Industries

Banks, credit unions, brokerage firms and other financial services organizations have a broad set of requirements that regulators expect them to meet for effective third-party risk management.

In addition to being held to the same rigorous standards as many other financial services, insurers face additional complexity in their requirement to ensure that third parties comply with regulations at both the State and Federal level.

Pharmaceutical, life sciences, and biotech firms manage complex, long-term projects that can involve thousands of third parties around the globe. Firms need to ensure third parties comply with a range of regulations – from ABAC laws, to controls for drug trials and pharmacovigilance, to privacy.

High tech firms have come under increasing regulatory and public scrutiny, especially in the areas of data privacy and information security, as evidenced by legislation like GDPR and CCPA.

Consumer packaged goods (CPG) firms must navigate complex supply chains, vast third-party networks, and geographical reach to manage and mitigate third-party risk to meet regulatory requirements and protect brand value.

Manufacturing firms work with large networks of suppliers, and bottlenecks in third-party onboarding and management required by regulators can be as costly as production bottlenecks.

Automotive firms have complex supply networks manage, and as vehicles become more high tech, the auto industry needs to add even more oversight to reduce third-party risk.

The extraction industry needs to manage third-party bribery and corruption risks, and ensure that third parties comply with environmental and safety standards. And, with cyber-criminals increasingly targeting the industry, it needs to ensure third parties have robust cybersecurity measures in place.

One of the most heavily regulated industries, online and onsite gaming must meet the expectations of regulators in multiple jurisdictions for everything from financial practices, to beneficial ownership, to cybersecurity.

Internal and external examiners expect documentation and validation that third parties are properly classified and meet requirements for security and quality.

Business services firms not only need third-party risk management solutions to manage their own corporate programs, but they are also looking to best-in-class technology to provide managed services offerings.

Often operating in regions where there is higher risk of bribery and corruption and state-owned resources, mining operations are expected to demonstrate robust ABAC controls.