Airbus contractors feeling ripple effect from record fine
Airbus is free to go about its business after paying a record fine to three anti-corruption agencies for widespread bribery, but the trouble is only beginning for some of its implicated contractors.
Confronting ‘willful intent’ in third-party corruption cases
Even as companies continue to agree to multi-billion-dollar settlements related to the corrupt acts of third parties, managing the risks associated with them nevertheless eludes many compliance departments.
First four ‘Excellence in Compliance Awards’ finalists revealed
Compliance Week is proud to announce its first four finalists for the “Excellence in Compliance Awards,” a newly formed program that recognizes individual achievement in one of 13 categories relating to risk and compliance.
Apr. 9 | Third party management 101: Mapping your program’s maturity
Join Aravo and Compliance Week for a webinar on TPM 101: Mapping To Maturity on April 9th. This webinar is intended for anyone that is looking to build a TPM program from scratch or for advancing your current program to a more mature state.
White paper: Six Steps to Complete Third-Party Risk Management
Ensuring compliance with third-party risk management (TPRM) regulatory and cyber security requirements means having the right combination of processes and controls in place, and that you can efficiently demonstrate these processes and controls to auditors.
Survey: CCPA still poses compliance nightmare
With the clock ticking toward the Jan. 1 implementation date, Compliance Week and ACA Aponix asked 100 compliance practitioners whether their company would be CCPA compliant by the deadline. Their collective answer? Nope.
Ask Amii mailbag: TPRM from a third-party perspective
The latest edition of the Ask Amii mailbag analyzes a case of a third party’s recommendation being ignored and offers tips on when it’s the right time to change career paths.
Webcast: Meeting the expectations of the board
This webinar presents the results of a recent industry survey on Board oversight of third-party risk. In an environment of increased business risks, close to half (43 percent) of surveyed practitioners claimed that their board doesn’t have a good handle on third-party risk! Together with a dive into the results, ...
Wells Fargo’s new TPRM head looked to Theranos for lessons
At CW’s Third-Party Risk Management and Oversight Summit, the head of Wells Fargo’s global TPRM group took a few pages out of biotech startup Theranos’ book to shed light on what not to do when building a risk culture.
Former FCPA chief’s 7 steps to third-party compliance
Speaking at CW’s Third-Party Risk Management and Oversight Summit, former FCPA Unit chief Kara Brockmeyer called attention to recent enforcement actions against Walmart and Ericsson as a way to highlight seven steps to third-party compliance.
Webcast: How to make TPRM less painful
Today, it’s imperative for companies to manage third-party risk as part of a comprehensive compliance program to protect their brand and avoid exposure to bribery and corruption.
Drowning in third-party risk? Let us throw you a life jacket
You need help managing your third parties, and over the course of two days in San Francisco, we hope to help you find the answers to the questions that keep TPRM stakeholders up at night.
Guide for practitioners: How to effectively monitor anti-corruption compliance
In a guest column for CW, Uber’s senior counsel for global compliance helps to outline a best-in-class compliance monitoring program.
Webcast: Transform compliance into a business enabler
From bribery and corruption to emerging ESG and reputational risks, corporate compliance functions are expected to protect their business from regulatory liability without slowing the pace of business. This is despite often having fewer resources to manage ever-increasing amounts of third parties and data.
Introducing ‘The Excellence in Compliance Awards’
Compliance Week is making some changes to its annual awards for 2020, evolving the “Top Minds” recognition into a full-blown, specifically targeted awards program dubbed “The Excellence in Compliance Awards.”
White paper: Vendor Risk: Find It Before It Finds You
It is virtually impossible to move forward in business without vendor relationships, but having vendors also means having potential risk.
TPRM Summit preview: How to ensure you’re prepared when disaster strikes
In a preview of their upcoming session at Compliance Week’s Third-Party Risk Management & Oversight Summit, two experts share best practices on how to ”Earthquake-Proof Your Organization.”
Internal control best practices for blockchain technology
Those in accounting who want to understand better the inherent risks, threats and vulnerabilities, and internal control best practices associated with the use of blockchain technology now have a first-of-its-kind framework to follow.
e-Book: Meeting the expectations of the board
An organization is only as strong as its weakest link. As enterprises expand their international reach, the potential for uncovering fallible business associates multiplies.
Compliance lessons from recent nine-figure FCPA settlements
Walmart, TechnipFMC, Fresenius—just to name a few—have all fallen prey to the Foreign Corrupt Practices Act in a record year of jacked-up enforcement and sky-high penalties.
Webcast: Risk associated to your third-party relationships
In today’s ever-escalating regulatory environment, companies are expected to understand who they are doing business with. Ultimate Beneficial Ownership (UBO) is required on a mandatory basis for organizations that fall within the scope of AML and beyond. And while the legislation is complex and a challenge for most organizations to ...
