Linkedin Twitter Instagram
Log In

Third-Party Risk Management Needs to be part of an Organizations Continuous Improvement Program

by

Third-Party Risk Management (TPRM) today prioritizes concerns of regulatory fines over strategy and operational directives for stronger security.  By investing in a complete, targeted approach, organizations can elevate TPRM as an essential part of their security program strategies. Robust cybersecurity structures are critically important, and third-party risk management was once a vital component of these … Read more

US Treasury Cybersecurity Breach Highlights Growing Supply Chain Security Threats for 2025

by

A recent cybersecurity breach at the US Department of the Treasury, attributed to a Chinese state-backed actor, has raised serious concerns about supply chain security risks. This incident, which was traced back to vulnerabilities in a third-party remote tech support service, underscores the vulnerabilities of technology supply chains and the growing threat they pose to … Read more

The Future of AI in Enterprises: Transformational Changes Ahead

by

By 2026, AI is expected to help 20% of organizations streamline their structures, potentially eliminating over half of current middle management roles. This shift is driven by AI’s ability to optimize decision-making and automate managerial tasks. Additionally, by 2027, up to 70% of new employee contracts could include provisions for AI-powered digital representations of their … Read more

Cybercriminals Continue to Focus on Exploiting Vulnerabilities in the Supply Chain to Gain Backdoor Access to Organizations Systems and Critical Data

by

Cybercriminals and hackers have increasingly exploited vulnerabilities in industry standard IT and security tools, leading to major security incidents. Incidents across multiple market segments highlight how quickly liabilities in widely used management tools can become targets for both state-sponsored groups and ransomware operators, underscoring the importance of safeguarding against supply chain cyberattacks. Certainly, supply chain … Read more

Understanding and Implementing Third-Party Vendor Risk Management

by

Effective Vendor Risk Management (VRM) is crucial for mitigating risks and protecting your business’s reputation. This involves identifying potential third-party vendors, conducting thorough assessments, and continuously monitoring their performance. What is Vendor Risk Management? Vendor risk management is an ongoing process of due diligence carried out before and after engaging with third-party suppliers. It aims … Read more

Healthcare Organizations and Vendor Cyberattacks: A Guide to Preparation and Response

by

The number of cyberattacks is on the rise, and healthcare providers are a prime target. These attacks often come through third-party vendors, increasing the risk for healthcare organizations. The healthcare industry providers often rely on a complex network of vendors and subcontractors. This interconnectedness means a cyberattack on a vendor can easily migrate through the … Read more

AI Can Support Third-Party Vendors and Supplier Risk Management Challenges

by

Although Artificial Intelligence (AI) has been around for quite a while, the adoption and evolution of AI-related technologies has dramatically improved over the past year. AI can provide organizations with an easier way to manage third-party vendors and supplier risks and ensure compliance in this complex regulatory environment. Third Party Vendors: Opportunities and Challenges Organizations … Read more

SEC Tightens Regulations Regarding SaaS Security

by

The SEC is cracking down on SaaS security, holding public companies accountable for protecting data stored in SaaS systems and connected third-party apps.  This shift reflects growing concerns about vulnerabilities in SaaS platforms and the potential impact on investors. Why is the SEC Focusing on SaaS? High Prevalence of Breaches: Despite companies feeling confident in … Read more

Modevity Contracts with Engineered Products Manufacturer for Vendor Risk Management Compliance Program Support

by

West Chester, PA   January 12, 2024, Modevity, LLC, a leading Commercial Intelligence company established in 2004 specializing in Investigative Due Diligence Research and Vendor Risk Management (VRM) Services, announced today that the company signed a contract to support DMC Global a US based Engineered Products Manufacturer for Third-Party Vendor Risk Management Support. In this highly … Read more

Generative AI Will Become a Powerful Tool to Support Data Analysts

by

Data analysis may seem like a technical role on a surface level, but the reality of the job is nuanced and vital to most business and technical operations. The analysis process involves more than crunching numbers; it requires an understanding of the human elements behind the data.  Whether it’s analyzing customer behavior or detecting fraudulent … Read more

