Understanding vendor risk

In this roundtable our experts will delve into how best to understand the complexity of your vendor relationships to effectively mitigate vendor risk.


Understanding vendor risk: Making risk decisions for Vendors and Fourth Parties 

Exclusive Virtual Briefing
Wednesday, March 24 | 15:20am GMT


Third party risk management continues to draw the focus from regulators, senior management and the board. TPRM decisions are critical to keeping a business on track. Despite enhanced efforts, risk teams are struggling to assess the risk and financial impact of vendors and find a cost-effective way to mitigate the risk. Tackling this challenge is an essential step in truly understanding the firm’s risk profile and implementing effective risk mitigation plans.

So how should you approach understanding quantifying a complex, non-transparent risk? In this roundtable our experts will delve into how best to understand the complexity of your vendor relationships to effectively mitigate vendor risk. 

  • Gain the exclusive insights and practical tools you need to:
  • Quantify TPRM beyond traditional methods
  • Determine risk appetite for vendor like other risks
  • Link cyber risk with critical vendors
  • Identify key metrics to communicate third and fourth party risk to the board
  • Create risk appetite with relevant metrics

The roundtable will provide essential viewing for risk leaders aiming to get a better handle on TPRM in 2021.

Amit Lakhani

Head of operational risk controls for ICT and third party management for corporate and institutional banking

BNP Paribas

Amit is a thorough IT Risk and Information Security Leader with a proven track record of leading, developing, designing and delivering wide variety of programs over the span of last 15+ years. Amit has a particular interest in raising information risks at board level and enabling business through mitigation or avoidance of IT risks through industry-accepted and sometimes cutting-edge solutions.

Amit has presented and published a number of research papers, articles and chapters in the Information Security field. His key focus has always been keeping the balance between business, technological and operational issues. In his most recent position at BNP Paribas, Amit leads the IT Risks and Third party risk management practices globally for the Corporate and Institutional Banking business. He has developed and implemented robust methodologies for effective IT risk management and is embedding a strong framework for internal and external vendor risk management.

Chris Harner

FRM Managing Director


Chris leads Milliman’s Cyber Risk Solutions (CRS). The practice offers clients innovative solutions for quantfying complex risks, including cyber, vendor, conduct and operational risk. CRS uses causal modeling integrating cognitive mapping, complexity science and Bayesian nets to quantify and aggregate risk. The solution can also be applied to cyber underwriting, accumulation risk and non-affirmative (i.e., silent cyber) risk. Lastly, CRS integrates artificial intelligence and machine learning (AI/ML) to construct sentiment analysis, distinguishing “signal” from noise in order to provide clients with an emerging threat framework.


Chris has 20+ years of broad industry experience in banking, insurance and consulting. His international experience spans work in Zurich, London, Athens, Moscow and New York. Previous employment included: UBS, Renaissance Capital, ABN Amro, Frank Russell Securities and AIG. 

Prior to joining Milliman, Chris was a Senior Manager in EY’s Enterprise Risk Services (ERS) practice serving banking and insurance clients for 8 years. 
Professional experience and subject matter advisory include:

  • ERM frameworks, assessments, governance
  • Operational and compliance risk
  • Preparing for regulatory supervision (FRB, OCC) and conducting regulatory remediation
  • Designing Integrated FP&A frameworks
  • Complex project management, including leading large teams, interfacing with SMAs executive stakeholders. 
  • Twenty years of experience in financial services and risk management
  • Ten years of experience in fixed income
  • Eight years of experience in Emerging Markets with an emphasis on Russia and Eastern Europe.


  • BA Foreign Language / International Affairs (FLIA), University of Puget Sound 
  • MBA, International Finance, Thunderbird, School of Global Management
  • FRM, Financial Risk Manager – Certified by GARP

Chris is fluent in German and Russian.

Chris Beck

Managing director


Chris is a member of Milliman’s Cyber Risk Solutions (CRS) practice group.  The practice delivers a portfolio of risk consulting services, such as enterprise risk design, cyber risk assessment and quantification, test and build projects, operational risk assessments, enterprise risk management (ERM) education and training, and ERM technology evaluation. The CRS practice uses diagnostic consulting strategies to understand an organization’s enterprise risk goals and challenges and then customize solutions to deliver required business results. 


Chris has 15 years of professional experience.  His experience includes work in the banking, insurance, capital markets and card sectors helping clients assess and mitigate risk. 

Prior to joining Milliman, Chris was a Senior Manager in Accenture’s Finance and Risk Management Consulting practice, delivering work for global financial service clients.   Additionally, Chris served as an active duty Naval Officer and has multiple overseas deployments. 

Professional experience and subject matter advisory includes: 

  • Cyber Security metrics and governance
  • Financial Service Regulatory and Compliance initiatives
  • Risk Management 
  • Corporate and Risk Governance
  • Surveillance 
  • Financial Services operating model and cost reduction
  • Regulatory remediation and responses
  • Legal department risk and optimization
  • Leading large cross functional projects and teams


  • BS Political Science, University of Wisconsin–Madison
  • MBA, University of Chicago – Booth School of Business

If you have any questions about this virtual briefing, please don't hesitate to contact us: