Third Party Risk


processunity300x200

CPE Webcast: Build a world-class vendor risk program with limited resources

2020-11-17T14:00:00+00:00Provided by

Today, many organizations find themselves stretched thin with limited resources and unable to put together a world-class vendor risk management program.

Ticketmaster

Ticketmaster UK fined $1.6M under GDPR for 2018 data breach

2020-11-13T18:18:00+00:00By

The U.K. Information Commissioner’s Office fined Ticketmaster £1.25 million (U.S. $1.6 million) for its failures relating to a 2018 data breach by a third party.

Coronavirus look ahead

New bank resiliency guidance tackles cyber-risk, pandemic planning

2020-11-02T17:45:00+00:00By

Federal banking regulators have released new operational resiliency guidance aimed to strengthen risk management around technology-based failures, cyber-incidents, pandemic outbreaks, natural disasters, and more.

Jim Beam

Bribes, falsified records cost Beam Suntory $19.6M in FCPA settlement

2020-10-28T18:43:00+00:00By

Alcoholic beverage maker Beam Suntory agreed to pay $19.6 million to resolve Foreign Corrupt Practices Act charges of improper payments by its Indian subsidiary.

Bank loan

OCC deems ‘true lenders’ responsible for actions of third-party partners

2020-10-28T16:30:00+00:00By

The Office of the Comptroller of the Currency’s finalized “true lender” rule clarifies how banks are responsible for the compliance obligations and actions of their third-party lending partners.

refinitiv 300x200

CPE Webcast: Third-party risk in the era of COVID-19

2020-10-27T14:00:00+00:00Provided by

This webinar will discuss how companies are making changes to their onboarding processes and supply chain due diligence and how COVID-19 has shifted priorities and budgets going forward.

processunity300x200

CPE Webcast: Empower visibility for an efficient vendor risk program

2020-10-22T14:00:00+01:00Provided by

Managing third-party risk for your organization is increasingly becoming more urgent with today’s environmental and geopolitical challenges, business continuity issues and regulatory demands.

Berkshire Hathaway

Berkshire Hathaway fined $4.1M for Iran sanctions violations

2020-10-21T16:59:00+01:00By

The U.S. Department of the Treasury’s Office of Foreign Assets Control assessed a $4.1 million fine against Berkshire Hathaway for “egregious” violations of sanctions against Iran committed by a subsidiary in Turkey.

M&A activity

Best practices for M&A cyber-security due diligence in a virtual world

2020-10-15T16:12:00+01:00By

The slowdown in mergers and acquisitions in the early stages of the coronavirus pandemic in March is waning, and M&A activity is approaching pre-pandemic levels again, with cyber-security risk now the top concern.

rsa 300x200

CPE Webcast: Tips to jumpstart your CMMC certification plan

2020-10-13T14:00:00+01:00Provided by

With the release of the DOD’s Cybersecurity Maturity Model Certification program in 2020, contractors are required for the first time to comply with a specific set of cybersecurity capabilities—and have that compliance certified by a third party.

Morgan Stanley

OCC fines Morgan Stanley $60M for data inventory risk failures

2020-10-08T20:51:00+01:00By

Morgan Stanley has agreed to pay $60 million as part of a settlement with the OCC for failing to adequately protect customer data when the bank decommissioned two U.S.-based wealth management data centers.

dnb 300x200

CPE Webcast: Simplifying ‘Six Degrees of Separation’ for third-party compliance risk

2020-10-01T14:00:00+01:00Provided by

The long-standing theory of having an average of only six degrees of separation between any two people takes on an interesting twist when considered through a compliance and risk management lens.

Aravo Mind the Gap cover img

e-Book: Mind the Gap — Where Third-Party Risk Management Programs Fall Short

2020-09-22T06:46:00+01:00Provided by

This e-Book from Compliance Week and Aravo reveals the results of the “2020 TPRM Benchmarking Survey.”

Carreyrou

Carreyrou at TPRM: Theranos warning signs were there, but partners failed to spot them

2020-09-18T22:26:00+01:00By

John Carreyrou explained to third-party risk professionals at CW’s TPRM Virtual Summit that the mistakes made by Theranos’s business partners were entirely preventable—had they done their proper due diligence.

Telecom satellite

Compliance official key to Comtech sanctions penalty

2020-09-18T16:36:00+01:00By

The alleged actions of an export compliance official are at the heart of “egregious” apparent OFAC sanctions violations by New York-based Comtech Telecommunications Corp. and its wholly owned subsidiary regarding sales in Sudan.

