Continuous third-party risk scoring isn't a technology that institutions attempted and abandoned. It's a capability that hasn't emerged until now, because the visibility it would require didn’t exist. What passes for third-party risk management in open finance today is frequently just vanilla KYB checks at the start of a relationship, periodically refreshed, combined with reacting to problems once they've already surfaced. Neither is continuous, and neither is really scoring.
The natural assumption is that institutions tried to build continuous scoring in-house and got stuck on something technical – normalizing inconsistent data, defining what improvement means, working out where liability sits. That assumes an attempted build. In practice, there's little evidence of institutions building toward continuous scoring at all, because the more basic problem sits earlier in the chain: an institution, or the intermediary it deals with directly, usually can't see who is actually behind the next entity along that chain. You can't score risk continuously on a third-party provider you can't identify.
That gap compounds. Without visibility into who's actually there, there's no standardized data to build a score from. Without standardized data, there's no shared basis for defining what a better or worse score would even mean. And without either of those, liability has nowhere clear to land when something does go wrong – it defaults to whoever holds the customer relationship, absorbing the cost first and sorting out redress after.
The first is KYB at onboarding – a point-in-time check, refreshed on a periodic cycle, that tells an institution or intermediary who a third-party provider was at the moment of assessment. The second is reactive scrutiny – a bank or intermediary noticing a problem downstream (complaints, fraud rates, a control failure) and starting to ask questions after the fact. Neither gives a live picture of risk as it changes. Both depend on already knowing enough about the third-party provider in question to ask the right question in the first place – which is exactly the visibility that's missing further down the chain.
The frameworks that might eventually force more visibility into the chain are still taking shape. Section 1033 in the US, Smart Data legislation in the UK, and Consumer-Driven Banking in Canada are all in draft or early implementation. None of them yet mandates the kind of standardized, chain-wide visibility that continuous scoring would depend on – so institutions and intermediaries are left with the same two tools, KYB and reaction.
The alternative isn't a better scoring tool bolted onto the current setup – it's infrastructure that creates the visibility the chain currently lacks. Invela’s Accreditation gives every participant in the network a consistent, verified identity to be assessed against, rather than leaving each institution or intermediary to work out who's actually there on its own. Invela’s Risk Indicator is built on that visibility and so can track risk as it changes, rather than only at the moment of onboarding. And a Warranty, in development, ensures liability lands in the right place.
Invela is the infrastructure layer that makes open finance trustworthy - accrediting who's in the network, monitoring risk in real time, and ensuring liability lands in the right place.