One of the most crucial and challenging parts of vendor management is managing the risk associated with each of your vendors. There are numerous risks that may arise from a financial institution’s use of vendors. Understanding the vendors inherent risk will help your financial institution to categorize and differentiate the risk for each of your vendors.
Inherent Risk represents internal and external risk to which the financial institution is exposed to because of the business activities in which it engages and the external environment in which the activities take place. Inherent Risk results from the processes, activities, or transactions in which the financial institution is involved, including risk that exists as the financial institution enters new businesses or activities with the vendor. There are several factors that impact the determination of the inherent risk of the vendor.
Strunk’s Vendor Manager software has compiled these factors into a Vendor Risk Assessment (Inherent Risk Survey), which enables financial institutions to present an accurate portrayal of the overall inherent risk with any vendor. Having an accurate portrayal of the inherent risk that each of your vendor has, will allow the financial institution to lay a solid foundation for what oversight that will be assigned to the vendor based on the inherent risk rating. Strunk’s inherent risk rating will classify the financial institutions vendors into four categories based on their inherent risk rating, which is calculated based on the risk exposure the product or service provided may expose to the financial institution. The inherent risk rating of a vendor will drive the frequency of the ongoing due diligence monitoring of the vendor. Based on the inherent risk rating the financial institution should determine how effective the vendor has implemented controls to help manage their risk which will mitigate potential risk exposure. Understanding each of your vendors’ inherent risk is the first step for setting up the proper foundation for your vendor manger program.