There is no denying that third-party relationships require careful and ongoing compliance reviews. But what if your compliance functions—up to and including the CCO—are themselves outsourced?
The answer depends on what specific compliance initiatives are shuffled off to an outside vendor, why, and whether doing so affects a firm’s risk weighting and tolerance.
