reporting requirements directly influencing lending and investments.

A practical approach to implementation

Successfully integrating sustainability into risk management requires a structured approach. Jille describes an effective method that segments suppliers into three levels:

  • Entry suppliers, who are at the start of their sustainability journey,
  • Premier suppliers, who have made initial commitments, and
  • Champion suppliers, who act as strategic partners.

"With champion suppliers, you can have in-depth discussions about co-innovation," Jille adds. "This group, roughly 10–20% of your suppliers, can make a real difference in your sustainability strategy."

Technology as a critical enabler

The complexity of modern supply chains makes manual monitoring practically impossible. "You need to redesign your systems," Bram stresses. "If your solution is to send an email to a thousand suppliers, is that really the best approach? I don’t think so."

Modern platforms enable automated data collection, centralised risk monitoring, and real-time insights. This is essential for effective compliance and risk management in an international context.

Overcoming international challenges

One particular challenge is the global nature of supply chains. "In Asia, they often have no idea what we’re doing here in Europe," Bram observes. Successful organisations address this by providing information in local languages, using videos and visuals for explanation, and rolling out changes step by step through pilot projects.

The road ahead

Sustainable risk management is a journey, not a destination. The experts in the podcast stress that organisations should start small—but they should start. Begin by mapping your key suppliers, standardising requests, and implementing a central platform for monitoring.

Regulations are coming, and industry leaders are already building their competitive advantage. As highlighted in the RiskTalk podcast, the key to success is not waiting until you’re forced to act, but proactively developing a well-thought-out strategy that leverages technology effectively.

Table of contents

Heading 2
Heading 3
Heading 4
Get the latest insights on third-party risk management
By subscribing you agree to with our Privacy Policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Looking for an easy way to manage third-party risks?

Get a quick introduction to our third-party risk platform and make informed decisions today.

Book a free demo
Jelle Groenendaal
Co-founder & CMO

Want to read more?

Read more helpful content on third-party risk management and compliance.

Eraneos x 3rdRisk
TPRM essentials

A pragmatic approach for supply chain security under NIS2

As supply chain security becomes increasingly crucial, the NIS2 directive mandates that organisations implement robust cybersecurity measures. A risk-based approach is essential, starting with third-party classification and due diligence based on frameworks like ISO 27001 and NIST. Ownership and clear roles within the organisation play a pivotal role in ensuring compliance and effective supply chain risk management. Additionally, adopting a unified framework and leveraging smart tools like 3rdRisk can streamline security efforts, automate compliance tasks, and enhance resilience against cyber threats. By integrating these strategies, businesses can secure their supply chains and stay NIS2-compliant efficiently.
jelle groenendaal co-founder & cmo 3rdrisk
Jelle Groenendaal
February 16, 2025
3
min read
TPRM essentials

The evolution of supply chain management: From cost control to risk management

Supply Chain Management (SCM) is evolving from a cost-focused approach to one centred on risk management and regulatory compliance. With increasing threats such as cyberattacks and supply chain disruptions, businesses must prioritise Third-Party Risk Management (TPRM) and Supply Chain Risk Management (SCRM). European regulations like NIS2, DORA, and CSDDD are imposing stricter requirements on organisations, demanding greater transparency and security. Companies must adopt proactive strategies, including stringent data security measures and robust compliance frameworks, to safeguard operations and maintain business continuity in a rapidly changing landscape.
jelle groenendaal co-founder & cmo 3rdrisk
Jelle Groenendaal
February 2, 2025
3
min read
NIS2 compliance EU
TPRM essentials

Top 10 tools for achieving NIS2 compliance in 2025

Achieving NIS-2 compliance is essential for organisations operating in Europe, and selecting the right tool can make a significant difference. This article reviews the top 10 tools for NIS-2 compliance, assessing their strengths and weaknesses. 3rdRisk emerges as the best solution, offering an intuitive, user-friendly platform designed specifically for European regulations. Other tools like Auditboard, OneTrust, and Drata have specific strengths but fall short in areas such as usability, stakeholder engagement, and scalability. The article provides insights to help organisations choose the most effective compliance solution for their needs.
bodrik bakker customer experience specialist
Bodrik Bakker
February 14, 2025
3
min read
Dave van Gulik
Trust Alliance

“3rdRisk is our go-to platform for third-party risk and compliance management. Why? Because it’s based on the latest standards in our field, highly flexible, intuitive, and pleasant to work with.”

Book a demo
Read customer stories