Nearly all organisations in the world operate with the assistance of one or more third parties. These third parties fall into several broad categories. The third parties work at various levels within an organisation and in some cases they act on behalf of the organisation. In other cases, they are a simple supplier to the organisation.
As the compliance function becomes increasingly sophisticated, organisations are coming to the realisation that it is the third parties acting on its behalf that actually causes the most significant compliance risk to itself.
For both legal, practical and risk exposure reasons, organisations need to consider the compliance risks of certain third parties as their risks as well as its own internal risks.