As a leading French mutual insurer, the COVEA Group – comprising the MAAF, MMA and GMF brands – is faced with an ever-changing regulatory environment. The proliferation of regulatory texts and the compliance requirements imposed by the supervisory authorities mean that insurers have to control their relations with third parties (customers, suppliers and brokers, at least). COVEA is therefore subject to stricter controls on its suppliers and must optimise the operational and regulatory management of its purchases. With the help of Bengs, COVEA has implemented a system to manage all the risks associated with purchasing and suppliers, while empowering employees to reduce the group’s exposure to these risks.
12 months to set up a reliable, auditable and managed third-party qualification and assessment system
In the first month, Bengs assessed the risk to COVEA of failing to act in relation to its third-party suppliers. The consequences are many:
- Financial and legal: economic dependence can cost the group up to 10% of its turnover and three years’ imprisonment for its director. Evidence of corruption among suppliers exposes the Group to fines of up to €1 million for legal entities and up to €200,000 for senior managers if prevention and detection measures are not implemented.
- Operational : the failure of a monopoly supplier could lead to service interruptions.
- Brand image: there is a risk that officially published criminal sanctions will be reported in the press, damaging the company’s reputation, particularly in the event of pollution or increased non-payment.
Convinced of the risks of inaction, COVEA’s senior management, in collaboration with the Purchasing and Compliance departments, asked Bengs to structure its Third Party Programme, focusing on suppliers and subcontractors. The main objectives were :
- Strengthen the supplier evaluation system
- Ensure a global and coherent view of the risks associated with relations with all the Group’s suppliers
- Ensure the convergence of supplier-related projects
- Accelerate consensus between business divisions
- Build clear, shared governance for supplier management over the long term
Once the governance of the programme had been defined, a new 9-month phase consisted of:
- Mapping 9 target supplier risks (economic dependence, financial health, duty of care, anti-corruption, anti-money laundering and combating the financing of terrorism, legal documents, RGPD, IS security and e-reputation)
- Identifying projects related to supplier management, modelling the portfolio of these projects and identifying gaps, interactions and redundancies between projects.
- Design a pragmatic risk qualification and assessment system and digitalise the associated processes and governance
- Adapt monitoring resources and action plans according to the criticality of suppliers, with regard to each risk.
Accelerating the transformation towards better control of third-party supplier risks
This complex, cross-functional and ambitious programme touches many areas and businesses. To achieve this, COVEA has implemented a transformation strategy to match its ambitions.
The first step was to make every employee aware of the risks of exposure as soon as a relationship is established with a third party. This was achieved by giving operational staff greater responsibility in the decision-making process and by adopting best practice. The next step was to strengthen the regulatory control of the business, which required a thorough knowledge of, and strict compliance with, the applicable regulations.
The final phase of the programme went beyond traditional change management. It involved careful coordination of actions at the intersection of projects and business lines, focusing on three areas: communication, training and change management. This approach made it possible to harmonise supplier management practices despite the diversity of processes, tools and recourse practices within the company’s various divisions.
It was crucial to support this transformation not only internally, with employees, but also externally, with the supplier ecosystem. COVEA also ensured that this programme interacted harmoniously with other strategic initiatives such as the strategic plan, the CSR programme, the anti-corruption project and the mapping of associated risks, as well as the Duty of Vigilance project.
To ensure the success of this transformation, a three-stage process was put in place to mobilise and engage employees over the long term:
- Designing the storytelling for the programme: This storytelling focused on empowering employees, in line with one of the key areas of the Group’s strategic plan, and was broken down into business objectives by function.
- Structuring the production, validation and distribution of content: This phase involved the co-production of content, the coordination and mobilisation of resources, and the empowerment of local transformation actors in the various business units, with a view to their long-term autonomy.
- Designing learning pathways by type of key player: The learning paths were adapted according to the different roles (purchasing, operations, compliance, internal control). The first change activation campaign focused on the risk of exposure of critical subcontractors.
In this way, COVEA turned a regulatory constraint into a real lever for improving operational performance by integrating robust supplier risk management and a culture of accountability and compliance at all levels of the company.
