The OCC’s National Risk Committee (NRC) has released its Semiannual Risk Perspective for Spring 2019.
Unsurprisingly, the report called out operational risk as elevated due to key drivers such as persistent cybersecurity threats and “increasing use of third parties to provide and support operations that are not effectively understood, implemented, and controlled”.
The report emphasized the challenges associated with Third Party Risk Management (TPRM) and the continued regulatory expectations for financial institutions to manage evolving risk (pages 20-21). And while banks generally respond well to common cyber events, the sophistication, tools, and tactics used by motivated bad actors are continuing to increase the threat to organizations. Both internal and external threats must be identified, mitigated, and controlled.
Reliance on outsourcing to multiple third party service providers (and potential subservice organizations) significantly increases the requirement to implement a highly effective and efficient TPRM program that can be demonstrated to examiners.
Fortrex Technologies offers multiple solutions that are proven to ease the pain of TPRM and satisfy regulatory expectations. We are a team of compliance experts who provide answers to your questions. We have a long history in financial services including experience establishing and running TPRM programs. Our expert security analysts understand the complexity of assessing cybersecurity controls and can provide targeted recommendations to ensure your outsourced service providers are meeting FFIEC, ISO, and industry standards.