Risk Management Guidance

Vendor Due Diligence

 

Regulatory bodies expect financial institutions to practice effective risk management regardless of whether they perform the activity internally or through a third party. According to the Bulletin of the OCC, an effective, third-party risk management process follows a continuous life cycle for all contractual relationships and incorporates the following phases:

  •       Planning
  •       Due diligence and Third-Party Selection
  •       Contract Negotiation
  •       Ongoing Monitoring
  •       Expiration/Termination

As institutions consider an allowance solution to use for the expected loss model, there may be other criteria to consider, including readiness, responsiveness and flexibility with the third party.


Related Asset - Whitepaper:
OCC-Risk Management Guidance on Third Party Relationships

OCC-Risk Management Guidance on Third Party Relationships - Download the PDF


Article Tags: