With lower profit margins and regulatory fines, the financial industry faces various challenges. In order to address cost pressure, organisations started to leverage the capabilities of professional services. In parallel, regulators started to address lessons learnt from the financial crisis. Released regulations included various requirements to ensure appropriate risk management when Offshoring and/or Outsourcing business activities.

Has the regulator indicated that your company needs to improve some aspects of your offshoring & outsourcing risk management?
Are you facing repeated operational losses, service outages or similar unexpected events?

In order to manage risks associated with offshoring & outsourcing of business activities as well as to comply with respective regulatory requirements, Hedron Management Consulting advices on following key components:OOFramework

  • Assessment of new Offshorings/ Outsourcings needs to be executed to identify outsourcings risks, determine materiality, prepare/implement management measures and evaluate compliance with applicable regulations.
  • Agreements need to be signed and maintained in order to managed rights & responsibilities of all contractual partners.¬†
  • Governance & Policy ensure appropriate involvement of senior management, regulatory communication and establishment of effective controls.
  • Monitoring comprises all activities around active management of the offshored/outsourced business activity. It covers performance & risk management, suitable reporting, execution of mentioned controls, Business Continuity Management, contingency strategies and independent reviews by audit.
  • Lifecycle Management covers all phases of the outsourcing arrangement from draft of the business case to termination/closure. Result is a complete and consistent inventory.

How Hedron Management Consulting can help you:
Based on extensive experience with outsourcing risk management and mitigation, Hedron Management Consulting can advise and support you to ensure an efficient and effective risk management of outsourced business activities. This includes compliance with applicable regulations such as APRA CPS 231 and ASX Guidance Note 9 for the Australian market as well as respective guidance from regulators in Asia and Europe.


  • Gap analysis of outsourcing risk management framework and compliance status
  • Action plan outlining targeted business improvements and necessary change measures
  • Lead or support of adjustment of the existing Offshoring & Outsourcing Risk Management framework
  • Lead or support of remediation activities in case of internal audit or regulatory findings
  • Embedment of the Offshoring & Outsourcing Risk Management framework into the organisational risk management framework
  • Plan with measures to ensure sustainability, effectiveness and efficiency over time