Kara Brockmeyer

Brockmeyer at TPRM: Regulator expectations for monitoring third parties

2020-09-17T16:52:00+01:00By

Former chief of the SEC’s FCPA Unit Kara Brockmeyer shared what regulators are looking for when they assess a company’s relationship with its third parties at Compliance Week’s TPRM Virtual Summit on Thursday.

processunity300x200

CPE Webcast: Expert content + third-party risk = enhanced vendor due diligence

2020-09-10T14:00:00+01:00Provided by

Maintaining the status quo with your vendor risk management program is no longer acceptable in today’s ever-changing marketplace as supply chains can drastically change overnight.

aravo 300x200

CPE Webcast: Debunking myths of AI & ML in TPRM technology

2020-09-08T13:00:00+01:00Provided by

This webinar debunks the myths of AI and ML in third-party risk technology and drills into reality with a pragmatic application of how your data can be harnessed to support various risk management use cases.

woods

Best practices KYC: What to do when your client is in the headlines

2020-09-02T15:50:00+01:00By

How do we, as AML professionals, assess negative media alerts? It should start with a conversation with the client relationship manager, but it shouldn’t end there, writes Martin Woods.

carreyroubrockmeyer_128979

Q&A with Kara Brockmeyer: How pandemic has impacted third-party risk

2020-08-31T15:18:00+01:00By

In advance of her keynote at Compliance Week’s upcoming TPRM virtual event (Sept. 17-18), former SEC official Kara Brockmeyer discussed with CW the heightened risk third parties have during a pandemic and what companies can do about it.

John Carreyrou

John Carreyrou at TPRM: How to spot a wolf in Steve Jobs’ clothing

2020-08-21T14:22:00+01:00By

John Carreyrou, the Wall Street Journal reporter who exposed Theranos and its founder Elizabeth Holmes as frauds, will be the keynote speaker on Day 2 of Compliance Week’s TPRM virtual conference Sept. 18.

aptible300x200

CPE Webcast: Compliance in the age of cloud

2020-08-20T14:00:00+01:00Provided by

Running a business “in the cloud” was once reserved for innovators and large enterprises, but now nearly every business on the internet is operating in the cloud.

aravo 300x200

CPE Webcast: Third party risk management: Are programs up to scratch?

2020-08-11T14:00:00+01:00Provided by

This webinar will discuss the results of the Compliance Week and Aravo TPRM benchmarking survey in the context of the DOJ’s Evaluation of Corporate Compliance Programs.

fusionrm300x200

CPE Webcast: Managing third-party risk during and after a pandemic

2020-08-06T14:00:00+01:00Provided by

As new insights are continually evolving, organizations around the world are trying to plan and develop their strategies for returning to the new “normal.”

DOJ building

Advice for compliance from new DOJ Criminal Division head

2020-08-03T12:00:00+01:00By

Acting Justice Department Criminal Division head Brian Rabbitt shares his perspective on recent updates to the Evaluation of Corporate Compliance Programs guidance, the FCPA Resource Guide, and more.

genpact300x200

CPE Webcast: Rethinking third-party due diligence to minimize supply chain risk

2020-07-21T11:00:00+01:00Provided by

Businesses are rethinking their strategies to maintain operations, minimize supply chain disruption, and manage heightened exposure to financial, legal, regulatory, or reputational risks.

Tightrope

Nothing more important than knowing your risk exposure

2020-07-14T16:47:00+01:00By

In performing due diligence on your supply chain partners, do not be intimidated into accepting no for an answer. Being blind to potential risks is bound to get you into trouble, writes financial crime expert Martin Woods.

onetrust 2 300x200

CPE Webcast: A new approach to vendor risk & performance monitoring

2020-07-14T14:00:00+01:00Provided by

Your vendors often handle your most sensitive data. This presents significant challenges as security, procurement, sourcing, IT, and privacy teams struggle to vet and manage vendor risks and performance in real time.

processunity300x200

CPE Webcast: TPRM: Best practices for an efficient program

2020-06-11T14:00:00+01:00Provided by

While there is no one right third-party risk management program, there is a model right for you, and incorporating best practices into your processes can have an exponential effect on your results.

rsa 300x200

CPE Webcast: TPRM; What keeps you up at night?

2020-05-28T14:00:00+01:00Provided by

Do risks from your third-party ecosystem keep you up at night, especially during these trying times? How have third-party risks changed over the years, but especially lately, considering the current crisis?

trustarc 300x200

CPE Webcast: Calculating COVID-19 third-party privacy risks

2020-05-26T14:00:00+01:00Provided by

COVID-19 has completely changed the way organizations do business, both internally and externally. The influx of sensitive data being collected makes proactively identifying and managing privacy risk a big challenge.

power_anderson

Coronavirus has made CW2020 a (virtual) gathering like no other

2020-05-15T14:58:00+01:00By

The coronavirus pandemic has made getting together for our annual National Conference impossible, but it’s also made this virtual gathering (Monday and Tuesday) perhaps the most important one we’ve ever had.

