Description:
Third-party risk management is no longer just a compliance requirement—it’s a critical component of operational resilience and strategic oversight. Today’s vendors are not only partners but also potential sources of reputational, operational, cybersecurity, and regulatory risk. The toughest part? Knowing what to ask, what to verify, and how to keep up with changing expectations—especially in a world where artificial intelligence is transforming how vendors deliver services and manage data. In this session, we’ll explore how to sharpen your risk management practices, what due diligence looks like in 2025, and how to evaluate third parties using AI-driven insights without introducing new vulnerabilities. Whether you're reviewing fintech partners, core processors, or outsourced compliance solutions, this training will arm you with the questions, frameworks, and practical tools to do it smarter and safer.
Agenda:
Reframing Third-Party Risk in 2025: Why due diligence is more than just paperwork—and what regulators expect today.
Beyond the Checklist: Identifying Risk by Function and Impact: How to assess the true risk profile of a vendor beyond surface-level responses.
Where AI Fits in TPRM: Leveraging AI to streamline assessments, monitor performance, and flag emerging risks—without getting blindsided.
AI as a Vendor: When the Third Party Is the Algorithm: Special considerations when outsourcing to vendors who deploy or operate AI tools.
Contracts, Controls, and Ongoing Oversight: What good monitoring looks like—and how to stay engaged without micromanaging.
Case Studies & Red Flags: Real-world examples of failures, near-misses, and what strong programs are doing differently.