I just returned from the second annual Third Party Risk Management and Oversight Summit hosted by Financial Risk Associates and Compliance Week. It was an unusual event, which The Man From FCPA can heartily recommend to all anti-corruption practitioners when it is offered in the future. As the title indicated, the two-day event focused solely on third-party risk management. The panelists and speakers were largely drawn from companies and consisted mainly of compliance practitioners—with a sprinkling of regulators and smattering of lawyers—but even most of the legal-eagle types were in-house counsel assigned to work on or with corporate third-party risk management teams.
This allowed for a very deep dive into what companies are doing to manage third party risks both on the sales side and supply chain side. There are some very innovate ways companies are looking at this issue from the compliance angle. The key concepts seemed to be around the dynamic nature of third-party risks. A company needs to have the nimbleness and agility to respond to this dynamic nature rather than simply have a static paper program going forward.
