(270) 506-5140 CONTACT US
Login
Examination Preparation

What Will Examiners Ask Related to Vendor Risk Management?

Nov 15, 2017 by Branan Cooper

A common question we hear is “How do we know what the examiners will ask related to vendor risk management?” It’s one that does not lend itself to an exact and easy answer. However, there are many ways to learn what the examiners will expect.

What to Do to Prepare for Examiner Vendor Management Questions

  1. Look back at your last exam – hopefully, you kept detailed notes and can also review the report of examination. Please be sure to look for any open items that need to be addressed and handle them before the exam starts – make sure the actions are thorough and well-documented and, most importantly, fully responsive to any deficiencies or gaps noted.

  2. Read their playbook. That’s right – you actually can. The FFIEC and the OCC have the best guides on what examiners will be expecting to see. The FFIEC examination handbook is particularly detailed and illustrative – remember that ALL of the major federal regulators participate in the FFIEC, not just the banking regulators.

  3. As mentioned above, the OCC has also recently updated its supplemental examination guide for third party risk management. Bulletin 2017-7 is like a play by play of what to expect – couple that with their FAQ’s on third party risk in Bulletin 2017-21 and you’ve practically read over the shoulders as to what they will expect.

A Few Other Helpful Vendor Risk Management Exam Hints 

Here are a few other helpful hints to use along the way:
  • The FFIEC’s most pointed commentary in the examination guide can be found in Appendix J and   Appendix E – both of which have been updated in the past couple of years.

  • It’s also worth looking at the CFPB updates as to areas they’re focusing on and then go to Payment Law Advisor and look at their UDAAP tracker – it’s a good way to look objectively at your own institution and ask yourself if you may be facing similar issues.

  • All that in hand, it’s also a great practice to consult your internal audit team, compliance, general counsel and subject matter experts for any areas of concern or input.


You’ve studied well – ace that exam!

To learn more about OCC exam preparation, download our OCC Vendor Management Examination Priorities for 2018 ebook.

Regulatory Developments Impact Your Next Vendor Management Exam eBook

Branan Cooper

Written by Branan Cooper

Branan Cooper is the Chief Risk Officer at Venminder. Branan has nearly 30 years of experience in the financial services industry with a focus on the management of operational and regulatory processes and controls—most notably in the area of third party risk and operational compliance. Branan leads the Venminder delivery team as the third party risk management subject matter expert in residence.

Follow Branan Cooper
Subscribe--Bg.jpg

Subscribe to the Venminder Blog