Software

Gain a 360-degree view of third-party risk by using our SaaS software to centralize, track, automate, assess and report on your vendors. 

Managed Services

Let us handle the manual labor of third-party risk management by collaborating with our experts to reduce the workload and mature your program. 

Overview
Document Collection
Policy/Program Template/Consulting
Virtual Vendor Management Office
Vendor Site Audit

Ongoing Monitoring

Let us handle the manual labor of third-party risk management by collaborating with our experts.

VX LP Sequence USE FOR CORPORATE SITE-thumb
Venminder Exchange

As Venminder completes assessments for clients on new vendors, they are then made available inside the Venminder Exchange for you to preview scores and purchase as you need.

CREATE FREE ACCOUNT

Use Cases

Learn more on how customers are using Venminder to transform their third-party risk management programs. 

Industries

Venminder is used by organizations of all sizes in all industries to mitigate vendor risk and streamline processes

Why Venminder

We focus on the needs of our customers by working closely and creating a collaborative partnership

1.7.2020-what-is-a-third-party-risk-assessment-FEATURED
Sample Vendor Risk Assessments

Venminder experts complete 30,000 vendor risk assessments annually. Download samples to see how outsourcing to Venminder can reduce your workload.

DOWNLOAD SAMPLES

Resources

Trends, best practices and insights to keep you current in your knowledge of third-party risk.

Webinars

Earn CPE credit and stay current on the latest best practices and trends in third-party risk management.  

See Upcoming Webinars

On-Demand Webinars

 

Community

Join a free community dedicated to third-party risk professionals where you can network with your peers. 

Weekly Newsletter

Receive the popular Third Party Thursday newsletter into your inbox every Thursday with the latest and greatest updates.

Subscribe

 

Venminder Samples

Download samples of Venminder's vendor risk assessments and see how we can help reduce the workload. 

resources-whitepaper-state-of-third-party-risk-management-2023
State of Third-Party Risk Management 2023!

Venminder's seventh annual whitepaper provides insight from a variety of surveyed individuals into how organizations manage third-party risk today.

DOWNLOAD NOW

OCC Released 2018 Exam Priorities: NR 2017-113

4 min read
Featured Image

On September 28, 2017, the Office of the Comptroller of the Currency (OCC) released Bank Fiscal Year 2018 Bank Supervision Operating Plan, aka, NR 2017-113. Thanks for the acronym fun… but what does that really mean? That means if you are a compliance officer, risk manager or third party risk manager, you should be paying very close attention.

Areas of Focus for 2018

In the advisory, the OCC identifies several areas of focus – none of which should come as a surprise, if you’ve followed the events of 2017 closely. Among these priorities are:

  • Cybersecurity and operational resiliency
  • Commercial and retail credit loan underwriting
  • Business model sustainability
  • BSA/AML compliance management
  • Change management to address new regulatory requirements

You can find the entire bulletin as well as the supporting documentation here.

Vendor Management Expectations for 2018

Wait! Did we hear a yawn and see a shrug from the folks in third-party risk management? Wait a second – you have lots to read yourselves. In fact, there’s an entire section devoted to Service Providers and specific expectations.

In total, Service Providers and third parties are referenced over 60 times in the document. That’s right – 60 – as in approximately the same leap in heart rate that we experienced when we read that.

Now, we shouldn’t find that surprising – after all, we could have seen it coming – numerous UDAAP (Unfair, Deceptive or Abusive Acts and Practices) enforcement actions throughout the year – many with third party implications, updated OCC guidance in bulletins 2017-7 and 2017-21 on third party risk management and the alarming Equifax data breach.

On top of that, as we noted in a special advisory a few months ago, both the FDIC and OCC internal reports have been highly critical of lapses in third party oversight activities during examinations.

Next Steps to Prepare

Now is the time to start preparing for 2018 – a few key steps we’d strongly recommend:

  1. Review your policy and program document for any items that need to be updated
  2. Review your last internal audit and examination reports for any deficiencies that need to be addressed
  3. Review recent enforcement actions and use that as a lens to examine your own practices
  4. Read carefully Bulletins 2017-7 and 2017-21 – they are practically the playbook for the upcoming examinations. In fact, one is the supplemental examination guide for third party risk management – do
  5. .1esn’t get much more plain English than that as to what they’ll be expecting
  6. Consider the adequacy and training of your staffing
  7. Make sure your processes are thoroughly documented and can be evidenced in actual work products
  8. Read the Bank Supervision Operating Plan in detail – it’s only 8 pages long but much of it will be very instructive in terms of particular things you may wish to consider unique to your own institution

We have published lots of material on all of these topics throughout the year and the OCC, to its credit, is telling us precisely the things they’ll be looking for. Each institution is different, each one has its unique strengths and weaknesses, so it’s important that you develop detailed plans around the OCC guidance, particularly the supplemental examination guide.

Finally, lest you think we’re warning you far too soon – remember, the government fiscal year 2018 actually started October 1, 2017, and while your exam may be months away, it’s never too soon to think in terms of 2018 priorities.

For more exam preparation help, download our infographic.

how to write a third party policy

Subscribe to Venminder

Get expert insights straight to your inbox.

Ready to Get Started?

Schedule a personalized solution demonstration to see if Venminder is a fit for you.

Request a Demo