Outsourcing and Third Party Risk

The resilience and security of third parties is of critical importance to UK Finance members. The risk from cyberattacks remains very real and information security is a key area of due diligence when firms assess their third parties. UK Finance is at the forefront of efforts to improve that assessment process. 

Equally however, the more ‘mundane’ operational failures can cause significant amounts of disruption. As we’ve seen through the Covid-19 crisis, things such as whether a supplier is able to source adequate amounts of laptops or cleaning supplies must now be considered when dealing with third parties. As the use of third parties and outsourcing increases it can be expected that its importance will also increase.

This is reflected in the increasing levels of regulatory scrutiny on outsourcing and third parties, whether that be through the Prudential Regulation Authority (PRA)’s 2019 consultation paper and subsequent policy statement due for publication this year, or the European Commission’s Digital Operational Resilience Act (DORA). The latter, among other things, seeks to create an oversight framework to identify and oversee ICT third party service providers deemed "critical" for financial entities.

To support our members as they navigate through this every increasing landscape of operational and regulatory requirements I’m delighted to say that I will be joined by experts from Grant Thornton and TLT Partners for a webinar on this topic on 19 March, where we will explore these issues in more depth. 

--------------------------------

Free webinar: Regulatory Roadmap II: Cyber and Third-Party Risk, 19 March, 12pm

With the rapid changes in the technology landscape, the understanding of risk and resilience plays a key role in business resilience. On a larger scale it also plays a key role in the strengthening of the financial sector. More recently, with the new normal of home working, organisations have taken on additional cyber and third-party resilience demands with significance on outsourcing and third-party relationships.

This session, in collaboration with knowledge partners Grant Thornton and TLT, will delve into the PRA’s latest consultation paper on Outsourcing and Third-Party risk management. It will take into account the increased adoption of cloud and various regulatory guidelines on business relationships with cloud service providers.

Register here

About the Regulatory Roadmap series

UK Finance is running a series of free briefings in March to support members with the evolving 2021 regulatory landscape.

The Regulatory Roadmap series will take place between 15-29 March and will also include sessions on Cyber Transformation chaired by Oge Udensi, Principal, Cyber Security, and RegTech, which will be led by Jonathan Middleton, Principal, Technology and Digital Policy Delivery Coordination.

Details of the full series can be found below - please click on a link to register for free via our webinar platform:

• Monday 15 March (12:00): The Regulatory Framework Review    
• Monday 15 March (16:00): Regulatory Priorities in 2021 
• Tuesday 16 March (12:00): Cyber Transformation
• Tuesday 16 March (16:00): MREL
• Wednesday 17 March (12:00): COP26 and Beyond    
• Wednesday 17 March (16:00): IFRS 9 
• Thursday 18 March (12:00): Libor Transition   
• Thursday 18 March (16:00): Negative Interest Rates 
• Friday 19 March (12:00): Cyber & Third Party Risk   
• Monday 22 March (12:00): Capital Requirements Regulation II (CRR2)
• Tuesday 23 March (12:00): The Evolution of the Capital Markets Rulebook including the UK Listings Regime    
• Wednesday 24 March (12:00): 3LoD
• Wednesday 24 March (16:00): RegTech    
• Thursday 25 March (12:00): Payments Regulation
• Friday 26 March (12:00): Digital Regulatory Reporting    
• Monday 29 March (12:00): Open Banking & Open Finance