Third party trust

Build and deliver trust in your ecosystem

- 4 items

Digital Trust Insights 2024: Asia Pacific

Cybersecurity in Asia Pacific: Rising threats and GenAI adoption

Global Compliance Survey 2025

Moving faster: Reinventing compliance to speed up, not trip up

How to build trust in an uncertain business world

Are you providing your stakeholders with credible information?

SOC for supply chain

Embed trust into every stage of the value chain

In today’s business landscape, outsourcing remains a prevalent practice among organisations, which rely on third party service providers for cost-efficient access to various services and forms of support, including cloud and financial technology services, and human resource management.

Despite the benefits of outsourcing, it also exposes organisations to special risks, such as regulatory, reputational and operational risks through the potential loss of sensitive data, and possible disruptions to critical business services and financial reporting.

The management, board and shareholders of organisations demand confidence in the controls and compliance capabilities of suppliers, vendors and service organisations. They expect that organisations have the processes in place to effectively oversee third party arrangements.

Hence, organisations must ensure that third parties/ service providers meet a certain level of governance, rigour and consistency in order to build trust and be able to make outsourcing decisions with confidence.

How our third party trust services can help you

We have a team of dedicated professionals who are experienced and knowledgeable about third party risks, the relevant frameworks and assurance standards, controls identification and reporting. By identifying and managing key risks related to security, technology and third party relationships, we help your organisation maintain stakeholder trust and its reputation.

Controls reporting
Independent third-party audits/ vendor assessments

Controls reporting

1. Third party assurance reports

Through controls assurance reports like OSPAR, SOC 1 and SOC 2, third party service providers can accurately communicate information about their service controls and processes to potential clients.

In preparation for the issuance of these reports, our digital audit team can:

Conduct a ‘pre-attestation’ readiness review, where we will work closely with your organisation to evaluate the adequacy of your existing controls with regards to reporting requirements and identify gaps and weaknesses.
Assess your organisation’s control posture against relevant frameworks for the issuance of OSPAR and SOC2 reports in accordance with the ISAE3000 assurance standard.
Assist your organisation with controls reporting to meet your customers’ financial reporting requirements (internal control over financial reporting) through the issuance of SOC 1 reports in accordance with the ISAE3402 assurance standard.

2. Other reports

Our digital audit professionals can help to evaluate your organisation’s controls design and operations, and communicate the information to specific stakeholders through independent reports issued under the ISAE 3000 / SSAE 3000 standard.

Examples of such reporting requirements include:

The assessment of banks’ compliance with the Singapore Deposit Insurance Corporation (SDIC) requirements.
The assessment of banks’ MAS Electronic Payment System (MEPS+) by the Monetary Authority of Singapore (MAS).

Independent third-party audits/ vendor assessments

Third party/ outsourcing related risks are treated as key risks in any organisation’s security posture and as such, organisations are required to constantly address such risks for trusted co-existence and partnership with their third parties/ service providers/ vendors.

In particular, banks are required to assess their third parties at regular time intervals in order to comply with regulatory requirements.

PwC’s digital audit professionals can assess and review outsourcing arrangements and third parties using established frameworks, such as the Association of Banks in Singapore (ABS) Outsourced Service Provider’s Audit Report (OSPAR) and American Institute of Certified Public Accountants( AICPA) System and Organisation Controls 2 (SOC2) Trust Service Criteria, or with any other focus areas as required by your organisation to ensure compliance to service level agreements (SLA), contractual obligations and requirements.

Our insights

14/05/25

What have we learned from US tariffs and how to manage them?

Following US President Donald Trump's announcement on 2 April to introduce a broad range of punitive tariffs starting 9 July, there have been significant regulatory updates and varied company responses. Learn the latest developments and their implications for you.

13/05/25

PwC's Counter-Proliferation Financing: Best practices and guidance

ACIP Paper underscores increasing need for Counter-PF measures amid global focus on sanctions evasion and WMD risks.

11/04/25

Democratising access to private markets

Private markets and retail investors are converging in Southeast Asia as regulations and tech make diverse investments accessible to the mass-affluent.

04/04/25

US tariffs: What this means for companies in Singapore and Asia Pacific

Trump enacts 10% tariffs on imports to the US; certain regions face even higher rates. This impacts all exporters, particularly in the Asia Pacific region.

Hide

Required fields are marked with an asterisk(*)

Business email*

Name*

Organisation*

Job title*

Message*

Tick the box to verify you are not a robot. *

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.

Contact us

See Hong Pek

Digital Audit and Assurance Leader, PwC Singapore

Tel: +65 9638 7021

Anthony Dias

Partner, Digital Audit and Assurance, PwC Singapore

Tel: +65 9731 1450

Nur Ashikin Ahmad