Russia’s invasion of Ukraine has sparked a war with unusual implications: The U.S. has stepped up sanctions and export controls. But companies are increasingly learning that the most seemingly innocuous products can find themselves in “dual use,” as a product for daily life and a product for war. A gyroscope or a more advanced GPS chip might help improve a smartphone’s capabilities, but they can also help to guide a missile.
Third Party Risk
Posted inAnti-Bribery
ESG isn’t just a buzzword, it’s vendor management, forced labor and more
ESG is no longer in vogue. But its issues still are.
Almost none of the nearly 200 attendees at Compliance Week’s Third Party Management summit this week said they’re currently working on ESG when informally surveyed. The show-of-hands results marked a dramatic reversal from even just a couple years ago, surprising even attendees in the room.
Posted inBoards & Shareholders
TPRM Keynote speaker Cherepanova says directors don’t need specialization, they need critical thinking
Regulators and investors increasingly say boards of directors need more expertise to ensure they can respond to fast-changing politics, policy, and technology that threaten to undermine their businesses. In the U.K., government officials say boards need to think more about cyber. In the EU, they need to prepare for the Corporate Sustainability Reporting Directive (CSRD). Speaking at Compliance Week’s Third-Party Risk Management summit, Boards of the Future director Vera Cherepanova says that directors need to think broadly, rather than in specialties.
Provided by
Tariffs, Trade, and TPRM: Adapting to Global Regulatory Change and Supply Chain Disruption in 2025
Wondering how new approaches to age-old regulations affect ethical business practices across your extended enterprise? What about how tariffs may impact your supply chain integrity, and how to best adapt your organization to accelerated shifts in business practices?
Posted inRisk Management
Navigating compliance: A guide for small teams to tackle Cybersecurity Maturity Model Certification
Many small organizations within the Defense Industrial Base are struggling to meet the rigorous requirements validated through the Cybersecurity Maturity Model Certification, writes Thomas Graham, CISO at Redspin. If you haven’t been tracking it closely, CMMC was finalized in October, with an effective date of December 16, 2024.
Posted inRegulatory Enforcement
DOJ fines MORSE Corp $4.6M for lax cyber controls amid crack down on federal contractors
Yet another government contractor has been slapped with a fine by the Department of Justice for applying lax cybersecurity defenses on sensitive government data.
Provided by
Tackling Third Party Risk In A Global World
TPRM has always been a tough subject, requiring regular monitoring and audits to be done right. But until recently, it was something companies chose to do.
Posted inEthics & Culture
Ethics & Compliance Summit notebook: When it comes to trust, make sure to verify
The increasing efforts to fight modern slavery across the globe are getting a boost from EU rules that require companies to track and report on the issue. But compliance executives can’t lean on easy databases and automated solutions, experts increasingly say, that supply chain companies may ignore or lie to.
Posted inAccounting & Auditing
Experts explain why IIA’s new global audit rules will be ‘central’ to securing high-quality assurance
Compliance teams should expect more support from their organization’s internal audit functions. That is the clear message from the Institute of Internal Auditors, the global body of national affiliated internal audit institutes, which has just put into action its new Global Internal Audit Standards.
Posted inRegulatory Enforcement
Crypto exchange OKX latest target of DOJ, hit with $505M penalty over AML, KYC failures
One of world’s largest cryptocurrency exchanges agreed to pay more than $500 million in penalties and plead guilty to AML and KYC violations, along with failing to register as a money transmitting business with the U.S. Treasury Department, the DOJ said.
