THE UH OH MOMENT. Financial Services Enterprises Focus on Governance, Transparency and Supply Chain Risk

Size: px
Start display at page:

Download "THE UH OH MOMENT. Financial Services Enterprises Focus on Governance, Transparency and Supply Chain Risk"

Transcription

1 THE UH OH MOMENT Financial Services Enterprises Focus on Governance, Transparency and Supply Chain Risk By Lois Coatney, Chuck Walker and Joseph Yacura, ISG Directors

2 INTRODUCTION A top priority for financial services enterprises today is assessing, monitoring and mitigating operational risk. This emphasis largely reflects growing general concerns about natural disasters, political instability, economic uncertainty and a changing supplier landscape. In addition, having outsourced significant portions of core functions, organizations are increasingly dependent on third parties for critical operations, and are therefore potentially vulnerable to disruptions at any point along the service delivery chain. Coupled with this heightened sense of exposure, regulators are subjecting financial services businesses to more intense scrutiny, partly in response to new legislative and regulatory requirements, but also as a result of more rigorous adherence to existing rules and standards. To address these challenges, firms are focusing on improving governance and risk management mechanisms to enhance accountability and ensure oversight of operations and processes throughout the supply chain. It s a tall order, as many enterprises lack even rudimentary tools and capabilities to monitor supply chain risks. This ISG white paper examines the emerging regulatory environment in the financial services sector, challenges facing many organizations and their causes and characteristics, and keys to implementing effective governance and supply chain risk programs. THE UH OH MOMENT LOIS COATNEY, CHUCK WALKER & JOSEPH YACURA 1

3 GLOBAL SERVICE DELIVERY Outsourcing, offshoring and multisourcing are integral to the global operational models of financial services organizations. According to ISG data, in 2011 the financial services sector accounted for 35 percent of the total value of outsourcing contracts, and generated 29 percent of the outsourcing industry s revenue. In recent years, moreover, ISG research shows a clear trend of decreasing contract sizes, while total contract value has remained relatively constant. Put simply, the critical operations and sensitive data of today s financial services organizations are increasingly managed by a growing number of third parties, often including layers upon layers of sub-contractors (often termed first-, second-, third-, etc., tier suppliers). Involving multiple external suppliers in the delivery chain poses the obvious potential risk of the weakest link. More specifically, multisourcing can make it difficult to define end-to-end service accountability and process owners, as well as open the door for finger-pointing when something goes wrong. Global delivery service models increasingly deploy both third-party vendors and captive service centers in India, China, Eastern Europe and Latin America. Concentrating suppliers in any one region exposes businesses to risk from natural disasters or political upheaval. While dispersing providers geographically diffuses such risk, it also expands the range of potential fail points in service delivery. In addition to being increasingly complex, global delivery models are also highly volatile. For one thing, fluctuations in offshore labor rates result in frequent relocations of offshore delivery centers as businesses seek the next low-cost hot spot. Concerns around productivity, access to skilled resources, foreign exchange rate fluctuations, data security, quality and political fall-out, moreover, are causing many clients to rethink their offshore strategy and move operations back onshore. CLOSER SCRUTINY In response to broader economic trends as well as the specific potential threats posed by sourcing trends, regulatory bodies are undertaking a more aggressive approach to evaluating how financial services organizations are managing service delivery. The Dodd-Frank legislation is the most prominent and visible regulatory initiative affecting the industry. Although confusion remains regarding the particular implications of specific rules, and while litigation and lobbying efforts continue, in 2013 the industry will move from a wait-and-see attitude of what the rules will mean to one of taking action to comply. Accordingly, banks are hiring compliance officers and technology experts to enhance their oversight capabilities, and are stepping up efforts to communicate the implications of Dodd-Frank to clients. Regulatory compliance concerns are not confined to Dodd-Frank. ISG has observed more rigorous audits of banks by the Office of the Comptroller of the Currency (OCC). Bulletin of the Consumer Finance Protection Bureau (CFPB) specifically directs banks to ensure that third-party providers who touch customers are compliant with consumer protection laws. Recent audits of insurance firms by the Federal Reserve have focused on transparency of outsourced services, while the Securities and Exchange Commission (SEC) has emphasized the protection of service delivery continuity as more and more providers become involved in the supply chain. The combination of new regulations and legislation, together with a stricter enforcement of existing risk management standards, has significantly raised the bar. Previous levels of compliance are no longer sufficient, as auditors increasingly demand specifics in terms of understanding how services are being monitored (in real time), what processes are being used and how service provider performance is reported over time. THE UH OH MOMENT LOIS COATNEY, CHUCK WALKER & JOSEPH YACURA 2

