Open Access

Abhishek Wasnikar

• In an era of accelerating digital transformation and increasing regulatory scrutiny, third-party risk management (TPRM) has become a strategic imperative for financial institutions. This thesis examines the TPRM framework of Deutsche Börse Group (DBG), a critical financial market infrastructure provider, with the aim of evaluating its current maturity, identifying internal control gaps, andIn an era of accelerating digital transformation and increasing regulatory scrutiny, third-party risk management (TPRM) has become a strategic imperative for financial institutions. This thesis examines the TPRM framework of Deutsche Börse Group (DBG), a critical financial market infrastructure provider, with the aim of evaluating its current maturity, identifying internal control gaps, and proposing targeted improvements aligned with international regulatory expectations. The research adopts a qualitative case study methodology, leveraging internal documents,stakeholder feedback, and benchmarking against established standards such as DORA, the ECB SSM guidelines, ISO 27001, and COBIT. A detailed internal insight analysis reveals gaps in areas such as automation, fourth-party risk visibility, performance monitoring, and escalation protocols. These are further mapped against best practices to quantify maturity levels and assess risk exposure. Based on the findings, a set of strategic recommendations is proposed across five dimensions: governance, process, technology, compliance, and culture. These are structured into a phased implementation roadmap to support DBG’s efforts in achieving operational resilience and regulatory alignment. The thesis contributes both to academic understanding of TPRM in highly regulated environments and to practical enhancements for financial institutions operating under European supervision.…