
Podcast by Mike Day

Podcast by Mike Day

29 June 2026
What does a successful TPRM transformation actually look like — and why do so many organisations get it wrong?
Mike sits down with Chloe Dellow, TPRM and GRC specialist at Diligent, who brings nearly eight years of experience helping organisations build, mature and optimise their third party risk programmes. Chloe offers a frank, experience-led perspective on why technology should enable a well-defined programme — not compensate for an absent one.
In this episode:
🔍 Why most organisations should sort their operating model before they even open an RFP ⚠️ The "magpie effect" — chasing features before understanding your own problem 🤖 How AI is entering TPRM in phases, from SOC 2 document review to continuous monitoring 🔨 Why the build vs buy debate is back — and the hidden risks of going DIY 🧩 Why AI risk isn't really "emerging", and what that reframing means for your framework ✈️ Which industries actually do supply chain visibility well (aerospace and automotive may surprise you) 🔄 The biggest mistake organisations make when switching platforms — and how to avoid rewriting history
Whether you're just starting out or looking to optimise a mature programme, this is a practical and honest conversation about what good looks like in TPRM today.
Timestamps 00:00 Introduction 02:15 Chloe's background — from JavaScript to TPRM advisory 06:30 How TPRM technology has evolved 11:00 Regulatory pressure and programme maturity 16:45 Helping clients through the "where do I start" problem 23:00 The magpie effect and the risk of over-configuration 29:30 AI adoption in TPRM — phased approaches and real use cases 38:00 Build vs buy — and the shadow AI risk 45:00 Is AI really an emerging risk? 51:30 Supply chain visibility — who gets it right? 58:00 What goes wrong in TPRM transformations 1:04:00 Where to start before you go to market
Guest: Chloe Dellow, Diligent Host: Mike Day
🔔 Subscribe for more episodes | 🌐 thirdpartytherapy.com | 📧 Sign up to the mailing list
#TPRM #ThirdPartyRisk #GRC #RiskManagement #AI #OperationalResilience #DORA #Compliance #Podcast
00:00
55:49

16 June 2026
In this episode of Third Party Therapy, Mike Day is joined by Dave Rusher, Chief Customer Officer at Aravo, one of the longest-standing dedicated TPRM technology platforms. With 15 years at Aravo and decades of experience across the Americas, UK, Europe and Asia-Pacific, Dave brings a genuinely global perspective on how third party risk management has evolved — and where it still has growing up to do.
They cover the maturity landscape across financial services, pharma and manufacturing, the real-world AI use cases that are already delivering results, and the three most common mistakes organisations make when implementing TPRM technology. Whether you're just starting your TPRM journey or trying to evolve an existing programme, this episode is packed with practical insight.
Topics covered in this episode:
Timestamps: 00:00 — Introduction 02:00 — Dave's background and 15 years at Aravo 04:30 — How TPRM maturity varies by sector and region 10:00 — Manufacturing vs. financial services: who's ahead and where 15:30 — Cross-sector lessons: what's portable, what isn't 20:00 — Technology trends: consolidation vs. proliferation 25:00 — AI in TPRM: hype vs. reality 31:00 — The biggest AI use case delivering results today 37:00 — Why internal AI approval processes are the real bottleneck 43:00 — AI as a "tool not a transformation" — Mike's take 47:00 — Aravo's AI development roadmap 53:00 — The three TPRM implementation mistakes to avoid 58:00 — Where to start: outcomes-first, iterative delivery
00:00
54:42

06 April 2026
How do you build a supply chain that doesn't just survive disruption but thrives through it? Mike Day is joined by Professor Richard Wilding OBE, Emeritus Professor of Supply Chain Strategy, to bridge the gap between academic theory and frontline risk management.
Professor Wilding shares his expert perspective on why the "Cost to Serve" must be applied to risk, how to segment vendors effectively, and why "Robustness" is no longer enough in a volatile global economy.
🕒 Timestamps:
SEO Keywords: #SupplyChain #Logistics #Procurement #RichardWilding #RiskManagement #Resilience #Strategy #OBE
00:00
54:16

23 March 2026
Is the pace of change in Third-Party Risk Management (TPRM) keeping up with the complexities of the modern marketplace? In this episode of Third Party Therapy, Mike Day sits down with Clarence Chio, founder of Coverbase.
Clarence, a Stanford-trained engineer and cybersecurity veteran, shares his unique perspective on the "assessor fatigue" felt by both sides of the table. They dive deep into how AI can move beyond just making existing processes "faster horses" and instead fundamentally change how trust is established between organizations.
00:00 – Introduction: Is TPRM falling behind the market?
03:45 – Clarence’s Journey: From Stanford to Anti-Money Laundering (AML)
12:10 – The "Assessor’s Dilemma": Why busy work doesn't always equal risk reduction
21:30 – The Pace of Change: Why traditional assessments are static in a dynamic world
30:50 – AI & Coverbase: Moving from manual checklists to automated trust
38:15 – The "Faster Horse" Problem: Re-imagining the future of TPRM
47:40 – Elevating the Job: How automation allows risk managers to focus on strategy
55:30 – Closing thoughts: Mapping out the next 5 years of TPRM
Keywords: #TPRM #ThirdPartyRisk #ClarenceChio #Coverbase #Cybersecurity #AI #RiskAutomation #VendorManagement #SupplyChainSecurity #ThirdPartyTherapy #Innovation
00:00
57:26

11 March 2026
Episode Summary: How do you build a world-class Third-Party Risk Management (TPRM) function in a digital-first, fast-paced environment? In this episode of Third Party Therapy, Mike Day sits down with Mo Randeree from Atom Bank. Mo shares his journey from a PwC auditor to a TPRM leader, discussing how to break down the traditional silos between Procurement, Risk, and Resilience.
The highlight of this episode is Mo’s deep dive into the practical use of Google Gemini (AI) to automate risk assessments, moving the dial from "policing" the business to "partnering" with it.
🕒 Timestamps
00:00 – Introduction: Managing risk at the speed of a digital bank
03:45 – Mo’s Background: Stumbling into TPRM via PwC
12:10 – The Integrated Operating Model: Merging Procurement, TPRM, and Resilience
20:30 – Speed to Market: Why "Check-the-Box" compliance doesn't work in FinTech
28:50 – AI in Action: Using Google Gemini to solve the "data mountain" problem
37:15 – Shifting the Culture: Moving from a "No" function to a "Business Enabler"
45:40 – Proactive Supplier Management: Having hard conversations about control gaps
53:00 – Closing thoughts and advice for the next generation of risk leaders
Keywords: #TPRM #ThirdPartyRisk #AtomBank #GoogleGemini #GenerativeAI #RiskManagement #ProcurementStrategy #FinTech #BusinessResilience #ThirdPartyTherapy #SupplyChainRisk
00:00
52:37

23 February 2026
Beyond Third Parties: Mapping Fourth-Party Risk and Early-Stage Suppliers – with Layla White (TechPassport)
Episode overview
Season 2 opens with a practical deep dive into one of the hardest problems in modern third-party risk management: understanding what sits beyond your immediate suppliers. Mike is joined by Layla White, founder of TechPassport, to unpack why fourth- and fifth-party dependencies remain opaque, how early-stage suppliers change the risk profile, and why traditional questionnaires and web-scraping approaches struggle to keep up with today’s supply chains.
The conversation blends lived experience from financial services procurement and vendor management with a grounded look at how supply chain mapping actually works in the wild, where outages, cloud concentration, geopolitics, and cyber incidents collide.
What you’ll hear in this episode
Key takeaways
Guest bio
Layla White is the founder of TechPassport, a platform focused on improving how organisations gather and manage supplier information, map extended supply chains, and engage early-stage technology providers. Layla previously worked in financial services procurement and vendor management, where she experienced first-hand the friction, delays, and blind spots that exist in traditional third-party onboarding and supply chain visibility.
Who this episode is for
Listen to the episode
🎧 Full episode: https://thirdpartytherapy.com
Tags / themes
TPRM, Fourth-Party Risk, Supply Chain Mapping, Concentration Risk, Operational Resilience, Early-Stage Suppliers, Cloud Dependencies, Cyber Resilience
00:00
48:10