Modern businesses are increasingly reliant on third-party vendors and suppliers to scale and improve efficiency. But when every third party can potentially expose your company to regulatory and reputational risk, the need for a meticulous vetting process is essential.  

Increased regulatory and consumer scrutiny of businesses further amplifies the reputational risk of unethical, even illegal, third-party practices. “There are benefits to being a trusted company, as consumers, partners, and stakeholders are relying on trust as an indicator of good business,” says Jisha Dymond, Chief Ethics & Compliance Officer and Head of Ethics & Compliance Center of Excellence at OneTrust. “Companies who prioritize working with other trusted businesses are also better positioned to protect their brand.” 

Fortunately, the most impactful tool for a well-designed risk and compliance program is at your fingertips: data. 

Harnessing the potential of your company’s data, however, is next to impossible and may not provide the full picture when it comes to assessing your third-party network when manual workflows and siloed processes prevent the use of real-time monitoring or automated reporting. The key to unlocking greater potential of your data and third-party due diligence program? A third-party due diligence software solution.  

Today, we’re excited to announce the partnership between Dow Jones Risk & Compliance and OneTrust Third-Party Due Diligence. We unpack the importance of risk-based due diligence and how integrating Dow Jones Risk & Compliance data and research capabilities into the OneTrust platform will empower and supercharge data-driven due diligence for effective and holistic third-party management. 

The importance of risk-based due diligence 

Third-party due diligence is the process of vetting and continually monitoring third parties for critical red flags across ethics, compliance, legal, ESG, and other categories. In its 2020 Update to the Evaluation of Corporate Compliance Programs, the U.S. Department of Justice (DOJ) established how regulators are looking for well-designed “risk-based due diligence” programs, dedicating a whole section to third-party risk management.  

A “risk-based” approach requires evaluating and managing each third party differently, depending on the nature and level of risk it presents to your company. Since the DOJ’s updated guidance asserts their focus on continuous monitoring throughout the third-party relationship lifecycle, static evaluation is no longer an option. The name of the game is now precise and ongoing monitoring. 

Dymond explains, “Third-party risk goes far beyond security concerns, and regulators and consumers alike are now holding companies accountable for the ethics and compliance violations committed by their business partners – often at the expense of their reputation. “Compliance teams need to be able to trust their partners, and ethics and compliance due diligence is the first step. Partnering with Dow Jones Risk & Compliance allows us to bring our customers the data they need to get peace of mind in the integrity of their third parties.” 

Stronger together: The Dow Jones and OneTrust partnership 

The partnership between OneTrust and Dow Jones combines OneTrust’s market-defining trust intelligence and automation capabilities with best-in-class Dow Jones Risk & Compliance data in an end-to-end Third-Party Due Diligence solution. Joining forces to help companies effectively manage third-party reputational risks, along with maintaining your organization’s brand reputation, the OneTrust Third-Party Due Diligence solution, available now on the Ethics and Compliance Cloud, empowers ethics and compliance teams to identify, characterize, and mitigate ethics and compliance risk.  

Dow Jones Risk & Compliance 

Dow Jones Risk & Compliance, a trusted global provider of risk data, integrated technology solutions, and due diligence services for managing regulatory and reputational risk, delivers “reliable, actionable information and applications that are developed specifically for compliance requirements and workflows related to anti-money laundering and counter-terrorism financing, sanctions, anti-bribery and corruption and international trade compliance.” 

Dow Jones Risk & Compliance maintains a comprehensive database of over three million companies, monitoring for sanctions exposure, bribery and corruption, adverse media, modern slavery, financial crime, and more. Their well-maintained data reduces the number of false positives, increases the efficiency and impact of ethics and compliance teams, and empowers them to focus on the most risk-relevant third parties. 

OneTrust Third-Party Due Diligence 

OneTrust Third-Party Due Diligence, an industry-leading third-party due diligence management solution, enables the vetting and monitoring of third parties to ensure compliance and protect brand reputation. The software solution reduces third-party risk with automated workflows, risk calculation and mitigation, monitoring and contextual alerts, and recordkeeping and reporting.  

OneTrust Third-Party Due Diligence is available to customers now on the OneTrust Ethics and Compliance Cloud. The OneTrust Ethics and Compliance Cloud unites ethics program management, speak-up culture assurance, and third-party due diligence to connect people, processes, and technology across ethics, compliance, HR, and legal teams.  

Data-driven due diligence for effective third-party risk management 

With the updated guidance from the DOJ emphasizing the importance of ongoing monitoring in the third-party relationship lifecycle, companies must answer the question: “Does the company engage in due diligence of third parties throughout the lifespan of the relationship, or primarily during the onboarding process?”  

To achieve compliance, ongoing activity and conduct monitoring, as well as the supporting relationship management activities required to execute those activities, are now officially top priority.  

By integrating Dow Jones Risk & Compliance's data and research capabilities into the OneTrust platform, customers will be able to access real-time data on potential third-party risks, including regulatory compliance and reputational issues. This data will then be used to generate risk scores and assessments, allowing businesses to make informed decisions about their third-party relationships.  

Built-in automation is also integrated into every component of your third-party due diligence workflow, from risk-based assessments and screenings to conducting inherent risk and triage. 

Today’s risk landscape demands coordination between companies and their third parties to perform in the global marketplace. Choose third parties that align with your values and partner with trusted entities like OneTrust and Dow Jones Risk & Compliance. 

Centralize third-party profiles, monitor compliance, and automate risk assessments and alerts, with the OneTrust Third-Party Due Diligence solution. Request a free demo today.