SlideShare a Scribd company logo

CBA EDRppt

Download as PPTX, PDF
Joe Benz
Joe Benz
1 of 23
1 Smart Data. Smarter Workflow. Best Practices in Vendor Management Joseph Benz Regional Manager 2015 CBA Booth #302
2 EDR HISTORY • Founded 1990 • Headquarters: Shelton, CT • 260 Employees • Owned by DMG Information • More than 850 Lending Clients • Regional Compliance Summits
3 COLLATERAL360
4 COLLATERAL360 • Appraisal Management and Compliance • Tiered Environmental Reports and monitoring • Flood Certifications • Evaluations • Property Inspections • Tax Monitoring • Property Searches A central place to order, track and manage necessary reports for CRE
5 COLLATERAL360 Focus on compliance, workflow, and centralization • Live status of all reports • Bank-wide or loan specific view • Reporting abilities • See all exceptions made to loan policy • Listing of all vendors not currently “up to date” • Highlight all “issues”: delivery deadlines, expectations, revision requests • Staff and remote access
6 VENDOR MANAGEMENT Post Mortem • Vendors viewed as contributing factor in crisis • Inadequate oversight from financial institutions Why the focus on vendor management? Impact of Financial Crisis of 2008 Prior to Crisis • Vendor focus limited • Services were outsourced • So was vendor accountability Result: massive fraud and consumer distress
7 REGULATORY OVERSIGHT • OCC: Bulletin 2013-29 • OCC Bulletin 2001-47 • OCC Bulletin 2002-16: Foreign-Based Third-Party Service Providers • CFPB: Bulletin 2012-03 Service Providers • Federal Reserve: SR 13-19 Guidance on Managing Outsourcing Risk • FDIC Letter: Guidance For Managing Third-Party Risk – FDIC Compliance Manual, December 2012 – FIL-44-2008: Guidance for Managing Third-Party Risk – FIL-50-2001: Bank Technology Bulletin: Technology Outsourcing • NCUA: Supervisory Letter No.: 07-01 Multiple releases from multiple agencies
8 REGULATORY RESPONSE • Renewed regulator focus on third-party oversight  OCC, FDIC, FRB, CFPB, NCUA • Institutions must bear responsibility for supplier misdeeds • Enterprise-wide, especially executive involvement • Executive fingerprints on policy • Board of Directors involvement with policy and vendor selection • Clear process for selecting, communicating, monitoring, measuring performance of suppliers
9 Compliance as a System Board Oversight Compliance Program Compliance Audit Ownership Define Risk Define Scope Commitment Policy Training Monitoring Responsiveness Independent Periodic Transaction Testing https://www.fdic.gov/news/news/financial/ OCC Bulletin 2013-29 Mandates due diligence in selecting the third party
10 NEW REALITY • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
11 IMPACT OF REGULATIONS
12 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
13 DUE DILIGENCE Vetting your vendors • Centralized storage and tracking of vendor information: • Contact information • Appraisal licenses • E&O insurance • Coverage areas • Expertise
14 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
15 ENGAGEMENT Project versus Process • Central point for data entry • “Brick wall” separation • Automated engagement letter • Consider the appropriate vendors per policy: • Geographical expertise • Qualifications • History • Live status
16 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
17 VENDOR SCORING Tracking vendor experiences and performance, constantly • Recent Performance • Engagement Performance • Approved Expertise and Coverage Area • Instantly Verify License and E&O • Live Status OCC Bulletin 2013-29 Requires on-going and consistent monitoring
18 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
19 AUDIT TRAILS All correspondence, available when you need it
20 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, monitoring Combined, they put a strain on an already lean organization! Expectations, Summarized
21 POLICY ENFORCEMENT Enforce loan policy, vendor policy, and track exceptions Reporting • Policy exceptions • Vendor usage • License and E&O issues • Vendor performance • Response time • Quality • Invoice reports • Staff member production
22 FINAL THOUGHTS
23 Thank you! Questions or Comments: 203-265-2463 jbenz@edrnet.com CBA Booth #302

Recommended

The New Auditor's Report
The New Auditor's ReportThe New Auditor's Report
The New Auditor's ReportInternational Federation of Accountants
 
RogersD Resume (1)
RogersD Resume (1)RogersD Resume (1)
RogersD Resume (1)David Rogers
 
