CPE Webcast: Interagency guidance on third parties: How the expanded scope affects everyone
This webcast will provide an overview of new interagency guidance on third-party relationships, as well as share practical advice to ensure your organization is fully prepared for the expanded scope and what this means for your organization’s TPRM program.
Deutsche Bank unit fined $25M in ESG, AML settlements
DWS Investment Management Americas agreed to pay $25 million in penalties across separate settlements with the Securities and Exchange Commission addressing alleged misstatements in environmental, social, and governance investments and anti-money laundering violations.
Experts: How ESG materiality assessments impact compliance
Transparency in environmental, social, and governance reporting has become an important goal, with materiality assessments impacting compliance outcomes, experts said during CW’s virtual ESG Summit.
CPE Webcast: TPRM Program and Technology Modernization
As organizations increasingly rely on third and fourth parties to support critical business services many are assessing their existing capabilities and modernizing their Third Party Risk Management (TPRM) programs and enabling technologies.
Survey: Tech gaps, third parties pose biggest ABAC threats
A recent survey conducted by Compliance Week and Morgan Lewis determined areas of insufficient resource support to combat bribery and corruption, along with trends in third-party due diligence.
Survey Report: Tech gaps, third parties pose biggest ABAC threats
Compliance professionals asked to assess their anti-bribery and corruption efforts indicated resource support deficiencies in areas including staffing and technology, according to a survey conducted by Compliance Week and Morgan Lewis.
Experts: SEC or not, Scope 3 GHG disclosure requirements coming
The actions of companies like Amazon and new legislation passed in California prove it’s no longer a question of if companies will be required to disclose their greenhouse gas emissions—it’s a question of when, experts told attendees at CW’s virtual ESG Summit.
CPE Webcast: Seven practical tips for ongoing third-party risk monitoring
Are you staying vigilant when it comes to third-party risk? With more businesses relying on external third parties, it’s critical to monitor third-party risk on an ongoing basis.
CPE Webcast: Five human capital strategies that win
Discover how leading companies are leveraging human capital management to create a strong connection between employee well-being, sustainable and secure operations, and ESG objectives.
Preparing for SEC cybersecurity rules an opportunity for collaboration
Businesses can prepare for the Securities and Exchange Commission’s upcoming cybersecurity disclosure rule by going through it and identifying key gaps in compliance.
Instinet fined $3.8M by FINRA over deficient CAT reports
Instinet, a brokerage firm subsidiary of Nomura Group, agreed to pay $3.8 million as part of a settlement with the Financial Industry Regulatory Authority regarding “tens of billions” of inaccurate or late reports filed to the consolidated audit trail central repository.
Neogen discloses avoided OFAC fine in Iran sanctions probe
Neogen Corp. disclosed the Office of Foreign Assets Control concluded a probe into potential sanctions violations regarding transactions by the food and animal safety company with parties in Iran without issuing a fine.
Short seller accuses Freedom Holding Corp. of ‘brazen’ sanctions evasion
Freedom Holding Corp. was accused of “brazen sanctions evasion,” along with openly flouting anti-money laundering and know your customer regulations, as part of an investigative report published by short seller Hindenburg Research.
Grupo Aval to pay $81M in landmark FCPA case
Colombian conglomerate Grupo Aval agreed to pay nearly $81 million as part of settlements addressing alleged bribes paid by its bank subsidiary Corficolombiana to win a highway construction contract.
Oct 17 | TPRM privacy compliance: 10 best practices when working with third parties
Businesses are facing an increasing amount of pressure to protect their customers’ data and demonstrate privacy compliance. At the same time, for most modern organizations, more data is flowing to third parties than ever before.
Albemarle reserves $219M for FCPA settlements
Chemical company Albemarle Corp. disclosed it is set to pay $218.5 million as part of proposed settlements reached with the Department of Justice and Securities and Exchange Commission regarding apparent violations of the Foreign Corrupt Practices Act.
Risks, opportunities under SEC’s cyber incident disclosure rule
The clock is ticking for public companies to put in place policies and practices to meet the requirements of the Securities and Exchange Commission’s newly approved cybersecurity incident disclosure rule.
Oct 31 | Best practices for third-party due diligence for ethics & compliance
Increased regulatory and consumer scrutiny on the integrity of businesses has shined a spotlight on the reputational risks of unethical business practices involving third parties.
Common sanctions compliance trip points from 2023 enforcement cases
Penalties against companies including British American Tobacco, Wells Fargo, and Microsoft demonstrate the multiple ways in which businesses can run afoul of U.S. sanctions—an area receiving increased scrutiny by regulators.
Need to know: New York City AI bias law
Companies that use automated tools to screen candidates for jobs based in New York City must check those systems for bias or potentially run afoul of a first-in-the-nation law.
Nov 16 | Elevating third-party safety: The art of TPRM and TPDD integration
This webinar will address the unique competencies of third-party risk and due diligence programs and examine when and how to align them to maximize the effectiveness of each.
Amex banking unit fined $15M for poor third-party oversight
American Express National Bank agreed to pay a $15 million penalty levied by the Office of the Comptroller of the Currency for alleged oversight failings regarding a third-party affiliate and its efforts to retain small business customers.
Survey: Financial institutions doing more with less by outsourcing compliance
Respondents to a recent survey conducted by Compliance Week and Guidehouse largely indicated outsourcing improved the effectiveness of their compliance program in fighting financial crime, though limits remain on how much can be outsourced.
Survey: U.S. bank failures prompt reassessment of third-party risks
Nearly half the respondents to a Compliance Week and Riskonnect survey regarding the recent U.S. banking crisis said they changed or considered changing their third-party risk management procedures as a result of the turmoil.
