Good reminder for Vendor Risk Management

Good reminder for Vendor Risk Management

Posted on

reminder-glickman

Although this article in Consumer Compliance Outlook is a little dated, it comes as a good reminder regarding your vendor risk management.  Over the last couple of years we have noticed a continued effort by examiners to increase their own due diligence towards financial institution's understanding and management of their vendor programs. A direct quote that stands out to me is....

"...bank management should always conduct due diligence with every vendor prior to entering into a third-party relationship, develop a risk assessment of the proposed vendor processes, and understand the vendor activities. Bank management must fully consider the compliance implications associated with these new products and services." 
 
While in some enforcement cases, fines and MRA's are associated with penalties, others recently have been given cease and desist orders in light of a lacking Risk Management Program and must provide quarterly updates to the FDIC and the OCC respectively.