Solutions
- Cyber Risk
  
  We bring the best of our collective experience, energy and creative power to fiercely safeguard our clients and fortify their communities.
  
  We bring the best of our collective experience, energy and creative power to fiercely safeguard our clients and fortify their communities.
- Third Party Risk Management
  
  Automate, accelerate and centralise third-party risk management across your critical service providers and other relationships with our market-leading solution.
  
  Automate, accelerate and centralise third-party risk management across your critical service providers and other relationships with our market-leading solution.
- Bank Network Management
  
  The only comprehensive solution for Bank Network Management, supporting most of the world’s largest banks manage their complex global networks, local market exposures and compliance requirements.
  
  The only comprehensive solution for Bank Network Management, supporting most of the world’s largest banks manage their complex global networks, local market exposures and compliance requirements.
- Capital Markets
  
  The world’s leading global advisory practice for financial market infrastructures since 1994, supporting FMIs to manage risk, regulation and market transformation.
  
  The world’s leading global advisory practice for financial market infrastructures since 1994, supporting FMIs to manage risk, regulation and market transformation.
- Funds
  
  We provide independent advice across custody and investment operations, helping our clients achieve best market practices. We also provide a powerful automated solution for Operational Due Diligence (ODD) and Third-Party Risk Management.
  
  We provide independent advice across custody and investment operations, helping our clients achieve best market practices. We also provide a powerful automated solution for Operational Due Diligence (ODD) and Third-Party Risk Management.
Platform
- Orbit Risk
  - Orbit Intelligence
    
    Orbit Intelligence captures your risk landscape, pulling together insights from across the platform. It centralises risk analysis, data, and news on your portfolio of monitored organisations.
    
    Orbit Intelligence captures your risk landscape, pulling together insights from across the platform. It centralises risk analysis, data, and news on your portfolio of monitored organisations.
  - Orbit Diligence
    
    Orbit Diligence automates your DDQ and RFI processes for a wide range of use cases, accessing a library of off-the-shelf questionnaires and risk frameworks, freeing up valuable resources.
    
    Orbit Diligence automates your DDQ and RFI processes for a wide range of use cases, accessing a library of off-the-shelf questionnaires and risk frameworks, freeing up valuable resources.
  - Orbit Security
    Enterprise Cyber Risk
    
    Enhance your cyber risk management by gaining complete visibility over your attack surface. Orbit Security monitors for breaches and vulnerabilities that could be exploited by threat actors, so you can prioritise remediation.
    
    Enhance your cyber risk management by gaining complete visibility over your attack surface. Orbit Security monitors for breaches and vulnerabilities that could be exploited by threat actors, so you can prioritise remediation.
    Third Party Cyber Risk
    
    Manage your exposure to critical third parties with continuous, data-driven monitoring. Analyse any entity’s security posture with Orbit Security Ratings and digitised IT Security questionnaires.
    
    Manage your exposure to critical third parties with continuous, data-driven monitoring. Analyse any entity’s security posture with Orbit Security Ratings and digitised IT Security questionnaires.
    
    Orbit Security Ratings are an automated, powerful way to continuously monitor the cyber security posture of your organisation and the third parties it relies on, with data-driven analytics so you can enhance the security of your ecosystem.
    
    Orbit Security Ratings are an automated, powerful way to continuously monitor the cyber security posture of your organisation and the third parties it relies on, with data-driven analytics so you can enhance the security of your ecosystem.
  Achieve trust, transparency and security with a single platform. A leading solution for companies looking to digitise and automate their risk management, leveraging Intelligence, Diligence and Security.
  
  Achieve trust, transparency and security with a single platform. A leading solution for companies looking to digitise and automate their risk management, leveraging Intelligence, Diligence and Security.
Insights
- eBooks
- Articles
- Webinars
- Whitepapers
- Newsletters
  MONTHLY
  Risk Committee
  Insights into the key events in the world’s banks and markets from our team of analysts, FMI experts and network managers.
  
  DORA Digest
  Stay ahead of developments as implementation of the Digital Operational Resilience Act enters its final stages.
  
  WEEKLY
  Cyber Series
  Each week, our cyber security experts take an in-depth look at the key issues and events shaping the digital world.
  MONTHLY
  Risk Committee
  Insights into the key events in the world’s banks and markets from our team of analysts, FMI experts and network managers.
  
  DORA Digest
  Stay ahead of developments as implementation of the Digital Operational Resilience Act enters its final stages.
  
  WEEKLY
  Cyber Series
  Each week, our cyber security experts take an in-depth look at the key issues and events shaping the digital world.
Customers
About Us

Under cyber attack?

Call our incident response team 24/7 on +44 (0) 207 459 4888 for immediate help from our friendly experts

17 January 2024

Managing third-party cyber risk in the supply chain

Third parties are often a vital part of delivering mission-critical products and services on behalf of client organisations. This creates numerous risks, especially because of the data sharing that is now necessary for the modern supply chain to function.

Third-Party Risk Management eBooks

Supply chain attacks have become the preferred method of many cyber threat actors. This has implications for all organisations, and carries added weight for those in regulated industries. The EU’s Digital Operational Resilience Act (DORA), which targets third-party IT suppliers to the financial sector, is just one example of how regulators and legislators are attempting to combat this risk.

Our downloadable PDF will guide you through what the threat of cyber risk means for your organisation, how you can assess and reduce this risk, and what the emerging and current trends are.

Download your eBook today and be ready for tomorrow’s challenges.

Third-Party Risk Management eBook

Fill out the form to download your copy

Insights

Enterprise risk management: Its unique role in financial market infrastructures

26.06.2024

6 min read

Financial Markets

Third-Party Risk Management

Enterprise risk management: Its unique role in financial market infrastructures

Enterprise risk management (ERM) is a comprehensive, systematic approach to identifying, assessing, managing, and monitoring an organisation’s risks.

Regulating Australian financial services: Meet APRA Standard CPS 234

10.06.2024

3 min read

Third-Party Risk Management

Regulating Australian financial services: Meet APRA Standard CPS 234

APRA Standard CPS 234 is a prudential standard created by the Australian Prudential Regulation Authority (APRA).

The three lines of defence model and third-party risk management

13.05.2024

3 min read

Third-Party Risk Management

The three lines of defence model and third-party risk management

The ‘three lines of defence model’ is widely recognised in the world of audit as an effective framework for risk management and internal control.

Pair of wandering albatrosses flying above grassy hill, with snowy mountains and light blue ocean in the background, South Georgia Island, Antarctica. Understanding inherent risk and residual risk.

12.03.2024

3 min read

Third-Party Risk Management

Understanding inherent risk and residual risk

Knowing the difference between inherent risk and residual risk is key to good risk management processes.

Our experts

Roland Thomas

Roland Thomas

Associate Director | Cyber Risk

rthomas@thomasmurray.com

Phoebe Jordan , Managing Director | TPRM

Phoebe Jordan

Managing Director | TPRM

pjordan@thomasmurray.com