The views and opinions expressed in this article are those of the thought leader as an individual, and are not attributed to CeFPro or any particular organization.
By Sean Miles, Head of Risk and Compliance, Motor Insurers’ Bureau
What should institutions be looking for when monitoring for internal and external concentration?
Institutions should fully understand their end to end supplier network, for key/material processes and services, (both internally and externally) to identify bottlenecks and single points of failure. If they find one provider is critical to a particular service (such as a Cloud-provider or systems provider) they need to ensure they are sufficient contingencies arrangements, exit plans and whether the provider can easily be substituted.
Scenario planning and holding pre-mortems are good ways to identify concentration risks. What if the supplier collapses? Suffers a reputation issue or cyber event? Performing an assessment of the overarching ecosystem can really help.