Third-party risk management is becoming increasingly critical for financial institutions as they navigate the evolving digital banking landscape.

In fact, 85% of FIs expect at least a moderate return on investment from third-party risk management (TPRM) programs due to cost savings from enhanced cybersecurity and vendor oversight, according to a study released today by software company Ncontracts that surveyed 170 financial institutions between November and January.

According to the report:

• 73% of FIs have two or fewer full-time employees dedicated to TPRM despite more than half overseeing at least 300 vendors;
• 66% feel pressure from regulators and auditors to enhance their TPRM programs;
• 50% cited cybersecurity as their top third-party risk concern; and
• 30% rated use of AI by vendors as a significant risk.

Institutions with assets of $10 billion or more are particularly stringent with AI oversight, with 60% incorporating AI-usage terms into contracts, compared with just 28% of FIs under $1 billion in assets, according to the report.

“Just 15% of financial institutions above $10 billion engage in verbal discussions as a primary method of AI-risk oversight,” the report states. “The reason is clear: vendor promises don’t hold weight unless they’re in writing.”

Register here for the upcoming Bank Automation News webinar “Emerging fintechs: New technologies you need to know now” on Tuesday, April 8, at 11 a.m. EST.