Blog

Third Party Risk - A Unique Kind of Operational Risk

Third party risk management is on a journey. A journey that is being accelerated and guided by increased regulatory attention.

Read More

Topics: operational risk, third party risk, risk-scoring, enterprise risk, performance scoring, third party relationships, reputational risk, regulatory risk, regulatory compliance, risk and compliance, supplier risk, Financial Services, vendor risk, occ compliance, Risk Management Framework, performance management program, third party supplier

Bribery & Corruption - “societal action v. unenforced regulation”

At the moment, the international approach to enforcement around bribery and corruption can seem uneven, at best and perhaps lax, at worst.

Read More

Topics: Anti-Bribery and Anti-Corruption, Bribery, Corruption, Corruption Enforcement, Fraud, third party risk management, compliance programs, FCPA, uk bribery, uk sfo, reputational risk

Third party scorecards: Making an improved culture of collaboration a reality

Scorecards that measure the performance of suppliers and vendors that a company contracts with have been a business tool embraced by procurement for some time now.

However, there’s an evolution underway. Increasingly businesses are recognizing that a holistic third party scorecard that also embeds risk and compliance metrics, can not only help drive continuous improvements in vendor performance, but can also help reduce the risk that third party engagements may bring to the enterprise. What’s more, scorecards can also be leveraged as a collaborative tool to help raise the collective bar of the third party ecosystem – especially in areas such as IT security.  Operational risk, Information Security and Compliance are all now stepping up to the scorecard plate.

Read More

Topics: third party risk, risk-scoring, performance scoring, third party relationships, reputational risk, organization risk, regulatory risk, regulatory compliance, data privacy, Data Security & Privacy, information security, risk and compliance

Whetting the Appetite in Third Party Risk

A snapshot of the results of two new audience surveys suggests that the concept of “risk appetite” within the third-party risk management framework is still finding its feet. Attendees at a pair of June New York and London conferences, aimed at the financial services industry’s third party risk professionals, responded very similarly to three key questions.

Read More

Topics: third party risk management, risk and compliance, Financial Services, compliance risk, reputational risk, risk management, tprm, event, EMEA, governance, compliance programs, third party risk, risk appetite, survey

Board Reporting, Risk Scorecards, Cybersecurity and more – takeaways from CEFPROs Vendor and Third Party Risk USA Conference

Earlier this month, I attended and chaired at the Center for Financial Professional’s conference on Vendor and Third Party Risk USA in New York. The two-day event highlighted the complexity that third party risk managers face, with topics as far ranging as cyber-risk at fourth parties, to applying third party risk frameworks to intra-company organizations. The event also demonstrated that the discipline is having to evolve and mature fast in order to keep pace with the changing digital landscape as well as ongoing regulatory change. Here are my top takeaways from the event, which I hope you will find of interest.

Read More

Topics: third party risk management, risk and compliance, Anti-bribery & Anti-corruption, Financial Services, High Technology, business case, Responsible Sourcing, compliance risk, reputational risk, risk management, tprm, event, EMEA, governance, compliance programs, third party risk

CEFPRO's Vendor & Third Party Risk EMEA conference - Top 10 Key Takeaways for Third Party Risk

This week, I had the pleasure of chairing Day one of the Center for Financial Professional’s conference on Vendor and Third Party Risk EMEA. The conference brought together insights about the evolution of the discipline as well as some key best practices. Here are my top ten takeaways from the event that I would like to share.

Read More

Topics: third party risk management, risk and compliance, Anti-bribery & Anti-corruption, Financial Services, High Technology, business case, Responsible Sourcing, compliance risk, reputational risk, risk management, tprm, event, EMEA, governance, compliance programs, third party risk

Sustainable Procurement - Survey Shows Progress Still To Be Made

Sustainability and corporate social responsibility (CSR) are now important or critically important items on the supply chain agendas of organizations around the world, according to a new survey. However, organizations need to continue to drive improvement in the implementation of their sustainability/CSR programs to ensure risks and compliance are managed, and brand reputation protected.

Read More

Topics: procurement, sustainability, corporate resonsibility, corporate social responsibility, csr, risk management, compliance, brand reputation, ecovadis, hec, risk mitigation, board of directors, sustainable procurement, SP program, global supply chain, governance, Responsible Sourcing, third party risk management, reputational risk, compliance risk, regulatory risk, suppliers