3 Lessons Learned from a Third-Party Vendor Breach
Late last year while the SolarWinds breach was drawing attention another third-party vendor breach was also wreaking havoc - here are the 3 lessons learned
9 Steps for Successful New Vendor Onboarding
Read to find out 9 steps for successful new vendor onboarding to set them up strategically, efficiently, and compliantly.
Customer Complaints & Poor Vendor Oversight Lead to $110 Million Settlement
Customer complaints shouldn’t be ignored and vendor oversight is a must, or you'll end up like Nationstar with a $110 million settlement.
Halloween Fun: Spook-tacular Risk, Compliance & Vendor Management Stories
We’ve put together a collection of our best Halloween-themed risk, compliance, and vendor management blog posts.
Is Your Vendor Prepared for Disaster?
Recent analysis conducted by the FDIC’s OIG finds that just half of vendor contracts it reviewed “explicitly included business continuity provisions.”
How Have Critical Vendors Performed During the COVID-19 Pandemic?
The COVID-19 pandemic has been a trying time for everyone—including financial institutions working with third-party vendors.
Incident Tracking: 4 Benefits & 5 Best Practices
Incident tracking is an important part of any vendor management system with many benefits and can be an effective tool when handled properly.
Vendor Due Diligence: Don't Make This SOC 2 Report Mistake
Make sure to engage in due diligence with your third-party vendor and avoid critical SOC 2 report mistakes.
Did Your Vendor Need PPP Funds?
Did one of your critical third-party vendors need Paycheck Protection Program (PPP) funds?
Does Your Vendor Management Program Measure Up to the DOJ Expectations?
Every FI knows that regulatory agencies evaluate their vendor management program as part of the exam process. The Justice Department does too.
Third-Party Vendors & Compliance Risk: 10 High-Risk Compliance Situations
That’s the situation financial institutions face when a third-party vendor acting on behalf of the bank doesn’t comply with laws and regulations.
Due Diligence Documentation: 9 Common Mistakes
Vendor due diligence is a regulatory requirement of the vendor management process. Financial institutions are required
9 Benefits Of Vendor Management Software Vs Manual Tracking
When it comes to vendor management software, some financial institutions rely on a combination of spreadsheets, email, and shared drive files.
OCC Releases Final CRA Modernization Rule: What You Need to Know
The OCC released its final Community Reinvestment Act (CRA) rule last week, shortly before Comptroller Joseph Otting stepped down.
3 Common Questions About Vendor Response To COVID-19
Monitoring critical vendors’ response to COVID-19 and the effectiveness of their ongoing business continuity management (BCM)
Are Your Vendors Flexible in a Crisis?
From the Paycheck Protection Program to mortgage forbearance, FIs have scrambled to adjust to new rules and help customers obtain much-needed funding.
Finastra, World’s Third-Largest Fintech, Responds to Ransomware Attack
Finastra, the third-largest fintech company in the world, took its servers offline Friday to protect its data after detecting a ransomware attack, the
Pandemic Planning: 10 Questions to Ask Your Vendors About Coronavirus Preparedness
As COVID-19 spreads across the country at an alarming pace, creating panic, quarantines, and serious health risks, it’s important to make sure your...
3 Take-aways from the OCC Third-Party Vendors Relationship FAQ
The OCC released a Frequently Asked Questions (FAQ) supplement to OCC Bulletin 2013-29 that gives more clarity on regulations around third-party vendors.
How Not to Save Money on Vendor Management
Earlier this month Federal Reserve Governor Michelle Bowman announced that the Federal Reserve is working with the other supervisory agencies to update its
7 Best Practices for Aligning Fintech With Your Business Strategy
Fintech is one of the buzziest trends in financial services right now, and no financial institution wants to be left behind.
Are Vendors Your Biggest Obstacle to Fintech Adoption? It Might Not Be Their Fault
Once your FI has laid out its strategic goals, it needs to know if a vendor will have the products and services it needs to accomplish them.
When Customers Invite Third-Party Risk
In a world where consumers are often willing to trade privacy for convenience, even banking passwords are no longer sacrosanct.
4 Features Every Vendor Management Solution Needs
A vendor management software solution organizes existing processes and documentation while showing how vendor relationships and policies can be improved.
Vendor Employees Gone Wild: Structuring Vendor Contracts to Guard Against Rogue Insiders & Cyber Threats
Capital One and its credit card applicants and customers are not having a good week.
A Model CIO: Equifax CIO Keeps Showing Us How *Not* to Respond to a Breach
The big news out of Equifax this week is its $700 million settlement as a result of its 2017 data breach. It’s the most expensive breach settlement ever.
3 Elements of a Vendor Cyber Monitoring Program
An FI’s vendor management program is part of its enterprise risk management. Vendor management can’t be done in a vacuum.
Another Vendor Behaving Badly: Failed Vendor Management Results in $236K+ Consent Order
Failing to engage in appropriate third-party vendor planning, due diligence, contract negotiations, and ongoing monitoring has bad results.
What to Do When You’re Worried About Your Vendor’s Finances
How do you know your vendor is in trouble and what can you do if it is? Read on to find out.
Due Diligence 101: Are On-Site Visits Required?
Let’s start with guidance on the subject. There is very little guidance requiring on-site due diligence. It’s peppered with words like “may” or...