Yes, as a modern cloud platform, Leno allows for No-Code configuration. The solution is highly scalable and can be flexibly adapted to your internal structures, processes, and permission sets without any programming effort.

Leno eliminates manual errors through high-level automation and integrated AI. Structured workflows and built-in regulatory expertise replace tedious email-based coordination and static lists with a modern, digital process.

Yes, Leno eliminates fragmented data silos by seamlessly linking vendors directly to their corresponding contracts, risks, and mitigation measures. This seamless integration prevents redundant data entry and ensures full transparency.

Leno is a modular GRC platform designed to digitalize and automate Governance, Risk & Compliance. It serves as a central hub for Third-Party Risk Management (TPRM), Contract Lifecycle Management (CLM), Information Security (ISM), and BCM.

ICT third-party providers are external service providers that deliver information and communication technology services for a financial institution.

Thanks to pre-defined GRC templates and expert onboarding support, you can achieve a rapid "Go-Live". We guide you from initial data migration to full production to ensure a smooth transition.

Financial institutions must, in particular under DORA (Digital Operational Resilience Act), systematically record, assess, and monitor ICT third-party providers.

Yes, Leno supports English and German as standard. Additional languages for international GRC teams can be added upon request to support your global compliance operations.

Security is ensured through Single Sign-On (SSO) and role-based access control (RBAC). Leno provides hosting and support directly from Germany, adhering to the highest security standards and architectural requirements.

ICT third-party providers are often critical to business operations. Disruptions, security incidents, or dependencies can directly impact business continuity, information security, and regulatory compliance.

Leno is modular and fully integrated. We offer specialized modules: Leno TPRM (Third-Party Risk & Outsourcing), Leno CLM (Contract Management), and Leno ISM (Information Security & BCM). All modules work together to form a holistic GRC ecosystem.

Leno helps financial institutions centrally, structurally, and in a regulatory-compliant manner manage ICT third-party providers. All relevant providers are recorded consistently, risks are assessed comparably, and changes are continuously monitored. Decisions, assessments, and actions are documented in a traceable manner and are always audit-proof.

ICT services are considered critical if they support critical or important functions. The classification is risk-based and depends on the significance of the supported functions for the institution - not on contract volume or provider size.

This is distinct from whether an ICT provider is classified as a critical third-party by the supervisory authority and subject to corresponding oversight.

‍