Ensuring compliance with third-party risk management (TPRM) regulatory and cyber security requirements means having the right combination of processes and controls in place, and that you can efficiently demonstrate these processes and controls to auditors.
With the clock ticking toward the Jan. 1 implementation date, Compliance Week and ACA Aponix asked 100 compliance practitioners whether their company would be CCPA compliant by the deadline. Their collective answer? Nope.
The latest edition of the Ask Amii mailbag analyzes a case of a third party’s recommendation being ignored and offers tips on when it’s the right time to change career paths.
This webinar presents the results of a recent industry survey on Board oversight of third-party risk. In an environment of increased business risks, close to half (43 percent) of surveyed practitioners claimed that their board doesn’t have a good handle on third-party risk! Together with a dive into the results, ...
At CW’s Third-Party Risk Management and Oversight Summit, the head of Wells Fargo’s global TPRM group took a few pages out of biotech startup Theranos’ book to shed light on what not to do when building a risk culture.
Speaking at CW’s Third-Party Risk Management and Oversight Summit, former FCPA Unit chief Kara Brockmeyer called attention to recent enforcement actions against Walmart and Ericsson as a way to highlight seven steps to third-party compliance.
Today, it’s imperative for companies to manage third-party risk as part of a comprehensive compliance program to protect their brand and avoid exposure to bribery and corruption.
You need help managing your third parties, and over the course of two days in San Francisco, we hope to help you find the answers to the questions that keep TPRM stakeholders up at night.
In a guest column for CW, Uber’s senior counsel for global compliance helps to outline a best-in-class compliance monitoring program.
From bribery and corruption to emerging ESG and reputational risks, corporate compliance functions are expected to protect their business from regulatory liability without slowing the pace of business. This is despite often having fewer resources to manage ever-increasing amounts of third parties and data.
Compliance Week is making some changes to its annual awards for 2020, evolving the “Top Minds” recognition into a full-blown, specifically targeted awards program dubbed “The Excellence in Compliance Awards.”
It is virtually impossible to move forward in business without vendor relationships, but having vendors also means having potential risk.
In a preview of their upcoming session at Compliance Week’s Third-Party Risk Management & Oversight Summit, two experts share best practices on how to ”Earthquake-Proof Your Organization.”
Those in accounting who want to understand better the inherent risks, threats and vulnerabilities, and internal control best practices associated with the use of blockchain technology now have a first-of-its-kind framework to follow.
An organization is only as strong as its weakest link. As enterprises expand their international reach, the potential for uncovering fallible business associates multiplies.
Walmart, TechnipFMC, Fresenius—just to name a few—have all fallen prey to the Foreign Corrupt Practices Act in a record year of jacked-up enforcement and sky-high penalties.
In today’s ever-escalating regulatory environment, companies are expected to understand who they are doing business with. Ultimate Beneficial Ownership (UBO) is required on a mandatory basis for organizations that fall within the scope of AML and beyond. And while the legislation is complex and a challenge for most organizations to ...
This webcast will help compliance executives explore the latest research and practical insights on how to manage human trafficking and manage third-party risks.
A new survey published by Deloitte highlights the latest trends—both opportunities and challenges—in companies’ journey toward a more mature extended enterprise risk management program, one in which third-party risk management is integrated across the firm and led from the top.
DoorDash announced an incident of unauthorized third-party access to user data—a reminder companies need to mind the cyber-security of vendors in addition to their own.
Damaging headlines like this have grown steadily in recent years. Triggered by third parties – such as suppliers, joint-venture partners, and contractors – and exacerbated by longer, more complex supply chains, compliance failures are becoming commonplace. Especially as regulators extend their reach. Building a sustainable framework for third-party risk using ...
In today’s shifting security and regulatory environment, ongoing third-party monitoring is crucial to compliance success. But how do you keep up with a constantly changing and growing list of vendors? This session will outline the keys to third-party risk management success through a modern approach to monitoring vendors.
Mastercard is investigating two data breaches relating to a loyalty program it ran in Germany following a leak of personal information that saw customers’ names, addresses, and credit card numbers circulating on the internet.
Enterprises are now, more than ever, relying on a higher number of third-party, mission-critical technologies (along with their support and maintenance). As a result, enterprises are unintentionally opening themselves up to the largest source of data breaches.
Third-party relationships present one of the biggest risks a company can take on, which makes doing all you can to properly vet and monitor these partners of tantamount importance.