Free trial

11 March 2015

Managing third-party and vendor risks "increasingly critical for finance industry"

Content team

The importance of effectively managing third-party and vendor risk in the finance industry has been highlighted by a new study.

MetricStream sponsored the Risk Management Association (RMA) to survey 100 leading organisations in the sector on their approach to this subject.

It was revealed that third-party relationships have moved beyond traditional models of goods and service providers to include the likes of agents, agency agreements, debt buyers and correspondent bank agreements.

Some of the larger organisations surveyed have thousands of such relationships to manage, highlighting the importance of having a mature vendor governance framework in place.

Edward DeMarco, the RMA's general counsel and director of operational risk, commented: "Managing the risks inherent in vendor and other third-party relationships has become critically important in recent years, as the actions of vendors can cause significant financial and reputational impact to organisations, no matter their size or industry."

Some 97 per cent of the businesses surveyed were found to have either defined, or are in the process of defining, the 'critical activities' within their organisation.

Over two-thirds (67 per cent) of respondents do not carry out due diligence on their fourth parties, while 13 per cent do so when their primary supplier makes them aware of a new material fourth party. Meanwhile, 72 per cent of the organisations polled were found to carry out validation of regulatory compliance and the effectiveness of the vendor risk management framework annually.

Susan Palm, vice-president of industry solutions at MetricStream, stated: "Companies must keep pace with new sanctions and frequent regulatory changes, increasing operational complexity, and an increasingly risky and diverse multi-tier vendor ecosystem."

She added that the growing threat of new risk areas such as data theft and cyber crime, social media and disruptive e-commerce means organisations need to be especially focused on managing their third-party relationships effectively.

Content team, Bureau van Dijk

How Bureau van Dijk can help you

Certainty is a highly-prized commodity in business. Data might be getting bigger all the time, but this only makes extracting value from it more difficult.

In capturing and treating private company information we aim to give you more certainty – and help you make better decisions and work more efficiently.



Our solutions are designed to help different business challenges and streamline your workflow. Many of our customers blend our information with their own internal data to get a more complete picture of the companies in their ecosystem.

Try our more certain approach –
welcome to the business of certainty.