<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=229461991482875&amp;ev=PageView&amp;noscript=1">

“Regulated firms should have appropriate oversight and control over third-party providers and take responsibility for the service they provide. Doing so will reduce the risk of third-party failures or weak controls which could lead to operational disruption, unauthorised loss or disclosure of consumer data.”

This was the specific paragraph in the FCA Business Plan for 2018/19 that has been a key focus on the agendas of our UK Financial Services customers since the plan came out in April.

It comes under the cross-sector priority relating to “Data Security, Resilience & Outsourcing” and features on page 25 of the plan.

For Gatekeeper, key to providing the best service to our customers is understanding as many of the regulatory forces operating on their business as possible.

Naturally, what the FCA is looking to focus on into next year is of going to have the attention of our customers operating in this industry.

Fortunately, Gatekeeper has a wealth of functionality to assist our customers in this regard, significantly contributing to the FCA’s aim of “improving the industry’s operational resilience”.

Specifically, we help our customers by:

  • Recording details of every third-party provider including contract documentation, relevant security certification and sign-off parties.
  • Managing periodic renewals of certifications, such as for Penetration Testing. Gatekeeper generates notifications, automates and tracks the overall progress and records the latest results against a third-party record.
  • Tracking obligations for each contracted party and delivery against them.
  • Providing a secure, auditable record of every action carried out against a particular third-party, with names, dates and change history.
  • Displaying this information in a secure, simple-to-use system allowing permitted users to view and report on the data at any time.

The Case for Third-Party Focus


Aside from the increased focus from the FCA, why else is managing third-party risk more important now in 2018?

Deloitte’s 2018 Report on third-party governance and risk management highlights that 53% of survey respondents have seen “some” or “significant” increase in their dependence on third parties in the last year.

Deloitte’s same report in 2017 revealed that 74% of respondents had experienced at least one third-party incident in the last three years, with a fifth of those incidents being a “complete third-party failure or an incident with major consequences”.

Together, this means there’s:

  • A growing dependence on third-parties
  • A high number of incidents with major consequences
  • An increased regulatory focus
  • A public and press more sensitive to incidents such as data breaches or service outages

Managing third-parties more closely and mitigating risk through the effective deployment of technology has therefore never been more in focus or a higher priority for financial service providers.

In fact, there’s a further case being made that treats effective third-party risk management not just as a prudent measure but also a source of competitive advantage.

Being able to access and exploit third-party expertise faster than competitors has significant upside, particularly in industries such as Financial Services where disruption is being encouraged by regulation and public opinion.

The theme of turning third-party risk into competitive advantage is explored in this report from Ernst & Young.

The Case for Gatekeeper


Not only do we help our customers with monitoring their suppliers but, as a third-party supplier ourselves, we maintain the highest security and quality measures.

Our Information Security Management System (ISMS) has been certified to the ISO 27001:2013 standard. Meanwhile, our Quality Management System (QMS) has been certified to the ISO 9001:2015 standard.

Gatekeeper is also subject to regular security and penetration testing to make sure that our customers’ data remains safe.

This is why we’re trusted by businesses in highly regulated industries such as Finance and Healthcare, in the both the UK and abroad.

If you’re reviewing your internal processes in light of the FCA Plan, or would simply like to understand how other businesses in your sector are mitigating third-party risk using Gatekeeper, then please get in touch today for a free consultation.

Ian Bryce
Ian Bryce

Ian writes on a variety of topics, bringing together his own knowledge and experience with that of industry experts.

Tags

Contract Management , Control , Vendor Management , Compliance , Contract Lifecycle Management , Contract Management Software , Visibility , Contract Lifecycle , Case Study , Supplier Management , Vendor and Contract Lifecycle Management , Vendor Management Software , Contract Risk Management , Contract Management Strategy , Contract Repository , Regulation , Risk Mitigation , Contract Automation , Regulatory compliance , Third Party Risk Management , TPRM , VCLM , Workflows , Artificial Intelligence , CLM , Contract Ownership , Contract Visibility , Contract and vendor management , Contracts , Procurement , Supplier Performance , Supplier Risk , contract renewals , Legal , Legal Ops , NetSuite , Podcast , Risk , Vendor Onboarding , Future of Procurement , Gatekeeper Guides , Procurement Reimagined , Procurement Strategy , RFP , Supplier Relationships , Business continuity , CLM solutions , COVID-19 , Contract Managers , Contract Performance , Contract Redlining , Contract Review , Contract Risk , Contract compliance , ESG , Financial Services , Metadata , Negotiation , SaaS , Supplier Management Software , Vendor Portal , Vendor risk , webinar , AI , Clause Library , Contract Administration , Contract Approvals , Contract Management Plans , Cyber health , ESG Compliance , Kanban , Market IQ , RBAC , Recession Planning , SOC Reports , Security , SuiteWorld , Sustainable Procurement , collaboration , Audit preparedness , Audit readiness , Audits , Business Case , Clause Template , Contract Breach , Contract Governance , Contract Management Audit , Contract Management Automation , Contract Monitoring , Contract Obligations , Contract Outcomes , Contract Reporting , Contract Tracking , Contract Value , DORA , Dashboards , Data Fragmentation , Digital Transformation , Due Diligence , ECCTA , Employee Portal , Excel , FCA , ISO Certification , KPIs , Legal automation , LegalTech , Mergers and Acquisitions , Obligations Management , Partnerships , Procurement Planning , Redline , Scaling Business , Spend Analysis , Standard Contractual Clauses , SuiteApp , Suppler Management Software , Touchless Contracts , Vendor Relationship Management , Vendor risk management , central repository , success hours , time-to-contract , APRA CPS 230 , APRA CPS 234 , Australia , BCP , Bill S-211 , Biotech , Breach of Contract , Brexit , Business Growth , CCPA , CMS , CPRA 2020 , CSR , Categorisation , Centralisation , Certifications , Cloud , Conferences , Confidentiality , Contract Ambiguity , Contract Analysis , Contract Approval , Contract Attributes , Contract Challenges , Contract Change Management , Contract Community , Contract Disengagement , Contract Disputes , Contract Drafting , Contract Economics , Contract Execution , Contract Intake , Contract Management Features , Contract Management Optimisation , Contract Management pain points , Contract Negotiation , Contract Obscurity , Contract Reminder Software , Contract Requests , Contract Routing , Contract Stratification , Contract Templates , Contract Termination , Contract Volatility , Contract relevance , Contract relevance review , Contracting Standards , Contracting Standards Review , Cyber security , DPW , DPW, Vendor and Contract Lifeycle Management, , Data Privacy , Data Sovereignty , Definitions , Disputes , EU , Electronic Signatures , Enterprise , Enterprise Contract Management , Financial Stability , Force Majeure , GDPR , Gatekeeper , Healthcare , ISO , IT , Implementation , Integrations , Intergrations , Key Contracts , Measurement , Microsoft Word , Modern Slavery , NDA , Operations , Parallel Approvals , Pharma , Planning , Port Agency , Pricing , RAG Status , Redlining , Redlining solutions , Requirements , SaaStock , Shipping , Spend optimzation , Startups , Supplier Cataloguing , Technology , Usability , Vendor Categorisation , Vendor Consolidation , Vendor Governance , Vendor compliance , Vendor reporting , Voice of the CEO , automation , concentration risk , contract management processes , contract reminders , cyber risk , document automation , eSign , enterprise vendor management , esignature , post-signature , remote working , vendor centric , vendor lifecycle management

Related Content

 

subscribe to our newsletter

 

Sign up today to receive the latest GateKeeper content in your inbox.

Subscribe to Email Updates