Strong vendor oversight begins with asking the right questions. Vendor risk assessment surveys are a critical component of an effective third-party risk management program, helping financial institutions evaluate vendors’ operations, financial stability, cybersecurity, compliance, and business continuity. To simplify this process, Strunk’s Vendor Manager solution is designed to improve how surveys are created, shared, tracked, […]
Enterprise risk management expectations for community banks and financial institutions continue to evolve. Regulators increasingly emphasize risk-based supervision, tailored oversight, and clear documentation of enterprise-wide risk exposure. Consequently, organizations relying on manual or disconnected assessment processes often struggle to maintain a consistent, defensible view of their risk posture. Modern compliance programs require centralized tools that […]
Since the announcement of the FFIEC Cybersecurity Assessment Tool’s sunset, many financial institutions have taken meaningful steps to identify what comes next for their cyber risk management. The question is no longer whether to move on from the CAT, but how to do so in a way that remains practical, regulator-ready, and right-sized for your […]
In the highly regulated banking industry managing compliance issues often means juggling spreadsheets, shared drives, email threads, and PDFs. Whether it’s a customer complaint, an audit or exam finding, an internal incident, or a vendor-related exception, tracking such issues manually leaves room for human error, version confusion, lost documents or data, delayed follow-ups, and a […]
Financial institutions often face the challenge of managing vendors with limited staff and resources. Strunk’s latest enhancements in Vendor Manager are designed to address these pain points, making thorough compliance and document tracking easier and more efficient than ever. Here’s a summary of the latest available features: A new document status color-coding system provides a […]
Strunk’s Risk Assessor frameworks have recently undergone an important upgrade, now incorporating both elder abuse and FinCEN-related risk indicators to further strengthen compliance and customer protection efforts. This update reflects the financial industry’s growing commitment to addressing vulnerabilities that may impact senior customers, as well as the need to keep pace with evolving regulatory requirements. […]
As the digital landscape evolves, so do the tools necessary for financial institutions to assess and manage cybersecurity risks. We are excited to announce the release of Strunk’s updated cyber risk assessment feature, designed to help your organization transition away from the FFIEC’s Cybersecurity Assessment Tool (CAT), which will sunset on August 31, 2025. The […]
An independent certified public accountant has examined Strunk’s operations and found them to be in compliance with the AICPA’s Trust Service Principles. It was determined that Strunk meets the Security, Availability, Processing Integrity, Confidentiality, and Privacy criteria for SOC 2 established by the AICPA.
