Third Party Therapy

How do you build a supply chain that doesn't just survive disruption but thrives through it? Mike Day is joined by Professor Richard Wilding OBE, Emeritus Professor of Supply Chain Strategy, to bridge the gap between academic theory and frontline risk management.Professor Wilding shares his expert perspective on why the "Cost to Serve" must be applied to risk, how to segment vendors effectively, and why "Robustness" is no longer enough in a volatile global economy.🕒 Timestamps:00:00 – Introduction: Bringing the Academic Lens to TPRM.03:45 – Richard’s journey: From Engineering and the "Brit Industry" to OBE.14:20 – Why "Efficiency" is a dangerous goal for modern supply chains.25:10 – Resilience vs. Robustness: What’s the difference?38:45 – The Cost to Serve: Why you shouldn't treat every vendor the same.52:30 – Advice for the next generation of supply chain leaders.SEO Keywords: #SupplyChain #Logistics #Procurement #RichardWilding #RiskManagement #Resilience #Strategy #OBE

Clarence Chio, founder of Coverbase and a Stanford-trained engineer who built AI tools for cybersecurity and AML, discusses rethinking third-party risk. He argues against speeding up old checklists and explores AI-driven trust, continuous monitoring, contract visibility, and integrating risk across procurement, intake, and operations. Short, practical ideas on reducing friction while improving insight.

Mo Randeree, TPRM and resilience leader at Atom Bank with a background in PwC assurance, discusses integrating procurement, third‑party risk and resilience. He talks about breaking silos, shifting risk from policing to partnering, practical Google Gemini/AI uses to automate supplier assessments, and building an integrated operating model that speeds onboarding and drives value.

Layla White, founder of TechPassport and former financial services procurement lead, explains mapping beyond immediate suppliers. She explores fourth- and fifth-party blind spots, why supplier-validated data beats web-scraping, hidden concentration risk like cloud outages, and how early-stage vendors change resilience and onboarding dynamics.

Great conversation with Robert Hannigan from Blue Voyant, former Director of GCHQ and author of "Counter Intelligence - What The Secret World Can Teach Us About Problem Solving & Creativity". Talking about the business model of cyber crime, how companies can protect themselves and the role of the human in combatting the cyber criminal.

Charlie Lewis, a McKinsey leader in cyber resilience focused on supplier nth‑party and supply‑chain risk, walks through why modern supply chains create complex cyber exposures. He discusses rising interconnectivity, attacker economics, critical infrastructure dependencies, regulation gaps, practical segmentation and business-continuity tactics, plus where automation and productized risk management are headed.

Third Party Therapy – Episode 13AI Unleashed: Transforming Third-Party RiskGuest: Natalie Druckmann, Head of EMEA at CertaHost: Mike DayEpisode SummaryHow is artificial intelligence reshaping third-party risk management? In this episode, Mike Day speaks with Natalie Druckmann from Certa, exploring how AI can transform due diligence, regulatory compliance, and supplier oversight. Natalie shares her journey from delivery and procurement into technology leadership, before unpacking the real-world use cases that are redefining TPRM—from automating document review to interpreting complex regulations like DORA. Together, they discuss how organisations can move from spreadsheet chaos to continuous monitoring, and from compliance overhead to strategic insight.Key TopicsNatalie's path from practitioner to tech leaderThe evolution of TPRM tech: from Excel → platforms → modular AI solutionsIndustry maturity: financial services vs pharma, retail, and defenceUsing AI to analyse supplier evidence, interpret new regulations, and enable 'risk management by exception'Why 'process → people → platform' is the right order for successCommon pitfalls in adopting technologyThe future of TPRM: faster onboarding, smarter risk insight, and human + AI collaborationMemorable Quotes“We fixed the problem of not knowing—and created the problem of knowing too much.”“AI in TPRM isn’t about replacing people; it’s about freeing them to focus where it matters.”“Process first, people second, platform third.”Takeaways✅ Start with why and who, before deciding what or how.✅ Design your process first—technology won’t fix a broken one.✅ Use AI for transparency, not black-box decisions.✅ Adopt a base-plate approach: start simple, build as you mature.✅ Aim for risk management by exception, not exhaustion.Links & Resources🌐 thirdpartytherapy.com – show archive 🤖 certa.ai – learn more about Certa’s AI-driven risk solutions💬 Connect with Mike Day on LinkedIn for future episodes

Dharminder Mehmi, former FCA regulator turned Legal & General third-party risk lead, shares his journey from regulator to practitioner. He discusses differences between FCA and PRA approaches, regulatory frameworks like DORA and CTP, supply-chain blind spots, emerging tech risks such as AI and quantum, and practical starters for building effective TPRM programs.

Harj Mattu, a Deloitte partner with 16 years building TPRM and contract lifecycle tech, guides a tour of the TPRM technology landscape. He contrasts legacy suites and new niche entrants. He highlights AI use cases like document review, orchestration and chat interfaces. He also covers integration trade-offs, regulatory drivers and how to avoid overcomplicating implementations.

Oliver Jones, a procurement and TPRM consultant with deep financial‑services experience, discusses TPRM’s rise from a procurement sub‑function to board‑level focus. He explores scope divergence, reporting lines, and how digital tools like S2C and CLM can centralise supplier data. They cover single‑door intake, market platforms for due diligence, people‑first stakeholder work, and common transformation pitfalls.