Data Facts Lending Solutions Blog

Due Diligence in Third Party Selection

by Jennifer Hamby

Oct 9, 2014 4:36:00 PM

compliance_rules

Third Party Vendor Management is a hot topic these days. 

In preparation for the August 2015 deadline, one of the first (and most effective) steps you can take to limit potential third-party risk, is to review and reduce your vendors to only the ones that adhere to the most stringent of compliance standards.

Below is a basic due diligence strategy you can begin today in managing your vendors and weeding out the ones that may potentially bring the most risk to your organization.

Due diligence and third-party selection

Conducting due diligence on third parties before selecting and entering into contracts or relationships should be commensurate with the level of risk and complexity of the third-party relationship. Where a third-party is under consideration for performing a critical activity, more extensive due diligence is warranted.


Download Our Complimentary eBook:
Third Party Risk: Hot Topic Among Regulators

Download BankerVMS eBook


In performing your due diligence on a third-party service provider, consider the following:

  • Does the third party’s philosophies, align with your organization’s?

  • Does the third party operate in a legal and compliant manner?

  • What is the financial stability of the third party?

  • What is the third party’s business history and reputation?

  • Has the third party’s senior management completed and passed thorough background checks?

  • Does the third party have effective policies and processes?

  • Does the third party have proper information security procedures?

  • What is the third party’s management of information systems?

  • Does the third party have a complete disaster recovery plan?

  • Does the third party maintain incident reporting and management programs?

  • Does the third party maintain security of its facilities, technology systems and employees?

  • Does the third party ensure human resource management policies and programs?

  • Does the third party properly evaluate risk of subcontractors and contractual arrangements?

  • Does the third party have complete insurance coverage against losses?

Senior management should review the results of the due diligence to determine whether the third-party is able to meet the bank’s expectations and whether the organization should proceed with the third-party relationship.

If the results do not meet expectations, management should recommend that the third-party make appropriate changes; find an alternate third-party; conduct the activity in-house; or discontinue the activity.

Once you have your vendors limited to only the ones that are most critical to your organization’s success, and that adhere to the same best practices as you expect, you can begin utilizing a comprehensive vendor management platform such as BankerVMS, offered by Data Facts, Inc. 

Topics: Mortgage compliance, Compliance, Best Practices, third party vendor, BankerVMS, Third Party Vendor Management, TRID, BDV

Get My eBook!

Subscribe to Email Updates

Follow Us:

Recent Posts

Posts by Topic

see all
Go to Top