Regulators have responded to increased risk exposures by trying to rein in errant companies through stricter regulations such as UK’s Modern Slavery Act, France’s Sapin II law, the California Consumer Privacy Act, and EU’s General Data Protection Regulation. For example, the US Department of Justice (DOJ) issued a notification requiring companies to monitor supplier risks over the lifecycle of a contract and covering all suppliers.Despite these changes, many organizations lack a structured approach to managing third-party due diligence. They continue to apply knee-jerk quick fixes to simply placate regulators.
Here, we explore the key barriers preventing companies from implementing …
