Are third parties more trouble than they're worth? For financial institutions, it's a multibillion-dollar question. Get compliance insights here.
In today’s environment, it would be nearly impossible to find a financial institution that doesn’t contract with a third party. But the convenience and flexibility of outsourcing to third parties comes with significant risks, including the potential for regulatory penalties related to third-party incidents: penalties that have soared in recent years.
Leading institutions are embracing new methodologies, including escalation and exceptions processes; due diligence assessments; centralized TPRM office; central issues repository; and vendor stratification. In our view, stratification, a risk-based methodology for analyzing the third-party population and identifying those services that present the greatest risk, helps financial institutions quickly prioritize their efforts to address initial and ongoing effectiveness and efficiencies.