Corporate entities that choose to do business with the U.S. federal government take on many regulatory and reporting requirements. This includes requirements related to cost accounting, purchasing, manpower reporting and, most recently, compliance with the Cybersecurity Maturity Model Certification (CMMC). This past year, the Biden-Harris administration signed new laws and initiated new proposed rules to strengthen resilience specific to climate risk and supply chain, which accounts for the U.S.' position as the largest buyer of goods and services across the world.

There are many similarities between the proposed rule's implications and third-party risk management (3PRM) requirements. 3PRM is a form of risk management that focuses on identifying and mitigating risks related to the use of suppliers and their subcontractors by financial institutions.

Like government contractors, financial institutions depend on suppliers to perform and support critical operations. Under 3PRM regulations, financial institutions of all sizes must comply with rules designed to strengthen oversight and control risks associated with suppliers and their subcontractors.

As such, federal contractors should draw parallels and lessons learn from 3PRM and its frameworks to prepare for the potential requirements under the Federal Supplier Climate Risk and Resilience Order in 2023.

Read the full article on steps that can be taken now.

Originally published on January 5, 2023

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.