Top Factors Driving a Revolution in Third Party Risk Management

Top Factors Driving a Revolution in Third Party Risk Management

Gina Ghent

Managing Director and Head of KY3P at Markit

Views 412

Top Factors Driving a Revolution in Third Party Risk Management

26.01.2016 08:00 am

Third party risk management is making headlines and for some very good reasons. Why? Structural factors are forcing a complete rethink of current practices.  Financial institutions and third parties are each facing their own challenges as third party risk management receives greater focus than ever before. 

Factor #1: RELIANCE

There is an increased reliance on third parties.  Financial institutions globally depend on third parties to deliver business critical processes and services.  Third party vetting and risk management is a growing issue as more firms outsource and engage with third parties, and even fourth parties, for these vital tasks. It is critical for a financial institution to understand the extent of its dependencies on third parties and ensure that these third parties are operationally sound, especially from an information security standpoint.


The increased reliance on third parties leads to increased complexity of oversight. It’s no longer sufficient to know just your third parties, but the fourth and fifth parties too, as well as thoroughly understand the products and services they provide.  According to PwC, 45% of firms rely on third parties to manage their fourth party risk. The complete supply chain of risk must be understood in order to properly assess an institution’s enterprise risk profile.  


Regulators around the globe are taking notice. The Office of the Comptroller of the Currency in the US, the Financial Conduct Authorityin the UK, the Monetary Authority of Singapore and many others, have issued guidelines for managing third party risks. Firms can outsource the job and the function, but they cannot simply outsource the risk. This includes cybersecurity, or more aptly put ‘cyberinsecurity’. The mantra is you must know your third parties and every aspect of their risk management lifecycle – including crucial aspects related to due diligence and ongoing monitoring.


Current processes aren’t keeping pace with the new emphasis on third party risk management. Risk assessment processes today are duplicative, bilateral and costly with multiple touch points. Half of firms still rely on spreadsheets to support their third party risk management programme according to a recent study by Aite. It is not uncommon for a third party to receive a spreadsheet questionnaire from a financial institution with 28 different tabs to complete. That’s a long and arduous task to comply with for every bank a third party does business with.

Factor #5: STANDARDS

While regulators across the globe have issued guidance around third party risk management, few if any have issues any mandatory rules. While tools and questionnaires for conducting due diligence do exist, there is a lack of flexible technology to support workflow efficiencies underpinning this critical process.

So how can the quality of third party risk management keep pace with the level of risk and complexity of these relationships? The future of third party risk management is more than just spreadsheets. The industry is at an inflection point and needs standards to drive best practices to run its business and meet regulatory guidelines. The current processes are broken and it’s time to move to a centralised way of doing things which will benefit financial institutions and third parties alike. Through a shared data hub, redundancy collapses, costs decrease and inefficiency falls by the way side.

Latest blogs

Simon Black Awaken Intelligence

Boom or Bust: How the Financial Services Sector is Coping

Covid-19 has had an impact across all industries and businesses are feeling the sting. However, is it equally devastating within every sector? As industry and individual concerns grow during the inevitable economic crisis, financial services are Read more »

n/a n/a

Tips on How to Successfully Trade CFDs

A CFD or contract for difference is a financial product that allows a trader to speculate on asset classed without owning a portion of the underlying asset. A CFD trade is not an investment but high-risk speculation that carries the risk of losing Read more »

Patrick McKinney and Joe Fuchs Wolters Kluwer Finance, Risk & Regulatory Reporting

Building an Integrated Data Management System: A Guide for Digital Banks

Digital banks and other FinTechs are emerging as more nimble competitors to established legacy banks. The digital banks that are on their way to becoming fully chartered have the opportunity to setup fully automated processes and systems without Read more »

n/a n/a

How COVID-19 Is Ushering In a New Era of Cashless Technology

  Image source:   Cashless technology isn't a completely fresh concept. People have been using credit cards for decades, and the market for fintech services has been Read more »

Jean Shin tyntec

Using WhatsApp for 2FA is the Future of Banking

From user authentication and password resets to transaction verification, two-factor authentication (2FA) offers basic but useful protection for consumers. The 2FA process typically sends an SMS sent to the customer with a one-time password (OTP). Read more »

Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel