Third Party Risk


processunity300x200

CPE Webcast: TPRM: Best practices for an efficient program

2020-06-11T14:00:00+01:00Provided by

While there is no one right third-party risk management program, there is a model right for you, and incorporating best practices into your processes can have an exponential effect on your results.

rsa 300x200

CPE Webcast: TPRM; What keeps you up at night?

2020-05-28T14:00:00+01:00Provided by

Do risks from your third-party ecosystem keep you up at night, especially during these trying times? How have third-party risks changed over the years, but especially lately, considering the current crisis?

trustarc 300x200

CPE Webcast: Calculating COVID-19 third-party privacy risks

2020-05-26T14:00:00+01:00Provided by

COVID-19 has completely changed the way organizations do business, both internally and externally. The influx of sensitive data being collected makes proactively identifying and managing privacy risk a big challenge.

power_anderson

Coronavirus has made CW2020 a (virtual) gathering like no other

2020-05-15T14:58:00+01:00By

The coronavirus pandemic has made getting together for our annual National Conference impossible, but it’s also made this virtual gathering (Monday and Tuesday) perhaps the most important one we’ve ever had.

SupplyChainInnovation

Driving innovation in supply-chain practices post-pandemic

2020-05-14T18:43:00+01:00By

A number of forward-thinking companies are using the coronavirus pandemic as an opportunity to drive promising innovations in their global supply chains.

galvanize 300x200

CPE Webcast: Integrating TPRM into sourcing and procurement functions

2020-05-12T14:00:00+01:00Provided by

Traditionally, third-party risk management has focused on procurement, executing contracts, managing relationships, and conducting quarterly business reviews. These measures are no longer enough.

onetrust 2 300x200

CPE Webcast: 10 steps to improving business resilience with TPRM

2020-05-07T14:56:00+01:00Provided by

Third-party risk management is more important now than ever. And while compliance is a critical component, recent market turbulence has organizations prioritizing business continuity, financial due diligence, and business resilience.

breach

Current cyber-environment calls for proactive approach

2020-04-30T15:26:00+01:00By

The conventional wisdom on cyber-security is to play defense and respond quickly to breaches. But these are not normal times, and proper cyber-hygiene is more important than ever.

Mergers

M&A due diligence landscape forever altered by coronavirus pandemic

2020-04-29T19:45:00+01:00By

The coronavirus pandemic has affected both the risk landscape and the diligence protocols for merger and acquisition transactions at every stage of the game. But while deal terms may be negotiable, what should be non-negotiable is the compliance function’s role in M&A transactions.

Interconnected

Third parties & coronavirus: Advice for traversing web of interconnected risks

2020-04-24T17:53:00+01:00By

The coronavirus pandemic has created a sea of red flags in every company’s supply chain. When each alert indicates a possible disruption, which ones do you act on?

supply wisdom300x200

CPE Webcast: COVID-19: Responding to cascading risk

2020-04-23T14:07:00+01:00Provided by

Pandemics represent a unique disaster risk scenario as a result of “cascading risk,” which poses an immense challenge to risk leaders due to progressive failures that will result in the deterioration of the health of third parties and supply chains.

aravo 300x200

CPE Webcast: Mapping your TPRM program’s maturity

2020-04-09T19:54:00+01:00Provided by

This Webinar is intended for anyone looking to build a TPRM program from scratch or for advancing your current program to a more mature state.

finalists banner 600x400

First round of finalists named for Excellence in Compliance Awards

2020-04-06T13:39:00+01:00By

Compliance Week has pared down its list of more than 300 nominees for its first annual Excellence in Compliance Awards and is pleased to announce the finalists for nine of the 15 categories.

Hackers

5 tips to immunize yourself against coronavirus-emboldened hackers

2020-03-17T20:16:00+00:00By

In this time of fear and uncertainty, it’s more critical than ever to practice good cyber-security hygiene (just think of it as the technical version of proper handwashing).

Coronavirus

Coronavirus: Tips for risk management

2020-03-13T14:01:00+00:00By

As the coronavirus worldwide pandemic spreads, the ramifications for any business has gone from temporary disruption to a serious impediment. Here are 10 steps your company can take to mitigate its risks.

Iran

Compliance best practices for ever-evolving Iran sanctions

2020-03-10T16:11:00+00:00By

A new executive order issued in January places additional sanctions on a much broader portion of Iran’s economy and, from a compliance and risk management standpoint, puts a broader range of companies in the crosshairs of U.S. enforcement.

Health records

GoodRx’s mea culpa: Lessons for internet companies handling personal health data

2020-03-04T21:11:00+00:00By

Telemedicine platform GoodRx has committed to enhancements of its consumer data protection after Consumer Reports called out its sharing practices regarding personal health information.

