Topics +
Product +
Media Type +

Recent Resources

How to Work with the Board & Management: 6 Tips from a Top Compliance Officer

Grant Jex once worked in a bank where having sufficient compliance resources was a constant battle. Some in management were […]

5 Tips for Assessing Your Financial Institution’s Pandemic Performance

Now that we’re months into the COVID-19 pandemic, financial institutions can finally begin assessing their pandemic performance. Pandemic response will […]

3 Common Questions About Vendor Response to COVID-19

Monitoring critical vendors’ response to COVID-19 and the effectiveness of their ongoing business continuity management (BCM) remains a key element […]

COVID-19, Vendor Management & Managing The New Normal Whitepaper

How are financial institutions’ critical vendors holding up as the COVID-19 pandemic spreads? That’s a vendor management question every FI […]

Vendor’s Keeper: How to Make Sure Your Third-Party Vendors Aren’t Creating a Compliance Nightmare Webinar

Your financial institution is doing everything it can to remain compliant with applicable laws and regulations, but what about your […]

What’s the Difference Between Business Continuity Management (BCM) and Pandemic Planning?

It’s a safe bet that your financial institution had a business continuity and disaster recovery plan in place before COVID-19—one […]

Pandemic Planning Report

Financial institutions can expect examiners to take a very strong interest in pandemic planning going forward—including the pandemic planning of […]

A Guide to Guidance: Where Does Business Continuity Management End and Pandemic Planning Begin?

Navigating the overlap between the FFIEC Business Continuity Management Handbook & Pandemic Guidance.

Post-Pandemic Incident Assessment

How strong was your financial institution’s response to the COVID-19 pandemic? It’s a question every FI should be asking.

Are Your Vendors Flexible in a Crisis?

Banking during the COVID-19 pandemic has been an exercise in nimbleness and flexibility. Financial institutions have persevered to adapt their […]


Many institutions already have a strong compliance management system (CMS) in place. They simply need to find ways to enhance […]

FFIEC: Risk Management Is Essential to Safe & Sound Cloud Computing

When it comes to cloud computing and risk management, there is no one-size-fits-all approach. From the model used to risk […]

7 Tips for Making your Complaint Program More Effective

If your FI is following regulatory guidance, it has a complaint management program to ensure consumer complaints are heard and […]

Inside Ncontracts COVID-19 Pandemic Response

When your company is full of risk management and business continuity experts, you have to be prepared to face the […]

A Little Monday Inspiration: The Banking Heroes We Need

We all need a little inspiration to brighten these difficult days. I got a dose last week from this story […]

How COVID-19 Is Impacting Fair Lending Compliance

COVID-19 is overwhelming many sectors of the U.S. economy—including lenders. Small business loan demand is through the roof thanks to […]

Ncontracts Announces New Board of Directors

Nashville, TN, April, 21, 2020 – Ncontracts, the leading provider of integrated risk, vendor and compliance solutions for financial institutions, […]

Protecting Your Business Model from COVID-19: Assessing Operational Risk Department-By-Department eBook

A good COVID-19 response plan does more than preserve access to financial services. It creates value by evaluating and modifying […]

ABA Bank Compliance Magazine: Michael Berman Shares 5 Ways to Convince Management That Compliance Is Important

The May/June issue of ABA Bank Compliance Magazine is online and features a can’t-miss article by Ncontracts founder and CEO […]

How to Lead During a Pandemic: A Conversation with Marcia (“Marci”) Malzahn

Marci Malzahn has seen catastrophe before. Growing up in Nicaragua, by the time she was 13 she had survived an […]

The New COVID-19 Risk Environment: Reassessing Risk

Risk has always been a part of banking. But today, with the spread of COVID-19 wreaking havoc on customers, the […]

Mortgage Servicing Checklist

Don’t get caught off guard by temporary changes to mortgage loan servicing rules under the Coronavirus Aid, Relief, and Economic […]

Will A CMS Solution Work for Your FI? Michael Berman Gives You 7 Ways to Find out in ABA Bank Compliance Magazine

Want to know if the compliance management system solution (CMS) you’re considering is right for your financial institution? Look no […]

Ncontracts Successfully Completes Another SSAE 18 Audit

Reinforces industry reputation for risk management excellence Brentwood, Tenn., April 14, 2020 — Ncontracts, the leading provider of integrated risk, […]

Examiners Want to Know: Does Your CMS Ensure Consumer Protection & Compliance?

Regulators aren’t messing around when it comes to consumer protection and compliance. That’s the message the FDIC sent in an […]

Fair Lending & COVID-19: Strategies for Maintaining Fair Lending Compliance Webinar
Pandemic Preparedness & BCP Department-by-Department Series: COVID-19 & IT (Part 6)

The rest of our series: Part 1: Human Resources Part 2: The Frontline, Back Office, & Marketing Part 3: Board […]

Pandemic Preparedness & BCP Department-by-Department Series: COVID-19 & Finance & Lending (Part 5)

The rest of our series: Part 1: Human Resources Part 2: The Frontline, Back Office, & Marketing Part 3: Board […]

Pandemic Preparedness & BCP Department-by-Department Series: COVID-19 & Compliance and Risk (Part 4)

The rest of our series: Part 1: Human Resources Part 2: The Frontline, Back Office, & Marketing Part 3: Board […]

Work-From-Home (WFH) Risk Assessment

Transitioning to a WFH environment helps limit the spread of COVID-19, but it also introduces a variety of security and […]

Pandemic Preparedness & BCP Department-by-Department Series: COVID-19 & Board & Management (Part 3)

The rest of our series: Part 1: Human Resources Part 2: The Frontline, Back Office, & Marketing Operational resilience is […]

CU Broadcast Interview Michael Berman on Third-Party Risk and COVID-19

Are industry vendors prepared for pandemic lockdown? That’s the question Mike Lawson from CU Broadcast had for Ncontracts CEO and […]

Pandemic Preparedness & BCP Department-by-Department Series: COVID-19 & the Frontline, Back Office & Marketing (Part 2)

As many jurisdictions announce shelter-in-place orders as COVID-19 spreads across the U.S., financial institutions are often among the “essential” businesses […]

Finastra, World’s Third-Largest Fintech, Responds to Ransomware Attack

Finastra, the third-largest fintech company in the world, took its servers offline Friday to protect its data after detecting a […]

Unprecedented: COVID-19, Vendor Management & Managing the New Normal
Pandemic Preparedness & BCP Department-by-Department Series: COVID-19 & Human Resources (Part 1)

Disruption from coronavirus is no longer theoretical. As COVID-19 spreads, schools and businesses are shutting down and social distancing, even […]

Vendor Employees Are Working from Home. Are They Keeping Your Data Safe?

With coronavirus forcing millions of Americans to work from home, many companies’ cybersecurity controls are getting real-world tests for the […]

FinCEN Hits Chief Risk Officer with $450k Penalty

You may remember a story we published back in July 2018 about how U.S. Bank was forced to pay $613 […]

Managing Coronavirus Operational Risk for Community Banks
Managing Coronavirus Operational Risk for Credit Unions
FDIC Updates RMS Manual: What Does That Mean for Risk Management at Your FI

Compliance isn’t just about following rules. It’s about thoughtfully managing risk. That’s the theme the FDIC keeps drilling into financial […]

Pandemic Planning: 10 Questions to Ask Your Vendors About Coronavirus Preparedness

Experts agree that it’s not a matter of if coronavirus is going to impact your business—it’s a matter of when. […]

Ncontracts Receives the 2020 Tennessee Roaring 20 Award from The Association for Corporate Growth

Brentwood, TN, Tuesday, March 10, 2020: Ncontracts, the leading provider of integrated risk and compliance management solutions for financial institutions, […]

3 Take-aways from the OCC Third-Party Vendors Relationship FAQ

Valentine’s Day was last month, but the Office of the Comptroller of the Currency (OCC) has answers for your burning […]

How Not to Save Money on Vendor Management

Earlier this month Federal Reserve Governor Michelle Bowman announced that the Federal Reserve is working with the other supervisory agencies […]

7 Best Practices for Aligning Fintech With Your Business Strategy

Fintech is one of the buzziest trends in financial services right now, and no financial institution wants to be left […]

Reducing Compliance Risk With Regression Analysis
Leap Year: What Risk Management & Compliance Tasks Would You Tackle with One Extra Day?

Thanks to the magic of the Gregorian calendar, we’ve been gifted with an extra day in 2020. That’s right, it’s […]

How to Prepare for the Future of AI in Banking (Part 2)

Think artificial intelligence is just a buzzword? Think again. Unless you truly live in a cave, AI has put its […]

Why the OCC Is Like a Peanut Butter Cup and Other Podcast Insights?

Want to hear about OCC plans, initiatives, and priorities right from the OCC right from the source? You’ve got it! […]

Pandemic Planning: Is Your FI Prepared for Coronavirus?

The largest bank in Singapore made headlines last week for being the first lender to shut down its office due […]

Are You Making Risk Management Decisions with Your Heart or Your Head?

Love is a risky business. Just ask anyone who is gathering up the courage to share their feelings with the […]

How Lincoln Reduced Financial Risk with the Creation of a National Banking System

President Abraham Lincoln was known as The Great Emancipator and Honest Abe, but he was also a major proponent of […]

Hey, Wait, I’ve Got A New Complaint – Reducing Risk with Complaint Management

The only thing worse than a consumer complaint is a consumer complaint that’s ignored and never addressed. It happens all […]

6 BCP Lessons Learned When Ncontracts Shut Down Its HQ for the Day

What would happen if headquarters went down? Could your staff and institution carry on business as usual or would it […]

ERM 101: What’s Your FI’s Risk Appetite?

Risk is about preventing loss. Every dollar an institution doesn’t lose is essentially one dollar gained. But that doesn’t mean […]

The #1 Obstacle Between Your FI and Strategic Success

The biggest obstacle to strategic success is failing to understand risk. Risk is the threat lurking in the shadows that […]

Managing Complaints to Achieve Better Results
Gryphon Investors Acquires Ncontracts, A Leader in Integrated Risk Management Software for the Financial Industry

Gryphon Investors (“Gryphon”), a San Francisco-based middle-market private equity firm, announced today that it has acquired Ncontracts (or the “Company”), […]

Are Vendors Your Biggest Obstacle to Fintech Adoption? It Might Not Be Their Fault

Ask any mid-size financial institution about their biggest barrier to achieving digital transformation, and you might be surprised by the […]

Heightened Cybersecurity Risk – Is Your FI Prepared?

Cybersecurity is always a top concern for financial institutions, but now supervisory agencies are warning financial institutions that cyberattacks are […]

How Many Complaints Did Your Institution Get Last Year?

Consumer complaints are a part of doing business. From restaurant patrons claiming there is a fly in their soup to […]

What Will NCUA Examiners Be Looking at in 2020?

