New research reveals significant gaps in third-party risk management within the financial sector, highlighted by recent incidents like the CrowdStrike IT outage. Despite increasing reliance on complex third-party IT ecosystems, only a small percentage of financial institutions have robust exit plans for supplier disruptions. The lack of preparedness leaves the sector vulnerable to potential disruptions, even with global regulatory efforts like the EU’s Digital Operational Resilience Act (DORA), which pushes for stronger supply chain resilience.
The survey shows that 20.8% of financial professionals have stressed exit plans for most third-party agreements, and only 18.7% express confidence in their current plans. As regulatory pressures grow, the industry faces a critical need to improve third-party governance and reduce supply chain risks to prevent major operational disruptions.