Compliance Beat

Today Eric talks about third-party risks and some ideas for every organization to think about when thinking about third-party risk. First, we encourage everyone to think outside the box and contemplate the actual third-party risks that their specific organization faces. We often think third-party risk just applies to organizations that operate overseas or have anti-corruption risks. Third-party risks are much broader and organizations should take time to consider it. Second, Eric talks about how third parties are the "perfect storm" for risk. It's hard to imagine any organization these days that doesn't have third-party risk. Additionally, we talk a little about how third parties are logistically hard to monitor. Eric points out that despite these difficulties, organizations are liable for the actions taken on their behalf. Third, there is a way to reasonable manage the risk organizations of all sizes and types face from third parties. Have a plan. Be consistent. Apply your limited resources based on a risk