(270) 506-5140 CONTACT US
Best Practices

How to Vet an International Vendor

Jul 9, 2019 by Branan Cooper

Vetting vendors is a critical phase of the vendor lifecycle. Most of us know our organization’s requirements for vetting a US-based vendor, but what about an international vendor? Do these requirements change?

The answer is most likely. If the requirements don’t change, then they probably should be reevaluated. The matter of fact is that although there’s absolutely nothing wrong with working with an international vendor, the risk is heightened.

8 Tips for Vetting an International Vendor

Here are my eight tips when vetting an international vendor:

  1. Make sure the international vendor’s policies and procedures align with your organization’s expectations.

  2. Ask for the vendor’s address and any other basic business information. By knowing location, you can determine whether they're in a geopolitically sensitive area or not. 

  3. Thoroughly understand their hiring practices.

  4. Verify if there are ways of truncating US customer information or ensure it can't be compromised.

  5. Write into the contract a right to audit provision and calculate how quickly you could get there should an incident occur. Of course, travel time and expense are much more so you’ll want to understand that upfront.

  6. OFAC/PEP checks are critical as you want to know who their owners and key management team are. Make sure they aren’t affiliated with a foreign entity that you don’t want to associate your organization’s name with.

  7. Ask for information about their premises. For example, do they have security cameras on-site?

  8. Request their policies and procedures. Within that, look for the things like a clean desk policy, hiring practices, reporting practices, etc.

Implementing these eight best practices should help your organization better understand the international vendor you’re evaluating.

Regardless of where your vendor is, take these 19 steps during the vetting process. Download the eBook. 

New call-to-action

Branan Cooper

Written by Branan Cooper

Branan Cooper is the Chief Risk Officer at Venminder. Branan has nearly 30 years of experience in the financial services industry with a focus on the management of operational and regulatory processes and controls—most notably in the area of third party risk and operational compliance. Branan leads the Venminder delivery team as the third party risk management subject matter expert in residence. Branan also serves as an industry thought leader. He's a member of InfraGard and the Professional Risk Management Industry Association (PRMIA). And, he was selected in 2018 as an advisor to the Center for Financial Professionals (CEFPro) and board member for the Global Sourcing Resource Network (GSRN).

Follow Branan Cooper

Subscribe to the Venminder Blog