All Third Party Risk articles – Page 7
-
PremiumCommon sanctions compliance trip points from 2023 enforcement cases
Penalties against companies including British American Tobacco, Wells Fargo, and Microsoft demonstrate the multiple ways in which businesses can run afoul of U.S. sanctions—an area receiving increased scrutiny by regulators.
-
PremiumNeed to know: New York City AI bias law
Companies that use automated tools to screen candidates for jobs based in New York City must check those systems for bias or potentially run afoul of a first-in-the-nation law.
-
News BriefAmex banking unit fined $15M for poor third-party oversight
American Express National Bank agreed to pay a $15 million penalty levied by the Office of the Comptroller of the Currency for alleged oversight failings regarding a third-party affiliate and its efforts to retain small business customers.
-
PremiumSurvey: Financial institutions doing more with less by outsourcing compliance
Respondents to a recent survey conducted by Compliance Week and Guidehouse largely indicated outsourcing improved the effectiveness of their compliance program in fighting financial crime, though limits remain on how much can be outsourced.
-
PremiumSurvey: U.S. bank failures prompt reassessment of third-party risks
Nearly half the respondents to a Compliance Week and Riskonnect survey regarding the recent U.S. banking crisis said they changed or considered changing their third-party risk management procedures as a result of the turmoil.
-
ResourceSurvey Report: U.S. bank failures prompt reassessment of third-party risks
The recent banking crisis—in which three mid-sized U.S. banks failed—prompted just under half of compliance professionals across all industries to reassess their TPRM procedures, according to a recent survey conducted by Compliance Week and Riskonnect.
-
PremiumPotential sanctions violations: To voluntarily self-disclose or not?
The Department of Justice scrutinizing sanctions on par with how it views bribery under the Foreign Corrupt Practices Act alters the calculus of whether a company should voluntarily self-disclose potential violations, experts discussed at CW’s TPRM Summit.
-
PremiumTI director: U.S. must reckon with role as corruption facilitator
The United States is one of few leaders in the anti-corruption enforcement space but still must reckon with its role as a top facilitator of financial crime, according to the executive director at the U.S. office of Transparency International.
-
PremiumTPRM Summit takeaways: Tech risks, board and audit relationships
The impact of new technologies like generative artificial intelligence on the third-party risk management landscape was among the points of discussion addressed at Compliance Week’s TPRM Summit in Atlanta.
-
PremiumGrowing list of MOVEit hack victims shows damage control difficulties
More than 130 organizations are believed to have been impacted by the MOVEit hack, with millions of people’s data at risk. Experts opine on the struggles businesses face in containing exposure.
-
WebcastCPE Webcast: NIST, ISO, SIG: Which TPRM framework should you choose?
As more third-party events become known and more prominent, it’s essential to use the correct baselines and metrics. Applying a framework can help dissect and define the level of risk and segment that sufficiently to react and respond in a meaningful and proportionate way.
-
PremiumCFTC commissioner crafting potential proposed rule on cyber resiliency
The Commodity Futures Trading Commission’s Technology Advisory Committee sponsored by Commissioner Christy Goldsmith Romero is crafting potential rulemaking to establish cyber resiliency baselines among swap dealers and futures commission merchants.
-
WebcastCPE Webcast: How well do you know your third-party risks?
The speed of Silicon Valley Bank’s collapse was scary. But what is even scarier was the number of businesses affected by the collapse—not because they did business directly with SVB but because their vendor(s) did business with the bank.
-
PremiumShades of SolarWinds in lessons from MOVEit hack
A ransomware attack affecting some of the U.K.’s largest corporations has highlighted once again how exposed organizations can be if the levels of cybersecurity used by their third parties are not as strong as expected.
-
PremiumNutanix discloses remediation steps following costly software misuse
A lack of oversight of employees handling vendor software is one of several failings at cloud computing company Nutanix that led to misuse, $11 million in estimated costs, and two pending lawsuits.
-
News BriefBanking regs seek consistency via new TPRM guidance
U.S. banking regulators combined to issue final guidance on managing the risks of third-party relationships that replaces the previous documentation each agency released individually.
-
PremiumAsk a CCO: Importance of data analytics, AI over next 5 years
Six senior compliance practitioners forecast the impact advances in data analytics and artificial intelligence will have in their future compliance efforts.
-
News BriefOneMain Financial fined $4.25M in NYDFS cybersecurity case
Mortgage servicer OneMain Financial Group will pay $4.25 million to settle allegations it left customer information vulnerable to cyberattacks by failing to implement required controls under New York’s cybersecurity law.
-
PremiumAsk a CCO: Pressing pain point in working with data for compliance
Six senior compliance practitioners disclose hurdles their respective departments have faced in utilizing data for compliance purposes.
-
PremiumAsk a CCO: Biggest priority for upgrading compliance tech
Six senior compliance practitioners share their biggest priority areas for making technological upgrades to their respective compliance programs during 2023.