Analyst Insight: The Gartner® Market Guide for IT Vendor Risk Management Solutions

Hero compliance eu corp due diligence

European Corporate Due Diligence Act

Assess supply chain partner human rights and environmental practices

In March 2021, the European Parliament published a draft directive that introduced mandatory corporate due diligence requirements in areas such as human rights and environmental practices in an organization's supply chain.

As part of the directive, any organization in the European Union (EU) - whether private, state-owned or publicly-listed - would be required to, "identify and assess potential or actual impacts on human rights, the environment or good governance caused by, contributing to or linked to their operations or business relationships, using a risk-based monitoring methodology that takes into account the impact, nature and context of the undertaking’s operations," and, "review business relationships for the same risks."

Although the directive is not yet law, it is important that any organization that does business in the EU begin assessing their supply chain partners' human rights and environmental practices and develop remediations to mitigate any potential financial, legal or reputational risks before they arise.

Relevant Requirements

  • Conduct due diligence according to the likelihood and severity of adverse impacts

  • Publish a statement, including the risk assessment, data and methodology, concluding that the company does not cause, contribute to and is not directly linked to adverse human rights or environmental impacts

  • Establish and implement a due diligence strategy, reviewed annually

  • Verify that subcontractors and suppliers comply with obligations

Align Your TPRM Program with Expanding ESG Regulations

Download this guide to review current and future ESG standards and legislation, and learn how to prepare your TPRM program for compliance.

Read Now
Featured resource compliance handbook esg

Meeting European Corporate Due Diligence Act Requirements with the Prevalent Third-Party Risk Management Platform

  • Icon discover binoculars gold

    Supplier Pre-Screening

    Rapidly pre-screen vendors using a library of continuously updated risk profiles based on inherent/residual risk, completed assessment results and real-time reputational monitoring.

  • Icon business info context gold

    Comprehensive Supplier Profile

    Tap into 550,000+ sources of vendor intelligence to build a comprehensive supplier profile that includes industry and business insights and maps 4th-party dependencies.

  • Icon risk score gold

    Inherent Risk Scoring

    Use a simple assessment with clear scoring to track and quantify inherent risks and determine the right assessment approach.

  • Icon library gold

    Assessment Library

    Leverage Prevalent's built-in Modern Slavery and environmental assessments to determine adherence to policies. Review and approve assessment responses to automatically register risks or reject responses and request additional input.

  • Icon document management file cabinet gold

    Document & Evidence Management

    Store and manage policy documents, evidence and more for dialog and attestation.

  • Icon news newspaper

    Supplier Reputation Monitoring

    Access qualitative insights from over 550,000 public and private sources of reputational information, including negative news, regulatory and legal actions, adverse media, conflicts of interest and more.

  • Icon hand prohibited gold

    Global Sanctions Monitoring

    Simultaneously screen against the world’s most important sanctions lists (including OFAC, EU, UN, BOE, FBI, BIS, etc.), over 1,000 global enforcement lists, and court filings (such as the FDA, US HHS, UK FSA, SEC and more) to proactively identify prohibited business relationships.

  • Icon relationship mapping gold

    Relationship Mapping

    Identify relationships between your organization and third, fourth and Nth parties to discover dependencies and risks in your extended vendor ecosystem.

  • Icon dashboard gold

    Central Risk Register

    Normalize, correlate and analyze assessment results and continuous monitoring intelligence for unified reporting and remediation.

  • Icon remediate health

    Built-in Remediation Guidance

    Take actionable steps to reduce vendor risk with built-in remediation recommendations and guidance.

  • Icon compliance gold

    Compliance Reporting

    Visualize and address compliance requirements by automatically mapping assessment results to any regulation or framework.

Managing ESG Risks Across the Extended Enterprise

This analyst report from GRC 20/20 uncovers best practices for including ESG in your third-party risk management program.

Read Now
Blog managing esg 1021
  • Ready for a demo?
  • Schedule a free personalized solution demonstration to see if Prevalent is a fit for you.
  • Request a Demo