50 percent rule

Q&A: Clearing up confusion with OFAC’s 50 Percent rule

2020-03-04T16:16:00+00:00By

Compliance Week spoke with Tiffany Archer, regional ethics and compliance officer and corporate counsel at Panasonic Avionics Corporation, on demystifying OFAC’s 50 Percent rule.

Cardinal Health

Compliance lessons from Cardinal Health’s FCPA settlement

2020-03-02T18:54:00+00:00By

Cardinal Health reached an $8.8 million settlement with the SEC for violations of the FCPA concerning the operations of its former Chinese subsidiary. For prudent compliance officers, it’s a tale of how not to do business in China.

prevalent feb cover img

White paper: Achieving Compliance with TPRM Regulatory and Framework Requirements

2020-02-25T05:37:00+00:00Provided by

Measuring compliance against third-party risk management requirements is complex and time consuming; and with growing numbers of data breaches originating with third parties and all the regulatory activity that comes as a result, it never lets up.

Coronavirus

Disruptions caused by coronavirus affecting global supply chain

2020-02-24T21:20:00+00:00By

The burgeoning coronavirus outbreak not only sent markets crashing on Monday, it also put a spotlight on companies whose supply chains have been severely disrupted by the ongoing crisis.

Airbus

Airbus contractors feeling ripple effect from record fine

2020-02-12T20:34:00+00:00By

Airbus is free to go about its business after paying a record fine to three anti-corruption agencies for widespread bribery, but the trouble is only beginning for some of its implicated contractors.

columnist icons

Confronting ‘willful intent’ in third-party corruption cases

2020-02-04T20:03:00+00:00By

Even as companies continue to agree to multi-billion-dollar settlements related to the corrupt acts of third parties, managing the risks associated with them nevertheless eludes many compliance departments.

600x400 finalist story banner11

First four ‘Excellence in Compliance Awards’ finalists revealed

2020-02-04T17:19:00+00:00By

Compliance Week is proud to announce its first four finalists for the “Excellence in Compliance Awards,” a newly formed program that recognizes individual achievement in one of 13 categories relating to risk and compliance.

prevalent cover img

White paper: Six Steps to Complete Third-Party Risk Management

2020-01-02T07:49:00+00:00Provided by

Ensuring compliance with third-party risk management (TPRM) regulatory and cyber security requirements means having the right combination of processes and controls in place, and that you can efficiently demonstrate these processes and controls to auditors.

CCPA

Survey: CCPA still poses compliance nightmare

2019-12-30T18:18:00+00:00By

With the clock ticking toward the Jan. 1 implementation date, Compliance Week and ACA Aponix asked 100 compliance practitioners whether their company would be CCPA compliant by the deadline. Their collective answer? Nope.

askamii

Ask Amii mailbag: TPRM from a third-party perspective

2019-12-20T19:47:00+00:00By

The latest edition of the Ask Amii mailbag analyzes a case of a third party’s recommendation being ignored and offers tips on when it’s the right time to change career paths.

aravo 300x200

Webcast: Meeting the expectations of the board

2019-12-17T14:13:00+00:00Provided by

This webinar presents the results of a recent industry survey on Board oversight of third-party risk. In an environment of increased business risks, close to half (43 percent) of surveyed practitioners claimed that their board doesn’t have a good handle on third-party risk! Together with a dive into the results, ...

Mary Rentoumis

Wells Fargo’s new TPRM head looked to Theranos for lessons

2019-12-16T14:49:00+00:00By

At CW’s Third-Party Risk Management and Oversight Summit, the head of Wells Fargo’s global TPRM group took a few pages out of biotech startup Theranos’ book to shed light on what not to do when building a risk culture.

Brockmeyer

Former FCPA chief’s 7 steps to third-party compliance

2019-12-12T21:03:00+00:00By

Speaking at CW’s Third-Party Risk Management and Oversight Summit, former FCPA Unit chief Kara Brockmeyer called attention to recent enforcement actions against Walmart and Ericsson as a way to highlight seven steps to third-party compliance.

dnb 300x200

Webcast: How to make TPRM less painful

2019-12-10T14:00:00+00:00Provided by

Today, it’s imperative for companies to manage third-party risk as part of a comprehensive compliance program to protect their brand and avoid exposure to bribery and corruption.

TPRM2

Drowning in third-party risk? Let us throw you a life jacket

2019-12-06T16:43:00+00:00By

You need help managing your third parties, and over the course of two days in San Francisco, we hope to help you find the answers to the questions that keep TPRM stakeholders up at night.

