<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=229461991482875&amp;ev=PageView&amp;noscript=1">

“Regulated firms should have appropriate oversight and control over third-party providers and take responsibility for the service they provide. Doing so will reduce the risk of third-party failures or weak controls which could lead to operational disruption, unauthorised loss or disclosure of consumer data.”

This was the specific paragraph in the FCA Business Plan for 2018/19 that has been a key focus on the agendas of our UK Financial Services customers since the plan came out in April.

It comes under the cross-sector priority relating to “Data Security, Resilience & Outsourcing” and features on page 25 of the plan.

For Gatekeeper, key to providing the best service to our customers is understanding as many of the regulatory forces operating on their business as possible.

Naturally, what the FCA is looking to focus on into next year is of going to have the attention of our customers operating in this industry.

Fortunately, Gatekeeper has a wealth of functionality to assist our customers in this regard, significantly contributing to the FCA’s aim of “improving the industry’s operational resilience”.

Specifically, we help our customers by:

  • Recording details of every third-party provider including contract documentation, relevant security certification and sign-off parties.
  • Managing periodic renewals of certifications, such as for Penetration Testing. Gatekeeper generates notifications, automates and tracks the overall progress and records the latest results against a third-party record.
  • Tracking obligations for each contracted party and delivery against them.
  • Providing a secure, auditable record of every action carried out against a particular third-party, with names, dates and change history.
  • Displaying this information in a secure, simple-to-use system allowing permitted users to view and report on the data at any time.

The Case for Third-Party Focus

Aside from the increased focus from the FCA, why else is managing third-party risk more important now in 2018?

Deloitte’s 2018 Report on third-party governance and risk management highlights that 53% of survey respondents have seen “some” or “significant” increase in their dependence on third parties in the last year.

Deloitte’s same report in 2017 revealed that 74% of respondents had experienced at least one third-party incident in the last three years, with a fifth of those incidents being a “complete third-party failure or an incident with major consequences”.

Together, this means there’s:

  • A growing dependence on third-parties
  • A high number of incidents with major consequences
  • An increased regulatory focus
  • A public and press more sensitive to incidents such as data breaches or service outages

Managing third-parties more closely and mitigating risk through the effective deployment of technology has therefore never been more in focus or a higher priority for financial service providers.

In fact, there’s a further case being made that treats effective third-party risk management not just as a prudent measure but also a source of competitive advantage.

Being able to access and exploit third-party expertise faster than competitors has significant upside, particularly in industries such as Financial Services where disruption is being encouraged by regulation and public opinion.

The theme of turning third-party risk into competitive advantage is explored in this report from Ernst & Young.

The Case for Gatekeeper

Not only do we help our customers with monitoring their suppliers but, as a third-party supplier ourselves, we maintain the highest security and quality measures.

Our Information Security Management System (ISMS) has been certified to the ISO 27001:2013 standard. Meanwhile, our Quality Management System (QMS) has been certified to the ISO 9001:2015 standard.

Gatekeeper is also subject to regular security and penetration testing to make sure that our customers’ data remains safe.

This is why we’re trusted by businesses in highly regulated industries such as Finance and Healthcare, in the both the UK and abroad.

If you’re reviewing your internal processes in light of the FCA Plan, or would simply like to understand how other businesses in your sector are mitigating third-party risk using Gatekeeper, then please get in touch today for a free consultation.

Ian Bryce
Ian Bryce

Ian writes on a variety of topics, bringing together his own knowledge and experience with that of industry experts.


Contract Management , Contract Lifecycle Management , Vendor Management , Contract Management Software , Contract Lifecycle , Supplier Management , Case Study , Contract Risk Management , Contract Management Strategy , Risk Mitigation , Vendor Management Software , Contract Repository , CLM , Contract Automation , Contract Ownership , Contracts , Compliance , Risk , Supplier Performance , Supplier Risk , Workflows , Contract Redlining , Gatekeeper Guides , Legal , Negotiation , COVID-19 , Legal Ops , RFP , Vendor Onboarding , Artificial Intelligence , Business continuity , CLM solutions , Contract Managers , Contract Performance , Contract Review , Metadata , Regulatory compliance , Supplier Management Software , Supplier Relationships , Third Party Risk Management , Vendor Portal , contract renewals , webinar , AI , Clause Library , Contract Administration , Contract Management Plans , Contract Monitoring , Contract Risk , Contract Templates , Contract compliance , Electronic Signatures , Excel , Kanban , Procurement Strategy , RBAC , Recession Planning , Redline , Regulation , SaaS , Security , Spend Analysis , TPRM , Vendor risk , collaboration , Audit preparedness , Audit readiness , Audits , Business Case , Clause Template , Contract Approvals , Contract Breach , Contract Governance , Contract Management Audit , Contract Management Automation , Contract Management Features , Contract Obligations , Contract Outcomes , Contract Tracking , Contract Value , Dashboards , Data Fragmentation , Employee Portal , FCA , Gatekeeper , ISO Certification , IT , KPIs , LegalTech , Obligations Management , Procurement Planning , SOC Reports , Scaling Business , Standard Contractual Clauses , Suppler Management Software , Sustainable Procurement , Touchless Contracts , automation , central repository , eSign , time-to-contract , Australia , BCP , Breach of Contract , Brexit , Business Growth , CCPA , CMS , CPRA 2020 , CSR , Categorisation , Centralisation , Certifications , Cloud , Conferences , Confidentiality , Contract Ambiguity , Contract Analysis , Contract Attributes , Contract Challenges , Contract Change Management , Contract Community , Contract Disengagement , Contract Disputes , Contract Drafting , Contract Economics , Contract Execution , Contract Management Optimisation , Contract Management pain points , Contract Negotiation , Contract Obscurity , Contract Reminder Software , Contract Reporting , Contract Routing , Contract Stratification , Contract Termination , Contract Volatility , Contract and vendor management , Contract relevance , Contract relevance review , Contracting Standards , Contracting Standards Review , Data Privacy , Data Sovereignty , Definitions , Digital Transformation , Disputes , ESG , EU , Enterprise , Enterprise Contract Management , Financial Services , Force Majeure , GDPR , Hotels , ISO , Implementation , Integrations , Intergrations , Key Contracts , Legal automation , Measurement , Mergers and Acquisitions , Microsoft Word , Modern Slavery , NDA , Operations , Parallel Approvals , Partnerships , Pharma , Planning , Port Agency , Pricing , Procurement , RAG Status , Redlining , Redlining solutions , Requirements , SaaStock , Shipping , Spend optimzation , Startups , Supplier Cataloguing , Technology , Usability , contract reminders , remote working , success hours , vendor centric

Related Content


subscribe to our newsletter


Sign up today to receive the latest GateKeeper content in your inbox.

Subscribe to Email Updates