Managing third-party risk is particularly challenging as it puts pressure on financial institutions to account for how other companies and providers are using and protecting their data and managing sustainable operations.
"Effective third party risk management is about more than just keeping on the right side of regulators.”
In the current environment, effective third party risk management (TPRM) is about more than just keeping on the right side of regulators.
It provides an opportunity for financial institutions to create business value while better managing risks now and into the future.
Having a strategic TPRM function in place can not only help financial institutions reduce operating costs but also lay the groundwork for building deeper, trusted relationships with customers – ultimately delivering a strong competitive advantage.
In a heartening result, EY’s 2018 Global Financial Services Third Party Risk Management Survey showed most financial institutions globally have made significant upgrades and enhancements to the governance and oversight of this critical function.
While many financial institutions are continuing to adjust the scope and structure of their risk-management functions overall there has been an encouraging maturation of third-party programs.
We are seeing more organisations enhance reporting processes and engaging senior management in third-party risk management.
The survey also found banks - generally subject to a higher level of regulatory scrutiny - tended to have more well-established, mature and robust TPRM programs than insurers and asset managers.
However challenges continue to persist, particularly around technology integration across the entire end-to-end third-party life cycle.
In fact, almost all financial institutions surveyed (96 per cent) said they had not yet reached the optimised level of technology integration and 81 per cent were either negative or neutral about how well their technology integrates and captures risk for reporting.