IAASB New Auditor's Report
IAASB New Auditor's ReportIAASB New Auditor's Report
IAASB New Auditor's ReportInternational Federation of Accountants
 
SMP Committee Strategic Initiatives
SMP Committee Strategic InitiativesSMP Committee Strategic Initiatives
SMP Committee Strategic InitiativesInternational Federation of Accountants
 
Growing Your Practice: Review, Compilation and AUP
Growing Your Practice: Review, Compilation and AUPGrowing Your Practice: Review, Compilation and AUP
Growing Your Practice: Review, Compilation and AUPInternational Federation of Accountants
 
Confidence in Financial Reporting
Confidence in Financial ReportingConfidence in Financial Reporting
Confidence in Financial ReportingInternational Federation of Accountants
 
BSA/AML in the USA and AML/CTF in the Caymans
BSA/AML in the USA and AML/CTF in the CaymansBSA/AML in the USA and AML/CTF in the Caymans
BSA/AML in the USA and AML/CTF in the CaymansElizabeth Baker, JD, CRCMP
 
Growing Your Practice: Review, Compilation and Agreed-Upon Procedures Engagem...
Growing Your Practice: Review, Compilation and Agreed-Upon Procedures Engagem...Growing Your Practice: Review, Compilation and Agreed-Upon Procedures Engagem...
Growing Your Practice: Review, Compilation and Agreed-Upon Procedures Engagem...International Federation of Accountants
 

Recommended

The New Auditor's Report
The New Auditor's ReportThe New Auditor's Report
The New Auditor's ReportInternational Federation of Accountants
 
RogersD Resume (1)
RogersD Resume (1)RogersD Resume (1)
RogersD Resume (1)David Rogers
 
IAASB New Auditor's Report
IAASB New Auditor's ReportIAASB New Auditor's Report
IAASB New Auditor's ReportInternational Federation of Accountants
 
SMP Committee Strategic Initiatives
SMP Committee Strategic InitiativesSMP Committee Strategic Initiatives
SMP Committee Strategic InitiativesInternational Federation of Accountants
 
Growing Your Practice: Review, Compilation and AUP
Growing Your Practice: Review, Compilation and AUPGrowing Your Practice: Review, Compilation and AUP
Growing Your Practice: Review, Compilation and AUPInternational Federation of Accountants
 
Confidence in Financial Reporting
Confidence in Financial ReportingConfidence in Financial Reporting
Confidence in Financial ReportingInternational Federation of Accountants
 
BSA/AML in the USA and AML/CTF in the Caymans
BSA/AML in the USA and AML/CTF in the CaymansBSA/AML in the USA and AML/CTF in the Caymans
BSA/AML in the USA and AML/CTF in the CaymansElizabeth Baker, JD, CRCMP
 
Growing Your Practice: Review, Compilation and Agreed-Upon Procedures Engagem...
Growing Your Practice: Review, Compilation and Agreed-Upon Procedures Engagem...Growing Your Practice: Review, Compilation and Agreed-Upon Procedures Engagem...
Growing Your Practice: Review, Compilation and Agreed-Upon Procedures Engagem...International Federation of Accountants
 
Third-Party Oversight & Governance
Third-Party Oversight & GovernanceThird-Party Oversight & Governance
Third-Party Oversight & GovernanceEDR
 
Vendor Management Best Practices: Is Your Program Up to Par?
Vendor Management Best Practices: Is Your Program Up to Par?Vendor Management Best Practices: Is Your Program Up to Par?
Vendor Management Best Practices: Is Your Program Up to Par?EDR
 
Outsourcing and Vendor management
Outsourcing and Vendor managementOutsourcing and Vendor management
Outsourcing and Vendor managementRaminder Pal Singh
 
Accountability – Managing the Risks of Innovation Procurement
Accountability – Managing the Risks of Innovation ProcurementAccountability – Managing the Risks of Innovation Procurement
Accountability – Managing the Risks of Innovation Procurementlisaabe
 
Audit practice manual of ICMA Pakistan By: Tariq Mahmood FCA, ACMA
Audit practice manual of ICMA Pakistan By: Tariq Mahmood FCA, ACMAAudit practice manual of ICMA Pakistan By: Tariq Mahmood FCA, ACMA
Audit practice manual of ICMA Pakistan By: Tariq Mahmood FCA, ACMAmichrist75
 
