Data Facts Lending Solutions Blog

3rd Party Vendor Management Checklist

by Jennifer Hamby

May 26, 2015 2:20:00 PM


Third Party Vendor Management is a hot topic these days. 

In preparation for the October 3rd 2015 deadline, one of the first (and most effective) steps you can take to limit potential third-party risk, is to properly vet and reduce your vendors to only the ones that adhere to the most stringent of compliance standards.

Below is a basic due diligence strategy you can begin today in managing your vendors and weeding out the ones that may potentially bring the most risk to your organization.

Due diligence and third-party selection

Conducting due diligence on third parties before selecting and entering into contracts or relationships should be commensurate with the level of risk and complexity of the third-party relationship. Where a third-party is under consideration for performing a critical activity, more extensive due diligence is warranted.

In performing your due diligence on a third-party service provider, consider the following:

  •  Does the third party’s philosophies, align with your organization’s?

  •  Does the third party operate in a legal and compliant manner?

  •  What is the financial stability of the third party?

  • What is the third party’s business history and reputation?

  • Has the third party’s senior management completed and passed thorough background checks?

  • Does the third party have effective policies and processes?

  • Does the third party have proper information security procedures?

  • What is the third party’s management of information systems?

  • Does the third party have a complete disaster recovery plan?

  • Does the third party maintain incident reporting and management programs?

  • Does the third party maintain security of its facilities, technology systems and employees?

  • Does the third party ensure human resource management policies and programs?

  • Does the third party properly evaluate risk of subcontractors and contractual arrangements?

  • Does the third party have complete insurance coverage against losses?

Join us on September 15th at 10am or September 23rd at 10am where we will demonstrate a comprehensive, cost-effective solution to help keep you compliant!  Click To Register TODAY

Senior management should review the results of the due diligence to determine whether the third-party is able to meet the bank’s expectations and whether the organization should proceed with the third-party relationship.

If the results do not meet expectations, management should recommend that the third-party make appropriate changes; find an alternate third-party; conduct the activity in-house; or discontinue the activity.

Once you have your vendors limited to only the ones that are most critical to your organization’s success, and that adhere to the same best practices as you expect, you can begin utilizing a comprehensive vendor management platform such as BankerVMS, or BDV-Background Data Verifications, both offered by Data Facts, Inc. 

BDV-Background Data Verfication Fact Sheet

Download Rescore Packet

Topics: Mortgage compliance, Compliance

Get My eBook!

Subscribe to Email Updates

Follow Us:

Recent Posts

Posts by Topic

see all
Go to Top