Financial institutions increasingly rely on external service providers, making third‑party risk management essential for operational stability. Even with strict regulations protecting customer data, attackers often exploit vulnerabilities in the financial supply chain. Despite this, many institutions still fall short, with only 46% conducting risk assessments on third parties handling sensitive data. This gap leaves organizations exposed, highlighting the need for stronger practices under APRA CPS 230 to ensure resilience, compliance, and effective oversight of vendor-related risks.

Join for free to read