SupplyChainInnovation

Driving innovation in supply-chain practices post-pandemic

2020-05-14T18:43:00+01:00By

A number of forward-thinking companies are using the coronavirus pandemic as an opportunity to drive promising innovations in their global supply chains.

galvanize 300x200

CPE Webcast: Integrating TPRM into sourcing and procurement functions

2020-05-12T14:00:00+01:00Provided by

Traditionally, third-party risk management has focused on procurement, executing contracts, managing relationships, and conducting quarterly business reviews. These measures are no longer enough.

onetrust 2 300x200

CPE Webcast: 10 steps to improving business resilience with TPRM

2020-05-07T14:56:00+01:00Provided by

Third-party risk management is more important now than ever. And while compliance is a critical component, recent market turbulence has organizations prioritizing business continuity, financial due diligence, and business resilience.

breach

Current cyber-environment calls for proactive approach

2020-04-30T15:26:00+01:00By

The conventional wisdom on cyber-security is to play defense and respond quickly to breaches. But these are not normal times, and proper cyber-hygiene is more important than ever.

Mergers

M&A due diligence landscape forever altered by coronavirus pandemic

2020-04-29T19:45:00+01:00By

The coronavirus pandemic has affected both the risk landscape and the diligence protocols for merger and acquisition transactions at every stage of the game. But while deal terms may be negotiable, what should be non-negotiable is the compliance function’s role in M&A transactions.

Interconnected

Third parties & coronavirus: Advice for traversing web of interconnected risks

2020-04-24T17:53:00+01:00By

The coronavirus pandemic has created a sea of red flags in every company’s supply chain. When each alert indicates a possible disruption, which ones do you act on?

supply wisdom300x200

CPE Webcast: COVID-19: Responding to cascading risk

2020-04-23T14:07:00+01:00Provided by

Pandemics represent a unique disaster risk scenario as a result of “cascading risk,” which poses an immense challenge to risk leaders due to progressive failures that will result in the deterioration of the health of third parties and supply chains.

aravo 300x200

CPE Webcast: Mapping your TPRM program’s maturity

2020-04-09T19:54:00+01:00Provided by

This Webinar is intended for anyone looking to build a TPRM program from scratch or for advancing your current program to a more mature state.

finalists banner 600x400

First round of finalists named for Excellence in Compliance Awards

2020-04-06T13:39:00+01:00By

Compliance Week has pared down its list of more than 300 nominees for its first annual Excellence in Compliance Awards and is pleased to announce the finalists for nine of the 15 categories.

Hackers

5 tips to immunize yourself against coronavirus-emboldened hackers

2020-03-17T20:16:00+00:00By

In this time of fear and uncertainty, it’s more critical than ever to practice good cyber-security hygiene (just think of it as the technical version of proper handwashing).

Coronavirus

Coronavirus: Tips for risk management

2020-03-13T14:01:00+00:00By

As the coronavirus worldwide pandemic spreads, the ramifications for any business has gone from temporary disruption to a serious impediment. Here are 10 steps your company can take to mitigate its risks.

Iran

Compliance best practices for ever-evolving Iran sanctions

2020-03-10T16:11:00+00:00By

A new executive order issued in January places additional sanctions on a much broader portion of Iran’s economy and, from a compliance and risk management standpoint, puts a broader range of companies in the crosshairs of U.S. enforcement.

Health records

GoodRx’s mea culpa: Lessons for internet companies handling personal health data

2020-03-04T21:11:00+00:00By

Telemedicine platform GoodRx has committed to enhancements of its consumer data protection after Consumer Reports called out its sharing practices regarding personal health information.

50 percent rule

Q&A: Clearing up confusion with OFAC’s 50 Percent rule

2020-03-04T16:16:00+00:00By

Compliance Week spoke with Tiffany Archer, regional ethics and compliance officer and corporate counsel at Panasonic Avionics Corporation, on demystifying OFAC’s 50 Percent rule.

Cardinal Health

Compliance lessons from Cardinal Health’s FCPA settlement

2020-03-02T18:54:00+00:00By

Cardinal Health reached an $8.8 million settlement with the SEC for violations of the FCPA concerning the operations of its former Chinese subsidiary. For prudent compliance officers, it’s a tale of how not to do business in China.

prevalent feb cover img

White paper: Achieving Compliance with TPRM Regulatory and Framework Requirements

2020-02-25T05:37:00+00:00Provided by

Measuring compliance against third-party risk management requirements is complex and time consuming; and with growing numbers of data breaches originating with third parties and all the regulatory activity that comes as a result, it never lets up.

Coronavirus

Disruptions caused by coronavirus affecting global supply chain

2020-02-24T21:20:00+00:00By

The burgeoning coronavirus outbreak not only sent markets crashing on Monday, it also put a spotlight on companies whose supply chains have been severely disrupted by the ongoing crisis.

Airbus

Airbus contractors feeling ripple effect from record fine

2020-02-12T20:34:00+00:00By

Airbus is free to go about its business after paying a record fine to three anti-corruption agencies for widespread bribery, but the trouble is only beginning for some of its implicated contractors.