SIG University Certified Third-Party Risk Management Professional (C3PRMP) program graduate Jaclyn Seals discusses how taking the C3PRMP program has given her the resources to grow in her role and the expertise to be an asset to her team.

 When I first registered for this course, I wasn’t exactly sure what to expect. I initially thought I would learn a lot of things that I was completely unaware of. I was pleasantly surprised to see that I was learning the “why” behind the changes my organization has been implementing over the past two years.

This course took me deeper into what I need to know to be a successful third-party risk management professional (TPRMP). I will discuss how my organization has evolved, how it has impacted me, and how this course helped me see how I can grow more effectively through these changes.

Evolving into Third-Party Risk Management

My journey as a TPRMP started four years ago. At that time, we were known as Vendor Relationship Managers. My job was to perform the ongoing monitoring task. At that time, I did not know that I was performing a TPRM function under the Enterprise Third-Party Risk Management Framework (ETPRM).  

It wouldn’t be until two years into my role that ETPRM was introduced to us. I remember being told that things were changing, and my role was going to evolve quickly. My leadership team was not kidding! Not only have I have learned more than I ever imagined, but my role has also significantly changed during this time. 

Implementing the Enterprise Third-Party Risk Management Framework

The change to my role is largely due to heightened regulatory requirements that my organization has put in place. We were never really that “big” to have all eyes on us. Due to our significant growth over the past several years, we are now seen as a large financial institution.

SIG University Certified Third-Party Risk Management Professional (C3PRMP) program graduate Sandra Ilogu discusses how critical the relationship manager is to third-party risk.

The Relationship Manager is the first line of organizational defense, tasked with ownership of relationships and risks. The overall accountability of these risks, the performance and the cost management for the supplier through the life of the relationship are also key focus points.

I will discuss how the Relationship Manager (RM) functions as the nucleus of Third-Party Risk Management (TPRM) activities for a supplier with the following points.

Provides Information for Reviews and Decides on Risk Acceptance for a Third Party

It is understood that the liability of our third parties is ultimately ours. This means that the liability of the third parties of our third parties (i.e., our subcontractors) also becomes ours. An effective framework in which risk is indicated and mitigated is essential for our suppliers and subcontractors.

In such a framework, exit strategies and termination processes are set in place for cases in which the risk cannot be mitigated or when a contract needs to be terminated. These are defined by the Relationship Manager, who provides information on the supplier and finds out if there are subcontractors involved. Responses provided will trigger due diligence risk areas for information from the supplier. 

Once the relationship is fully defined and risks are highlighted, it is the responsibility of the Relationship Manager to determine whether or not to accept the risk and contract with the supplier.

SIG University Certified Third-Party Risk Management Professional (C3PRMP) program graduate Michele Wesseling discusses balance between satisfying your firm's need to generate revenue and mitigate third-party risk.

Third-party risk management in the financial industry requires careful consideration when developing an operating model. It is essential to consider the regions and regulations that govern. In most of the banking industry, your internal risk culture allows you to easily implement a third-party risk program that methodically measures inherent risk, provides time to assess third party controls and negotiates contracts that enforce controls and mitigates residual risk.

Internal vs. Third-Party

The internal risk culture changes once you enter the world of capital markets where decisions are made quickly, risk is a way of life and patience is a rare quality. Now add the risk of a trade execution platform failing during a stock market dive and counterparties not having the ability to trade for several hours. The outage would be noticed and gain publicity, potentially causing Regulators to investigate. Should this occur and the necessary due diligence steps that would have highlighted this vulnerability were skipped, the repercussions could be costly. Your firm's reputation would be at stake and you most likely will face regulatory scrutiny that could result in fines. Striking a balance between satisfying your firm's need to generate revenue and mitigate third-party risk is an interesting challenge. If your operating model is too slow and cumbersome, your business will most likely attempt to circumvent the process. Careful consideration needs to be taken when aligning your control assessments to the true inherent risk.

SIG University Certified Sourcing Professional (CSP) program graduate Angelica Gardner discusses how CSP modules on internal spend analysis and contract negotiation planning improved her approach to identifying cost efficiencies as a procurement buyer.

As everyone is aware, the COVID-19 pandemic has affected a large portion of the economy’s growth ability, especially in the automotive industry, with declining sales of more than 40%. Companies are having to develop strategic ways to cut costs and provide cost-saving solutions. As a buyer in the manufacturing plant, my responsibility is to identify these cost efficiencies.

To accomplish this task, SIG University's CSP program helped me recognize two areas to improve: internal spend analysis and contract negotiation planning. These areas are complementary skills that have helped me improve my approach these types of situations in the future as a procurement buyer.

INTERNAL SPEND ANALYSIS

As a new procurement agent, having followed industry market trends, company earnings and announcing changes within the organization has given me a leg up in my negotiation strategies. Assessing the environment is vital to understanding business requirements, the company’s vision and our department’s functional goals during this critical time.

In one particular situation, management did not agree with a supplier’s new budget proposal and wanted to reduce cost by an overall savings of $86,000. The lesson teaches us to gather as much data required and perform a spend analysis to determine leverage. After completing a spend analysis from the previous year, we discovered the total spend was consistent with what was done in the past.

SIG University’s Certified Third Party Risk Management Professional (C3PRMP) program is a globally recognized certification that is the “gold standard” in terms of relevance, scope and content. The C3PRMP program was created by Linda Tuck Chapman, an advisor, educator, author and expert, and is based on her experience and her book, Third Party Risk Management: Driving Enterprise Value (published by the Risk Management Association). You’ll soon learn that investing in the C3PRMP designation is an investment that will enhance your knowledge base and deepen your expertise.

Outlined here is information about the upcoming changes and benefits of your C3PRMP designation, as well as a profile of our students.  

What is different about SIG University’s C3PRMP program in 2020? 

In January, the duration of SIG University's C3PRMP program was extended from eight weeks to 10 weeks. Multiple-choice review questions at the end of each module will test all students’ knowledge and require a minimum passing score of 80%.

Members of the Global Association of Risk Professionals (GARP) will continue to earn 20 Continuing Professional Development (CPD) credits, GARP’s highest award for a continuing professional development program.