Risk management solution providers and what their customers really want – Brooklyn Solutions
10/31/2024
As part of our Q4 research into supplier risk, third-party and supply-chain risk management (TPRM/SCRM) and the solutions that support it, we have not only conducted analyst- and market-led research in the shape of analyses, advisory, definitions and webinars, but taken the pulse of the practitioners who use that technology and who deal with risk on a daily basis (for example here and here). To round off that perspective we’d like to engage the thoughts of the solution providers themselves, particularly in terms of how they believe their customers perceive risk and what they want from today’s solutions.
Visit our In-Depth Guide to Risk Management for an explanation of this complex environment.
For today’s vendor viewpoint we spoke with Nick Francis, Chief Technology and Marketing Officer (CTMO) at Commercial Value Management specialist Brooklyn Solutions.
Have you witnessed a significant change of appetite for risk-related tech over recent years from your customer base?
“Within vendor management, there has been a significant change in the appetite for risk-related technology. Companies have become more aware of the risks posed by third and fourth parties, with the focus expanding beyond monitoring compliance with contractual obligations. Since vulnerabilities such as cybersecurity threat Log4j and GDPR compliance, organizations have a heightened awareness of how vendors manage security and infrastructure. These changes have led to customers wanting a holistic approach to risk management, expanding risk assessment scope, and departments involved to create more resilient security and regulatory analysis.
“With the rise in SaaS, IaaS and PaaS adoption, companies also want solutions that can keep pace with technology transformations affecting their systems and business architecture. The need for robust risk management has never been greater, with companies increasingly focused on preventing reputational damage and avoiding regulatory penalties.”
What are the primary areas of risk concern for your customers and what are their requirements?
“Primarily, our customers are prioritising supply chain visibility, adopting proactive risk management strategies and staying compliant with evolving regulations. Companies struggle with gaining a clear view of third-party risks and seek solutions that enable a proactive, rather than reactive, risk management approach. This includes developing risk profiles and monitoring high-risk suppliers, particularly as businesses need better visibility into the subcontractors and fourth parties involved in their supplier’s services.
“Platforms primarily support risk assessments and due diligence during onboarding but lack an ongoing risk assessment or continuous oversight post-contract. To address this businesses seek digital solutions that streamline onboarding whilst providing continuous compliance and risk management processes. A unified platform providing a single source of truth enables better collaboration, regular oversight and audit readiness. Automating risk profiles supports comprehensive risk assessment, while a digitally integrated approach ensures businesses can keep pace with regulatory changes and maintain strong governance.”
How do you see the future of TPRM tech and what should be the response of providers like yourself?
“Businesses are looking to leverage automation and AI to enhance productivity and reduce manual tasks. Companies seek tools that automate risk categorization across areas like Data Protection, Information Security and Legal Compliance, providing real-time visibility and proactive governance. The demand is growing for systems that streamline risk management but in addition ensure preparedness for audits and evolving security threats.
“Looking ahead, Brooklyn Solutions is committed to offering comprehensive and flexible risk management solutions. The future of risk technology will focus on AI-driven automation, improving data quality and ensuring compliance. These advancements will enable businesses to gain visibility of vendor risks, manage them more effectively, and stay aligned with regulatory requirements.”
How has the evolution in customer needs influenced your product?
“Across industries, third-party risk management platforms often lack clear definitions and consistency. While many platforms are available, the specific functions and capabilities of a comprehensive TPRM solution remain unsettled. At Brooklyn, we address the post-contract risk management gap by creating a sustainable TPRM platform. We aim to enhance the platform to ensure continuous third-party risk management throughout the entire third-party lifecycle, with key focus points at various stages. Our vision is to make TPRM a continuous, dynamic process rather than a one-time event.
“Our roadmap is built around three key areas of risk technology development:
- Enhancing ongoing risk assessment and management: Improving our capabilities by automating surveys and policies, triggered by scheduled lifecycle events, ensuring continuous risk assessments.
- Leveraging new and emerging technologies: Harness innovative technology such as large language models and AI to assess and communicate the risk portfolio more effectively.
- Integrating third-party risk management within a broader risk framework: Develop a unified approach that manages third-party risk in a wider risk portfolio context.
“Through these enhancements, we aim to empower those responsible for risk management to succeed within their organizations through sustainable third-party risk management.”
Many thanks to Brooklyn for sharing their observations. At the end of our series our analysts will consider both the vendor and practitioner contributions we have received and summarize the findings from both the authors’ analysts’ perspectives.
-
-
CORE08/23/2021
-
-
-
CO2 CORE Risk SXM SRM04/24/2024
-
-
CORE08/23/2021
-
-
-
CO2 CORE Risk SXM SRM04/24/2024