The U.S. Department of Justice’s Evaluation of Corporate Compliance Programs, Prong 10, “Third Party Management,” asks, “What was the business justification for the use of the third party in question?” This question is one of the most basic tools to operationalize a compliance program and should form the basis of companies’ third-party risk management processes.