4 CHARACTERISTICS OF THE PROBLEM In an environment characterized by the increased potential for supplier risk exposure, coupled with more rigorous oversight by regulators, enhanced transparency and improved governance processes and supply chain risk management are becoming more urgent requirements for financial services organizations. Evidence suggests that many financial services organizations today lack adequate governance processes and supply chain risk management tools to effectively assess, evaluate and mitigate risk in their outsourced service delivery chains. One fundamental problem is that many banks and insurers simply don t conduct adequate due diligence. Those that do, moreover, tend to focus on pre-contract due diligence, rather than monitoring contract performance and risk during contract execution and beyond. In many cases, extensive financial and capability analyses are conducted up front to qualify providers and make award decisions. However, with shorter contract terms and one-year options, all the data collected early on has a limited shelf life, so that three to six months into a contract the assessments made and data collected are outdated. Indeed, ISG has observed many financial services organizations where extensive documentation exists but has little application to reality and provides no decision-making support. A front-loaded approach to governance also frequently results in a lack of available resources for ongoing oversight. In other words, the business not only lacks access to real time actionable data and documentation, it lacks the bandwidth and expertise needed to interpret the data in real time and take corrective action. If the governance and supply chain risk management frameworks are inadequate from the outset, they will typically be unable to address the complexity of the service delivery chain specifically, the multiple stakeholders involved, the hand-off points between clients and suppliers, and between suppliers and other suppliers. Without a target operating model in place, outsourcing becomes a tactical rather than a strategic exercise, with different sets of roles and responsibilities for each supplier. The result is a hodgepodge of standards and multiple fractures in the service delivery process. Rather than ensuring coordination between the myriad entities and touch points involved, governance and supply chain risk management efforts are often limited to addressing discrete risks or solving isolated problems. In this fragmented environment, it s impossible to aggregate information across the delivery chain, as individual suppliers focus on collecting their own data, using their own tools and managing their own fixes and changes. As a result, the business struggles to understand the causes and effects of risks at different states of the sourcing lifecycle, to ensure visibility into critical processes, and to assign accountability for problems that occur. THE UH OH MOMENT For many banks and financial institutions, the key problem is that they simply don t know what they don t know. While processes may be in place, and data may be collected, analyses quickly reveal a gap between what the rules are and the ability to verify that the rules are being followed. As a first step in analyzing a governance and supply chain risk management framework and processes, ISG often assesses the data, reports and processes a client uses to make decisions. The review involves detailed questioning around how service providers are managed, what processes are used, and how those processes would be demonstrated during a regulatory audit. In many cases, clients struggle to provide substantive answers, and it quickly becomes apparent that significant gaps exist between the theory of process oversight and the reality of day-to-day management decision-making. This harsh epiphany convinces clients that immediate and urgent action is imperative. The challenge then becomes where to begin. As a first step, ISG recommends an initial risk assessment profile. This profile is a prioritization exercise to identify the areas of both internal and external risk that have the most impact on the business. Subsequently, for each critical area identified, service levels, issue and change management processes, ITIL frameworks and other criteria are assessed to identify specific problems and high-priority corrective actions. THE UH OH MOMENT LOIS COATNEY, CHUCK WALKER & JOSEPH YACURA 3

5 The initial analysis that focuses on critical trouble areas should be followed by a broader collaborative exercise between the client and supplier teams, one designed to facilitate discussion aimed at identifying problem areas and outlining means of monitoring and opportunities for improvement. By bringing all parties to the table, a holistic view of service delivery and the interrelationships along the service delivery chain begin to emerge. Moreover, it becomes possible to calculate the value of specific changes (limiting re-work or catching billing errors, assuring continuity of supply, etc.), define standard roles and responsibilities, and make contractual changes to re-define problematic supplier touch points. STANDARD VS. CUSTOM As the client and service provider teams build a holistic view of service delivery, it s critical to define a standard set of taxonomies, roles and responsibilities, process owners, sources of real time data, etc., for all strategic (first-tier) suppliers and their critical (second-, third-, fourth-, etc., tier) suppliers. This is necessary to address the fractures in service delivery described earlier, and to ensure continuity and visibility into the multiple touch points along the total supply chain. Perhaps most important, standardization is essential to addressing the compliance challenge, as it enhances transparency and the ability to design to expectations. ISG sees an opportunity for service providers to add value to client relationships by proactively pushing for and defining standard processes. In many cases, suppliers bear the burden of defining mandates; while this practice could be seen as accommodating client preferences, in reality it prevents providers from leveraging standard practices across multiple clients if the supplier gives every client a unique set of processes, no single client can benefit from the supplier s economies of scale. While standard processes are essential, clients must at the same time categorize different types of suppliers according to risk. This involves tiering different suppliers based on the level of risk they are exposed to. In other words, suppliers that regularly handle sensitive data will require a high level of scrutiny of oversight, while those that are less exposed will fall into a category requiring fewer resources. In addition to evaluating suppliers individually, clients must understand where different layers of sub-contractors might be exposed to risk, and address those entities in an appropriate manner. By prioritizing the risk exposure posed by different suppliers, clients can assign the necessary resources to monitoring different suppliers as appropriate. Clearly defined categories, based on clearly defined rules and standards, are also important to addressing regulatory inquiries. Over the long term, organizational discipline and commitment of resources is essential to the successful mitigation of supply chain risk. The best intentions of governance and supply chain risk management efforts in early stages of a relationship yield only temporary value if not built into the fabric of the enterprise to assure a sustained focus. THE UH OH MOMENT LOIS COATNEY, CHUCK WALKER & JOSEPH YACURA 4

6 LOOKING FOR A STRATEGIC PARTNER? Your operational excellence is our business. CONTACT US Visit the AccessISG Sourcing Portal for more sourcing information, insight and tools. Click the envelope to contact us or go to Information Services Group (ISG) (NASDAQ: III) is a leading technology insights, market intelligence and advisory services company, serving more than 500 clients around the world to help them achieve operational excellence. ISG supports private and public sector organizations to transform and optimize their operational environments through research, benchmarking, consulting and managed services, with a focus on information technology, business process transformation, program management services and enterprise resource planning. Clients look to ISG for unique insights and innovative solutions for leveraging technology, the deepest data source in the industry, and more than five decades of experience and global leadership in information and advisory services. Based in Stamford, Conn., the company has more than 850 employees and operates in 21 countries. For additional information, visit Copyright 2013 Information Services Group All Rights Reserved

Blind spot Banks are increasingly outsourcing more activities to third parties. But they can t outsource the risks.

