Preparing for the Outsourcing Challenge: Legal Due Diligence to Ensure a Winning Service Provider Relationship

Size: px
Start display at page:

Download "Preparing for the Outsourcing Challenge: Legal Due Diligence to Ensure a Winning Service Provider Relationship"

Transcription

1 THE 4 TH NATIONAL CONFERENCE ON OUTSOURCING IN FINANCIAL SERVICES NEGOTIATING, MANAGING & TERMINATING OUTSOURCING RELATIONSHIPS WHILE ENSURING REGULATORY COMPLIANCE Renaissance Mayflower, Washington, DC April 20-21, 2005 Preparing for the Outsourcing Challenge: Legal Due Diligence to Ensure a Winning Service Provider Relationship By Steven M. Kaplan, Esq. Kirkpatrick & Lockhart Nicholson Graham LLP 1800 Massachusetts Avenue Washington, DC (202) (202) fax M:\Cross Marketing\May 05\DC-# v1-MBG_Outsourcing_Speech_Outline.DOC

2 Preparing for the Outsourcing Challenge: Legal Due Diligence to Ensure a Winning Service Provider Relationship I. INTRODUCTION: PREPARING A DUE DILIGENCE GAME PLAN A. Defining the Goals and Risks B. Assembling the Team C. Choosing a Law Firm or Deciding to Not Use a Law Firm II. RISK MANAGEMENT: DEFINING THE RISKS The broader context for due diligence is risk management: Pre-contractual due diligence is an essential component of effective risk management in outsourcing services. The FFIEC defines risk management as: The Process of identifying, measuring, monitoring and making risk. 1 The FFIEC s recently issued Outsourcing Handbook divides risk management in four interrelated areas: Risk assessment and the definition of outsourcing requirements; RFPs and due diligence on prospective service providers; Negotiation and implementation of the outsourcing contract; and Monitoring the outsourcing relationship. 1 THE FEDERAL FINANCIAL INSTITUTIONS EXAMINATION COUNCIL (the FFIEC ) Information Technology ( IT ) Examination Handbook on Outsourcing Technology Services (the OTS Handbook ). The FFIEC issued the Outsourcing Technology Services IT Examination Handbook in June It is available online at see also, e.g., FEDERAL DEPOSIT INSURANCE CORPORATION, Offshore Outsourcing of Data Services by Insured Institutions and Associated Privacy Risks (June 10, 2004); OFFICE OF THE COMPTROLLER OF THE CURRENCY, OCC : Bank Use of Foreign- Based Third Party Service Providers (May 15, 2002); OFFICE OF THE COMPTROLLER OF THE CURRENCY, OCC : Third Party Relationships (Nov. 1, 2001)

3 A. First Steps: Risk Assessment and Requirements Definition The FFIEC emphasizes that outsourcing can contribute to operational risks. These risks can range from a service provider s errors or fraud in processing mortgage loan applications or payments through the service provider s substandard maintenance of computer systems and consequent hacking and theft of customer information. 2 The Outsourcing Handbook identifies four risks associated with operational risks that form the backdrop against which management should determine whether the institution should outsource and, if so, its specifications for the outsourced services: Reputational risks: problems with outsourced technology could come to public attention and thereby harm the financial institution s reputation e.g., a service provider s failure to get a back-up system up and running and the institution s resulting failure to maintain business continuity; Strategic risks: outsourcing could impair the institution s ability to make good strategic decisions e.g., a service provider provides inaccurate information that leads management to make a bad decision as to the loan customers that the institution targets or the financial products that it promotes; Compliance risks: the potential consequences to the institution if a service provider fails to comply with applicable regulatory and other legal requirements e.g., a service provider makes inaccurate or late consumer compliance disclosures or uses customers confidential information in an unauthorized way; and Interest rate, liquidity, and market risks: a service provider could fail to provide information, or could provide inaccurate information, that leads to interest rate errors, impaired liquidity, or bad investment decisions. Scope: The FFIEC s Broad Definition of Outsourcing Outsourcing is the practice of contracting with another entity to perform services that might otherwise be conducted in-house. (2) Contracting with third parties to perform activities, duties, or functions. 2 The Outsourcing Handbook notes that the IT Handbook s Supervision of Technology Service Providers (service provider) Booklet, available online at provider/tech_ser_provider.pdf, provides an analysis of operational risks associated IT generally

