Regulatory coverage

Built for the obligations that apply to you.

Third-party risk management is no longer best practice — it's an obligation, in Europe and in Asia alike. The platform structures your program to meet today's frameworks, and the new generation of Asian regulations.

Europe & International

European and international frameworks.

France

Sapin II

Obligation to map risks and document the assessment of third parties (clients, suppliers, intermediaries) under the anti-corruption regime.

How Ethicaline TPRM helps: Sapin II requires a third-party integrity due-diligence programme. Ethicaline TPRM is the risk-assessment-triage and due-diligence engine that runs it — risk-tiered screening of intermediaries, suppliers and partners for corruption, sanctions and reputational red flags, with continuous monitoring and an auditable record for the AFA.
European Union

CS3D / CSDDD

EU corporate sustainability due diligence: identifying, preventing and remediating harms along the value chain.

How Ethicaline TPRM helps: CS3D requires human-rights and environmental due diligence across your chain of activities. Ethicaline TPRM powers the third-party assessment layer — screening and monitoring partners and suppliers for adverse media, sanctions and integrity red flags — feeding your broader due-diligence programme. We power the third-party screening, not the full ESG framework.
Germany

LkSG

Supply-chain due-diligence act: risk analysis and corrective measures across suppliers.

How Ethicaline TPRM helps: LkSG requires due diligence on human-rights and environmental risks in your supply chain. Ethicaline TPRM is the screening engine for your suppliers — risk-based assessment, adverse-media and sanctions checks, continuous monitoring, documented for reporting.
United States

FCPA

Anti-corruption law with extraterritorial reach: due diligence on intermediaries and business partners.

How Ethicaline TPRM helps: The FCPA exposes you to liability for the conduct of your intermediaries. Ethicaline TPRM delivers the third-party integrity due diligence underpinning an effective compliance defence — screening for corruption, sanctions and ownership risk before and throughout each engagement.
European Union

DORA

DORA governs digital operational resilience for the financial sector.

How Ethicaline TPRM helps: Ethicaline TPRM screens and monitors the third-party providers in DORA's scope (including ICT providers) — sanctions/PEP, adverse media, beneficial ownership, continuous monitoring, audit trail. We support your third-party due-diligence and risk-assessment obligations, including toward your ICT providers — we do not perform DORA's core operational-resilience assessment, and do not make a firm "DORA compliant."
Asia-Pacific

The new generation of Asian frameworks.

Asia-Pacific is accelerating. Singapore's MAS is redefining third-party risk, Australia's APRA imposes a DORA-comparable framework, and China is overhauling its supply-chain rules. A program that was adequate three years ago now has gaps.

SingaporeNew 2026

MAS TPRM Guidelines

Issued March 2026, they supersede the old outsourcing rules and extend expectations to all third-party arrangements: register, governance, full lifecycle and sub-contractors.

How Ethicaline TPRM helps: MAS expects financial institutions to manage third-party risk across the full lifecycle. Ethicaline TPRM is the risk-assessment-triage and screening engine for that programme — risk-tiered assessment, sanctions and PEP checks, adverse media, continuous monitoring and a documented audit trail for your third-party register.
Australia

APRA CPS 230

Operational-risk standard in force since July 2025 (material-provider contract compliance due by July 2026). Monitoring and continuity of critical providers.

How Ethicaline TPRM helps: APRA CPS 230 requires material-provider monitoring and continuity. Ethicaline TPRM supports the third-party risk-assessment layer — screening, assessment and continuous monitoring of your material providers, with a documented register and audit trail. We support your provider due-diligence obligations; we do not replace your operational-risk framework.
China

Supply-chain decrees & AUCL

Decrees 834 and 835 (2026) govern information gathering and due diligence. China also concentrates most FCPA actions and requires China-specific supplier verification.

How Ethicaline TPRM helps: China's evolving supply-chain and anti-corruption rules require China-specific due diligence. Ethicaline TPRM delivers the screening and investigative diligence layer — sanctions, adverse media and ownership verification adapted to the China context, with rigorous documentation.
Hong Kong

HKMA — Operational Resilience

Strengthened expectations on operational resilience and provider management for financial institutions.

How Ethicaline TPRM helps: HKMA's operational-resilience expectations include third-party provider management. Ethicaline TPRM is the screening and monitoring engine for your critical providers — assessment, continuous monitoring and audit trail.
Japan

FSA — Operational Resilience

Growing expectations on operational resilience, third-party risk and technology risk.

How Ethicaline TPRM helps: Japan's FSA expects growing third-party risk management. Ethicaline TPRM supports the screening and due-diligence layer — graded assessment, continuous monitoring and documented provider register.
India

SEBI — BRSR

Business responsibility and sustainability reporting obligations, including the value chain, aligned with global standards.

How Ethicaline TPRM helps: SEBI BRSR requires value-chain ESG and sustainability reporting. Ethicaline TPRM powers the third-party ESG screening layer — assessment and document collection for your value-chain third parties. We support the third-party data-collection layer, not the full ESG reporting framework.

This summary is provided for general information only and does not constitute legal advice. Applicable obligations depend on your situation: we recommend confirming your scope with your counsel.

Which regulations apply to your third parties?

Let's map how to structure your program to your obligations.