Blind spot Banks are increasingly outsourcing more activities to third parties. But they can t outsource the risks. Blind spot Banks are increasingly outsourcing more activities to third parties. But they can t outsource the risks. For anyone familiar with the banking industry, it comes as no surprise that banks are

More information

THE ADM TRANSITION CHALLENGE

THE ADM TRANSITION CHALLENGE THE ADM TRANSITION CHALLENGE Ensuring Adequate and Timely Production Access By Jim Hussey Head of Global Transition Services, ISG www.isg-one.com INTRODUCTION Providing production access to offshore resources

More information

FIXING PROJECT MANAGEMENT: A MUST-HAVE

FIXING PROJECT MANAGEMENT: A MUST-HAVE FIXING PROJECT MANAGEMENT: A MUST-HAVE Consistent Standards are Key to Multi-Vendor Operating Models By Michelle Mack, Principal Consultant www.isg-one.com INTRODUCTION Today s complex multi-source operating

More information

THIRD PARTY SUPPLIER RISK MANAGEMENT. Meeting Emerging Financial Services Regulatory Requirements. By Joseph Yacura, ISG Director. www.isg-one.

THIRD PARTY SUPPLIER RISK MANAGEMENT. Meeting Emerging Financial Services Regulatory Requirements. By Joseph Yacura, ISG Director. www.isg-one. THIRD PARTY SUPPLIER RISK MANAGEMENT Meeting Emerging Financial Services Regulatory Requirements By Joseph Yacura, ISG Director www.isg-one.com INTRODUCTION U.S. and Canadian financial services companies

More information

SHARED SERVICES. An Enabler for Managing Risk. Steve Tracy, Principal Consultant, ISG. www.isg-one.com

SHARED SERVICES. An Enabler for Managing Risk. Steve Tracy, Principal Consultant, ISG. www.isg-one.com SHARED SERVICES An Enabler for Managing Risk Steve Tracy, Principal Consultant, ISG www.isg-one.com INTRODUCTION During the last few years, companies have become increasingly focused on the need for effective

More information

WHAT TO LET GO, WHAT TO HOLD ON TO

WHAT TO LET GO, WHAT TO HOLD ON TO WHAT TO LET GO, WHAT TO HOLD ON TO Defining and Managing an Optimal Sourcing Mix By Lawrence Kane, Senior IT Leader, Boeing & John Lytle, Director, ISG www.isg-one.com INTRODUCTION Executives responsible

More information

BUILDING WORLD-CLASS OUTSOURCING GOVERNANCE

BUILDING WORLD-CLASS OUTSOURCING GOVERNANCE BUILDING WORLD-CLASS OUTSOURCING GOVERNANCE Accepting, Managing and Surfing on Waves of Change Cynthia Hollandsworth Batty, Director, ISG www.isg-one.com INTRODUCTION How hard can it be to build a world-class

More information

SHARED SERVICES OR OUTSOURCING?

SHARED SERVICES OR OUTSOURCING? SHARED SERVICES OR OUTSOURCING? Assessing Scope, Process Maturity and Organizational Design Kevin Lewis, ISG Director; CPA, CGMA www.isg-one.com INTRODUCTION As organizations grow in size and complexity,

More information

ITIL BENEFITS. Where s the Beef? Chris Pfauser, Principal Consultant, ISG; and Cindy LaChapelle, Principal Consultant, ISG. www.isg-one.

ITIL BENEFITS. Where s the Beef? Chris Pfauser, Principal Consultant, ISG; and Cindy LaChapelle, Principal Consultant, ISG. www.isg-one. ITIL BENEFITS Where s the Beef? Chris Pfauser, Principal Consultant, ISG; and Cindy LaChapelle, Principal Consultant, ISG www.isg-one.com INTRODUCTION Many organizations that have invested significant

More information

TOUGH CHOICES ON HEALTHCARE EXCHANGES

TOUGH CHOICES ON HEALTHCARE EXCHANGES TOUGH CHOICES ON HEALTHCARE EXCHANGES Administrators Must Think Beyond Cost Savings By Don Biron, Director www.isg-one.com INTRODUCTION The healthcare exchange model represents a potential sea change in

More information

HEROES VS. PROCESS DISCIPLINE

HEROES VS. PROCESS DISCIPLINE HEROES VS. PROCESS DISCIPLINE Operational Excellence in Managed Services Todd Dreger, Partner, ISG; and Bob Mathers, Account Manager, ISG www.isg-one.com INTRODUCTION The business culture of many client

More information

ADDING CLOUD TO THE SERVICE DELIVERY MIX

ADDING CLOUD TO THE SERVICE DELIVERY MIX ADDING CLOUD TO THE SERVICE DELIVERY MIX Business Drivers and Organizational Considerations By Stanton Jones, ISG, and Kalyan Kumar, HCL www.isg-one.com INTRODUCTION Large global organizations today are

More information

Speed, Agility and Muscle:

Speed, Agility and Muscle: New White Paper from ISG & GEP Speed, Agility and Muscle: The Rise of Procurement Outsourcing in the Results-Driven Enterprise Executive Summary With long-term economic and revenue trends uncertain, both

More information

FACILITIES MANAGEMENT OUTSOURCING

FACILITIES MANAGEMENT OUTSOURCING FACILITIES MANAGEMENT OUTSOURCING Prioritizing Activities is Critical to Success By Pankaj Agarwal, Principal Consultant, ISG www.isg-one.com INTRODUCTION Any outsourcing arrangement involves a range of

More information

THE RFP WILL NEVER BE THE SAME

THE RFP WILL NEVER BE THE SAME THE RFP WILL NEVER BE THE SAME Emerging Approaches to Innovative Sourcing By Thomas Young, Partner, ISG www.isg-one.com INTRODUCTION Clients today clamor for innovation from their service providers, yet

More information

GLOBAL PAYROLL CHAOS. Bringing Order to Global Payroll Chaos. Julie Fernandez, Director, ISG. www.isg-one.com

GLOBAL PAYROLL CHAOS. Bringing Order to Global Payroll Chaos. Julie Fernandez, Director, ISG. www.isg-one.com GLOBAL PAYROLL CHAOS Bringing Order to Global Payroll Chaos Julie Fernandez, Director, ISG www.isg-one.com INTRODUCTION Like so many organizations, you manage employees around the globe, ranging from a

