Mitratech Acquires CMPG Risk Solutions to Strengthen Its Enterprise Compliance Suite with Best-in-Class Vendor Risk Management

By offering VendorInsight® and Procipient® with its other proven solutions, Mitratech adds risk management capabilities to its best-in-class compliance management portfolio.

 AUSTIN, TX – June 22, 2020 – Mitratech, a leading provider of legal and compliance software, today announced its acquisition of CMPG, LLC.  By adding CMPG’s products to its existing Enterprise Compliance Suite (ECS), Mitratech will reinforce what’s already the first-ever end-to-end range of software solutions for elevating corporate risk management, data privacy, and information governance.

Founded in 1998, CMPG is focused on providing software solutions for the financial services, healthcare, and insurance industries.  Its two main products are:

  • VendorInsight®, an award-winning Vendor Risk Management (VRM) solution for banks, credit unions, financial services companies, and others who want to ensure the resilience of their vendor ecosystems, even including fourth parties.
  •  Procipient®, an easy-to-use, next-generation universal Enterprise Risk Management (ERM) solution using pre-built framework templates to simplify risk management of an organization and its processes, applications, and providers.

Both products fit seamlessly into Mitratech’s Enterprise Compliance Suite,  a portfolio of integrated solutions empowering risk and compliance teams to meet the obligations imposed by a growing universe of financial regulations including SOX, MIFID II, GDPR, Volker and more, as well as data privacy regulations such as GDPR and CCPA.

“We’re excited to be able to make CMPG’s solutions available to our current Mitratech clients,” says Mike Williams, CEO of Mitratech, “and we’re excited that CMPG customers now can have access to a broad range of risk and compliance solutions from Mitratech.”

The ECS already provides integrated solutions for Obligations & Regulatory Management, Policy & Procedures Management, Data Privacy Management, and Information Governance.  Inclusion of CMPG’s products adds a broad new capability to ECS: Operations Risk Management.

With the inclusion of enterprise and vendor risk management, Mitratech ECS now provides a comprehensive set of risk and compliance management tools that marry top-down visibility and oversight with the ability to enforce (and prove) regulatory and corporate compliance throughout their business and its vendor ecosystem.

According to a report by, the market for third-party risk management is expected to grow from $3.2 billion in 2019 to $6.7 billion by 2024.  “Both VRM and ERM are growing rapidly,” Mike Williams says, “since managing vendor risk has become so critical in highly regulated industries.  It’s where companies face the most risk today.”

As he explains, “if you’ve committed a lot of focus and resources to making certain your company has become internally compliant, you don’t want to be brought down by a vendor or supplier’s compliance errors, or because they’ve become financially unstable or even shut down altogether, and left you in the lurch.”

The bottom line, as Mark Delgado, Managing Director GRC for Mitratech puts it, is that “if you are only paying attention to keeping your own house in order and ignoring your supply chain, you only have half the picture, if that, so you’re putting your entire organization at risk.”

“I am excited for our customers and our respective organizations to have this tremendous opportunity,” says Grant Karnes, CEO of CMPG.  “VendorInsight® and Procipient® complement Mitratech’s Enterprise Compliance Suite extremely well.  More importantly, our organizations share an emphasis on innovation, delivery excellence and customer satisfaction.  This ensures our users are actively involved and understood as we move forward with our product roadmap.”

About Mitratech

Mitratech is a proven global technology partner for corporate legal, risk, and compliance professionals, offering a proven portfolio of end-to-end solutions that spread operational best practices throughout the enterprise, standardizing processes and accelerating time-to-value. That helps legal and GRC teams rise to the challenge of serving the evolving needs of the modern, dynamic enterprise. For more info, visit