Supplier Performance Management Webinar
Supplier Performance Management Webinar Supplier Performance Management Webinar
Supplier Performance Management Webinar Qualsys Ltd
 
The Journey to World Class Presentation Contract Management - IACCM Sydney Co...
The Journey to World Class Presentation Contract Management - IACCM Sydney Co...The Journey to World Class Presentation Contract Management - IACCM Sydney Co...
The Journey to World Class Presentation Contract Management - IACCM Sydney Co...David Gee
 
Managing-Supplier-Performance-Key-Competitive-Advantage
Managing-Supplier-Performance-Key-Competitive-AdvantageManaging-Supplier-Performance-Key-Competitive-Advantage
Managing-Supplier-Performance-Key-Competitive-Advantageddodd
 
Prepare for the asc 606 revenue standard
Prepare for the asc 606 revenue standardPrepare for the asc 606 revenue standard
Prepare for the asc 606 revenue standardPromapp Solutions
 
Transwatch am lfor emailing
Transwatch am lfor emailingTranswatch am lfor emailing
Transwatch am lfor emailingGraham Wicks
 
CREDIT RATING METHODOLOGY
CREDIT RATING METHODOLOGYCREDIT RATING METHODOLOGY
CREDIT RATING METHODOLOGYprekshakrai
 
IA Watch/Assette: Advertising & Marketing Compliance Webinar on 1/26/16
IA Watch/Assette: Advertising & Marketing Compliance Webinar on 1/26/16 IA Watch/Assette: Advertising & Marketing Compliance Webinar on 1/26/16
IA Watch/Assette: Advertising & Marketing Compliance Webinar on 1/26/16 Assette
 
The Evolving Regulatory Landscape: Insights for Compliance Officers
The Evolving Regulatory Landscape: Insights for Compliance OfficersThe Evolving Regulatory Landscape: Insights for Compliance Officers
The Evolving Regulatory Landscape: Insights for Compliance OfficersMyComplianceOffice
 
The Art & Science of Valuation - CleanTech North
The Art & Science of Valuation - CleanTech NorthThe Art & Science of Valuation - CleanTech North
The Art & Science of Valuation - CleanTech Northbwatsonctn
 
04/28/2010 Meeting - Contract Compliance
04/28/2010 Meeting - Contract Compliance04/28/2010 Meeting - Contract Compliance
04/28/2010 Meeting - Contract Complianceacfesj
 
Shared Services_Compliance_credential
Shared Services_Compliance_credentialShared Services_Compliance_credential
Shared Services_Compliance_credentialGene Goziker
 
OECD, 7th Meeting on Public-Private Partnerships - Greg SMITH
OECD, 7th Meeting on Public-Private Partnerships - Greg SMITHOECD, 7th Meeting on Public-Private Partnerships - Greg SMITH
OECD, 7th Meeting on Public-Private Partnerships - Greg SMITHOECD Governance
 
Best Practices & Considerations in “IT Suppliers Audit”
Best Practices & Considerations in “IT Suppliers Audit”Best Practices & Considerations in “IT Suppliers Audit”
Best Practices & Considerations in “IT Suppliers Audit”Shankar Subramaniyan
 
Gain Faster Closure, Lower Risk and Better Results with IBM Emptoris
Gain Faster Closure, Lower Risk and Better Results with IBM EmptorisGain Faster Closure, Lower Risk and Better Results with IBM Emptoris
Gain Faster Closure, Lower Risk and Better Results with IBM EmptorisPerficient, Inc.
 
Internal audit RBIA and Lifecyle approach
Internal audit RBIA and Lifecyle approachInternal audit RBIA and Lifecyle approach
Internal audit RBIA and Lifecyle approachsubbusai82
 

More Related Content

Similar to CBA EDRppt

Third-Party Oversight & Governance
Third-Party Oversight & GovernanceThird-Party Oversight & Governance
Third-Party Oversight & GovernanceEDR
 
Vendor Management Best Practices: Is Your Program Up to Par?
Vendor Management Best Practices: Is Your Program Up to Par?Vendor Management Best Practices: Is Your Program Up to Par?
Vendor Management Best Practices: Is Your Program Up to Par?EDR
 
Outsourcing and Vendor management
Outsourcing and Vendor managementOutsourcing and Vendor management
Outsourcing and Vendor managementRaminder Pal Singh
 
