Resources

  • With the strategic importance of engaging third parties in today's business landscape, coupled with the level of risk that they can bring to the enterprise, it should not be surprising that third party risk management is attracting greater focus from the C-suite and the Board of Directors.

    According to the Institute of Collaborative Working, up to 80% of direct and indirect operating costs of a business can come from third parties, while up to 100% of revenue can come from alliance partners, franchisees and sales agents.

    Third Party Risk Management - Meeting the Expectations of the Board

    October 06, 2017
    Blog
    Read More
  • At the moment, the international approach to enforcement around bribery and corruption can seem uneven, at best and perhaps lax, at worst.

    Bribery & Corruption - “societal action v. unenforced regulation”

    September 18, 2017
    Blog
    Read More
  • As the Internet of Things (IoT) evolves, it will offer organizations the opportunity to create an unprecedented range of potential products and services. By embedding the internet into computer systems inside of cars, appliances, and other physical things, manufacturers will be able to offer new functionality as well as additional services. Smart homes and intelligent cars are already on the consumer market in many countries. Applications for this technology in a business-to-business environment are equally promising.

    Three ways the Internet of Things and the GDPR will impact Third Party Risk

    September 05, 2017
    Blog
    Read More
  • Scorecards that measure the performance of suppliers and vendors that a company contracts with have been a business tool embraced by procurement for some time now.

    However, there’s an evolution underway. Increasingly businesses are recognizing that a holistic third party scorecard that also embeds risk and compliance metrics, can not only help drive continuous improvements in vendor performance, but can also help reduce the risk that third party engagements may bring to the enterprise. What’s more, scorecards can also be leveraged as a collaborative tool to help raise the collective bar of the third party ecosystem – especially in areas such as IT security.  Operational risk, Information Security and Compliance are all now stepping up to the scorecard plate.

    Third party scorecards: Making an improved culture of collaboration a reality

    August 16, 2017
    Blog
    Read More
  • Cyber and information security is considered by some to be the biggest challenge organizations collectively face today. A recent study conducted by Juniper Research predicts the cost of data breaches to reach $2.1 trillion globally by 2019. These incidents – whether they are caused by criminals, foreign governments, or hacktivists – can be costly for organizations, distressing for consumers, and create the possibility of real systemic damage to whole industries; even nations. So, it’s hardly surprising that regulators and legislators around the world are moving into action.  

    Five Top Trends in Cybersecurity Regulations

    August 02, 2017
    Blog
    Read More
  • We are delighted to announce the integration of the Aravo Enterprise platform with SecurityScorecard’s platform, to provide a fully integrated solution for enhanced third party cyber-risk management.

    Aravo and SecurityScorecard Partner to Improve Actionable Third Party Cybersecurity

    July 26, 2017
    Blog
    Read More
  • A snapshot of the results of two new audience surveys suggests that the concept of “risk appetite” within the third-party risk management framework is still finding its feet. Attendees at a pair of June New York and London conferences, aimed at the financial services industry’s third party risk professionals, responded very similarly to three key questions.

    Whetting the Appetite in Third Party Risk

    July 25, 2017
    Blog
    Read More
  •  

    Expert Series Podcast - Pt. 3 - Looking toward the future with GDPR & Third Party Risk – with consideration to privacy regulations in other countries

    July 20, 2017
    Blog
    Read More
  • Best practice approaches to risk and performance scoring and automated workflow

    As businesses have evolved and matured, so too has their approach to third parties. In the past, companies focused more on transactional ‘supplier’ relationships, typically for raw materials or ‘parts’. However, today third party relationships form a much deeper and far-reaching part of the strategic and operational ecosystem of any Global 2000 organization.

    DOWNLOAD THE WHITE PAPER

    Evaluating Third Party Risk and Performance

    July 11, 2017
    Blog
    Read More
  • Session 2 of 3 (approx. 15 minutes)

    I had the great pleasure to speak with Simon McDougall, GDPR expert and Managing Director at Promontory Financial about GDPR & Why Organizations Need To Be Thinking About Third Party Risk. Simon shared insights around GDPR best practices, possible blind-spots, and approaches for Board members, C-suite and middle-management.

    Expert Series Podcast - Session 2 - A Deeper Dive into GDPR & Why Organizations Need To Be Thinking about Third Party Risk

    June 30, 2017
    Blog
    Read More
  • Earlier this month, I attended and chaired at the Center for Financial Professional’s conference on Vendor and Third Party Risk USA in New York. The two-day event highlighted the complexity that third party risk managers face, with topics as far ranging as cyber-risk at fourth parties, to applying third party risk frameworks to intra-company organizations. The event also demonstrated that the discipline is having to evolve and mature fast in order to keep pace with the changing digital landscape as well as ongoing regulatory change. Here are my top takeaways from the event, which I hope you will find of interest.

