SlideShare a Scribd company logo

Third Party Management - The Journey Continues…

Download as PPTX, PDF
MyComplianceOffice
MyComplianceOffice

This document summarizes a presentation given by Linda Tuck Chapman on third party risk management. The presentation covers key topics such as who sets the rules for third party oversight, the importance of lifecycle management and governance, applying a three lines of defense framework, and ensuring senior management has sufficient insight. It also includes polling questions to gauge attendees' organizations' progress in implementing third party risk management programs.

Economy & Finance
1 of 19
Third Party Management … the journey continues… 5 October 2017 Linda Tuck Chapman lindatuckchapman@ontala.com 416.452.4635 | 917.831.2923
3 Linda Tuck Chapman President, ONTALA 416.452.4635 | 917.831.2923 lindatuckchapman@ontala.com A recognized expert in third-party lifecycle and risk management. outsourcing governance and third-party optimization Career highlights: • CPO, BMO Financial Group • President & CEO Education Marketplace • CPO, Fifth Third Bank • CPO and VP Executive Shared Services, Scotiabank Group Third Party Management Leadership Profile: • Author: “Third Party Lifecycle and Risk Management – What You Should Know” (available on Amazon October 2017) • Author: RMA Journal, Wall Street Risk Journal, industry publications • RMA: Third Party Management Specialist, Facilitator, Trainer • SRC: Chair, SRC Thought Leaders Council • SHARED ASSESSMENTS GROUP: Advisory Board member • CORE: Lecturer Linda Tuck Chapman © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
4 Agenda 1 Today’s speaker 2 Who sets the rules? 3 Lifecycle management and governance 4 3PRM applied 5 Three lines of defense 6 The end game 7 Contact information © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
5 Regulatory Financial THIRD PARTY MANAGEMENT SENIOR MANAGEMENT INFORMATION SECURITY FINANCE OPERATIONAL RISK COMPLIANCE LEGAL Which stakeholders set the rules? Customers Third Parties © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
6 Polling Question #1 What is the #1 reason why your company has/is implementing a third party management program? 1. It’s a regulatory requirement 2. Our clients demanded it 3. To respond to an increased threat landscape 4. We have a strong risk culture, no question we need this 5. Not there yet 6. Not sure © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
7 Simplifying complexity is a critical success factor Segmenting critical and risky relationships and separating them from the thousands of possibilities is reliant on effective tools and processes Good governance relies on knowledgeable risk specialists, actionable information and insight, and a strong risk culture Operating Framework Governance Framework Source: Linda Tuck Chapman, Ontala 2017 © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
8 Three “Lines of Defense” framework Source: IIA Position Paper on the Three Lines of Defense in Effective Risk Management and Control (January 2013); Adapted from ECIIA/FERMA Guidance on the 8th EU Company Law Directive, article 41 © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
9 Polling Question # 2 Has your company implemented a “three lines of defense” framework for managing operational risk? 1. Yes 2. No 3. Not sure 4. This is a new concept for me © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
10 Translate policy and processes into action relationship-level Management and Monitoring 1st LOD Templates (e.g.) 2nd LOD Templates (e.g.) Service Organizational Control (SOC) Review IT Risk Assessment Business and Performance Reviews Cloud Adequacy Assessment Consumer Compliance Review Offshore Control Adequacy Usage Planning Business Continuity Adequacy Contingency and Termination Planning Compliance Testing Key Indicators (SLA/KPI/KRI) Compliance Due Diligence Standard Due Diligence Contract Control Adequacy Standard Assessments, Due Diligence, Controls and Monitoring • High(est) criticality • Highest risks • Significant issues and incidents • Specific risks (e.g. high risk cloud vendors) Management procedures Risk Dashboard Risk Reports (e.g.) Standard risk assessment and evaluation templates Action plans Remediation management Exception tracking business unit level Independent Challenge and Exception Management AggregatedReporting Policies, tools and processes enterprise level Third Party and BU Scorecards Third Party Management Platform © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
11 What does your RASCI look like? RASCI: Responsible, Accountable, Support, Consult, Inform © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
12 Polling Question #3 Which elements of your program are most problematic? 1. Adoption and engagement in the 1st Line of Defense 2. Under resourced 1st Line of Defense 3. Under resourced 2nd Line of Defense 4. Too much complexity and work for too few benefits 5. Other 6. Not sure © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
13 You know what you don’t know You know what you know You don’t know what you know You don’t know what you don’t know Source: Linda Tuck Chapman Johari’s window is a way to be thoughtful about risk © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
14 Polling Question #4 Would senior management say that your program gives them all of the information and insight they need? 1. Yes, we’ve got this nailed 2. Not yet, but we’re headed in the right direction 3. Not yet, it needs a lot of work 4. Not sure © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
Q&A
16 MCO Third Party Risk Management • Affordable SaaS solution • Inventory of Third Parties • Vendor Scoring and Risk Assessments • Due Diligence and Screening • Certifications and Attestations • Contract Management • Integrates with Employee Conflict of Interest • Gifts and Entertainment • Outside Business Interests • Personal Trading • Attestations • Integrates with Trade surveillance solution (KYT) • Integrates with Customer Suitability solution (KYC) © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
17 Polling Question #5 Is your program automated? 1. Yes 2. No 3. Partly © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
18 Contact MyComplianceOffice Email: advance@mycomplianceoffice.com Website: https://mco.mycomplianceoffice.com lindatuckchapman@ontala.com Linda Tuck Chapman 416.452.4635 | 917-831-2923 www.ontala.com © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
Thanks for listening! Thank You!

Recommended

2016 0621_Using Analytics to Increase Customer Engagement and Revenue
2016 0621_Using Analytics to Increase Customer Engagement and Revenue2016 0621_Using Analytics to Increase Customer Engagement and Revenue
2016 0621_Using Analytics to Increase Customer Engagement and RevenueTom Coghlan
 
#corpriskforum2016 - Vincent Tophoff
#corpriskforum2016 - Vincent Tophoff#corpriskforum2016 - Vincent Tophoff
#corpriskforum2016 - Vincent TophoffAlexei Sidorenko, CRMP
 
'Test Data Management and Project Quality Go Hand In Hand' by Kristian Fische...
'Test Data Management and Project Quality Go Hand In Hand' by Kristian Fische...'Test Data Management and Project Quality Go Hand In Hand' by Kristian Fische...
'Test Data Management and Project Quality Go Hand In Hand' by Kristian Fische...TEST Huddle
 
The 5 Building Blocks For A Sustainable Content Strategy - #SPS2015
The 5 Building Blocks For A Sustainable Content Strategy - #SPS2015The 5 Building Blocks For A Sustainable Content Strategy - #SPS2015
The 5 Building Blocks For A Sustainable Content Strategy - #SPS2015G3 Communications
 
Dmai analytics solutions guide
Dmai analytics solutions guideDmai analytics solutions guide
Dmai analytics solutions guidetricia eunice baylon
 
Tilburg university 15 march 2018
Tilburg university 15 march 2018Tilburg university 15 march 2018
Tilburg university 15 march 2018Marc van Mierlo MBB
 
7 Ways to Avoid Being a Project "Micro" Manager
7 Ways to Avoid Being a Project "Micro" Manager7 Ways to Avoid Being a Project "Micro" Manager
7 Ways to Avoid Being a Project "Micro" ManagerCorporate Education Group (CEG)
 
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...AIIM International
 

Recommended

2016 0621_Using Analytics to Increase Customer Engagement and Revenue
2016 0621_Using Analytics to Increase Customer Engagement and Revenue2016 0621_Using Analytics to Increase Customer Engagement and Revenue
2016 0621_Using Analytics to Increase Customer Engagement and RevenueTom Coghlan
 
#corpriskforum2016 - Vincent Tophoff
#corpriskforum2016 - Vincent Tophoff#corpriskforum2016 - Vincent Tophoff
#corpriskforum2016 - Vincent TophoffAlexei Sidorenko, CRMP
 
'Test Data Management and Project Quality Go Hand In Hand' by Kristian Fische...
'Test Data Management and Project Quality Go Hand In Hand' by Kristian Fische...'Test Data Management and Project Quality Go Hand In Hand' by Kristian Fische...
'Test Data Management and Project Quality Go Hand In Hand' by Kristian Fische...TEST Huddle
 
The 5 Building Blocks For A Sustainable Content Strategy - #SPS2015
The 5 Building Blocks For A Sustainable Content Strategy - #SPS2015The 5 Building Blocks For A Sustainable Content Strategy - #SPS2015
The 5 Building Blocks For A Sustainable Content Strategy - #SPS2015G3 Communications
 
Dmai analytics solutions guide
Dmai analytics solutions guideDmai analytics solutions guide
Dmai analytics solutions guidetricia eunice baylon
 
Tilburg university 15 march 2018
Tilburg university 15 march 2018Tilburg university 15 march 2018
Tilburg university 15 march 2018Marc van Mierlo MBB
 
7 Ways to Avoid Being a Project "Micro" Manager
7 Ways to Avoid Being a Project "Micro" Manager7 Ways to Avoid Being a Project "Micro" Manager
7 Ways to Avoid Being a Project "Micro" ManagerCorporate Education Group (CEG)
 
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...AIIM International
 
A successful GDPR Program
A successful GDPR ProgramA successful GDPR Program
A successful GDPR ProgramAlberto Canadè
 
Corporate Presentation Tri Ict
Corporate Presentation Tri IctCorporate Presentation Tri Ict
Corporate Presentation Tri Ictdenisleroytriict
 
Top Strategies for Encouraging Employees to Use Your Whistleblower Hotline
Top Strategies for Encouraging Employees to Use Your Whistleblower HotlineTop Strategies for Encouraging Employees to Use Your Whistleblower Hotline
Top Strategies for Encouraging Employees to Use Your Whistleblower HotlineCase IQ
 
Designing an integrated campaign that generates action and gets results - Pam...
Designing an integrated campaign that generates action and gets results - Pam...Designing an integrated campaign that generates action and gets results - Pam...
Designing an integrated campaign that generates action and gets results - Pam...Global Business Intelligence
 
Testing Transformation: The Art and Science for Success
Testing Transformation: The Art and Science for SuccessTesting Transformation: The Art and Science for Success
Testing Transformation: The Art and Science for SuccessTechWell
 
Introduction to Analytics - Context
Introduction to Analytics - ContextIntroduction to Analytics - Context
Introduction to Analytics - ContextLee Schlenker
 
RICS APM Project Leadership Conference Feb 2016
RICS APM Project Leadership Conference Feb 2016RICS APM Project Leadership Conference Feb 2016
RICS APM Project Leadership Conference Feb 2016Donnie MacNicol
 
Introduction to consulting
Introduction to consultingIntroduction to consulting
Introduction to consultingSophie Consultorama
 
Introduction to consulting
Introduction to consultingIntroduction to consulting
Introduction to consultingSophie Topsent
 
DV 2016: Why Your Organization Needs Data and Analytics Governance
DV 2016: Why Your Organization Needs Data and Analytics GovernanceDV 2016: Why Your Organization Needs Data and Analytics Governance
DV 2016: Why Your Organization Needs Data and Analytics GovernanceTealium
 
How To Uncover Hidden Pipeline with Data
How To Uncover Hidden Pipeline with DataHow To Uncover Hidden Pipeline with Data
How To Uncover Hidden Pipeline with DataMarketo
 
NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon MurphyNTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon MurphyNorth Texas Chapter of the ISSA
 
2 grips itsmfbe - siam the future of outsourcing - 12112019
2 grips itsmfbe - siam the future of outsourcing - 121120192 grips itsmfbe - siam the future of outsourcing - 12112019
2 grips itsmfbe - siam the future of outsourcing - 12112019itSMF Belgium
 
How to keep your pcm implementation from becoming a circus 10 tips for a su...
How to keep your pcm implementation from becoming a circus 10 tips for a su...How to keep your pcm implementation from becoming a circus 10 tips for a su...
How to keep your pcm implementation from becoming a circus 10 tips for a su...p6academy
 
LMS Implementation lessons
LMS Implementation lessonsLMS Implementation lessons
LMS Implementation lessonsAndy Wooler
 
The Human Factor: Five Tips for Creating the Quintessential Hybrid IT Profess...
The Human Factor: Five Tips for Creating the Quintessential Hybrid IT Profess...The Human Factor: Five Tips for Creating the Quintessential Hybrid IT Profess...
The Human Factor: Five Tips for Creating the Quintessential Hybrid IT Profess...BMC Software
 
Pink Elephant Asia Portfolio Overview
Pink Elephant Asia Portfolio OverviewPink Elephant Asia Portfolio Overview
Pink Elephant Asia Portfolio OverviewJan-Willem Middelburg
 
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Puneet Kukreja
 
CPO Game Changer Series – Volume 1: Early Engagement
CPO Game Changer Series – Volume 1: Early EngagementCPO Game Changer Series – Volume 1: Early Engagement
CPO Game Changer Series – Volume 1: Early EngagementZycus
 
Positioning simplified the fast track to positioning success (part 2)
Positioning simplified the fast track to positioning success (part 2)Positioning simplified the fast track to positioning success (part 2)
Positioning simplified the fast track to positioning success (part 2)AIPMM Administration
 
Prepare Your Firm for GDPR
Prepare Your Firm for GDPRPrepare Your Firm for GDPR
Prepare Your Firm for GDPRMyComplianceOffice
 
Regulatory Update - SMCR
Regulatory Update - SMCRRegulatory Update - SMCR
Regulatory Update - SMCRMyComplianceOffice
 

More Related Content

Similar to Third Party Management - The Journey Continues…

A successful GDPR Program
A successful GDPR ProgramA successful GDPR Program
A successful GDPR ProgramAlberto Canadè
 
Corporate Presentation Tri Ict
Corporate Presentation Tri IctCorporate Presentation Tri Ict
Corporate Presentation Tri Ictdenisleroytriict
 
Top Strategies for Encouraging Employees to Use Your Whistleblower Hotline
Top Strategies for Encouraging Employees to Use Your Whistleblower HotlineTop Strategies for Encouraging Employees to Use Your Whistleblower Hotline
Top Strategies for Encouraging Employees to Use Your Whistleblower HotlineCase IQ
 
Designing an integrated campaign that generates action and gets results - Pam...
Designing an integrated campaign that generates action and gets results - Pam...Designing an integrated campaign that generates action and gets results - Pam...
Designing an integrated campaign that generates action and gets results - Pam...Global Business Intelligence
 
Testing Transformation: The Art and Science for Success
Testing Transformation: The Art and Science for SuccessTesting Transformation: The Art and Science for Success
Testing Transformation: The Art and Science for SuccessTechWell
 
Introduction to Analytics - Context
Introduction to Analytics - ContextIntroduction to Analytics - Context
Introduction to Analytics - ContextLee Schlenker
 
RICS APM Project Leadership Conference Feb 2016
RICS APM Project Leadership Conference Feb 2016RICS APM Project Leadership Conference Feb 2016
RICS APM Project Leadership Conference Feb 2016Donnie MacNicol
 
Introduction to consulting
Introduction to consultingIntroduction to consulting
Introduction to consultingSophie Topsent
 
DV 2016: Why Your Organization Needs Data and Analytics Governance
DV 2016: Why Your Organization Needs Data and Analytics GovernanceDV 2016: Why Your Organization Needs Data and Analytics Governance
DV 2016: Why Your Organization Needs Data and Analytics GovernanceTealium
 
How To Uncover Hidden Pipeline with Data
How To Uncover Hidden Pipeline with DataHow To Uncover Hidden Pipeline with Data
How To Uncover Hidden Pipeline with DataMarketo
 
2 grips itsmfbe - siam the future of outsourcing - 12112019
2 grips itsmfbe - siam the future of outsourcing - 121120192 grips itsmfbe - siam the future of outsourcing - 12112019
2 grips itsmfbe - siam the future of outsourcing - 12112019itSMF Belgium
 
How to keep your pcm implementation from becoming a circus 10 tips for a su...
How to keep your pcm implementation from becoming a circus 10 tips for a su...How to keep your pcm implementation from becoming a circus 10 tips for a su...
How to keep your pcm implementation from becoming a circus 10 tips for a su...p6academy
 
LMS Implementation lessons
LMS Implementation lessonsLMS Implementation lessons
LMS Implementation lessonsAndy Wooler
 
The Human Factor: Five Tips for Creating the Quintessential Hybrid IT Profess...
The Human Factor: Five Tips for Creating the Quintessential Hybrid IT Profess...The Human Factor: Five Tips for Creating the Quintessential Hybrid IT Profess...
The Human Factor: Five Tips for Creating the Quintessential Hybrid IT Profess...BMC Software
 
Pink Elephant Asia Portfolio Overview
Pink Elephant Asia Portfolio OverviewPink Elephant Asia Portfolio Overview
Pink Elephant Asia Portfolio OverviewJan-Willem Middelburg
 
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Puneet Kukreja
 
CPO Game Changer Series – Volume 1: Early Engagement
CPO Game Changer Series – Volume 1: Early EngagementCPO Game Changer Series – Volume 1: Early Engagement
CPO Game Changer Series – Volume 1: Early EngagementZycus
 
Positioning simplified the fast track to positioning success (part 2)
Positioning simplified the fast track to positioning success (part 2)Positioning simplified the fast track to positioning success (part 2)
Positioning simplified the fast track to positioning success (part 2)AIPMM Administration
 

Similar to Third Party Management - The Journey Continues… (20)

A successful GDPR Program
A successful GDPR ProgramA successful GDPR Program
A successful GDPR Program
 
Corporate Presentation Tri Ict
Corporate Presentation Tri IctCorporate Presentation Tri Ict
Corporate Presentation Tri Ict
 
Top Strategies for Encouraging Employees to Use Your Whistleblower Hotline
Top Strategies for Encouraging Employees to Use Your Whistleblower HotlineTop Strategies for Encouraging Employees to Use Your Whistleblower Hotline
Top Strategies for Encouraging Employees to Use Your Whistleblower Hotline
 
Designing an integrated campaign that generates action and gets results - Pam...
Designing an integrated campaign that generates action and gets results - Pam...Designing an integrated campaign that generates action and gets results - Pam...
Designing an integrated campaign that generates action and gets results - Pam...
 
Testing Transformation: The Art and Science for Success
Testing Transformation: The Art and Science for SuccessTesting Transformation: The Art and Science for Success
Testing Transformation: The Art and Science for Success
 
Introduction to Analytics - Context
Introduction to Analytics - ContextIntroduction to Analytics - Context
Introduction to Analytics - Context
 
RICS APM Project Leadership Conference Feb 2016
RICS APM Project Leadership Conference Feb 2016RICS APM Project Leadership Conference Feb 2016
RICS APM Project Leadership Conference Feb 2016
 
Introduction to consulting
Introduction to consultingIntroduction to consulting
Introduction to consulting
 
Introduction to consulting
Introduction to consultingIntroduction to consulting
Introduction to consulting
 
DV 2016: Why Your Organization Needs Data and Analytics Governance
DV 2016: Why Your Organization Needs Data and Analytics GovernanceDV 2016: Why Your Organization Needs Data and Analytics Governance
DV 2016: Why Your Organization Needs Data and Analytics Governance
 
How To Uncover Hidden Pipeline with Data
How To Uncover Hidden Pipeline with DataHow To Uncover Hidden Pipeline with Data
How To Uncover Hidden Pipeline with Data
 
NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon MurphyNTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
 
2 grips itsmfbe - siam the future of outsourcing - 12112019
2 grips itsmfbe - siam the future of outsourcing - 121120192 grips itsmfbe - siam the future of outsourcing - 12112019
2 grips itsmfbe - siam the future of outsourcing - 12112019
 
How to keep your pcm implementation from becoming a circus 10 tips for a su...
How to keep your pcm implementation from becoming a circus 10 tips for a su...How to keep your pcm implementation from becoming a circus 10 tips for a su...
How to keep your pcm implementation from becoming a circus 10 tips for a su...
 
LMS Implementation lessons
LMS Implementation lessonsLMS Implementation lessons
LMS Implementation lessons
 
The Human Factor: Five Tips for Creating the Quintessential Hybrid IT Profess...
The Human Factor: Five Tips for Creating the Quintessential Hybrid IT Profess...The Human Factor: Five Tips for Creating the Quintessential Hybrid IT Profess...
The Human Factor: Five Tips for Creating the Quintessential Hybrid IT Profess...
 
Pink Elephant Asia Portfolio Overview
Pink Elephant Asia Portfolio OverviewPink Elephant Asia Portfolio Overview
Pink Elephant Asia Portfolio Overview
 
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
 
CPO Game Changer Series – Volume 1: Early Engagement
CPO Game Changer Series – Volume 1: Early EngagementCPO Game Changer Series – Volume 1: Early Engagement
CPO Game Changer Series – Volume 1: Early Engagement
 
Positioning simplified the fast track to positioning success (part 2)
Positioning simplified the fast track to positioning success (part 2)Positioning simplified the fast track to positioning success (part 2)
Positioning simplified the fast track to positioning success (part 2)
 

More from MyComplianceOffice

Best Practices to Achieve an Effective FCPA Compliance Program
Best Practices to Achieve an Effective FCPA Compliance ProgramBest Practices to Achieve an Effective FCPA Compliance Program
Best Practices to Achieve an Effective FCPA Compliance ProgramMyComplianceOffice
 
The Evolving Regulatory Landscape: Insights for Compliance Officers
The Evolving Regulatory Landscape: Insights for Compliance OfficersThe Evolving Regulatory Landscape: Insights for Compliance Officers
The Evolving Regulatory Landscape: Insights for Compliance OfficersMyComplianceOffice
 
SEC & FINRA 2017 Priorities: A Midyear Update
SEC & FINRA 2017 Priorities: A Midyear UpdateSEC & FINRA 2017 Priorities: A Midyear Update
SEC & FINRA 2017 Priorities: A Midyear UpdateMyComplianceOffice
 
Ready your Organisation: Senior Managers and Certification Regime
Ready your Organisation: Senior Managers and Certification RegimeReady your Organisation: Senior Managers and Certification Regime
Ready your Organisation: Senior Managers and Certification RegimeMyComplianceOffice
 
Foreign Corrupt Practices Act (FCPA) Compliance Webinar
Foreign Corrupt Practices Act (FCPA) Compliance WebinarForeign Corrupt Practices Act (FCPA) Compliance Webinar
Foreign Corrupt Practices Act (FCPA) Compliance WebinarMyComplianceOffice
 

More from MyComplianceOffice (8)

Prepare Your Firm for GDPR
Prepare Your Firm for GDPRPrepare Your Firm for GDPR
Prepare Your Firm for GDPR
 
Regulatory Update - SMCR
Regulatory Update - SMCRRegulatory Update - SMCR
Regulatory Update - SMCR
 
Is This Bribe Tax Deductible
Is This Bribe Tax DeductibleIs This Bribe Tax Deductible
Is This Bribe Tax Deductible
 
Best Practices to Achieve an Effective FCPA Compliance Program
Best Practices to Achieve an Effective FCPA Compliance ProgramBest Practices to Achieve an Effective FCPA Compliance Program
Best Practices to Achieve an Effective FCPA Compliance Program
 
The Evolving Regulatory Landscape: Insights for Compliance Officers
The Evolving Regulatory Landscape: Insights for Compliance OfficersThe Evolving Regulatory Landscape: Insights for Compliance Officers
The Evolving Regulatory Landscape: Insights for Compliance Officers
 
SEC & FINRA 2017 Priorities: A Midyear Update
SEC & FINRA 2017 Priorities: A Midyear UpdateSEC & FINRA 2017 Priorities: A Midyear Update
SEC & FINRA 2017 Priorities: A Midyear Update
 
Ready your Organisation: Senior Managers and Certification Regime
Ready your Organisation: Senior Managers and Certification RegimeReady your Organisation: Senior Managers and Certification Regime
Ready your Organisation: Senior Managers and Certification Regime
 
Foreign Corrupt Practices Act (FCPA) Compliance Webinar
Foreign Corrupt Practices Act (FCPA) Compliance WebinarForeign Corrupt Practices Act (FCPA) Compliance Webinar
Foreign Corrupt Practices Act (FCPA) Compliance Webinar
 

Recently uploaded

VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...
VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...
VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...dipikadinghjn ( Why You Choose Us? ) Escorts
 
The Economic History of the U.S. Lecture 18.pdf
The Economic History of the U.S. Lecture 18.pdfThe Economic History of the U.S. Lecture 18.pdf
The Economic History of the U.S. Lecture 18.pdfGale Pooley
 
Indore Real Estate Market Trends Report.pdf
Indore Real Estate Market Trends Report.pdfIndore Real Estate Market Trends Report.pdf
Indore Real Estate Market Trends Report.pdfSaviRakhecha1
 
Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...
Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...
Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...priyasharma62062
 
The Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdfThe Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdfGale Pooley
 
The Economic History of the U.S. Lecture 21.pdf
The Economic History of the U.S. Lecture 21.pdfThe Economic History of the U.S. Lecture 21.pdf
The Economic History of the U.S. Lecture 21.pdfGale Pooley
 
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...Call Girls in Nagpur High Profile
 
VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...
VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...
VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...dipikadinghjn ( Why You Choose Us? ) Escorts
 
Call Girls in New Friends Colony Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escort...
Call Girls in New Friends Colony Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escort...Call Girls in New Friends Colony Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escort...
Call Girls in New Friends Colony Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escort...Delhi Call girls
 
The Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdfThe Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdfGale Pooley
 
Booking open Available Pune Call Girls Talegaon Dabhade 6297143586 Call Hot ...
Booking open Available Pune Call Girls Talegaon Dabhade 6297143586 Call Hot ...Booking open Available Pune Call Girls Talegaon Dabhade 6297143586 Call Hot ...
Booking open Available Pune Call Girls Talegaon Dabhade 6297143586 Call Hot ...Call Girls in Nagpur High Profile
 
06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf
06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf
06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdfFinTech Belgium
 
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...ssifa0344
 
Top Rated Pune Call Girls Sinhagad Road ⟟ 6297143586 ⟟ Call Me For Genuine S...
Top Rated Pune Call Girls Sinhagad Road ⟟ 6297143586 ⟟ Call Me For Genuine S...Top Rated Pune Call Girls Sinhagad Road ⟟ 6297143586 ⟟ Call Me For Genuine S...
Top Rated Pune Call Girls Sinhagad Road ⟟ 6297143586 ⟟ Call Me For Genuine S...Call Girls in Nagpur High Profile
 
Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )
Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )
Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )Pooja Nehwal
 
The Economic History of the U.S. Lecture 25.pdf
The Economic History of the U.S. Lecture 25.pdfThe Economic History of the U.S. Lecture 25.pdf
The Economic History of the U.S. Lecture 25.pdfGale Pooley
 
( Jasmin ) Top VIP Escorts Service Dindigul 💧 7737669865 💧 by Dindigul Call G...
( Jasmin ) Top VIP Escorts Service Dindigul 💧 7737669865 💧 by Dindigul Call G...( Jasmin ) Top VIP Escorts Service Dindigul 💧 7737669865 💧 by Dindigul Call G...
( Jasmin ) Top VIP Escorts Service Dindigul 💧 7737669865 💧 by Dindigul Call G...dipikadinghjn ( Why You Choose Us? ) Escorts
 
03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptxFinTech Belgium
 

Recently uploaded (20)

VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...
VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...
VIP Call Girl in Mumbai 💧 9920725232 ( Call Me ) Get A New Crush Everyday Wit...
 
The Economic History of the U.S. Lecture 18.pdf
The Economic History of the U.S. Lecture 18.pdfThe Economic History of the U.S. Lecture 18.pdf
The Economic History of the U.S. Lecture 18.pdf
 
Indore Real Estate Market Trends Report.pdf
Indore Real Estate Market Trends Report.pdfIndore Real Estate Market Trends Report.pdf
Indore Real Estate Market Trends Report.pdf
 
Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...
Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...
Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...
 
The Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdfThe Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdf
 
From Luxury Escort Service Kamathipura : 9352852248 Make on-demand Arrangemen...
From Luxury Escort Service Kamathipura : 9352852248 Make on-demand Arrangemen...From Luxury Escort Service Kamathipura : 9352852248 Make on-demand Arrangemen...
From Luxury Escort Service Kamathipura : 9352852248 Make on-demand Arrangemen...
 
The Economic History of the U.S. Lecture 21.pdf
The Economic History of the U.S. Lecture 21.pdfThe Economic History of the U.S. Lecture 21.pdf
The Economic History of the U.S. Lecture 21.pdf
 
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
 
VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...
VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...
VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...
 
Call Girls in New Friends Colony Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escort...
Call Girls in New Friends Colony Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escort...Call Girls in New Friends Colony Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escort...
Call Girls in New Friends Colony Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escort...
 
The Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdfThe Economic History of the U.S. Lecture 19.pdf
The Economic History of the U.S. Lecture 19.pdf
 
Booking open Available Pune Call Girls Talegaon Dabhade 6297143586 Call Hot ...
Booking open Available Pune Call Girls Talegaon Dabhade 6297143586 Call Hot ...Booking open Available Pune Call Girls Talegaon Dabhade 6297143586 Call Hot ...
Booking open Available Pune Call Girls Talegaon Dabhade 6297143586 Call Hot ...
 
06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf
06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf
06_Joeri Van Speybroek_Dell_MeetupDora&Cybersecurity.pdf
 
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
 
Top Rated Pune Call Girls Sinhagad Road ⟟ 6297143586 ⟟ Call Me For Genuine S...
Top Rated Pune Call Girls Sinhagad Road ⟟ 6297143586 ⟟ Call Me For Genuine S...Top Rated Pune Call Girls Sinhagad Road ⟟ 6297143586 ⟟ Call Me For Genuine S...
Top Rated Pune Call Girls Sinhagad Road ⟟ 6297143586 ⟟ Call Me For Genuine S...
 
Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )
Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )
Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )
 
The Economic History of the U.S. Lecture 25.pdf
The Economic History of the U.S. Lecture 25.pdfThe Economic History of the U.S. Lecture 25.pdf
The Economic History of the U.S. Lecture 25.pdf
 
( Jasmin ) Top VIP Escorts Service Dindigul 💧 7737669865 💧 by Dindigul Call G...
( Jasmin ) Top VIP Escorts Service Dindigul 💧 7737669865 💧 by Dindigul Call G...( Jasmin ) Top VIP Escorts Service Dindigul 💧 7737669865 💧 by Dindigul Call G...
( Jasmin ) Top VIP Escorts Service Dindigul 💧 7737669865 💧 by Dindigul Call G...
 
03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx
 
(Vedika) Low Rate Call Girls in Pune Call Now 8250077686 Pune Escorts 24x7
(Vedika) Low Rate Call Girls in Pune Call Now 8250077686 Pune Escorts 24x7(Vedika) Low Rate Call Girls in Pune Call Now 8250077686 Pune Escorts 24x7
(Vedika) Low Rate Call Girls in Pune Call Now 8250077686 Pune Escorts 24x7
 

Third Party Management - The Journey Continues…

  • 1. Third Party Management … the journey continues… 5 October 2017 Linda Tuck Chapman lindatuckchapman@ontala.com 416.452.4635 | 917.831.2923
  • 2.
  • 3. 3 Linda Tuck Chapman President, ONTALA 416.452.4635 | 917.831.2923 lindatuckchapman@ontala.com A recognized expert in third-party lifecycle and risk management. outsourcing governance and third-party optimization Career highlights: • CPO, BMO Financial Group • President & CEO Education Marketplace • CPO, Fifth Third Bank • CPO and VP Executive Shared Services, Scotiabank Group Third Party Management Leadership Profile: • Author: “Third Party Lifecycle and Risk Management – What You Should Know” (available on Amazon October 2017) • Author: RMA Journal, Wall Street Risk Journal, industry publications • RMA: Third Party Management Specialist, Facilitator, Trainer • SRC: Chair, SRC Thought Leaders Council • SHARED ASSESSMENTS GROUP: Advisory Board member • CORE: Lecturer Linda Tuck Chapman © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
  • 4. 4 Agenda 1 Today’s speaker 2 Who sets the rules? 3 Lifecycle management and governance 4 3PRM applied 5 Three lines of defense 6 The end game 7 Contact information © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
  • 5. 5 Regulatory Financial THIRD PARTY MANAGEMENT SENIOR MANAGEMENT INFORMATION SECURITY FINANCE OPERATIONAL RISK COMPLIANCE LEGAL Which stakeholders set the rules? Customers Third Parties © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
  • 6. 6 Polling Question #1 What is the #1 reason why your company has/is implementing a third party management program? 1. It’s a regulatory requirement 2. Our clients demanded it 3. To respond to an increased threat landscape 4. We have a strong risk culture, no question we need this 5. Not there yet 6. Not sure © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
  • 7. 7 Simplifying complexity is a critical success factor Segmenting critical and risky relationships and separating them from the thousands of possibilities is reliant on effective tools and processes Good governance relies on knowledgeable risk specialists, actionable information and insight, and a strong risk culture Operating Framework Governance Framework Source: Linda Tuck Chapman, Ontala 2017 © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
  • 8. 8 Three “Lines of Defense” framework Source: IIA Position Paper on the Three Lines of Defense in Effective Risk Management and Control (January 2013); Adapted from ECIIA/FERMA Guidance on the 8th EU Company Law Directive, article 41 © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
  • 9. 9 Polling Question # 2 Has your company implemented a “three lines of defense” framework for managing operational risk? 1. Yes 2. No 3. Not sure 4. This is a new concept for me © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
  • 10. 10 Translate policy and processes into action relationship-level Management and Monitoring 1st LOD Templates (e.g.) 2nd LOD Templates (e.g.) Service Organizational Control (SOC) Review IT Risk Assessment Business and Performance Reviews Cloud Adequacy Assessment Consumer Compliance Review Offshore Control Adequacy Usage Planning Business Continuity Adequacy Contingency and Termination Planning Compliance Testing Key Indicators (SLA/KPI/KRI) Compliance Due Diligence Standard Due Diligence Contract Control Adequacy Standard Assessments, Due Diligence, Controls and Monitoring • High(est) criticality • Highest risks • Significant issues and incidents • Specific risks (e.g. high risk cloud vendors) Management procedures Risk Dashboard Risk Reports (e.g.) Standard risk assessment and evaluation templates Action plans Remediation management Exception tracking business unit level Independent Challenge and Exception Management AggregatedReporting Policies, tools and processes enterprise level Third Party and BU Scorecards Third Party Management Platform © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
  • 11. 11 What does your RASCI look like? RASCI: Responsible, Accountable, Support, Consult, Inform © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
  • 12. 12 Polling Question #3 Which elements of your program are most problematic? 1. Adoption and engagement in the 1st Line of Defense 2. Under resourced 1st Line of Defense 3. Under resourced 2nd Line of Defense 4. Too much complexity and work for too few benefits 5. Other 6. Not sure © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
  • 13. 13 You know what you don’t know You know what you know You don’t know what you know You don’t know what you don’t know Source: Linda Tuck Chapman Johari’s window is a way to be thoughtful about risk © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
  • 14. 14 Polling Question #4 Would senior management say that your program gives them all of the information and insight they need? 1. Yes, we’ve got this nailed 2. Not yet, but we’re headed in the right direction 3. Not yet, it needs a lot of work 4. Not sure © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
  • 15. Q&A
  • 16. 16 MCO Third Party Risk Management • Affordable SaaS solution • Inventory of Third Parties • Vendor Scoring and Risk Assessments • Due Diligence and Screening • Certifications and Attestations • Contract Management • Integrates with Employee Conflict of Interest • Gifts and Entertainment • Outside Business Interests • Personal Trading • Attestations • Integrates with Trade surveillance solution (KYT) • Integrates with Customer Suitability solution (KYC) © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
  • 17. 17 Polling Question #5 Is your program automated? 1. Yes 2. No 3. Partly © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.
  • 18. 18 Contact MyComplianceOffice Email: advance@mycomplianceoffice.com Website: https://mco.mycomplianceoffice.com lindatuckchapman@ontala.com Linda Tuck Chapman 416.452.4635 | 917-831-2923 www.ontala.com © 2017 ONTALA Performance Solutions Ltd..Confidential Information. Do not copy or distribute.

Editor's Notes

  1. Linda 2:12
  2. Linda 2:12
  3. Linda 2:12
  4. Linda 2:12
  5. As we’ve seen at the start of the webinar, poor management of your risk and compliance program can be very expensive for the organization and indeed for the individuals concerned! MyComplianceOffice has been developed and refined to help you synchronize the demands of the regulators with the needs of the organization, and we do this through a range of integrated software modules that will automate and control your risk and compliance program. Risk and compliance management is a tough job and it is not easy to keep an organization compliant; one look at the fines tells us all about that. MCO can help you to automate your third party and vendor risk management program, your employee compliance program, your firms trading, and your customer management. This covers a very broad range of activities from employee trade management to gifts and entertainment and outside business activities. From vendor on-boarding to risk assessments and on-going due diligence. It is our job to enhance you reputation through better risk and compliance management across the board. If that sounds like something that you can benefit from, please let us know.
  6. Linda 2:12