podcast
Best Practices in Vendor Management
Podcast Transcript
Welcome to this week's Third Party Thursday. My name is Kelly Vick, and I'm the President here at Venminder. Today we're going to be talking about Best Practices in Vendor Management. So let's get started.
With all of the information that’s out there and with all of the challenges facing us today - how does a responsible vendor manager keep up? New guidance takes quite a while to develop, and when it's published, it is often lengthy and cumbersome. For example in the first half of 2016 – 2200 pages of new regulations have been released. Quite a task to keep up with all of the required reading. A recent article cited a compliance officer needs 450 hours just to read and interpret all of the new guidance, then he/she still needs to document it into his/her policies and procedures, develop education, brief senior management, educate the front line managers and so on. It can seem like more than a full time job.
There's good news though. Any time new guidance comes out, it is quickly followed by some terrific legal summary and analysis. Consider subscribing to various law firm newsletters; a few of our favorites are JD Supra, Wilmer Hale and Ballard Spahr. You can also find helpful webinars by these firms.
Another good idea is to study the exam manual on the FFIEC website - it’s literally a playbook for what the examinations may cover.
Finally, benefit and learn from others’ successes and mistakes. A great practice is to use each enforcement action as a time to self reflect and evaluate your own practices. In your exams and audits, spend time listening for the hints or even casual comments made by the examiners or auditors. And use all of these opportunities to evaluate ways to shore up your own practices.
Another way to stay ahead is to pay close attention to the information that doesn't make it into your final exam report. It's generally very inciteful on the things that you may want to pay closer attention to in the future exams.
So other than reading and interpreting, what are some of the best practices? I always like going back to the basics. So ask yourself these questions:
- Is your vendor management plan inclusive enough?
- Does your work product match the expectations set in your vendor management policy and program documents?
- Is your due diligence timely and thorough?
- Do you have documented procedures on how to handle exceptions?
- Do you make it a practice of escalating issues to senior management?
One of the most important practices is meeting regularly with your senior management team. And don't just meet with them, get their full support and make sure your meetings are firmly documented in the minutes. There will likely be times where errors occur or a new third party slips through the cracks but if you’re in a close relationship with your senior management team, you can whether the storm more easily.
The right tone set from the top is critical to a successful vendor management program. And the benefits of a well run vendor management program are not limited simply to the examiner's request. There are true strategic benefit advantages to be gained from.
Again, I’m Kelly and thanks for watching. Don’t forget to subscribe to next week’s Third Party Thursday video.

Subscribe to our Third Party Thursday Newsletter
Receive weekly third-party risk management news, resources, and more to your inbox.
Ready to Get Started?
Schedule a personalized solution demonstration to see how Venminder can transform your vendor risk management processes.