SIG University Certified Third-Party Risk Management Professional (C3PRMP) program graduate Sandra Ilogu discusses how critical the relationship manager is to third-party risk.

The Relationship Manager is the first line of organizational defense, tasked with ownership of relationships and risks. The overall accountability of these risks, the performance and the cost management for the supplier through the life of the relationship are also key focus points.

I will discuss how the Relationship Manager (RM) functions as the nucleus of Third-Party Risk Management (TPRM) activities for a supplier with the following points.

Provides Information for Reviews and Decides on Risk Acceptance for a Third Party

It is understood that the liability of our third parties is ultimately ours. This means that the liability of the third parties of our third parties (i.e., our subcontractors) also becomes ours. An effective framework in which risk is indicated and mitigated is essential for our suppliers and subcontractors.

In such a framework, exit strategies and termination processes are set in place for cases in which the risk cannot be mitigated or when a contract needs to be terminated. These are defined by the Relationship Manager, who provides information on the supplier and finds out if there are subcontractors involved. Responses provided will trigger due diligence risk areas for information from the supplier. 

Once the relationship is fully defined and risks are highlighted, it is the responsibility of the Relationship Manager to determine whether or not to accept the risk and contract with the supplier.