BSA Meets Vendor Management

How necessary is it to document your vendor selection process? If a new law in New York state is any indication, it’s becoming more and more important.

The New York Department of Financial Institutions recently published a new BSA/AML rule requiring greater board oversight of risk-based BSA/AML transaction programs. The rule came about after several foreign banks doing business in the state, including those based in Pakistan and South Korea, were hit with enforcement actions for falling short in their “anti-money laundering and sanctions compliance programs,” law firm Baker Botts writes. As is often the case with regulation, the misdeeds of a few resulted in new rules for every financial institution—foreign and domestic—in the state.

What does this have to do with vendor management? The new rule specifically requires that financial institutions using a third-party vendor for BSA/OFAC screens must have a “vendor selection process.”

This is yet another reminder of the growing importance of careful vendor selection and monitoring. When drafting new rules, regulators are giving greater attention to the role vendors play in helping an institution stay compliant—or miss the mark. They want to be sure financial institutions are taking full responsibility for their vendors.

Now is the time to review your institution’s third-party selection process, including efforts to monitor and verify vendor performance. It’s not enough to conduct diligence—you need to show regulators the steps you’ve taken to ensure vendors will live up to expectations.

Don’t wait until an examiner asks about vendor selection processes. Be proactive.