Identifying Third-Party Risks in the Financial Sector
Provided by 
Steele2017-11-28T09:00:00
Third-party risks in the financial sector are a breed unto themselves. Or, more precisely, they are two related breeds: third-party risks from customers, and third-party risks from vendors. A financial firm’s compliance function must somehow address them both.
Related articles
-
Article
Best practices in third-party risk management
NAVEX Global’s fourth annual third-party risk management benchmark report offers risk and compliance officers a glimpse at how their third-party risk management programs stack up against their peers.
-
Article
2018 will keep CCOS on their toes, despite deregulation
Reducing regulatory burden isn’t reducing risk, CCOs and risk managers reported in year-end surveys. Meanwhile, staffing compliance programs is getting a lot tougher.
-
WebcastCPE Webcast: Banking Compliance in 2025: Key Trends and Future-Proofing Strategies
In addition to a loosening of traditional banking regulation and supervision in areas like capital requirements, stress testing and liquidity, U.S. banking regulators have indicated they will be more receptive to innovation than the previous administration, particularly in the use of Artificial Intelligence, and in digital assets.
More from Thought Leadership
-
ResourceWhite paper: Constructing a Cohesive Cybersecurity Foundation
The individual requirements for your security and risk operations are increasingly complex—and interconnected. Yet despite this increased interconnectivity, many organizations still manage their security operations (SecOps) and integrated risk management (IRM) functions in silos.
-
ResourceWhite paper: Top 5 Mobile Compliance Best Practices
The message from the regulators is clear - having an off-channel policy for mobile communications is not good enough.
-
ResourceWhite paper: SEC doubles down on cyber risk management accountability
To help investors gain a better understanding of cyber risk, the US Securities and Exchange Commission (SEC) has created sweeping new rules—forcing companies to take a more proactive approach to cybersecurity.