How mature are vendor risk management programs?

Published: Thursday, 18 February 2016 08:29

The recently published 2015 Risk Management Association (RMA) Third-Party/ Vendor Risk Management Survey report provides insights into the third-party risk management programs of leading financial services organizations of various asset sizes across the US, Canada, and Europe. The report, featuring the perspectives of 80 financial services institutions, provides detailed information on the current challenges and best practices in third-party risk management. All the participating institutions are regulated by one or more of the following regulators – OCC, FRB, FDIC, State, FINRA, and OSFI (Canada).

The survey is an update to, and extension of, the 2014 Third-Party/ Vendor Risk Management Survey conducted by the RMA, and is designed to track the progress and evolution of third-party risk management practices at financial services companies. Both the 2015 and 2014 surveys were sponsored by MetricStream.

Some key findings from the 2015 RMA survey include: