The growing reliance of financial institutions on third-party providers creates a wide range of risks that must be managed in a consistent and structured way. These risks are not limited to ICT services but also extend to other services outsourced to external partners. At the EU level, several initiatives aim to strengthen third-party risk management: the Digital Operational Resilience Act (DORA) for ICT-related arrangements, as well as guidelines issued by the EBA, EIOPA and ESMA. To help participants navigate these (sometimes overlapping) requirements, the speaker will present a clear and pragmatic framework for compliance, addressing the full lifecycle of third-party arrangements, from due diligence and contracting to monitoring, subcontracting, and exit strategies.

The objectives of this training are to:

• gain a comprehensive overview of the EU framework on third-party risk management (DORA, EBA, EIOPA and ESMA guidelines etc.);
• understand the implications of these requirements for your institution, covering both ICT and non-ICT services;
• leave with a practical and step-by-step roadmap for implementing sound third-party risk management in line with EU expectations.

CONTENT

• Context
• Why focus on third-party risk management?
  • Growing reliance on external providers
  • Associated risks
• Overview of the EU framework
  • DORA (Digital Operational Resilience Act) for ICT services
  • EBA Guidelines
  • EIOPA Guidelines
  • ESMA Guidelines
• Key concepts
  • Outsourcing
  • ICT/cloud service
  • Critical or important function
  • CTPP (critical third-party providers)
• Key requirements across the lifecycle of third-party arrangements
  • Risk assessment and due diligence
  • Contracting: the key clauses
  • Subcontracting and chain outsourcing
  • Ongoing monitoring
  • Audit
  • Exit strategies and business continuity
  • Reporting
• Oversight by the supervisory authorities
• Concrete impact: a step-by-step roadmap to compliance
• Critical approach and supervisory trends
  • Current challenges in implementation
  • Future developments and prospects

PRACTICAL INFORMATION

• Duration: ½ day of training (3 class hours)
• Hours: 09:00 to 12:30
• Location: This training will be given online
• Language: This training will be given in English
• Additional information: How do you start the webinar? You will receive a login and password by email to access our platform. In the platform you will find a link. By clicking on the scheduled date the webinar will start via Webex. 
  To be granted CPD hours, it is important to enter your own name and surname, follow the entire training day and answer the questions suggested by the trainer. Do not follow the training with several people on the same PC.

You follow a ‘Live webinar’ digitally in a group. It is ‘learning-apart-together’. At an agreed time, the teacher and participants log in to a video conference tool, each from his or her own location and with his or her own computer. Via this tool’s camera, microphone and chat function, there is an opportunity for interaction and feedback, both from the participants to the teacher and vice versa. The teaching material consists as a basis of a presentation via the MyFA learning platform, supplemented with various other items (such as digital syllabus, presentation, audiovisual fragments, etc.).

• For those who wish to go beyond the basics
• No travel time, but direct contact
• Deepen your knowledge and obtain recognized continuing professional development hours

• Be on time for the webinar. It’s best to join 10 minutes before it starts.
• Unexpected delay or technical issue ? You can reach us at +32 (0)2 507 69 61.
• To start the webinar, log in to the learning platform and open the training’s video conference link.
• You don’t need to download the video conference tool if you prefer not to; you can participate via your internet browser.

• To receive your (CPD) participation certificate for a live webinar, your presence and active participation are required throughout the entire session. Interaction is key to our trainings, whether through direct conversation, poll questions or chat.
• Your (CPD) participation certificate will be published on your MyFA account the day following the course.
• Febelfin Academy wishes you a great learning experience.

The training course can be followed by various target groups:

• professionals working in the financial sector;
• compliance officers;
• risk managers;
• legal advisors;
• anyone involved in governance or regulatory compliance.