As part of our Venminder Thought Leadership series where we speak with the industry’s sought-after thought leaders for their perspective and advice on third parties, mitigating risk, best practices, trends and more, I had the opportunity to speak with Brian Tate, CEO at Innovative Payments Association (formerly NBPCA).
Brian has been with IPA since 2013. He was initially hired on as first government affairs director. During his tenure with IPA, Brian has led the association's advocacy efforts on numerous regulations. Over the last 10 years, Brian has been directly involved in some of the most notable financial services-related issues, including the Dodd-Frank Act, the Durbin Amendment and fiduciary duty.
Brian Tate Interview Highlights
During our time, we covered:
- A legal and industry perspective on third party risk
- The impact of fraud in third party risk management
- How investing in third party risk protects you
- And more
Fraud in Third Party Risk Management: It’s Prevalent
When asked where third party risk management is currently and how organizations are doing, Brian shared an interesting perspective. He discussed the fraud mitigation aspect, reminding us all that third party risk management advancement isn’t only gauged from a regulatory perspective. It’s becoming even more important that institutions deeply understand and consider fraud and are doing their due diligence. This is true in all industries but especially in the prepaid industry.
Brian said, “The kinds of fraud that they're coming up with could not have been contemplated 10 years ago because of technology, but now with the technology and the ease of computer systems lining up and people have the ability to infiltrate personal servers, the information that's out there is enormous and the potential for chaos, risk and loss to the bank will only continue to grow. That threat will remain constant.”
What Should You Do to Help Prevent Fraud?
Brian shared some simple but sound advice:
- Make sure your organization is aware of the rules in place related to fraud protection practices
- Keep compliance top of mind at the front-end level and also at the management, executive and C-suite levels
- It’s essential to know your customer (KYC) and apply the Customer Identification Program (CIP)
Following these recommendations will help your organization to confirm that the proper due diligence has been completed in order to verify that the end user, account holder or whomever it may be is actually who they say they are.
A Lesson Learned from Dodd-Frank
I wanted to hear Brian’s thoughts on senior leadership and board involvement regarding third party risk. Particularly, I was interested in finding out if he thought they were involved enough. Brian raised a good point. He shared that it may have been a second or third tier issue in the past for them but it’s definitely becoming an increasing priority and focus for executive leadership as it was one of the lessons learned from Dodd-Frank.
“The days of passing the buck, or saying, ‘Well that's not my department’, even though you're working at the same bank, and the left arm not talking to the right arm, are over. One of the things that happened in Dodd-Frank, and just generally speaking, in terms of how regulators approach risk in issues that may rise out of risk, is that the bank and senior management is going to be responsible for all the operations at the institution,” shared Brian.
Brian shared some great insight, both from a legal and industry perspective. He raised some interesting points regarding fraud mitigation. All in all, I have to agree with Brian as I do believe it should be one of the focal points for a risk management professional and is becoming more and more present with the latest technology advancements.
On behalf of Venminder, I’d like to thank Brian for his participation in this series. Be sure to listen to our discussion here to catch even more helpful information.
Information security should be at the forefront of every third party relationship. Download the infographic.