Banks accustomed to thinking of risk management as a point-by-point checklist should take note of the OCC’s Semiannual Risk Perspective for Fall 2016. Released in January, the document reinforces the agency’s enterprise wide approach to risk management, particularly when it comes to vendor management. Third-party risk management made cameos in several discussions of risk including: […]
Vendor risk management is an ongoing process—one that begins with due diligence before a contract is signed and continues with monitoring throughout the length of the relationship. This blog series on the Top 10 risks will help you more effectively address how third-party vendor risk throughout every department in your financial institution.
Fourth-party risk used to be like plugging holes in a boat. Not only would you have to assess critical vendors’ IT security controls, but you’d have to look down the line at vendors’ critical vendors. The new SSAE 18, taking effect May 1, 2017, eliminates that problem for financial institutions that know how to interpret […]
Whether your financial institution has one branch or 1,000, your ability to maintain productive vendor relationships comes down to the quality of the vendor contract. For larger institutions, lawyers and years of experience eliminate many of the loopholes that otherwise create vulnerabilities for smaller FI’s. While substandard contracts can mean thousands of dollars per year in […]
Service level agreements can help financial institutions meet organizational goals and objectives by motivating vendors to reach guaranteed performance benchmarks—but only if they are written the right way. Savvy institutions develop effective SLAs by prioritizing goals, choosing smart measurements, setting specific benchmarks and creating enforceable consequences. Then they monitor them to ensure compliance. In this whitepaper, […]
Due diligence is essential for acquiring financial institutions. It’s the only way to truly understand the value of the institution being acquired—and avoid unseen risks. That includes vendor management. Failure to thoughtfully combine cultures and vendors can hurt your institution’s bottom line—not to mention cause regulatory missteps or adverse risks. This webinar will show you […]
Due diligence is essential for acquiring financial institutions. It’s the only way to truly understand the value of the institution being acquired—and avoid unseen risks. That includes vendor management. Failure to thoughtfully combine cultures and vendors can hurt your institution’s bottom line—not to mention cause regulatory missteps or adverse risks. This whitepaper will show you how tackle […]
Every financial institution has hundreds of third-party service providers assisting them with their business operations. What if one or more of them wasn’t viable from a risk perspective? This whitepaper will help guide both novices and experts alike in building and managing successful vendor management programs.
Financial institutions aren’t just responsible for their own business continuity plans – they must also ensure that critical vendors have properly drafted, executed and tested plans. Is your organization properly addressing the connection and overlap of vendor management and business continuity planning? Download this educational whitepaper where you’ll learn about how best to: Assess and break […]
This webinar discusses the impact of breaches on financial institutions along with regulatory mandates that hold your executives and Board responsible for your vendors’ cybersecurity and disaster recovery resiliency. In this webinar, we’ll learn about the requirements of the FFIEC’s Cybersecurity Assessment Too, information on how the FFIEC, OCC, FDIC, and Fed mandates overlap regarding […]