Can anyone share best practices around third party due diligence? Specifically the screening process around third party trade compliance screening. I am open to discuss directly with respondents as well.
1.3k views1 Comment
Sort by:
Director, Project Management in Finance (non-banking)2 years ago
According to my assessment, this can vary depending on the industries.
- Screen the third party against restricted party lists and conduct on-site visits/audits - Define risk criteria and perform a risk assessment to prioritise screening - Monitor the third party continuously to maintain compliance
Screening for third-party trade compliance is essential for reducing the risks involved in working with third parties. Businesses can guarantee compliance with legal and regulatory requirements by setting risk criteria, carrying out a risk assessment, screening against restricted party lists, carrying out on-site visits/audits, and monitoring continuously.
How long does your organization retain original systems logs used to filter SOX-related actions into a system that requires review of the logs and retains the filtered logs for seven years? Does your organization consider those original system logs records subject to record retention requirements, or supporting information used to create the SOX records?
According to my assessment, this can vary depending on the industries.
- Screen the third party against restricted party lists and conduct on-site visits/audits - Define risk criteria and perform a risk assessment to prioritise screening - Monitor the third party continuously to maintain compliance
Screening for third-party trade compliance is essential for reducing the risks involved in working with third parties. Businesses can guarantee compliance with legal and regulatory requirements by setting risk criteria, carrying out a risk assessment, screening against restricted party lists, carrying out on-site visits/audits, and monitoring continuously.