More information

ROBUST GROWTH FOR ENGINEERING SERVICES OUTSOURCING

ROBUST GROWTH FOR ENGINEERING SERVICES OUTSOURCING ROBUST GROWTH FOR ENGINEERING SERVICES OUTSOURCING Spend Shifts to Emerging Markets; Captives Reassessed By Jim Routzong, Director, Manufacturing Vertical www.isg-one.com INTRODUCTION The Engineering Services

More information

THE ITO GOVERNANCE CHALLENGE

THE ITO GOVERNANCE CHALLENGE THE ITO GOVERNANCE CHALLENGE Overcoming Barriers to Achieve Operational and Financial Transparency By Terri Hart-Sears, Director, ISG; and Greg Weaver, Vice President, Blazent www.isg-one.com INTRODUCTION

More information

GOVERNING THE CLOUD PARADOX

GOVERNING THE CLOUD PARADOX GOVERNING THE CLOUD PARADOX Balancing Flexibility and Oversight By Stanton Jones, Emerging Technology Analyst, ISG www.isg-one.com INTRODUCTION Large global organizations seeking to add cloud-based capabilities

More information

WHY GOOD DATA IS A MUST

WHY GOOD DATA IS A MUST WHY GOOD DATA IS A MUST Asset Management Oversight is Essential to Effective Governance By Terri Hart-Sears www.isg-one.com INTRODUCTION Asset Management is a set of business practices that join financial,

More information

BALANCING THE STAKES. Risks and Critical Success Factors for Procurement Gainshare Arrangements

BALANCING THE STAKES. Risks and Critical Success Factors for Procurement Gainshare Arrangements BALANCING THE STAKES Risks and Critical Success Factors for Procurement Gainshare Arrangements Shahid Bhatty, Principal Consultant, ISG Sue Danino, Partner, ISG www.isg-one.com INTRODUCTION: THE GENESIS

More information

CONTACT CENTER OUTSOURCING

CONTACT CENTER OUTSOURCING CONTACT CENTER OUTSOURCING Evolving Delivery Models Shape a Dynamic Market By Mike McMenamin, Director www.isg-one.com INTRODUCTION The economic recession of 2008 has had a significant impact on the global

More information

STRATEGIC GOVERNANCE

STRATEGIC GOVERNANCE STRATEGIC GOVERNANCE Achieving Next-Generation Benefits with Sourcing Cynthia Hollandsworth Batty, Director, ISG and Carol Britton, Managing Director & Chief Procurement Officer, BNY Mellon www.isg-one.com

More information

GLOBAL BUSINESS SERVICES

GLOBAL BUSINESS SERVICES GLOBAL BUSINESS SERVICES Taking Business Support Functions to the Next Level Sue Danino, Partner, ISG www.isg-one.com INTRODUCTION As economic pressures continue to abound, many corporations are looking

More information

FINANCIAL SERVICES FLASH REPORT

FINANCIAL SERVICES FLASH REPORT FINANCIAL SERVICES FLASH REPORT OCC Updates Guidance on Third-Party Relationships December 2, 2013 Introduction On November 4, 2013, the Office of the Comptroller of the Currency (OCC) released Bulletin

More information

Five Approaches to Managing Third-Party Risk

Five Approaches to Managing Third-Party Risk Five Approaches to Managing Third-Party Risk by Lou Payeur, CG Risk & Regulatory Practice Lead Financial institutions are operating at record levels. And while the mix of business and profits may be different

More information

BUSINESS SERVICES & THE CLOUD

BUSINESS SERVICES & THE CLOUD BUSINESS SERVICES & THE CLOUD A Winning Combination for BPO and Captive Shared Services for Non-IT Functions? Dr. Stefan Meixner, Director DACH, ISG www.isg-one.com INTRODUCTION The seismic technological

More information

HEALTHCARE REFORM WILL TALK SMAC

HEALTHCARE REFORM WILL TALK SMAC HEALTHCARE REFORM WILL TALK SMAC Disruptive Technologies Key to Success of Outcome-Based Delivery By Al Denis, Director www.isg-one.com INTRODUCTION The Affordable Care Act creates a powerful set of incentives

More information

THIRD PARTY. T i m L i e t z R e g i o n a l P r a c t i c e L e a d e r R i s k A d v i s o r y S e r v i c e s

THIRD PARTY. T i m L i e t z R e g i o n a l P r a c t i c e L e a d e r R i s k A d v i s o r y S e r v i c e s MANAGING THIRD PARTY RISK T i m L i e t z R e g i o n a l P r a c t i c e L e a d e r R i s k A d v i s o r y S e r v i c e s Experis -- a different kind of talent company. Experis Tuesday, January 08,

More information

Third-Party Risk Management: Busting Myths and Telling Truths

Third-Party Risk Management: Busting Myths and Telling Truths Third-Party Risk Management: Busting Myths and Telling Truths Richik Sarkar, Esq. McDonald Hopkins LLC 600 Superior Avenue, East, Suite 2100 Cleveland, OH 44114 (216) 430-2009 rsarkar@mcdonaldhopkins.com

More information

BUSINESS PROCESS TRANSITION

BUSINESS PROCESS TRANSITION BUSINESS PROCESS TRANSITION Managing a Successful Business Process Transition in a Multinational Organization Andrew Tattersall, Director United Kingdom, ISG www.isg-one.com INTRODUCTION Selecting a service

More information

OUTSOURCING MANAGEMENT

OUTSOURCING MANAGEMENT OUTSOURCING MANAGEMENT Using Contract Management and Performance Tools Effectively in Outsourcing Management Tina Roy, Partner Governance Services, ISG www.isg-one.com INTRODUCTION The market is full of

