Why do Banks Outsource Vendor Management?

/in , , , , , , /by

Managing the vendors that a bank does business with can sometimes seem like it is a hassle and many times that task is outsourced to a third party. Why waste the money? It doesn’t have to be that way.

Regulators have moved the needle to ensure banks understand the risks of each vendor they do business with. On average a bank has 90+ vendors with generally only 4-6 of them considered “critical” or “high” risk based on risk assessments. Many times if a vendor has access to personal identifiable information the bank automatically considers it a critical risk vendor.

Having a repository for information pertaining to each vendor is of course something all banks need to have. Documents such as contracts, service level agreements, insurance certificates, business continuity plans and updated financial information are necessary as well. Having a tickler system to notify the bank that a document is about to become outdated is important too.

Doing risk assessments on an annual basis for critical and high risk vendors is a best practice and required by the regulators. A process to standardize the assessments is also a good way to manage vendors.

Strunk’s Vendor Manager solution has a repository for pertinent information; has a tickler system to notify bank personnel of needed updated documents; and it has a comprehensive risk assessment tool that allows the bank to manage the vendor management process affordably.

Contact Strunk at 800.728.3116 or email at info@strunklp.com to learn how our Vendor Management solution can help your bank.

An independent certified public accountant has examined Strunk’s operations and found them to be in compliance with the AICPA’s Trust Service Principles. It was determined that Strunk meets the Security, Availability, Processing Integrity, Confidentiality, and Privacy criteria for SOC 2 established by the AICPA.