Financial Services Organizations Developing Maturity in Third-party Risk Management Programs, According to EY Survey

NEW YORK, July 20, 2016 /PRNewswire/ — According to a new survey conducted by Ernst & Young LLP, financial services organizations continue to make significant strides in managing third-party supplier risk, even as challenges persist in the areas of overall organizational knowledge, right-sizing staffing models, optimizing cycle times and integrating technologies across the end-to-end third-party lifecycle.

Shifting Toward Maturity, the fifth annual EY study of third-party risk management (TPRM) across the financial services industry, found that as organizations have finally absorbed the initial impact of sweeping regulatory change in 2013 and 2014 and have solved for core process expectations, many organizations are still adjusting the scope and scale of their risk management programs.  At the same time, survey respondents cited a lack of knowledge across business functions and a pervasiveness of disintegration across third-party (risk) management tools as significant barriers to greater progress and a focus for the coming year.

“Given the increased regulatory scrutiny, it is not surprising that organizations are taking a closer look at their third-party populations, bringing more of them under the scope of their programs, and focusing more closely on risk segmentation,” said Chris Ritterbush, Executive Director, Ernst & Young LLP. “In this respect, financial services organizations are doing a better job of getting their arms around third-party risk. But there is still a lot to be done, especially in knowledge sharing across business areas and technology, where many organizations continue to rely heavily on spreadsheets to conduct vendor assessments.”

Highlights from this year’s survey:

In response to the technology and reporting challenges cited in the survey, organizations have committed to increasing their overall third-party risk management budgets, with more than 95 percent of organizations indicating that they intend to spend the same or more across a number of functional components, including internal staffing, technology/enablement and oversight/governance.

“It is encouraging to see that management has recognized the importance of managing third-party risk and has committed to increasing their investments and resources to help organizations meet the expectations of customers, clients, shareholders and regulators,” added Ritterbush.

The survey of 49 global financial services organizations was conducted between October and December of 2015. Respondents included third-party risk professionals in the retail and commercial banking, investment banking, insurance and asset management sectors.

About EY
EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.

EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit

This news release has been issued by Ernst & Young LLP, a member of the global EY organization that provides services to clients in the US.

Logo –


Leave a Reply

Your email address will not be published. Required fields are marked *