The views and opinions expressed in this article are those of the thought leaders as individuals, and are not attributed to CeFPro or any particular organization.
By Alpa Inamdar, Transformation Leader, AIG
What are some of the key considerations regarding due diligence and oversight of third and fourth parties?
Due diligence has greatly expanded beyond the previous basic incorporation documents, financial statements, and insurance coverage. Relationships with external service providers and operational partners has a major impact on reputation risk, compounded by the extensive sharing of confidential and PII data with vendors. In addition, many companies have sourced their AD&M, technology systems, and financial operations support functions to one or more third parties.
The regulators are catching up and requiring expanded due diligence, risk assessment, and continuous monitoring throughout the supply chain. Companies must clearly know every party that is touching their data, the jurisdiction where the service provider is located, and full spectrum risk profile, including cyber security, financial health, compliance, operational risk, and the full complement of the ESG commitment.