4 Outsourcing can span origination, processing and settlement services, information processing, loan processing, security monitoring and testing, development and maintenance of computer systems, network and help desk operations, servicing, debt collection, telemarketing and call centers. It is the key that institutions IT staff and lawyers bear in mind the Outsourcing Handbook s guidelines when selecting and negotiating contracts with service providers to perform any IT functions that could be performed internally, as well as any other significant services. Board and Senior Management Responsibilities The Outsourcing Handbook emphasizes that the board of directors and senior management of a financial institution must bear ultimate responsibility for determining whether to enter into outsourcing transactions and for overseeing the outsourcing relationships that the financial institution establishes. The directors and officers of a financial institution should determine, as a matter of institutionwide management, whether, and to what extent, the institution s internal functions can and should be outsourced. The FFIEC directs a financial institution s board and management to base their conclusions on risks that outsourcing presents for the institution and whether the outsourcing is appropriate in light of the institution s size and complexity. The FFIEC further directs the board and management to adopt and execute policies to ensure consistency in the institution s outsourcing decisions, management, and oversight. B. Next Step: Selecting the Service Provider The Outsourcing Handbook next specifies the following steps for institutions to follow in selecting a service provider: 1. The Request for Proposal: First, should the RFP process be limited to the service provider? Should it also include selecting due diligence team (law firms, consultants, etc.)? An institution s IT and other staff members involved in outsourcing may be as unaccustomed to issuing RFPs as they are to creating a formal requirements document. The FFIEC prescribes the RFP process in the Outsourcing Handbook, however, and an examiner consequently may wish to review an institution s RFPs, especially those for significant outsourcing transactions. If the IT staff and other outsourcing stakeholders have prepared the detailed requirements document described above, compiling the RFP should be relatively - 4 -

5 straightforward. The issues to be addressed in the RFP mirror those covered in that document. Noting that the level of detail in RFPs may vary (presumably according to the complexity and criticality of the functions to be outsourced), the Outsourcing Handbook states that an RFP should address the following: Objectives Scope and nature of outsourced functions Service levels Delivery timelines Technology and services metrics Controls Security Policies Business continuity Change of control 2. Due Diligence: The FFIEC stresses that the institution should perform due diligence on both the service provider and the service provider s response to the RFP. The FFIEC acknowledges, however, that the extent and formality of due diligence may vary according to the risks that the proposed outsourcing transaction poses, familiarity with the prospective service provider, and the stage that the institution has reached in the selection process. The Outsourcing Handbook states that the institution should, in the course of due diligence, accomplish the following: Ensure that the service provider is a validly existing entity, and check its corporate history. Check the qualifications of the service provider and its principals. Perform criminal background checks in sensitive outsourcing cases. Check references and otherwise investigate the service provider s reputation. Investigate the service provider s finances. Review audited financial statements. Investigate the service provider s ability to deliver on its commitments and overall effectiveness. Investigate the service provider s system of internal quality and other controls, its security history, and the extent to which it is audited, financially and otherwise

6 Check the service provider s compliance history and the extent, if any, to which it has been subject to complaints, litigation, and regulatory actions. Pursue the service provider s reliance on third party service providers. Check into the service provider s insurance coverage. Investigate the service provider s disaster recovery and business continuity plans. Consider intangibles, such as the service provider s culture and business style and the service provider s consequent fit with the institution. Consider other unique issues such as rating agency requirements. C. Information Security and Safeguarding The FFIEC also emphasizes that an institution should perform due diligence on a prospective service provider s ability to maintain the security of the institution s data and should filter the sensitive information that the institution provides to a service provider. D. Foreign Service Providers Compliance Risks: Outsourcing to a foreign service provider increases risks monitoring compliance with U.S. laws and regulations. Outsourcing to a foreign service provider also places additional compliance obligations, including export control obligations and obligations to comply with sanctions and embargos implemented by the U.S. Treasury Office of Foreign Assets Control, on the institution. Due Diligence: An institution must perform due diligence on the extent to which the foreign location of the service provider will add to outsourcing risks, in addition to performing the due diligence that the Outsourcing Handbook specifies for non-foreign service providers. Regulatory Access to Information: An institution must ensure that U.S. regulatory institutions have the ability to assess the services performed by the foreign service provider and that it keeps at a U.S. location English language documentation that the institution and the foreign service provider are meeting their U.S. regulatory obligations

7 III. DUE DILIGENCE STRATEGY The due diligence process will depend on the nature of the service. The process will be more or less comprehensive depending on the complexity of the service. Perform on-site due diligence whenever possible. If the service provider is a foreign corporation, more on-site time may be necessary. Permit sufficient on-site time to ensure that representations regarding the service provider s compliance operations are accurate. It is beneficial to: Engage an international law firm in that country with attorneys who can spend significant time assessing the service provider or do so over the course of a few months; AND/OR Engage local counsel to assess the service provider s compliance with the laws of the service provider s jurisdiction, and who also has knowledge of the jurisdiction s legal environment (such as an awareness of which laws are actually enforced). A. Overall Compliance Capability: Does the management demonstrate a commitment to regulatory/legal compliance? What is their background and experience? Has the service provider demonstrated a capacity to comply with applicable law in providing similar services for other entities? Is the service provider familiar with the legal/regulatory compliance issues of the outsourcing company? For example Federal Regulations Engage local counsel to assess the service provider s compliance with the laws of the service provider s jurisdiction, and who also has knowledge of the jurisdiction s legal environment (such as an awareness of which laws are actually enforced)

