Welcome to today's Third Party Thursday! My name is Branan Cooper and I'm the Chief Risk Officer here at Venminder.
LIke any course, it's appropriate to study the source material - and there's lots of it out here. A few of our favorites are published on the regulators' websites.
- On the FDIC website at FDIC.gov, look for Financital Institution Letter (FIL) 44-2008 and 3-2012 - they are pretty much the foundational documents for third party risk management.
- On the OCC website at OCC.gov, look for Bulletin 2013-29, 2017-7 and 2017-21 - the guidance reinforces the need to keep your senior management team and your board informed on third party risk issues - it also introduces the concept of a lifecycle, rather than a static approach, to third party risk management.
- On the FFIEC website at FFIEC.gov, look for Appendix J and Appendix E - perhaps alphabetically incorrect, but in chronological order of recent updates. They are highly perscriptive in terms of what examiners expect.
Need more information? We're here to help. If you haven't already done so, please subscribe to our Third Party Thursday series. Again, I'm Branan and thank you for listening!