Banks, insurance companies and other entities regulated by the New York Department of Financial Services are facing a new cybersecurity regulation designed to prevent cyberattacks and protect private customer data, but it’s reach may go much farther than New York. In a rare turn of compliance events, that’s actually a good thing for banks outside […]
Sometimes, but it doesn’t replace the need for vendor risk management Some institutions try to simplify vendor management by picking the biggest vendor in each category. Going big lets them play it safe—or so they think. But choosing the largest vendor is no replacement for solid vendor management. Big vendors can offer a lot of […]
Banks accustomed to thinking of risk management as a point-by-point checklist should take note of the OCC’s Semiannual Risk Perspective for Fall 2016. Released in January, the document reinforces the agency’s enterprise wide approach to risk management, particularly when it comes to vendor management. Third-party risk management made cameos in several discussions of risk including: […]
Vendor risk management is an ongoing process—one that begins with due diligence before a contract is signed and continues with monitoring throughout the length of the relationship. This blog series on the Top 10 risks will help you more effectively address how third-party vendor risk throughout every department in your financial institution.
Fourth-party risk used to be like plugging holes in a boat. Not only would you have to assess critical vendors’ IT security controls, but you’d have to look down the line at vendors’ critical vendors. The new SSAE 18, taking effect May 1, 2017, eliminates that problem for financial institutions that know how to interpret […]
Whether your financial institution has one branch or 1,000, your ability to maintain productive vendor relationships comes down to the quality of the vendor contract. For larger institutions, lawyers and years of experience eliminate many of the loopholes that otherwise create vulnerabilities for smaller FI’s. While substandard contracts can mean thousands of dollars per year in […]
Service level agreements can help financial institutions meet organizational goals and objectives by motivating vendors to reach guaranteed performance benchmarks—but only if they are written the right way. Savvy institutions develop effective SLAs by prioritizing goals, choosing smart measurements, setting specific benchmarks and creating enforceable consequences. Then they monitor them to ensure compliance. In this whitepaper, […]
Due diligence is essential for acquiring financial institutions. It’s the only way to truly understand the value of the institution being acquired—and avoid unseen risks. That includes vendor management. Failure to thoughtfully combine cultures and vendors can hurt your institution’s bottom line—not to mention cause regulatory missteps or adverse risks. This webinar will show you […]
Due diligence is essential for acquiring financial institutions. It’s the only way to truly understand the value of the institution being acquired—and avoid unseen risks. That includes vendor management. Failure to thoughtfully combine cultures and vendors can hurt your institution’s bottom line—not to mention cause regulatory missteps or adverse risks. This whitepaper will show you how tackle […]
Every financial institution has hundreds of third-party service providers assisting them with their business operations. What if one or more of them wasn’t viable from a risk perspective? This whitepaper will help guide both novices and experts alike in building and managing successful vendor management programs.