OneTrust, provider of data privacy, security, and governance solutions has announced that it will acquire Convercent, an enterprise GRC solution with an ethics and compliance portal. Slotting itself as a strategic acquisition, the two companies will be aligning and merging their products to actualize trust for the enterprise. The deal is intended to be finalized in mid-April.

Expanding the ways to build trust

Building trust is a multifaceted task that encompasses the relationships an organization has with all stakeholders. OneTrust works with a trust framework where establishing trust and assessing risk of third-party vendors is at the foundation. There are also compulsory elements of trust like maintaining adequate security and compliance. The relational aspect of trust is powerfully influenced by transparency, ensuring privacy, and taking measurable action on environmental and social issues. The acquisition bolsters OneTrust’s activities in the third-party due diligence and GRC domains, and helps to make progress for new products: OneTrust Ethics and OneTrust ESG.

Third-party risk solutions are becoming ever more urgent, especially those that support supply chain management and accounting for supplier risk. COVID-19 showed the massive impacts on supply chains, which is only the most recent and most visible example of how unforeseen disruptions to a supply chain can wreak havoc. Pressures to manage vendor relationships come both from regional initiatives, such as the German Lieferkettengesetz, and from large enterprises that can put stringent requirements on their suppliers. There is a clear and growing market for such vendor risk management solutions.

To communicate and operationalize the trust reputation of a company, OneTrust Ethics is intended to function like a privacy portal. It will handle the communications, ethics policies, requests, and even gamification of taking ethical action. This could be employee facing as a centralized, standardized, and private way of handling ethics cases, as well as being vendor or customer facing as well.

OneTrust ESG is a groundbreaking product aiming to standardize reporting on environmental, social, and governance initiatives. This product will begin by assisting in reporting specific environmental initiatives, like when an enterprise makes a net zero carbon emission pledge. The product will assist in normalizing data from utility bills, collaborate with remediation providers, and work to provide transparent and standardized reporting the initiative’s progress. This product will eventually expand to cover other environmental and social initiatives like empowering diversity in the workplace. While it is a conservative approach towards measuring corporate ESG initiatives, simply providing support in standardizing reporting is a huge step forward.

Both of these are timely additions because corporations are under regulatory pressure and intense public scrutiny to protect whistleblowers, demonstrate meaningful action in diversity or sexual harassment cases, and show commitment to environmental causes. Contributions to establish metrics and define reasonable expectations of enterprises to create public value come from entities like the World Economic Forum and nonprofits such as Your Public Value. OneTrust joins the effort by striving to provide resources for transparent reporting and internal structures to mitigate risk.

Focus on growth

OneTrust has seen rapid growth overall of its original portfolio consisting of privacy, preference, GRC, and third-party risk management solutions. There will be continued development to expand the privacy platform to stay current with the increasing global privacy regulations. Convercent’s ethics and compliance solutions will be a recipient of this growth, with particular focus on R&D and customer support.