The challenges of third party risk management are complex, but with the help of new technologies and a robust risk framework companies are better placed to drive operational efficiencies.
- Corporates lag behind the financial services industry in adopting new technologies for more efficient third party risk management.
- Top of the list of corporate challenges is the scalability of workflow solutions, with too many data vendors, contracts and points of integration.
- A good third party risk management framework requires accurate and reliable data in order to decrease the manual remediation effort.
During my video interview with Finextra, conducted by Hannah Wallace, we discussed the many challenges that third party risk managers face in the modern age.
One of the first topics we explored was the financial services industry’s approach to innovation through the adoption of new technologies to keep up with regulatory change.
Hannah asked me whether this progress was being mirrored in the corporate sector.
A head start for FIs
Most financial institutions (FIs) deal with 100,000s, if not millions of customers and have clear regulatory obligations to adhere to around KYC, sanctions and PEP screening.
Because of this, FIs and regulated businesses tend to already have robust risk management procedures and workflow systems in place.
Through necessity, they have a good understanding and are familiar with the types of data required to optimally manage their KYC due diligence programs.
We could say that they are further along in the maturity curve, giving them a head start in establishing a third party risk framework.
With this in mind, FIs are looking towards enhancing their existing programs with new technologies in order to drive operational efficiency.
Broader range of risks
In contrast, corporates have more hurdles to overcome when establishing a third party risk program.
Firstly, there’s the volume and types of third parties as well as a broader range of risks that need to be addressed. This includes regulatory, reputational, operational and financial.
Corporates tend to be less mature than FIs in this space.
For them it is more about moving from a reactive to a proactive approach to risk and less about adopting new technologies and innovation.
An interesting and helpful article — The Never-Ending Story — and the accompanying infographic from Compliance Week, in collaboration with Open Compliance & Ethics Group (OCEG), looks at the challenges in setting up a robust third party risk framework.
AI and risk management
Artificial intelligence (AI) and new technologies are playing a part within a number of solutions in the KYC space, augmenting the rules-based and automated processes that underpin effective risk management programs.
For example, screening companies for possible risk against adverse media using text analytics, algorithm machine learning and natural language processing.
This enables the delivery of relevant third party risk intelligence and allows compliance teams to focus on what is important.
Key information points
What are the key information points that help to drive efficiencies with third party risk management?
- Accessible information about the third party, such as spend, geography and type of third party.
- Additional information that a company collects from its third parties through supplier onboarding questionnaires.
- Supplementary external data that is consumed to help identify regulatory, reputational, and operational risks is integrated into solutions to understand risk typologies, drive risk scoring and remediation.
Top of the list of our customer challenges is the scalability of workflow solutions.
In addition, the market is telling us that companies have too many data vendors, too many contracts and too many points of integration. This is leading to a lack of consistency in applying risk taxonomies and resulting in a lot of manual remediation.
Get the fundamentals right
By bringing together comprehensive and interconnected third party risk data to drive operational efficiencies, one of the key challenges for third party risk managers will be answered.
Customers across many business segments are increasing operational efficiency by using our solutions.
However, these technologies alone are not the solution to the highly complex world of third party risk management. It is a way forward, but the fundamentals need to be in place first.