Here We Go Again: Vendor Cybersecurity Breaches Keep Wreaking Havoc
Vendor cybersecurity breaches once again wreak havoc on user data. Read about the millions of accounts hacked and leaked online from a telecomm giant.
3 Reasons Chief Risk Officers Fail
A new study concluded that big banks that employed a Chief Risk Officer were far more likely to be overexposed to the riskiest, new financial derivatives.
Beach Bummed: How One Construction Crew Ruined the Summer Season
The word disaster conjures up images of tornadoes, hurricanes, and terrorist attacks, but sometimes it starts with a construction crew.
OCC Singles Out a Bank Director for Excessive CEO Compensation
The OCC recently called out a bank director for misconduct around compensation. Here's a quick lesson in how to fail as a bank director.
What Took 5 Years and $10 Million and Did Nothing to Punish Wall Street for the Mortgage Crisis?
Here's what we learned from this intriguing documentary about the only commercial bank criminally charged as a result of the mortgage crisis
How Are You Coping with a Growing Vendor List?
As financial institutions work with more vendors, it's easy to miss third-parties who need to be reviewed just like more obvious ones.
Much Ado About Nothing: Update to the FFIEC Cybersecurity Assessment Tool Barely Worth a Mention
When we looked at the FFIEC's update to the cybersecurity assessment tool, we discovered the changes to be minor. Good news; Ncyber already has the update.
FDIC Guidance: Model Risk Management of Third-party Vendors
Model Risk Management: FDIC-regulated banks with more than $1 billion in assets and those that use a complex model that is will be subject to new guidance.
5 Ways to Succeed at Vendor Management
Risk and vendor management is all about analysis and organization, but many risk officers get bogged down in organization and lose time for analysis.
Don’t Confuse Clarity with Forgiveness
OCC to label violations of laws and regulations as “new,” “self-identified,” or “repeat” when communicating a violation to banks starting July 1.
STOP! Collaborate Cautiously and Listen- The OCC is Back with New Third-Party Risk Management Guidance
The OCC has published new guidance on 3rd-party risk management. Key takeaway: There is no one-size-fits-all approach to third-party risk management.
Spreadsheets Aren’t Free: 5 Hidden Costs
The costs your institution will incur if it’s using spreadsheets to oversee risk management or compliance may not be obvious until it's too late.
Will Your Vendors Fall Victim to Ransomware and Other Cybersecurity Threats?
63% of cybersecurity breaches occur through third-party vendors. That's why it's vital that your vendor management process protects you from threats.
Ncontracts Acquires Supernal Software to Bring Customers BSA and Compliance Solutions
When I founded Ncontracts in 2009, my goal was to provide a way to make risk management more efficient by eliminating the unconnected data, duplicated
FinCEN: MoneyGram Compliance Officer on the Hook for $250,000 Penalty
The former chief compliance officer of MoneyGram International was fined $250,000 this month and banned from serving in a compliance function.
Independent Banker Magazine Interviews Michael Berman, Ncontracts CEO
Independent Banker interviews Michael Berman on cybersecurity risk assessments and how financial institutions can stay secure.
Inside the New SSAE 18: Vendor Management Changes
The new SSAE 18 vendor management rules impact every financial institution. In this blog post, we look at each change and how it will affect your FI.
Risk Management Master: Q&A with Ncontracts’ Mitch Klein
Klein sat down to talk about managing risk, what it’s like to be on the vendor side of a relationship, and future risk management trends.
What Does Your Customer Data Have in Common with a Hit Netflix Show?
Vendor risk isn't limited to banks and credit unions. Hollywood is vulnerable too. Netflix revealed the entire season of Orange is the New Black was leaked
Vendor Management: What the NCUA Really Wants
When a financial institution outsources an activity to an outside vendor, it can enhance the member experience, but it can also introduce increased risk.
Whitepaper - Revelations from the FDIC's OIG Report
The FDIC's OIG found widespread deficiencies in the banking industry regarding vendor management. This whitepaper summarizes and explains these findings.
Vendor Management: What the Fed Really Wants
The Fed has specific needs regarding vendor management. This article looks at what the Fed wants when it audits your financial institution.
Vendor Management: What the FDIC Really Wants
Find out what the FDIC wants banks to know about vendor management. We explore part VII of the Compliance Exam Manual and pull out the nuggets of vm gold.
OCC Vendor Management: What the OCC Really Wants
You just found out you're getting a visit from the OCC. Vendor management is suddenly top priority what do they want? This is the resource you need to read
Guarding Against Cyber Events: How Strong Are Your Vendor’s Protections?
If your third-party contracts are structured like those at many financial institutions, your response may fall short of expectations due to lack of clarity
Warning Ahead: Many Vendor Contracts Are Missing Essential Internal Controls
The phrase “internal controls” is closely associated with accounting, but these valuable tools are also an integral part of risk management.
Is Your Contract Protecting Your Institution?
Don’t ignore your contracts. If you’re not demanding detailed term definitions, controls and performance standards, you’re doing your FI a disservice.
Weak Vendor Management Trickles Down to Contracts
Third-party vendor management is all about managing risk. It’s an issue that regulators have been pressing for years, yet it seems that not every
The Life of a Strategic Risk Manager: Building Buy-In
No matter how bright and organized a chief risk officer is, an institution’s ERM program is only effective when employees follow it.
The Life of A Strategic Risk Manager: The problem of manual processes
What’s it like to be a chief risk officer? It’s a complex, time-consuming job—one that balances day-to-day management with big picture planning.