Third-Party & Supply Chain

‍The Trump administration has moved to tighten enforcement of the Uyghur Forced Labor Prevention Act (UFLPA), designating five additional Chinese industry sectors as high-priority targets. The U.S. Department of Homeland Security (DHS) announced on August 19, 2025, that steel, copper, lithium, caustic soda, and red dates are now subject to heightened scrutiny under the law, which blocks the importation of goods linked to forced labor in China.

Third-party risk management is no longer a box to tick, it’s a survival strategy. But according to Mitratech’s latest global study, many organizations are still managing sprawling vendor ecosystems with outdated tools, limited visibility, and far too few resources.

In the age of sprawling digital supply chains, third-party risk management has become less of a compliance box to tick and more of a survival strategy. But according to a new 2025 study from Mitratech, many organizations are still trying to manage it all with duct tape and spreadsheets.

The European Securities and Markets Authority (ESMA) is stepping up to ensure that third-party risks don’t get overlooked in the growing complexity of EU securities markets. As more companies turn to third parties for critical functions, ESMA’s new guidelines aim to help supervisors across the EU keep pace with these shifts and ensure a more secure, compliant, and resilient market.

Adidas has disclosed a recent data breach where unauthorized external parties obtained certain consumer data via a third-party customer service provider. While the sportswear giant quickly contained the incident and initiated a comprehensive investigation, the breach raises significant concerns about IT security, data protection, and the role of third-party vendors in safeguarding sensitive consumer data.

Germany has adjusted its earlier position on the European Union’s Corporate Sustainability Due Diligence Directive (CSDDD), softening calls for the law’s outright removal. A spokesperson for the German government, Stefan Kornelius, clarified today that instead of scrapping the law, the government aims to “de-bureaucratize” and “streamline” its implementation, as reported by Reuters and The Economic Times.

French President Emmanuel Macron has added his voice to the growing opposition against the European Union's Corporate Sustainability Due Diligence Directive (CSDDD), aligning with German Chancellor Friedrich Merz’s call to scrap the law entirely. The directive, which was adopted in May 2024, mandates that companies assess, prevent, and mitigate their impacts on human rights and the environment across their supply chains, including issues like child labor, slavery, deforestation, and pollution.