Trust and Transparency Solutions

Establish trust with your stakeholders through transparent, relevant reporting

Today’s marketplace is crowded, and customers – whether businesses or individuals – are more discerning than ever. For organisations to succeed, they need to be trusted. Customers and stakeholders are looking for information that is relevant, reliable and provides them with assurance.

Building trust among customers and stakeholders is more than just good business practice. It’s an important source of competitive advantage that sustains long-term growth. 

Our Trust and transparency solutions team explore every angle of your business, increasing clarity and establishing trust at every stage of your business relationships.

Arrange a call with our experts

Business professionals, transparency over a background of buildings.

Governance and risk management

Do you have the right governance, processes and structures in place to monitor your third-party relationships? Can you report the right information to your stakeholders to give them assurance in your outsourcing solutions?

By aligning your interconnected risks with our industry-focused, holistic approach, we can help you assess and report on your third-party governance and risk management programme.

Providing our industry-specific skills in technology, regulatory compliance, accounting and other business processes, we can make your sourcing more strategic. This will improve your bargaining power, achieve economies of scale and forge better and longer lasting partnerships.

Providing services: Readiness review

Getting independent assurance of your readiness to do business with a stakeholder can be a key hurdle to clear. Your SOC 1 or SOC 2 readiness can be the thing that means the difference between securing a contract and losing out on a piece of work. 

A readiness review can also confirm the maturity of your operating model and the validity of the processes and controls you have in place.

We can help you by reviewing your processes, their risks and the controls you have in place to mitigate against them. We advise on optimising processes to have the best chance of obtaining a clean independent assurance report.

Providing services

Using services: Framework design and advice

Before you outsource a business or IT function, you need to consider third party risk management and how you are going to manage it. You can outsource the activity, but not the responsibility. The need for greater trust and transparency into your outsourcers’ operations, processes and results is a strategic imperative. You need to be confident that the outsourcer has the proper controls in place.

An effective supplier or contractor risk management framework can help manage the risk. Designing oversight frameworks that comply with regulations and industry practice can create a strong bond of trust with your stakeholders.

We can help to perform risk analysis of your overall outsourcing programme, as well as individual contracts.

Using services

Providing third-party services: External assurance reporting

Companies can effectively communicate accurate information about their risk management and controls framework through reports that enhance their trustworthiness and transparency.

Through a range of assurance reporting services, including SOC 1, ISAE 3402, SOC 2 and Agreed-upon procedures, we can help you objectively report on your control environment.

Customers and auditors can rely on these reports as well as providing the comfort and assurance your customers, suppliers, regulators and other stakeholders need.

SOC 1 / ISAE 3402

A client or potential client may ask you for a SOC 1 or an ISAE 3402 report. These reports allow them to understand and rely on the robustness of the internal controls in your organisation. Having them to hand provides considerable competitive advantage.

A SOC 1 or ISAE 3402 is often requested as part of a contract for services or in response to an RFP. Sometimes it will be in order for your client to continue to outsource their business to you.

We can work with you to select the right reporting framework for you and your stakeholders.

SOC 2

A SOC 2 report examines IT controls in place in an organisation. Clients need to be able to trust service providers who hold their data and a clean SOC 2 report delivers this assurance. It focuses on controls relating to security, processing integrity, confidentiality and privacy.

Organisations that hold client data or confidential information use SOC 2 reporting to give their clients reassurance that their data is safe and secure. This report is especially useful for SaaS and cloud-computing companies and organisations who hold confidential client data.

Cybersecurity

All companies are vulnerable to cybersecurity threats. Not only are their brand and reputation at stake, but also their bottom line. As reliance on third parties continues to grow, so too does the need for companies to fully engage effective cybersecurity risk management with the organisations they partner with.

Many companies are finding Cybersecurity Attestation reporting to be a valuable tool in providing greater transparency and mitigating risk. An attestation can also enhance reputation and provide transparency to the market, which is critical to maintaining the value of the company’s brand.

Regulatory Assurance

When a regulatory inspection is carried out, it can reveal a problem which requires independent confirmation that it has been resolved.

As well as being a defensive activity, ensuring regulatory compliance offers an opportunity to consistently strengthen your business through strategic measures. Being proactive can uncover value, even as it helps assure regulators you are adhering to their standards. Being able to show you are complying with regulations can also provide an advantage against your competitors.

