Two risk and compliance practitioners opened their cyber-playbooks at CW’s TPRM virtual event, explaining how to identify and address vulnerabilities, establish transparency with vendors, and strengthen an organization’s incident management program.
Meatpacker JBS USA has become the latest critical infrastructure company to be targeted by a ransomware attack, which temporarily halted its global operations. The attack brings with it implications for the food and agriculture industries.
The National Institute of Standards and Technology is seeking comment on a revised version of its cyber supply chain risk management guidance that is intended for a broader audience of public and private companies.
Organizations are adopting digital transformation and, as a result, increasing their reliance on third parties faster than they can scale their third-party cyber-risk management programs.
Companies of a certain size with ties to Germany must soon establish robust due diligence procedures to prevent human rights and environmental abuses both within the course of their own business activities and within their global supply chains.
Companies across the globe faced a true test of competency this past year. FedEx passed the challenge with flying colors under the oversight of Justin Ross, CW’s CCO of the Year at the 2021 Excellence in Compliance Awards.
As customer expectations for transparency and ethical approach to business soar, companies that aren’t addressing the environmental, social and governance (ESG) impact of their organizations will get left behind. And that applies to who they work with too.
A month has gone by since a 1,300-foot cargo ship ran aground and blocked one of the busiest waterways in the world. For many industries, the ripple effects will continue to batter global supply chains for weeks to come, absent having in place a sound supply chain risk management program.
The United States Trade Representative is seeking public comment on the potential implementation of tariffs of up to 25 percent on a long list of goods by six U.S. trading partners, including the United Kingdom.
The grounding of the Ever Given is the latest unexpected incident to cause severe supply chain disruptions around the world. The lessons learned from others, such as the coronavirus pandemic, are just as relevant, writes Aaron Nicodemus.
Northern Ireland Justice Minister Naomi Long has launched two consultation documents on measures to eradicate modern slavery from the supply chains of public- and commercial-sector organizations.
The more we learn about the SolarWinds hack, the more troubled compliance officers should be by the scope and breadth of the risks their companies might have incurred.
For most companies, supply chain risk management traditionally focuses on managing physical third-party risks. But what the SolarWinds cyber-attack revealed is the catastrophic havoc fourth and fifth parties can also wreak in the often-ignored cloud supply chain.
This year has been one most of us would like to forget. As we look toward 2021, nevertheless, it is worth considering lessons learned over the last 12 months and (where possible) drawing on any positives that have come to light regarding the financial crime landscape.
The Department of Justice alleged many failures by Walmart’s compliance program in its 160-page lawsuit accusing the retailer of playing an active role in fueling the opioid epidemic.
Former chief of the SEC’s FCPA Unit Kara Brockmeyer shared what regulators are looking for when they assess a company’s relationship with its third parties at Compliance Week’s TPRM Virtual Summit on Thursday.
Maintaining the status quo with your vendor risk management program is no longer acceptable in today’s ever-changing marketplace as supply chains can drastically change overnight.
Mondelēz International has become among the latest consumer goods companies to tighten its sourcing requirements for palm oil, improving its traceability of suppliers. But recent analysis also finds the industry has a long way to go in its progress.
How do we, as AML professionals, assess negative media alerts? It should start with a conversation with the client relationship manager, but it shouldn’t end there, writes Martin Woods.
The COVID-19 pandemic has certainly changed the landscape of global risk, and many organizations are quickly adapting their third-party risk management processes as a result.