Vetting for compliance: 5 steps to partnering with a compliant vendor

Compliance protection is critical in financial services, especially when you factor in the (sometimes harsh) reality that the Consumer Financial Protection Bureau (CFPB) does not distinguish between the activities of vendors and the activities of the credit unions those vendors serve.

Many companies rely on service providers to essentially take over part of their functions, using expertise the company itself may not have. For many, this includes monitoring compliance and risk management.

That doesn’t mean you can entirely step away; your involvement shifts, instead, to service provider management or vendor management. This is a multifaceted program designed to oversee all third-party activity and manage risks associated with vendor relationships. It is designed to protect the lender, the vendor, and, of course, the consumer.

From the due diligence that goes into selecting the right service provider to establishing accountability, the following guidelines can help you break the exhaustive and necessarily comprehensive process of selecting a compliant vendor into succinct, manageable sections that can be delegated to various, experienced team members.

Step 1: Selecting a Vendor

Before you start looking for your vendor, it’s important to have a vendor management compliance system in place. It’s easier to determine if a vendor checks off all the boxes on your list if you actually have that list first. Otherwise, you may find out too late that the vendor you selected doesn’t meet some of your key needs you hadn’t considered.

The key here is research, research, research! That means going through layers of due diligence regarding several areas of a vendor’s expertise and suitability for the job, such as:

  • Confirming the service provider understands state and federal consumer financial laws and has a demonstrated history of compliance.
  • Requesting and reviewing the service provider’s policies, procedures, internal controls, and training materials. It’s an extra step, but it helps ensure the service provider conducts appropriate training and oversight of employees or agents that have consumer contact or compliance responsibilities.

Step 2:  Setting Expectations and Contract Considerations

When’s the last time the phrase “we have to talk” resulted in a fun conversation? Have the contract spell everything out to help avoid that conversation by including:

  • Clearly defined expectations and responsibilities, including for compliance and consequences for failure
  • Appropriate and enforceable consequences for violating any compliance-related responsibilities, including engaging in unfair, deceptive, or abusive acts or practices
  • Agreed-upon policies and procedures
  • An exit strategy

Step 3: Integrating a New Vendor into Your Credit Union’s Environment

The beginning of a good relationship with a vendor starts with getting everyone in your company on the same page so there is a unified front on expectations and deliverables:

  • Assign roles and clearly communicate responsibilities to people in the organization. This can include everything from establishing the go-to person from your company to creating a team dedicated to monitoring the service provider’s actions to confirm adherence to compliance issues.
  • Ensure your employees are trained to comply with the requirements of your vendor management program.

Step 4: Building a Successful Partnership

There are several ways to build and maintain a quality relationship with your service provider:

  • Establish clear lines of communication and make it clear those lines are always open. This helps address any confusion or challenges before they turn into problems. Communication tactics include informal conversations to touch base, as well as structured, scheduled assessments and quality reviews.
  • Treat your service management companies like a strategic, valued partner. As with anything else, it’s easier to address problems if you have a relationship. And, it helps to have relationships across all levels of the organization.
  • Make sure the vendor management system does not exist in a vacuum, but interacts with multiple areas of the business, including legal, and is regularly reviewed and updated.

Step 5: Consider Consolidating Vendors

Suppose a different vendor is responsible for each tool or platform your employees use. In that case, you’ll have to track down several different vendors to ensure they are adequately vetted for security and compliance. You must thoroughly research any new vendor you take on to ensure they’re not putting you at risk. The fewer vendors you have, the less room there is for error.

At SWBC, we make any compliance-related issues our highest priority. We ensure a fully compliant program, with a dedicated compliance and legal team so we can keep credit unions informed of the latest regulatory, statutory, and investor changes. The SWBC Total Solution for risk management, payments, and income generation solves many vendor management challenges, including having just one company to vet for compliance concerns, contact and provide feedback on products, request support, or speak directly with our senior leadership. Your vendor management team will thank you for selecting one partner to provide essential products and services and reduce the burden of tracking multiple vendors. To learn how Financial Center First Credit Union leverages the SWBC Total Solution to serve their members and community, click here.

Lisa Alvarez

Lisa Alvarez

Lisa Alvarez is SVP Regulatory Compliance at SWBC. Web: Details