Third-Party & Supply Chain

The banking sector finds itself at a critical juncture. The proliferation of partnerships between traditional financial institutions and innovative FinTechs has ushered in unprecedented opportunities for growth and customer engagement. However, this intricate web of relationships has also introduced a new dimension of risk that demands immediate attention from Governance, Risk, and Compliance (GRC) professionals, Third-Party Risk Management (TPRM) specialists, and compliance officers.

In an era where data is often described as the new oil, Toyota, one of the world's largest automakers, finds itself again grappling with the consequences of a significant data leak. The incident, involving the exposure of 240GB of sensitive information, brings to the forefront the complex challenges of managing cybersecurity in a digitally interconnected business ecosystem.

Körber Supply Chain Software announced on August 6 that they have reached an agreement to acquire MercuryGate International Inc., a leading provider of transportation management systems (TMS). Körber, already a global leader in end-to-end supply chain software solutions, is poised with the acquisition to expand their capabilities in delivering comprehensive, innovative, adaptable, and scalable supply chain execution offerings.

Banks and investment firms face a multitude of risks - from financial and regulatory to reputational and legal. To address these challenges effectively, institutions must have a comprehensive understanding of not only their internal risks, but also the risks presented by their third-party vendors, suppliers, and clients.

In the grand, unpredictable theater of global commerce, supply chains are the delicate threads that hold the whole show together. But lately, it seems like these threads are fraying, snapping, and occasionally tying themselves into impossibly complicated knots. With shipping routes turning into obstacle courses and third-party services acting like temperamental divas, the need for resilience in supply chains isn’t just a trendy buzzword—it’s a matter of survival.

The U.S. Consumer Product Safety Commission (CPSC) has ruled that Amazon.com, Inc. is legally responsible as a "distributor" for hazardous products sold by third-party sellers on its platform. This ruling, issued on July 30, 2024, sends a clear message to e-commerce platforms about their accountability for third-party risk management and product safety compliance.

The Federal Reserve, Federal Deposit Insurance Corporation (FDIC), and Office of the Comptroller of the Currency (OCC) have jointly unveiled a multi-pronged approach to address the rapidly evolving landscape of bank-fintech partnerships and associated third-party risks. This initiative includes a detailed statement on potential risks and effective risk management practices, coupled with a Request for Information (RFI) seeking broader input on these complex arrangements. However, the approach has sparked debate within regulatory circles, highlighting the challenges in balancing innovation with prudent oversight.