Report: Poor awareness of supply chain disclosure regs leaving firms exposed
Compliance failures in the supply chain are hampering organizations’ efforts to implement environmental, social, and governance initiatives and meet disclosure requirements, according to a new report by U.K. law firm Burges Salmon.
CPE Webcast: Automating third-party management workflows: 5 ways to drive alignment across teams
Is your third-party management process bogged down by manual workflows and misaligned teams? It’s time to say goodbye to inefficiency and hello to streamlined processes (if only it were that simple).
OFAC fines SCG Chemicals unit $20M over Iran sanctions violations
A subsidiary of Thailand-based SCG Chemicals Co. agreed to pay a $20 million fine to the Office of Foreign Assets Control over “egregious” violations of sanctions against Iran.
June 18 | Digital Operational Resilience Act: Key provisions and best practices
This presentation will provide an overview of the key provisions of DORA and their implications for Third-Party Risk Management (TPRM) teams, list best practices for DORA preparation and review key considerations for teams looking to implement the DORA framework.
ECHR ruling opens door to climate change litigation on basis of human rights
By holding the Swiss government accountable for failing to do more to limit climate change, a ruling by the European Court of Human Rights might have significant implications for legislators and organizations in other countries across the European Union.
e-Book: Tips for TPRM, supply chain due diligence
Implementing a risk-based approach to third-party due diligence frees up compliance resources to be deployed efficiently and helps organizations meet the expectations of regulators.
New DHS strategy sets textiles up for added UFLPA scrutiny
The Department of Homeland Security announced a new strategy set to help close a loophole that allows certain textile-related shipments from China to enter the United States without scrutiny under the Uyghur Forced Labor Prevention Act.
CW2024 leadership panel on navigating scrutiny, prep for more change
The global political landscape should be high on the risk radar of compliance officers in 2024, according to compliance leaders speaking at Compliance Week’s 2024 National Conference, along with increased regulatory scrutiny toward forced labor, ESG, and M&A.
Ex-Albemarle CCO shares drivers behind data analytics success at CW2024
Former Albemarle CCO Andrew McBride explained at Compliance Week’s 2024 National Conference how he led the company’s compliance department to remediate the issues that led to apparent FCPA violations and how the team used data analytics to assess risks and implement compliance solutions.
AT&T: Data leak exposed info of 73M customers onto dark web
AT&T said personal account data on approximately 73 million current and former customers was released on the dark web two weeks ago but has not yet identified when and where the breach occurred.
CBP stats show persistent problem areas under UFLPA
It’s been nearly two years since the Uyghur Forced Labor Prevention Act took effect, and as enforcement statistics and recent reports demonstrate, many businesses are still not adequately vetting their supply chains.
CPE webcast: Rapid expansion of global forced labor regulations
Join us as we dive into the best practices for performing due diligence across your entire supply chain—from the sourcing of raw materials to the delivery of finished goods—to become (and stay) compliant with this ever-evolving landscape.
DOL orders Tuff Torq to pay $1.8M over child labor violations
The Department of Labor ordered Tennessee-based Tuff Torq Corp. to pay nearly $1.8 million over alleged child labor violations.
NAVEX whistleblower report finds third parties lead on business integrity
A new report on corporate whistleblowing and hotline trends in 2023 found reporting volume at an all-time high, with key disparities uncovered between reports filed by third parties and those filed by employees.
Adani Group on defense over reports of FCPA probe
Indian conglomerate Adani Group said it is aware of an investigation by the U.S. Department of Justice into bribery allegations against a “third party” but denied a relationship with it.
Policy changes underscore need for enhanced child labor due diligence
Rooting out potential child or forced labor violations in your company’s supply chain can have benefits beyond protecting reputation and being ethically sound. The process can also help your firm comply with pending child labor laws in other jurisdictions.
The auditor’s role in supply chain due diligence
Although compliance should be the company’s primary responsibility, auditors have become the last line of defense and are getting pressured and blamed for supply chain issues, including instances of child labor. Is this expected to become the normal for the profession?
U.S. banking regs mulling enhanced operational resiliency frameworks
Acting Comptroller of the Currency Michael Hsu said federal banking agencies are considering enhancements to their operational resiliency requirements for member banks.
DOL seeking more authority in crackdown on child labor violations
The Department of Labor has stepped up its enforcement of child labor law amid a concerning rise in child labor exploitation, yet the agency acknowledges its resources are not great enough to be a significant deterrent for such misconduct.
Child labor violations are on the rise in U.S. Are they in your supply chain?
The compliance community has not been spending time addressing a problem mistakenly thought to be a rarity: The proliferation of child labor violations occurring in the United States.
EU to ban sale of products made with forced labor
The European Union announced an agreement to ban products made with forced labor, a decision that will oblige organizations to track and declare more information about their supply chains for goods entering EU markets.
CPE Webcast: Applying traditional TPRM security and data privacy practices in the digital space
This webinar explores the compliance challenges posed by evolving privacy regulations and the recent explosion of class-action litigation arising from third-party advertising technology on websites.
Metropolitan Commercial Bank adds risk chief, AML officer
Metropolitan Commercial Bank announced the appointments of a chief risk officer and Bank Secrecy Act/anti-money laundering officer to bolster its reporting lines following a $30 million enforcement action from federal and state authorities last year.
Best practices for determining need for a human rights policy
Does your business need a human rights policy? An increasing number of organizations believe they do, according to research firm Gartner.
Q&A: ManpowerGroup compliance director on CSRD prep efforts
James Levey, compliance director at global recruitment agency ManpowerGroup, discusses with Compliance Week his focus on preparing the group’s European operations to gather the data required for compliance with the EU’s Corporate Sustainability Reporting Directive.
CPE Webcast: TPRM: Time to change how you approach vendor assessments
Forward-thinking third-party risk management teams are changing the way they approach vendor assessments.
Alphabet to pay shareholders $350M over Google+ privacy lapses
Alphabet, the parent company of technology giant Google, agreed to pay $350 million in a preliminary settlement with shareholders over alleged data privacy violations and materially false and misleading statements linked to now-defunct social media site Google+.
U.K. Post Office scandal sparks contractor accountability debate
The recent furor in the United Kingdom over the Post Office’s wrongful prosecutions of sub-postmasters for alleged fraud has put the government’s relationship with private contractors under the spotlight and raised questions about how companies could be held more accountable in future.
FCPA violations in China: Lessons learned from 2023 cases
Enforcement actions regarding alleged violations of the Foreign Corrupt Practices Act at 3M, Albemarle, Clear Channel Outdoor, and Royal Philips each had China touchpoints. Experts assess third-party risk management lessons learned from each case.
White paper: Quantify Third-Party Financial Risk to Efficiently Address Threats
Financial risk is one of the third-party risk management (TPRM) domains most likely to directly harm your organization.
NYDFS proposes AI use guidance for insurers
The New York State Department of Financial Services issued for public comment guidance for insurers operating in the state regarding their use of artificial intelligence systems and other predictive technologies.
Lessons from Albemarle, ABB: How data-driven compliance can help your firm
Andrew McBride, chief risk officer of Albemarle Corp., and Tapan Debnath, head of integrity, regulatory affairs and data privacy at ABB, discussed how and why their respective organizations use data analytics to conduct business as part of a recent webcast.
FinCEN analysis: Most common identity-related suspicious activities
Fraud remains the leading form of identity-related suspicious activity cited in Bank Secrecy Act reports by a large margin, while technologies enable greater overall risks around exploitation, according to new research from the Financial Crimes Enforcement Network.
Ten things I’d like to see happen in 2024
Election years in the United States, United Kingdom, and at European Parliament, along with ongoing geopolitical tensions, make 2024 difficult to predict—aside from the expectation compliance officers will be busy.
Freepoint Commodities to pay $99M in Brazil bribery FCPA case
Freepoint Commodities agreed to pay nearly $99 million to settle allegations by the Department of Justice that it paid bribes to Brazilian government officials in return for business from state-owned oil company Petrobras.
U.S. agencies issue ‘know your cargo’ transport compliance note
Five agencies of the U.S. government combined to issue best practices guidance for entities in the maritime and other transportation industries to help reduce risk of sanctions and export control violations and evasion efforts.
Efficiency, consistency among goals of modernized TPRM program
Managing directors at KPMG share how firms are making strides in building robust third-party risk management programs for the future.
OCC offers compliance guidance to banks on ‘buy now, pay later’ loans
New guidance from the Office of the Comptroller of the Currency advises banks to tailor their risk management strategies and lending oversight for “buy now, pay later” plans.
e-Book: Goals of a modernized TPRM program
Companies have shown a willingness to invest in technology to enhance their third-party risk management efforts. But that doesn’t mean new opportunities don’t remain.
Survey: Companies bullish on new tech amid enhanced sanctions scrutiny
Emerging technologies like automation and generative AI are on the radar as difference-makers for businesses serious about keeping pace with increasing regulatory scrutiny toward third-party due diligence and sanctions compliance, a survey conducted by Compliance Week and Certa found.
CPE Webcast: Better risk assessments: Practical, data-driven assessments made simple
Today’s risk assessments require improved quantitative, data-driven analysis, including interpreting inherent risk data in a meaningful way. Organizations are looking for risk assessments to be actionable, easier to execute, and defensible.
CPE Webcast: Elevating third-party safety: The art of TPRM and TPDD integration
This webinar will address the unique competencies of third-party risk and due diligence programs and examine when and how to align them to maximize the effectiveness of each.
A job never done: Tips for TPRM integration
Taking risk mitigation further and understanding your third parties and their risks can create value for your organization, practitioners discussed as part of a panel at CW’s virtual TPRM and Oversight Summit.
CPE Webcast: How to strengthen your TPRM to be more resilient
In this session, experts from Riskonnect and Deloitte will explore why it is important for organizations to align strategies, processes, and practices related to business resilience with the risks posed by third-party vendors and partners.
TPRM Summit: How to operate a risk-based due diligence program
A panel of experts broke down the nuts and bolts of integrating a risk-ranking strategy and tailored approach to third-party due diligence at CW’s virtual TPRM and Oversight Summit.
Due diligence in China: Mitigating arrest, detention risks
Lack of transparency around how to remain within the legal bounds of China’s national security laws has heightened companies’ concerns regarding performing on-site due diligence in the country.
CPE Webcast: Beyond the questionnaire: Tips to modernize your TPRM program
Join ProcessUnity for a discussion on how forward-thinking TPRM teams are incorporating new relationships, technologies, and techniques to mature their risk-reduction capabilities.
Supply chain due diligence must go beyond self-assessments
So many companies rely on suppliers to self-certify they comply with buyers’ codes of business conduct that the practice is “almost useless,” a panel of experts discussed at Compliance Week’s Europe conference in London.
CPE Webcast: Best practices for third-party due diligence for ethics & compliance
Increased regulatory and consumer scrutiny on the integrity of businesses has shined a spotlight on the reputational risks of unethical business practices involving third parties.
Survey: Risk chiefs feeling pressure from growing compliance mandates
Mounting compliance requirements and technological innovations have chief risk officers facing more complex risk environments, according to a KPMG survey.