The 6 Primary Categories of Vendor Risk
Vendor risk can come in many forms. You can't handle it all the same.
Different types of vendor risk require unique approaches. This podcast breaks down the 6 main categories of vendor risk to help you improve your organization's overall approach.
Hi – my name is John with Venminder.
In this 90-second podcast, you’re going to learn what the six primary categories of vendor risk are.
At Venminder, we have a team of industry experts who specialize in managing vendor risk and giving third party risk management program advice, in various industries, daily.
According to FDIC FIL 44-2008, the six primary categories of risk to be on the lookout for as you complete your vendor risk assessments include the following:
- First is strategic risk. Strategic risk arises from adverse business decisions that aren’t consistent with your organization’s goals. If the vendor doesn’t help your organization achieve corporate strategic goals and provide a return on investment (ROI) then you’re exposed to strategic risk.
- Second is reputational risk. Reputational risk occurs and is at its largest when there’s a lot of negative public opinion. If the vendor relationship is resulting in many customer complaints, negative press or security breaches, then reputational risk is present.
- Third is operational risk. Operational risk is present if a vendor has inadequate or failed internal processes or people and systems which results in a loss for your organization.
- The fourth risk is transaction risk. Transaction risk occurs if there are issues with the delivery of a product or service.
- Fifth is financial risk. You’re exposed to financial risk if the vendor is experiencing financial troubles such as a decline in year over year financial condition or is involved in pending litigation. This can all be signs of underlying problems.
- Finally, the sixth primary category of vendor risk to watch for is compliance risk. Compliance risk arises from violations of laws, rules or regulations or from noncompliance with internal policies, procedures or with your organization’s business standards.
There you have it – strategic, reputational, operational, transaction, financial and compliance. Many other risks can come into play such as country risk, interest rate risk or more; however, these are the six primary categories of risk to know. I hope you found this podcast insightful.
Thanks for tuning in; catch you next time!
Subscribe to our Third Party Thursday Newsletter
Receive weekly third-party risk management news, resources, and more to your inbox.