INTRODUCTION

• Over the last two decades, companies in the BFSI (Banking, Financial Services & Insurance) industry are increasingly outsourcing their core activities to third parties. While this trend provides operational efficiencies and cost advantages, it also exposes financial services firms to a multitude of risks. In fact, instances of cyber-attacks, security breaches and data privacy concerns, caused US financial services firms to pay fines of more than $23Bn in 2018.
• As a result, Third Party Risk Management (TPRM) has become more important now than ever. A lot of BFSI companies continue to be exposed to third party risks due to inadequate risk monitoring and control measures. Companies often focus on risk management activities during the initial due diligence phase but fail to monitor and control risks across the third-party engagement life cycle. This can lead to security or compliance gaps. Some of the key risks that third-parties impose on financial services firms are below.

• The risk can increase depending on how the company uses these third parties. If a supplier has access to customers’ personal identifiable information (PII) and their systems get hacked, all of the customers’ personal information is compromised. This could not only lead to fines in tens of millions of dollars, but also cause irreparable damage to the organizations brand and reputation.

A ROBUST THIRD-PARTY RISK MANAGEMENT PROGRAM FOR FINANCIAL SERVICES FIRMS IS THE NEED OF THE HOUR

• Increased reliance on third parties across the industry coupled with stringent regulatory norms and frequent cybersecurity breach incidents emphasize the immediate need for financial services companies to set up robust risk management processes. Moreover, effective third-party management is critical for driving operational excellence and managing costs effectively.