The NCUA’s 2020 Supervisory Priorities are published—and they are giving us a first look at the areas where NCUA will […]

When Customers Invite Third-Party Risk

The first rule of passwords is you’re not supposed to share your passwords with anyone. But in a world where […]

Fourth-Party Risk: What Your Institution Has in Common with a Presidential Campaign

Presidential campaigns and financial institutions may seem miles apart in mission and operation, but there’s at least one area where […]

Fintech Risk Management & the Fed

Which financial institutions do the best job managing fintech relationships? How do they work with third-party fintech partners that aren’t […]

How Model Risk Fits Into Your Vendor Management Program
Helping Santa Save the Day with Business Continuity Management Best Practices

Rudolph the Red-Nosed Reindeer is a story about how our differences can also be our strengths—but it’s also a story […]

What is a Compliance Management System & Why Does Your FI Need One?

This whitepaper will walk you through the basics of a CMS while offering practical advice on how to ensure your […]

Three Banking Trends that Fizzled—And One That Stands the Test of Time

As we prepare for the dawn of a new decade, I thought it was a good time to take a […]

Ncontracts Recognized as a Challenger in the Gartner Magic Quadrant for IT Vendor Risk Management Tools

Ncontracts announced that it has been positioned by Gartner, Inc. in the Challengers quadrant of the Magic Quadrant for IT […]

OCC: Lack of Risk Management Leads to Enforcement Actions

Lack of appropriate governance, oversight, and risk management systems and controls are the leading cause of enforcement actions. That’s not […]

A Regulator’s Holiday Wish List for the Year Ahead

On the hunt for a perfect gift for your examiner and primary regulator? Look no further! We’ve been taking notes […]

How to Control the Financial Risk of a Data Breach

How much does a data breach cost? Understanding the costs—and why some breaches cost more than others—can help your financial […]

The Difference Between Data Privacy and Security

Data privacy and security has been getting a lot of press as the industry looks ahead to when the California […]

Fintech Strategy Hour with Ron Shevlin & Michael Berman
When it Comes to Fintech, You’ve Got a Friend in Your Regulator

Most financial institutions have good relationships with their regulators—but many aren’t making the most of what the financial regulatory agencies […]

Don’t Fear Artificial Intelligence: A Primer for AI in Risk & Compliance Management (Part 1)

Does the phrase “AI in risk and compliance management” conjure up images of robots taking over the world—or worse yet, […]

FFIEC: Business Continuity Planning is Now Business Continuity Management

Fill in the blank. Business continuity                                         . Did you answer “plan”? In the past, you’d have been right. But […]

What Does the OCC Look for in a CMS?

The Office of the Comptroller of the Currency (OCC) defines a compliance management system (CMS) as “the method by which […]

Is Regtech a Blessing or a Curse for Credit Unions?

Regtech may be one of the hottest new methods for financial institutes to navigate the compliance burden, but are smaller […]

What Does the Federal Reserve Look for in a CMS?

The Federal Reserve defines a compliance management system (CMS) as a credit union’s overall approach to managing compliance risk. Compliance […]

On Guard: Strengthening Risk Assessments in Key Areas of Regulatory Scrutiny
Risk Management Aids Prep for Risk-Focused Exams

Risk management helps financial institutions anticipate and guard against all kinds of risks—everything from cyber threats to compliance mistakes to […]

Can You Adopt an Agile Approach to Compliance?

One of the buzzwords in business these days is “agile.” If you’re looking to learn more about what an agile […]

A Risk Assessor Origin Story Courtesy of Stephen King’s IT

*** Warning: This blog contains spoilers for the horror movie IT (2017) and IT Chapter Two (2019). ***   Movies […]

What Does the FDIC Look for in a CMS?

The FDIC expects a bank’s board of directors and management to have a compliance management system (CMS) adapted to its […]

Ncontracts Promotes Stephanie Lyon to VP of Compliance

Ncontracts announced that it has promoted Stephanie Lyon to VP of Compliance. Lyon is responsible for leading the development and […]

How to Buy CMS Software: 7 Key Features Every CMS Needs

Compliance management is no joke. From the day-to-day work of making sure everyone is following policies and procedures to training […]

Everyone Excited About the Executive Order Declaring Guidance Non-Binding Stand Up! Not So Fast Bankers.

Last week President Trump issued an executive order stating that guidance from federal regulatory agencies is non-binding. The order formalizes […]

What Does the NCUA Look for in a CMS?

The NCUA defines a compliance management system as a credit union’s overall approach to managing compliance risk. Compliance risk is […]

Have You Prepared for Climate Change Risk?

Is your bank considering climate change risk when addressing enterprise risk management (ERM)? If not, it might be time to […]

Kumbaya! Bringing Together Risk, Compliance and Other Business Units
Quiz Time! How Did You Get Your Start in Banking?

Risk management starts at the top, but bankers typically start at the bottom. From janitors and tellers to junior loan […]

5 Fair Lending Lessons Learned in 2019

As Q4 2019 approaches, now is perfect time to reflect on some of the lessons learned this year. In particular, […]

Business Continuity Planning vs. Disaster Recovery: Understanding the Difference

Many people use the phrases “business continuity planning” and “disaster recovery” interchangeably, but they aren’t the same thing. Let’s take […]

4 Features Every Vendor Management Solution Needs 

A vendor management solution is more than a repository for contracts. It’s a system for reducing risk, ensuring compliance, and increasing efficiency […]

What If a Cyber Attack Caused a Bank Failure?

With just one bank failure in 2019 and none in 2018, it’s easy to think that banks and credit unions […]

Ignore KRIs & KPIs at Your Own Peril: Best Practices for Key Risk Indicators

Stop me if you’ve heard this story before. There’s been significant management turnover at a $1 billion financial institution (FI), […]

Fending Off Disaster: The Role of Vendor Management in Business Continuity Planning
Summer Blockbusters Revisited: Assessing My Risk Assessments

When it can cost nearly $100 to take a family of four to the movies (including snacks, of course), you […]

Is Your Institution Prepared for These Emerging Risks?

