THIS CONTENT IS AVAILABLE TO PREMIUM MEMBERS ONLY
BECOMING A PREMIUM MEMBER IS QUICK AND EASY...
Article
The Compliance Illusion: Why Third-Party Risk Management Needs a Reboot
As regulatory pressures mount, Vendor Risk Europe revealed the disconnect between compliance and true operational resilience. DORA may be driving change, but financial institutions still grapple with siloed teams, outdated processes, and fragile vendor oversight. Real resilience will require cultural transformation, smarter exit planning, and continuous integration of risk into every layer of strategic decision-making.
Jun 16, 2025
Mark Norman, Head of Content, Center for Financial Professionals
Tags:
Vendor and Third Party Risk
The views and opinions expressed in this content are those of the thought leader as an individual and are not attributed to CeFPro or any other organization
- Third-party risk is growing as reliance on external vendors
increases
- DORA highlights the gap between box-ticking compliance and
real resilience
- Fragmentation across IT, risk, and procurement hinders
agility
- Exit planning must shift from legal formality to service
continuity strategy
- Manual DORA reporting processes expose systemic
inefficiencies
- Testing of exit plans is rare, leaving institutions exposed
- Continuous monitoring and vendor data freshness are critical
- Risk must be embedded across all business units, not siloed
- Automation and global data harmonisation are emerging
priorities
- Regulatory change is a catalyst, but culture change is
essential
Log in to continue or register for free
WHAT'S INCLUDED:
Unlimited access to peer-contribution articles and insights
Global research and market intelligence reports
Discover Connect Magazine, a monthly publication
Panel discussion and presentation recordings
Sign in to view comments
Related insights —