8 Is the service provider capable of complying with all federal requirements that apply to the outsourcing company? Depending on the type of service provider (e.g., loan processor, loan servicer, debt collector, telemarketer, call center, etc.) is the provider capable of complying with requirements unique to that service provider e.g. RESPA, TILA, ECOA, HMDA, FCRA, Fair Housing, Flood, HOEPA, GLBA/information security, FDCPA, TCPA, to name a few). State Regulations Does the service provider understand and is the service provider capable of complying with all state requirements that apply to the service provider and the outsourcing company, where necessary? Does the service provider understand and is the service provider capable of complying with all state requirements that apply to the service provider and the outsourcing company, where necessary? Is the service provider s process of updating state requirements adequate? B. Current Compliance Status: Is the service provider in compliance with all applicable laws, including any licensing requirements and regulatory approvals, as well as federal, state, and local laws and regulations

9 C. Compliance Procedures: Does the service provider have a compliance or legal/compliance department? What are the experience and skill levels of the key legal/compliance personnel? How long have they worked for the service provider? Does the service provider conduct regular compliance audits/reviews? Do available compliance reviews reveal any patterns of legal/regulatory noncompliance or internal procedures irregularities that could lead to noncompliance? Does the service provider have written policies and procedures that accurately and adequately address applicable legal/regulatory requirements? How does the service provider track employee/system adherence to policies and procedures? Does the service provider provide employees with compliance training? What are the experience and skill levels of employees who will perform functions with sensitive legal/regulatory implications? What are their retention rates? D. Customer Complaints/Customer Satisfaction Surveys: Does the service provider use customer satisfaction surveys? Does the service provider have a customer complaints process in place? How (and how quickly) does the service provider address customer complaints? Do available customer complaints and surveys reveal any patterns of legal/regulatory noncompliance or internal procedures irregularities that could lead to noncompliance? E. Regulatory Audits: Has the service provider been subject to regulatory audits/examinations? What legal/regulatory issues were revealed by those examinations? - 9 -

10 How has the service provider dealt with those issues? Are any of those issues recurring? Are the service provider s management and legal/compliance teams experienced in communicating with regulators? Have they demonstrated a willingness and capacity to cooperate with regulators? F. Litigation/Administrative Actions: Is any material litigation or administrative action pending against the service provider that involves the types of services that the outsourcing company needs? Will an adverse outcome have a material impact on the service provider s ability to perform services? Does pending litigation or administrative action indicate a pattern of noncompliance in a particular area of operations critical to delivery of services to the outsourcing company? G. Legal Compliance Technology: Is the service provider s compliance-related hardware and software (if any) state-of-the-art? Does the service provider have a compliance technology maintenance program? What changes may need to be made to the service provider s compliance technology to integrate special legal compliance issues of the outsourcing company? Is the service provider s compliance technology capable of integrating those changes? Does the software have sufficient flexibility to do so? Is it easy to make changes/customize the compliance software to the outsourcing company s needs? Can the system be updated easily? Does the service provider s compliance technology have sufficient capacity to support an increased load from the outsourcing company?

11 Is system documentation comprehensive and clear? Does the system produce a wide range of customizable compliance reports? Do compliance and other technology systems of the service provider and any subcontractors interface easily and appropriately? H. Privacy/Information Security: Is the service provider capable of ensuring that its employees will not have unauthorized access to the outsourcing company s customer data, or other confidential data regarding the institution? 3 I. Subcontractors: If relevant, what is the service provider s process for conducting due diligence of subcontractors, support vendors, and other third parties that may be involved in performing services for the outsourcing company? J. Record Retention/Access: What records must the service provider maintain? For how long? Is the service provider capable of doing so? Will the outsourcing company have easy access to service provider records and other compliance-related documents for compliance monitoring and audits? K. Effect on Relationship with Primary Regulator IV. CASE STUDIES: HOW NOT TO CONDUCT DUE DILIGENCE THIS OUTLINE IS FOR INFORMATIONAL PURPOSES AND DOES NOT CONTAIN OR CONVEY LEGAL ADVICE. THE INFORMATION HEREIN SHOULD NOT BE USED OR RELIED UPON IN REGARD TO ANY PARTICULAR FACTS OR CIRCUMSTANCES WITHOUT FIRST CONSULTING A LAWYER. 3 See, e.g., FFIEC, Interagency Guidance on Response Programs: Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice, FIL (April 1, 2005)

Any business relationship between a bank and another entity, by contract or otherwise

Any business relationship between a bank and another entity, by contract or otherwise An Overview for Bank Directors Managing the Third Party Relationship Patrick Neuman Boardman & Clark LLP Madison, Wisconsin Any business relationship between a bank and another entity, by contract or otherwise

