Staying On Top of Vendor Management News: Week of Jan 1

New year, new vendor management news. If this week’s news is any indication, we’re in for a wild and wacky year! 

We’ve got lots more CFPB news (the current head of NCUA may be named as the permanent director and states lining up to step in if CFPB lessens regulations), a terrific report on trends in fintech, an update on risks associated with doing business in Mexico and a whole smattering of other news. Happy “News” Year everyone! 

Articles From Week of January 1 to Check Out

Senate introduces bills to give states authority for additional supervisory rights: Read here

Current head of NCUA may be named permanent director of CFPB (perhaps very good news from a regulatory stringency perspective): Read here

KPMG article on top regulatory challenges for financial institutions: Read here

Trends in fintech – some very interesting stats: Read here

Change in tone at CFPB – note the reference to state agencies stepping in if CFPB rolls back regulation: Read here

NAFCU compliance newsletter – cybersecurity among top priorities and the upcoming cybersecurity assessment tool for credit unions: Read here

My prescient moment, part 1 – as I said before, if regulators disagree, let Congress or the courts decide – A call for Congress to make the decisions on the amount of regulatory oversight fintech companies require: Read here

Financial Action Task Force (FATF) releases updated report on Mexico – significant in third party space since many of the call center and data processing outsource to companies located in Mexico: Read here

California Bankers Association and Western Independent Bankers merge: Read here

Making the auditors the scapegoats doesn’t help anyone… do we hold regulators accountable for lapses?  Without getting political, this is a very slippery slope but one to be well aware of: Read here

NYDSF is always aggressive - this is an additional enforcement action against Western Union on top of a massive one ($586 million) almost exactly a year ago, likely linked to earlier issues on failing to oversee and take action on suspicious agent activities: Read here

Unhappy anniversary of the Target breach:

4 Years After Target, the Little Guy is the Target
Krebs On Security | Thu Dec 28, 2017 - Dec. 18 marked the fourth anniversary of this site breaking the news about a breach at Target involving some 40 million customer credit and debit cards. It has been fascinating in the years since that epic intrusion to see how organized cyber thieves have shifted from targeting big box retailers to hacking a broad swath of small to mid-sized merchants. In many ways, not much has changed: The biggest underground shops that sell stolen cards still index most of their cards by ZIP code. Only, the ZIP code corresponds not to the legitimate cardholder’s billing address but to the address of the hacked store at which the card in question was physically swiped.

As we worry about so many third party risk items, it's important to remember to master the fundamentals first - we call those the 6 pillars of vendor management. Download our infographic to learn more.