    Board Reporting, Risk Scorecards, Cybersecurity and more – takeaways from CEFPROs Vendor and Third Party Risk USA Conference

    June 27, 2017
    Blog
    Read More
  • Session 1 of 3 (approx. 18 minutes)

    I had the great pleasure to speak with Simon McDougall, GDPR expert and Managing Director at Promontory Financial about GDPR & Why Organizations Need To Be Thinking About Third Party Risk. Simon shared insights around GDPR best practices, possible blind-spots, and approaches for Board members, C-suite and middle-management.

    Expert Series Podcast - GDPR & Why Organizations Need To Be Thinking About Third Party Risk

    June 15, 2017
    Blog
    Read More
  • This week, I had the pleasure of chairing Day one of the Center for Financial Professional’s conference on Vendor and Third Party Risk EMEA. The conference brought together insights about the evolution of the discipline as well as some key best practices. Here are my top ten takeaways from the event that I would like to share.

    CEFPRO's Vendor & Third Party Risk EMEA conference - Top 10 Key Takeaways for Third Party Risk

    June 09, 2017
    Blog
    Read More
  • With continued bribery and corruption enforcement actions high on the agenda of the regulators, companies should be looking to raise the bar on the due diligence of their third parties, both at onboarding and as part of a continuous monitoring process.

    Empowered Third Party Due Diligence: Aravo and Dow Jones Risk & Compliance

    May 25, 2017
    Blog
    Read More
  • Solution also offers the industry’s greatest ‘completeness of offering’

    We’re very pleased to report that Aravo Solutions has been recognized as a Category Leader in the Chartis Research RiskTech Quadrant® for Third Party Risk Management Systems 2017.

    According to Chartis, “Category leaders are considered to be risk technology vendors that have the necessary depth and breadth of functionality, technology, and content, combined with the organizational characteristics to capture significant market share by volume and value.”

     

     DOWNLOAD REPORT

     

    Aravo Solutions Recognized as Category Leader in Chartis Research RiskTech Quadrant® for Third Party Risk Management Systems 2017

    May 03, 2017
    Blog
    Read More
  • Why TPRM objectives fail – and what Global 2000 companies need to succeed

    Even though large organizations have invested time, attention, and resources into third party risk management (TPRM) over the past decade, it’s clear that many programs are failing to deliver on their primary objective - keeping the organization safe.

    DOWNLOAD THE WHITE PAPER

    Third Party Risk Management in the Dynamic of Business Scale, Complexity, and Change

    April 13, 2017
    Blog
    Read More
  • Third party risk management is a complex discipline, that combined with the scale, complexity, and change dynamics of any Global 2000 organization, can often lead to false starts with technology implementations.

    It’s important to get enterprise software purchase decisions right – they are the fulcrum of successful third party risk programs for the business, they impact on the adoption and performance of many internal users across the enterprise, and they can have an impact on the careers of those selecting them.

    DOWNLOAD THE BUYER'S GUIDE

    What do I need to ask when buying a Third Party Risk Management (TPRM) solution?

    April 10, 2017
    Blog
    Read More
  • Sustainability and corporate social responsibility (CSR) are now important or critically important items on the supply chain agendas of organizations around the world, according to a new survey. However, organizations need to continue to drive improvement in the implementation of their sustainability/CSR programs to ensure risks and compliance are managed, and brand reputation protected.

    Sustainable Procurement - Survey Shows Progress Still To Be Made

    March 27, 2017
    Blog
    Read More
  • Boards of directors together with their C-suite teams have begun to realize just how little risk information they actually have about their third party relationships, and how fragmented that information can be across an organization of even a modest size. 

    DOWNLOAD THE WHITE PAPER

    How To Build a Business Case for Better Third Party Risk Management

    March 21, 2017
    Blog
    Read More
  • Pharmaceutical companies around the world are struggling to keep up with the rapid evolution of ethical frameworks around bribery and corruption in their industry.

    Speaking of Risk: Pharmaceutical Companies and Third Party Promotions

    March 07, 2017
    Blog
    Read More
  • In a sign of what may well be coming for all highly-regulated industries around the world, US financial services regulators are in the process of significantly enhancing their cybersecurity rules, including substantial new rules impacting third party relationships.

    State and Federal Financial Services Regulators Apply Focus on Cybersecurity and Third Party Relationships

    March 01, 2017
    Blog
    Read More
  • Guidance for your FCPA Programs

    On the 8th of February the Fraud Section of the DOJ released fresh guidance in the form of its “Evaluation of Corporate Compliance Programs,” which provides a list of questions that prosecutors will typically ask about a compliance program.

    The DOJ’s “Evaluation of Corporate Compliance Programs”

    February 21, 2017
    Blog
    Read More
  • Raising the Bar for Banks' Third Party Risk Management

    On Jan 24 2017 the US Office of the Comptroller of the Currency issued Supplemental Examination Procedures for Third Party Relationships. These examination procedures are intended to supplement OCC Bulletin 2013-29, “Third-Party Relationships: Risk Management Guidance,” issued October 30, 2013. The supplemental procedures promote consistency when examining national banks and federal savings associations' (collectively, banks) risk management of third-party relationships. These procedures expand on the core assessment contained in the “Community Bank Supervision,” “Large Bank Supervision,” and “Federal Branches and Agencies Supervision” booklets of the Comptroller’s Handbook.