Accountability – Managing the Risks of Innovation Procurement
Accountability – Managing the Risks of Innovation ProcurementAccountability – Managing the Risks of Innovation Procurement
Accountability – Managing the Risks of Innovation Procurementlisaabe
 
Audit practice manual of ICMA Pakistan By: Tariq Mahmood FCA, ACMA
Audit practice manual of ICMA Pakistan By: Tariq Mahmood FCA, ACMAAudit practice manual of ICMA Pakistan By: Tariq Mahmood FCA, ACMA
Audit practice manual of ICMA Pakistan By: Tariq Mahmood FCA, ACMAmichrist75
 
Supplier Performance Management Webinar
Supplier Performance Management Webinar Supplier Performance Management Webinar
Supplier Performance Management Webinar Qualsys Ltd
 
The Journey to World Class Presentation Contract Management - IACCM Sydney Co...
The Journey to World Class Presentation Contract Management - IACCM Sydney Co...The Journey to World Class Presentation Contract Management - IACCM Sydney Co...
The Journey to World Class Presentation Contract Management - IACCM Sydney Co...David Gee
 
Managing-Supplier-Performance-Key-Competitive-Advantage
Managing-Supplier-Performance-Key-Competitive-AdvantageManaging-Supplier-Performance-Key-Competitive-Advantage
Managing-Supplier-Performance-Key-Competitive-Advantageddodd
 
Prepare for the asc 606 revenue standard
Prepare for the asc 606 revenue standardPrepare for the asc 606 revenue standard
Prepare for the asc 606 revenue standardPromapp Solutions
 
Transwatch am lfor emailing
Transwatch am lfor emailingTranswatch am lfor emailing
Transwatch am lfor emailingGraham Wicks
 
CREDIT RATING METHODOLOGY
CREDIT RATING METHODOLOGYCREDIT RATING METHODOLOGY
CREDIT RATING METHODOLOGYprekshakrai
 
IA Watch/Assette: Advertising & Marketing Compliance Webinar on 1/26/16
IA Watch/Assette: Advertising & Marketing Compliance Webinar on 1/26/16 IA Watch/Assette: Advertising & Marketing Compliance Webinar on 1/26/16
IA Watch/Assette: Advertising & Marketing Compliance Webinar on 1/26/16 Assette
 
The Evolving Regulatory Landscape: Insights for Compliance Officers
The Evolving Regulatory Landscape: Insights for Compliance OfficersThe Evolving Regulatory Landscape: Insights for Compliance Officers
The Evolving Regulatory Landscape: Insights for Compliance OfficersMyComplianceOffice
 
The Art & Science of Valuation - CleanTech North
The Art & Science of Valuation - CleanTech NorthThe Art & Science of Valuation - CleanTech North
The Art & Science of Valuation - CleanTech Northbwatsonctn
 
04/28/2010 Meeting - Contract Compliance
04/28/2010 Meeting - Contract Compliance04/28/2010 Meeting - Contract Compliance
04/28/2010 Meeting - Contract Complianceacfesj
 
Shared Services_Compliance_credential
Shared Services_Compliance_credentialShared Services_Compliance_credential
Shared Services_Compliance_credentialGene Goziker
 
OECD, 7th Meeting on Public-Private Partnerships - Greg SMITH
OECD, 7th Meeting on Public-Private Partnerships - Greg SMITHOECD, 7th Meeting on Public-Private Partnerships - Greg SMITH
OECD, 7th Meeting on Public-Private Partnerships - Greg SMITHOECD Governance
 
Best Practices & Considerations in “IT Suppliers Audit”
Best Practices & Considerations in “IT Suppliers Audit”Best Practices & Considerations in “IT Suppliers Audit”
Best Practices & Considerations in “IT Suppliers Audit”Shankar Subramaniyan
 
Gain Faster Closure, Lower Risk and Better Results with IBM Emptoris
Gain Faster Closure, Lower Risk and Better Results with IBM EmptorisGain Faster Closure, Lower Risk and Better Results with IBM Emptoris
Gain Faster Closure, Lower Risk and Better Results with IBM EmptorisPerficient, Inc.
 
