Whilst there are many benefits for engaging third parties for the provision of goods and services, there are also added risks. We know that reliance on third parties can expose our firm to the risk of our suppliers’ management and infrastructure, and so it's important that we review and understand the technical and organisational measures and controls our suppliers have in place to protect our firm and our clients.
Information is a key asset to Clifford Chance and consequently needs to be appropriately managed and protected to ensure it is not inadvertently disclosed, lost, stolen or altered. Our suppliers are expected to have effective processes and procedures in place to control and manage third-party access to protected information and the premises, information technology and telecommunications systems, applications and services, and maintain confidentiality, integrity and availability of the services provided to the firm. Our suppliers are also expected to reflect and support our commitment to the protection of personal data and respect for individual privacy rights.
To support our anti-money laundering and anti-bribery and corruption processes, it is important that we understand where we are working with third-parties who are based in high-risk jurisdictions, and which pose a greater risk to the firm and our clients.
Whatever the risk, our Supplier Assessment Questionnaire provides a mechanism for our firm to undertake appropriate due diligence and assurance of our suppliers.