    OCC BULLETIN 2017-7: The OCC's Supplemental Examinations Procedures for Third Party Relationships

    February 14, 2017
    Blog
    Read More
  • 8 reasons why anti-bribery & corruption compliance should be a focus for multinationals

    If January is anything to go by, 2017 is set to be another year for headline-grabbing regulatory sanctions against organizations for bribery and corruption violations.  The year has already seen significant enforcement activity on both sides of the Atlantic.

    What will 2017 Hold for Bribery & Corruption Enforcement?

    February 07, 2017
    Blog
    Read More
  • Why Global 2000 Companies Should Be Focused on Third Party Compliance

    The European Union’s General Data Protection Regulation (GDPR), which takes effect on May 25, 2018, strengthens data privacy rights for EU citizens and gives regulatory authorities greater powers to take action against companies that breach the law.

    The EU GDPR & Third Party Risk

    February 01, 2017
    Blog
    Read More
  • France Adopts ABAC Laws and Joins Global Efforts at Combatting Corruption

    France has the sixth largest economy in the world, but it has never prosecuted a French company for corruption in a foreign country. That work has been left to countries such as the United States, which fined French oil company Total $398 million for Anti-Bribery/Anti-Corruption (ABAC) violations in 2013 and the French power and transportation company Alstom $772 million for ABAC violations in 2015. The lack of anti-corruption scrutiny French companies received at home might explain why France ranks only 23rd in Transparency International’s Corruption Perceptions Index for 2015.

    French ABAC Laws: Sapin 2

    December 07, 2016
    Blog
    Read More
  • Reaping business value from better GRC efficiency, effectiveness and agility in complex Third Party Programs

    Adobe Case Study

    November 14, 2016
    Blog
    Read More
  • Solution found to drive measurable value, delivering better GRC efficiency, effectiveness and agility to complex Third Party Programs

    Recognition for a job well done is always appreciated. It’s especially appreciated when the recognition is for a job well done for clients. The team here at Aravo were particularly honored and excited to receive the 2016 GRC Value Award for Third Party Management (TPM) from independent GRC analyst firm GRC20/20 for our TMP solution for Adobe Systems.

    Aravo and Adobe Recognized with GRC20/20 Value Award for Third Party Management

    November 14, 2016
    Blog
    Read More
  • Multi-million dollar fines, bad publicity, even jail time for executives—mining companies have a lot at risk in the area of regulatory compliance. In Ernst & Young’s report Business risks facing metals and mining 2016-2017, two of the top ten trends relate to transparency and compliance. Government are cracking down on corruption, and NGO’s and journalists are fueling social movements expressing concern over workplace safety and ethical sourcing.

    One area deserves attention from mining and metals companies: third-party compliance.

    Reducing Regulatory Risks & Achieving Third-Party Compliance in Mining

    October 19, 2016
    Blog
    Read More
  • Today we launched our new Aravo corporate website. It’s mobile ready, and designed to make it more intuitive for you to navigate and find the information you need to fuel your third party risk management technology decisions.  We hope you like it.

    The new Aravo corporate site is live

    October 18, 2016
    Blog
    Read More
  • Regulatory burdens are increasing for Global 2000 companies. More regulations are passed every year, requiring companies to meet an ever-rising standard for self-monitoring and near-faultless business practices. In manufacturing alone, the U.S. federal government passed over 2,300 new regulations between 1981 and 2013. Over 270 of these regulations are classified as “major,” meaning they are expected to have an effect of $100 million or more on the economy.

    Global 2000 Companies Face Increasing Regulatory Burdens and Complexity

    August 31, 2016
    Blog
    Read More
  • The Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 might garner the most headlines, but it is hardly the only federal regulation deserving the attention of U.S. banks.

    Two other federal regulations are increasing the pressure on banks and other financial institutions to monitor and manage third parties. A third party is any outside entity doing work for a bank, regardless of whether the third party is an individual, partnership, or corporation, and regardless of whether the work is done under contract or on a more casual basis.

    Beyond Dodd-Frank: Reducing Regulatory Risks and Achieving Third-Party Compliance in Financial Institutions

    August 29, 2016
    Blog
    Read More
  • Today it was announced that I’m joining Aravo Solutions as Chief Marketing Officer. I’m delighted to be joining such a dedicated team—a team that cares about their customers and about the wider causes they are supporting through Aravo’s industry-leading technology and services.

    Working for a Purpose in the GRC Market

    August 26, 2016
    Blog
    Read More
  • The modern organization is a complex web of relationships and interactions that span traditional business boundaries. Over half of the organization’s ‘insiders’ are no longer traditional employees, but rather third parties: suppliers, vendors, service providers, consultants, etc.  Complexity grows as these interconnected relationships, processes, and systems nest themselves in layers of subcontracting.

    Enabling 360 Degree Insight and Control of Third Party Relationships

    June 11, 2016
    Blog
    Read More
  • Around the world, governments are getting stricter about enforcing anti-bribery and anti-corruption regulations such as the U.S. Foreign Corrupt Practices Act (FCPA), the U.K. Anti-Bribery Act, and other national laws modelled on the OECD Anti-Bribery Convention. These regulations forbid bribery and corruption by companies and their third-party partners, including resellers, distributors, and marketing agencies.

    FCPA Third-Party Risk and Compliance for Pharmaceutical Companies

    May 19, 2016
    Blog
    Read More
  • Adobe case study

    November 14, 2016
    Blog
    Read More
  • Aravo and Adobe Recognized with GRC20/20 Value Award for Third Party Management

    November 14, 2016
    Blog
    Read More
  • CEFPRO’s Vendor & Third Party Risk EMEA conference – Top 10 Key Takeaways for Third Party Risk

    June 09, 2017
    Blog
    Read More
  • French ABAC Laws: Sapin 2 France Adopts ABAC Laws and Joins Global Efforts at Combatting Corruption

    December 07, 2016
    Blog
    Read More
  • OCC BULLETIN 2017-7: The OCC’s Supplemental Examinations Procedures for Third Party Relationships

    February 14, 2017
    Blog
    Read More
  • Reducing Regulatory Risks & Achieving Third-Party Compliance in Mining

    October 19, 2016
    Blog
    Read More
  • Speaking of Risk: Pharmaceutical Companies and Third Party Promotions

    March 07, 2017
    Blog
    Read More
  • State and Federal Financial Services Regulators Apply Focus on Cybersecurity and Third Party Relationships

    March 01, 2017
    Blog
    Read More
  • What will 2017 Hold for Bribery & Corruption Enforcement?

    February 07, 2017
    Blog
    Read More
  • Enabling 360 Degree Insight and Control of Third Party Relationships

    June 10, 2016
    Blog
    Read More
  • Global 2000 Companies Face Increasing Regulatory Burdens and Complexity

    August 31, 2016
    Blog
    Read More
  • Working for a Purpose in the GRC Market

    August 25, 2016
    Blog
    Read More
  • Analyst Podcast with GRC 2020 – Pt. 1: How to Develop a Third Party Management Strategy

    March 02, 2017
    Webinars
    Read More
  • Analyst Podcast with GRC 2020 – Pt. 2 – How to Develop a Third Party Management Strategy

    April 12, 2017
    Webinars
    Read More
  • Analyst Podcast with GRC 2020 – Session 3 – How to Design a Third Party Management IT Architecture

    May 18, 2017
    Webinars
    Read More
  • Expert Series Podcast – GDPR & Why Organizations Need To Be Thinking About Third Party Risk – Session 1

    June 15, 2017
    Webinars
    Read More
  • Expert Series Podcast – Session 2 – A Deeper Dive Into GDPR & Why Organizations Need To Be Thinking About Third Party Risk

    June 30, 2017
    Webinars
    Read More
  • Vendor & Third Party Risk- Expectations of the board & how to develop your third party program maturity to support oversight

    August 30, 2017
    Webinars
    Read More
  • Expert Series Podcast – Pt. 3 – Looking toward the future with GDPR & Third Party Risk

    July 20, 2017
    Webinars
    Read More
  • How to Develop a Third Party Management Strategy

    July 12, 2016
    Webinars
    Read More
  • How to Define a Third Party Management Process Life Cycle

    July 19, 2016
    Webinars
    Read More
  • How to Design a Third Party Management IT Architecture

    July 26, 2016
    Webinars
    Read More
  • eBook: Meeting the Expectations of the Board

    October 04, 2017
    White Papers
    Read More
  • A Buyer’s Guide to Third Party Risk Management Solutions

    April 17, 2017
    White Papers
    Read More
  • Cybersecurity Regulatory Radar: Five Top Trends in Cybersecurity Regulation

    August 03, 2017
    White Papers
    Read More
  • Evaluating Third Party Risk and Performance – Best practice approaches to risk and performance scoring and automated workflow

    July 11, 2017
    White Papers
    Read More
  • Reducing Regulatory Risks and Achieving Third-Party Compliance in Mining

    October 19, 2016
    White Papers
    Read More
  • The Business Case For Better Third Party Risk Management

    March 21, 2017
    White Papers
    Read More
  • The New GDPR: Taking A Strategic Approach To An Internationally-Focused Data Protection Rule

    February 01, 2017
    White Papers
    Read More
  • The OCC’s Supplemental Examinations Procedures for Third Party Relationships

    February 14, 2017
    White Papers
    Read More
  • Third Party Risk Management in the Dynamic of Business Scale, Complexity, and Change

    April 19, 2017
    White Papers
    Read More
  • Reduce FCPA Risks and Achieve Third-Party Compliance in Financial Institutions

    September 01, 2016
    White Papers
    Read More
  • Reduce FCPA Risks and Achieve Third-Party Compliance in Pharma Industry

    August 24, 2016
    White Papers
    Read More
  • Enabling 360 Degree Insight and Control of Third Party Relationships

    August 25, 2016
    White Papers
    Read More
  • Accenture: Increasing Customer Time to Value with Better Supplier Management

    July 01, 2016
    Case Studies
    Read More
  • Adobe case study

    November 14, 2016
    Case Studies
    Read More
  • Aravo Solutions – Category Leader in Chartis RiskTech Quadrant® for Third Party Risk Management Systems 2017

    May 04, 2017
    Case Studies
    Read More
  • GE Puts Imagination to Work to Control the Complexity of Global Supplier Management

    June 01, 2016
    Case Studies
    Read More
  • Boston University Enrolls Aravo to Achieve Excellence in Supplier Management

    June 12, 2016
    Case Studies
    Read More
  • EU GDPR & THIRD PARTY RISK INFOGRAPHIC

    February 01, 2017
    Infographics
    Read More
  • With the strategic importance of engaging third parties in today's business landscape, coupled with the level of risk that they can bring to the enterprise, it should not be surprising that third party risk management is attracting greater focus from the C-suite and the Board of Directors.

    According to the Institute of Collaborative Working, up to 80% of direct and indirect operating costs of a business can come from third parties, while up to 100% of revenue can come from alliance partners, franchisees and sales agents.

    Third Party Risk Management - Meeting the Expectations of the Board

    October 06, 2017
    Blog
    Read More
  • At the moment, the international approach to enforcement around bribery and corruption can seem uneven, at best and perhaps lax, at worst.

    Bribery & Corruption - “societal action v. unenforced regulation”

    September 18, 2017
    Blog
    Read More
  • As the Internet of Things (IoT) evolves, it will offer organizations the opportunity to create an unprecedented range of potential products and services. By embedding the internet into computer systems inside of cars, appliances, and other physical things, manufacturers will be able to offer new functionality as well as additional services. Smart homes and intelligent cars are already on the consumer market in many countries. Applications for this technology in a business-to-business environment are equally promising.

    Three ways the Internet of Things and the GDPR will impact Third Party Risk

    September 05, 2017
    Blog
    Read More
  • Scorecards that measure the performance of suppliers and vendors that a company contracts with have been a business tool embraced by procurement for some time now.

    However, there’s an evolution underway. Increasingly businesses are recognizing that a holistic third party scorecard that also embeds risk and compliance metrics, can not only help drive continuous improvements in vendor performance, but can also help reduce the risk that third party engagements may bring to the enterprise. What’s more, scorecards can also be leveraged as a collaborative tool to help raise the collective bar of the third party ecosystem – especially in areas such as IT security.  Operational risk, Information Security and Compliance are all now stepping up to the scorecard plate.

    Third party scorecards: Making an improved culture of collaboration a reality

    August 16, 2017
    Blog
    Read More
  • Cyber and information security is considered by some to be the biggest challenge organizations collectively face today. A recent study conducted by Juniper Research predicts the cost of data breaches to reach $2.1 trillion globally by 2019. These incidents – whether they are caused by criminals, foreign governments, or hacktivists – can be costly for organizations, distressing for consumers, and create the possibility of real systemic damage to whole industries; even nations. So, it’s hardly surprising that regulators and legislators around the world are moving into action.  

    Five Top Trends in Cybersecurity Regulations

    August 02, 2017
    Blog
    Read More
  • We are delighted to announce the integration of the Aravo Enterprise platform with SecurityScorecard’s platform, to provide a fully integrated solution for enhanced third party cyber-risk management.

    Aravo and SecurityScorecard Partner to Improve Actionable Third Party Cybersecurity

    July 26, 2017
    Blog
    Read More
  • A snapshot of the results of two new audience surveys suggests that the concept of “risk appetite” within the third-party risk management framework is still finding its feet. Attendees at a pair of June New York and London conferences, aimed at the financial services industry’s third party risk professionals, responded very similarly to three key questions.

    Whetting the Appetite in Third Party Risk

    July 25, 2017
    Blog
    Read More
  •  

    Expert Series Podcast - Pt. 3 - Looking toward the future with GDPR & Third Party Risk – with consideration to privacy regulations in other countries

    July 20, 2017
    Blog
    Read More
  • Best practice approaches to risk and performance scoring and automated workflow

    As businesses have evolved and matured, so too has their approach to third parties. In the past, companies focused more on transactional ‘supplier’ relationships, typically for raw materials or ‘parts’. However, today third party relationships form a much deeper and far-reaching part of the strategic and operational ecosystem of any Global 2000 organization.

    DOWNLOAD THE WHITE PAPER

    Evaluating Third Party Risk and Performance

    July 11, 2017
    Blog
    Read More
  • Session 2 of 3 (approx. 15 minutes)

    I had the great pleasure to speak with Simon McDougall, GDPR expert and Managing Director at Promontory Financial about GDPR & Why Organizations Need To Be Thinking About Third Party Risk. Simon shared insights around GDPR best practices, possible blind-spots, and approaches for Board members, C-suite and middle-management.

