Third-Party Risk Management Resolutions for 2022

As a new year draws closer, it’s time to start making resolutions for your third-party risk management (TPRM) program. With 2022 around the corner, it’s a great time to review your program for any needed improvements and consider how to achieve and maintain your TPRM goals.

4 Third-Party Risk Management Resolution Ideas for 2022

Each TPRM program is unique, but there should be common themes for improvement as you review the program. Here are a few resolutions you might choose in 2022 for your TPRM program… to catch up, clean up, tune up and speed up. Let’s review:

1. Catch up: If you have due diligence or risk reviews behind schedule, make it a point to get this work caught up ASAP. Auditors and examiners will likely give you a finding for not meeting the due dates. Findings aside, the bigger concern is that new and emerging risks can go undetected for too long, increasing the likelihood or severity of the risk. If resources are the issue, consider outsourcing due diligence to a third-party service provider that can close the resource gap and get back on schedule.
2. Clean up: At least once a year, your vendor inventory needs a good scrubbing. Check to ensure that only active vendors are on the list and the correct vendor owner is listed. Be mindful of lower-risk vendors who often work by purchase order or direct invoice instead of a contract. These vendors may be long gone and now are clutter on your inventory list. Work with your accounts payable department to harmonize any active vendor lists to ensure payments are not made to terminated vendors. Close out old records and safely archive vendor documents per your internal records retention policies.
3. Tune up: Work with your subject matter experts to review and analyze your current vendor due diligence questionnaires. Make sure that the questions asked are relevant and reflect the current risk environment. Remember, a lot has changed in the last two years, and pre-pandemic questionnaires may not address the variety of new and emerging risks present today. It’s more than likely that your questionnaire could use a tune up. It’s also a good time to review the documents and other evidence you request from your vendor to ensure the latest standards are met.
4. Speed up: If you have manual processes that slow down your processing time or negatively impact your efficiency, it’s a great time to consider automation. Manual processes aren't only time-consuming, but they’re also error-prone, often causing re-work and slowing the whole process further. If you aren’t using one, this could be the year you consider moving to a software-based TPRM system that can automate administrative tasks, notifications, scheduling and reporting. Automation is especially important when scarce resources are an issue.

The truth is that improving and optimizing your TPRM program can occur at any time, but starting the new year with a fresh plan is often re-energizing and gives many of us that sense of focus necessary to accomplish the tasks at hand. Make 2022 the year your program achieves better performance, efficiency and effectiveness by setting your TPRM resolutions now.