Blog

Third Party Risk Management - Salaries, Budget and Team Size

In this week’s blog on the results of the Global 2018 ‘Taking the Pulse of Third Party Risk Management’ Survey, we will delve into the some of the resourcing benchmarks for third party risk management.

To mix things up a little, we will also share the results of polls conducted at the CeFPro Vendor & Third Party Risk conferences in New York and London last month, where we first launched the results of the survey. This gives us some additional interesting cross-Atlantic perspectives.

 We’ll start with salary.

Salary
Why salary? Well everyone’s at least a bit interested in what the benchmarks for their profession may be, and there’s a paucity of data on third party risk management compensation. 
Read More

Topics: third party risk management, benchmarking, third party governance, tprm, supplier risk, vendor risk, survey, OCC, cyber risk, salary, compensation, budget

Third Party Risk Management Benchmarking Survey Results

Earlier this week we published the results of a survey that we conducted with the Center for Financial Professionals. With over 200 respondents from around the globe, the survey was designed to take a snapshot of the state of third party risk management, and to help firms develop their road-map to maturity, and support with planning, resourcing and direction.

The survey provided a great deal of insight, and we’ll be taking a deep dive into some of the results together with the implications for TPRM programs over the coming weeks.

We will also share the results of some polls that we conducted at the CEFPRO Vendor & Third Party Risk Conferences in New York and London where we launched the results. These provide an interesting cross-Atlantic comparison between peers.

But first to the survey results – which revealed gaps between regulatory expectation and the reality associated with third party risk programs. What looks good in theory, is often a lot harder in practice.

Read More

Topics: third party risk management, benchmarking, governance, third party governance, tprm, Financial Services, supplier risk, vendor risk, concentration risk, fourth party risk, survey, OCC, cyber risk

What do I need to ask when buying a Third Party Risk Management (TPRM) solution?

Third party risk management is a complex discipline, that combined with the scale, complexity, and change dynamics of any Global 2000 organization, can often lead to false starts with technology implementations.

It’s important to get enterprise software purchase decisions right – they are the fulcrum of successful third party risk programs for the business, they impact on the adoption and performance of many internal users across the enterprise, and they can have an impact on the careers of those selecting them.

DOWNLOAD THE BUYER'S GUIDE

Read More

Topics: third party risk management, tprm, aravo, risk and compliance, risk mitigation, Anti-Bribery and Anti-Corruption, FCPA, OCC, GDPR, Conflict Minerals, ABAC, sustainable procurement, Data Security & Privacy, Registration & Qualification, General Data Protection Regulation, regulatory risk

State and Federal Financial Services Regulators Apply Focus on Cybersecurity and Third Party Relationships

In a sign of what may well be coming for all highly-regulated industries around the world, US financial services regulators are in the process of significantly enhancing their cybersecurity rules, including substantial new rules impacting third party relationships.

Read More

Topics: cybersecurity, privacy, OCC, fdic, fsscc, bits, federal reserve, fsr, Financial Services, bank, information security, Data Security & Privacy

OCC BULLETIN 2017-7: The OCC's Supplemental Examinations Procedures for Third Party Relationships

Raising the Bar for Banks' Third Party Risk Management

On Jan 24 2017 the US Office of the Comptroller of the Currency issued Supplemental Examination Procedures for Third Party Relationships. These examination procedures are intended to supplement OCC Bulletin 2013-29, “Third-Party Relationships: Risk Management Guidance,” issued October 30, 2013. The supplemental procedures promote consistency when examining national banks and federal savings associations' (collectively, banks) risk management of third-party relationships. These procedures expand on the core assessment contained in the “Community Bank Supervision,” “Large Bank Supervision,” and “Federal Branches and Agencies Supervision” booklets of the Comptroller’s Handbook.

Read More

Topics: OCC, financial institutions, Global 2000, Third Party Management

Beyond Dodd-Frank: Reducing Regulatory Risks and Achieving Third-Party Compliance in Financial Institutions

The Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 might garner the most headlines, but it is hardly the only federal regulation deserving the attention of U.S. banks.

Two other federal regulations are increasing the pressure on banks and other financial institutions to monitor and manage third parties. A third party is any outside entity doing work for a bank, regardless of whether the third party is an individual, partnership, or corporation, and regardless of whether the work is done under contract or on a more casual basis.

Read More

Topics: FCPA, OCC, CFPB