Third-Party & Supply Chain

For decades, just-in-time (JIT) manufacturing has been the benchmark for operational efficiency. This approach emphasizes delivering products in the fastest, most cost-effective manner while maintaining a highly visible platform for continuous improvement. JIT supply chains minimize resources—such as space, inventory, and workflows—to essential levels, reducing waste and enabling organizations to convert efforts into revenue with remarkable efficiency. By eliminating excess inventory, redundant systems, and systemic bottlenecks, JIT has become a cornerstone of modern manufacturing operations.

In a world where banks depend on third-party vendors for critical services, a new report from SecurityScorecard paints a concerning picture of the vulnerabilities lurking in the financial sector. According to the findings, a staggering 97% of the top 100 U.S. banks were impacted by third-party data breaches over the past year, revealing just how interconnected—and fragile—the banking supply chain has become.

In today’s hyper-connected world, businesses rarely operate in isolation. Instead, they form part of intricate webs of suppliers, vendors, and third-party partners. These extended enterprise relationships offer a wealth of opportunities—streamlined operations, cost efficiencies, and specialization—but they also come with inherent risks. Managing these risks effectively requires a firm commitment to environmental, social, and governance (ESG) standards, operational resilience, and robust compliance strategies.

The Council of the European Union has adopted a new regulation that bans products made with forced labour from the EU market. The decision, finalized on November 19, 2024, marks a turning point in global trade standards, with Europe sending a resounding message: forced labour has no place in its supply chains.

Earlier this month, Maersk released a report indicating that three out of four shippers operating in Europe have dealt with disruptions in their supply chain over the past 12 months. Even more alarming is that more than half of those affected are experiencing a serious impact on costs.

The European Union has decided to postpone the enforcement of its landmark deforestation regulation by one year. Originally set to take effect on December 31, 2024, this new timeline will allow companies, traders, and third countries additional time—until December 2025 for large operators and until mid-2026 for small businesses—to meet the stringent requirements set by the law. This decision comes after widespread concerns voiced by various stakeholders, including EU member states, international trade partners, and industry groups, who warned that the original deadline was too ambitious for full compliance.

The clock is ticking for Europe’s financial sector as the Digital Operational Resilience Act (DORA) prepares to go live on 17 January 2025. To pave the way, the European Supervisory Authorities (EBA, EIOPA, and ESMA—collectively, the ESAs) have announced how they’ll collect the vital information needed to designate Critical ICT Third-Party Providers (CTPPs). The message is clear: start preparing now, or risk falling behind.