Third-Party Risk

Using a third-party onboarding tool to address new challenges in third-party risk

Daniel Hartnett

Head of Third-Party Risk Intelligence, LSEG

Third-party risk management has become increasingly complex in recent years, potentially exposing companies to a growing number of emerging risks. However, using a third-party onboarding tool can help address these new challenges.

  1. Discover how third-party risk impacts the investment decision-making process.
  2. Understand the increasing pressures on third-party risk management programmes.
  3. Learn how to improve your third-party risk management programme and make informed investment decisions.

In addition to emerging risks, new laws around the globe can complicate a company’s effort to remain regulatory compliant. These and other challenges place additional burdens on the individuals and teams who help companies mitigate third-party risks.

To help address these challenges, companies should leverage a third-party onboarding solution as part of their overall third-party risk management program. Such a tool is often a cloud-based workflow solution designed to help companies efficiently and effectively vet a third party for risk. An onboarding solution can help companies implement a consistent, defensible, and efficient third-party risk management programme across their global organisation.

Refinitiv Due Diligence reports: follow an investigation into a subject’s background, financial and reputational standing.

The changing environment of third-party risk

The past few years have seen significant changes in the concept of third-party risk. One important change is that third-party risk no longer implies just traditional risks such as corruption and bribery concerns. Instead, it increasingly covers emergent risks such as cyber security, data privacy, ESG, and geopolitical risks.

A second notable change is the growing global regulatory focus on third parties. For example, Russia’s invasion of Ukraine last year resulted in a significant increase in the number of entities and individuals placed on sanctions lists. Recent regulations, such as the US Uyghur Forced Labor Protection Act (UFLPA) and Germany’s Supply Chain Due Diligence Act, have also focused on ESG risks across global supply chains. Several of these regulations also require periodic reporting on the state of a company’s third-party risk management programmes.

A third change is the evolving definition of a third party. Traditionally a third party is referred to as an immediate partner, such as an outsourced supplier or distributor. However, more recently it has expanded to also include entities deeper in the supply chain (also referred to as 4th or nth tier suppliers). This change is fueled by a combination of new regulatory requirements and experiences born from several years of supply chain disruptions. As a result, companies are increasingly looking to understand and address how entities across their end-to-end supply chain could expose them to risks.

A fourth change is the role that third-party risk management plays. Historically, such programmes focused mainly on minimising a company’s exposure to regulatory risks. However, several years of supply chain disruptions have expanded this function’s focus to also include preventing such problems in the future. And more recently, third-party risk management teams have also been asked to support corporate austerity measures in light of the ongoing economic slowdown around the globe.

Refinitiv Due diligence solutions: explore our range of due diligence services to help organisations manage and mitigate risk.

Increasing pressures on third-party risk management programmes

These changes present several new challenges to those who manage third-party risk programmes. Traditional approaches are insufficient to address these new challenges. Therefore, third-party risk management teams now also need to:

  1. Understand risks across a company’s entire portfolio of third parties.
  2.  Centralise oversight of a previously fragmented third-party risk management programme.
  3. Strengthen the reporting capabilities of the company’s third-party risk management programme.
  4.  Reduce the administrative overhead needed to run a third-party risk management programme.
  5. Identify and understand in as close to real-time as possible any new risk events related to onboarded third parties.
  6. Provide a clear audit trail for any onboarded third party.

Benefits of third-party onboarding tools

A third-party onboarding tool can increasingly serve as a key component of a holistic third-party risk management programme and can help companies address the challenges, ranging from ensuring a consistent programme to providing a clear audit trail on decisions made. As such, it can provide companies with the following benefits:

  • Implement a consistent third-party onboarding programme for the entire company.
  •  Ensure a risk-based programme across the entire third-party life cycle.
  • Obtain a company-wide view of third-party risks.
  • Reduce the administrative burden required to manage a third-party risk management programme.
  • Reduce the risk of human errors due to automation.
  • Ensure a clear record of any actions taken or decisions made regarding a third party.
  • Obtain in-depth data and reports about a third-party risk management programme.

Stay updated

Subscribe to an email recap from:

Legal Disclaimer

Republication or redistribution of LSE Group content is prohibited without our prior written consent. 

The content of this publication is for informational purposes only and has no legal effect, does not form part of any contract, does not, and does not seek to constitute advice of any nature and no reliance should be placed upon statements contained herein. Whilst reasonable efforts have been taken to ensure that the contents of this publication are accurate and reliable, LSE Group does not guarantee that this document is free from errors or omissions; therefore, you may not rely upon the content of this document under any circumstances and you should seek your own independent legal, investment, tax and other advice. Neither We nor our affiliates shall be liable for any errors, inaccuracies or delays in the publication or any other content, or for any actions taken by you in reliance thereon.

Copyright © 2023 London Stock Exchange Group. All rights reserved.