Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.


Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

The risks of outsourcing compliance

Joe Mont | January 7, 2019

There is no denying that third-party relationships require careful and ongoing compliance reviews. But what if your compliance functions—up to and including the CCO—are themselves outsourced?

The answer depends on what specific compliance initiatives are shuffled off to an outside vendor, why, and whether doing so affects a firm’s risk weighting and tolerance.

Does outsourcing compliance make your company better? Or does it run contrary to best practices and open new risks? Those are the questions regulators are asking.

In 2017, the Office of the Comptroller of the Currency issued this warning: “Banks may outsource some or all aspects of their compliance management systems to third parties, so long as banks monitor and ensure that third parties comply with current and subsequent changes to consumer laws and regulations.”

The Securities and Exchange Commission has also cast a critical eye...

Read this single article for $49, or click the subscribe button below to review subscription options.

Enjoy unlimited access to thousands of articles, browse five years of digital magazines, qualify for reduced admission to events, and more.