Survey Report: U.S. bank failures prompt reassessment of third-party risks
The recent banking crisis—in which three mid-sized U.S. banks failed—prompted just under half of compliance professionals across all industries to reassess their TPRM procedures, according to a recent survey conducted by Compliance Week and Riskonnect.
Potential sanctions violations: To voluntarily self-disclose or not?
The Department of Justice scrutinizing sanctions on par with how it views bribery under the Foreign Corrupt Practices Act alters the calculus of whether a company should voluntarily self-disclose potential violations, experts discussed at CW’s TPRM Summit.
TI director: U.S. must reckon with role as corruption facilitator
The United States is one of few leaders in the anti-corruption enforcement space but still must reckon with its role as a top facilitator of financial crime, according to the executive director at the U.S. office of Transparency International.
TPRM Summit takeaways: Tech risks, board and audit relationships
The impact of new technologies like generative artificial intelligence on the third-party risk management landscape was among the points of discussion addressed at Compliance Week’s TPRM Summit in Atlanta.
Growing list of MOVEit hack victims shows damage control difficulties
More than 130 organizations are believed to have been impacted by the MOVEit hack, with millions of people’s data at risk. Experts opine on the struggles businesses face in containing exposure.
CPE Webcast: NIST, ISO, SIG: Which TPRM framework should you choose?
As more third-party events become known and more prominent, it’s essential to use the correct baselines and metrics. Applying a framework can help dissect and define the level of risk and segment that sufficiently to react and respond in a meaningful and proportionate way.
CFTC commissioner crafting potential proposed rule on cyber resiliency
The Commodity Futures Trading Commission’s Technology Advisory Committee sponsored by Commissioner Christy Goldsmith Romero is crafting potential rulemaking to establish cyber resiliency baselines among swap dealers and futures commission merchants.
CPE Webcast: How well do you know your third-party risks?
The speed of Silicon Valley Bank’s collapse was scary. But what is even scarier was the number of businesses affected by the collapse—not because they did business directly with SVB but because their vendor(s) did business with the bank.
Shades of SolarWinds in lessons from MOVEit hack
A ransomware attack affecting some of the U.K.’s largest corporations has highlighted once again how exposed organizations can be if the levels of cybersecurity used by their third parties are not as strong as expected.
Nutanix discloses remediation steps following costly software misuse
A lack of oversight of employees handling vendor software is one of several failings at cloud computing company Nutanix that led to misuse, $11 million in estimated costs, and two pending lawsuits.
Banking regs seek consistency via new TPRM guidance
U.S. banking regulators combined to issue final guidance on managing the risks of third-party relationships that replaces the previous documentation each agency released individually.
Ask a CCO: Importance of data analytics, AI over next 5 years
Six senior compliance practitioners forecast the impact advances in data analytics and artificial intelligence will have in their future compliance efforts.
OneMain Financial fined $4.25M in NYDFS cybersecurity case
Mortgage servicer OneMain Financial Group will pay $4.25 million to settle allegations it left customer information vulnerable to cyberattacks by failing to implement required controls under New York’s cybersecurity law.
Ask a CCO: Pressing pain point in working with data for compliance
Six senior compliance practitioners disclose hurdles their respective departments have faced in utilizing data for compliance purposes.
Ask a CCO: Biggest priority for upgrading compliance tech
Six senior compliance practitioners share their biggest priority areas for making technological upgrades to their respective compliance programs during 2023.
CPE Webcast: Achieving effective TPRM through technology
As businesses become increasingly reliant on third-party relationships, they might expose themselves to risks outside of their control. To address these risks, implementing a robust third-party risk management program is critical.
Ask a CCO: Where has tech made biggest difference in TPRM efforts?
Six senior compliance practitioners explain the impact technological advances have had in streamlining third-party risk management efforts.
Ask a CCO: Compliance team role in TPRM
Six senior compliance practitioners describe how their team contributes to third-party risk management at their respective companies.
FTC warns businesses to risk assess uses of biometric technologies
Businesses that make false or unsubstantiated claims regarding facial recognition and other biometric technologies could face enforcement from the Federal Trade Commission, the agency warned in a policy statement.
Survey: Compliance tech priorities focused on TPRM in 2023
Respondents to a survey conducted by Compliance Week and FTI Consulting largely indicated third parties to be the most heightened area of risk to their businesses this year, with reporting and dashboarding and enhancing analytics capabilities among top priorities.
Tech think tank participants tackle TPRM, MDM, off-channel comms at CW2023
With new technology tools come risks that can’t be denied, a think tank comprised of senior compliance professionals discussed at Compliance Week’s 2023 National Conference.
Survey Report: Compliance tech priorities in 2023
Nearly two-thirds of senior compliance executives anticipate third parties to be the most heightened area of risk to their businesses in 2023, according to the results of a new study.
Chapter 4: Customers’ cooperation key to Flex’s 2030 sustainability strategy
Reaching a meeting of the minds with customers is essential to Flex achieving its long-term goals. The company’s president of manufacturing and services discusses its investment in sustainability solutions and progress to be made in remanufacturing.
Chapter 3: Criticality of preferred suppliers in supporting Flex’s sustainability efforts
Reducing Scope 3 emissions can’t be done without buy-in from critical suppliers. Flex’s VP of procurement and supply chain management discusses the company’s work two years into its stated sustainability commitments.
CPE Webcast: Tips for strengthening business continuity
As organizations face ongoing financial uncertainty, third-party risks are becoming even more pronounced.
Chapter 2: ‘All in the same family’: How Flex’s 100-plus facilities align on sustainability
The global sustainability team at Flex is “the connectors” across the enterprise, said program head Barjouth Aguilar. Company leaders share observations, strategies, and technologies driving their coordinated sustainability efforts.