Managing third-party risk in a changing regulatory environment

It makes pretty sobering reading—financial services firms in the US face an unprecedented extension of their risk management—not only are they responsible for what they do themselves, but they now have to consider their suppliers and vendors. If these third parties get it wrong, then the bank or credit card firm can find itself on the hook to regulators and consumers for what has happened at one remove. It adds up to a massive expansion of the routine due diligence required by financial services firms and an opportunity for truly innovative conversations with our clients on an unanticipated aspect of risk management.