Third-Party & Supply Chain

New Report Shows 97% of Top U.S. Banks Affected by Third-Party Data Breaches in 2024

In a world where banks depend on third-party vendors for critical services, a new report from SecurityScorecard paints a concerning picture of the vulnerabilities lurking in the financial sector. According to the findings, a staggering 97% of the top 100 U.S. banks were impacted by third-party data breaches over the past year, revealing just how interconnected—and fragile—the banking supply chain has become.

Resilience, ESG, & Compliance: Strengthening the Extended Enterprise Ecosystem

In today’s hyper-connected world, businesses rarely operate in isolation. Instead, they form part of intricate webs of suppliers, vendors, and third-party partners. These extended enterprise relationships offer a wealth of opportunities—streamlined operations, cost efficiencies, and specialization—but they also come with inherent risks. Managing these risks effectively requires a firm commitment to environmental, social, and governance (ESG) standards, operational resilience, and robust compliance strategies.

Forced Labour Products Banned from European Market: A New Era for Ethical Trade

The Council of the European Union has adopted a new regulation that bans products made with forced labour from the EU market. The decision, finalized on November 19, 2024, marks a turning point in global trade standards, with Europe sending a resounding message: forced labour has no place in its supply chains.

Maersk Report Reveals Ongoing Supply Chain Disruptions & How European Shippers Are Responding

Earlier this month, Maersk released a report indicating that three out of four shippers operating in Europe have dealt with disruptions in their supply chain over the past 12 months. Even more alarming is that more than half of those affected are experiencing a serious impact on costs.

EU Defers Deforestation Regulation, Giving Companies the Time to Meet Compliance Standards

The European Union has decided to postpone the enforcement of its landmark deforestation regulation by one year. Originally set to take effect on December 31, 2024, this new timeline will allow companies, traders, and third countries additional time—until December 2025 for large operators and until mid-2026 for small businesses—to meet the stringent requirements set by the law. This decision comes after widespread concerns voiced by various stakeholders, including EU member states, international trade partners, and industry groups, who warned that the original deadline was too ambitious for full compliance.

Countdown to DORA: EU Supervisors Set Timelines for Critical ICT Oversight

The clock is ticking for Europe’s financial sector as the Digital Operational Resilience Act (DORA) prepares to go live on 17 January 2025. To pave the way, the European Supervisory Authorities (EBA, EIOPA, and ESMA—collectively, the ESAs) have announced how they’ll collect the vital information needed to designate Critical ICT Third-Party Providers (CTPPs). The message is clear: start preparing now, or risk falling behind.

UK Unleashes Sweeping Sanctions to Target Russia's War Machine & Shadow Networks Across the Globe

The UK has escalated its pressure on Vladimir Putin, announcing its largest package of sanctions since May. This new wave targets the Kremlin’s sprawling web of military supply chains and the shadowy mercenary groups doing Moscow's bidding from Ukraine to Africa. With these measures, the UK aims to choke off Putin’s lifelines, hitting Russia where it hurts most: its ability to sustain the prolonged—and increasingly desperate—war in Ukraine.