What Hospitals should do for increasing Cybersecurity against Ransomware Attacks

by

Ransomware attacks are a growing threat to hospitals, with the number of attacks increasing year over year. These attacks can have a devastating impact on hospitals, disrupting patient care, delaying critical procedures, and costing millions of dollars in damages. Hospitals are particularly attractive targets for ransomware gangs because they have substantial amounts of sensitive data, … Read more

The Importance of Healthcare Organizations Hiring Professional Investigative Background Due Diligence Firms

by

Introduction Healthcare organizations have long been considered the cornerstone of public health and wellness, entrusted with the responsibility of caring for our physical well-being. In fulfilling this crucial role, the industry relies heavily on the competence and integrity of its workforce and critical vendors. However, recent incidents have revealed major flaws in healthcare hiring processes, … Read more

Company Board Members’ Struggle to Grasp Cybersecurity Risks: A Risky Proposition for Businesses

by

In today’s interconnected and technology-driven business ecosystem, cybersecurity is a paramount concern. As organizations continue to digitize their operations and data, the risk of cyberattacks looms large. While many businesses invest heavily in cybersecurity measures, a significant challenge persists—board members frequently struggle to understand cybersecurity risks. This knowledge gap poses a serious threat to businesses, … Read more

Generative AI: Paving the Way for Continued Transformational Benefits and Challenges in the Near Future

by

In recent years, the world of artificial intelligence (AI) has witnessed remarkable advancements that have reshaped industries, revolutionized processes, and elevated human capabilities. One of the most promising developments in this technology is Generative AI, a technology that holds the potential to deliver transformational benefits across various domains in the next couple of years. It … Read more

Modevity Investigative Due Diligence Research Reporting Services

by

Modevity, LLC, founded in 2004 and headquartered in West Chester, PA, is a trusted provider of comprehensive Investigative Due Diligence Research Reporting Services that helps organizations make informed business decisions, and manage risks, across multiple organizational use cases and market segments. With our in-depth due diligence research, advanced technology platforms, and experienced data investigators, we … Read more

The Crucial Role of Continuous and Comprehensive Monitoring in Mitigating Risks from Third-Party Vendors

by

Vendor Risk Management has wide-ranging implications throughout an organization. The failure of a vendor to meet their obligations can have detrimental effects on a firm’s security, compliance, manufacturing processes, and customer support.  While establishing a vendor’s baseline ‘risk’ profile is a fundamental step, continuous vendor monitoring for any changes becomes crucial for security, risk managers, … Read more

Organizations Need To Recognize Potential Risks with AI and Develop Strategy with Effective Plans

by

These risks associated with implementing AI systems must be acknowledged by organizations that want to use the technology ethically and with minimal risk as possible. Organizations in varied market segments have always had to manage risks associated with new technologies and solutions to support and expand their businesses. Certainly, they must do the same when … Read more

Modevity Announces Investigative Due Diligence Research Reporting for New Client – National Historic Real-Estate Development Company

by

West Chester, PA   April 24, 2023, Modevity, LLC, a leading Commercial Intelligence company established in 2004 specializing in Investigative Due Diligence Research and Vendor Risk Management (VRM) Services, announced that the company has a new client a National Historic Real-Estate Development Company. Modevity continues to expand its Investigative Due Diligence Research Reporting Services support for … Read more

Third-Party Vendor Risk Management is a Crucial Component of any Healthcare Organization’s Compliance & Risk Management Program

by

Vendor Risk Management as a Service Hospital networks and healthcare providers are becoming more scrutinized than ever by government regulators about how organizations manage and evaluate Third-Party Risks of the vendors, suppliers, and contractors in their supply chain. Understanding how these regulations connect to third-party vendor risk is paramount to ensuring compliance, but also recognizing … Read more

Modevity Announces Third-Party Vendor Risk Management Services Support to Captive Insurance Industry

by

Vendor Risk Management As a Service Modevity, LLC, a leading Commercial Intelligence company established in 2004 specializing in Investigative Due Diligence Research and Vendor Risk Management (VRM) Services, announced that the company is rolling out their Third-Party Vendor Risk Management Services Support to Captive Insurance Industry. Modevity provides an array of Third-Party Vendor Risk Management … Read more

Modevity Signs a National Auto Finance Company to Support their Third-Party Vendor Risk Management Compliance Program

by

Vendor Risk Management as a Service West Chester, PA   February 28, 2023  Modevity, LLC, a leading Commercial Intelligence company established in 2004 specializing in Investigative Due Diligence Research and Vendor Risk Management (VRM) Services, announced today that the company signed a contract to support a US based Auto Finance Company with their Third-Party Vendor Risk … Read more

The US Treasury Issues Final Rule Outlining ‘Beneficial Ownership’ Reporting Requirements

by

The US Treasury Department’s anti-money laundering unit recently issued a final rule that reveals which types of legal entities will be required to report information on their true, or “beneficial” ownership to Treasury The final rule is an attempt by the US government to lift the veil of anonymity offered by shell companies that has … Read more

Third-Party Vendor Risk Management for Captive Insurance Companies

by

Third-Party Vendor Risk Management (VRM) and KYC should be a critical component of any Captive Insurance Company’s overall risk management program. Captive insurers rely heavily on vendors for various functions, including technology solutions, actuarial services, and claims processing, etc. So, it is critical for those Captive Insurance companies to manage their third-party vendor risks to … Read more

Companies Need To Strengthen Their Cyber Security To Become ‘Insurable’

by

Investing In Better IT Security to Protect Against Cyber-Attacks Will Make Organizations More Resilient Against Other Risks Including Third-Party Vendor Risk  In 2023, companies in all market segments are now faced with the possibility of finding that they are unable to obtain a cyber security insurance policy since the volatility of cyber-attacks reaches new levels. … Read more

The Increasing Cybersecurity Challenges for 2023

by

As we begin 2023, this year will be remembered as the year when cybersecurity strategies and procedures against escalating cyber threats becomes ever more challenging. No longer are organizations scrambling to stabilize their operations amid the disruption caused by the impact of the pandemic, but for all this talk of the “new normal,” the world … Read more

Companies Need To Develop Strategic Compliance Program Procedures to Control Third-Party Vendor Risks

by

Senior management in most organizations in varied market segments recognize they are becoming increasingly reliant on third-party vendors to support critical business functions, but with the providing access to a business’s internal networks comes cyber risks and data breach threats. It is estimated that more than 50% of businesses using third-party vendors have experienced a … Read more

Supply Chain Cyber Attacks Increased Over 600% This Year and Companies are Falling Behind

by

Most companies believe they are using no open-source software libraries with known vulnerabilities, but new research finds them in 68% of selected enterprise applications. In this regulatory and security centric business environment, the number of documented supply chain cyber security attacks involving malicious third-party components has increased over 600% the past year.  Currently, sitting at … Read more

The Critical Need for Expanding Third-Party Vendor Risk Management in Healthcare

by

In this regulatory and security centric healthcare environment, Hospital networks and healthcare providers are becoming more scrutinized than ever by government regulators about how organizations manage and evaluate risks of the vendors, suppliers and contractors in their supply chain.  Understanding how these regulations connect to third-party vendor risk is paramount to ensuring compliance, but also … Read more

Strategies to Minimize Organizational Third-Party Vendor Risks

by

Organizations across most market segments are becoming increasingly reliant on third-party vendors to support critical business operations across the board to support a wide array of process and functions. It is estimated that over 50% of businesses using third-party vendors have experienced a data breach involving confidential information. Given the current state supply chain’s impact … Read more

