The State of Third-Party Risk Management


Today, organizations are bombarded by new regulatory guidance, daily occurrences of cybercrime and data breaches, and myriad examples of companies facing stiff penalties due to falling on the wrong side of regulatory scrutiny.

Perhaps that’s why searches on Google for “third-party risk” have risen from 32 million in August of 2011 to more than 90 million in July 2015. It is top of mind for companies that maintain relationships with third- and fourth-party partners, as it should be: regulators pay close attention to these relationships to ensure proper documentation is in place demonstrating compliance.

That’s why ProcessUnity recently conducted its 2015 State of Third-Party Risk report: to document the day-to-day concerns and priorities that exist for companies in financial services and other highly regulated industries. We wanted to get a closer look at the tactics and technologies that more than 200 leading companies were using to stay ahead of the regulatory curve and ensure their name is never the one in the headlines.

Our survey participants reported a variety of critical third-party risk management issues – led by growing regulatory scrutiny; varied investment in technology and tools; and busy teams looking to streamline their processes. Some of the key findings of the survey include:

  • Three out of four survey respondents indicated their organization has a third-party risk management program in place;
  • In the financial sector, 96% of banks, credit unions or mortgage services companies and 88% of non-bank financial institutions currently deploy risk programs;
  • Looking at the data by company size, 90% of firms with more than 10,000 employees reported in-place risk programs, in contrast to 65% with less than 200 employees.

Over the coming weeks, we’ll report back on more of our findings from the State of Third-Party Risk survey, which includes responses from directors and board members, C-level executives, vice presidents, directors and managers. In the meantime, click here to view the full vendor risk management report.

The post The State of Third-Party Risk Management appeared first on Risk Management Blog.


About the Author

Ed Thomas

Ed Thomas leads ProcessUnity’s marketing team and is responsible for the company’s awareness, demand generation and thought-leadership programs. Ed has spent his 20-year career developing and implementing high-impact lead-generation and branding programs for high technology companies, including Stratus Technologies, aPriori, eXcelon, Banyan Systems and Lois Paul & Partners. In fact, ProcessUnity is his third Governance, Risk and Compliance (GRC) company, and he had served prior roles as the Director of Marketing at Cura Software Solutions and the Manager of Corporate Marketing at OpenPages. Ed holds a degree in journalism from Boston University. A home improvement enthusiast and woodworker, Ed spends his free time renovating his 1800’s home with his wife, Penny. His work has appeared on HGTV and in This Old House Magazine.

Follow on Twitter Follow on Linkedin Visit Website More Content by Ed Thomas
Previous Article
The Hidden Costs of Spreadsheets in Compliance and Risk Management
The Hidden Costs of Spreadsheets in Compliance and Risk Management

While spreadsheets are a widely-accepted go-to for compliance and risk management activities, findings from...

Next Article
45-Minute Executive Web Clinic: Offer Management Uncovers $8.1M in Benefit Plan ROI
45-Minute Executive Web Clinic: Offer Management Uncovers $8.1M in Benefit Plan ROI

You’ve probably heard: The sky is falling in the benefits industry. (Or should we say margins are falling!)...