Across the business world, businesses in all industries are worried about the pace of change. That’s according to Gartner’s most […]

Why Vendor Cyber Monitoring Matters
PA Bankers Services Corporation Endorses Ncontracts’ Solution Suite

The PA Bankers Services Corporation (Services Corp.) and Ncontracts jointly announce the addition of Ncontracts into the corporation’s Select Vendor […]

6 Silo-Busting ERM Tips

How do seasoned risk professionals fight risk management inertia? They find ways to dismantle silos and develop processes to spark […]

Ncontracts Recognized by Inc. Magazine as one of America’s Fastest Growing Companies

Ncontracts, the leading provider of integrated risk management solutions for financial institutions has joined the Inc. 5000, the magazine’s annual […]

CU Broadcast Interviews Stephanie Lyon on Compliance Management System for Financial Institutions

Our very own Director of Compliance, Stephanie Lyon, talks with Mike Lawson from CU Broadcast about the company’s new Compliance […]

What Is a CMS – and Why You Should Have One
Vendor Employees Gone Wild: Structuring Vendor Contracts to Guard Against Rogue Insiders & Cyber Threats 

Capital One and its credit card applicants and customers are not having a good week. On Tuesday the Virginia-based bank […]

A Model CIO: Equifax CIO Keeps Showing Us How *Not* to Respond to a Breach

The big news out of Equifax this week is its $700 million settlement, including up to $425 million in consumer […]

Giving the People What They Want: Michael Talks CMS and Integrating Customer Feedback at ABA Conference

Is compliance a competitive advantage for banks and credit unions? It should be. That’s what I told Sam Lisker, who […]

The Risk Management/HR Connection

How often do you engage with human resources (HR)? Risk managers may not give a lot of thought to HR, […]

Hate Illegal Telemarketing Calls? So Does the FDIC.

Have you ever felt like there isn’t being enough done to enforce the Do Not Call List? Between spoofed robo-dialing […]

Are You Using a Data-Driven Approach to Compliance Risk?

There are financial institutions that usually feel confident about enterprise risk management. They feel they’ve identified and assessed potential risk, […]

3 Elements of a Vendor Cyber Monitoring Program

Growing cyber threats have made real-time monitoring of vendors an increasingly important element of a vendor management program. I sat […]

Another Vendor Behaving Badly: Failed Vendor Management Results in $236K+ Consent Order

How much do you think it would cost a mortgage servicer to conduct vendor due diligence and monitoring to ensure […]

Frequently Asked Questions About Cyber Monitoring

Vendor cybersecurity monitoring provides real-time data on vendors’ cybersecurity by collecting and assessing publicly available information. It detects threats and […]

ERM 101: What’s COSO, and Why Should I Care?
Not One & Done: Making the Case for Continuous Monitoring for Third-Party Cyber Risk

This whitepaper explores how real-time cyber monitoring complements due diligence via third-party reports for more robust cybersecurity awareness and how […]

Ncontracts Announces Integration With Compliance Alliance

BRENTWOOD, Tenn., June 20, 2019  —  Ncontracts, the leading provider of integrated risk management solutions for financial institutions, is announcing […]

Lessons Learned from Giving Away 1,100 T-Shirts at an ABA Conference

Forget Instagram likes. If you’ve ever longed to feel more popular and in-demand, handing out your full inventory of 1,100 […]

What to Do When You’re Worried About Your Vendor’s Finances

No one knows when the next downturn is coming. The only thing we can do is to assume one will […]

Ncontracts Launches New Compliance Management System (CMS), Ncomply

BRENTWOOD, Tenn., June 10, 2019 — Ncontracts, the leading provider of integrated risk management solutions for financial institutions, is announcing the […]

Fair or Foul: Understanding Fair Lending Compliance Risk
OCC: Operational Risk Remains Elevated

The only certainties in life are death and taxes, the saying goes, but I can think of one more thing: […]

Due Diligence 101: Are On-Site Visits Required?

How do you conduct an on-site third-party vendor review? It’s a hot topic at conferences and online. It’s also the […]

The Reality of Redlining Risk
Mini Fair Lending Risk Assessment
Fair Lending Compliance Training Module
A Quick Guide To CDD And Beneficial Ownership
Vendor Cyber Monitoring Free Security Report

Download a complimentary Cyber Security Monitoring Report and uncover your core vendors key vulnerabilities.

Creating Value with A Culture of Risk Management

Many bankers think the concept of a “risk management culture” is thought exercise. It’s the kind of psychobabble that takes […]

Summer Movie Blockbuster Risk Assessment: Which Blockbuster Sequel/Prequel/Reboot Should I See?

If you feel like Hollywood has been cranking out nothing but sequels and reboots, you’re not alone. The movie industry […]

GAO Grades Regulatory Agencies on Risk Management Supervision

It’s no secret that poor risk management at large financial institutions, including at the board level, helped bring about the […]

Wishing for More Regulatory Tailoring? You’ll Love Risk Management

In a world where bankers feel overwhelmed and disadvantaged by a seemingly one-size-fits-all regulatory environment, there remains one place where […]

Brokered Deposits & Vendor Management
We Listen So You Don’t Have To: FDIC’s Crisis & Response Podcast
Do Small Institutions Need Risk Management?
Ask Me Anything Q&A

Risk Managers Tell All

Community Bankers Association of Illinois Endorses Ncontracts Risk Management Solutions

CBAI member banks can rely on Ncontracts to be a trusted teammate to assist them with vendor and risk management, […]