Internal audit RBIA and Lifecyle approach
Internal audit RBIA and Lifecyle approachInternal audit RBIA and Lifecyle approach
Internal audit RBIA and Lifecyle approachsubbusai82
 

Similar to CBA EDRppt (20)

Third-Party Oversight & Governance
Third-Party Oversight & GovernanceThird-Party Oversight & Governance
Third-Party Oversight & Governance
 
Vendor Management Best Practices: Is Your Program Up to Par?
Vendor Management Best Practices: Is Your Program Up to Par?Vendor Management Best Practices: Is Your Program Up to Par?
Vendor Management Best Practices: Is Your Program Up to Par?
 
Outsourcing and Vendor management
Outsourcing and Vendor managementOutsourcing and Vendor management
Outsourcing and Vendor management
 
Accountability – Managing the Risks of Innovation Procurement
Accountability – Managing the Risks of Innovation ProcurementAccountability – Managing the Risks of Innovation Procurement
Accountability – Managing the Risks of Innovation Procurement
 
Audit practice manual of ICMA Pakistan By: Tariq Mahmood FCA, ACMA
Audit practice manual of ICMA Pakistan By: Tariq Mahmood FCA, ACMAAudit practice manual of ICMA Pakistan By: Tariq Mahmood FCA, ACMA
Audit practice manual of ICMA Pakistan By: Tariq Mahmood FCA, ACMA
 
Supplier Performance Management Webinar
Supplier Performance Management Webinar Supplier Performance Management Webinar
Supplier Performance Management Webinar
 
The Journey to World Class Presentation Contract Management - IACCM Sydney Co...
The Journey to World Class Presentation Contract Management - IACCM Sydney Co...The Journey to World Class Presentation Contract Management - IACCM Sydney Co...
The Journey to World Class Presentation Contract Management - IACCM Sydney Co...
 
Managing-Supplier-Performance-Key-Competitive-Advantage
Managing-Supplier-Performance-Key-Competitive-AdvantageManaging-Supplier-Performance-Key-Competitive-Advantage
Managing-Supplier-Performance-Key-Competitive-Advantage
 
Prepare for the asc 606 revenue standard
Prepare for the asc 606 revenue standardPrepare for the asc 606 revenue standard
Prepare for the asc 606 revenue standard
 
Transwatch am lfor emailing
Transwatch am lfor emailingTranswatch am lfor emailing
Transwatch am lfor emailing
 
CREDIT RATING METHODOLOGY
CREDIT RATING METHODOLOGYCREDIT RATING METHODOLOGY
CREDIT RATING METHODOLOGY
 
IA Watch/Assette: Advertising & Marketing Compliance Webinar on 1/26/16
IA Watch/Assette: Advertising & Marketing Compliance Webinar on 1/26/16 IA Watch/Assette: Advertising & Marketing Compliance Webinar on 1/26/16
IA Watch/Assette: Advertising & Marketing Compliance Webinar on 1/26/16
 
The Evolving Regulatory Landscape: Insights for Compliance Officers
The Evolving Regulatory Landscape: Insights for Compliance OfficersThe Evolving Regulatory Landscape: Insights for Compliance Officers
The Evolving Regulatory Landscape: Insights for Compliance Officers
 
The Art & Science of Valuation - CleanTech North
The Art & Science of Valuation - CleanTech NorthThe Art & Science of Valuation - CleanTech North
The Art & Science of Valuation - CleanTech North
 
04/28/2010 Meeting - Contract Compliance
04/28/2010 Meeting - Contract Compliance04/28/2010 Meeting - Contract Compliance
04/28/2010 Meeting - Contract Compliance
 
Shared Services_Compliance_credential
Shared Services_Compliance_credentialShared Services_Compliance_credential
Shared Services_Compliance_credential
 
OECD, 7th Meeting on Public-Private Partnerships - Greg SMITH
OECD, 7th Meeting on Public-Private Partnerships - Greg SMITHOECD, 7th Meeting on Public-Private Partnerships - Greg SMITH
OECD, 7th Meeting on Public-Private Partnerships - Greg SMITH
 
Best Practices & Considerations in “IT Suppliers Audit”
Best Practices & Considerations in “IT Suppliers Audit”Best Practices & Considerations in “IT Suppliers Audit”
Best Practices & Considerations in “IT Suppliers Audit”
 
Gain Faster Closure, Lower Risk and Better Results with IBM Emptoris
Gain Faster Closure, Lower Risk and Better Results with IBM EmptorisGain Faster Closure, Lower Risk and Better Results with IBM Emptoris
Gain Faster Closure, Lower Risk and Better Results with IBM Emptoris
 
