Third Party Risk Management

Establishing the Right Metrics and Monitoring Practices to Meet Regulator Outsourcing Requirements

November 18, 2020 10:15am

Elspeth Bowler
Managing Director, Operational Risk Division
OSFI

PJ Fournier
Associate Director, Risk & Compliance
Protiviti

  • Applying a risk-based approach to outsourcing activities
  • Setting clear, enforceable contracts with vendors
  • Strengthening effective monitoring and oversight: Best practices for engaging with vendors
  • Exploring examples of strong vendor oversight from the regulator
  • Establishing safeguards to ensure compliance with legislative requirements for location of records
  • Building a contingency plan for potential service disruptions to ensure business lines remain operational and compliant