Index
Anti-Money Laundering (AML) and sanctions
Behaviour & Culture
CFO Services
Compliance
Cyber security
ESG Risk Management
Forensics & Technology
Internal Audit
IT Risk Management
Third Party Risk Management
Data Management
Third Party Risk Management
More than just a compliance
Financial institutions are increasingly outsourcing business activities in order to reduce costs and improve efficiency and flexibility. Outsourcing activities does not mean that the associated risks and responsibility are also outsourced. Management of the financial institution remains ultimately responsible for all of its activities. Risk events related to outsourced activities could have a major impact on the realisation of strategic objectives of the user organisation. In the financial services sector, risks associated with outsourced activities might even disrupt the financial system as a whole. Hence, the supervisory authorities, like the European Banking Authority (EBA) and the European Insurance and Occupational Pensions Authority (EIOPA) have drafted guidelines to support financial institutions to implement effective internal governance arrangements, with regard to third party risk. The aim of which, is to establish a more harmonised framework for all financial institutions that are within the scope of the supervisor’s mandate.
Adequate measures
To adequately respond to third party risk means to ensure that your organisation has implemented the governance and tools to understand risks associated with the outsourcing to third parties and implementing adequate measures in agreement with the risk appetite and continuously monitor risks and controls. Additionally, financial institutions could leverage from the implementation of an effective Third Party Risk Management process by linking it to performance management. Through the use of effective outsourcing monitoring the performance of the outsourcing is made transparent. It provides insight for the financial institution on the elements that require action to optimise the contract performance and manage the expectations from outsourcing suppliers.
BDO’s expertise and solutions
BDO is able to provide you with all expertise and pragmatic solutions required to comply with all relevant laws and regulations, mitigate risks related to outsourcing and to give a boost to Third Party Risk Management (TPRM) to reach the desired TPRM maturity level. Finally, we believe that good Third Party Risk Management will improve the performance of the organisation as well. The solution, as described below, will always be aligned with the ambition and culture of the organisation.
Third Party Control
BDO has the expertise to implement, audit and optimise the Third Party Risk Management related processes, in line with regulatory requirements.
Third Party Assurance
Besides the audit services for ISAE 3402 and ISAE 3000 standards, BDO also provides advisory services for Third Party Assurance, such as ISAE 3402/3000 implementations or Internal Audits on outsourcing and contract compliance. BDO also helps institutions to implement a system of internal control and be ready for future ISAE assurance audits to demonstrate their level of control.
Continuous Contract Management
BDO has developed an interactive dashboard to continuously monitor the contracts with third parties.
Outsourcing Compliance
Compliance related services are:
implementing laws and regulations;
auditing compliance with laws and regulations;
advisory services on specific compliance related topics;
compliance as a service.
More information
Noël Jansen
Senior Manager Internal Audit, Risk & Compliance
T +31 (0)30 284 98 00
Ruben van der Wouden
Senior Manager IT Audit, Audit & Assurance
T +31 (0)10 242 46 00
Index
Anti-Money Laundering (AML) and sanctions
Behaviour & Culture
CFO Services
Compliance
Cyber security
ESG Risk Management
Forensics & Technology
Internal Audit
IT Risk Management
Third Party Risk Management
Data Management
Noël Jansen
Senior Manager Internal Audit, Risk & Compliance
T +31 (0)30 284 98 00
Ruben van der Wouden
Sr. Manager IT Audit • Audit & Assurance
T +31 (0)10 242 46 00
More information
Third Party Control
BDO has the expertise to implement, audit and optimise the Third Party Risk Management related processes, in line with regulatory requirements.
Third Party Assurance
Besides the audit services for ISAE 3402 and ISAE 3000 standards, BDO also provides advisory services for Third Party Assurance, such as ISAE 3402/3000 implementations or Internal Audits on outsourcing and contract compliance. BDO also helps institutions to implement a system of internal control and be ready for future ISAE assurance audits to demonstrate their level of control.
Continuous Contract Management
BDO has developed an interactive dashboard to continuously monitor the contracts with third parties.
Outsourcing Compliance
Compliance related services are:
implementing laws and regulations;
auditing compliance with laws and regulations;
advisory services on specific compliance related topics;
compliance as a service.
BDO’s expertise and solutions
BDO is able to provide you with all expertise and pragmatic solutions required to comply with all relevant laws and regulations, mitigate risks related to outsourcing and to give a boost to Third Party Risk Management (TPRM) to reach the desired TPRM maturity level. Finally, we believe that good Third Party Risk Management will improve the performance of the organisation as well. The solution, as described below, will always be aligned with the ambition and culture of the organisation.
Adequate measures
To adequately respond to third party risk means to ensure that your organisation has implemented the governance and tools to understand risks associated with the outsourcing to third parties and implementing adequate measures in agreement with the risk appetite and continuously monitor risks and controls. Next to that, financial institutions could leverage from the implementation of an effective Third Party Risk Management process by linking it to performance management. Through the use of effective outsourcing monitoring the performance of those activities is made transparant. It provides insight for the financial institution on the elements that require action to optimize the contract performance and manage the expectations from outsourcing suppliers.
More than just a compliance
Financial institutions are increasingly outsourcing business activities in order to reduce costs and improve efficiency and flexibility. Outsourcing activities does not mean that the associated risks and responsibility are also outsourced. Management of the financial institution remains ultimately responsible for all of its activities. Risk events related to outsourced activities could have a major impact on the realization of strategic objectives of the user organisation. In the financial services sector, risks associated with outsourced activities might even disrupt the financial system as a whole. Hence, the supervisory authorities, like the European Banking Authority (EBA) and the European Insurance and Occupational Pensions Authority (EIOPA) have drafted guidelines to support financial institutions to implement effective internal governance arrangements, with regard to third party risk. The aim of which, is to establish a more harmonised framework for all financial institutions that are within the scope of the supervisor’s mandate.
Third Party Risk Management