Lack of integration between banks and all external suppliers increases risks
Last December, the Central Bank (BC) conducted an exercise to combat cyberattacks with the five largest retail banks in the country. These attacks are one of the biggest concerns for the financial sector, including in Brazil, one of the leaders in this type of problem. Solving this scenario is complex because security oversight tools are fragmented, concludes the study.Third-Party Cyber Security Risk: Implementing Process Efficiencies While Preserving Resilience” (“Third-Party Cybersecurity Risk: Implementing Process Efficiencies, Preserving Resilience”) from Capco, a global management and technology consultancy for the financial sector of the Wipro group.
Risks come from different sources, including the banks' broad network of suppliers and partners, which end up expanding the surface area for potential attacks. To overcome the fragmentation of solutions, it is necessary to have rigorous control processes and compliance, says the consultancy.
“Financial institutions operate in one of the most regulated environments in the world. This requires structured third-party risk management. But solutions often do not communicate effectively, creating operational bottlenecks and increasing risks.“, explains Luciano Sobral, partner at Capco in Brazil.
The use of different platforms without proper integration leads many organizations to adopt isolated solutions to assess, monitor and mitigate risks. This compromises a global view of cybersecurity. At the same time, global standards and Resolution No. 4,893 of the Central Bank impose requirements on third-party governance that make the adoption of new technologies a challenging process.
“The lack of integration between systems and regulatory complexity make third-party risk management a major obstacle for the financial sector,” Sobral points out. “The adoption of technologies such as automation and artificial intelligence enables faster and more accurate analyses, reduces response time to threats and ensures greater protection.”
To address these challenges, Capco experts recommend:
- Tool integration – Centralization of systems to unify all stages of third-party risk supervision.
- Process automation – Reduced time spent on manual tasks and increased accuracy in threat detection.
- Continuous monitoring – Implementation of systems that identify and neutralize risks in real time.
- Stakeholder engagement – Involvement of suppliers and internal teams in the adoption of new methods, ensuring adherence and compliance.
- Regulatory adaptation – Use of technological solutions that meet regulatory requirements without compromising operational efficiency.
Third-party management is essential for cyber resilience in the financial sector. Investing in this evolution is not only a strategic choice, but a necessity to face the challenges of the current digital landscape.
About Capco
Capco, a Wipro company, is a global technology and management consultancy focused on the financial services and energy industries. Capco operates at the intersection of business and technology, combining innovative thinking with unmatched industry expertise to support clients across banking and payments, capital markets, wealth and asset management, insurance and energy. We help our clients simplify complexity to see a clear path forward and create solutions that enable them to transform their businesses and build a lasting legacy of success. For more information, visit site.
EN 
PT 