More information

Vendor Management. Outsourcing Technology Services

Vendor Management. Outsourcing Technology Services Vendor Management Outsourcing Technology Services Objectives Board and Senior Management Responsibilities Risk Management Program Risk Assessment Service Provider Selection Contracts Ongoing Monitoring

More information

Statement of the Office of the Comptroller of the Currency. Provided to the Subcommittee on Financial Institutions and Consumer Protection

Statement of the Office of the Comptroller of the Currency. Provided to the Subcommittee on Financial Institutions and Consumer Protection Statement of the Office of the Comptroller of the Currency Provided to the Subcommittee on Financial Institutions and Consumer Protection Senate Committee on Banking, Housing, and Urban Affairs Shining

More information

GUIDANCE FOR MANAGING THIRD-PARTY RISK

GUIDANCE FOR MANAGING THIRD-PARTY RISK GUIDANCE FOR MANAGING THIRD-PARTY RISK Introduction An institution s board of directors and senior management are ultimately responsible for managing activities conducted through third-party relationships,

More information

2015 REGULATORY CHALLENGES FOR FINANCIAL INSTITUTIONS E L L IOT T DAVIS D E COSIMO R I S K MANAG E MENT

2015 REGULATORY CHALLENGES FOR FINANCIAL INSTITUTIONS E L L IOT T DAVIS D E COSIMO R I S K MANAG E MENT 2015 REGULATORY CHALLENGES FOR FINANCIAL INSTITUTIONS E L L IOT T DAVIS D E COSIMO R I S K MANAG E MENT CONFERENCE COLUMBIA, SOUTH CAROLINA INTRODUCTIONS: DOWSE B. ("BRAD") RUSTIN IV is a partner with

More information

Vendor Management Compliance Top 10 Things Regulators Expect

Vendor Management Compliance Top 10 Things Regulators Expect Vendor Management Compliance Top 10 Things Regulators Expect Paul M. Phillips, CFA Attorney, Adams and Reese Pamela T. Rodriguez, AAP, CIA, CISA EVP, Risk Management & Education, EastPay 2014 EastPay.

More information

OCC 98-3 OCC BULLETIN

OCC 98-3 OCC BULLETIN To: Chief Executive Officers and Chief Information Officers of all National Banks, General Managers of Federal Branches and Agencies, Deputy Comptrollers, Department and Division Heads, and Examining Personnel

More information

Outsourcing Technology Services A Management Decision

Outsourcing Technology Services A Management Decision Outsourcing Technology Services A Management Decision A Telephone Seminar for National Banks Tuesday, July 20, 2004 And again on Wednesday, July 21, 2004 Agenda Outsourcing activities and relationships

More information

White Paper on Financial Institution Vendor Management

White Paper on Financial Institution Vendor Management White Paper on Financial Institution Vendor Management Virtually every organization in the modern economy relies to some extent on third-party vendors that facilitate business operations in a wide variety

More information

To: Our Clients and Friends March 25, 2014

To: Our Clients and Friends March 25, 2014 Financial Services Group To: Our Clients and Friends March 25, 2014 A Significant Change Is Occurring Regarding Regulatory Oversight of Banks and Their Third Party Relationships. Both Banks and their Vendors

More information

TO: Chief Executive Officers of National Banks, Federal Branches and Data-Processing Centers, Department and Division Heads, and Examining Personnel

TO: Chief Executive Officers of National Banks, Federal Branches and Data-Processing Centers, Department and Division Heads, and Examining Personnel AL 2000 12 O OCC ADVISORY LETTER Comptroller of the Currency Administrator of National Banks Subject: Risk Management of Outsourcing Technology Services TO: Chief Executive Officers of National Banks,

More information

Navigating Vendor Management Issues in Today s Regulatory Environment

Navigating Vendor Management Issues in Today s Regulatory Environment Navigating Vendor Management Issues in Today s Regulatory Environment May 6, 2015 Elizabeth E. McGinn, Partner Moorari K. Shah, Counsel 1 Disclaimer The information contained herein is for informational

More information

Privacy Impact Assessment of the CHAT Suite of Analysis Tools

Privacy Impact Assessment of the CHAT Suite of Analysis Tools Program or application name. Privacy Impact Assessment of the CHAT Suite of Analysis Tools Community Reinvestment Act (CRA) /Home Mortgage Disclosure Act Analysis (HMDA) Tool (CHAT) Suite of Analysis Tools

More information

Mortgage Banking. Solutions in Compliance, Transactions, and Defense. Attorney Advertising

Mortgage Banking. Solutions in Compliance, Transactions, and Defense. Attorney Advertising Mortgage Banking Solutions in Compliance, Transactions, and Defense Attorney Advertising The mortgage banking industry is changing rapidly. We offer broad regulatory experience, formidable skill in litigation,

More information

VII 4.1. VII. Unfair and Deceptive Practices Third Party Risk. Third Party Risk. Introduction. Background

VII 4.1. VII. Unfair and Deceptive Practices Third Party Risk. Third Party Risk. Introduction. Background Third Party Risk Introduction The board of directors and senior management of an insured depository institution (institution) are ultimately responsible for managing activities conducted through third-party

More information

9/13/2013. 20/20 Vision for Vendor Management & Oversight. Disclaimer. Bank Service Company Act - FIL-49-99

9/13/2013. 20/20 Vision for Vendor Management & Oversight. Disclaimer. Bank Service Company Act - FIL-49-99 20/20 Vision for Vendor Management & Oversight 2013 WBA Technology Conference September 17, 2013 Ken M. Shaurette, CISSP, CISA, CISM, CRISC, IAM Director IT Services Disclaimer The views set forth are

More information

VENDOR RISK MANAGEMENT UPDATE- ARE YOU AT RISK? Larry L. Llirán, CISA, CISM December 10, 2015 ISACA Puerto Rico Symposium

VENDOR RISK MANAGEMENT UPDATE- ARE YOU AT RISK? Larry L. Llirán, CISA, CISM December 10, 2015 ISACA Puerto Rico Symposium 1 VENDOR RISK MANAGEMENT UPDATE- ARE YOU AT RISK? Larry L. Llirán, CISA, CISM December 10, 2015 ISACA Puerto Rico Symposium 2 Agenda Introduction Vendor Management what is? Available Guidance Vendor Management

More information

Risk Management of Outsourced Technology Services. November 28, 2000

Risk Management of Outsourced Technology Services. November 28, 2000 Risk Management of Outsourced Technology Services November 28, 2000 Purpose and Background This statement focuses on the risk management process of identifying, measuring, monitoring, and controlling the

More information

Assessment and Compliance with Federal Financial Institutions Examination Council (FFIEC) Requirements

Assessment and Compliance with Federal Financial Institutions Examination Council (FFIEC) Requirements isl Assessment and Compliance with Federal Financial Institutions Examination Council (FFIEC) Requirements DataGuardZ White Paper Forti5 BNP Paribas [Pick the date] What is the history behind FFIEC compliance?

More information

30-SECOND SUMMARY The Federal Reserve and the Office of the Comptroller of the Currency (OCC)

30-SECOND SUMMARY The Federal Reserve and the Office of the Comptroller of the Currency (OCC) 30-SECOND SUMMARY The Federal Reserve and the Office of the Comptroller of the Currency (OCC) have issued extensive new guidance to financial institutions about the use of third parties to perform functions

More information

Outsourced Third Party Relationship Management/ Vendor Management. TTS Webinar July 15, 2015 Susan Orr CISA, CISM, CRISC, CRP

Outsourced Third Party Relationship Management/ Vendor Management. TTS Webinar July 15, 2015 Susan Orr CISA, CISM, CRISC, CRP Outsourced Third Party Relationship Management/ Vendor Management TTS Webinar July 15, 2015 Susan Orr CISA, CISM, CRISC, CRP 1 Risk Management Guidance 2 3 Appendix J: 4 - Key Elements Third Party Management

More information

Outsourcing Technology Services OT

Outsourcing Technology Services OT Federal Financial Institutions Examination Council FFIEC Outsourcing Technology Services OT JUNE 2004 IT EXAMINATION H ANDBOOK TABLE OF CONTENTS INTRODUCTION... 1 BOARD AND MANAGEMENT RESPONSIBILITIES...

More information

Vendor Management Compliance Top 10 Things Regulators Expect

Vendor Management Compliance Top 10 Things Regulators Expect Vendor Management Compliance Top 10 Things Regulators Expect Peter Davey, AAP VP & Director, Enterprise Payments, CapitalOne Pamela T. Rodriguez, AAP, CIA, CISA EVP, Risk Management & Education, EastPay

More information

SUPERVISORY AND REGULATORY GUIDELINES: PU48-0809 GUIDELINES ON MINIMUM STANDARDS FOR THE OUTSOURCING OF MATERIAL FUNCTIONS

SUPERVISORY AND REGULATORY GUIDELINES: PU48-0809 GUIDELINES ON MINIMUM STANDARDS FOR THE OUTSOURCING OF MATERIAL FUNCTIONS SUPERVISORY AND REGULATORY GUIDELINES: PU48-0809 ISSUED: 4 th May 2004 REVISED: 27 th August 2009 GUIDELINES ON MINIMUM STANDARDS FOR THE OUTSOURCING OF MATERIAL FUNCTIONS I. INTRODUCTION The Central Bank

More information

retained in a form that accurately reflects the information in the contract or other record,

retained in a form that accurately reflects the information in the contract or other record, AL 2004 9 O OCC ADVISORY LETTER Comptroller of the Currency Administrator of National Banks Subject: Electronic Record Keeping TO: Chief Executive Officers of All National Banks, Federal Branches and Agencies,

More information

Vendor Management: An Enterprise-wide Focus. Susan Orr, CISA CISM CRISC CRP Susan Orr Consulting, Ltd.

Vendor Management: An Enterprise-wide Focus. Susan Orr, CISA CISM CRISC CRP Susan Orr Consulting, Ltd. Vendor Management: An Enterprise-wide Focus Susan Orr, CISA CISM CRISC CRP Susan Orr Consulting, Ltd. Why Focus on Vendor Management Increased financial regulatory scrutiny GLBA and Identity Theft Red

More information

1. Entities and Accounts Covered by the New Rules. 1.1. Covered Entities

1. Entities and Accounts Covered by the New Rules. 1.1. Covered Entities CLIENT MEMORANDUM RED FLAG IDENTITY THEFT RULES MAY HAVE YOU SEEING RED: FTC EXTENDS COMPLIANCE DEADLINE BECAUSE MANY COMPANIES DID NOT KNOW THAT THESE RULES APPLY TO THEM When companies outside the financial

More information

Reverse Due Diligence A New Trend In Financial M&A

Reverse Due Diligence A New Trend In Financial M&A Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com Reverse Due Diligence A New Trend In Financial M&A

More information

Table of Contents... 1. Chapter 1 Introduction... 5. 1.1 Goals & Objectives... 5 1.2 Required Review... 5 1.3 Applicability...

Table of Contents... 1. Chapter 1 Introduction... 5. 1.1 Goals & Objectives... 5 1.2 Required Review... 5 1.3 Applicability... ... 1 Chapter 1 Introduction... 5 1.1 Goals & Objectives... 5 1.2 Required Review... 5 1.3 Applicability... 5 Chapter 2 Company Culture... 6 Chapter 3 Risk Management Governance... 7 3.1 Board of Directors...

More information

Vendor Risk Management in the New Regulatory Environment. kpmg.com

Vendor Risk Management in the New Regulatory Environment. kpmg.com Vendor Risk Management in the New Regulatory Environment kpmg.com Vendor Risk Management in the New Regulatory Environment 2 Vendor Risk Management in the New Regulatory Environment Background Regulators

More information

IDENTITY THEFT RED FLAGS, ADDRESS DISCREPANCIES, AND CHANGE OF ADDRESS REGULATIONS Examination Procedures

IDENTITY THEFT RED FLAGS, ADDRESS DISCREPANCIES, AND CHANGE OF ADDRESS REGULATIONS Examination Procedures Federal Deposit Insurance Corporation 550 17th Street NW, Washington, D.C. 20429-9990 Financial Institution Letter FIL-105-2008 October 16, 2008 IDENTITY THEFT RED FLAGS, ADDRESS DISCREPANCIES, AND CHANGE

More information

<[Z[hWb <_dwdy_wb?dij_jkj_edi ;nwc_dwj_ed 9ekdY_b

<[Z[hWb <_dwdy_wb?dij_jkj_edi ;nwc_dwj_ed 9ekdY_b FFIEC Table of Contents Introduction 1 Board and Management Responsibilities 2 Risk Management 3 Risk Assessment and Requirements 4 Quantity of Risk Considerations 5 Requirements Definition 6 Service Provider

More information

Risk Management of Remote Deposit Capture

Risk Management of Remote Deposit Capture Federal Financial Institutions Examination Council 3501 FAIRFAX DRIVE ROOM 3086 ARLINGTON, VA 22226-3550 (703) 516-5487 http://www.ffiec.gov Background and Purpose Risk Management of Remote Deposit Capture

More information

FinTech Webinar Series: Vendor Management Principles

FinTech Webinar Series: Vendor Management Principles FinTech Webinar Series: Vendor Management Principles Evolving Best Practices of Bank Service Providers February 14, 2013 Speakers Russell Bruemmer Partner Eric Mogilnicki Partner Jeffrey Hydrick Special

More information

Supporting Effective Compliance Programs

Supporting Effective Compliance Programs October 2015 Supporting Effective Compliance Programs The Oversight Roles of the Board Audit and Risk Committees in Regulatory Compliance By Paul Osborne, CPA, CAMS, AMLP, and Peggy Sepp, CIA To be effective,

More information

What You Need to Know About the CFPB and Why You Should Care

What You Need to Know About the CFPB and Why You Should Care What You Need to Know About the CFPB and Why You Should Care Thomas A. Brooks Jane C. Luxton Joann Needleman (202) 552-2356 (202) 572-8674 (215) 640-8536 tbrooks@ jluxton@ jneedleman@ Leaders of the Consumer

