The Risk
Network Management teams are responsible for managing their banks’ global networks of agent banks. Understanding and monitoring these sub-custodians, who are engaged by Global Custodians to support clients’ foreign investments, is an operational, risk and regulatory requirement. Managing these complex global networks is time-consuming, costly and requires significant expertise – and was made no easier by the covid pandemic rendering on-the-ground due diligence impossible.
The Solution
Eighty percent of Global Custodian banks partner with Thomas Murray to support their Network Management. Thomas Murray provides continuous support for Bank Network Management teams, assessing over 360 sub-custodian banks in 95 markets globally. The service assists banks in meeting regulatory (CASS, AIFMD, UCITS V), fiduciary, client and internal obligations. Our unique model enables banks to share the costs of this monitoring with other Thomas Murray clients.
All agent banks are subject to annual due diligence using the industry standard AFME Due Diligence questionnaire and supplemented by Thomas Murray’s key risk questions. Thomas Murray’s analysts perform on-site operational reviews to validate these responses, ensuring their accuracy and reliability.
We safeguard clients and their communities
Petroleum Development Oman Pension Fund
“Thomas Murray has been a very valuable partner in the selection process of our new custodian for Petroleum Development Oman Pension Fund.”
ATHEX
"Thomas Murray now plays a key role in helping us to detect and remediate issues in our security posture, and to quantify ATHEX's security performance to our directors and customers."
Northern Trust
“Thomas Murray provides Northern Trust with a range of RFP products, services and technology, delivering an efficient and cost-effective solution that frees our network managers up to focus on higher Value activities.”
Insights
Why Cybersecurity Due Diligence is Critical to Deal Completion
It’s a common story: after months of meticulous financial, operational, and market analysis, a critical finding emerges in the final weeks before deal closure – threatening what seemed like a near-certain transaction with a three-month delay.
DORA Compliance Checklist: Practical Guidance for Q4 and 2026
Our structured, expert-led checklist, will help you to prioritise and demonstrate readiness to supervisors and regulators.
Ransomware at Europe’s Airports: Case for Community-Driven Third Party Risk Management
The recent ransomware attack on Collins Aerospace’s Muse software, which brought chaos to airports across Europe, serves as a stark reminder of a critical gap in how organisations approach Third Party Risk Management (TPRM).
JLR Cyber Attack: What it Means for Private Equity, Credit, and Equity Investments
From the iconic E-Type Jaguar to images of the late Queen driving modern Range Rovers on her estate, JLR has long held a uniquely British place in the national consciousness, even under Tata ownership. The incident has affected the owners of the business, the supply chain, and customers, and offers learnings for the Private Equity (PE) industry.
Contact an expert