The Three-Legged Stool of Privacy, Data Security & Vendor Management
Embezzlement in La La Land: How a TV Studio Credit Union CEO Stole $40 Million Over 20 Years
Game of Thrones: Risk Assessing The Iron Bank
Are You Making This Common Vendor Management Mistake Observed by the FDIC?
ERM 101: What’s COSO, and Why Should I Care?
ERM: Making the Connection
3 Tips for Avoiding an Equifax-Style Breach

When one of the nation’s largest credit reporting companies reports a breach involving the private financial data of over 145 […]

Why Vendor Cyber Monitoring Matters
Risk, Reward and a 3,000-Foot Drop: Breaking Down the Risk in Free Solo
Risk Management: Knowing When It’s Time to Start Again
How to Discover Vendor Cybersecurity Flaws Before Data Thieves Exploit Them
GAO & OCC Disagree Over Risk Management
Not One And Done


Ncontracts Bolsters Protections for Banks and Credit Unions

Ncontracts, the leading provider of active risk management for banks and credit unions, hopes to solve the problem financial institutions […]

Mastering UDAAP Vendor Risk

Understanding The Do’S And Don’Ts

Is the Absence of Risk Stunting the Next Generation of Risk Managers?
Training Risk Management Heroes, Part 2 – Maximizing the Board & C-Suite
Ncontracts Combines with TRUPOINT Partners to Bring Comprehensive Suite of Risk Management Solutions to Financial Institutions

Ncontracts, the leading provider of active risk management solutions for financial institutions, has acquired TRUPOINT Partners, adding lending compliance solutions […]

Celebrating Abraham Lincoln’s Banking Legacy: A Podcast
Training Risk Management Heroes, Part 1: Banking on the Frontline
The Bad Guys Keep Getting Smarter. Let’s Hope Financial Institutions and Vendors Can Keep Pace.
Fintech Update: Agencies Encourage Increased Regulator Oversight of Third Parties, but Will Anything Happen?
Third-Party Management of Cloud Computing
Don’t Worry. Be Ready.


2019 Risk Outlook: Concentration Risk
Is Apple Pay a Vendor?
NCUA Eyes Economic Environment, Change Management & Third-Party Risk With 2019 Supervisory Priorities
The Top 8 Internal Cybersecurity Vulnerabilities Challenging Financial Institutions
Guarding Against Cybersecurity Threats

Assessing Third Parties and Measuring What Matters

How the Government Shutdown is Affecting Regulatory Agencies
Your Vendor Talks Risk Management Talk, but Does It Walk the Walk?
Inside the Life of an Information Security Officer

Keeping the Board Frightened, Debating Findings & Those Darn Phishing Emails

What Hogwarts House Would Your Risk Management Team Be Sorted Into?
Turf Battles and Low Morale Can Increase Risk. Just ask FinCEN.
Tracking Exam And Audit Findings

New Ways To Build A Next-Generation Risk Management Process

Holiday Gift to Bankers: Regulators Slap Down Fintech Bank Wannabe
Yule Shoot Your Eye Out: Classic Holiday Movie Characters That Underestimated Risk
What Asset-Based Risk Assessments Get Wrong
Findings on Findings on Findings: Guess Whose Audit Uncovered Over 2,000 Findings?
Examiners Will Be Focusing on Your Institution’s Riskiest Areas. Do You Know What They Are?
Ncontracts Receives Endorsement from the Florida Bankers Association for Contract Management
You Got SOC Questions? We Got SOC Answers!
The Lessons from Marriott’s Epic Data Breach
Game of Thrones Survey Results: Westeros Has Spoken
How To Leverage SOC And SSAE 18 Reports Throughout Every Department of Your Financial Institution
Risk Management Among Top 3 Skills for Sought-After CFOs
OFAC, Cyber Risk & Third-Party Vendors: What You Need to Know
What Jason Bateman Taught Me About Money Laundering & Other BSA Lessons
Ncontracts Welcomes Rahul Gupta to Board of Directors
Cybersecurity 101: How to Get Senior Management to Spend More on Cybersecurity
Lessons from a Fintech O.G.
Fintech Disruption & Risk


3 Spooky Contract Clauses That Will Raise Eyebrows
Are You Ready for the Next Economic Downturn?
3 Types of Vendor Monitoring
Coming to a GSE Near You: Better Third-Party Risk Management via FHFA Guidance
Sharing BSA Resources with Another Institution? Third-Party Vendor Management Rules Apply
Monkey Business: What Two Gambling Monkeys Can Teach Us About Risk
Ammo for the Budget Battle: 7 Reasons Why Risk Management Delivers ROI
Vendor Management Includes Vendor Selection


OCC: Cybersecurity, Commercial/Retail Credit & BSA Will Be 2019’s Top Supervisory Priorities
7 Things You Need to Know Before Buying Cybersecurity Insurance
FDIC Proposes Retiring Half Its Risk Management FILs—But Don’t Get Too Excited
Laws vs. Regulations vs. Guidance: New Interagency Statement Provides Clarification
Free Your Inner Luddite & Find Risk Management Peace
Discovering a Vendor Data Mistake: A Lesson from the Fiserv Flaw
Nine Young Bankers Who Changed America: A Podcast Well Worth a Listen
Poor Vendor Risk Management Costs Bank $4.75 Million
Vendor Policy: Solving the Mystery of Classifying Vendors

If your vendors are labeled or classified solely by dollar amount, you may be in for a surprise.

