When most bankers and credit union executives think of concentration risk, they think of lending—but concentration risk has a different meaning when talking about third-party vendor management. Regulators are looking at two main concerns: Over-reliance on a single vendor & geographic concentration.
Compliance risk is the danger financial institutions face when they outsource product and service delivery to third-party vendors. It’s not a rare occurrence. FIs are regularly called out by regulators when their vendors fail to follow the rules.
Strategic risk is the possibility that a company doesn’t make decisions that support its long-term goals. Companies that aren’t managed well and make poor strategic decisions may provide sub-par products or services or even close shop.
Ben Franklin once wrote that “Glass, china and reputation are easily cracked, and never well mended.” Reputational risk is present any time a vendor enters the picture, so it makes sense to spend the necessary time and resources to choose only those vendors who have proven to be trusted and valuable partners.
If you build it, they will regulate it—but should they? That’s a question financial institutions should be asking as agencies like the Consumer Finance Protection Board (CFPB) and Office of the Comptroller of the Currency (OCC) jockey to regulate Fintech firms. On its surface, it may seem like the obvious answer is yes—that regulators should […]
Remember when you were in college and had to decide if you’d do the recommended reading for a class? It wasn’t exactly mandatory, but you never knew if that material would show up on a test. You were taking a risk if you chose to ignore it. Financial institutions run the same risk today if […]
There is such a thing as too little, too late—especially if you’re a bank that made the mistake of failing to oversee a vendor that didn’t deliver billed services to customers.
In offices and on conference calls across America, salespeople are plotting to baffle financial institutions with an acronym created not by regulators, but by marketing personnel. It’s not hard. Compliance and risk management are already mysterious—up there with Big Foot, the Loch Ness monster, the origin of Stonehenge and whether or not your cat actually […]
America’s armed forces protect our country—and the financial services industry is supposed to do the same for servicemembers, following laws and regulations to minimize financial worries while they’re busy serving their country. That includes financial institutions’ third-party vendors, as a recent speech by Grovetta Gardineer, the OCC’s senior deputy controller for compliance and community affairs, […]
For years regulatory agencies, including the Office of the Comptroller of the Currency, have emphasized the importance of enterprise risk management (ERM) at financial institutions. Now the OCC is taking its own advice—and sharing its findings. The agency’s recently released “Enterprise Risk Appetite Statement1” is the work of its Office of Enterprise Risk management, a […]