Critical risks about third party service providers are not being reported to the boards of financial services companies, according to EY.
While more than 60 per cent of financial services institutions report noncompliant third parties to senior management, less than half of firms escalate the problems to board level.
EY's Global Third Party Risk Management Survey has uncovered that "critical third party information" is only escalated to board level by 41 per cent of organisations – and only 26 per cent of companies report breaches and incidents to the board.
EY surveyed 54 global financial services organisations with third-party risk functions of "varied maturity and sizes" for the report.
Of the six global asset managers included in the EY survey, only one indicated that it reports critical third-party risks to the board – while three (50 per cent) asset managers report third-party breaches to the board level.
The global findings, which include two unnamed Australian institutions, come after revelations of poor corporate governance at AMP that led to the resignation of the CEO and chair on 20 April and 30 April, respectively.
Overall, the EY report concluded there have been "big gains in governance and oversight" when it comes to third-party risk management, but more needs to be done on board reporting and technology integration.
Stimulate new ideas. Stimulate new thinking. Top up your CPD and hear from industry experts with InvestorDaily’s Knowledge Centre. Keep up to date with the latest trends and reforms, all while adding to your CPD. Explore the knowledge centre Knowledge Centre now.
Despite unemployment falling to pre-pandemic levels, the central bank still thinks it’s too early to count its chickens on the success of ...