Our global network of specialists in regulation, operations and technology can help your business to capitalise on opportunities, navigate risks and deliver lasting change by helping to create a resilient business culture.

Agreed-upon procedures

Any company that is looking to prove something to a third party that is not covered by another type of report can seek an Agreed-upon Procedure (AUP) report.

An agreed-upon procedure (AUP) is a very specific audit of information or business processes. It is generally agreed between three or more parties:

  • The party (or parties) who want audit completed
  • The party who is being audited, and
  • PwC, as the auditor

The value of an AUP comes from its flexibility, cost, and objectivity. Furthermore, an AUP can be tailored very specifically to the needs of the parties involved. 

EU Non-financial Reporting Directive

The new EU Non-financial Reporting Directive means that PIE companies and qualifying partnerships with more than 500 employees can be obliged to report on areas they currently do not monitor.

For financial periods on or after 1 August 2017 companies have to publish information about their policies in relation to environmental matters, the company’s employees, social matters, respect for human rights and anti-corruption and anti-bribery matters.

Using third-party services: Assurance and oversight

Service providers are increasingly becoming a critical part of an organisation’s delivery model. Businesses stay competitive by using multiple customer and vendor relationships and accessing specialised solutions and skills they do not have in-house.

However, this creates challenges around third-party data security, as well as increasing regulatory and compliance requirements.

Strengthening trust and transparency across your third-party relationships is vital but proving their probity is broader than just receiving a report over your third party. You can outsource activity but not the responsibility.

Having the right oversight and control of your third-party relationships can provide greater confidence for your management, board and shareholders, as well as for your customers.

Commercial assurance

Businesses tend to focus on what they are good at. For that reason, outsourcing is a rapidly increasing trend in business operations.

Third-party service providers can give your business access to a range of specialist services. Many organisations have come to depend on them for critical business functions.

When you are deciding whether to outsource, we can help you choose the right third party, define contract terms and provide assurance regarding the decision you have made. When determining whether third parties are adhering to contract terms, we can perform risk analysis of your outsourcing programme and agreements, as well as contract management and negotiation.

Ongoing review and assessment

When an organisation outsources activities to a third party, they can have the right to audit, inspect or review the provider they outsource an activity to. This can be in the terms of their contract, or may occur after an issue has arisen – the organisation may want to independently assure themselves that the matter has been properly remediated. 

PwC can partner with you in the ongoing review and assessment process, structuring or performing the audit itself.

Supply chain and integrity assurance

Consumers and other stakeholders care more than ever before about where products originate. The retail and consumer goods, manufacturing and renewables sectors are susceptible to supply chain incidents or failures.

Organisations need to better understand and control their supply chains. They also need to prove the origin of goods to their stakeholders. We can help build trust where greater transparency and confidence in this regard.

Media insight and assurance

Organisations need to unlock savings from their media and advertising investments. They also need to understand how their advertising budget is spent.

We help organisations understand how efficient and effective their advertising campaigns are. The methods we use include:

  • Customer data analytics: How well do you know your customers? How should you best communicate with them?
  • Marketing effectiveness: What is your marketing ROI? How can you optimise your promotions, sponsorship, TV, digital, press, radio and OOH spending?
  • Media spend management: How do you select the right media agency? How will you negotiate and contract with them, and manage them on an ongoing basis?

Our trust and transparency solutions

Establishing trust and transparency comes through communicating the right information, to the right people, at the right time.

That’s where we come in.

PwC’s core competency is in providing assurance of financial statements. Our Trust and transparency solutions team can provide this assurance over any aspect of your business.

When you need to prove something to your stakeholders, we can provide the reports you need. When you need to provide greater transparency, we will be your trusted third party.

We provide quality assurance processes and services. Get in touch today to discuss how we can build a solution to meet your needs and secure a better business future.

 

{{filterContent.facetedTitle}}

{{contentList.dataService.numberHits}} {{contentList.dataService.numberHits == 1 ? 'result' : 'results'}}
{{contentList.loadingText}}

Contact us

Fiona Gaskin

Partner, PwC Ireland (Republic of)

Tel: +353 1 792 6923

Follow PwC Ireland