    Expert Series Podcast - Session 2 - A Deeper Dive into GDPR & Why Organizations Need To Be Thinking about Third Party Risk

    June 30, 2017
    Blog
    Read More
  • Earlier this month, I attended and chaired at the Center for Financial Professional’s conference on Vendor and Third Party Risk USA in New York. The two-day event highlighted the complexity that third party risk managers face, with topics as far ranging as cyber-risk at fourth parties, to applying third party risk frameworks to intra-company organizations. The event also demonstrated that the discipline is having to evolve and mature fast in order to keep pace with the changing digital landscape as well as ongoing regulatory change. Here are my top takeaways from the event, which I hope you will find of interest.

    Board Reporting, Risk Scorecards, Cybersecurity and more – takeaways from CEFPROs Vendor and Third Party Risk USA Conference

    June 27, 2017
    Blog
    Read More
  • Session 1 of 3 (approx. 18 minutes)

    I had the great pleasure to speak with Simon McDougall, GDPR expert and Managing Director at Promontory Financial about GDPR & Why Organizations Need To Be Thinking About Third Party Risk. Simon shared insights around GDPR best practices, possible blind-spots, and approaches for Board members, C-suite and middle-management.

    Expert Series Podcast - GDPR & Why Organizations Need To Be Thinking About Third Party Risk

    June 15, 2017
    Blog
    Read More
  • This week, I had the pleasure of chairing Day one of the Center for Financial Professional’s conference on Vendor and Third Party Risk EMEA. The conference brought together insights about the evolution of the discipline as well as some key best practices. Here are my top ten takeaways from the event that I would like to share.

    CEFPRO's Vendor & Third Party Risk EMEA conference - Top 10 Key Takeaways for Third Party Risk

    June 09, 2017
    Blog
    Read More
  • With continued bribery and corruption enforcement actions high on the agenda of the regulators, companies should be looking to raise the bar on the due diligence of their third parties, both at onboarding and as part of a continuous monitoring process.

    Empowered Third Party Due Diligence: Aravo and Dow Jones Risk & Compliance

    May 25, 2017
    Blog
    Read More
  • Solution also offers the industry’s greatest ‘completeness of offering’

    We’re very pleased to report that Aravo Solutions has been recognized as a Category Leader in the Chartis Research RiskTech Quadrant® for Third Party Risk Management Systems 2017.

    According to Chartis, “Category leaders are considered to be risk technology vendors that have the necessary depth and breadth of functionality, technology, and content, combined with the organizational characteristics to capture significant market share by volume and value.”

     

     DOWNLOAD REPORT

     

    Aravo Solutions Recognized as Category Leader in Chartis Research RiskTech Quadrant® for Third Party Risk Management Systems 2017

    May 03, 2017
    Blog
    Read More
  • Why TPRM objectives fail – and what Global 2000 companies need to succeed

    Even though large organizations have invested time, attention, and resources into third party risk management (TPRM) over the past decade, it’s clear that many programs are failing to deliver on their primary objective - keeping the organization safe.

    DOWNLOAD THE WHITE PAPER

    Third Party Risk Management in the Dynamic of Business Scale, Complexity, and Change

    April 13, 2017
    Blog
    Read More
  • Third party risk management is a complex discipline, that combined with the scale, complexity, and change dynamics of any Global 2000 organization, can often lead to false starts with technology implementations.

    It’s important to get enterprise software purchase decisions right – they are the fulcrum of successful third party risk programs for the business, they impact on the adoption and performance of many internal users across the enterprise, and they can have an impact on the careers of those selecting them.

    DOWNLOAD THE BUYER'S GUIDE

    What do I need to ask when buying a Third Party Risk Management (TPRM) solution?

    April 10, 2017
    Blog
    Read More
  • Sustainability and corporate social responsibility (CSR) are now important or critically important items on the supply chain agendas of organizations around the world, according to a new survey. However, organizations need to continue to drive improvement in the implementation of their sustainability/CSR programs to ensure risks and compliance are managed, and brand reputation protected.

    Sustainable Procurement - Survey Shows Progress Still To Be Made

    March 27, 2017
    Blog
    Read More
  • Boards of directors together with their C-suite teams have begun to realize just how little risk information they actually have about their third party relationships, and how fragmented that information can be across an organization of even a modest size. 

    DOWNLOAD THE WHITE PAPER

    How To Build a Business Case for Better Third Party Risk Management

    March 21, 2017
    Blog
    Read More
  • Pharmaceutical companies around the world are struggling to keep up with the rapid evolution of ethical frameworks around bribery and corruption in their industry.

    Speaking of Risk: Pharmaceutical Companies and Third Party Promotions

    March 07, 2017
    Blog
    Read More
  • In a sign of what may well be coming for all highly-regulated industries around the world, US financial services regulators are in the process of significantly enhancing their cybersecurity rules, including substantial new rules impacting third party relationships.

    State and Federal Financial Services Regulators Apply Focus on Cybersecurity and Third Party Relationships

    March 01, 2017
    Blog
    Read More
  • Guidance for your FCPA Programs

    On the 8th of February the Fraud Section of the DOJ released fresh guidance in the form of its “Evaluation of Corporate Compliance Programs,” which provides a list of questions that prosecutors will typically ask about a compliance program.

    The DOJ’s “Evaluation of Corporate Compliance Programs”

    February 21, 2017
    Blog
    Read More
  • Raising the Bar for Banks' Third Party Risk Management

    On Jan 24 2017 the US Office of the Comptroller of the Currency issued Supplemental Examination Procedures for Third Party Relationships. These examination procedures are intended to supplement OCC Bulletin 2013-29, “Third-Party Relationships: Risk Management Guidance,” issued October 30, 2013. The supplemental procedures promote consistency when examining national banks and federal savings associations' (collectively, banks) risk management of third-party relationships. These procedures expand on the core assessment contained in the “Community Bank Supervision,” “Large Bank Supervision,” and “Federal Branches and Agencies Supervision” booklets of the Comptroller’s Handbook.

    OCC BULLETIN 2017-7: The OCC's Supplemental Examinations Procedures for Third Party Relationships

    February 14, 2017
    Blog
    Read More
  • 8 reasons why anti-bribery & corruption compliance should be a focus for multinationals

    If January is anything to go by, 2017 is set to be another year for headline-grabbing regulatory sanctions against organizations for bribery and corruption violations.  The year has already seen significant enforcement activity on both sides of the Atlantic.

    What will 2017 Hold for Bribery & Corruption Enforcement?

    February 07, 2017
    Blog
    Read More
  • Why Global 2000 Companies Should Be Focused on Third Party Compliance

    The European Union’s General Data Protection Regulation (GDPR), which takes effect on May 25, 2018, strengthens data privacy rights for EU citizens and gives regulatory authorities greater powers to take action against companies that breach the law.

    The EU GDPR & Third Party Risk

    February 01, 2017
    Blog
    Read More
  • France Adopts ABAC Laws and Joins Global Efforts at Combatting Corruption

    France has the sixth largest economy in the world, but it has never prosecuted a French company for corruption in a foreign country. That work has been left to countries such as the United States, which fined French oil company Total $398 million for Anti-Bribery/Anti-Corruption (ABAC) violations in 2013 and the French power and transportation company Alstom $772 million for ABAC violations in 2015. The lack of anti-corruption scrutiny French companies received at home might explain why France ranks only 23rd in Transparency International’s Corruption Perceptions Index for 2015.

    French ABAC Laws: Sapin 2

    December 07, 2016
    Blog
    Read More
  • Reaping business value from better GRC efficiency, effectiveness and agility in complex Third Party Programs

    Adobe Case Study

    November 14, 2016
    Blog
    Read More
  • Solution found to drive measurable value, delivering better GRC efficiency, effectiveness and agility to complex Third Party Programs

    Recognition for a job well done is always appreciated. It’s especially appreciated when the recognition is for a job well done for clients. The team here at Aravo were particularly honored and excited to receive the 2016 GRC Value Award for Third Party Management (TPM) from independent GRC analyst firm GRC20/20 for our TMP solution for Adobe Systems.

    Aravo and Adobe Recognized with GRC20/20 Value Award for Third Party Management

    November 14, 2016
    Blog
    Read More
  • Multi-million dollar fines, bad publicity, even jail time for executives—mining companies have a lot at risk in the area of regulatory compliance. In Ernst & Young’s report Business risks facing metals and mining 2016-2017, two of the top ten trends relate to transparency and compliance. Government are cracking down on corruption, and NGO’s and journalists are fueling social movements expressing concern over workplace safety and ethical sourcing.

    One area deserves attention from mining and metals companies: third-party compliance.

    Reducing Regulatory Risks & Achieving Third-Party Compliance in Mining

    October 19, 2016
    Blog
    Read More
  • Today we launched our new Aravo corporate website. It’s mobile ready, and designed to make it more intuitive for you to navigate and find the information you need to fuel your third party risk management technology decisions.  We hope you like it.

    The new Aravo corporate site is live

    October 18, 2016
    Blog
    Read More
  • Regulatory burdens are increasing for Global 2000 companies. More regulations are passed every year, requiring companies to meet an ever-rising standard for self-monitoring and near-faultless business practices. In manufacturing alone, the U.S. federal government passed over 2,300 new regulations between 1981 and 2013. Over 270 of these regulations are classified as “major,” meaning they are expected to have an effect of $100 million or more on the economy.

    Global 2000 Companies Face Increasing Regulatory Burdens and Complexity

    August 31, 2016
    Blog
    Read More
  • The Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 might garner the most headlines, but it is hardly the only federal regulation deserving the attention of U.S. banks.

    Two other federal regulations are increasing the pressure on banks and other financial institutions to monitor and manage third parties. A third party is any outside entity doing work for a bank, regardless of whether the third party is an individual, partnership, or corporation, and regardless of whether the work is done under contract or on a more casual basis.

