At this practical, industry-driven working group, expert speakers will discuss how companies are using a tiered due diligence approach based on the appropriate risk level and type of third party in question. The session will discuss how to re-evaluate your risk ranking approach and manage the costs of a robust program. With evolving risk factors and compliance obligations, don’t miss this worthwhile opportunity to upgrade your best practices. Discover how your approach to managing high stakes risks compares to your peers, and benefit from important takeaways for your work. Ample time will be left for Q & A, so please bring your questions!

• How far you need to go in vetting 1st, 2nd, 3rd, 4th and lower third parties
• How to incorporate effective front-end vetting and screening protocols based on the type of relationship and interests represented by the third party
• Developing a model that stratifies your risk based on third parties — and how to Perform due diligence accordingly
• What you need in a questionnaire for third parties
• Addressing resistance to follow-up questions after an initial questionnaire
• Impact of GDPR on third party due diligence
• How much due diligence is enough: How to know if your approach is truly “risk-based”
• Unique challenges associated with critical types of third parties for your global business
• When and how much due diligence to perform for an ongoing, existing third party relationship
• Understanding the local business environment, customs and practices
• What to do with information uncovered during the vetting process: How to evaluate red flags
• Making the decision regarding which parties to use/not use: “On the Ground” obstacles to monitoring third party conduct
• Special considerations for exercising audit rights
• When and how much to train third parties