More information

Who s Your Vendor? Secondary Market Compliance and Title Agent Vendor Management

Who s Your Vendor? Secondary Market Compliance and Title Agent Vendor Management Who s Your Vendor? Secondary Market Compliance and Title Agent Vendor Management 2015 LBA Bank Counsel Conference Marx Sterbcow, Managing Attorney, Sterbcow Law Group The Bureau s Scrutiny of Vendor Management

More information

PRINCIPLES ON OUTSOURCING OF FINANCIAL SERVICES FOR MARKET INTERMEDIARIES

PRINCIPLES ON OUTSOURCING OF FINANCIAL SERVICES FOR MARKET INTERMEDIARIES PRINCIPLES ON OUTSOURCING OF FINANCIAL SERVICES FOR MARKET INTERMEDIARIES TECHNICAL COMMITTEE OF THE INTERNATIONAL ORGANIZATION OF SECURITIES COMMISSIONS FEBRUARY 2005 Preamble The IOSCO Technical Committee

More information

VII 5.1. VII. Abusive Practices Third Party Procedures. Third Party Risk. Introduction. Background

VII 5.1. VII. Abusive Practices Third Party Procedures. Third Party Risk. Introduction. Background Third Party Risk Introduction The board of directors and senior management of an insured depository institution (institution) are ultimately responsible for managing activities conducted through third-party

More information

New CFPB mortgage servicing rules present significant challenges for mortgage servicers

New CFPB mortgage servicing rules present significant challenges for mortgage servicers New CFPB mortgage servicing rules present significant challenges for mortgage servicers Prepared by: Jose Vivar, Director, McGladrey LLP 312-634-4394, jose.vivar@mcgladrey.com Michael Sher, Partner, McGladrey

More information

GUIDELINES FOR THE MANAGEMENT OF OPERATIONAL RISK FOR CREDIT UNIONS

GUIDELINES FOR THE MANAGEMENT OF OPERATIONAL RISK FOR CREDIT UNIONS SUPERVISORY AND REGULATORY GUIDELINES Guidelines Issued: 22 December 2015 GUIDELINES FOR THE MANAGEMENT OF OPERATIONAL RISK FOR CREDIT UNIONS 1. INTRODUCTION 1.1 The Central Bank of The Bahamas ( the Central

More information

WHITE PAPER. Steps to select the right Outsourcing Vendor

WHITE PAPER. Steps to select the right Outsourcing Vendor WHITE PAPER Steps to select the right Outsourcing Vendor INTRODUCTION The process of selecting an outsourcing vendor implies a complex multistage process to evaluate not only what the provider can do,

More information

Morgan Stanley. Policy for the Management of Third Party Residential Mortgage Servicing Providers

Morgan Stanley. Policy for the Management of Third Party Residential Mortgage Servicing Providers Morgan Stanley Policy for the Management of Third Party Residential Mortgage Servicing Providers Title Policy for the Management of Third Party Residential Mortgage Servicing Providers Effective Date Owner

More information

Company Name Vendor Management Policy and Procedure. Table of Contents

Company Name Vendor Management Policy and Procedure. Table of Contents Policy and Procedure Table of Contents Table of Contents... i Introduction... 1 Risks of Using Vendors... 1 Vendor Due Diligence... 2 Monitoring... 2 Section 1 Personnel... 1 Section 2 - Outside Vendors

More information

Guidelines for Financial Institutions Outsourcing of Business Activities, Functions, and Processes Date: July 2004

Guidelines for Financial Institutions Outsourcing of Business Activities, Functions, and Processes Date: July 2004 Guidelines for Financial Institutions Outsourcing of Business Activities, Functions, and Processes Date: July 2004 1. INTRODUCTION Financial institutions outsource business activities, functions and processes

More information

Office of Inspector General

Office of Inspector General Audit Report OIG-14-034 Not Sufficiently Documented April 21, 2014 Office of Inspector General Department of the Treasury Contents Audit Report Background... 2 Results of Audit... 4 OCC Has Updated Guidance

More information

Credit Union Liability with Third-Party Processors

Credit Union Liability with Third-Party Processors World Council of Credit Unions Annual Conference Credit Union Liability with Third-Party Processors Andrew (Andy) Poprawa CEO, Deposit Insurance Corporation of Ontario Canada 1 Credit Union Liability with

More information

MISSION VALUES. The guide has been printed by:

MISSION VALUES. The guide has been printed by: www.cudgc.sk.ca MISSION We instill public confidence in Saskatchewan credit unions by guaranteeing deposits. As the primary prudential and solvency regulator, we promote responsible governance by credit

More information

CFPB Update: Regulatory and Enforcement Developments

CFPB Update: Regulatory and Enforcement Developments CFPB Update: Regulatory and Enforcement Developments December 16, 2014, 12:30 1:30 pm ET American Law Institute Webinar Jonathan L. Pompan Alexandra Megaris 1 Agenda Supervision and Examinations What is

More information

Goldman Sachs Residential Mortgage Servicing Vendor Management Policy Addendum U.S.-Based Program

Goldman Sachs Residential Mortgage Servicing Vendor Management Policy Addendum U.S.-Based Program Goldman Sachs Residential Mortgage Servicing Vendor Management Policy Addendum U.S.-Based Program Effective Date: January 27, 2014 Vendor Management Policy Addendum TABLE OF CONTENTS 1. INTRODUCTION...

