The Evolving Landscape of Third-Party Risks in Financial Institutions

The Growing Reliance on Third Parties

Financial institutions (FIs) are increasingly turning to third parties to enhance their competitiveness and drive innovation. This growing reliance on technology-based services provided by third parties is a significant trend in the industry.

Increased Regulatory Scrutiny

Regulators worldwide are placing greater emphasis on the management of third-party risks by FIs. Recent interagency guidance in the United States has called for the application of specific principles throughout the various stages of the third-party lifecycle. This focus on resiliency as a supervisory priority highlights the need for FIs to carefully review outsourced critical activities and implement measures to maintain operational resiliency.

Third-Party-Induced Disruptions and Reputational Damages

A survey conducted by KPMG found that 72 percent of FI respondents experienced significant disruptions, monetary losses, or reputational damage due to third-party incidents in the past three years. For example, a hack of a software vendor led to a system outage. These incidents highlight the potential risks associated with relying on third parties.

Limited Resources

In the face of economic uncertainty, many FIs are reducing spending on third-party risk management (TPRM) programs. However, the expanding scope of TPRM necessitates a deeper and broader set of capabilities to effectively manage the challenges at hand. FIs must find ways to optimize their resources to address these risks.

An Expanded Universe of Third-Party Risks

The landscape of third-party risks has become increasingly complex, presenting FIs with new challenges. Cybersecurity, in particular, has emerged as a critical area for TPRM, with data breaches compromising FI data. TPRM has also evolved to include a broader view beyond immediate contracting parties, considering nth parties to identify potential sanctions and concentration risks. Additionally, FIs face the challenge of integrating environmental, social, and governance (ESG) risks into their TPRM frameworks to align with global sustainability goals.


Leave a Reply

Your email address will not be published. Required fields are marked *