More information

ORDER-TO-CASH OUTSOURCING

ORDER-TO-CASH OUTSOURCING ORDER-TO-CASH OUTSOURCING Finance and Accounting BPO Buyers Moving Toward Process-Based OTC Outsourcing Kerrie Freeman, Director, ISG www.isg-one.com INTRODUCTION To date, the majority of order-to-cash

More information

SAFETY FIRST. Emerging Trends in IT Disaster Recovery. By Cindy LaChapelle, Principal Consultant. www.isg-one.com

SAFETY FIRST. Emerging Trends in IT Disaster Recovery. By Cindy LaChapelle, Principal Consultant. www.isg-one.com SAFETY FIRST Emerging Trends in IT Disaster Recovery By Cindy LaChapelle, Principal Consultant www.isg-one.com INTRODUCTION Against a backdrop of increasingly integrated and interdependent global service

More information

RENEWALS AND RETENTIONS

RENEWALS AND RETENTIONS RENEWALS AND RETENTIONS Mortgage Lenders Focus on Plugging the Leaks Arabella Volkers, Principal Consultant, ISG www.isg-one.com INTRODUCTION A changing economic landscape is driving mortgage lenders to

More information

White Paper THE FIVE STEPS TO MANAGING THIRD-PARTY RISK. By James Christiansen, VP, Information Risk Management

White Paper THE FIVE STEPS TO MANAGING THIRD-PARTY RISK. By James Christiansen, VP, Information Risk Management White Paper THE FIVE STEPS TO MANAGING THIRD-PARTY RISK By James Christiansen, VP, Information Management Executive Summary The Common Story of a Third-Party Data Breach It begins with a story in the newspaper.

More information

Automation and the Back Office

Automation and the Back Office Automation and the Back Office How robotics and cognitive computing are changing the workplace By Rob Brindley, Director; Patrick Huarng, Senior Consultant; and TJ Young, Consultant www.isg-one.com INTRODUCTION

More information

Attracting pension plan assets What alternative investment managers need to know

Attracting pension plan assets What alternative investment managers need to know www.pwc.com/us/assetmanagement Attracting pension plan assets What alternative investment managers need to know February 2012 At a glance Retirement plan sponsors are continuing to give alternative investments,

More information

The New Third-Party Oversight Framework: Trust but Verify kpmg.com

The New Third-Party Oversight Framework: Trust but Verify kpmg.com Financial Services Regulatory Point of View The New Third-Party Oversight Framework: Trust but Verify kpmg.com The New Third-Party Oversight Framework: Trust but Verify 1 Financial services regulatory

More information

The rise of third party relationships means rise in risk and regulation. Non-compliance is risky business for financial institutions

The rise of third party relationships means rise in risk and regulation. Non-compliance is risky business for financial institutions The rise of third party relationships means rise in risk and regulation Non-compliance is risky business for financial institutions Increasing dependency on third parties by banks has resulted in mandatory

More information

NAVIGATING THE BUDGETING SOLUTION LANDSCAPE

NAVIGATING THE BUDGETING SOLUTION LANDSCAPE NAVIGATING THE BUDGETING SOLUTION LANDSCAPE Enhanced Capabilities Must Match Specific Needs By Jason Beal, Partner, ISG www.isg-one.com INTRODUCTION Government and education budgeting professionals face

More information

March 2015. Internal audit insights High impact areas of focus

March 2015. Internal audit insights High impact areas of focus March 2015 Internal audit insights High impact areas of focus Introduction Internal audit is widely, if not universally, viewed as a key pillar in effective governance with expectations of internal audit

More information

OUTSOURCING CENTERS OF EXCELLENCE

OUTSOURCING CENTERS OF EXCELLENCE OUTSOURCING CENTERS OF EXCELLENCE Observations on the Current Market Practice for Outsourcing CoEs An ISG Research Report Cynthia Hollandsworth Batty, Director, ISG, and Dianne Smock, Partner, ISG www.isg-one.com

More information

Vendor Management Program Office Onshore or offshore?

Vendor Management Program Office Onshore or offshore? Vendor Management Program Office Onshore or offshore? Deloitte s previous article 1 discusses the five most common challenges which have prohibited clients from optimizing their Vendor Management (VM)

More information

DEFINING THE RIGH DATA PROTECTION STRATEGY

DEFINING THE RIGH DATA PROTECTION STRATEGY DEFINING THE RIGH DATA PROTECTION STRATEGY The Nuances of Backup and Recovery Solutions By Cindy LaChapelle, Principal Consultant, ISG www.isg-one.com INTRODUCTION Most organizations have traditionally

More information

building a business case for governance, risk and compliance

building a business case for governance, risk and compliance building a business case for governance, risk and compliance contents introduction...3 assurance: THe last major business function To be integrated...3 current state of grc: THe challenges... 4 building

More information

Your asset is your business. The more challenging the economy, the more valuable the asset becomes. Decisions are magnified. Risk is amplified.

Your asset is your business. The more challenging the economy, the more valuable the asset becomes. Decisions are magnified. Risk is amplified. Asset management Your asset is your business. The more challenging the economy, the more valuable the asset becomes. Decisions are magnified. Risk is amplified. Data is about more than numbers. It tells

More information

MANAGING EMPLOYEE REDEPLOYMENT

MANAGING EMPLOYEE REDEPLOYMENT MANAGING EMPLOYEE REDEPLOYMENT Creating Value Through Opportunity Sarah Seabury, Director, ISG www.isg-one.com INTRODUCTION The management of corporate redeployments is a business discipline that most

More information

Driving performance and value through strategic vendor management

Driving performance and value through strategic vendor management Banking and Capital Markets Driving performance and value through strategic vendor management As companies face increasing pressure to reduce costs and improve productivity and efficiency, many are looking

More information

IT Insights. Managing Third Party Technology Risk

IT Insights. Managing Third Party Technology Risk IT Insights Managing Third Party Technology Risk According to a recent study by the Institute of Internal Auditors, more than 65 percent of organizations rely heavily on third parties, yet most allocate

