Hi – I’m Gordon with Venminder.
In this 90-second video, you are going to learn 5 third party document collection best practices to help you run a successful third party risk management program.
At Venminder, we have literally collected thousands of documents on behalf of our clients, so we’ve seen and heard it all.
Okay, let’s get started.
1. Be organized and risk-based
Number One. Have firm guidelines and set standards based on the type of product or service your third party provides. And, make absolutely certain the level of due diligence adequately represents the risks associated with doing business with that third party.
2. Start before contract signing
Number two. If you’re seriously considering a third party, begin requesting due diligence as soon as possible. It can take time to get a response AND also to collect the correct documentation.
3. Actively engage lines of business
Number three. Engage the lines of business. Your first line of business is the front line. They will be interacting day to day with the third party. It will be helpful to you to have them engaged in the document collection process.
4. Document the efforts
Number four. If you are unable to obtain a document, make sure to still track each time you attempted to. The logs of your attempts could be needed to show a regulator or the board that you at least gave good effort.
5. Get creative
And finally, number five. Get creative when needed. If you can’t gather a document from a third party, consider alternatives like meeting with the third party in person or via WebEx to view the document.
Remember, while document collection can take a lot of time, without the right documents on file to review, you may not be able to meet your due diligence requirements.
See you next time.