Internal audit RBIA and Lifecyle approach
Internal audit RBIA and Lifecyle approachInternal audit RBIA and Lifecyle approach
Internal audit RBIA and Lifecyle approach
 

CBA EDRppt

  • 1. 1 Smart Data. Smarter Workflow. Best Practices in Vendor Management Joseph Benz Regional Manager 2015 CBA Booth #302
  • 2. 2 EDR HISTORY • Founded 1990 • Headquarters: Shelton, CT • 260 Employees • Owned by DMG Information • More than 850 Lending Clients • Regional Compliance Summits
  • 4. 4 COLLATERAL360 • Appraisal Management and Compliance • Tiered Environmental Reports and monitoring • Flood Certifications • Evaluations • Property Inspections • Tax Monitoring • Property Searches A central place to order, track and manage necessary reports for CRE
  • 5. 5 COLLATERAL360 Focus on compliance, workflow, and centralization • Live status of all reports • Bank-wide or loan specific view • Reporting abilities • See all exceptions made to loan policy • Listing of all vendors not currently “up to date” • Highlight all “issues”: delivery deadlines, expectations, revision requests • Staff and remote access
  • 6. 6 VENDOR MANAGEMENT Post Mortem • Vendors viewed as contributing factor in crisis • Inadequate oversight from financial institutions Why the focus on vendor management? Impact of Financial Crisis of 2008 Prior to Crisis • Vendor focus limited • Services were outsourced • So was vendor accountability Result: massive fraud and consumer distress
  • 7. 7 REGULATORY OVERSIGHT • OCC: Bulletin 2013-29 • OCC Bulletin 2001-47 • OCC Bulletin 2002-16: Foreign-Based Third-Party Service Providers • CFPB: Bulletin 2012-03 Service Providers • Federal Reserve: SR 13-19 Guidance on Managing Outsourcing Risk • FDIC Letter: Guidance For Managing Third-Party Risk – FDIC Compliance Manual, December 2012 – FIL-44-2008: Guidance for Managing Third-Party Risk – FIL-50-2001: Bank Technology Bulletin: Technology Outsourcing • NCUA: Supervisory Letter No.: 07-01 Multiple releases from multiple agencies
  • 8. 8 REGULATORY RESPONSE • Renewed regulator focus on third-party oversight  OCC, FDIC, FRB, CFPB, NCUA • Institutions must bear responsibility for supplier misdeeds • Enterprise-wide, especially executive involvement • Executive fingerprints on policy • Board of Directors involvement with policy and vendor selection • Clear process for selecting, communicating, monitoring, measuring performance of suppliers
  • 9. 9 Compliance as a System Board Oversight Compliance Program Compliance Audit Ownership Define Risk Define Scope Commitment Policy Training Monitoring Responsiveness Independent Periodic Transaction Testing https://www.fdic.gov/news/news/financial/ OCC Bulletin 2013-29 Mandates due diligence in selecting the third party
  • 10. 10 NEW REALITY • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
  • 12. 12 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
  • 13. 13 DUE DILIGENCE Vetting your vendors • Centralized storage and tracking of vendor information: • Contact information • Appraisal licenses • E&O insurance • Coverage areas • Expertise
  • 14. 14 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
  • 15. 15 ENGAGEMENT Project versus Process • Central point for data entry • “Brick wall” separation • Automated engagement letter • Consider the appropriate vendors per policy: • Geographical expertise • Qualifications • History • Live status
  • 16. 16 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
  • 17. 17 VENDOR SCORING Tracking vendor experiences and performance, constantly • Recent Performance • Engagement Performance • Approved Expertise and Coverage Area • Instantly Verify License and E&O • Live Status OCC Bulletin 2013-29 Requires on-going and consistent monitoring
  • 18. 18 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
  • 19. 19 AUDIT TRAILS All correspondence, available when you need it
  • 20. 20 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, monitoring Combined, they put a strain on an already lean organization! Expectations, Summarized
  • 21. 21 POLICY ENFORCEMENT Enforce loan policy, vendor policy, and track exceptions Reporting • Policy exceptions • Vendor usage • License and E&O issues • Vendor performance • Response time • Quality • Invoice reports • Staff member production
  • 23. 23 Thank you! Questions or Comments: 203-265-2463 jbenz@edrnet.com CBA Booth #302