(270) 506-5140 CONTACT US
Best Practices

An Ounce of Third Party Risk Management Prevention

Aug 23, 2017 by Branan Cooper

There is an old saying that goes, “an ounce of prevention is worth a pound of cure” Meaning the cheapest way to fix a problem is often to simply prevent it from occurring. Perhaps there is no better example than in the world of third party risk management. When you think of the amount of clean up that is required after a problem, with the benefit of hindsight, you’ll likely wish you’d taken a few proactive steps to have prevented the problem altogether. 

Third Party Risk Management Examples 

Let’s look at a few common examples: 

1. Contract Management - If you don’t have a well-run system for handling your contracts, you may be missing some real opportunities to stave off disaster 

Having strong provisions for service level reporting may alert you to problems with customer service early on, tracking contract renewal terms is vital so that you don’t accidentally allow a large contract you wanted to terminate simply auto renew, and a poorly written contract exposes you in countless ways. 

2. Information security - Follow your customer’s data, wherever it goes.

Consider who has access, even second-hand access – remember the massive Target breach was actually facilitated by an HVAC provider’s credentials being compromised.  A recent study says that a data breach can cost between $130 and $170 for each record… that’s a lot of money that could have been avoided by taking strong steps ininformation security on the front end. 

3. Financial analysis - Let’s face it - financials are tough to get if you’re dealing with a small privately held company, but if they are providing a vital service to your institution, you need to do everything you can to gain comfort around their financial health.

You don’t want to wake up one day and find they’ve suddenly gone out of business. 

By doing these three things well, you'll have taken major steps to ensure that their practices are sound and that you've done a lot to address the risks inherent in the relationship. 

These are just a few things to consider. Remember, what you don’t know will hurt you

To learn more about how to manage third party inherent risk, download our infographic.

inherent vendor risk versus residual vendor risk

Branan Cooper

Written by Branan Cooper

Branan Cooper is the Chief Risk Officer at Venminder. Branan has nearly 30 years of experience in the financial services industry with a focus on the management of operational and regulatory processes and controls—most notably in the area of third party risk and operational compliance. Branan leads the Venminder delivery team as the third party risk management subject matter expert in residence. Branan also serves as an industry thought leader. He's a member of InfraGard and the Professional Risk Management Industry Association (PRMIA). And, he was selected in 2018 as an advisor to the Center for Financial Professionals (CEFPro) and board member for the Global Sourcing Resource Network (GSRN).

Follow Branan Cooper

Subscribe to the Venminder Blog