The global regulations driving third-party due diligence

Key regulations to know for managing third-party risk

Kelly Maxwell
Content Marketing Specialist, OneTrust
June 21, 2023

Two businessmen hold a conversation outside of an office building.


When constant growth is the norm, can regulations and laws slow the potential spread of unethical and illegal behavior?

  • Suppliers, vendors, distributors, and other third parties and their actions can reflect negatively on your brand. 
  • Stay compliant and competitive with a strategy built on the latest relevant regulations.

Learn why third-party due diligence matters in the context of the changing global regulatory landscape and the key regulations to know for managing third-party risk.


Modern business is global business. No longer limited by proximity or a shared language, today’s enterprise is seemingly limitless. International corporations often operate in multiple countries and even continents, spreading their operations to international third parties. But when growth at any cost becomes the status quo, regulations and laws, along with the related enforcement mechanisms and officers, must intervene to slow the potential spread of unethical and illegal behavior. 

Waves of new laws are coming, and if there is any hope of remaining compliant and competitive, business needs to keep up. To minimize risk, avoid substantial fines, and safeguard your reputation in the marketplace, you must have a robust third-party due diligence strategy in place; A strategy built on the latest relevant regulations.   

Today, we’re examining why third-party due diligence matters in the context of the changing global regulatory landscape and the key regulations to know for managing third-party risk. Let’s begin with a refresher course on the importance of third-party due diligence.


The third-party due diligence regulatory landscape is changing 


Why does third-party due diligence matter?

Third parties can expose you to different kinds of risks. Some examples include:  

  • Violation of applicable laws resulting in significant fines, civil action, and/or criminal action, including imprisonment 
  • Damage to your company’s reputation 
  • Violation of your company’s standards and policies 
  • Financial loss or loss of new business opportunities


Third-party due diligence is the process of assessing and managing risks associated with the third parties you do business with for critical red flags across ethics, compliance, legal, ESG, finance and other categories.

  • Vendors
  • Suppliers
  • Partners
  • Beneficial owners, etc.


Download our eBook: The global regulations driving third-party due diligence. Key regulations to know for managing third-party risk.


Key regulations to know for managing third-party risk


Bribery and corruptionSanctionsHuman rightsMoney laundering and terrorist financing
US Foreign Corrupt Practices Act (FCPA)US Office of Foreign Assets Control (OFAC) sanctionsUK Modern Slavery Act (Section 54)UK Proceeds of Crime Act (POCA)
UK Bribery ActUK Sanctions and Anti-Money Laundering Act 2018  US Uyghur Forced Labor Prevention Act (UFLPA)UK Money Laundering, Terrorist Financing, and Transfer of Funds Regulations 2017
Brazil’s Clean Company ActEU sanctions, promoting the objectives of the Common Foreign and Security Policy (CFSP)German Supply Chain Due Diligence Act (SCDDA) (aka LkSG)EU Anti-Money Laundering Directives (AMLD)
France’s Sapin IIUN Security Council sanctionsFrance’s Duty of Vigilance LawUS Bank Secrecy Act and Patriot Act


You may also like: Webinar: Unpacking the global third-party due diligence regulatory landscape.


Be informed about the regulations that impact your risk

Often tasked with screening against regulatory risk, reputational risk, and risk of third parties violating the company’s policies, ethics and compliance teams must stay informed about the latest regulations. A wide variety of regulations influence how you conduct due diligence on third parties in your business ecosystem. The regulations discussed above are some of the notable bribery and corruption, sanctions, human rights, and money laundering and terrorism laws around the world. 

Although what we’ve included here is far from an exhaustive list, the requirements in any given area are generally similar, so you can establish one set of guidelines and processes across your organization to address a particular area of third-party risk. No doubt — the regulatory drivers will continue to evolve, and third-party due diligence will become even more essential to protecting your brand from the risks third parties can impose. Given the complexity of the regulatory drivers affecting your relationship with third parties, you may want to consider a third-party management solution to help you streamline compliance screening and management.  

With OneTrust Third-Party Due Diligence, you can automate the third-party due diligence process — from initial screening to risk assessment and management to ongoing reporting and monitoring. The solution keeps third-party profiles in a centralized directory and uses data intelligence to alert you when a third party’s risk profile changes.  

Visit to learn more about how OneTrust Third-Party Due Diligence can protect you from third-party risk and help you build relationships with trustworthy partners in your business ecosystem.  

You may also like


Ethics Program Management

Ethics Exchange: Third-party applications and ephemeral apps

Learn practical advice on how to navigate the risks of ephemeral apps and employee privacy in BYOD world.

November 09, 2023

Learn more


Ethics Program Management

Ethics Exchange: Investigations

Join our live webinar and learn how to conduct comprehensive ethics investigations that are trustworthy and efficient.

September 07, 2023

Learn more


Third-Party Risk

What are your third parties not telling you?

Learn how to actively screen and monitor your third parties in the OneTrust Third-Party Risk Exchange.

July 24, 2023

Learn more