LSEG Editor
LSEG’s webinar series, Meet the Experts features experts unpacking relevant risk management topics. In the latest session, experts from LSEG Risk Intelligence and Aravo Solutions, reveal how organisations can drive efficiency and integrity in third-party risk management.
Best practice in third-party risk management
In the complex and ever-changing world organisations today are tasked with making challenging decisions at speed – all while ensuring complete compliance with evolving regulations.
Our in-webinar poll reveals that 38% of respondents find making onboarding decisions, including high risk decisions, to be a top challenge in third-party due diligence, especially enhanced due diligence.
While different stakeholders define third-party risk management differently, the essence is that organisations are trying to present a credible view of who they are doing business with, the risks posed, and what they are doing about them.
But how do firms achieve this with speed and efficiency? Best practice third-party risk management begins with a structured approach to collecting information about third parties, validating that information, and then turning that intelligence into actionable data. The overarching aim – to track ever-changing relationships over time.
Interestingly, organisations these days are moving away from survey- or assessment-driven intensive approaches, recognising the need to keep their eyes on the road. Instead, they are leveraging advanced tools to identify negative news, sanctions or PEP concerns.
This enables them to determine inherent risk – the risk posture a third party poses if no controls are applied at all. Across industries – such as financial services, manufacturing, and pharma – motivations differ, but the outlook is similar: understand risk posture, compare it to risk appetite, and take action.
Complex risk, continuous monitoring and automation
Our experts reiterate that risk is complex and interconnected – making third-party risk highly challenging.
In this dynamic environment, centralising incoming information is essential, as this enables organisations to see the big picture and move from reactive to proactive risk management.
Where risk is suspected or detected, the relationship should be investigated further – for example by the ESG team if there is a sustainability concern, or by the compliance team if there is a financial crime suspicion. The outcome may include rejection, approval, conditional approval requiring corrective action, or enhanced due diligence.
Organisations increasingly recognise the need to segment and scope relationships, because this allows a proportional approach, which ensures that high-risk, low-volume relationships receive greater scrutiny than low-risk ones.
Another key element to note is lifecycle management – and many organisations are moving away from ad hoc, one-time assessments to continuous monitoring and evaluation. This is important, since risk changes over time.
AI and automation have a substantial role to play in this evolution, with some specific use cases including identifying duplicate vendors, segmenting third-party criticality, automating approvals and rejections, evaluating SLAs, and reducing false positives from inbound adverse news. Importantly, AI should be deployed responsibly and alongside trusted human expertise.
The new competitive advantage?
While in the past enhanced due diligence and efficiency were almost viewed as opposite concepts, the following pillars –can drive substantial efficiency in enhanced due diligence:
- Trusted intelligence – credible, verified data supported by subject-matter expertise is the foundation.
- Contextualised insights – raw data is not enough, organisations need thorough analysis that explains what risks mean.
- Speed, scalability and global reach – rapid turnaround and global coverage are essential to help firms keep pace with onboarding and monitoring demands.
- Direct workflow integration – embedding due diligence directly into third-party risk management platforms via APIs and structured data eliminates manual steps, friction and errors.
The combination of these four elements can boost efficiency, reduce errors and help free teams from manual tasks so they can focus on areas of higher value-add, and turn third-party risk management from a cost centre to a new competitive advantage.
Legal Disclaimer
Republication or redistribution of LSE Group content is prohibited without our prior written consent.
The content of this publication is for informational purposes only and has no legal effect, does not form part of any contract, does not, and does not seek to constitute advice of any nature and no reliance should be placed upon statements contained herein. Whilst reasonable efforts have been taken to ensure that the contents of this publication are accurate and reliable, LSE Group does not guarantee that this document is free from errors or omissions; therefore, you may not rely upon the content of this document under any circumstances and you should seek your own independent legal, investment, tax and other advice. Neither We nor our affiliates shall be liable for any errors, inaccuracies or delays in the publication or any other content, or for any actions taken by you in reliance thereon.
Copyright © 2025 London Stock Exchange Group. All rights reserved.
The content of this publication is provided by London Stock Exchange Group plc, its applicable group undertakings and/or its affiliates or licensors (the “LSE Group” or “We”) exclusively.
Neither We nor our affiliates guarantee the accuracy of or endorse the views or opinions given by any third party content provider, advertiser, sponsor or other user. We may link to, reference, or promote websites, applications and/or services from third parties. You agree that We are not responsible for, and do not control such non-LSE Group websites, applications or services.
The content of this publication is for informational purposes only. All information and data contained in this publication is obtained by LSE Group from sources believed by it to be accurate and reliable. Because of the possibility of human and mechanical error as well as other factors, however, such information and data are provided "as is" without warranty of any kind. You understand and agree that this publication does not, and does not seek to, constitute advice of any nature. You may not rely upon the content of this document under any circumstances and should seek your own independent legal, tax or investment advice or opinion regarding the suitability, value or profitability of any particular security, portfolio or investment strategy. Neither We nor our affiliates shall be liable for any errors, inaccuracies or delays in the publication or any other content, or for any actions taken by you in reliance thereon. You expressly agree that your use of the publication and its content is at your sole risk.
To the fullest extent permitted by applicable law, LSE Group, expressly disclaims any representation or warranties, express or implied, including, without limitation, any representations or warranties of performance, merchantability, fitness for a particular purpose, accuracy, completeness, reliability and non-infringement. LSE Group, its subsidiaries, its affiliates and their respective shareholders, directors, officers employees, agents, advertisers, content providers and licensors (collectively referred to as the “LSE Group Parties”) disclaim all responsibility for any loss, liability or damage of any kind resulting from or related to access, use or the unavailability of the publication (or any part of it); and none of the LSE Group Parties will be liable (jointly or severally) to you for any direct, indirect, consequential, special, incidental, punitive or exemplary damages, howsoever arising, even if any member of the LSE Group Parties are advised in advance of the possibility of such damages or could have foreseen any such damages arising or resulting from the use of, or inability to use, the information contained in the publication. For the avoidance of doubt, the LSE Group Parties shall have no liability for any losses, claims, demands, actions, proceedings, damages, costs or expenses arising out of, or in any way connected with, the information contained in this document.
LSE Group is the owner of various intellectual property rights ("IPR”), including but not limited to, numerous trademarks that are used to identify, advertise, and promote LSE Group products, services and activities. Nothing contained herein should be construed as granting any licence or right to use any of the trademarks or any other LSE Group IPR for any purpose whatsoever without the written permission or applicable licence terms.
