Estelle Fremaux, Maxime Hennau, Hugo Larguinho Brás & Frederic Gielen. Credit: Reply Luxembourg

Estelle Fremaux, Maxime Hennau, Hugo Larguinho Brás & Frederic Gielen. Credit: Reply Luxembourg

Outsourcing governance has been an increasingly important management area in Luxembourg financial services. Most Banking, Asset Management and Insurance companies have put in place operational and IT models relying heavily on external and intra-group service providers.

With Circulars 18/698 and 22/806 from the Commission de Surveillance du Secteur Financier (CSSF), and Circulars 21/15 and 22/16 from the Commissariat aux Assurances (CAA), the regulatory background has also evolved, strengthening the requirements for initial and ongoing due diligence as well as business and IT oversight of service providers.  

The Digital Operational Resilience Act (DORA) is now adding to this regulatory background, with a focus on ICT services.  

Amidst these developments, the role and responsibilities of the 2nd Line of Defense, typically led by the Chief Risk Officer, take center stage. They are tasked with overseeing crucial aspects of the service provider relationship lifecycle, from due diligence to ongoing oversight. Effectively executing these functions necessitates coordination across various teams, including the 1st Line of Defense, Operations, IT, Legal, and Oversight Teams, and the centralization of outsourcing-related documents and data for comprehensive risk management and compliance. 

“Being agile and proactive in adapting to regulatory changes has become a real competitive advantage for financial organizations, this solution has been created to answer the need of our clients to stay ahead of the curve and ensure compliance and efficiency in their operations” explained Maxime Hennau, Insurance Advisory Leader, Reply. 

Third Party Watch: Bridging Compliance and Operational Efficiency

“In the Belux region, most of our clientele comprises financial institutions. Notably, Luxembourg stands as a prominent financial hub, ranking as the world’s second-largest investment fund center. For our clients, maintaining competitiveness isn’t merely a goal but an imperative. Consequently, we’ve leveraged the expertise of our regulatory and IT specialists to create Third Party Watch – a tailored solution designed to fulfill the pivotal role of the second line of defense in overseeing outsourcing agreements and delivering essential services to our clients,” stated Frederic Gielen, Executive Partner, Reply.

Concretely, Third Party Watch offers several key functionalities:

(1) It allows the user to organize all steps of the onboarding lifecycle: risk assessment, due diligence, and criticality assessment. The appropriate tasks, predefined in the tool, are allocated, monitored, and recorded in the tool.  

(2) It allows the collection, storage, and accessibility of all outsourcing documents, acting as a centralizing tool.

(3) It provides a detailed audit log of all interactions related to an outsourcing arrangement, easing the transparency with regulators and external auditors.  

(4) It orchestrates the content of Service Level Agreements agreed with service providers, reflecting the planning and the outcome of Key Performance Indicators.   (5) It includes automatic notifications and reminders, decided by the 2nd Line of Defense, helping confirm that operational controls and annual criticality assessments are performed at the expected frequency, and simplifying the management of contract terminations with service providers.

All of these functionalities supported by Copilot to fast-track operations and provide top-notch user experience.

Copilot will fast-track your information search – say bye to manual navigation and filtering (e.g. identification of active monthly controls in place for a specific service provider). Reply Luxembourg

Copilot will fast-track your information search – say bye to manual navigation and filtering (e.g. identification of active monthly controls in place for a specific service provider). Reply Luxembourg

1 / 2
Copilot will fast-track your information search – say bye to manual navigation and filtering (e.g. identification of active monthly controls in place for a specific service provider). Reply Luxembourg
Copilot will fast-track your information search – say bye to manual navigation and filtering (e.g. provide sharepoint link where a specific document for a specific process step has been stored). Reply Luxembourg

Integrated Management of Service Provider Relationships

Designed for the 2nd Line of Defense, Third Party Watch optimizes service provider governance with a centralized, regulatory-compliant platform. It features advanced monitoring and performance management, ensuring effective supervision and regulatory compliance.

Estelle Fremaux, Partner at Business Elements, emphasizes, “Being fully integrated into the Microsoft ecosystem automatically facilitates interactions with Office, Outlook, and all Power Platform capabilities. This makes Third Party Watch easy and fast to deploy, highly customizable to meet specific client needs, and capable of seamless data access and report generation.”

Developed in close partnership with financial organizations, Third Party Watch integrates seamlessly with their operations, driving their transformative journey.

“In summary, strategic outsourcing not only enhances efficiency but also fortifies competitiveness within financial organizations. We’re proud to introduce Third Party Watch by Reply, a pioneering solution empowering the 2nd Line of Defense to seamlessly collaborate with IT, legal, and operations teams on outsourcing and task responsibilities. With every aspect orchestrated by our solution, ambiguity surrounding stakeholder responsibilities is eliminated, ensuring streamlined operations and regulatory compliance,” concluded Hugo Larguinho Brás, Partner, Reply.