2023-04-30

Third-Party Risk Management Guideline

The Office of the Superintendent of Financial Institutions (OSFI) issued this guideline to mandate comprehensive risk management expectations for federally regulated financial institutions regarding their external business and strategic arrangements. FRFIs must establish an enterprise-wide framework that proportionately identifies, assesses, and mitigates third-party risks based on criticality, concentration, and subcontracting exposures while retaining ultimate accountability for outsourced functions and data. The guideline requires rigorous due diligence, continuous performance monitoring, robust exit and contingency planning, and prompt supervisory reporting of substantive operational disruptions to safeguard financial resilience.

Canada

Office of the Superintendent of Financial Institutions

Show thumbnailShow full textSourceAdd to collection

Show thumbnail