Software

Gain a 360-degree view of third-party risk by using our SaaS software to centralize, track, automate, assess and report on your vendors. 

Managed Services

Let us handle the manual labor of third-party risk management by collaborating with our experts to reduce the workload and mature your program. 

Overview
Document Collection
Policy/Program Template/Consulting
Virtual Vendor Management Office
Vendor Site Audit


Ongoing Monitoring

Let us handle the manual labor of third-party risk management by collaborating with our experts.

VX LP Sequence USE FOR CORPORATE SITE-thumb
Venminder Exchange

As Venminder completes assessments for clients on new vendors, they are then made available inside the Venminder Exchange for you to preview scores and purchase as you need.

CREATE FREE ACCOUNT

Use Cases

Learn more on how customers are using Venminder to transform their third-party risk management programs. 

Industries

Venminder is used by organizations of all sizes in all industries to mitigate vendor risk and streamline processes

Why Venminder

We focus on the needs of our customers by working closely and creating a collaborative partnership

1.7.2020-what-is-a-third-party-risk-assessment-FEATURED
Sample Vendor Risk Assessments

Venminder experts complete 30,000 vendor risk assessments annually. Download samples to see how outsourcing to Venminder can reduce your workload.

DOWNLOAD SAMPLES

About

Venminder is an industry recognized leader of third-party risk management solutions. 

Our Customers

900 organizations use Venminder today to proactively manage and mitigate vendor risks.

Get Engaged

We provide lots of ways for you to stay up-to-date on the latest best practices and trends.

Gartner 2020
Venminder received high scores in the Gartner Critical Capabilities for IT Vendor Risk Management Tools 2020 Report

READ REPORT

Resources

Trends, best practices and insights to keep you current in your knowledge of third-party risk.

Webinars

Earn CPE credit and stay current on the latest best practices and trends in third-party risk management.  

See Upcoming Webinars

On-Demand Webinars

 

Community

Join a free community dedicated to third-party risk professionals where you can network with your peers. 

Weekly Newsletter

Receive the popular Third Party Thursday newsletter into your inbox every Thursday with the latest and greatest updates.

Subscribe

 

Venminder Samples

Download samples of Venminder's vendor risk assessments and see how we can help reduce the workload. 

resource-whitepaper-state-of-third-party-risk-management-2021-cropped
State of Third-Party Risk Management 2021

Venminder’s State of Third-Party Risk Management 2021 survey provides insight into how organizations are managing third-party risk management in today’s increasing regulatory and risky climate.

DOWNLOAD NOW

What Mortgage Lenders Need to Know About Fannie Mae Day 1 Certainty for Vendor Management

5 min read
Featured Image

Earlier this year, Fannie Mae released their long-awaited Day 1 Certainty program. For the mortgage lender, this represented a glimmer of hope to be released from certain future reps and warranty issues, should something run afoul to a mortgage loan.

In fact, what it means for the lender was that by using the report data from an eligible verification report supplier, those validated loan components would be eligible for rep and warrant enforcement relief. 

Integration With the DU Validation Service Platform  

As part of this program, Fannie Mae engaged with a number of data providers to integrate with the DU validation service platform. And, I should point out that these vendors aren’t actually integrated into DU, but are merely approved as eligible to furnish the information used in certain loan components. 

These include: 

  • Verification of Employment 
  • Verification of Deposit 
  • Verification of Income

Also known As NPPI! 

What does it mean to a vendor management team? 

The Day 1 Certainty guide provides some great pointers as to best practices of vendor oversight…in the case of this program, it outlines qualifying criteria for a vendor to become approved as a Day 1 Certainty vendor. 

If you’re new to vendor oversight and haven’t adopted these key steps in onboarding a vendor, take a look at the steps Fannie Mae outlines below. These can be leveraged and used in an approach when considering a vendor for your own mortgage operation. 

Key steps in onboarding a vendor:

  1. Ability to integrate with the DU validation service platform (per Fannie Mae DU Validation Service Integration guide)  
  2. External audited, certified financials 
  3. Business and technical processes and controls for data quality and accuracy (must provide evidence)  
  4. Information security penetration test completed within the past 12 months (must provide results)  
  5. Documentation evidencing external review of information systems (e.g., Service Organization Controls [SOC] 2 Report or similar) completed within the past 12 months (must provide results)  

During our research, we learned that each Vendor had to execute an NDA as part of the overall approval process. Again, another good step in the contract process is to enforce an NDA or Mutual NDA before proceeding with the official engagement. 

So, we’re all set! Right? Fannie Mae performed the vendor oversight for me? 

WRONG!   STOP!   KEEP READING!

On page 5 of 5 on the Fannie Mae DU Validation Vendor List, there is the following disclaimer:

  • Fannie Mae does not endorse any particular vendor, and does not represent or warrant that any report supplier will meet a lender’s requirements. 
  • Lenders must establish controls to manage and monitor the vendors.* 
  • In accordance with their own regulatory requirements. 

This places the oversight responsibility back to the lender, and rightly soafter all, the use of this data while offering some relief to potential fall out to the lender is ultimately protecting the GSE (Government Sponsored Entity) from potential fraud of key data used to originate mortgage loans. Their goal is to validate that the data used in the loan origination process is bullet proof. 

As of March 2017, there were approximately 47 vendors listed as eligible. If your vendor isn’t on the list, the offer of relief will be appealing to your executive management suite and credit and risk teams responsible for loan performance. 

However, it’s important to note that a strong third party risk program will take the necessary steps in validating any potential new vendor that is engaged to fully understand the risks and oversight necessary.   

Final Thoughts 

Simply relying on the non-endorsement but approved eligible” from FNMA for those fortunate vendors will not satisfy any state or federal regulator. The best practice is to stay the course, don’t cut corners and don’t rely on a GSE vendor approval platform to satisfy the long standing vendor oversight regulatory requirements. 

Learn what you need to know about vendor management oversight and ongoing monitoring. Download our infographic. Vendor Management Oversight and Ongoing Monitoring

 

 

 

Subscribe to Venminder

Get expert insights straight to your inbox.

Ready to Get Started?

Schedule a personalized solution demonstration to see if Venminder is a fit for you.

Request a Demo