Best Practices for Tracking Third Party Risks
A recent Thomson Reuters survey report entitled “Third Party Risk: Exposing the Gaps” indicates that 62 percent of survey participants perform initial third party due diligence (usually only for defined higher risk tier parties), but only 36 percent are...
A recent Thomson Reuters survey report entitled “Third Party Risk: Exposing the Gaps” indicates that 62 percent of survey participants perform initial third party due diligence (usually only for defined higher risk tier parties), but only 36 percent are monitoring for changes to the risk profile once third parties are put in place.
When asked what prevents them from taking steps to detect ongoing risks, participants define several key challenges, with the most significant being lack of data and resource constraints. So, many choose to put controls in place and only update the risk assessment annually by using one external source of information, such as a database that tracks sanctions and watch lists. Others simply rely on annual self-certification renewals or audits for higher-risk parties.
But there isn’t such a clear end point for due diligence when we are talking about vetting third parties who will continue to present risks even after they are brought on board. A limited annual review is not sufficient to satisfy today’s best practices and may lead to liability when risks aren’t timely identified and managed. Changes in data, technology and automation have turned third party risk management on its head. Emerging threats such as cyber security, geopolitical challenges, and ever more opaque webs of related entities make the need for a holistic risk profile greater than ever before.
In this webinar, we will review the best practices your organization should have in place to ensure ongoing, integrated due diligence of your third party risks.
- Demonstrate the limitations of doing only basic due diligence
- Outline the key stages of third party risk oversight and ongoing monitoring
- Define the benefits of using an integrated technology that analyzes multiple data sources for continuous due diligence efforts
- Kevin Bogdanov, Director of Market Development,Customer and Third Party Risk,Thomson Reuters
- Dave Castrucci, CEO, 319 Insights
- Vishal Verma, Director, Solution Management, SAP GRC
Moderator: Jason Mefford, OCEG