Unlocking supplier value while managing risk, without creating drag or unnecessary cost.

Knowing who your suppliers are is the easy part - knowing how you assure them, and whether that assurance is proportionate, evidenced, commercially sound, and defensible, is where most organisations struggle.

Critical, important, and low-risk suppliers are treated identically - creating significant effort where it isn't needed and gaps where it is.

Risk, compliance, procurement, and IT each hold a piece of the picture, with no single view of where supplier risk actually sits.

Regulatory expectations are increasingly specific: SS2/21, DORA, Consumer Duty, and PS21/3 set clear obligations that many organisations are still building toward.

Most assurance activity is point-in-time - leaving organisations blind to emerging risks between formal review cycles.

Maturity Assessment: We conduct a structured assessment of your own supplier management capability across nine dimensions, producing a board-ready scorecard, evidenced gap analysis, and prioritised improvement roadmap.

Desktop Review: We review documentation and certifications publicly available or provided by the supplier without direct supplier engagement as a proportionate starting point for most third-party relationships.

Structured Questionnaire: We issue a DCR-designed questionnaire completed by the supplier, reviewed, challenged, and scored against a defined framework covering security, resilience, financial health, sub-contractor dependencies, and regulatory compliance.

Control Audit: We conduct a supplier-facing controls audit testing the design and operating effectiveness of controls relevant to the services provided - the most rigorous point-in-time assurance approach we offer.

Continuous Monitoring: We provide always-on monitoring combining automated tooling with periodic human-led review, covering security ratings, financial health alerts, and adverse news, with a quarterly DCR-led touchpoint and horizon scan.

Thematic Review: We review a single risk theme across all relevant supplier types - exit readiness, AI/GenAI exposure, sub-contractor concentration, or financial resilience - giving leadership a portfolio-level view of a specific risk that cuts across the supply chain.

Right-sized to the risk, not the firm: We calibrate every engagement to what is expected from regulators for a firm your size.

Fixed price, no surprises: We offer a fixed price per service, per supplier, including a fully costed annual programme. You’ll know what you’re spending before you start.

Built to withstand scrutiny: Every output we produce is designed to hold up under scrutiny from your Board, Internal Audit, and regulator alike. We know where the bar is and we’ve stood on both sides of it.

Practitioner support when you need it: We act as an extension of your risk and compliance function, available to support on escalations, regulatory questions, supplier incident and programme oversight.