More information

DOUBLECHECK VENDOR MANAGEMENT

DOUBLECHECK VENDOR MANAGEMENT August 2014 DOUBLECHECK VENDOR MANAGEMENT Managing Risk & Compliance Across 3rd Party Relationships SOLUTION VIEWPOINT Governance, Risk Management & Compliance Insight 2014 GRC 20/20 Research, LLC. All

More information

APICS INSIGHTS AND INNOVATIONS SUPPLY CHAIN RISK CHALLENGES AND PRACTICES

APICS INSIGHTS AND INNOVATIONS SUPPLY CHAIN RISK CHALLENGES AND PRACTICES APICS INSIGHTS AND INNOVATIONS SUPPLY CHAIN RISK CHALLENGES AND PRACTICES APICS INSIGHTS AND INNOVATIONS ABOUT THIS REPORT This report examines the role that supply chain risk management plays in organizations

More information

Tapping the benefits of business analytics and optimization

Tapping the benefits of business analytics and optimization IBM Sales and Distribution Chemicals and Petroleum White Paper Tapping the benefits of business analytics and optimization A rich source of intelligence for the chemicals and petroleum industries 2 Tapping

More information

GUIDANCE FOR MANAGING THIRD-PARTY RISK

GUIDANCE FOR MANAGING THIRD-PARTY RISK GUIDANCE FOR MANAGING THIRD-PARTY RISK Introduction An institution s board of directors and senior management are ultimately responsible for managing activities conducted through third-party relationships,

More information

At Risk. In this Issue: Avoiding a world of hurt: Knowing your counterparties before you engage. Volume 8, No. 1. kpmg.ca/atrisk.

At Risk. In this Issue: Avoiding a world of hurt: Knowing your counterparties before you engage. Volume 8, No. 1. kpmg.ca/atrisk. At Volume 8, No. 1 In this Issue: Avoiding a world of hurt: Knowing your counterparties before you engage Regulatory Threats Operations Emerging Markets Management Canadian Organizations Supply Chains

More information

Who s next after TalkTalk?

Who s next after TalkTalk? Who s next after TalkTalk? Frequently Asked Questions on Cyber Risk Fraud threat to millions of TalkTalk customers TalkTalk cyber-attack: website hit by significant breach These are just two of the many

More information

Growing Vendor Management

Growing Vendor Management V E N D O R M A N A G E M E N T P R O F I L E S E R I E S A Wh it e Pap e r by Ve n d or I NS I G HT an d C MPG, L L C Growing Vendor Management as a Sustainable Business Process with Automated Vendor

More information

OCC 98-3 OCC BULLETIN

OCC 98-3 OCC BULLETIN To: Chief Executive Officers and Chief Information Officers of all National Banks, General Managers of Federal Branches and Agencies, Deputy Comptrollers, Department and Division Heads, and Examining Personnel

More information

Vendor Risk Management in the New Regulatory Environment. kpmg.com

Vendor Risk Management in the New Regulatory Environment. kpmg.com Vendor Risk Management in the New Regulatory Environment kpmg.com Vendor Risk Management in the New Regulatory Environment 2 Vendor Risk Management in the New Regulatory Environment Background Regulators

More information

SUPPLY CHAIN & PROCUREMENT INSIGHTS REPORT CANADA, ARE WE FALLING BEHIND?

SUPPLY CHAIN & PROCUREMENT INSIGHTS REPORT CANADA, ARE WE FALLING BEHIND? GRAND & TOY 2012 SUPPLY CHAIN & PROCUREMENT INSIGHTS REPORT CANADA, ARE WE FALLING BEHIND? Research conducted by TABLE OF CONTENTS Overview... 3 Procurement Tactically Focused but Evolving...4 Communication

More information

Statement for the Record by. Dr. Donald M. Kerr. Director, National Reconnaissance Office, Nominee for the Position of

Statement for the Record by. Dr. Donald M. Kerr. Director, National Reconnaissance Office, Nominee for the Position of Statement for the Record by Dr. Donald M. Kerr Director, National Reconnaissance Office, Nominee for the Position of Principal Deputy Director of National Intelligence, before the Senate Select Committee

More information

Change Management Trends in Governance Structures

Change Management Trends in Governance Structures Change Management Trends in Governance Structures Cheryl Yaeger BenchMark Consulting International OVERVIEW Financial institutions are operating in a very dynamic marketplace today; this requires the ability

More information

How Lenders Manage Third Party Vendor Compliance for Field Services. Whitepaper

How Lenders Manage Third Party Vendor Compliance for Field Services. Whitepaper How Lenders Manage Third Party Vendor Compliance for Field Services Whitepaper November 2014 Contents Introduction Current Compliance Issues New Law, New Rules The Software Powering the Solution The Value

More information

UNLOCKING VALUE IN OPERATIONAL ASSETS

UNLOCKING VALUE IN OPERATIONAL ASSETS UNLOCKING VALUE IN OPERATIONAL ASSETS Can asset monetization benefit your company? By Bill Miller and Rich Wightman, ISG Directors www.isg-one.com INTRODUCTION Asset monetization is a business transaction

More information

White Paper on Financial Institution Vendor Management

White Paper on Financial Institution Vendor Management White Paper on Financial Institution Vendor Management Virtually every organization in the modern economy relies to some extent on third-party vendors that facilitate business operations in a wide variety

More information

Remarks by. Thomas J. Curry Comptroller of the Currency. Before a Meeting of CES Government. Washington, DC April 16, 2014

Remarks by. Thomas J. Curry Comptroller of the Currency. Before a Meeting of CES Government. Washington, DC April 16, 2014 Remarks by Thomas J. Curry Comptroller of the Currency Before a Meeting of CES Government Washington, DC April 16, 2014 Good afternoon. It s a pleasure to finally be here with you. I had very much hoped

More information

IT Outsourcing. Third Time Lucky? Winter 2014/15 INSIGHTS

IT Outsourcing. Third Time Lucky? Winter 2014/15 INSIGHTS INSIGHTS IT Outsourcing Third Time Lucky? Coeus Consulting looks at whether the emerging third generation sourcing models are the end of the journey or is a fourth generation on the way? Winter 2014/15

More information

SERVICE MANAGEMENT & GOVERNANCE CHALLENGES. Are You Ready for the IT Service Management & Governance Challenges Ahead? An ISG Research Report

SERVICE MANAGEMENT & GOVERNANCE CHALLENGES. Are You Ready for the IT Service Management & Governance Challenges Ahead? An ISG Research Report SERVICE MANAGEMENT & GOVERNANCE CHALLENGES Are You Ready for the IT Service Management & Governance Challenges Ahead? An ISG Research Report Andrea Spiegelhoff, Director, ISG; and Denise Colgan, Director,

More information

Simplify the Complexity of Managing 3rd Party Anti-Bribery / FCPA Compliance

Simplify the Complexity of Managing 3rd Party Anti-Bribery / FCPA Compliance Simplify the Complexity of Managing 3rd Party Anti-Bribery / FCPA Compliance Arm Stakeholders with Critical Information to Assess 3rd Party Relationships and Comply with the Foreign Corrupt Practices Act

More information

RAISING THE STAKES. Improving Branch Counter Productivity. Arabella Volkers, Principal Consultant, ISG; and Roger Warner, Senior Consultant, ISG

RAISING THE STAKES. Improving Branch Counter Productivity. Arabella Volkers, Principal Consultant, ISG; and Roger Warner, Senior Consultant, ISG RAISING THE STAKES Improving Branch Counter Productivity Arabella Volkers, Principal Consultant, ISG; and Roger Warner, Senior Consultant, ISG www.isg-one.com EXECUTIVE SUMMARY Retail banks today have

More information

Achieving Control: The Four Critical Success Factors of Change Management. Technology Concepts & Business Considerations

Achieving Control: The Four Critical Success Factors of Change Management. Technology Concepts & Business Considerations Achieving Control: The Four Critical Success Factors of Change Management Technology Concepts & Business Considerations T e c h n i c a l W H I T E P A P E R Table of Contents Executive Summary...........................................................

More information

Information Security Management System for Microsoft s Cloud Infrastructure

Information Security Management System for Microsoft s Cloud Infrastructure Information Security Management System for Microsoft s Cloud Infrastructure Online Services Security and Compliance Executive summary Contents Executive summary 1 Information Security Management System

More information

Vendor Management Best Practices

Vendor Management Best Practices 23 rd Annual and One Day Seminar Vendor Management Best Practices Catherine Bruder CPA, CITP, CISA, CISM, CTGA Michigan Texas Florida Insight. Oversight. Foresight. SM Doeren Mayhew Bruder 1 $100 billion

More information

The future of application outsourcing: making the move from tactical to strategic

The future of application outsourcing: making the move from tactical to strategic IBM Global Business Services White Paper The future of application outsourcing: making the move from tactical to strategic Application Services Page 2 Contents 2 Introduction 2 Success brings new challenges

More information

Data Quality for BASEL II

Data Quality for BASEL II Data Quality for BASEL II Meeting the demand for transparent, correct and repeatable data process controls Harte-Hanks Trillium Software www.trilliumsoftware.com Corporate Headquarters + 1 (978) 436-8900

More information

Network Management Services: A Cost-Effective Approach to Complexity

Network Management Services: A Cost-Effective Approach to Complexity Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com I D C E X E C U T I V E B R I E F Network Management Services: A Cost-Effective Approach to Complexity

More information

Outsourcing in the Financial Services Industry: Finding Opportunities and Managing Risk. New York. OCC and FRB Guidance on Managing Third-Party Risk

Outsourcing in the Financial Services Industry: Finding Opportunities and Managing Risk. New York. OCC and FRB Guidance on Managing Third-Party Risk March 24, 2014 If you have any questions regarding the matters discussed in this memorandum, please contact the following attorneys or your regular Skadden contact. Stuart D. Levi New York / 212.735.2750

More information

Managing specialty finance compliance requirements with a compliance management system

Managing specialty finance compliance requirements with a compliance management system Managing specialty finance compliance requirements with a compliance management system Prepared by: Andrew Amrine, Supervisor, RSM US LLP andrew.amrine@rsmus.com, +1 253 382 2239 September 2013 For over

More information

Board Matters Quarterly Critical insights for today s audit committee

Board Matters Quarterly Critical insights for today s audit committee EY Center for Board Matters Board Matters Quarterly Critical insights for today s audit committee In this issue Dealing with big data 02 The board s role in addressing data and analytics Directors need

More information

1 Deloitte s From Bangalore to Boston: The trend of bringing IT back in-house 2013

1 Deloitte s From Bangalore to Boston: The trend of bringing IT back in-house 2013 The Vendor Management Program Office (VMPO): Five Deadly Sins of Vendor Management Are hurdles blocking you from getting the most out of your third party relationships? As used in this document, Deloitte

More information

Knowing your customers and their customers and their customers and so on and so on

Knowing your customers and their customers and their customers and so on and so on Knowing your customers and their customers and their customers and so on and so on Identifying your Third-Party s and their Nested s This ACH risk management white paper provides an overview of ACH relationships

More information

Data Quality Governance: Proactive Data Quality Management Starting at Source

Data Quality Governance: Proactive Data Quality Management Starting at Source Data Quality Governance: Proactive Data Quality Management Starting at Source By Paul Woodlock, Clavis Technologies About the Author: Paul Woodlock is a business process and management expert with nearly

More information

Accenture Risk Management. Industry Report. Life Sciences

Accenture Risk Management. Industry Report. Life Sciences Accenture Risk Management Industry Report Life Sciences Risk management as a source of competitive advantage and high performance in the life sciences industry Risk management that enables long-term competitive

More information

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com WHITE PAPER Integrated Application Life-Cycle Management: Accelerating Innovation, Reducing Costs, and Improving Quality Sponsored by: SAP Melinda-Carol Ballou April 2010 Global Headquarters: 5 Speen Street

More information

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES POINT OF VIEW CYBERSECURITY IN FINANCIAL SERVICES Financial services institutions are globally challenged to keep pace with changing and covert cybersecurity threats while relying on traditional response

More information

VENDOR MANAGEMENT. General Overview

VENDOR MANAGEMENT. General Overview VENDOR MANAGEMENT General Overview With many organizations outsourcing services to other third-party entities, the issue of vendor management has become a noted topic in today s business world. Vendor

More information

ON-PREMISES, CONSUMPTION-BASED PRIVATE CLOUD CREATES OPPORTUNITY FOR ENTERPRISE OUT-TASKING BUYERS

ON-PREMISES, CONSUMPTION-BASED PRIVATE CLOUD CREATES OPPORTUNITY FOR ENTERPRISE OUT-TASKING BUYERS ON-PREMISES, CONSUMPTION-BASED PRIVATE CLOUD CREATES OPPORTUNITY FOR ENTERPRISE OUT-TASKING BUYERS By Stanton Jones, Analyst, Emerging Technology www.isg-one.com INTRODUCTION Given the explosion of data

More information

Cisco SAFE: A Security Reference Architecture

Cisco SAFE: A Security Reference Architecture Cisco SAFE: A Security Reference Architecture The Changing Network and Security Landscape The past several years have seen tremendous changes in the network, both in the kinds of devices being deployed

More information

Outsourcing & Regulatory Compliance Risks

Outsourcing & Regulatory Compliance Risks Outsourcing & Regulatory Compliance Risks By Matthew Sullivan Today s marketplace dictates that Financial Services Institutions (FSIs) consider using offshore IT services to remain competitive. However,

More information

Financial Services FINANCIAL SERVICES UTILITIES 57 FINANCIAL SERVICES AND UTILITIES 2016-2018 BUSINESS PLAN. CR_2215 Attachment 1

Financial Services FINANCIAL SERVICES UTILITIES 57 FINANCIAL SERVICES AND UTILITIES 2016-2018 BUSINESS PLAN. CR_2215 Attachment 1 CR_2215 Attachment 1 Financial Services FINANCIAL SERVICES & UTILITIES 57 FINANCIAL SERVICES AND UTILITIES 2016-2018 BUSINESS PLAN Acting Branch Manager: Stacey Padbury Table of Contents INTRODUCTION Our

More information

IBM Information Technology Services Global sourcing.

IBM Information Technology Services Global sourcing. IBM Information Technology Services Global sourcing. Move with agility and challenge competitors worldwide. Globalization. Growth. Compliance.» The challenges that you face today in the financial services

More information

Responding to Regulatory Activity: 6 Vital Areas to Gauge the Effectiveness of your Regulatory Change Management Process

Responding to Regulatory Activity: 6 Vital Areas to Gauge the Effectiveness of your Regulatory Change Management Process Whitepaper Responding to Regulatory Activity: 6 Vital Areas to Gauge the Effectiveness of your Regulatory Change Management Process By Amy Downey, U.S. Banking and Regulatory Expert, Risk & Compliance,

More information

Infrastructure consulting. Global Infrastructure

Infrastructure consulting. Global Infrastructure Infrastructure consulting Global Infrastructure Services Operational costs systems availability compliance and security energy and power usage disaster recovery all contribute to today s increasingly complex

More information

Saving Money in Sourcing Contracts and Other Outsourcing Issues

Saving Money in Sourcing Contracts and Other Outsourcing Issues Saving Money in Sourcing Contracts and Other Outsourcing Issues Houston Energy Conference Paul Roy Partner (312) 701 7370 May 2009 proy@mayerbrown.com Mayer Brown is a global legal services organization

More information

Part A OVERVIEW...1. 1. Introduction...1. 2. Applicability...2. 3. Legal Provision...2. Part B SOUND DATA MANAGEMENT AND MIS PRACTICES...

Part A OVERVIEW...1. 1. Introduction...1. 2. Applicability...2. 3. Legal Provision...2. Part B SOUND DATA MANAGEMENT AND MIS PRACTICES... Part A OVERVIEW...1 1. Introduction...1 2. Applicability...2 3. Legal Provision...2 Part B SOUND DATA MANAGEMENT AND MIS PRACTICES...3 4. Guiding Principles...3 Part C IMPLEMENTATION...13 5. Implementation

More information

6/8/2016 OVERVIEW. Page 1 of 9

6/8/2016 OVERVIEW. Page 1 of 9 OVERVIEW Attachment Supervisory Guidance for Assessing Risk Management at Supervised Institutions with Total Consolidated Assets Less than $50 Billion [Fotnote1 6/8/2016 Managing risks is fundamental to

More information

The PNC Financial Services Group, Inc. Business Continuity Program

The PNC Financial Services Group, Inc. Business Continuity Program The PNC Financial Services Group, Inc. Business Continuity Program 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis (BIA) Page

More information

risk management & crisis response Building a Proactive Risk Management Program

risk management & crisis response Building a Proactive Risk Management Program October 2014 risk management & crisis response Building a Proactive Risk Management Program Increasingly, businesses face a myriad of issues that expose them and their officers and directors to litigation,

More information

Strategies for assessing cloud security

Strategies for assessing cloud security IBM Global Technology Services Thought Leadership White Paper November 2010 Strategies for assessing cloud security 2 Securing the cloud: from strategy development to ongoing assessment Executive summary

More information