    Beyond Dodd-Frank: Reducing Regulatory Risks and Achieving Third-Party Compliance in Financial Institutions

    August 29, 2016
    Blog
    Read More
  • Today it was announced that I’m joining Aravo Solutions as Chief Marketing Officer. I’m delighted to be joining such a dedicated team—a team that cares about their customers and about the wider causes they are supporting through Aravo’s industry-leading technology and services.

    Working for a Purpose in the GRC Market

    August 26, 2016
    Blog
    Read More
  • The modern organization is a complex web of relationships and interactions that span traditional business boundaries. Over half of the organization’s ‘insiders’ are no longer traditional employees, but rather third parties: suppliers, vendors, service providers, consultants, etc.  Complexity grows as these interconnected relationships, processes, and systems nest themselves in layers of subcontracting.

    Enabling 360 Degree Insight and Control of Third Party Relationships

    June 11, 2016
    Blog
    Read More
  • Around the world, governments are getting stricter about enforcing anti-bribery and anti-corruption regulations such as the U.S. Foreign Corrupt Practices Act (FCPA), the U.K. Anti-Bribery Act, and other national laws modelled on the OECD Anti-Bribery Convention. These regulations forbid bribery and corruption by companies and their third-party partners, including resellers, distributors, and marketing agencies.

    FCPA Third-Party Risk and Compliance for Pharmaceutical Companies

    May 19, 2016
    Blog
    Read More
  • Analyst Podcast with GRC 2020 – Pt. 1: How to Develop a Third Party Management Strategy

    March 02, 2017
    Webinars
    Read More
  • Analyst Podcast with GRC 2020 – Pt. 2 – How to Develop a Third Party Management Strategy

    April 12, 2017
    Webinars
    Read More
  • Analyst Podcast with GRC 2020 – Session 3 – How to Design a Third Party Management IT Architecture

    May 18, 2017
    Webinars
    Read More
  • Expert Series Podcast – GDPR & Why Organizations Need To Be Thinking About Third Party Risk – Session 1

    June 15, 2017
    Webinars
    Read More
  • Expert Series Podcast – Session 2 – A Deeper Dive Into GDPR & Why Organizations Need To Be Thinking About Third Party Risk

    June 30, 2017
    Webinars
    Read More
  • Vendor & Third Party Risk- Expectations of the board & how to develop your third party program maturity to support oversight

    August 30, 2017
    Webinars
    Read More
  • Expert Series Podcast – Pt. 3 – Looking toward the future with GDPR & Third Party Risk

    July 20, 2017
    Webinars
    Read More
  • How to Develop a Third Party Management Strategy

    July 12, 2016
    Webinars
    Read More
  • How to Define a Third Party Management Process Life Cycle

    July 19, 2016
    Webinars
    Read More
  • How to Design a Third Party Management IT Architecture

    July 26, 2016
    Webinars
    Read More
  • eBook: Meeting the Expectations of the Board

    October 04, 2017
    White Papers
    Read More
  • A Buyer’s Guide to Third Party Risk Management Solutions

    April 17, 2017
    White Papers
    Read More
  • Cybersecurity Regulatory Radar: Five Top Trends in Cybersecurity Regulation

    August 03, 2017
    White Papers
    Read More
  • Evaluating Third Party Risk and Performance – Best practice approaches to risk and performance scoring and automated workflow

    July 11, 2017
    White Papers
    Read More
  • Reducing Regulatory Risks and Achieving Third-Party Compliance in Mining

    October 19, 2016
    White Papers
    Read More
  • The Business Case For Better Third Party Risk Management

    March 21, 2017
    White Papers
    Read More
  • The New GDPR: Taking A Strategic Approach To An Internationally-Focused Data Protection Rule

    February 01, 2017
    White Papers
    Read More
  • The OCC’s Supplemental Examinations Procedures for Third Party Relationships

    February 14, 2017
    White Papers
    Read More
  • Third Party Risk Management in the Dynamic of Business Scale, Complexity, and Change

    April 19, 2017
    White Papers
    Read More
  • Reduce FCPA Risks and Achieve Third-Party Compliance in Financial Institutions

    September 01, 2016
    White Papers
    Read More
  • Reduce FCPA Risks and Achieve Third-Party Compliance in Pharma Industry

    August 24, 2016
    White Papers
    Read More
  • Enabling 360 Degree Insight and Control of Third Party Relationships

    August 25, 2016
    White Papers
    Read More
  • Accenture: Increasing Customer Time to Value with Better Supplier Management

    July 01, 2016
    Case Studies
    Read More
  • Adobe case study

    November 14, 2016
    Case Studies
    Read More
  • Aravo Solutions – Category Leader in Chartis RiskTech Quadrant® for Third Party Risk Management Systems 2017

    May 04, 2017
    Case Studies
    Read More
  • GE Puts Imagination to Work to Control the Complexity of Global Supplier Management

    June 01, 2016
    Case Studies
    Read More
  • Boston University Enrolls Aravo to Achieve Excellence in Supplier Management

    June 12, 2016
    Case Studies
    Read More
  • EU GDPR & THIRD PARTY RISK INFOGRAPHIC

    February 01, 2017
    Infographics
    Read More