TPRM2

Guide for practitioners: How to effectively monitor anti-corruption compliance

2019-12-05T19:28:00+00:00By Vera H. Powell and Alice Hsieh

In a guest column for CW, Uber’s senior counsel for global compliance helps to outline a best-in-class compliance monitoring program.

july14

July 14 | A new approach to vendor risk & performance monitoring

2019-12-04T22:10:00+00:00Provided by

Your vendors often handle your most sensitive data. This presents significant challenges as security, procurement, sourcing, IT, and privacy teams struggle to vet and manage vendor risks and performance in real time.

july21

July 21 | Rethinking third-party due diligence to minimize supply chain risk

2019-12-04T16:53:00+00:00Provided by

Businesses are rethinking their strategies to maintain operations, minimize supply chain disruption, and manage heightened exposure to financial, legal, regulatory, or reputational risks.

exiger300x200

Webcast: Transform compliance into a business enabler

2019-12-03T14:24:00+00:00Provided by

From bribery and corruption to emerging ESG and reputational risks, corporate compliance functions are expected to protect their business from regulatory liability without slowing the pace of business. This is despite often having fewer resources to manage ever-increasing amounts of third parties and data.

Excellence in Compliance Awards

Introducing ‘The Excellence in Compliance Awards’

2019-12-02T22:03:00+00:00By

Compliance Week is making some changes to its annual awards for 2020, evolving the “Top Minds” recognition into a full-blown, specifically targeted awards program dubbed “The Excellence in Compliance Awards.”

vendor risk cover img

White paper: Vendor Risk: Find It Before It Finds You

2019-12-02T12:22:00+00:00Provided by

It is virtually impossible to move forward in business without vendor relationships, but having vendors also means having potential risk.

TPRM2

TPRM Summit preview: How to ensure you’re prepared when disaster strikes

2019-11-26T15:03:00+00:00By Tricia Rosetti

In a preview of their upcoming session at Compliance Week’s Third-Party Risk Management & Oversight Summit, two experts share best practices on how to ”Earthquake-Proof Your Organization.”

Blockchain

Internal control best practices for blockchain technology

2019-11-14T17:19:00+00:00By

Those in accounting who want to understand better the inherent risks, threats and vulnerabilities, and internal control best practices associated with the use of blockchain technology now have a first-of-its-kind framework to follow.

Aravo TPRM

e-Book: Meeting the expectations of the board

2019-10-28T04:55:00+00:00Provided by

An organization is only as strong as its weakest link. As enterprises expand their international reach, the potential for uncovering fallible business associates multiplies.

world map index

Compliance lessons from recent nine-figure FCPA settlements

2019-10-24T15:46:00+01:00By

Walmart, TechnipFMC, Fresenius—just to name a few—have all fallen prey to the Foreign Corrupt Practices Act in a record year of jacked-up enforcement and sky-high penalties.

dnb 300x200

Webcast: Risk associated to your third-party relationships

2019-10-24T14:34:00+01:00Provided by

In today’s ever-escalating regulatory environment, companies are expected to understand who they are doing business with. Ultimate Beneficial Ownership (UBO) is required on a mandatory basis for organizations that fall within the scope of AML and beyond. And while the legislation is complex and a challenge for most organizations to ...

refinitiv 300x200

Webcast: Following the money to prevent human trafficking

2019-10-03T14:00:00+01:00Provided by

This webcast will help compliance executives explore the latest research and practical insights on how to manage human trafficking and manage third-party risks.

DeloitteSurvey

Survey: Companies believe they've underinvested in TPRM

2019-10-02T18:00:00+01:00By

A new survey published by Deloitte highlights the latest trends—both opportunities and challenges—in companies’ journey toward a more mature extended enterprise risk management program, one in which third-party risk management is integrated across the firm and led from the top.

Food delivery

DoorDash data mishap showcases hazards of third-party vendors

2019-09-27T20:59:00+01:00By

DoorDash announced an incident of unauthorized third-party access to user data—a reminder companies need to mind the cyber-security of vendors in addition to their own.

genpact cover img

White paper: Taming third-party risk with digital

2019-09-23T16:38:00+01:00Provided by

Damaging headlines like this have grown steadily in recent years. Triggered by third parties – such as suppliers, joint-venture partners, and contractors – and exacerbated by longer, more complex supply chains, compliance failures are becoming commonplace. Especially as regulators extend their reach. Building a sustainable framework for third-party risk using ...

onetrust 2 300x200

Webcast: Keys to third-party risk management success

2019-08-29T14:00:00+01:00Provided by

In today’s shifting security and regulatory environment, ongoing third-party monitoring is crucial to compliance success. But how do you keep up with a constantly changing and growing list of vendors? This session will outline the keys to third-party risk management success through a modern approach to monitoring vendors.

Shared Assessments Program enhances TPRM framework

2019-08-27T18:44:00+01:00By GRC Announcements

The Shared Assessments Program announced a new addition to its TPRM framework covering the subjects of periodic assessments and continuous monitoring.

Mastercard

Mastercard reveals data breaches in third-party loyalty program

2019-08-27T18:16:00+01:00By

Mastercard is investigating two data breaches relating to a loyalty program it ran in Germany following a leak of personal information that saw customers’ names, addresses, and credit card numbers circulating on the internet.