We understand the importance of protecting the industry and clients from risks associated with the use of third
parties. The Third-Party Risk program strives to deliver industry best practices for identifying, assessing,
monitoring and mitigating third-party risk. As part of the program, third parties are expected to participate and
comply with initial due diligence and ongoing monitoring requirements.
“SUPPORTING A DIVERSE AND INCLUSIVE
ENVIRONMENT MUST INCLUDE CONSIDERATION FOR
WHO WE DO BUSINESS WITH. AS WE SUPPORT
BUILDOUT OF A DIVERSE SUPPLIER BASE, OUR THIRD
PARTY RISK TEAM STRIVES TO PARTNER WITH OUR
SUPPLIERS TO HELP THEM UNDERSTAND AND MEET
OUR CONTROL REQUIREMENTS SO DTCC CAN PROVIDE
THE BEST SOLUTIONS TO OUR CLIENTS.”
Mike Rivas, DTCC Executive Director, Third Party Risk
During the initial onboarding process, we partner with our third parties to complete due diligence risk assessments
that consider a range of risk factors (e.g., technology, resiliency, regulatory, etc.) that are commensurate with the
engagement type and the risk that the vendor poses to DTCC. Our third parties work with us to help us confirm
that their controls are in alignment with DTCC standards.
Following initial onboarding process, we also engage and partner with third parties to complete ongoing
monitoring to ensure services continue to be provided in alignment with DTCC’s standards. These actives include
but are not limited to risk reassessments, ongoing performance meetings, negative news monitoring, and onsite
As our partner, we work in a collaborative effort to identify and resolve concerns that may arise.
< Return to Vendor Management