Diligent Acquires 3rdRisk to Expand AI-Native Third-Party Risk Capabilities

Key Takeaways

• Acquisition Announced: Diligent has acquired Netherlands-based 3rdRisk to expand its third-party risk management capabilities, with the deal announced on January 14 and no financial terms disclosed.
• Focus on Third-Party Risk: The transaction targets the growing complexity of vendor and supplier risk, particularly in IT and technology supply chains that are increasingly subject to regulatory scrutiny.
• AI-Native Platform Added: 3rdRisk’s platform uses AI to automate elements of vendor profiling, assessments, and document review across the third-party risk lifecycle.
• Broader AI Strategy: The acquisition follows a series of AI-related product launches by Diligent across governance, enterprise risk, entity management, and audit analytics.

Deep Dive

Diligent has acquired 3rdRisk, an AI-native third-party risk management provider based in the Netherlands, as part of a move to expand its capabilities in vendor and supplier risk oversight.

The transaction, announced January 14, adds 3rdRisk’s technology to Diligent’s broader governance, risk, and compliance portfolio at a time when organizations are facing growing scrutiny over how they manage risks across extended vendor ecosystems. Financial terms of the deal were not disclosed.

Diligent said the acquisition supports its efforts to address the increasing scale and complexity of third-party risk, particularly in IT and technology supply chains. Regulators in multiple jurisdictions have placed greater emphasis on vendor oversight, while cyber incidents and operational disruptions tied to third parties have continued to draw board-level attention.

Scott Bridgen, General Manager for Risk and Audit at Diligent, said the combination of the two platforms is intended to give organizations a more unified view of risk that extends beyond internal operations to external vendors. According to Diligent, this reflects the growing importance of third-party dependencies in governance and risk discussions.

3rdRisk focuses on automating parts of the third-party risk management lifecycle, including vendor profiling, assessment workflows, and the review of contracts and certifications. The company’s platform is built around AI-driven analysis to help organizations monitor supplier risk on an ongoing basis and prepare for audits more efficiently.

Bram Ketting, co-founder and CEO of 3rdRisk, said the company was founded on the idea that AI can reduce manual effort in vendor risk processes while leaving decision-making with risk professionals. He added that joining Diligent will allow the platform to be deployed more broadly while continuing to develop its core functionality.

The acquisition follows a series of AI-related product launches by Diligent over the past year, including tools focused on governance workflows, enterprise risk management, entity management, and audit analytics. With the addition of 3rdRisk, Diligent is extending that work into third-party risk management, an area shaped by regulatory frameworks such as DORA and NIS2.

District Capital Partners acted as financial advisor and Goodwin Procter LLP served as legal advisor to Diligent. WizeCap was financial advisor and deBreij was legal advisor to 3rdRisk.

Diligent said the integration of 3rdRisk will support organizations seeking clearer visibility into vendor performance and risk exposure as third-party relationships continue to expand in number and importance.

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.