Dynamic Legal Representation for You and Your Business

Vendor Management Oversight

Q: What factors determine a high, moderate or low-risk vendor?

A: When determining risk factors to decide on a vendor's inherent risk, there are many factors that must be considered. While a lender's risk appetite will play a part in determining the risk assigned, vendors should not all fall into the same risk tier. Vendors that are not critical to a lender's operations do not need to undergo the same due diligence process compared to a vendor that plays an important role in the day-to-day operations.

Typically, characteristics that should be examined include:

  • Whether the vendor is customer facing,

  • If the vendor has access to consumer NPI (non-public personal information),

  • The work performed by the vendor,

  • Regulatory/operational impact if the vendor does not perform the function assigned, and

  • Monitoring/performance of the vendor.

It is important to note that your vendor management oversight program should clearly define the criteria for high, medium, or low-risk vendors with documentation to justify your risk rating approach.

Share the AGMB Compliance Question of the Week:

Facebook   Google+   LinkedIn   Twitter

New York Attorney Advertising: This email is designed for general information only.
The information presented in this email should not be construed to be formal legal advice nor the
formation of a lawyer/client relationship. Prior results do not guarantee a similar outcome.

© Copyright 2018 by Abrams Garfinkel Margolis Bergson, LLP. All rights reserved.
This email is designed and developed by PR4Lawyers.
Facebook Twitter LinkedIn Google+ Youtube AGMB, LLP Website Neil Garfinkel Michael Barone Neil Garfinkel E-Mail Michael Barone E-Mail Marie O' Brien Marie O'Brien E-Mail