Russian Financial Sanctions Evasion Continues

by

No doubt, Western Sanctions are beginning to take hold on the Russian Economy. With the Russian Ruble having become one of the world’s most undesirable currencies, Kremlin-connected financiers and oligarchs now have critical overexposure to Western capital markets and financial systems. With key Russian financial institutions, such as Sberbank and VTB, facing extensive Western sanctions, … Read more

FDIC – Proposed Interagency Guidance on Third-Party Relationships: Risk Management

by

The Federal Deposit Insurance Corporation (FDIC), the Board of Governors of the Federal Reserve System (Board), and the Office of the Comptroller of the Currency (OCC) (collectively, the agencies) are seeking comment on proposed guidance on managing risks associated with third-party relationships. The proposed guidance offers a framework of sound risk management principles to assist … Read more

Trends Impacting Global Supply Chains In 2022

by

Certainly, with the recent pandemic has affected every part of the supply chain, in all market segments.  The majority of companies worldwide are continually being challenged in their operational, financial and organizational resilience across their supply chain network.   Looking back, the pandemic has highlighted risks and resiliency gaps for many organizations. Recent industry surveys are … Read more

SEC Ready to Strengthen Cybersecurity Requirements for Public Companies

by

Proposed rules place greater responsibility on C-suites and Boards for Managing, Mitigating Cyber Threats Earlier in 2022 , the U.S. Securities and Exchange Commission (SEC) announced that it was proposing new rules to standardize disclosures by publicly traded companies related to cybersecurity risk management, strategy, governance, and incident reporting. Although the rules have yet to … Read more

FinCEN and the U.S. Department of Commerce’s Bureau of Industry and Security Urge Increased Vigilance for Potential Russian and Belarusian Export Control Evasion Attempts

by

The Financial Crimes Enforcement Network (FinCEN) and the U.S. Department of Commerce’s Bureau of Industry and Security (BIS)1 are issuing a joint alert2 urging financial institutions3 to be vigilant against efforts by individuals or entities to evade BIS export controls implemented in connection with the Russian Federation’s (Russia) further invasion of Ukraine. This joint alert … Read more

The Continued Use Cryptocurrency Exchanges and Tools to Lessen the Strength of U.S. Sanctions

by

The Treasury Department continues to investigate sanctions violations by crypto exchange companies in whether their crypto exchange allows users in sanctioned countries to buy and sell digital tokens. For example, The Treasury Department’s Office of Foreign Assets Control has been investigating Kraken since 2019 as reported by NY Times. It appears that Kraken would be … Read more

ERiSA Plan Sponsors Need to Verify That All Service Providers and Vendors Meet DOL Cybersecurity Guidelines

by

The Department of Labor’s (DOL) release of cybersecurity best practices for plans covered by the Employee Retirement Income Security Act (ERISA) makes it clear that plan sponsors, service providers, and participants share responsibility for protecting plan accounts.  The guidance, which includes tips for hiring service providers, cybersecurity program best practices, and online security tips, provides … Read more

New SEC Cybersecurity Reporting Requirements – What Companies Need to Consider

by

In March of this year, the Securities and Exchange Commission (SEC) proposed a set of rules and amendments that the agency expects will strengthen the financial sector’s defense against cyberattacks. They seek to standardize disclosures and admissions of material cybersecurity incidents and improve visibility into a company’s cybersecurity risk management and governance policies to better inform investors. … Read more

The Essentials of Third-Party Vendor / Supplier Management Programs

by

Vendor Risk Management (VRM), Third-Party Risk Management (TPRM), and Supplier Risk Management (SRM) are programs that companies employ to assess their relationships with third parties or suppliers for potential risk. The most common types of risk a company will want to evaluate for are regulatory, operational, financial and reputational. The purpose and function of VRM, TPRM and SRM are similar: the core process is to identify, assess, monitor and mitigate risk. The slight variations between each program depend on your company’s … Read more

