TPRM due diligence best practices: No one-size-fits-all approach
Companies can’t do it all in terms of managing every risk from every possible third party, panelists discussed during a session on due diligence at Compliance Week’s virtual Third-Party Risk Management (TPRM) and Oversight Summit.
To begin, businesses must define their vision and strategy, said Samira Duijnmayer, compliance manager and regulatory and financial crimes officer at Booking.com.
“Decide what’s your north star and work toward it,” Duijnmayer said. For example, if you want to mitigate bad financial outcomes, make sure to do what’s needed in the risk process to achieve that goal, she said.