1. 1
Smart Data. Smarter Workflow.
Best Practices in
Vendor Management
Joseph Benz
Regional Manager
2015 CBA Booth #302
2. 2
EDR HISTORY
• Founded 1990
• Headquarters: Shelton, CT
• 260 Employees
• Owned by DMG Information
• More than 850 Lending Clients
• Regional Compliance Summits
4. 4
COLLATERAL360
• Appraisal Management and
Compliance
• Tiered Environmental Reports and
monitoring
• Flood Certifications
• Evaluations
• Property Inspections
• Tax Monitoring
• Property Searches
A central place to order, track and manage necessary reports for CRE
5. 5
COLLATERAL360
Focus on compliance, workflow, and centralization
• Live status of all reports
• Bank-wide or loan specific view
• Reporting abilities
• See all exceptions made to loan policy
• Listing of all vendors not currently “up to date”
• Highlight all “issues”: delivery deadlines, expectations, revision requests
• Staff and remote access
6. 6
VENDOR MANAGEMENT
Post Mortem
• Vendors viewed as
contributing factor in crisis
• Inadequate oversight from
financial institutions
Why the focus on vendor management?
Impact of Financial Crisis of 2008
Prior to Crisis
• Vendor focus limited
• Services were outsourced
• So was vendor accountability
Result: massive fraud and consumer distress
7. 7
REGULATORY OVERSIGHT
• OCC: Bulletin 2013-29
• OCC Bulletin 2001-47
• OCC Bulletin 2002-16: Foreign-Based Third-Party Service Providers
• CFPB: Bulletin 2012-03 Service Providers
• Federal Reserve: SR 13-19 Guidance on Managing Outsourcing Risk
• FDIC Letter: Guidance For Managing Third-Party Risk
– FDIC Compliance Manual, December 2012
– FIL-44-2008: Guidance for Managing Third-Party Risk
– FIL-50-2001: Bank Technology Bulletin: Technology Outsourcing
• NCUA: Supervisory Letter No.: 07-01
Multiple releases from multiple agencies
8. 8
REGULATORY RESPONSE
• Renewed regulator focus on third-party oversight
OCC, FDIC, FRB, CFPB, NCUA
• Institutions must bear responsibility for supplier
misdeeds
• Enterprise-wide, especially executive involvement
• Executive fingerprints on policy
• Board of Directors involvement with policy and vendor selection
• Clear process for selecting, communicating, monitoring,
measuring performance of suppliers
9. 9
Compliance as a System
Board
Oversight
Compliance
Program
Compliance
Audit
Ownership
Define Risk
Define Scope
Commitment
Policy
Training
Monitoring
Responsiveness
Independent
Periodic
Transaction Testing
https://www.fdic.gov/news/news/financial/
OCC Bulletin 2013-29
Mandates due diligence in selecting
the third party
10. 10
NEW REALITY
• Due Diligence – ongoing vetting of vendor’s license, insurance,
and qualifications
• Engagement – define, separate, engage
• Scorecards – vendor performance measurement process
• Audit trail – on all vendors
• Several other areas of focus - policy enforcement governance,
complaint resolution, reporting, onboarding, compliance
Combined, they put a strain on an
already lean organization!
Expectations, Summarized
12. 12
TECHNOLOGY AS A SOLUTION
• Due Diligence – ongoing vetting of vendor’s license, insurance,
and qualifications
• Engagement – define, separate, engage
• Scorecards – vendor performance measurement process
• Audit trail – on all vendors
• Several other areas of focus - policy enforcement governance,
complaint resolution, reporting, onboarding, compliance
Combined, they put a strain on an
already lean organization!
Expectations, Summarized
13. 13
DUE DILIGENCE
Vetting your vendors
• Centralized storage and
tracking of vendor
information:
• Contact information
• Appraisal licenses
• E&O insurance
• Coverage areas
• Expertise
14. 14
TECHNOLOGY AS A SOLUTION
• Due Diligence – ongoing vetting of vendor’s license, insurance,
and qualifications
• Engagement – define, separate, engage
• Scorecards – vendor performance measurement process
• Audit trail – on all vendors
• Several other areas of focus - policy enforcement governance,
complaint resolution, reporting, onboarding, compliance
Combined, they put a strain on an
already lean organization!
Expectations, Summarized
15. 15
ENGAGEMENT
Project versus Process
• Central point for data entry
• “Brick wall” separation
• Automated engagement letter
• Consider the appropriate
vendors per policy:
• Geographical expertise
• Qualifications
• History
• Live status
16. 16
TECHNOLOGY AS A SOLUTION
• Due Diligence – ongoing vetting of vendor’s license, insurance,
and qualifications
• Engagement – define, separate, engage
• Scorecards – vendor performance measurement process
• Audit trail – on all vendors
• Several other areas of focus - policy enforcement governance,
complaint resolution, reporting, onboarding, compliance
Combined, they put a strain on an
already lean organization!
Expectations, Summarized
17. 17
VENDOR SCORING
Tracking vendor experiences and performance, constantly
• Recent Performance
• Engagement Performance
• Approved Expertise and
Coverage Area
• Instantly Verify License and
E&O
• Live Status
OCC Bulletin 2013-29
Requires on-going and
consistent monitoring
18. 18
TECHNOLOGY AS A SOLUTION
• Due Diligence – ongoing vetting of vendor’s license, insurance,
and qualifications
• Engagement – define, separate, engage
• Scorecards – vendor performance measurement process
• Audit trail – all vendors
• Several other areas of focus - policy enforcement governance,
complaint resolution, reporting, onboarding, compliance
Combined, they put a strain on an
already lean organization!
Expectations, Summarized
20. 20
TECHNOLOGY AS A SOLUTION
• Due Diligence – ongoing vetting of vendor’s license, insurance,
and qualifications
• Engagement – define, separate, engage
• Scorecards – vendor performance measurement process
• Audit trail – on all vendors
• Several other areas of focus - policy enforcement governance,
complaint resolution, reporting, onboarding, monitoring
Combined, they put a strain on an
already lean organization!
Expectations, Summarized
21. 21
POLICY ENFORCEMENT
Enforce loan policy, vendor policy, and track exceptions
Reporting
• Policy exceptions
• Vendor usage
• License and E&O issues
• Vendor performance
• Response time
• Quality
• Invoice reports
• Staff member production