Pub. 11 2021-2022 Issue 4

By Steve Sanders CSI How to Create a Vendor Due Diligence Checklist Vendor due diligence – it’s a favorite topic of a few people, but in today’s risky environment, it’s one of the most important ways to protect your organization. Vendor due diligence is how an organization examines a current or potential vendor’s risk to its business operations. Vendor due diligence is a key component of vendor management required by the Federal Banking Agencies. However, knowing your vendors and understanding the risks they pose to your institution is far more than just a compliance requirement: it’s necessary for running a successful operation. The third-party risk management guidelines – issued by the OCC and the FFIEC – are still causing ripples in the financial services community. And many organizations are still feeling the pressure. With increased reliance on third parties for these services, as well as increased scrutiny from examiners, auditors and even leadership teams and boards of directors, this pressure is more significant than it’s ever been. Five Steps to Creating a Vendor Due Diligence Checklist Whether vendor management is an outsourced service or still performed in-house, it’s time to rethink and mature your vendor due diligence process, starting with these five tips: 1. Prioritize Vendors by Risk Due diligence should be performed on all vendors, but not to the same degree. Far too many organizations perform the same amount of due diligence on every vendor, likely resulting in inadequate due diligence on higher-risk vendors and excessive due diligence on lower-risk vendors. That’s a lose-lose proposition of inefficiency and inadequacy. coloradobankers.org 14

RkJQdWJsaXNoZXIy MTIyNDg2OA==