Webcast: Following the money to prevent human trafficking
This webcast will help compliance executives explore the latest research and practical insights on how to manage human trafficking and manage third-party risks.
Survey: Companies believe they've underinvested in TPRM
A new survey published by Deloitte highlights the latest trends—both opportunities and challenges—in companies’ journey toward a more mature extended enterprise risk management program, one in which third-party risk management is integrated across the firm and led from the top.
DoorDash data mishap showcases hazards of third-party vendors
DoorDash announced an incident of unauthorized third-party access to user data—a reminder companies need to mind the cyber-security of vendors in addition to their own.
White paper: Taming third-party risk with digital
Damaging headlines like this have grown steadily in recent years. Triggered by third parties – such as suppliers, joint-venture partners, and contractors – and exacerbated by longer, more complex supply chains, compliance failures are becoming commonplace. Especially as regulators extend their reach. Building a sustainable framework for third-party risk using ...
Webcast: Keys to third-party risk management success
In today’s shifting security and regulatory environment, ongoing third-party monitoring is crucial to compliance success. But how do you keep up with a constantly changing and growing list of vendors? This session will outline the keys to third-party risk management success through a modern approach to monitoring vendors.
Shared Assessments Program enhances TPRM framework
The Shared Assessments Program announced a new addition to its TPRM framework covering the subjects of periodic assessments and continuous monitoring.
Mastercard reveals data breaches in third-party loyalty program
Mastercard is investigating two data breaches relating to a loyalty program it ran in Germany following a leak of personal information that saw customers’ names, addresses, and credit card numbers circulating on the internet.
Webcast: Key strategies to ensure third-party compliance
Enterprises are now, more than ever, relying on a higher number of third-party, mission-critical technologies (along with their support and maintenance). As a result, enterprises are unintentionally opening themselves up to the largest source of data breaches.
e-Book: 2019 Third Party Risk Management Solutions Directory
Third-party relationships present one of the biggest risks a company can take on, which makes doing all you can to properly vet and monitor these partners of tantamount importance.
Honeywell discloses Petrobras-related FCPA probe
Honeywell International announced in a regulatory filing that it is being investigated by U.S. and Brazilian authorities as to whether the company’s use of third parties in Brazil violated the Foreign Corrupt Practices Act.
New CyberGRX feature addresses TPRM
CyberGRX, a third-party cyber-risk management platform provider, announced the release of a new feature that provides users with immediate visibility into potential threats in their ecosystem.
ProcessUnity, DVV Solutions partner on third-party risk
ProcessUnity has added third-party risk management specialist DVV Solutions to its Partner Program as a managed-service provider.
Webcast: Busting the 10 Myths of Third-Party Risk Management
Managing third-party risk is vital to every business’ reputation and long-term success. But with growing regulatory requirements, compliance skills shortages and numerous potential sources of information, managing third-party risk as an organization can feel like a very painful process.
White paper: Globanet Designated Third Party (D3P) Guidelines
In the last five years, FINRA, the primary self-regulatory organization for broker-dealers, has focused on prioritizing designated third-party compliance.
Poll shows room for improvement on training third parties
Results from the Compliance Week and Refinitiv survey revealed some surprising facts about companies’ third-party training; based on those results, the following article offers suggestions for how to enhance the process.
Identifying high-risk third parties a nuanced exercise
Determining which business partners to flag for enhanced due diligence all depends on the quality, and sources, of your data.
Third Party Risk: Driving Cross-Functional Alignment Across the Vendor Lifecycle
Outsourcing is nothing new, but recently we’ve seen companies increasingly rely on a network of third-party vendors to help them compete.
Third-Party Risk: Best Practices for Due Diligence and Ongoing Assessments
The ever-changing regulatory landscape and sheer volume of third parties requires organizations to rethink their processes around pre-contract due diligence and ongoing vendor assessment reviews. Today’s most successful programs rely less on tedious, manual processes while incorporating verified, up-to-date information on financial status, watchlist compliance and information security from trusted ...
South America cleans up its act
A look at key investigations and enforcement actions in South America and Mexico in the past four years signifies a changing legal landscape that offers compliance lessons in advancing third-party anti-corruption compliance.
Marianne Ibrahim on conducting a third party audit
Marianne Ibrahim, director of global compliance at Baker Hughes, offers several best practices for the auditing of third parties.
Prevalent acquires 3GRC
Third-party risk management platform Prevalent announced its acquisition of U.K.-based risk and compliance firm 3GRC.
Lumber Liquidators to pay $33M for securities fraud
Lumber Liquidators Holdings, a discount retailer of hardwood flooring, will pay a total of $33 million in criminal and regulatory penalties for misleading investors concerning the sale of its laminate flooring from China to its customers in the United States.
Internal audit still vexed by data, third-party risks
Internal audit is making strides in steering its focus and resources toward companies’ emerging risks—but there’s still some work to be done, the IIA says.