On Compliance: Smart vendor management goes beyond the basics

Nothing strikes fear in the heart of an executive like unforeseen risk: those circumstances beyond the credit union’s control that can wreak havoc on its reputation and bottom line. And nothing can wreak havoc like a vendor gone wild, whose products or business practices pose such threats. But even in the wake of high-profile security breaches and significant enforcement actions involving third parties, most credit union vendor management programs still consist of standard up-front due diligence and a handful of reference checks. In 2019 and forward, going beyond the basics of third-party oversight is a smart management move.

Perpetual Change

Credit unions are inundated with compliance demands. According to the research Continuity gathers to compile its Banking Compliance Index, regulations affecting credit unions changed 265 times in 2018, and enforcement actions were issued at a rate of roughly 100 per quarter. Regulators are exerting consistent pressure on institutions of all sizes to demonstrate that they have an effective compliance management system.

In such a complex environment, credit unions depend on a long list of vendors. Based on internal data, the average $200 million credit union relies on 40-plus outsiders to conduct its business. With reliance on outside vendors to offer more products and service through robust technologies comes a responsibility to manage the risks they pose. It’s no wonder that third-party risk is escalating!

continue reading »