Yes, as a modern cloud platform, Leno allows for No-Code configuration. The solution is highly scalable and can be flexibly adapted to your internal structures, processes, and permission sets without any programming effort.

Leno eliminates manual errors through high-level automation and integrated AI. Structured workflows and built-in regulatory expertise replace tedious email-based coordination and static lists with a modern, digital process.

Yes, Leno eliminates fragmented data silos by seamlessly linking vendors directly to their corresponding contracts, risks, and mitigation measures. This seamless integration prevents redundant data entry and ensures full transparency.

Leno is a modular GRC platform designed to digitalize and automate Governance, Risk & Compliance. It serves as a central hub for Third-Party Risk Management (TPRM), Contract Lifecycle Management (CLM), Information Security (ISM), and BCM.

A third-party arrangement refers to any contractual agreement in which an external service provider delivers services for a financial institution. This includes both outsourcing in the regulatory sense as well as other ICT and non-ICT services.

Thanks to pre-defined GRC templates and expert onboarding support, you can achieve a rapid "Go-Live". We guide you from initial data migration to full production to ensure a smooth transition.

Third-party arrangements are subject in particular to the requirements of MaRisk and the EBA Guidelines on Sound Third Party Risk Management. Depending on the type of service, additional regulatory requirements may also be relevant, such as DORA for ICT services.

Yes, Leno supports English and German as standard. Additional languages for international GRC teams can be added upon request to support your global compliance operations.

Security is ensured through Single Sign-On (SSO) and role-based access control (RBAC). Leno provides hosting and support directly from Germany, adhering to the highest security standards and architectural requirements.

Outsourcing and Third Party Risk Management under MaRisk and EBA guidelines relates to non-ICT third-party arrangements, including outsourcing. DORA complements this approach and focuses exclusively on ICT services and digital operational resilience. Both frameworks share the same goal - strengthening third-party risk management - but are clearly distinct. The challenge lies in correctly distinguishing between ICT and non-ICT third-party arrangements. Leno handles this distinction for you - AI-supported and in compliance with regulations.

‍

Leno is modular and fully integrated. We offer specialized modules: Leno TPRM (Third-Party Risk & Outsourcing), Leno CLM (Contract Management), and Leno ISM (Information Security & BCM). All modules work together to form a holistic GRC ecosystem.

Leno provides all information on third-party arrangements in a consistent, up-to-date, and audit-proof manner. Assessments, approvals, and changes are fully documented and can be accessed at the push of a button.

Leno's AI supports financial institutions in the efficient and consistent management of third-party arrangements. It helps, among other things, to automatically classify services, analyze relevant information from contracts, and structurally capture provider data. Additionally, the AI can utilize external and internal data sources to automatically update provider information. This reduces manual effort while improving transparency, data quality, and traceability.