Gain a 360-degree view of third-party risk by using our SaaS software to centralize, track, automate, assess and report on your vendors. 

Managed Services

Let us handle the manual labor of third-party risk management by collaborating with our experts to reduce the workload and mature your program. 

Document Collection
Policy/Program Template/Consulting
Virtual Vendor Management Office
Vendor Site Audit

Ongoing Monitoring

Let us handle the manual labor of third-party risk management by collaborating with our experts.

Venminder Exchange

As Venminder completes assessments for clients on new vendors, they are then made available inside the Venminder Exchange for you to preview scores and purchase as you need.


Use Cases

Learn more on how customers are using Venminder to transform their third-party risk management programs. 


Venminder is used by organizations of all sizes in all industries to mitigate vendor risk and streamline processes

Why Venminder

We focus on the needs of our customers by working closely and creating a collaborative partnership

Sample Vendor Risk Assessments

Venminder experts complete 30,000 vendor risk assessments annually. Download samples to see how outsourcing to Venminder can reduce your workload.



Trends, best practices and insights to keep you current in your knowledge of third-party risk.


Earn CPE credit and stay current on the latest best practices and trends in third-party risk management.  

See Upcoming Webinars

On-Demand Webinars



Join a free community dedicated to third-party risk professionals where you can network with your peers. 

Weekly Newsletter

Receive the popular Third Party Thursday newsletter into your inbox every Thursday with the latest and greatest updates.



Venminder Samples

Download samples of Venminder's vendor risk assessments and see how we can help reduce the workload. 

State of Third-Party Risk Management 2023!

Venminder's seventh annual whitepaper provides insight from a variety of surveyed individuals into how organizations manage third-party risk today.


The Other M&A Discussion – Facts Vendors Never Share

4 min read
Featured Image

Fresh off of a 5 week speaking junket, through Austin, Vegas, Naples, Phoenix and Honolulu, I have learned a lot about what is NOT being discussed amongst bankers when it comes to M&A.

I sat through several merger panels and expert speakers across all these events sponsored by ABA, ICBA, IBAT and NAFCU and noone spoke about the clear and present danger of mismanaged and unattended Core IT agreements nor their relative impact to shareholders during mergers. 

Lawyers and investment bankers are not talking about it [Core IT contracts] because, frankly, they don’t know much about the topic and lack the inside knowledge and expertise in this area. There are a few exceptions out there but by in large, these professionals are short on knowledge and long on fees.

Fact: Vendors don’t care about your strategy

Let’s face the facts. Core IT vendors are not in the business – nor have any interest – in whether or not your bank or credit union is affected by a merger. In fact, when a merger occurs, all vendors understand that one of them dies and the other survives. It’s a dog eat dog world.

So, if you pull that contract off the shelf, blow the dust off first, and read through the fine print, you’ll find nothing in the standard master template that benefits any of your shareholders should a merger occur. In fact, most contracts are designed to punish your bank if you buy or sell. This is hardly a knock against the Core IT vendors for placing into their agreement such onerous and unfriendly terms – can you blame them? It’s their contract after all and a free market at the end of the day.

It’s up to you to know what needs to be changed. Vendors are not going to volunteer the best ideas and commercial terms so you can then use it to their disadvantage! If they suggest anything, and they do from time to time, it’s going to be in those areas where it has the least impact on them and the highest level of “apparent” benefit to you (do I sound cynical?).

What they’re not telling you

Sure, this is a long list but for the sake of brevity I’ll cover just a couple topics. For those of you that want go deep, spend 45 minutes with me. I’ve advised countless institutions of all sizes and on the recent speaking tour I talked with (to) hundreds of bankers and it seemed to me the most concentrated level of efforts to improve contracts is solely focused toward termination expense. This makes a lot of sense since termination expense is the easiest to understand.

Simply stated it’s the amount of money you pay as a penalty if you leave the contract for ‘convenience’ early. Typically it can be 80% (even 100% if you are a JHA client) of the remaining contract value based on an average cost of previous invoices. Sometimes this area of the contract is known as ‘liquidated damages’ and is one your attorney loves to attack with little success usually.

There is some room for improvement to be made and vendors will put up a great fight leading everyone to believe you have touched the electric third rail. In the excitement of billing countless hours rewriting these terms and conditions most lawyers and uninformed negotiators miss the real meat, cleverly stated elsewhere in the agreements or not written at all.

The cost of entry and exit (coming and going)

What about the cost of converting from your platform to another in a merger? For that matter, what does it cost to convert another system onto yours? In a world where everyone seems to be transacting “mergers of equals” these costs can be significant. Maybe they are not pre-stated in your agreement because nobody knows until the merger happens – right? Not true.

The vendors know exactly how much it costs to convert, de-convert and integrate one system into another. They’re experts at it. They don’t itemize this in the contract simply because they have too much to gain under the infamous catch-all term: Conversions conducted at the prevailing market rate for professional services. Oh boy! There it is right there. That one line that seems “reasonable” to your attorney until of course you find out that somebody had to pay $100,000 to $1,000,000 just to get the Core IT systems merger technically completed.

Suddenly, a good deal doesn’t feel so good. Sure, a few hundred thousand can be classified as peanuts when you’re thinking about all the BOLI comp programs and severance packages that have to be paid as part of any merger, but this can just be the beginning of more gotchas.

The compounding effect of past sins

Research is clear and indicates at least 8 out of 10 institutions are paying between 18% – 42% above Fair Market Value. On average this is at least $1.2 Million over 60 months. When you study the compounding effect of $1 of savings today over time and then begin to calculate the accretive value of reducing costs thereby improving profit and shareholder equity it starts to make a lot of sense.

Banks move through time not focused on non-interest expense associated with Core IT vendors and potential negative impact it may have on the value of a merger. In the not-so-distant past we came across an $800M asset bank that had successfully completed three (3) small mergers ($200M, $150M, $170M asset banks).

Like most banks they never really paid much attention to their Core IT spend. It seemed affordable and since it wasn’t broken – why fix it? This bank had been paying roughly $90,000 per month in total services to an outsourced vendor when they started buying banks (at the beginning). In actuality they should have been paying closer to $55,000 according to the Paladin Blue Book. The $45,000 per month premium had gone unchecked for the duration of the merger spree (approximately 5 years). The stand-alone impact hit was easily $2.7 Million over the same period. However, when you compound the overpayment with the new accounts and volume added by the three merged banks the overpayment vs. market approaches $5 Million to $6 Million. That’s a lot of money for any institution.

Vendor Due Diligence Guide

Subscribe to Venminder

Get expert insights straight to your inbox.

Ready to Get Started?

Schedule a personalized solution demonstration to see if Venminder is a fit for you.

Request a Demo