Gain a 360-degree view of third-party risk by using our SaaS software to centralize, track, automate, assess and report on your vendors. 

Managed Services

Let us handle the manual labor of third-party risk management by collaborating with our experts to reduce the workload and mature your program. 

Document Collection
Policy/Program Template/Consulting
Virtual Vendor Management Office
Vendor Site Audit

Ongoing Monitoring

Let us handle the manual labor of third-party risk management by collaborating with our experts.

Venminder Exchange

As Venminder completes assessments for clients on new vendors, they are then made available inside the Venminder Exchange for you to preview scores and purchase as you need.


Use Cases

Learn more on how customers are using Venminder to transform their third-party risk management programs. 


Venminder is used by organizations of all sizes in all industries to mitigate vendor risk and streamline processes

Why Venminder

We focus on the needs of our customers by working closely and creating a collaborative partnership

Sample Vendor Risk Assessments

Venminder experts complete 30,000 vendor risk assessments annually. Download samples to see how outsourcing to Venminder can reduce your workload.



Trends, best practices and insights to keep you current in your knowledge of third-party risk.


Earn CPE credit and stay current on the latest best practices and trends in third-party risk management.  

See Upcoming Webinars

On-Demand Webinars



Join a free community dedicated to third-party risk professionals where you can network with your peers. 

Weekly Newsletter

Receive the popular Third Party Thursday newsletter into your inbox every Thursday with the latest and greatest updates.



Venminder Samples

Download samples of Venminder's vendor risk assessments and see how we can help reduce the workload. 

State of Third-Party Risk Management 2023!

Venminder's seventh annual whitepaper provides insight from a variety of surveyed individuals into how organizations manage third-party risk today.


Vendor Mergers: Resistance is Futile, You Will Be Assimilated

5 min read
Featured Image

Trekkie fans will understand the reference to the BORG and what it feels like when you don’t have many choices. The assimilated Captain Picard provides this famous line, “…from this time forward you will service us.” With the recent purchases of OSI by Fiserv and Harland by D+H many bankers believe the line could be rewritten, “…from this time forward ONLY we will service you…And you have nothing to say about it.”

When I started my first business in the community banking and credit union industry as a technology provider back in the early 1990s (OASYS Network Solutions) there had to have been at least 50 core service providers. Heck, Boeing was a core provider back then (yes, the airplane manufacturer). Bankers had choices and competition was fierce. The big boys existed of course and there were many, many smaller players either running their own systems or reselling other platforms while providing ‘ancillary’ services to complement the core.

Today there are fewer than five (5) real core service providers and four (4) of them have ‘assimilated’ in excess of 95% of the market share. Not quite antitrust, but close enough to be concerned. Consolidation of the market is both good and bad. Some bankers are up-in-arms while others are apathetic. Many believe this is the free market at work and some believe, well, the government should intervene to make it more fair.

Vendor Merry-Go-Round

At Paladin fs our sole purpose of existence is to provide core and IT cost/value research to the sub-$5 Billion asset market both credit unions and community banks. We restructure and renegotiate existing core and IT service agreements constantly on their behalf so we are always helping to navigate the Vendor Merry-Go-Round. It’s not uncommon for a bank to approach us and say in the last 10 years that they were originally with NCR who was bought by Kirchman and then by FIS. Or another might say they left Fiserv years ago because they were unhappy with services levels for smaller more homey OSI and now they are back with Fiserv. This can be disheartening and make the management team feel powerless, and you would be right.

The Bad

I like the bad news before I focus on the good so that’s how you’re going to get it here. Fewer choices means fewer choices. With respect to back office systems weather you choose Fiserv, Fidelity (FIS), Jack Henry (JHA) or D+H (Harland) I like to say a “core is a core is a core”. That may be a good thing because you are not necessarily missing out on anything. The vendors will argue their system may be better than the other as expected but the reality is that each are equally strong and weak in different areas. Consolidation kills the “best of breed” option – and that is bad. Back in the day you could choose Fiserv for your account and item processing, ask that Intuit ran your internet banking and Checkfree your bill pay. Perhaps Elan ran the EFT services. Today Fiserv owns Checkfree, doesn’t make it easy for you to do business with Intuit (now owned by Thoma Bravo) and provides competitive EFT services that even Elan (a known low-cost leader) blushes at. You don’t have the implied benefit of easy switching leverage with any of the stabled vendors so that they may hold onto their particular business line and work hard to retain it at the next renewal. Change would be easy to convert from one ancillary provider to another and they knew it.

Another negative effect of consolidation is that there is no-telling if you are paying Fair Market Value (FMV). For example, when you were with NCR and paying $1.30 per transaction (hypothetical) and that contract was sold 2x ultimately ending with FIS – you’re still paying $1.30 when in reality the FMV based on your current volumes under new pricing is maybe $.50 per transaction. You’ve been overpaying for that particular services for many years and never getting the benefit of a lower cost structure and you may even be on what we call “old paper”. If you are on old paper there is little possibility that the terms and conditions match your strategy today and that can be a very bad thing if for example a merger is in your future.

The Good

In this respect you should believe just about everything the core vendor is telling you that is ‘positive’ about the merger, but don’t believe anything that they are not telling you. Yes, read that again, I meant it. You don’t know what you don’t know – and either do they. The unknown can be used to your advantage if you know how to get this implemented into a new agreement under the remaining vendor. Sure, with one service provider choice you have a lot fewer vendors to manage, compliance costs should go down and life should be simpler. One account manager handles the entire relationship. In this “only one throat to choke” business model you normally would have a bit more clout since all of your business is with the same provider. The vendor is at risk of losing all the business at once and not just a smaller business line in the “best of breed” model discussed above. If one vendors loses all the business that means their competitive BORG cousins have a lot to win on every potential deal. All of these firms are extremely profitable, cash rich, and can step up to ‘buy the business’ much more easily than the remaining smaller providers addressing the lowly 4% of the remaining market. You do have leverage but entering a negotiation or renewal with one of the BORG not armed to the teeth with market intelligence, pricing data and inside vendor know-how greatly erodes your position.

The May Be Good

The BORG have an assimilation plan and the final phase has started though not many have noticed or written about it. All of the true core providers and ancillary services vendors have just about been gobbled up. But what about the IT and managed service providers? Infrastructure, managed firewall, security, SPAM/Virus filtering, archive, etc. Recent purchases of Colorado-based HEIT by CSI; Pronet by FIS and Canadian D+H purchasing Compushare shows that they are moving aggressively into this space. The good may be that they can now address your 360 degree core AND IT needs so the choke-able throat is even bigger and fewer vendors to manage. The bad may be the same.

If their plans continue without future competition and real market options, resistance will be futile and assimilation guaranteed.

 Download Free Venminder Due Diligence Document Samples

Subscribe to Venminder

Get expert insights straight to your inbox.

Ready to Get Started?

Schedule a personalized solution demonstration to see if Venminder is a fit for you.

Request a Demo