Third-Party Risk Is Becoming a Primary Challenge to Further Reduce the Extended Enterprise Risk

by

Today organizations in all market segments increasingly rely on an assortment of third-party vendors, suppliers, and partners. We are all aware of the continued growth of the extended enterprise – companies relying on a network of third-party vendors to provide them with organizational services, products, and competitive advantage. Over the past few years, the use … Read more

Cybersecurity and Resiliency Observations – SEC Office of Compliance Inspections and Examinations

by

Today, Cybersecurity risks originate from many sources, both domestic and from international regions. Most importantly, these cybersecurity risks occur across the array of securities and financial markets. The seriousness of the threats and the heightened concerns to investors, issuers, and other securities market participants, and the financial markets and economy more generally, are considerable and … Read more

Understanding ERISA Retirement Plan Sponsors & Administrators Responsibilities

by

What Is the Difference Between a 401(k) Plan Sponsor and a Plan Administrator? Typically, the employer is considered the 401(k) “plan sponsor,” whereas the day-to-day running of the plan may be handled by a third-party “plan administrator.” Understanding the different responsibilities between the plan sponsor and plan administrator is essential to maintain compliance with all … Read more

Cybersecurity, Preventing Plan Leakage Top of Mind for Retirement Plan Sponsors

by

Retirement Plan Sponsors shared in a survey the steps they have taken, or will take, to reduce plan leakage and retain retiree assets in the plan. Preventing asset leakage and Cybersecurity concerns have been priorities for plan sponsors, according to new research from Callan, and many plan sponsors expect to act further this year. The … Read more

SEC’s Proposed Cybersecurity Rules for RIAs, RICs, and BDCs

by

On February 9, 2022, the SEC voted 3-1 to propose rules that would significantly expand the risk management and reporting requirements concerning cybersecurity and related matters for registered investment companies (RICs), business development companies (BDCs), and investment advisers registered or required to be registered with the SEC (RIAs) The proposed rules would require advisers and … Read more

Retirement Plan Participant Lawsuit Against Transamerica for Data Breach

by

In a lawsuit, he alleges the retirement plan service provider did not take steps to protect the personal information of participants in plans it serves. As the level of awareness of Cybersecurity protection of confidential data has increased, however, so has the size and complexity of the cybersecurity problem from the perspective of plan fiduciary. … Read more

DOL Seeks Information From Alight Solutions About Cybersecurity Incidents

by

Alight has been sued by retirement plan participants whose accounts were hacked, and the Department of Labor is investigating the provider’s practices. Judge John F. Kness of the U.S. District Court for the Northern District of Illinois has ruled that Alight Solutions must comply immediately with a Department of Labor (DOL) administrative subpoena seeking documents … Read more

Modevity Announces New Outsourced Cybersecurity Assessment Services for Retirement Plan Sponsors to Maintain Compliance with the DOL Cybersecurity Guidelines

by

Modevity, LLC, a leading Commercial Intelligence company established in 2004 specializing in Investigative Due Diligence Research and Vendor Risk Management (VRM) Services, announced today that the company has launched their new Cybersecurity Assessment Services for Retirement Plan Sponsors. The US Department of Labor Guidance regarding Plan Sponsors’ fiduciary responsibilities, states that Plan Sponsors should assess … Read more

DOL Guidance on Cybersecurity: Outline Overview for Plan Sponsors

by

As noted in the DOL Guidance on Cybersecurity, Plan Sponsors should continuously ask, are my ERISA plan’s assets and participant data protected from cyberattacks?” The Department of Labor’s (DOL) release of cybersecurity best practices for plans covered by the Employee Retirement Income Security Act (ERISA) makes it clear that plan sponsors, service providers, and participants … Read more

NSA Issues Warning on Cyber Weaknesses that allow Hackers Access

by

On May 17, the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA) and the FBI, along with allied nations, published a Cybersecurity Advisory to raise awareness about the poor security configurations, weak controls and other poor network hygiene practices malicious cyber actors use to gain initial access to a victim’s system. “Weak … Read more

