Third party risk is currently a 'hot topic' within the Financial Services sector and senior executives across many organisations in the industry are having discussions to agree strategies, procedures and policies to mitigate the risks posed by third parties. This short blog is the first in a series of three which cover the topic of third party risk. In this first blog, we explore the use of contract compliance inspections in order to obtain assurance over third parties as well as generating significant financial recoveries.

A recent compliance inspection of a global investment and asset management fund resulted in the following observations:

  • £1 million+ in non-compliant charges.
  • Multiple off-contract costs and expenses.
  • Potential regulatory non-compliance.
  • Unsupported commercial deals and operations.

When it comes to third party risk, risk functions within many financial services (FS) organisations remain primarily concerned with risk directly linked to capital at stake, transactional and credit risks. This focus however, ignores the continuing rise in internal reliance placed upon third parties in terms of the outsourcing of sizeable portions of operations and third party supplier agreements and as the above case study shows, such risk can have vast impacts to commercial operations.

Business units are always looking to achieve higher efficiencies, lower staffing liabilities and reduce costs across the business model. SLA's, variable pricing models, milestones and incentives frequently feature in these contracts, however such complexities can result in charges and credits being raised under the contract being inaccurate or non-compliant, which lead to tangible financial loss, opportunity cost and limited efficiencies across the operating model.

To combat this, an increasing number of businesses are conducting supplier compliance inspections of their third parties to identify contractual non-compliance, verify third party spend and assess whether benefits and credits due under the contract are correctly allocated.

Similarly, some organisations have begun to perform internal assessments which look at transactional, operational and contractual compliance testing of their own business to address any hidden risks in advance of a customer originating inspection. This holistic attitude to third party risk can help ensure operational efficiency, accuracy and clarity over charges and can also strengthen commercial relationships.

The starting point for a compliance inspection is always to look at the obligations imposed by contractual agreements or regulatory provisions. By creating and maintaining a centralised obligations tracker, each obligation can then be explored with the relevant stakeholder to define its significance to the business model and identify whether, and how, such obligation should be tested for compliance.

Certain types of provisions are typically more complex to test, however once non-compliance is identified and verified, observations can be discussed with the counterparty which can lead to financial recoveries, process enhancements and generally more effective working relationships.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.