Prevalent Platform Release 24-Q2: New AI Auto Assessment Population and Threat Monitoring Enhancements

Results from Prevalent’s fifth annual 2024 Third-Party Risk Management Study revealed two fascinating conclusions: 1) 50% of companies still rely on spreadsheets to assess their vendors, and 2) 61% of companies are actively investigating use cases for how AI can help automate their TPRM programs. Download the full findings eBook here.

It’s clear that companies need help automating third-party risk management. On that theme, we are pleased to announce that new features and enhancements are available today in Prevalent Platform Release 24-Q2.

AI-Enabled Auto Assessment Population Dramatically Reduces the Time Required to Complete a Risk Assessment

Most third-party risk management solutions enable users to upload previously completed assessments to populate new ones but run into trouble when the uploaded Excel file does not precisely match the new questionnaire in its formatting, column headers, or question-and-answer text. This results in poor question-and-answer match success, requiring users to spend time unnecessarily restructuring the Excel file into a recognized format or manually responding to questions where matching was not successful – a frustration for both users and vendors.

Building on industry-first AI capabilities announced in October 2023, the Prevalent TPRM Platform leverages AI to take any completed assessment uploaded as an Excel spreadsheet, analyze key columns, and automatically populate a new assessment regardless of formatting differences.

Once the new assessment is populated, the Platform analyzes which questions were completed by AI and which were not and offers a manual review option to verify and accept or reject answers.

This new level of automation dramatically reduces the time required to populate new assessments and will be especially beneficial when organizations wish to leverage a previous year’s questionnaire version to complete a new version (for example, going from SIG 2023 to SIG 2024).

New Prevalent Alfred^TM Abilities Simplify Platform Navigation and Entity Management

Alfred, Prevalent’s conversational AI Third-Party Risk Advisor, was originally introduced in October 2023. Since then, it has added several new abilities aimed at simplifying risk review and entity management.

Users simply engage Alfred directly in the Platform as they would any other chatbot-style interface and ask for help navigating to risk registers, contracts, survey submissions, vendors, or changing a vendor’s status—all using Alfred’s natural language processing.

With this ability, Prevalent not only helps customers leverage the power of AI to make sense of large volumes of data and automate risk assessment processes but also simplifies the user experience to ease vendor management and address risks faster.

Complementing this enhancement is the ability to navigate to an entity to quickly learn more information about them. All users need to do is ask Alfred for help with the services of an entity that you have in the Platform. Using natural language commands like “Describe what JB Auto Parts does.” Alfred will respond with a brief description of the entity and its services.

This enhancement is particularly useful for procurement and vendor management teams, which need to gain quick insights when they manage multiple third-party relationships across large vendor ecosystems.

Vendor Threat Monitor Individual Screening Enhancements Provide a Deeper View into Third-Party Reputational Risks

As supply chains and third-party relationships continue to expand globally, so do organizations' risks. Without visibility into a partner’s local compliance status, possible legal issues, sanctions against them, or adverse news, a company can risk damaging its own reputation. Many third-party risk management tools offer only cursory third-party reputational information delivered in disjointed and siloed data feeds, limiting the depth of insights and the ability to act on findings.

Vendor Threat Monitor, part of the Prevalent Third-Party Risk Management Platform, incorporates reputational screening information natively at both the entity level and individual level. Companies use Reputational Screening to address use cases, including:

• Performing pre-contract due diligence on new suppliers
• Integrating screenings into assessment results for coordinated action and risk disposition
• Enhancing Know Your Customer (KYC) initiatives, especially within the banking and investment sector
• Determining if key shareholders or ultimate business owners (UBOs) are politically exposed persons (PEPs), have legal issues, or appear on a sanctions list to combat money laundering or bribery and corruption risks

The individual screening enhancement delivers integrated insights from:

• More than 30,000 sources of adverse media and negative news
• Government-maintained lists of state-owned enterprises
• More than 1,000 lists of enforcement findings and court filings, including from the U.S. Department of the Treasury Office of Foreign Assets Control (OFAC) and many others
• More than 1.8 million politically exposed person (PEP) profiles, including families and associates

The Prevalent approach to unified reputational, business, financial, and cyber monitoring is unique among TPRM vendors and enables organizations to eliminate multiple overlapping licenses from disparate and disjointed tools and manual processes for gathering this vital intelligence.

Vendor Threat Monitor Status Enhancements Enable Faster Event Triage and Dynamic Risk Scoring

Continuously monitoring for real-time cyber, business, operational, ESG, reputational, and financial risks can quickly generate a large number of events. If not investigated and triaged in a timely manner, those events can present an inaccurate picture of the risks that vendors expose an organization to.

In this release, Vendor Threat Monitor refines monitoring event statuses so that only events that are Open and Under Review appear in the events list and are reflected in a vendor’s risk score. Once risks have been Closed Accepted or Closed Mitigated, they will no longer be on the events list and will not impact a vendor’s risk score accordingly. With this enhancement, users can quickly focus on the most impactful risks, speeding up triage and mitigation.

Contract Essentials Integration with DocuSign Enables Closed-Loop Document Tracking and Management

The latest version of Contract Essentials, our fully native contract lifecycle management solution, features integration with DocuSign, whereby users can send documents of any type right from Contract Essentials by simply entering the recipient’s name, email address, and subject line. The document recipient accesses the document via the standard DocuSign email and signs the document accordingly. The document is then automatically updated in Contract Essentials and marked as DocuSign Completed with a signature timestamp. The fully executed document is stored in Prevalent and associated with the vendor, and users can download the document as a PDF.

This enhancement further differentiates the Prevalent approach to managing third parties throughout the relationship lifecycle by ensuring that all internal and external parties can fully execute and audit vendor and supplier contracts for closed-loop tracking and management. This enhancement synchronizes status and completed file exchanges instead of using a siloed workflow that requires downloading and distributing documents.

Next Steps: Learn More

If you are a customer, please be sure to check out the Prevalent Customer Portal to read the detailed Release Notes and watch recorded demonstration videos of these new capabilities. You can also reach out to your Customer Success Manager (CSM). If you’re new to Prevalent, request a demo to discover how we can help you automate and add detailed insights for third-party risk management.