Examining the Examiner: What the OIG Has to Say About the FDIC
Your regulator may seem like an all-powerful force, but everyone answers to somebody. In the case of the FDIC it’s the (OIG)
Risk & Vendor Management: The Role of Committees vs. Departments
When it comes to risk and vendor management, both the board and management have specific roles to play, but where do committees and departments fit in?
Should Vendor Management Report to Compliance or IT?
What’s best for one financial institution isn’t necessarily best for another. One common question: Should vendor management report to compliance or IT?
Vendor Consolidation: What It Means for Vendor Management and Due Diligence
Many financial institutions are choosing to consolidate vendors. It’s a move that makes sense from a business and management perspective, but how does
Should You Outsource Vendor Management?
For years, financial institutions have outsourced a variety of activities to third-party vendors creating a new conundrum: Should vendor management be
OCC: Third-Party Providers Contribute to 'Elevated' Operational Risk
Could a third-party provider be the weak link in your institution’s operations? It’s possible, according to the Office of the OCC
Notifying Clients of Data Breaches: Which State Law Should We Follow?
Your financial institution is regulated by one state but has an office in another state. Which state’s law do you follow in the event of a data breach?
How to Respond When a Vendor Gets Hacked
A vendor data breach is a nightmare for any bank or credit union. From the financial cost to the bad press to the regulatory attention, data breaches pose
When Your Vendor Says ‘Your Data Was Breached—Six Months Ago.’
What’s worse than a vendor that suffers a data breach that exposes your sensitive customer information? The answer: A vendor that waits almost
How to Break Up with Your Vendor
There may be 50 ways to leave your lover, but when it comes to ending a relationship with a vendor there’s really just one path to follow...
Third-Party Vendor Breach Costs Texas Credit Union
A Texas credit union has found itself dealing with the expensive consequences of a third-party vendor breach, it announced to members last week.
"Deficient Vendor Management Practices" Result in $1.5 Million Fine
Missouri bank slapped with fines for what the OCC calls \"deficient vendor management practices.\" Here's what happened and how you can avoid similar fines
5 Things Vendors Want You to Know Before You Buy
If you could get a peek into the minds of your vendors when you're considering a purchase, here's what you'd find. Check out what vendors want you to know.
5 Ways to Succeed at Vendor Management
Risk and vendor management is all about analysis and organization, but many risk officers get bogged down in organization and lose time for analysis.
Spreadsheets Aren’t Free: 5 Hidden Costs
The costs your institution will incur if it’s using spreadsheets to oversee risk management or compliance may not be obvious until it's too late.
Will Your Vendors Fall Victim to Ransomware and Other Cybersecurity Threats?
63% of cybersecurity breaches occur through third-party vendors. That's why it's vital that your vendor management process protects you from threats.
Inside the New SSAE 18: Vendor Management Changes
The new SSAE 18 vendor management rules impact every financial institution. In this blog post, we look at each change and how it will affect your FI.
Vendor Management: What the NCUA Really Wants
When a financial institution outsources an activity to an outside vendor, it can enhance the member experience, but it can also introduce increased risk.
Vendor Management: What the Fed Really Wants
The Fed has specific needs regarding vendor management. This article looks at what the Fed wants when it audits your financial institution.
OCC Vendor Management: What the OCC Really Wants
You just found out you're getting a visit from the OCC. Vendor management is suddenly top priority what do they want? This is the resource you need to read
Warning Ahead: Many Vendor Contracts Are Missing Essential Internal Controls
The phrase “internal controls” is closely associated with accounting, but these valuable tools are also an integral part of risk management.
Weak Vendor Management Trickles Down to Contracts
Third-party vendor management is all about managing risk. It’s an issue that regulators have been pressing for years, yet it seems that not every
OCC: Marketplace Lenders Are Third-Party Vendors
The OCC says marketplace lenders are third-party vendors. How does that affect your risk exposure? We look at how you're affected in this blog post.
Does Vendor Size Matter?
Some institutions try to simplify vendor management by picking the biggest vendor in each category. Going big, however, is not always the safest option.
Western Unions Pays $184 Million for Ignoring Vendor Due Diligence
After failing to conduct adequate due diligence on vendors, incl. background checks and on-site reviews, the $184MM fine may be its biggest transfer yet.
Documentation is Key: Takeaways from the OCC’s Third-Party Vendor Risk Management Procedures
Ever wish for a list of exactly what an examiner is looking for? When it comes to the OCC and vendor management, your wish has been granted.
Broker-Dealers Need Vendor Management Too
The Financial Industry Regulatory Authority (FINRA) is putting broker-dealers on notice that vendor management of cybersecurity will be a hot topic in 2017
Cloudy with a Chance of Data Loss
Perhaps there’s no buzz word more confusing to bankers and credit union executives than the “cloud.” It evokes an ethereal image of data floating safely
What is Concentration Risk - And What Does My Regulator Have to Say About It?
When most bankers and credit union executives think of concentration risk, they think of lending—but concentration risk has a different meaning whentalking
Assess Vendor Reputation Risk - Before You Have to Rebuild Yours
Ben Franklin once wrote that “Glass, china and reputation are easily cracked, and never well mended.” Reputation risk can be mitigated through these steps