BLOG — Jun 16, 2023

Regulatory Insights: Interagency Guidance on Third Party Relationships

As supervisory authorities across the globe continue to examine operational resilience in the financial sector, critical third parties, or non-financial organizations who play a critical role in financial markets, have come under focus. As a result, organizations are increasingly expected to actively manage risk in their third-party relationships, and in turn, promote resilient outcomes in the financial sector.

Interagency guidance

On 6 June 2023, the Office of the Comptroller of the Currency (OCC), the Board of Governors of the Federal Reserve System, and the Federal Deposit Insurance Corporation (the agencies) issued the "Interagency Guidance on Third-Party Relationships: Risk Management."

The guidance aims to:

Outline principles underpinning the third-party risk management life cycle and a consistent supervisory approach across agencies.
Recognize that different third-party relationships pose varying levels of criticality to a bank's operations.
Reinforce the view that third-party risk management practices should be developed and implemented proportionately based on the criticality of the activity the third party supports, as well as the bank's risk profile and business model complexity.

Why this development matters

The new guidance is an important milestone in third-party risk management as it replaces each agency's existing guidance and proposes a new, consistent approach to managing risk across the agencies, accounting for all third-party relationships. Specifically, the guidance recognizes:

That banks should not follow a one-size-fits-all approach to identify, assess, monitor, and manage third-party relationship risks. Instead, third-party risk management practices should be based on the level of criticality of the services provided.
The efficiencies involved in collaborating with other banking organizations when performing ongoing monitoring.
The benefit of leveraging independent expertise to carry out due diligence and testing as part of assessing compliance requirements against relevant domestic and international standards.
The importance of engaging external support with the requisite knowledge to supplement in-house technical expertise.

How KY3P® supports the new Interagency Guidance

KY3P® has invested heavily in creating a robust third-party risk methodology that is underpinned by our due diligence and assessment approach. This is done in partnership with the KY3P® user community, delivering a consistent approach aligned to industry standards.
KY3P® is not a one-size-fits-all solution: KY3P® tools and validated data supports risk-based decisions for varying levels of critical suppliers. The KY3P® methodology covers 27 diversified control domains, offering a comprehensive view of third-party risk. Users may opt to adopt a comprehensive framework or map their own framework to it.
As per the guidance, the scope and degree of due diligence should be proportionate to the level of risk and complexity associated with that third-party relationship. KY3P® offers a range of tools for varying levels of risk, including continuous monitoring tools, due diligence questionnaires, and comprehensive assessments. This includes technology to help manage proportionate oversight of the supplier population
KY3P® helps businesses align to best practices and provides the right level of expertise throughout the third-party risk management lifecycle process, including ongoing monitoring.
For smaller organizations, KY3P® Accelerator provides a smooth entry point to Third-Party Risk Management lifecycle and Due Diligence capability.
KY3P® equips users with insightful assessments to allow them to embed resilience in their day-to-day operations, comply, understand threats and vulnerabilities, and anticipate and plan against the impact of emerging risks.

Contact

For further information on Third-Party Risk Management solutions, please contact:

The Americas

P: +1-877-863-1306
E: market.intelligence@spglobal.com

EMEA

P: +44-20-7176-1234
E: market.intelligence@spglobal.com

Asia-Pacific

P: +852-2533-3565
E: market.intelligence@spglobal.com

Copyright © 2023 by S&P Global, a division of S&P Global Inc. All rights reserved. No content, including by framing or similar means, may be reproduced, or distributed without the prior written permission of S&P Global or its affiliates. The content is provided on an "as is" basis. spglobal.com/ky3p

S&P Global provides industry-leading data, software and technology platforms and managed services to tackle some of the most difficult challenges in financial markets. We help our customers better understand complicated markets, reduce risk, operate more efficiently and comply with financial regulation.

This article was published by S&P Global Market Intelligence and not by S&P Global Ratings, which is a separately managed division of S&P Global.

Theme

Financial Services Credit Markets

Location

Global

Segment

Investment Management Investment Banking Commercial Banking Government Insurance Government & Regulatory Agencies Corporations

S&P Global Offerings

Market Intelligence

Ratings

Commodity Insights

S&P Dow Jones Indices

Mobility

Sustainable1

Featured Topics

Featured Products

S&P Capital IQ Pro

Platts Connect

S&P Global ESG Scores

AutoCreditInsight

Ratings360

SPICE: The Index Source for ESG Data

Events

Careers

Market Intelligence

Ratings

Commodity Insights

S&P Dow Jones Indices

Mobility

Sustainable1

S&P Capital IQ Pro

Platts Connect

S&P Global ESG Scores

AutoCreditInsight

Ratings360

SPICE: The Index Source for ESG Data

S&P Global Offerings

Market Intelligence

Ratings

Commodity Insights

S&P Dow Jones Indices

Mobility

Sustainable1

Featured Topics

Featured Products

S&P Capital IQ Pro

Platts Connect

S&P Global ESG Scores

AutoCreditInsight

Ratings360

SPICE: The Index Source for ESG Data

Events

Careers

Market Intelligence

Ratings

Commodity Insights

S&P Dow Jones Indices

Mobility

Sustainable1

S&P Capital IQ Pro

Platts Connect

S&P Global ESG Scores

AutoCreditInsight

Ratings360

SPICE: The Index Source for ESG Data

Featured Products

S&P Capital IQ Pro

RatingsDirect

iLevel

Purchasing Managers' Index

Bond Pricing

RiskGauge Desktop

Supply Chain Console

Power Evaluator

Credit & Risk

Data, Insights, & Advisory

Artificial Intelligence Solutions

Consulting & Advisory

Data & Delivery

Deep Sector Coverage

Defense & National Security

Economic Indicators & Forecasts

Global Risk & Maritime

Investor Relations Services

Enterprise Software & Solutions

Managed Services

Private Markets