Using Metrics to Improve Your Third-Party Risk Management Program

Similar documents
Benchmarking Your Third Party Risk Management Program

Best Practices for Vendor Risk Profiling

2017 Ethics & Compliance Training Benchmark Report. Data and Insights to Get More Value from Your Program

Policy & Procedure Management: Benchmarking Your Program

Business integrity and sustainable growth: making the intelligent connection Fraud Investigation & Dispute Services

Introducing Being Human

A new look at the ROI of Change Management

2018 Ethics & Compliance Third-Party Risk Management Benchmark Report. Data and Insights to Get More Value from Your Program

Bribery and Corruption

For Anti-Corruption PILOT PROGRAM RESULTS REPORT

Implementing and Managing an Effective Anti Corruption Compliance Program

KPMG s financial management practice

ISO International standard for compliance management

Become a Strategic Partner to the C-Suite & Board: Advance Your Program & Career

Slavery and human trafficking statement 2017

Benchmarking 101: Shaping your E&C Program for Maximum Value

Getting from Here (SW-CMM) to There (CMMI) in a Large Organization

Getting from Here (SW-CMM) to There (CMMI) in a Large Organization

Sustainability s deepening imprint

2018 Ethics & Compliance Policy & Procedure Management Benchmark Report. Data and Insights to Put to Work in Your Program Today

The Impact of Workplace Investigations on Corporate Culture and Vice Versa

Prosci Best Practices in Change Management, 2016 Edition

CORPORATE GOVERNANCE & INTERNAL CONTROL

BRINGING LEADERSHIP TO THE FORE: HOW ORGANIZATIONS IN CHINA ARE MANAGING TALENT IN THE DOWNTURN

Modern Slavery and Human Trafficking Statement

Code of Ethical Conduct for the Sanlam Group

Materiality Assessment Process

From Dubai to Beijing

BENCHMARK YOUR SCORE & BROAD STAKEHOLDER ENGAGEMENT IN SUPPORT OF WELLNESS PLANNING TO GUIDE APPROACH & ACHIEVE IMPACT

Protective Coatings. Markets, Trends & Opportunities

Pulling fraud out of the shadows Global Economic Crime and Fraud Survey Highlights Greece insights

Questionnaire: Anti-Corruption Compliance Program Benchmarking Assessment

2017 The Global ABB Integrity Program.

Strategic Program Management in a Disruptive World

Developing an Integrated Anti-Fraud, Compliance, and Ethics Program

The CHRO Point of View: Asia Pacific. Employee Experiences Drive Business Value

IT Governance Real World 101

Fraud Investigation & Dispute Services. Forensic analysis and global experience: the intelligent connection

Model Risk Management (MRM)

ONGOING MONITORING OF THIRD PARTY RELATIONSHIPS

Slavery and Human Trafficking Statement 2016

Interpreting the Energy Risks from EY s 2016 Global Fraud Survey

Roles of Internal Auditors in the Public Sector

Life Sciences Compliance in Asia

Certified. HR M&A Professional

Modernizing compliance: Moving from value protection to value creation

Third-party risk management. EY Integrity Diligence

2017 AGM presentation

Law Firm Procurement Survey Executive Summary

Why PMOs Fail: Is Your Organization at Risk?

Law Firm Procurement Survey Executive Summary

Improving corporate behavior in a way that positively impacts the world. Anti-Bribery Management Systems ETHISPHERE ISO CERTIFICATION

Strategic Technology Advisory Services. Building a better working world from strategy through execution

Asia Pacific Hot Issue: Company Compliance Programmes with Respect to Third Party Intermediaries

AML and Tax Compliance in the Asia-Pacific Region: Investing in KYC Systems, Data, and Processes

Estimating SOA, As Easy as 1 2 3

Industry insight and global experience: the intelligent connection

Detecting and responding to fraud: making the intelligent connection Fraud Investigation & Dispute Services

Social Responsibility. Executive Briefing. The Millennium Poll on Corporate. Results of the. largest survey ever of. global public opinion

Using a Compliance Program Assessment to Elevate Institutional Compliance Effectiveness

DOING MORE WITH LESS: OBSTACLE OR OPPORTUNITY FOR COMPLIANCE LEADERS

CORPORATE INTELLIGENCE AND RISK SOLUTIONS

Henkel s Compliance Management System (CMS)

HALLMARK I. Top Management, Through the Organization and the Board. Thomas Fox. The Compliance Evangelist

PILOT PROGRAM RESULTS REPORT

How Performance Management Maturity Drives Business Agility and Innovation

The table below compares to the 2009 Essential Elements and the 2018 Enhanced Data Stewardship Elements

2014 Organisational Agility Survey. Key Findings Australia & New Zealand

CGEIT Certification Job Practice

REGULATION AND GROWTH

The top anti-money laundering and sanctions compliance challenges for financial institutions for 2018 and beyond May 2018

BUSINESS APPS FOR SAP SUCCESS FACTORS ON THE SAP CLOUD PLATFORM

Career Development for In-house Lawyers. SHANGHAI, 24 March 2016

CANSO Safety Successful Story

UK GENDER PAY GAP REPORT 2018

ALIGNING YOUR ORGANIZATION STARTS WITH ACCOUNTS PAYABLE

Session 56, Model Governance: What Could Possibly Go Wrong? Part II. Moderator: David R.W. Payne, MAAA, FCAS

Internal Audit of the Future Evolution of Internal Audit Due to Digitisation. Cheryl Khor Asia Pacific Operational Risk Leader Deloitte

Self-Assessment for Corporate Sustainability -September 23, 2013-

Customer Due Diligence (CDD) Market Survey. Survey Results. Copyright 2016 NICE Actimize. All rights reserved.

Unit Manager, North America Americas and Asia Group

Report on Compliance and Ethics

ABA Compliance School Advanced

Office of Business Conduct and Ethics Program Review. Name and Title

Improve GRC Maturity through Combined Assurance

IT Asset Management Software Market Research Report Forecast to 2023

The State of Sustainable Business Results of the 10 th Annual Survey of Sustainable Business Leaders 2018

Leading Practice: Approaches to Organizational Change Management

Summary of disclosures Global Reporting Initiative (GRI) Content Index

UNITED STATES OF AMERICA BEFORE THE FEDERAL ENERGY REGULATORY COMMISSION ) )

Enterprise compliance Acting on today s risks to avoid tomorrow s crises

TECHNOLOGY AND AUDIT: A MUTUAL FUTURE THERESA GRAFENSTINE CHAIR, ISACA BOARD OF DIRECTORS 2/15/2018

The Power of Metrics in Enterprise-wide Project Management

Anti-Bribery & Anti-Corruption Best Practices to Ensure a Compliant Culture

IIROC 2017 Priorities

US BANKING & CAPITAL MARKETS

Session 42, Model Governance: What Could Possibly Go Wrong? Part I. Moderator: David R.W. Payne, MAAA, FCAS

Session 4C: Model Governance: What Could Possibly Go Wrong? (Part I) Moderator: Dwayne Allen Husbands, FSA, MAAA

Trends in Aggregate Spend and Disclosure Reporting and Compliance 2011 *Preliminary Results

Global Third Party Due Diligence

Transcription:

Using Metrics to Improve Your Third-Party Risk Management Program Presented by Randy Stephens & Michael Volkov Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 0

Agenda NAVEX Global s 2017 Third-Party Risk Management Benchmark Report Key Findings Using Metrics to Improve your Third-Party Risk Management Program Key Takeaways & Recommendations Q&A + Additional Resources Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 1

The 2017 Third Party Risk Management Benchmark Report Statistical Snapshot Conducted by an independent research company, collected anonymously 427 respondents across more than 22 industries, Including: Job Level: 8% C-Suite & Senior Executives 42% Senior Managers & Directors 28% Other Management 16% Non-Management Job Function: 25% Ethics & compliance 20% Legal 15% Risk Management Company Size: 38% Large Organizations (5,000+ employees) 34% Medium Organizations (500 5000 employees) 28% Small Organizations (<500 employees) Regions Where Respondents Manage Third Parties: 78% United States 54% Europe 50% Asia 42% Latin America 41% Canada 33% Middle East 32% Australia / New Zealand / Pacific Islands 28% Africa 21% Caribbean Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 2

Key Findings Using Metrics to Improve Your Third-Party Risk Management Program Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 3

Key Findings Risk-Based Programs are Evolving Top program concerns this year have shifted from previous years Budget security has improved Mature programs are aligning with evolving regulatory requirements Automation delivers program sophistication and performance Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 4

