Markit is building out is Know Your Third Party (KY3P) platform with additional customers, extended functionality and a growing commitment to help users meet standards and regulatory requirements around third-party risk management.
The KY3P initiative was set up by Markit, in conjunction with Barclays, HSBC and Morgan Stanley, and introduced a service for third-party management in October 2015. The service allows vendors to upload information and updates about their businesses once and permission many banks to access the information to carry out vender due diligence and ongoing monitoring in support of third-party risk management.
KY3P is delivered as a global software-as-a-service solution and was built by Markit, which is addressing some of its own internal risk issues by hiring Livingstone – headed by former lead of Markit Cadis Daniel Simpson – to support its software asset management.
Among Markit’s recent customer additions to the KY3P platform are BlueBay Asset Management and Loomis, Sayles & Company. These customers bring the total number of asset managers that are onboarding their vendors to the platform to 13, although Markit says a further 60 are in the pipeline.
Don Ryan, chief compliance officer at Loomis, Sayles & Company, comments: “Due diligence and ongoing oversight of third-party service providers continues to increase in both importance and complexity, especially in the context of cyber security. KY3P will allow us to gather and track vendor information more efficiently through standardised questionnaires, control reports and significant event notifications. The centralised data hub will also allow us to store vendor information in a single location.”
Joining the vendor community on the platform is Luxoft, a provider of software development services. Eugene Dovgii, senior account director at the company, says: “KY3P will help us reduce the due diligence burden, decrease presale efforts and accelerate turnaround time through a more standardised and structured process.”
Gina Ghent, managing director and head of KY3P at Markit, says uptake of KY3P is coming from all types of organisations looking to manage third-party risk and that many already have some sort of solution in place, but need to up their game for risk or regulatory reasons, or both.
In terms of development, Ghent says the platform is being extended in the order of user prioritisation. From an initial focus on vendor due diligence and monitoring, Markit is moving on to provide verification and validation services, sanctions screening and additional data including security ratings and details on private companies.
The platform is aligned to major regulations and standards around third-party due diligence, such as the US Sarbanes Oxley Act and UK Cyber Essentials scheme that provides a cyber security standard that organisations can be assessed and certified against, and will continue in this vein as more regulations and standards emerge.