Third Party Risk Management
Establishing the Right Metrics and Monitoring Practices to Meet Regulator Outsourcing Requirements
Elspeth Bowler
Managing Director, Operational Risk Division
OSFI
PJ Fournier
Associate Director, Risk & Compliance
Protiviti
- Applying a risk-based approach to outsourcing activities
- Setting clear, enforceable contracts with vendors
- Strengthening effective monitoring and oversight: Best practices for engaging with vendors
- Exploring examples of strong vendor oversight from the regulator
- Establishing safeguards to ensure compliance with legislative requirements for location of records
- Building a contingency plan for potential service disruptions to ensure business lines remain operational and compliant
