Vendor Due Diligence

Regulatory bodies expect financial institutions to practice effective risk management regardless of whether they perform the activity internally or through a third party. According to the Bulletin of the OCC, an effective, third-party risk management process follows a continuous life cycle for all contractual relationships and incorporates the following phases:

  • Planning
  • Due diligence and Third-Party Selection
  • Contract Negotiation
  • Ongoing Monitoring
  • Expiration/Termination


Vendor Due Diligence