All Third Party Risk articles
-
WebcastCPE Webcast: How to manage third-party risk: Expected trends for 2021
Join Deloitte’s leading practitioners in third party risk management for a one-hour webinar as they explore key findings from their fifth annual extended enterprise risk management (EERM) survey.
-
Article
Deutsche Bank to pay $130M to settle bribery, ‘spoofing’ charges
Deutsche Bank has agreed to pay more than $130 million to resolve charges that it paid bribes to third parties to secure business deals in Asia and the Middle East, in addition to a separate commodities fraud “spoofing” case.
-
Article
Learning from SolarWinds: Five steps to fortify your cloud supply chain
For most companies, supply chain risk management traditionally focuses on managing physical third-party risks. But what the SolarWinds cyber-attack revealed is the catastrophic havoc fourth and fifth parties can also wreak in the often-ignored cloud supply chain.
-
Article
Cyber-security lessons from the SolarWinds hack
The lessons from the massive SolarWinds hack on where vulnerabilities still lurk in the third-party vendor supply chain cannot be grasped soon enough.
-
Webcast
CPE Webcast: How to get your TPRM program ready for success in 2021
To say that 2020 was filled with change and challenges would be an understatement. As businesses adjust to new ways of working, many are reassessing the risk profiles of their third parties and re-evaluating their third-party risk management programs as they prepare for the new year.
-
Webcast
CPE Webcast: Third party risk: Tough challenges and real-world solutions
Join this educational session as we outline best practices for developing and optimizing efficient processes within your third party risk management program.
-
Article
Preparation, monitoring key to combating third-party cyber-security risk
A spate of recent cyber-security breaches occurring via third parties is a reminder of the importance for companies to stay on top of risk management. Regulators have shown to not take kindly to finger-pointing.
-
Article
Trio of U.K. fines expose third-party risks under GDPR
Recent GDPR fines against British Airways, Marriott, and Ticketmaster by the U.K. Information Commissioner’s Office each saw the regulator dismiss claims by the companies that third parties were primarily responsible for the data breaches in question.
-
Webcast
CPE Webcast: Build a world-class vendor risk program with limited resources
Today, many organizations find themselves stretched thin with limited resources and unable to put together a world-class vendor risk management program.
-
Article
Ticketmaster UK fined $1.6M under GDPR for 2018 data breach
The U.K. Information Commissioner’s Office fined Ticketmaster £1.25 million (U.S. $1.6 million) for its failures relating to a 2018 data breach by a third party.
-
Article
New bank resiliency guidance tackles cyber-risk, pandemic planning
Federal banking regulators have released new operational resiliency guidance aimed to strengthen risk management around technology-based failures, cyber-incidents, pandemic outbreaks, natural disasters, and more.
-
Article
Bribes, falsified records cost Beam Suntory $19.6M in FCPA settlement
Alcoholic beverage maker Beam Suntory agreed to pay $19.6 million to resolve Foreign Corrupt Practices Act charges of improper payments by its Indian subsidiary.
-
Article
OCC deems ‘true lenders’ responsible for actions of third-party partners
The Office of the Comptroller of the Currency’s finalized “true lender” rule clarifies how banks are responsible for the compliance obligations and actions of their third-party lending partners.
-
Webcast
CPE Webcast: Third-party risk in the era of COVID-19
This webinar will discuss how companies are making changes to their onboarding processes and supply chain due diligence and how COVID-19 has shifted priorities and budgets going forward.
-
Webcast
CPE Webcast: Empower visibility for an efficient vendor risk program
Managing third-party risk for your organization is increasingly becoming more urgent with today’s environmental and geopolitical challenges, business continuity issues and regulatory demands.
-
Article
Berkshire Hathaway fined $4.1M for Iran sanctions violations
The U.S. Department of the Treasury’s Office of Foreign Assets Control assessed a $4.1 million fine against Berkshire Hathaway for “egregious” violations of sanctions against Iran committed by a subsidiary in Turkey.
-
Article
Best practices for M&A cyber-security due diligence in a virtual world
The slowdown in mergers and acquisitions in the early stages of the coronavirus pandemic in March is waning, and M A activity is approaching pre-pandemic levels again, with cyber-security risk now the top concern.
-
Webcast
CPE Webcast: Tips to jumpstart your CMMC certification plan
With the release of the DOD’s Cybersecurity Maturity Model Certification program in 2020, contractors are required for the first time to comply with a specific set of cybersecurity capabilities—and have that compliance certified by a third party.
-
Article
OCC fines Morgan Stanley $60M for data inventory risk failures
Morgan Stanley has agreed to pay $60 million as part of a settlement with the OCC for failing to adequately protect customer data when the bank decommissioned two U.S.-based wealth management data centers.
-
Webcast
CPE Webcast: Simplifying ‘Six Degrees of Separation’ for third-party compliance risk
The long-standing theory of having an average of only six degrees of separation between any two people takes on an interesting twist when considered through a compliance and risk management lens.
