Gain a 360-degree view of third-party risk by using our SaaS software to centralize, track, automate, assess and report on your vendors. 

Managed Services

Let us handle the manual labor of third-party risk management by collaborating with our experts to reduce the workload and mature your program. 

Document Collection
Policy/Program Template/Consulting
Virtual Vendor Management Office
Vendor Site Audit

Ongoing Monitoring

Let us handle the manual labor of third-party risk management by collaborating with our experts.

Venminder Exchange

As Venminder completes assessments for clients on new vendors, they are then made available inside the Venminder Exchange for you to preview scores and purchase as you need.


Use Cases

Learn more on how customers are using Venminder to transform their third-party risk management programs. 


Venminder is used by organizations of all sizes in all industries to mitigate vendor risk and streamline processes

Why Venminder

We focus on the needs of our customers by working closely and creating a collaborative partnership

Sample Vendor Risk Assessments

Venminder experts complete 30,000 vendor risk assessments annually. Download samples to see how outsourcing to Venminder can reduce your workload.



Trends, best practices and insights to keep you current in your knowledge of third-party risk.


Earn CPE credit and stay current on the latest best practices and trends in third-party risk management.  

See Upcoming Webinars

On-Demand Webinars



Join a free community dedicated to third-party risk professionals where you can network with your peers. 

Weekly Newsletter

Receive the popular Third Party Thursday newsletter into your inbox every Thursday with the latest and greatest updates.



Venminder Samples

Download samples of Venminder's vendor risk assessments and see how we can help reduce the workload. 

State of Third-Party Risk Management 2023!

Venminder's seventh annual whitepaper provides insight from a variety of surveyed individuals into how organizations manage third-party risk today.


The Failure of First Republic Bank and the Need for Comprehensive Third-Party Risk Management

4 min read
Featured Image

On May 1, First Republic Bank became the latest regional bank to fail, following Silicon Valley Bank and Signature Bank, which collapsed less than two months ago.

The decline had been brewing for First Republic since Silicon Valley Bank and Signature Bank were seized in March. Those two failures triggered a search for other lenders in trouble, and First Republic was soon identified as vulnerable to significant deposit outflow risk. However, the true death spiral began when the bank announced last Monday that it had lost $100 billion in deposits in just three months. 

The stock value of First Republic plummeted so much following the announcement that the New York Stock Exchange halted trading several dozen times during the week. By mid last week, it had become obvious that government intervention was needed. Over the weekend, the FDIC seized the bank, and JPMorgan Chase bought all of its deposits and most of its assets through an auction. On Monday, May 1, First Republic's 84 branches opened as JPMorgan Chase.

Unlike the Silicon Valley Bank and Signature Bank, the FDIC has only agreed to protect First Republic's depositors up to the FDIC-insured limit of 250,000 dollars per institution, and investors are facing a total loss. There is no shortage of news media coverage on the First Republic Bank's and others' failures and how they affect the broader economy and banking system. 

Still, the question every TPRM practitioner should be asking right now is, "What does this mean for third-party risk management (TPRM)?"

Banks as Vendors

It's no small secret that banking partners are often overlooked for TPRM due diligence. After all, those institutions are regulated, and surely the regulators are keeping watch, right? This common misconception often leads to a false sense of security because regulations in and of themselves do not prevent banks (or any other type of vendor) from failing. It’s for this reason that regulators issue guidance instructing organizations on identifying, assessing, managing, and monitoring third-party risks. And banks and other financial institutions must be covered by your organization's third-party risk management practices. In most instances, banks should be considered critical vendors, not just for your organization, but also for your vendors.

For starters insight into your vendor’s banking relationships and understanding their operational resiliency is important. Suppose your organization or one of its vendors suffers the loss of a key financial partner. The impacts on your organization or its customers can be devastating. Many organizations have lost deposits over the $250,000 limit, possibly creating a serious financial shortfall. If your vendor is in this situation, they may be forced to take out loans to make payroll, fund basic operations, or reduce staff or services to compensate for the loss. In addition, if your vendor relies on a specific bank or financial institution for capital and funding, this resource is lost when that institution fails. This could mean business disruptions or delays; in a worst-case scenario, it could be the straw that breaks the camel's back, forcing your vendor to go out of business.

Important Considerations Regarding Banking Partners - Yours or Your Vendor’s 

  • Have you done due diligence and risk reviews for your organization's financial partners?
    • Your organization's financial partners (banks, lenders, credit unions, etc.) should be in scope for third-party risk management. 
    • In many cases, your organization's financial partners should qualify as critical vendors
  • Are any of your critical vendors potentially impacted by events related to recent banking failures or pressures?
  • Do you or your vendors have additional risk exposure due to our vendor's relationships with First Republic, SVB, Signature Bank, or other banks experiencing financial or operational pressures?
  • What is your potential exposure through fourth parties?
    • Don't forget that your vendors should be properly vetting and monitoring their banking partners as part of their third-party risk management practices.

first republic bank failure third-party risk management

4 Steps Can Take In Your Third-Party Risk Management Program Today

  1. Ensure that all financial institutions are in scope for third-party risk management. 
  2. Add questions to your vendor risk questionnaires that address banking relationships and possible concentrations of banking relationships:
    •    Who does your organization bank with? 
    •    Does your organization hold all its funds/deposits with one bank or multiple institutions?
    •    What are the names of the institutions?
    •    Have you recently performed any due diligence (i.e., financial health analysis/assessment) on your banking partner(s)?
  3. Make sure that vendor financial reviews are comprehensive and include: 
    •    The vendor's latest cash and cash equivalents balance and liquidity position
    •    Outside of cash and cash equivalents, the vendor's sources of liquidity and funding, and ability to access them if they do not have access to cash
    •    Determining if the vendor's funds/deposits held domestically in the U.S. or internationally
    •    Any vendor restrictions accessing their cash and cash equivalents balance
  4. Utilize adverse media, financial health, and other real-time monitoring tools to fill information gaps and keep your organization up-to-date with the latest developments and changes in your vendor's risk profile.

    Using vendor risk screening and monitoring platforms can help uncover your organization's "blind spots" and streamline the information you need regarding your vendor base. Furthermore, these tools can assist you in becoming more aware of risks associated with evolving events, particularly those relating to banking relationships and possible bank failures in the future.

The recent bank failures should illustrate how quickly risks can shift and change. Even though effective third-party risk management won’t prevent the next bank failure, it could give your organization an advantage by highlighting operational risks directly related to your or your vendor's banking relationships. Early issue detection and regular risk monitoring can help your organization take control over risks vs. being surprised by them.

Subscribe to Venminder

Get expert insights straight to your inbox.

Ready to Get Started?

Schedule a personalized solution demonstration to see if Venminder is a fit for you.

Request a Demo