Strengthening Third-Party Risk Management: Navigating Governance, Resilience, and Regulatory Hurdles

Article

This article explores how strong governance enables swift decision-making, addresses the challenges of coordinating multiple stakeholders, and emphasizes the importance of robust oversight in areas like information security and resilience. Additionally, it discusses the complexities of balancing global and local regulatory demands, and the distinctions between managing third-party providers and intragroup relationships.

Sep 05, 2024

Birgit Biondi, Head of Global Third Party Management Function, Munich Re

Strengthening Third-Party Risk Management: Navigating Governance, Resilience, and Regulatory Hurdles

The views and opinions expressed in this content are those of the thought leader as an individual and are not attributed to CeFPro or any other organization

A clear governance structure is essential for swift decision-making and aligning third-party activities with company objectives and risk appetite.
Defining responsibility for resilience in third-party risk management is challenging due to diverse stakeholders and the need for cross-functional collaboration.
Aligning governance structures with evolving regulatory requirements, like DORA, is vital to staying ahead of compliance demands in a dynamic IT environment.
Key oversight areas for third-party providers include information security, data privacy, and business continuity management, with a particular focus on adapting to new regulatory standards.