Response to consultation on draft Guidelines on the sound management of third-party risk

Go back

Question n. 1 for Public Consultation: Are subject matter, scope of application, definitions and transitional arrangements appropriate and sufficiently clear?

Question n. 2 for Public Consultation: Is Title II appropriate and sufficiently clear?

With reference to paragraph 33 of the consultation paper, we would like to gain a deeper understanding of how to correctly interpret the role of the risk assessment of third-party arrangements (as described in Section 11.2) in determining whether a function should be considered critical or important.

In particular, what could be the key criteria and operational approaches to evaluate the potential impact of an arrangement with a TPSP on the relevant risks faced by the financial entity (including operational, reputational, legal, and concentration risks)?

How should this assessment guide the classification of a function as critical or important, taking into account its effects on regulatory compliance, financial performance, and service continuity?

Question n. 3 for Public Consultation: Are Sections 5 to 10 (Title III) of the Guidelines sufficiently clear and appropriate?

Question n. 4 for Public Consultation: Is Title IV of the Guidelines appropriate and sufficiently clear?

Question n. 5 for Public Consultation: Is Annex I, provided as a list of non-exhaustive examples, appropriate and sufficiently clear?

Name of the organization

Deloitte Advisory S.r.l. S.B.

Organisation and governance

Legal and policy framework

Careers

Supervisory convergence

Direct supervision and oversight

Information for consumers

Ad hoc activities

Risk analysis

Reporting

Data

Publications

Media centre