The following are three primary areas to consider when performing vendor due diligence: 1. Trusted Partner Values That Match Your Institution’s • Deep understanding of the financial institution’s culture and expectations. • Provide training in technology trends and product research and development. • Knowledge of financial institution’s compliance requirements, risk landscape and industry standards. • Quarterly service level reporting and preventative maintenance tracking. • Effective management of subcontractors. • Provide equipment tracking and budgeting support and five-year technology road-map development. 2. Risk Compliance and Legal Certifications Are a Non-Negotiable • Soc 2 Type 2 certification reports are an industry standard. • Proof of insurance and liability, including a minimum of $5 million. • Laptops and devices are audited, secured and encrypted. • Employee and subcontractor background checks and drug testing. • Business continuity plan (i.e. effective work-from-home policies and pandemic protection strategies). • Industry experts with professional certifications on staff. • Compliance with all federal, state and technical industry certification requirements. 3. Innovative Automation and Secure Remote Technologies to Future-Proof Efficiency • Multiple non-proprietary solutions representing different brands. • Open architecture with integration capability and encryption. • Solution targeting customer pain points. • Platform creep reduction strategies (reducing the number of at-risk platforms/systems). • Performance and efficiency improvements. • FTE efficiency or reduction through technology or managed services. • Technology migration and conversion experts. • Guide the implementation of AI and analytics. If you find yourself with too many vendors even after performing vendor due diligence, one way to ensure you are receiving superior service but still provide an exit strategy is negotiating an all-inclusive service agreement with a 30-day out no penalty clause. This can provide the firm SLAs your institution requires for service and the flexibility to switch providers if necessary. Essentially, this is like having no contracts but still having an SLA to lay everything out. This also requires the vendor to earn your trust daily by providing extraordinary service both physically onsite and remotely, using managed services and providing a seamless, secure online interface. Colorado Banker 8
RkJQdWJsaXNoZXIy MTg3NDExNQ==