Certa TPRM

Certa is a Third-Party Risk Management (TPRM) and compliance orchestration platform that manages third-party relationships across their full lifecycle — from onboarding through offboarding. The platform covers multiple risk domains: - Information security and cyber risk - Compliance and legal risk - Financial and credit risk - Reputational risk - Geopolitical and location-based risk - ESG and ethical risk - Supply chain risk Lifecycle stages managed include: - Pre-contract: intake, screening, due diligence, remediation, and approval - Post-contract: continuous monitoring, alerting, performance management, periodic assessments, and offboarding Compliance orchestration capabilities span: - Screening: PEP (Politically Exposed Persons), adverse media, UBO (Ultimate Beneficial Ownership) - Financial crime: KYC/KYB, AML (Anti-Money Laundering) - Reputational risk: anti-bribery and corruption, ESG - Supply chain risk management: forced labor compliance, trade compliance and diversion risk, sub-tier supply chain visibility, supply chain allocation and tariff management The platform applies configurable business rules for policy enforcement and maintains full audit trails. It provides automatic updates to global regulatory requirements. Risk can be assessed at the service, product, or relationship level. Certa manages over 10 million third parties and is used by organizations including Honeywell, Uber, Box, Cloudflare, Mars, and Wex. It is recognized as a Gartner Magic Quadrant Leader for Third-Party Risk Management Tools.