SEC Nearly Doubles Crypto and Cyber Enforcement Staff

by

The Crypto Asset and Cyber Unit will increase to 50 positions; Commissioner Hester Peirce questioned why the commission was ‘leading with enforcement in crypto?’ The Securities and Exchange Commission will expand its Enforcement Division unit focused on crypto assets and cyber violations by 20 positions to 50 in total. SEC Chair Gary Gensler said the move was … Read more

DOL, SEC Cybersecurity Regulations: Divergence or Convergence?

by

The temperature is rising on the quality of cybersecurity risk for registered investment advisors, whether they are in the DOL space or not. In February, the U.S. Securities and Exchange Commission voted to propose two new rules on cybersecurity: rule 206(4)-9 under the Advisers Act and rule 38a-2 under the Investment Company Act. From a high-level perspective, … Read more

FinCEN Issues Advisory on Kleptocracy and Foreign Public Corruption

by

The Financial Crimes Enforcement Network (FinCEN) today issued an advisory on kleptocracy and foreign public corruption, urging financial institutions to focus their efforts on detecting the proceeds of foreign public corruption—a priority for the U.S. Government as it continues to implement the U.S. Strategy on Countering Corruption. The advisory provides typologies and potential indicators of kleptocracy and … Read more

The Benefits of Implementing Investigative Due Diligence Research to an Organization’s Supply Chain Vendor Management Program Initiatives

by

Most organizations that will be making strategic and critical business decisions, it is imperative to undertake an extensive due diligence investigation. Due Diligence is defined as, “the care a reasonable person exercises to avoid harm to other persons or their property.” Investigative Due Diligence refers to the research and analysis of an individual or organization done … Read more

Organizational Strategies To Manage Third-Party Vendor Risk

by

Third-Party Vendor Risk Management (VRM) is an important part of the overall risk management landscape for enterprise organizations. Many corporations have thousands of suppliers: The recognized consumer goods company Proctor and Gamble states that it has over 75,000 suppliers. These suppliers are responsible for everything from software to raw materials, components in the product supply … Read more

Modevity Signs National Property and Casualty Insurance Company For Its Vendor Risk Management (VRM) Services

by

Vendor Risk Management as a Service West Chester, PA   Modevity, LLC, a leading Commercial Intelligence company established in 2004 specializing in Investigative Due Diligence Research and Vendor Risk Management (VRM) Services, announced today that the company signed a three-year contract to support a US based Insurance client to outsource their Third-Party Vendor Risk Management program. … Read more

Expanding Scope of Vendor Risk Management Services Throughout the Enterprise

by

It seems that the potential for a major data breach event has organizations prioritizing third-party risk management across the board.  But when it comes to evaluating and managing vendors and the potential threats they may present to the enterprise, the risks reach is far beyond IT-related cyber security challenges. The importance of the expansion of … Read more

Modevity Leading Vendor Risk Management (VRM) Services Company Announces New Financial Risk Scoring & Reporting

by

Company Adds New Financial Risk Scoring & Reporting to Continue Expanding Their Extensive Capabilities West Chester, Pa., April 28, 2022 — Modevity, LLC, a leading Commercial Intelligence company established in 2004 specializing in Investigative Due Diligence Research and Vendor Risk Management (VRM) Services, announced today that the company has rolled out their new Financial Risk Scoring & … Read more

Modevity Leading Commercial Intelligence Company Announces New Website

by

Company Unveils a New Website to Enhance Its Commitment to Providing Best in Market Investigative Due Diligence Research & Vendor Risk Management (VRM) Services West Chester, Pa., April 25, 2022 — Modevity, LLC, a leading Commercial Intelligence company established in 2004 specializing in Investigative Due Diligence Research and Vendor Risk Management (VRM) Services, announced today that the … Read more

Trusted partner since 2004.

  • 100 E Gay Street,
    West Chester, PA 19380
  • sales@modevity.com
  • (610) - 251 -0700

Other Pages

Quick Links

Get the latest news & updates
Twitter Instagram Linkedin-in

Copyright © 2022 All rights reserved.