Markit has introduced a utility-type service designed to help banks – and other large organisations – improve their operational risk management around third-party products and services. Called Know Your Third Party (KY3P), the service allows third-party vendors to upload and update information about their businesses once, and permission many banks to access the information as part of vendor due diligence and ongoing monitoring programmes at the heart of third-party risk management.
KY3P has been set up by Markit in conjunction with Barclays, HSBC and Morgan Stanley and will be delivered as a global software-as-a-service solution built on a cloud based data hub hosted by Dell Cloud Services. The banks are working with Markit to onboard their third parties and more banks and third-party vendors are expected to sign up as banks realise the benefits of centralised and constantly updated third-party data, and vendors benefit from uploading data once for the use of many customers and experience increased speed to market and lower barriers to entry.
Michele Trogni, managing director and cohead of Solutions at Markit, explains: “Third-party risk management processes are bilateral in nature, time consuming and repetitive. KY3P will transform many aspects of these processes. Unlike KYC, there are no industry standards for third-party risk management. Banks have their own standards, but this makes it costly for third-party vendors to do business with them as they are asked similar questions by all the banks all the time.
“It is much more efficient for vendors to complete standard questionnaires, put them in a safe environment and permission people in banks to see the information. If, for example, the company’s financial situation changes, it can update the information, alert its customers about the change and avoid sending new audit documents to all of them. A bank can sign up, see its third-party vendors, search for new products and services, and request RFPs.”
Banks pay a fixed annual fee to use KY3P depending on how many third parties they work with on the platform. Vendors can sign up to functions such as audit and significant event notification and tracking at no cost, but start to pay as they fill out due diligence questionnaires that add detail and value to their propositions. The same standards and common questions are used for all products and services regardless of their type, with a view to making the platform both easy to use and valuable.
Trogni says regulators are already asking banks questions about third-party risk management processes and suggests fourth-party risk presented by companies that support third parties will soon come under scrutiny. KY3P allows vendors to provide information on companies they rely on to deliver services when they onboard and on an ongoing basis.
Subscribe to our newsletter
