Skip to Main Content

Third-Party ESG Risk Management

Climate and social issues have become top priorities at financial institutions.  In January 2022, RMA and 22 large member banks formed the RMA Climate Risk Consortiumi, to develop standards for banks to integrate climate risk management throughout their operations. In March, RMA also filed a comment letter in response to OCC's Principles for Climate-Related Financial Management draftii. 

Corporate procurement officers have also begun to embed environmental, social, and governance (ESG) risks into their business decision-making process. To support these changes, RMA has prepared a series of Third-Party Risk Management Webinars to better equip working professionals challenged to assess evolving third-party risk factors daily. 

The first webinar of the series centered on ESG factors, detailing how procurement officers can effectively integrate third-party ESG considerations into their vendor selection process. The session featured two subject matter experts – Jim Berghs, a senior vice president and executive director at U.S. Bancorp, and Linda Tuck Chapman, the CEO of Third-Party Risk Institute. 

Here is a brief recap of third-party ESG risk management best practices. This provides an overview of what to expect as the broader financial services industry standardizes ESG ratings and data disclosure requirements.  


Case Study: U.S. Bancorp 

U.S. Bancorp offers an example of what large U.S. banking organizations are focusing on in terms of ESG and DEI considerations in ERM frameworks. In March, the bank announced iii a partnership with Sustainalytics, a Morningstar company, to provide data solutions on ESG research and ratings for U.S. Bank Global Fund Services clients.  

The banking group has been known for a “geo-mapping” approach to their ERM practices, which entails the group’s enterprise-wide risk considerations and analytics that support its multiple business lines based on geographic information systems and location datasets. 

U.S. Bankcorp’s European counterparties adapted their ESG considerations into the procurement practices several years earlier than the bank’s American teams, according to Berghs. Interdepartmental collaborations improved their overall third-party ESG risk management practices. 

Like U.S. Bancorp, senior directors at large institutions partner with internal procurement teams when making business decisions, to fully understand risk factors associated with market incumbents. This overarching ERM assessment approach often considers the fourth-party entities – those who work with the third-party entities – as well.  

In the case of U.S. Bancorp, senior directors would focus on entity-wide value alignments when assessing the third-party ESG risks, including DEI components and human capital management practices, according to the panelists.  

However, Chapman added that the industry still needs key risk indicators and more standardized data points to “get into the business with the right partner in the first place”.  


Challenges: Data disclosure 

Understanding ESG data during and before the procurement process will help risk officers assess the relevant factors in advance. The panelists suggested the audience disclose their organization’s ESG screening criteria to potential vendors early in the selection process. 

The live audience asked situation-specific questions involving data discrepancy issues, which reflected the challenges they face when determining and assessing the ESG material risk factors. A lack of data disclosure by vendors also contributed to the existing idiosyncratic risk assessment burden. 

Our next webinar, Strengthening Third-Party Management with RegTech, AI, and Risk Intelligence, is scheduled for April 12. Join us for more in-depth discussions on how innovative solutions improve risk insight for risk-informed decisions and get answers for your top questions during the live session. 

Related Content: