The B2B landscape is built atop trusted relationships, both formal and informal.
These relationships can include partnerships and collaborations with third-party vendors, suppliers, contractors, service providers and more; and while these relationships can offer numerous benefits such as cost savings, access to specialized expertise and expanded market reach, they also introduce various risks that can potentially undermine business operations and profitability.
And the risks of a single point of failure across a vendor supply chain can be particularly acute for security-critical businesses, such as those operating across the financial services landscape.
In its latest Compliance Report, the Federal Deposit Insurance Corporation (FDIC) took special pains to point out existing partnership risks for banks that stem from weakness in banks’ compliance management systems as well as their reliance on third-party providers to implement controls.
Per the report, recommendations for mitigating risk include first ensuring board and management involvement during the lifecycle of the third-party relationship, and second, collecting and maintaining thorough documentation related to due diligence conducted prior to entering into a relationship, demonstrating that the board and management considered and accepted risks.
The report comes on the heels of two FDIC consent orders levied last month against Sutton Bank and Piermont Bank that targeted issues with third-party relationships and banking-as-a-service (BaaS) activities.
And while the FDIC, as per its operational prerogative, focused specifically on banking-as-a-service and FinTech partnerships, effective management of third-party risks is essential for B2B success — no matter the industry a business is operating within.
Read more: APIs and Points of Vulnerability Spotlight BaaS Risks as Platforms Evolve
As PYMNTS has reported, regulators are increasingly turning their attention to the downstream risks associated with know your customer (KYC), compliance and risk management, fraud, and the financial safety of FinTechs and their BaaS partners. As a result, many banks operating BaaS business models have been de-risking by offboarding higher-risk and lower-value programs.
But the specter of supply chain risk hasn’t removed the need for traditional financial institutions to do what they can to effectively compete in an increasingly dynamic operating landscape.
“Historically, it was just banks competing with banks,” William Artingstall, global co-head of cross-border payments and receivables at Citi, told PYMNTS in October. “But increasingly, FinTechs and other disruptive entrants are leveraging solutions … innovations and competitive offerings … which can be costly and complex for banks to quickly stand up.”
As Ingo Payments CEO Drew Edwards told PYMNTS, “BaaS 1.0 was, in some ways, tech companies focused on enabling tech companies. They would build a cloud core and bring together all kinds of third-party vendors to manage what we would call money mobility. The use cases were varied, and the source of the funds created a lot of risk and exposure as they ramped up fast with many startups, many different industries, all with small banks.”
PYMNTS Intelligence found this past summer that 65% of banks and credit unions have entered into at least one FinTech partnership in the past three years, with 76% of banks viewing FinTech partnerships as necessary to meeting customer expectations. And a full 95% of banks are focused on using partnerships to enhance their own digital product offerings.
See also: The Cost of Legacy Payments in Light of Innovation’s ROI
B2B partnerships are often strategic decisions aimed at achieving long-term business objectives. However, if third-party partners fail to align with the B2B company’s goals, vision or values, it can hinder progress and lead to wasted resources and missed opportunities.
“With complex ecosystems, you have a higher number of partners than you may have historically had” in the past, Larson McNeil, co-head of marketplaces and digital ecosystems at J.P. Morgan Payments, told PYMNTS. This creates new considerations for the corporate treasury function, including management of those partners and counterparty risk.
As McNeil added, “you’ve got to understand your industry and the various players in the ecosystem — and as complexity increases, you’ve got to understand the risk and the opportunities that this creates for the business.”
With the increasing digitization of business operations, B2B companies often share sensitive data with their third-party partners. This could include proprietary information, customer data, financial records, and more. Failure to adequately protect this data can lead to breaches, regulatory violations, lawsuits, and reputational damage.
But by proactively addressing third-party risks, B2B companies can safeguard their operations, protect their reputation, and enhance their overall competitiveness in the marketplace.