By Emma Mansfield, Head of Outsourced Services Assurance, Bank of Ireland.
Emma, can you please tell the Risk Insights readers a little bit about yourself, your experiences and what your current professional focus is?
I am the Head of Outsourced Services Assurance with responsibility for Sourcing and Continuity Risk within the First Line, including the design, delivery and embedding of the relevant Frameworks. In addition to this I am passionate about and actively involved in the Banks I&D and CSR programs. Further to this I hold the I&D Council Seat for the GSA UK and Ireland and I’m a member of the IWE.
Can you describe the challenges of defining frameworks and parameters within a first line role?
The main challenge with defining is frameworks within the first line, is that we are only one third of the Banks approach to risk management. As such there are numerous frameworks, supported by assurance and monitoring plans coming from multiple areas. Therefore it’s important to design, deliver and embed a framework that manages risk and ensures brilliant customer outcomes in the most efficient way. It also needs flexibility so that it can quickly adapt to the changing needs of our Regulators, Stakeholders, Customers and Colleagues.
At the Vendor & Third Party Risk EMEA 2018 Summit, you will be speaking on your insight regarding ‘Strengthening process and communication across risk, procurement and business to align frameworks across the lifecycle’. Why is this a key concern right now? And what are the essential things to remember?
This question links to Q4 below. It’s about engaging the relevant SMEs at the right time to ensure appropriate selection, onboarding and oversight of Suppliers. This can be achieved efficiently with appropriate frameworks in place.
What are some of the challenges when meeting the increasing business divisional demands within a life cycle?
One of the main challenges is to ensure that Vendor Managers are appropriately trained and supported with relevant tools to manage suppliers. Often the Supplier Relationship Managers are the business managers and as such are not experts in vendor management. This can impact the end to end lifecycle from onboarding to exit.
Without giving too much away, could you please describe some of the pros and cons for both centralised and decentralised functions.
There are pros and cons for both, depending on whether the Firm’s appetite is for SME in the line/Business Unit or for a centralised Centre of Excellence.
How do you see the vendor & third-party risk landscape evolving over the next 6-12 months?
You can’t answer this question without mentioning Brexit and the potential impact that may have, as well as GDPR.
Understandably from a Regulatory perspective both at home and from a European viewpoint, they are increasingly focused on third party relationships, as well as the chain sourcing that can follow. It is vital that firms have a clear strategy, policy and framework to support their oversight of third party relationships. However, with more positivity seen towards third party management tools, this may become quicker, smarter and more consistent.
You may also be interested in…
