Blog

Expert Interview: Tom Garrubba on Six Ways Collaboration Can Enhance Your TPRM Program

Collaboration is a term that makes people either cheer or wince. However, today collaboration is essential to be a successful third party risk manager – the discipline has moved well beyond administrative box-ticking. Now, a strong culture of collaboration can help create the right environment to foster TPRM program excellence, and drive real value for organizations.

Read More

Topics: risk and compliance, third party risk management, GDPR, board of directors, governance, tprm, third party risk, risk appetite, board accountability, third party governance, benchmarking, supplier risk, third party supplier, vendor risk, occ compliance, risk assessment, shared assessments, third party risk assessment, standardization programs, gdpr processor, third party risk regulators, regulatory frameworks, internal audit, third party compliance, third party vendor, FFIEC

Expert Interview: Victoria Munoz-Titos on Seven Changes we can Expect to See in TPRM by 2021

Third party risk management (TPRM) could be set to evolve at lightning speed over the next five years, according to Victoria Munoz-Titos, former EMEA, Risk and Control Services at AIG in London. The changes won’t just be accelerated by regulatory demands either. Rather, they will be propelled by a transformation to the way organizations work together, as financial services firms incorporate outsourcing and other types of third party relationships even deeper into their business strategies. Below are the top seven trends that Munoz-Titos sees changing the way firms engage with TPRM and their third-party relationships:

Read More

Topics: third party risk management, board of directors, governance, tprm, risk appetite, board accountability, risk reporting, third party governance, benchmarking, supplier risk, third party supplier, vendor risk, risk assessment

Expert Interview - John Bree on the Top Five TPRM Program Mistakes Firms Often Make

Third party risk management (TPRM) is a relatively new discipline for many financial services firms and so it’s no surprise that organizations are still navigating their way. As firms establish their third party risk programs, there’s many common pitfalls that they can fall into. Knowing about these helps you avoid them, so Aravo recently spent some time with third party management expert, John Bree, to expose some of the more common missteps that he has seen organizations make when it comes to setting up, or enhancing, a TPRM program. 

Read More

Topics: Financial Services, third party risk management, board of directors, governance, tprm, board accountability, third party governance, benchmarking, supplier risk, third party supplier, vendor risk, risk assessment

Cyber resilience and supplier risk: moving beyond compliance

In a speech last week at the Cyber Security Summit and Expo 2017, Nausicaa Delfas, Chief Operating Officer at the FCA, called out cyber risk as one of the FCA’s top priorities and noted its close intersection with supplier risk, and third, fourth and fifth party risk.

Read More

Topics: third party risk management, board of directors, governance, cyber risk, board accountability, third party governance, supplier risk, cyber resiliance, FCA

Third Party Risk Management - Meeting the Expectations of the Board

With the strategic importance of engaging third parties in today's business landscape, coupled with the level of risk that they can bring to the enterprise, it should not be surprising that third party risk management is attracting greater focus from the C-suite and the Board of Directors.

According to the Institute of Collaborative Working, up to 80% of direct and indirect operating costs of a business can come from third parties, while up to 100% of revenue can come from alliance partners, franchisees and sales agents.

Download e-Book

Read More

Topics: third party risk management, board of directors, governance, board accountability, third party governance, benchmarking

Whetting the Appetite in Third Party Risk

A snapshot of the results of two new audience surveys suggests that the concept of “risk appetite” within the third-party risk management framework is still finding its feet. Attendees at a pair of June New York and London conferences, aimed at the financial services industry’s third party risk professionals, responded very similarly to three key questions.

Read More

Topics: risk and compliance, Financial Services, third party risk management, compliance programs, risk management, governance, reputational risk, compliance risk, tprm, event, third party risk, EMEA, survey, risk appetite

Board Reporting, Risk Scorecards, Cybersecurity and more – takeaways from CEFPROs Vendor and Third Party Risk USA Conference

Earlier this month, I attended and chaired at the Center for Financial Professional’s conference on Vendor and Third Party Risk USA in New York. The two-day event highlighted the complexity that third party risk managers face, with topics as far ranging as cyber-risk at fourth parties, to applying third party risk frameworks to intra-company organizations. The event also demonstrated that the discipline is having to evolve and mature fast in order to keep pace with the changing digital landscape as well as ongoing regulatory change. Here are my top takeaways from the event, which I hope you will find of interest.

Read More

Topics: Anti-bribery & Anti-corruption, risk and compliance, Financial Services, third party risk management, Responsible Sourcing, compliance programs, business case, High Technology, risk management, governance, reputational risk, compliance risk, tprm, event, third party risk, EMEA

CEFPRO's Vendor & Third Party Risk EMEA conference - Top 10 Key Takeaways for Third Party Risk

This week, I had the pleasure of chairing Day one of the Center for Financial Professional’s conference on Vendor and Third Party Risk EMEA. The conference brought together insights about the evolution of the discipline as well as some key best practices. Here are my top ten takeaways from the event that I would like to share.

Read More

Topics: Anti-bribery & Anti-corruption, risk and compliance, Financial Services, third party risk management, Responsible Sourcing, compliance programs, business case, High Technology, risk management, governance, reputational risk, compliance risk, tprm, event, third party risk, EMEA

Empowered Third Party Due Diligence: Aravo and Dow Jones Risk & Compliance

With continued bribery and corruption enforcement actions high on the agenda of the regulators, companies should be looking to raise the bar on the due diligence of their third parties, both at onboarding and as part of a continuous monitoring process.

Read More

Topics: risk and compliance, Anti-Bribery and Anti-Corruption, third party risk management, ABAC, governance, regulatory risk, Dow Jones, due diligence, audit, workflows, reporting, risk-scoring

Sustainable Procurement - Survey Shows Progress Still To Be Made

Sustainability and corporate social responsibility (CSR) are now important or critically important items on the supply chain agendas of organizations around the world, according to a new survey. However, organizations need to continue to drive improvement in the implementation of their sustainability/CSR programs to ensure risks and compliance are managed, and brand reputation protected.

Read More

Topics: third party risk management, Responsible Sourcing, sustainability, csr, risk management, risk mitigation, board of directors, governance, procurement, corporate resonsibility, corporate social responsibility, compliance, brand reputation, ecovadis, hec, sustainable procurement, SP program, global supply chain, reputational risk, compliance risk, regulatory risk, suppliers