Case Study
Develop Strategy & Program to Manage Third Party Risk Exposure
Client
Fortune 50 Financial Institution
Project Overview
Client sought to establish and implement a comprehensive third-party risk management function and strategy to mitigate key risks to the business and technology, by ensuring supplier alignment to existing third-party risk policies and standards. Reference Point facilitated the development of a new divisional third-party process and procedure and an implementation roadmap to achieve division-wide adoption.
Challenge
-
The Client’s Capital Markets division encountered significant third-party risk exposure due to an increasing number of relationships with counterparty suppliers and vendors.
-
The Client lacked a comprehensive third-party risk management function to support key activities across the third-party lifecycle phases, and stakeholder support was only provided through decentralized, ad hoc activities.
-
To reduce third-party risk exposure, remediate outstanding findings, and ensure compliance with new enterprise standards, the Client required efficient and effective measurement and monitoring of third-party risk factors, aligned with industry standards and best practices.
Solution
-
Reference Point deployed a team of risk experts and consultants, including the former Third-Party Risk Inter-affiliate Lead at Citigroup, to facilitate the development and adoption of a comprehensive third-party risk management function and strategy.
-
The team collaborated with key stakeholders across the division, technology, enterprise supply chain, and enterprise risk management to assess the Client’s current divisional third-party risk management policies and capabilities against both the enterprise risk standards as well as industry best practices.
-
Reference Point also supported ongoing audit remediation activities and performed regular initiative status reporting and vendor contract inventory maintenance to meet short-term tactical needs.
Impact
-
Reference Point delivered a new divisional third-party process and procedure document, aligned to existing enterprise standards as well as a gap analysis and implementation roadmap to achieve division-wide adoption.
-
Additionally, Reference Point trained and educated key divisional stakeholders on the risk assessment process and ongoing monitoring activities to increase organizational understanding and accountability.
-
Based on Reference Point’s recommendations, the Client was able to establish a divisional third-party risk management strategy and function, providing the necessary infrastructure to accurately quantify and analyze third-party risk exposure.
-
The initiative was delivered on-time, on-budget, and without significant disturbance to business-as-usual activities.
End-to-End Services, Working Together.
Strategy. Risk. Data. Technology. Reference Point evaluates critical elements all together to build cohesive, lasting value for financial services clients.