How to Set Up a Risk Committee
Risk Assessments 101: The Role of Probability & Impact in Measuring Risk
Which Risk Manager Would You Hire? Game of Thrones Edition
5 Features Every Vendor Management Software Solution Should Have
FS-ISAC Offers Free Cyberattack Exercise
10 Steps to a Pain-Free Vendor Management Process

The directive came from on high, and there is no escaping it: You are responsible for your institution’s vendor management […]

Is Your Third-Party Vendor Contract Specific Enough When It Comes to Cybersecurity?
Lessons Learned

What a First-Hand Account of 9/11 Can Teach Us About Business Continuity Planning

How Confident Is Your CFO When It Comes to Managing Risk?
Examining the Examiner: What the OIG Has to Say About the FDIC
Risk & Vendor Management: The Role of Committees vs. Departments
Should Vendor Management Report to Compliance or IT?
Vendor Consolidation: What It Means for Vendor Management and Due Diligence
How Well is Your Board Managing Risk?
How Not to Use Test Results: A $613 Million Enforcement Action Story
What Role Did Bankers Have with the Founding of the United States?
Wells Fargo Scandals: Re-Established 2018
Should You Outsource Vendor Management?
Two Shocking Contract Management Mistakes That Cost Bankers Their Jobs
Lost in Space

The Benefits of Automation in New Worlds of Contract Management and e-Signature

FS-ISAC: Third Parties “Still a Big Risk”
Are Silos Stunting Your Risk Management Efforts?
First, Second, Third, Fourth and Fifth Parties: How to Measure the Tiers of Risk
OCC: Third-Party Providers Contribute to ‘Elevated’ Operational Risk
Your Risk To-Do List: Following Up on New FinCEN Customer Due Diligence Rules
Risk Management: How Do You Measure Up?
Willing to Take a Gamble? Don’t Wager on High-Risk Activities Without a Careful Risk Assessment
Congress is Rolling Back Regulations. Can You Roll Back on Risk Management?
Notifying Clients of Data Breaches: Which State Law Should We Follow?
Managing the Risk of Cyber Threats

Assessing Third Parties and Measuring What Matters

Should I Stay or Should I Go? Catch Third-Party Vendor Problems Before the Regulators Provide Notice of Violations
BSA Heroes: How FinCEN Data Uncovers Big Crimes
How to Respond When a Vendor Gets Hacked
When Your Vendor Says ‘Your Data Was Breached—Six Months Ago.’
New Regulatory Guidance About Cybersecurity Insurance
Are You and Your Vendors Ready for GDPR?
The Devil’s In The Details

How the State Notice of Breach Provisions Impact Third-Party Risk and Operations

How to Break Up with Your Vendor
Increasing Risk May Not Mean What You Think It Does
Can Improving the Customer Experience Aid Risk Management?
Vendor’s Anatomy

How Vendor Management Impacts GDPR, Reg X, Cybersecurity, and More

Wells Fargo Answers to a Higher Power Over Poor Risk Management
Ticking Time Bomb: Why A Free Vendor Management Checklist Is A Disaster Waiting to Happen
Cyber & the C-Suite

What Top Management Needs To Know About Cybersecurity

NCUA Keeps Supervisory Priorities Steady in 2018
An Analysis Of Contract Management Issues For Small And Medium-Sized Organizations
Don’t Risk a Broken Heart: Risk Assessing Valentine’s Day Gifts
What Does the N in Ncontracts Stand for Anyway?
10 Business Continuity Planning Basics
Creating Reliable Risk Assessments: How to Measure Compliance Risk
Creating Reliable Risk Assessments: How to Measure BSA Risk

Part 3 of 4

Top 10 Things to Consider for an Effective BCP Plan
Creating Reliable Risk Assessments: How to Measure Cyber Risk
Creating Reliable Risk Assessments: How to Measure Data Security / GLBA Risk
Creating Reliable Risk Assessments
Resolve to Get Your Findings Organized in 2018 With 3 Easy Tips
Business Continuity Plan Information Gathering Checklist

Where To Begin?

Deep Dive

A Detailed Evaluation of Your Critical Vendors

Been Through a Disaster? Be Ready to Talk BCP and Risk During Your Next Exam
Guess Which Agency ERM Program Just Got Called into Question?
Shelved Elves: Santa Ponders the Risks and Rewards of Outsourcing Toy Making
Everything is Bigger in Texas – Like BSA Fines
Misleading Vendor Marketing Costs Missouri Bank $5 Million
What A Difference A Vendor Makes

How to Identify Your Critical Vendors

Did You Hear the One About the Community Bank and the Russian Oligarch?
Third-Party Vendor Breach Costs Texas Credit Union
9 Steps to an Effective Tabletop BCP Test
How Puerto Rico’s Vendor Management Went Awry with Whitefish Energy
Wells Fargo Teller Steals $185k from Homeless Customer
OCC Bulletin 2017-43: Guidance for Risk Management of New Activities
When Risk Gets Spooky – Risk Assessing Halloween Candy
The OCC’s Top 5 Supervisory Priorities in 2018
“Deficient Vendor Management Practices” Result in $1.5 Million Fine
5 Things Vendors Want You to Know Before You Buy
How Did We Get Here?: A History of BSA
Regulatory Alphabet Soup Part 2: The Predicted Death of GRC

The idea behind GRM is that governance, risk and compliance are interdependent, but often siloed—leading to shortfalls.

Reliable Risk Assessments

How to Maximize the Benefits of your Risk Assessment


How to Respond when a Vendor Gets Hacked

What Breed of Risk Manager Are You?
The BSA/AML Compliance Pep Talk You Need
When Vendors Fight: CUNA Mutual Suit is an Important Reminder to Stay on Top of Vendor Due Diligence
Business Continuity Planning: Where to Start
FDIC Supervisory Insights for Summer 2017: Focus on BSA
Vendor Accountability

How to Motivate Vendors and Get Results with Service Level Agreements

3 Ways to Keep Your Business Continuity Plan Current
Déjà vu: Wells Fargo Can’t Stay Out of Trouble
Here We Go Again: Vendor Cybersecurity Breaches Keep Wreaking Havoc
3 Reasons Chief Risk Officers Fail
Beach Bummed: How One Construction Crew Ruined the Summer Season
OCC Singles Out a Bank Director for Excessive CEO Compensation
Darkest Day or Finest Hour?

