Vendor risk management is an ongoing process—one that begins with due diligence before a contract is signed and continues with monitoring throughout the length of the relationship. This blog series on the Top 10 risks will help you more effectively address how third-party vendor risk throughout every department in your financial institution.
10 blog posts combined into one whitepaper You’ve read the top 10 risks blog posts, now download the whitepaper. From credit risk to cloud risk and everything in between, you’ll be up to speed and thwarting off risk at every turn in no time.
Perhaps there’s no buzz word more confusing to bankers and credit union executives than the “cloud.” It evokes an ethereal image of data floating safely and serenely overhead, able to materialize on screen with the press of a button. But the cloud is a place on earth. Actually, many places on earth.
Customers don’t want to hear that a data center across the country flooded, a cyberattack overwhelmed systems or a piece of equipment failed. In their eyes, it’s your fault. Regulators feel that way too. That’s why transaction risk is one of the 10 biggest vendor management risks facing financial institutions.
When most bankers and credit union executives think of concentration risk, they think of lending—but concentration risk has a different meaning when talking about third-party vendor management. Regulators are looking at two main concerns: Over-reliance on a single vendor & geographic concentration.
Compliance risk is the danger financial institutions face when they outsource product and service delivery to third-party vendors. It’s not a rare occurrence. FIs are regularly called out by regulators when their vendors fail to follow the rules.
If you think it’s tricky to keep track of the rules and regulations of your regulatory agency, imagine having to follow the legal, regulatory and operational requirements of foreign countries.
That’s exactly what needs to happen if a vendor is conducting any segment of your business in another country. Country risk is “an exposure to economic, social, and political conditions in a foreign country that could adversely affect a vendor’s ability to meet its service level requirements,” according to the FFIEC’s Appendix C: Foreign-Based Third-Party Service Providers.
Strategic risk is the possibility that a company doesn’t make decisions that support its long-term goals. Companies that aren’t managed well and make poor strategic decisions may provide sub-par products or services or even close shop.
Ben Franklin once wrote that “Glass, china and reputation are easily cracked, and never well mended.” Reputational risk is present any time a vendor enters the picture, so it makes sense to spend the necessary time and resources to choose only those vendors who have proven to be trusted and valuable partners.
Vendor risk management is an ongoing process—one that begins with due diligence before a contract is signed and continues with monitoring throughout the length of the relationship. This blog series on the Top 10 risks will help you more effectively address how third-party vendor risk throughout every department in your financial institution. #9 – Operational Risk […]