Skip to content
Thomson Reuters
Customer & Third Party Risk

Winning the third party risk management challenge

Howard Presland

18 Jul 2018

Photography: Kim Hong-Ji. Winning the third party risk management challenge
Photography: Kim Hong-Ji

The challenges of third party risk management are complex, but with the help of new technologies and a robust risk framework companies are better placed to drive operational efficiencies.


  1. Corporates lag behind the financial services industry in adopting new technologies for more efficient third party risk management.
  2. Top of the list of corporate challenges is the scalability of workflow solutions, with too many data vendors, contracts and points of integration.
  3. A good third party risk management framework requires accurate and reliable data in order to decrease the manual remediation effort.

During my video interview with Finextra, conducted by Hannah Wallace, we discussed the many challenges that third party risk managers face in the modern age.

One of the first topics we explored was the financial services industry’s approach to innovation through the adoption of new technologies to keep up with regulatory change.

Hannah asked me whether this progress was being mirrored in the corporate sector.

A head start for FIs

Most financial institutions (FIs) deal with 100,000s, if not millions of customers and have clear regulatory obligations to adhere to around KYC, sanctions and PEP screening.

Because of this, FIs and regulated businesses tend to already have robust risk management procedures and workflow systems in place.

Through necessity, they have a good understanding and are familiar with the types of data required to optimally manage their KYC due diligence programs.

We could say that they are further along in the maturity curve, giving them a head start in establishing a third party risk framework.

With this in mind, FIs are looking towards enhancing their existing programs with new technologies in order to drive operational efficiency.

Watch: Third Party Risk Compliance Within the Financial Sector

Broader range of risks

In contrast, corporates have more hurdles to overcome when establishing a third party risk program.

Firstly, there’s the volume and types of third parties as well as a broader range of risks that need to be addressed. This includes regulatory, reputational, operational and financial.

Corporates tend to be less mature than FIs in this space.

For them it is more about moving from a reactive to a proactive approach to risk and less about adopting new technologies and innovation.

An interesting and helpful article — The Never-Ending Story — and the accompanying infographic from Compliance Week, in collaboration with Open Compliance & Ethics Group (OCEG) and Thomson Reuters, looks at the challenges in setting up a robust third party risk framework.

Winning the third party risk management challenge

AI and risk management

Artificial intelligence (AI) and new technologies are playing a part within a number of solutions in the KYC space, augmenting the rules-based and automated processes that underpin effective risk management programs.

For example, screening companies for possible risk against adverse media using text analytics, algorithm machine learning and natural language processing.

This enables the delivery of relevant third party risk intelligence and allows compliance teams to focus on what is important.

Third party risk management. Winning the third party risk management challenge

Key information points

What are the key information points that help to drive efficiencies with third party risk management?

  • Accessible information about the third party, such as spend, geography and type of third party.
  • Additional information that a company collects from its third parties through supplier onboarding questionnaires.
  • Supplementary external data that is consumed to help identify regulatory, reputational, and operational risks is integrated into solutions to understand risk typologies, drive risk scoring and remediation.

Top of the list of our customer challenges is the scalability of workflow solutions.

In addition, the market is telling us that companies have too many data vendors, too many contracts and too many points of integration. This is leading to a lack of consistency in applying risk taxonomies and resulting in a lot of manual remediation.

Watch: The challenges of managing third party risk

Get the fundamentals right

By bringing together comprehensive and interconnected third party risk data to drive operational efficiencies, one of the key challenges for third party risk managers will be answered.

Customers across many business segments are increasing operational efficiency by using our solutions.

However, these technologies alone are not the solution to the highly complex world of third party risk management. It is a way forward, but the fundamentals need to be in place first.

True cost of financial crime report 2018. Winning the third party risk management challenge

Saudi Arabia anti-corruption and your compliance A new approach to compliance management Connected Risk named Risk Management System of the Year Is KYC using blockchain the answer for banks? How to fight financial crime — the Twitter view Third party risk: Are you scoring an own goal? Will AnaCredit be another compliance epic? A compliance and risk summit with innovation at its heart Compliance technology changing the face of compliance Financial crime report: The true costs and how to fight back