How to communicate essential information during a business disaster

The CFPB is Upping Its Vendor Management Game
What Took 5 Years and $10 Million and Did Nothing to Punish Wall Street for the Mortgage Crisis?
Guardians Of The Risk

A Practical Application of Risks & Controls – Vol. 1: Mobile

How Are You Coping with a Growing Vendor List?
Much Ado About Nothing: Update to the FFIEC Cybersecurity Assessment Tool Barely Worth a Mention
FDIC Guidance: Model Risk Management of Third-party Vendors
5 Ways to Succeed at Vendor Management
Don’t Confuse Clarity with Forgiveness
STOP! Collaborate Cautiously and Listen- The OCC is Back with New Third-Party Risk Management Guidance
Pro User Tip: Make the Most of Summer Interns
Spreadsheets Aren’t Free: 5 Hidden Costs
Reputation Risk Fallout Never Ends. Just Ask Target.
Will Your Vendors Fall Victim to Ransomware and Other Cybersecurity Threats?
Risk Assessing Your Information & Data Security Program
Ncontracts Acquires Supernal Software to Bring Customers BSA and Compliance Solutions
FinCEN: MoneyGram Compliance Officer on the Hook for $250,000 Penalty
Independent Banker Magazine Interviews Michael Berman, Ncontracts CEO
Inside the New SSAE 18: Vendor Management Changes
Risk Management Master: Q&A with Ncontracts’ Mitch Klein
Ncontracts Customers Tune into Risk Management at Ngage 2017
What Does Your Customer Data Have in Common with a Hit Netflix Show?
Vendor Management: What the NCUA Really Wants
Ncontracts Acquires Supernal Software, Further Extending its Leadership Position as the Risk Management Solution of Choice for Financial Institutions
Now What

How to Get Your Team to Adopt New Software

Vendor Management: What the Fed Really Wants
Vendor Management: What the FDIC Really Wants
OCC Vendor Management: What the OCC Really Wants
The Business Continuity Third-Party Service Provider Resiliency Checklist
Guarding Against Cyber Events: How Strong Are Your Vendor’s Protections?
Warning Ahead: Many Vendor Contracts Are Missing Essential Internal Controls
Is Your Contract Protecting Your Institution?
Weak Vendor Management Trickles Down to Contracts

Third-party vendor management is all about managing risk. It’s an issue that regulators have been pressing for years, yet it […]

Is Your Vendor Prepared for Disaster?

The only thing worse than having a critical system go down is having a critical system go down and having […]

The Life of a Strategic Risk Manager: Building Buy-In
The Life of A Strategic Risk Manager: The problem of manual processes
Is the Cloudbleed Bug Putting Vendor-Held Data at Risk?
OCC: Marketplace Lenders Are Third-Party Vendors
What Happens in New York Doesn’t Stay in New York
Does Vendor Size Matter?
Western Unions Pays $184 Million for Ignoring Vendor Due Diligence
Lessons from the CFPB: Why It’s a Bad Idea for a Banker to Name His Boat Overdraft
Are You Connecting the Risk Management Dots?
Overcoming the Compounded Risks of Business Continuity Planning and Cybersecurity
How to Negotiate Bulletproof Vendor Contracts
Whitepaper: Top 10 Risks Third-party Vendors Pose to your Financial Institution
How the SSAE 18 Standard Will Affect Vendor Management
10 Ways Your Team Can Improve Risk Monitoring
E is for Exposure

Appendix E and Mobile Services Risk

E is for Exposure

Appendix E And The Role Of Vendor Management In Controlling Mobile Financial Services Risk

How to Negotiate Bulletproof Vendor Contracts
How to Motivate Vendors and Get Results with Service Level Agreements
Mergers & Acquisitions and the Critical Role of Vendor Management
Mergers and Acquisitions and the Critical Role of Vendor Management

Why Keeping Your Vendor Management House In Order Can Help You Seize M&A Opportunities

Vendor Risk Management: Navigating The Evolving Regulatory Landscape

Discover The Hidden Risks In Your Vendor Relationships

Understanding the Intersection of Vendor Management & BCP
Evolving Vendor Management Expectations

Three Lessons Learned From The Fdic’S Video Guidance

Cybersecurity and Vendor Management

Don’t Put Your Financial Institution Next In Line For A Cyber Attack

The Intersection of Enterprise Risk and Vendor Management

These Two Operational Functions Must Collaborate, Not Compete, For Effective Risk Management

Don’t Let Heartbleed Lead to Vendor Management Heartbreak
How to Negotiate Bulletproof Vendor Contracts

Whether your financial institution has one branch or 1,000, your ability to maintain productive vendor relationships comes down to the […]

Documentation is Key: Takeaways from the OCC’s Third-Party Vendor Risk Management Procedures
After Six Years, Agencies Fine Mortgage Processor $65 Million
Why Inertia Creates Risk
The Risks of Apple Pay for Banks and Credit Unions
Broker-Dealers Need Vendor Management Too
The Top 10 Risks Whitepaper
RiskTech vs RegTech
Don’t Let the Gift of a Longer Small Bank Exam Cycle Become a Liability
Prediction for 2017: Risk-based Exams Will Continue to Force Vendor Management Out of the Box
Cloudy with a Chance of Data Loss

Perhaps there’s no buzz word more confusing to bankers and credit union executives than the “cloud.” It evokes an ethereal […]

When Natural Disasters Become Customer Relationship Disasters

Customers don’t want to hear that a data center across the country flooded, a cyberattack overwhelmed systems or a piece […]

Why You Need to Focus on Cybersecurity Risk Now
What is Concentration Risk – And What Does My Regulator Have to Say About It?

When most bankers and credit union executives think of concentration risk, they think of lending—but concentration risk has a different […]

Compliance Risk – Avoid Vendor Compliance Failures by Properly Assessing Risk

Compliance risk is the danger financial institutions face when they outsource product and service delivery to third-party vendors. It’s not […]

Country Risk – Why It Pays to Choose Domestic Service Providers

If you think it’s tricky to keep track of the rules and regulations of your regulatory agency, imagine having to […]

Planning to Fail or Failing to Plan – Strategic Risk

Strategic risk is the possibility that a company doesn’t make decisions that support its long-term goals. Companies that aren’t managed […]

Assess Vendor Reputation Risk – Before You Have to Rebuild Yours

Ben Franklin once wrote that “Glass, china and reputation are easily cracked, and never well mended.” Reputational risk is present […]

Operational Risk – Foreseeing the Unforeseen Costs of Outsourcing
CU Broadcast interviews Michael Berman on M&A for CUs

Mike Lawson of CUBroadcast interviews Ncontracts CEO, Michael Berman, and discusses mergers and acquisitions for credit unions.

Credit Risk – You’ll Take the Blame If Your Vendor Doesn’t Have the Credit

Credit risk is the strength and ability of a company to manage debt and stay in business to ensure continued […]

The Human Side of Vendor Management – What Vendor Management Can Learn From HR

Many financial institutions view vendors as a necessary evil, but extending a little trust to vendors goes a long way […]

One Size Doesn’t Fit All – Updated Guidance from CFPB on Third-party Service Providers
Surrogate Regulators: The Vendor Management / Fintech Connection
Don’t Blow It at Exam Time – Pay Attention to the FFIEC Cybersecurity Assessment Tool
Losing Control: Poor Compliance Controls Lead to $28.5 Million in Fines and Redress for Navy FCU
Three Years and Many Millions Later: Paying the Price When a Vendor Fails to Deliver

There is such a thing as too little, too late—especially if you’re a bank that made the mistake of failing […]

Your Vendor Shortlist is Not a State Secret

Keeping your vendor shortlist a secret may seem like a good idea, but protecting it only serves to limit your […]

How Not to Manage Risk–A Lesson Courtesy of Wells Fargo

Either Wells Fargo didn’t have strong enough account opening and management policies and procedures in place or there wasn’t a […]


Weeding Through The Jargon

Are Your Third-Party Vendors Protecting the Rights of Servicemembers?
Leveraging Institutional Knowledge to Maximize CMS Efficiency

Five Challenges Today’s Compliance Officers Face— And How To Handle Them

Preventing the Top 3 Vendor SLA Mistakes
Compliance Emergency Room – Tracking Exam and Audit Findings
Vendor Mistake Costs Bank $10 Million
When Vendor Relationships Go Wrong
BSA Meets Vendor Management
What is Vendor Management?

Vendor management is the process by which an organization’s third and fourth-party vendor contracts, expectations and business dealings are organized […]

Ncontracts Appoints Tom Bell to Board of Directors
Can Your Third-party Vendor Fend off Cyber Attacks?
When Third-Party Vendors Mean Quadruple the Risk
Four Ways to Ensure Your Vendors Are Prepared for Disaster
The $30 Million Spreadsheet: The hidden costs of spreadsheets–and their mistakes
Community Bankers of Michigan expands its endorsement of Ncontracts
The OCC Walks the Enterprise Risk Management Walk—and So Should You
FDIC Vendor Management Guidance
Community Bankers Association of Ohio Expands Partnership with Ncontracts
Tennessee Bankers Association Endorses Ncontracts Risk Management Solutions
ICBA Endorses Ncontracts As New Preferred Service Provider of Vendor Management Solutions
Kentucky Bankers Association Expands Endorsement of Ncontracts
Cybersecurity Maturity: How Grown up is your Solution?
Becoming Unbreakable: Why Business Continuity is Critical for FIs
The Perps Behind Cyber Crime May Not Always Be Who You Think
The Face of Third-party Vendor Risk Management in 2016
Forget Social Media: In 2016, you may be Paying Bills with a Selfie
CFPB Alert: Guidance on Preauthorized Debit Transactions
Black Friday, Card Creepers, and Aluminum; Oh My!
The FFIEC Brings the Board to the Block
EMV chips are here. Are you ready?
EMV chips – a required FI nightmare?
The Auditors are Coming! The Examiners are Coming!
The FFIEC Issues 2015 Statement Regarding Ransom-based Cyber-attacks
Ncontracts is now Endorsed by the Texas Bankers Association!
Ncontracts Receives Endorsement from the Texas Bankers Association for Vendor Management
Skeletons from the Fed’s Closet
Yellen ain’t yellin’
EMV Chips with No Service Dips
Concerns Surround the FFIEC Cybersecurity Assessment Tool
7 essential steps for successful vendor management
Ncontracts combines with Strohl Risk Solutions to provide a full suite of risk management solutions
Financial Industry Risk Management Solutions Company Ncontracts Appoints Stacy Kilgore As New CFO
Have a Service Level Agreement (SLA) for Every Vendor
Ncontracts Secures Growth Equity Investment from Mainsail Partners
5 Tips for Better Contract Management
New BCP Guidance from the FFIEC
 Featured image for Ask Me Anything Q&A