Third-party risk management compliant with DORA and EBA Guidelines
Our software for Third Party Risk and Outsourcing Management enables organizations to efficiently, transparently, and compliantly initiate, manage, and terminate outsourcing arrangements, ICT services, and subcontracting—fully aligned with DORA, EBA guidelines, MaRisk, and BAIT. Leveraging AI and a high degree of automation, our platform ensures excellent usability, data quality, and auditability across the entire third-party risk lifecycle.
Daten synchronisieren mit
Leno TPRM
Third-party risk management compliant with DORA and EBA Guidelines
Our software for Third Party Risk and Outsourcing Management enables organizations to efficiently, transparently, and compliantly initiate, manage, and terminate outsourcing arrangements, ICT services, and subcontracting—fully aligned with DORA, EBA guidelines, MaRisk, and BAIT. Leveraging AI and a high degree of automation, our platform ensures excellent usability, data quality, and auditability across the entire third-party risk lifecycle.
The use of AI and a high degree of automation ensure excellent usability, data quality and audit security.
.png)
.png)
.png)
.png)
.png)
DORA-konform, automatisiert & KI-unterstützt
With Leno TPRM, you can fulfill reporting requirements at any time at the push of a button. Information registers and outsourcing registers as well as reports in accordance with MaRisk, EBA Outsourcing Guidelines and DORA can be created and exported in the appropriate format and on a specific deadline with just one click. Reporting outsourcing in accordance with the notification ordinance is also possible with XML export.
Risikoanalyse
Regulatorik-konforme Risikoanalyse, Dienstleister-Due Diligence und Exit-Strategien sowie automatisiertes Maßnahmenregister und rollengerechtes Einbinden der relevanten Kontrollfunktionen und der internen Revision
Informationsregister
Vollautomatisiertes und Echtzeit-Auslagerungs- bzw. Informationsregister gem. DORA mit einer hierarchischen Darstellung aller Dienstleistungen und Sub-Dienstleistungen auf Gruppen- und Einzelinstitutsebene
Klassifizierung
Durchführung einer dynamischen Identifikation eines KI-Systems unter Berücksichtigung der AI Act & Best Practices
Steuerung
Erstellung von Ad-hoc und regelmäßigen Berichten basierend auf Standard-KPIs/KRIs auf Auslagerungs- und Portfolioebene sowie Durchführung von Kontrollen und Steuerung von Aufgaben
Enter service providers & services
With LenoTPRM, you can create and classify service providers and services along the entire supply chain efficiently and in compliance with regulations using AI. This gives you a clear overview of your external contracts and service providers at any time.
Evaluate risks and determine criticality/materiality
With Leno TPRM, you can determine the criticality of ICT services and the significance of outsourcing in an audit-proof, user-friendly and automated manner. Leno TPRM offers a compliance-compliant risk analysis that can be used to identify, assess and mitigate risks.
Due diligence & contract review
Leno TPRM enables risk-oriented due diligence and regulatory-compliant contract review. AI-based contract review ensures that service provider contracts meet all compliance and security requirements.
Exit Strategy
In Leno TPRM, you can create your exit strategies for planned and unplanned terminations of critical ICT services or major outsourcing in a systematic and user-friendly way. With a dynamic selection of options for action and plans, you remain prepared for changes at any time.
Register of Information
With Leno TPRM, you can fulfill reporting requirements at any time at the push of a button. Information registers and outsourcing registers as well as reports in accordance with MaRisk, EBA Outsourcing Guidelines and DORA can be created and exported in the appropriate format and on a specific deadline with just one click. Reporting outsourcing in accordance with the notification ordinance is also possible with XML export.
Monitoring & reporting
Leno TPRM offers the option of creating monitoring reports on a regular basis. These include KPIs and KRIs for the outsourced services and the service provider. Reports, etc. can be attached to the KPIs and historicized. ICT incidents can be recorded and, if necessary, reported in accordance with BaFin requirements.
Automated, compliant & AI-based
The Outsourcing Management module is suitable for both financial institutions and ICT service providers who must meet the contractual requirements of their regulated customers.
Specialized know-how in all aspects of outsourcing management
Our consultants are very familiar with Leno TPRM and are significantly involved in the technical design
.avif)
We have many years of project management and consulting experience and a hands-on mentality
Our experts are always by your side
Put your outsourcing management in good hands — we will support you in all project phases as part of the implementation of Leno TPRM.
Learn more about this module
Learn how Leno helps you manage your business processes, risks, and compliance requirements efficiently and transparently.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
Leno TPRM is designed for financial institutions, insurance companies, ICT service providers, and other regulated organizations that need to meet legal requirements for outsourcing management or aim to make their compliance processes more efficient.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
Yes. You can request a free demo at any time to experience Leno TPRM in action.
Simply click the “Request Demo” button to schedule your session.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
Yes. Leno TPRM provides complete transparency across outsourcing chains, including all sub-outsourcings.This gives you a clear overview of dependencies and risks throughout your entire supply chain at all times.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
Leno TPRM is a specialized software solution for Third Party Risk Management (TPRM) and outsourcing management. It supports financial institutions such as banks, insurance companies, and financial service providers in the compliant management of outsourcing activities, ICT services, and sub-outsourcing in accordance with DORA, MaRisk, and EBA guidelines.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
- Automated and AI-powered identification and classification of service providers and services
- Risk assessment including criticality and materiality analysis
- Due diligence and AI-based contract review
- Creation and management of exit strategies
- Automated outsourcing and information register
- Monitoring, reporting, and KPI/KRI tracking
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
Leno TPRM helps you meet key regulatory requirements such as:
- DORA (Digital Operational Resilience Act)
- MaRisk (Minimum Requirements for Risk Management)
- EBA Guidelines on Outsourcing Arrangements
- German Outsourcing Notification Regulation (AnzV)
This ensures that you are fully prepared for audits and supervisory reviews.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
- High degree of automation through AI
- Audit-proof processes and documentation
- User-friendly interface
- Individually configurable workflows
- Fast and efficient approval processes
- Expert consulting during implementation and rollout
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
Our experts support you throughout all project phases — from requirements analysis to implementation and user training.You benefit from our regulatory expertise, project experience, and hands-on approach.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
The integrated AI automatically analyzes service provider contracts and checks them for regulatory minimum requirements according to DORA, the EBA Guidelines on Outsourcing, and MaRisk.
A structured report is generated that shows which requirements are covered in the contract and where potential gaps exist.
This allows you to identify risks and improvement areas at a glance — without manually reviewing each document.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
Leno TPRM ensures that all outsourcing management processes – from identification and risk analysis to exit strategy – are fully DORA-compliant. The system also enables the automated creation of the information register with a single click.
Automate your outsourcing management
Discover how Leno TPRM supports financial institutions in efficiently and transparently managing outsourcing, ICT services, and related risks.
1. What is Leno TPRM?
Leno TPRM is a specialized software solution for Third Party Risk Management (TPRM) and outsourcing management.It supports financial institutions such as banks, insurance companies, and financial service providers in the compliant management of outsourcing, ICT services, and sub-outsourcing in accordance with DORA, MaRisk, and the EBA Outsourcing Guidelines.
2. Who is Leno TPRM designed for?
Leno TPRM is aimed at financial institutions, insurers, ICT service providers, and other regulated entities that must meet regulatory requirements for outsourcing management or wish to make their compliance processes more efficient.
3. Which regulatory requirements does Leno TPRM cover?
Leno TPRM helps you meet key regulatory requirements such as:
- DORA (Digital Operational Resilience Act)
- MaRisk (Minimum Requirements for Risk Management)
- EBA Guidelines on Outsourcing Arrangements
- German Outsourcing Notification Regulation (AnzV)
This ensures that you are fully prepared for audits and supervisory reviews.
4. What are the main features of Leno TPRM?
- Automated, AI-powered registration and classification of service providers and services
- Risk assessment, including criticality and materiality analysis
- Due diligence and AI-based contract review
- Creation and management of exit strategies
- Automated outsourcing and information register
- Monitoring, reporting, and KPI/KRI tracking
5. How does Leno TPRM support DORA compliance?
Leno TPRM ensures that all outsourcing management processes – from identification and risk analysis to exit strategy – are fully DORA-compliant. The system also enables the automated creation of the information register with a single click.
6. How does the AI-based contract review work?
The integrated AI automatically analyzes service provider contracts and checks them for regulatory minimum requirements according to DORA, the EBA Guidelines on Outsourcing, and MaRisk.
A structured report is generated that shows which requirements are covered in the contract and where potential gaps exist.
This allows you to identify risks and improvement areas at a glance — without manually reviewing each document.
7. Can sub-outsourcing be mapped as well?
Yes. Leno TPRM provides complete transparency across outsourcing chains, including all sub-outsourcings.This gives you a clear overview of dependencies and risks throughout your entire supply chain at all times.
8. What advantages does Leno TPRM offer compared to traditional solutions?
- High degree of automation through AI
- Audit-proof processes and documentation
- User-friendly interface
- Individually configurable workflows
- Fast and efficient approval processes
- Expert consulting during implementation and rollout
9. How is Leno TPRM implemented?
Our experts support you throughout all project phases — from requirements analysis to implementation and user training.You benefit from our regulatory expertise, project experience, and hands-on approach.
10. Can I test Leno TPRM free of charge?
Yes. You can request a free demo at any time to experience Leno TPRM in action.
Simply click the “Request Demo” button to schedule your session.
Leno CLM – Automate Your Contract Management
Discover how Leno CLM helps organizations efficiently, securely, and transparently manage the entire contract lifecycle – from contract creation to archiving.
1. What is Leno CLM?
Leno CLM is a specialized software solution for Contract Lifecycle Management.
It supports organizations in creating, managing, monitoring, and analyzing contracts throughout their entire lifecycle – fully digital, secure, and compliant.
2. Who is Leno CLM designed for?
Leno CLM is suitable for organizations of all sizes, particularly those in regulated industries such as financial services, energy, healthcare, and manufacturing that aim to automate their contract processes and minimize risks.
3. What challenges does Leno CLM solve?
Many organizations struggle with scattered contract data, manual processes, and lack of transparency.
- Leno CLM addresses these challenges through:
- A centralized, audit-proof contract repository
- Automated workflows and approval processes
- AI-powered contract analysis and risk assessment
- Automatic reminders for deadlines, renewals, and terminatio
4. What are the key features of Leno CLM?
- AI-based contract creation and review
- Versioning and change tracking
- Automated approval workflows
- Digital signatures (e.g., DocuSign, Adobe Sign)
- Contract and deadline management
- Reporting and audit trail
5. How does Leno CLM support compliance?
Leno CLM ensures that all contract processes are fully compliant – from internal policies to external regulations such as DORA, MaRisk, EBA, and GDPR.
The platform automatically documents all changes and approvals, ensuring audit readiness at any time.
6. How does the AI-powered contract review work?
The integrated AI automatically detects key terms, clauses, and risks in contract documents.
It checks whether all essential requirements (e.g., liability, data protection, SLAs) are included and highlights potential gaps or deviations.
This saves time and significantly reduces legal risks.
7. How does Leno CLM enhance collaboration between teams?
With centralized workflows and automated notifications, legal, procurement, compliance, and business departments can collaborate seamlessly.
All stakeholders access the same up-to-date contract data – without version conflicts or endless email threads.
8. What are the benefits of Leno CLM compared to manual processes?
- Up to 70% time savings in contract creation
- Reduced compliance risks through standardized review processes
- Faster approvals via automated workflows
- Improved negotiation position through data-driven contract insights
9. Is Leno CLM customizable?
Yes. Leno CLM can be tailored to your internal processes, approval levels, and role structures.
Thanks to its modular architecture, the solution can be expanded step by step – for example, with TPRM, DORA, or ESG modules.
10. How is Leno CLM implemented?
-Implementation is carried out in several stages:
- Analysis of your existing contract processes
- Customization of Leno modules to your requirements
- Migration of existing contract data
- Training of your teams
- Go-live & ongoing support
- The onboarding process is guided by Leno experts to ensure a smooth transition.
Leno ISR – Strengthen Your Information Security and Resilience
Discover how Leno ISR helps organizations automate, monitor, and continuously improve their Information Security and Business Continuity Management processes – fully compliant with DORA, ISO 27001, IT Baseline Protection, and other key regulations.
1. What is Leno ISR?
Leno ISR is a specialized software solution for Information Security and Business Continuity Management (BCM).
It enables organizations to map their entire information network and to perform and document protection needs assessments, business impact analyses (BIA), and risk analyses for processes and assets.
2. Who is Leno ISR designed for?
Leno ISR is designed for financial institutions, insurers, critical infrastructure operators, and regulated enterprises that aim to efficiently manage information security, BCM, and compliance requirements.
3. What challenges does Leno ISR address?
Organizations face the challenge of coordinating security processes across all departments, capturing risks centrally, and implementing regulatory requirements efficiently.
Leno ISR provides support through user-friendly data collection, automated workflows, and audit-proof versioning.
4. What are the key features of Leno ISR?
- Digital ISMS & BCM system
- Automated risk analysis and mitigation tracking
- Mapping to ISO 27001, DORA, IT Baseline Protection, and BAIT
- Asset, threat, and control management
- Real-time dashboards and compliance reporting
- Integration with Leno CLM and Leno TPRM
5. How does Leno ISR support compliance?
Leno ISR ensures that all security and resilience processes align with DORA, ISO 27001, IT Baseline Protection, and other frameworks – including automated documentation and audit-ready reporting.
6. How does risk assessment work in Leno ISR?
After performing the protection needs assessment and Business Impact Analysis (BIA) at the business process level, the results (key figures) are inherited by the corresponding assets. These values determine the necessary security measures for each asset. If a measure is not implemented, a vulnerability arises that may be exploited by a threat. To assess these risks, risk analyses are carried out.
7. How does Leno ISR support Business Continuity Management (BCM)?
With Leno ISR, you can perform Business Impact Analyses (BIA), define MTA, RTO, and RPO, and determine the time criticality of your processes, which can then be inherited by the corresponding assets. Through comprehensive reporting capabilities, you always have full visibility into all your processes, assets, and their criticality.
8. What are the benefits of Leno ISR compared to manual processes?
- Up to 60 % less effort for ISMS and BCM documentation
- Real-time visibility into risks and actions
- Improved audit readiness and traceability
- Automated compliance monitoring
9. Is Leno ISR customizable?
Yes. Leno ISR can be adapted to existing ISMS, BCM, and risk management structures. Individual workflows, risk matrices, and control catalogs can be configured with full flexibility.
10. How is Leno ISR implemented?
Implementation follows five steps:
1. Analysis of existing ISMS and BCM processes
2. Module configuration
3. Migration of existing data
4. Team training
5. Go-live and ongoing support
.avif)
Wie können wir Ihnen helfen?
Kontaktieren Sie uns.