Survey Question How concerned are you about your third party risk management program? Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 5

Top Issue: Cyber Security and Data Protection A continual shift over the last three years Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 6

Top Objectives Align to Risk Protection Legal concerns top program objectives for the third consecutive year Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 7

A Shift in Issues in 2017 A shift in issues does not likely alter long term trends Cyber security and data protection is a universal market concern Risk management essentials remain the focus of third party risk programs Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 8

Budget Trends Look Positive Consistent challenges for program stakeholders Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 9

Significant Organizational Risk Lies with Third Parties The third party landscape continues to grow Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 10

Budget Improvements Indicate Increasing Understanding & Maturity A realization of the level and nature of risk Increases in anticipated budgets allow for strategic planning and program consistency Understanding your risk factors helps to define program requirements Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 11

At what maturity level do you believe your program currently resides? Survey Question Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 12

We See an Increase in Program Maturity Risk-based program requirements drive program sophistication Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 13

Improvements in the Approach to Risk Management A risk-based approach drives risk mitigation Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 14

Screening and Monitoring Practices Tied to Program Maturity Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 15

Regulatory Alignment Structures Strong Programs Multiple global regulatory agencies are aligning on program best practice recommendations Mature third party risk management programs tend to align to those recommendations, processes and structure Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 16

Survey Question Do you use a purpose-built automated solution to manage your third party risk management? (i.e., not an office management solution) Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 17

Automated Systems Are a Requirement for Program Success Making the commitment to automated third party risk management is obvious Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 18

Automated Systems Are a Requirement for Program Success Automated solutions allow for more complete risk management Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 19

Program Assessment Defined by Maturity Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 20

Automated Systems Are a Requirement for Program Success Automated systems improve program performance Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 21

Mature Programs See Exceptional Performance Those respondents with advanced programs rate their ability to do the following: Implement a risk-based program: 87% Comply with laws and regulations: 87% Conduct deeper dives where needed: 82% Defensibility of program with enforcement agencies: 83% Accurately define risk: 84% Determine the ROI of the program: 50% Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 22

Mature Programs See Exceptional Performance Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 23

Program Maturity as a Performance Driver Those with reactive and basic programs put themselves at risk Those with maturing and advanced programs are most likely to see better results When seeking a third-party risk management program ROI, keep in mind that automated programs typically deliver measurable results upon which you can build additional program elements Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 24

Using Metrics to Improve Your Third-Party Risk Management Program Using Metrics to Improve Your Third-Party Risk Management Program Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 25

Metrics to Know The point at which managing third parties appears to become more challenging is when the number of third parties reaches 100 57% of all respondents indicate that they pursue a risk-based program that corresponds to the nature and level of risk 38% of respondents update their third party due diligence policy once a year In 2016, 25% of respondents identified none of their third parties as high risk. In 2017, only 3% identified none of their third parties as high risk. Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 26

Metrics to Know 69% of respondents identified or discovered red flags or other negative third-party information through their due diligence processes Among those who use third-party due diligence providers to facilitate their programs, those systems typically return: adverse media reports (64%) government investigations or conviction (59%) connections to government officials (55%) adverse financial information (54%) politically exposed persons (52%) individuals or entities on a government or sanctions watch list (51%). Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 27

Key Takeaways and Recommendations Using Metrics to Improve Your Third-Party Risk Management Program Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 28

Key Takeaways Demonstrating third-party risk management program value Benchmarking your program is critical; identify points of improvement Secure an annual budget and executive support Understand where your program lies on the the maturity index strive for improvement Consider how you will measure program effectiveness Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 29

Additional Third Party Risk Management Assets Third Party Risk Management Thought Leadership: http:// White Paper: How to go from Manual to Automated Third Party Due Diligence Monitoring: Ten Steps to Success White Paper: Anti-Bribery & Corruption Risk Assessment Checklist White Paper: What to Ask: Assessing Third Party Risk Management Solutions Guide: A Prescriptive Guide to Third Party Risk Management Guide: Definitive Guide to Third Party Risk Management More Benchmarking Resources From NAVEX Global: o o o 2017 Hotline Benchmark Report & Toolkit 2017 Policy Management Benchmark Report 2017 Ethics & Compliance Training Benchmark Report Become a member of our community-driven resource library: ComplianceNext.com Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 30

Questions Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 31

Thank You Copyright 2017 NAVEX Global, Inc. All Rights Reserved. Page 32

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback