Managing vendor risk

Description

Abstract: Many banks outsource a variety of activities, but that doesn’t mean they can sign the contract and forget about it. Federal regulations require banks to develop and maintain a vendor management program designed to protect customer information. And while these requirements may seem daunting, especially for smaller community banks, a risk-based approach can minimize the burden. There are several steps a bank should take to ensure compliance; an important part of the process is a formal risk assessment.