Third-party risk management compliant with DORA and EBA Guidelines
Our software for Third Party Risk and Outsourcing Management enables organizations to efficiently, transparently, and compliantly initiate, manage, and terminate outsourcing arrangements, ICT services, and subcontracting—fully aligned with DORA, EBA guidelines, MaRisk, and BAIT. Leveraging AI and a high degree of automation, our platform ensures excellent usability, data quality, and auditability across the entire third-party risk lifecycle.

Leno TPRM
Third-party risk management compliant with DORA and EBA Guidelines
Our software for Third Party Risk and Outsourcing Management enables organizations to efficiently, transparently, and compliantly initiate, manage, and terminate outsourcing arrangements, ICT services, and subcontracting—fully aligned with DORA, EBA guidelines, MaRisk, and BAIT. Leveraging AI and a high degree of automation, our platform ensures excellent usability, data quality, and auditability across the entire third-party risk lifecycle.
The use of AI and a high degree of automation ensure excellent usability, data quality and audit security.
DORA-konform, automatisiert & KI-unterstützt
With Leno TPRM, you can fulfill reporting requirements at any time at the push of a button. Information registers and outsourcing registers as well as reports in accordance with MaRisk, EBA Outsourcing Guidelines and DORA can be created and exported in the appropriate format and on a specific deadline with just one click. Reporting outsourcing in accordance with the notification ordinance is also possible with XML export.
Risikoanalyse
Regulatorik-konforme Risikoanalyse, Dienstleister-Due Diligence und Exit-Strategien sowie automatisiertes Maßnahmenregister und rollengerechtes Einbinden der relevanten Kontrollfunktionen und der internen Revision
Informationsregister
Vollautomatisiertes und Echtzeit-Auslagerungs- bzw. Informationsregister gem. DORA mit einer hierarchischen Darstellung aller Dienstleistungen und Sub-Dienstleistungen auf Gruppen- und Einzelinstitutsebene
Klassifizierung
Durchführung einer dynamischen Identifikation eines KI-Systems unter Berücksichtigung der AI Act & Best Practices
Steuerung
Erstellung von Ad-hoc und regelmäßigen Berichten basierend auf Standard-KPIs/KRIs auf Auslagerungs- und Portfolioebene sowie Durchführung von Kontrollen und Steuerung von Aufgaben

Enter service providers & services
With LenoTPRM, you can create and classify service providers and services along the entire supply chain efficiently and in compliance with regulations using AI. This gives you a clear overview of your external contracts and service providers at any time.
.png)
Evaluate risks and determine criticality/materiality
With Leno TPRM, you can determine the criticality of ICT services and the significance of outsourcing in an audit-proof, user-friendly and automated manner. Leno TPRM offers a compliance-compliant risk analysis that can be used to identify, assess and mitigate risks.

Due diligence & contract review
Leno TPRM enables risk-oriented due diligence and regulatory-compliant contract review. AI-based contract review ensures that service provider contracts meet all compliance and security requirements.

Exit Strategy
In Leno TPRM, you can create your exit strategies for planned and unplanned terminations of critical ICT services or major outsourcing in a systematic and user-friendly way. With a dynamic selection of options for action and plans, you remain prepared for changes at any time.

Register of Information
With Leno TPRM, you can fulfill reporting requirements at any time at the push of a button. Information registers and outsourcing registers as well as reports in accordance with MaRisk, EBA Outsourcing Guidelines and DORA can be created and exported in the appropriate format and on a specific deadline with just one click. Reporting outsourcing in accordance with the notification ordinance is also possible with XML export.

Monitoring & reporting
Leno TPRM offers the option of creating monitoring reports on a regular basis. These include KPIs and KRIs for the outsourced services and the service provider. Reports, etc. can be attached to the KPIs and historicized. ICT incidents can be recorded and, if necessary, reported in accordance with BaFin requirements.

Automated, compliant & AI-based
The Outsourcing Management module is suitable for both financial institutions and ICT service providers who must meet the contractual requirements of their regulated customers.




Specialized know-how in all aspects of outsourcing management

Our consultants are very familiar with Leno TPRM and are significantly involved in the technical design
.png)
We have many years of project management and consulting experience and a hands-on mentality
Our experts are always by your side
Put your outsourcing management in good hands — we will support you in all project phases as part of the implementation of Leno TPRM.