The 4 Principles

The 4 Principles


 You can download a full copy of the slides from this webinar. 




Full transcript available below:
Hello, everyone, and welcome to today's webinar hosted by me, Joe Boyhan, of MCO and third-party risk expert and president of ONTALA Linda Tuck Chapman. 

The principles of a strong program really have sort of an odd lens on the left-hand side. Audit, compliance, et cetera, so really looking at, "What is a compliance requirement from the legal and regulatory perspective?" You should look at compliance really at two levels. One is certainly at the all-company level. What is required in order to hit the compliance targets? But depending on the mix of business that you have, there will be very specific compliance requirements. For example, if you're a subprime lender, you're going to have some fair lending requirements you have to meet in addition to the standard third party and this is not new to banks, but it's a way to bring visibility to the larger whole of these relationships.

The completeness lens is a really hard one to hit because third parties I'll go on with a little bit later to talk about what actually is a third party because it's a term that's in common use; however, you may not entirely be aware of what that means and what it could entail, but hitting the completeness target is quite hard to do because any institution, any company has hundreds and potentially tens and tens of thousands of relationships, so trying to figure out which are the ones that matter to bring into your program is not an easy task and trying to stay on top of it and current is also not easy, but I'll talk about some ideas that I have. If you look at the other side of the slide, the concept of risk-centric should always be your north star for your program. You should always think about risk-centricity as opposed to simply a compliance focus.

Being risk-centric really means looking at this really from what are the risk categories? How do you identify those risks? How do you assess those risks? How do you manage them and control them? Last, but not least, is risk adjusted. If you don't find a way to risk adjust your program, then you're just going to get crushed under the workload because there's a lot to do. It's a very complex topic and the risk adjusted lens that you want to put on this is how to make sure that you don't accidentally develop a one size fits all or have inappropriate sizing. We'll talk a little bit more about that later, what that might mean and how you might accomplish that. I'm hoping these concepts are not new to you, but maybe thinking about it in terms of a framework would be helpful and the other thing is that, as I said, it's an evolving practice.

It's not likely that you're really hitting on all four cylinders, although you may have been at this for a while and have had the executive sponsorship to get this done. 


Download our whitepaper "Framework for a Third Party Risk Management Program".


This webinar was co-hosted with Linda Tuck Chapman of Ontala Performance Solutions.

Find out how MCO can help

Request a demo today to learn how MyComplianceOffice puts you in command of your compliance program, synchronizing your business needs with regulation. 

Request a Demo



Download our four page Portfolio of Solutions to learn about;

  • Personal Trade Monitoring
  • Gifts & Entertainment
  • Political Contributions
  • Third Party vendor risk management
  • Trade surveillance
  • And more

Brochure Download