What Is a SOC Report and How Can I Use it for Vendor Management?
Financial institutions can use SOC reports as the first step in third-party due diligence, but true vendor management demands a deeper look.
Regulatory Insight: Artificial Intelligence & Third-Party Risk
Highlights from a comment letter to federal banking agencies (CFPB, FDIC, Federal Reserve, NCUA, and OCC).
The Future of Vendor Management: What the Proposed Federal Third-Party Guidance Means for Your Bank
Risk Management aims for a unified approach to vendor management, integrating oversight and accountability.
How Third-Party Oversight and Complaint Management Could Have Prevented an $11.5 Million UDAAP Enforcement Action—and What It Means for Your Vendor Management
Poor vendor oversight, complaint management, and risk controls hurt consumers.
3 Ways to Identify Critical Vendors for your Financial Institution
Are you making this critical vendor management policy mistake? It may be time to review your policies.
Vendor Management: Which ‘Friend’ Will Be There for You?
We thought we’d have a little fun with Friends by asking which Friend you’d hire for a vendor management role at your financial institution.
6 Features to Look for in a Contract Management Software
Here are 6 features a contract management software should have to improve how financial companies manage third-party vendor contracts.
How to Lighten Your Vendor Management Workload
Here are the most effective ways to lighten your vendor management workload while still ensuring your vendors are properly managed.
How Should the 3 Lines of Defense Work in a Vendor Management Program?
The Three Lines of Defense helps banks, credit unions, mortgage companies and fintechs build and effectively manage the vendor management lifecycle
How to Review Critical Vendors' Cybersecurity
A good vendor management is a place to review and assess the cybersecurity of critical vendors.
3 Lessons Learned from a Third-Party Vendor Breach
Late last year while the SolarWinds breach was drawing attention another third-party vendor breach was also wreaking havoc - here are the 3 lessons learned
Halloween Fun: Spook-tacular Risk, Compliance & Vendor Management Stories
We’ve put together a collection of our best Halloween-themed risk, compliance, and vendor management blog posts.
Is Your Vendor Prepared for Disaster?
Recent analysis conducted by the FDIC’s OIG finds that just half of vendor contracts it reviewed “explicitly included business continuity provisions.”
Vendor Due Diligence: Don't Make This SOC 2 Report Mistake
Make sure to engage in due diligence with your third-party vendor and avoid critical SOC 2 report mistakes.
Did Your Vendor Need PPP Funds?
Did one of your critical third-party vendors need Paycheck Protection Program (PPP) funds?
Does Your Vendor Management Program Measure Up to the DOJ Expectations?
Every FI knows that regulatory agencies evaluate their vendor management program as part of the exam process. The Justice Department does too.
Third-Party Vendors & Compliance Risk: 10 High-Risk Compliance Situations
That’s the situation financial institutions face when a third-party vendor acting on behalf of the bank doesn’t comply with laws and regulations.
Are Your Vendors Flexible in a Crisis?
From the Paycheck Protection Program to mortgage forbearance, FIs have scrambled to adjust to new rules and help customers obtain much-needed funding.
Finastra, World’s Third-Largest Fintech, Responds to Ransomware Attack
Finastra, the third-largest fintech company in the world, took its servers offline Friday to protect its data after detecting a ransomware attack, the
3 Take-aways from the OCC Third-Party Vendors Relationship FAQ
The OCC released a Frequently Asked Questions (FAQ) supplement to OCC Bulletin 2013-29 that gives more clarity on regulations around third-party vendors.
How Not to Save Money on Vendor Management
Earlier this month Federal Reserve Governor Michelle Bowman announced that the Federal Reserve is working with the other supervisory agencies to update its
Are Vendors Your Biggest Obstacle to Fintech Adoption? It Might Not Be Their Fault
Once your FI has laid out its strategic goals, it needs to know if a vendor will have the products and services it needs to accomplish them.
When Customers Invite Third-Party Risk
In a world where consumers are often willing to trade privacy for convenience, even banking passwords are no longer sacrosanct.
Vendor Employees Gone Wild: Structuring Vendor Contracts to Guard Against Rogue Insiders & Cyber Threats
Capital One and its credit card applicants and customers are not having a good week.
A Model CIO: Equifax CIO Keeps Showing Us How *Not* to Respond to a Breach
The big news out of Equifax this week is its $700 million settlement as a result of its 2017 data breach. It’s the most expensive breach settlement ever.
3 Elements of a Vendor Cyber Monitoring Program
An FI’s vendor management program is part of its enterprise risk management. Vendor management can’t be done in a vacuum.
Another Vendor Behaving Badly: Failed Vendor Management Results in $236K+ Consent Order
Failing to engage in appropriate third-party vendor planning, due diligence, contract negotiations, and ongoing monitoring has bad results.
What to Do When You’re Worried About Your Vendor’s Finances
How do you know your vendor is in trouble and what can you do if it is? Read on to find out.
Brokered Deposits & Vendor Management
As the industry pushes for more flexibility to make it easier to work with deposit brokers, bankers can help make their case with strong vendor management.
Are You Making This Common Vendor Management Mistake Observed by the FDIC?
FIs aren’t doing enough to ensure their contracts with third-party vendors sufficiently address business continuity and incident response.