More information

Putting the Management Back in Vendor Management February 20, 2014

Putting the Management Back in Vendor Management February 20, 2014 Putting the Management Back in Vendor Management February 20, 2014 Moderator: Brian O Reilly The Collingwood Group, LLC Panelists: Calvin Hagins, CFPB Ken Markison, MBA Jonathan McKernan, Wilmer Hale Dan

More information

Minimizing Legal and Compliance Risk for Credit Furnishers

Minimizing Legal and Compliance Risk for Credit Furnishers Minimizing Legal and Compliance Risk for Credit Furnishers Wednesday, November 18, 2015 2:00 p.m. 3:00 p.m. EST Webinar Speakers Jonathan L. Pompan, Esq., Partner and Co-Chair Consumer Financial Protection

More information

CFPB Examination Resource Guide

CFPB Examination Resource Guide MBA Compliance Essentials CFPB Examination Resource Guide September 29, 2014 Presented by Don Lampe*, Partner, Morrison & Foerster, LLP Washington, DC dlampe@mofo.com (202) 887-1524 *Not admitted in DC;

More information

Washington Update. Payments News from our Nation s Capital. October 2014. Contents. CFPB Finalizes Two Rules Related to International Money Transfers

Washington Update. Payments News from our Nation s Capital. October 2014. Contents. CFPB Finalizes Two Rules Related to International Money Transfers Washington Update Payments News from our Nation s Capital October 2014 Contents CFPB Finalizes Two Rules Related to International Money Transfers $25 per Issue $200 Annual Subscription Authors: Craig Saperstein

More information

Adverse Action Guide for Employers

Adverse Action Guide for Employers The right employment screening partner This information presented here is not legal advice and is presented for general education purposes ONLY. BackTrack recommends that you consult with legal counsel

More information

Vendor Management Best Practices

Vendor Management Best Practices 23 rd Annual and One Day Seminar Vendor Management Best Practices Catherine Bruder CPA, CITP, CISA, CISM, CTGA Michigan Texas Florida Insight. Oversight. Foresight. SM Doeren Mayhew Bruder 1 $100 billion

More information

Outsourcing in the Financial Services Industry: Finding Opportunities and Managing Risk. New York. OCC and FRB Guidance on Managing Third-Party Risk

Outsourcing in the Financial Services Industry: Finding Opportunities and Managing Risk. New York. OCC and FRB Guidance on Managing Third-Party Risk March 24, 2014 If you have any questions regarding the matters discussed in this memorandum, please contact the following attorneys or your regular Skadden contact. Stuart D. Levi New York / 212.735.2750

More information

Navigating Consumer Financial Protection Bureau ( CFPB ) Investigations and Enforcement Actions

Navigating Consumer Financial Protection Bureau ( CFPB ) Investigations and Enforcement Actions Navigating Consumer Financial Protection Bureau ( CFPB ) Investigations and Enforcement Actions Section of Antitrust Law 2013 Spring Meeting Wednesday, April 10, 2013 Jonathan L. Pompan Partner, Co-Chair

More information

Identifying Key Risk Indicator

Identifying Key Risk Indicator PUERTO RICO PAYMENTS SYMPOSIUM Identifying Key Risk Indicator EPOCPR Services Agenda for Today Background History Regulators & Risk Management Let s have fun Regulators & Risk Assessment ACH Risks Categories

More information

FDIC Updates Guidance on Payment Processor Relationships

FDIC Updates Guidance on Payment Processor Relationships February 2012 FDIC Updates Guidance on Payment Processor Relationships BY KEVIN L. PETRASIC In its recently issued Financial Institution Letter, FIL-3-2012, the Federal Deposit Insurance Corporation (

More information

Frequently Asked Questions: Identity Theft Red Flags and Address Discrepancies

Frequently Asked Questions: Identity Theft Red Flags and Address Discrepancies Frequently Asked Questions: Identity Theft Red Flags and Address Discrepancies The staff of the Board of Governors of the Federal Reserve System (FRB), Federal Deposit Insurance Corporation (FDIC), National

More information

Remarks by Thomas J. Curry Comptroller of the Currency Before the New England Council Boston, Massachusetts May 16, 2014

Remarks by Thomas J. Curry Comptroller of the Currency Before the New England Council Boston, Massachusetts May 16, 2014 Remarks by Thomas J. Curry Comptroller of the Currency Before the New England Council Boston, Massachusetts May 16, 2014 It s a pleasure to be with you back home in Boston. I was here just six weeks ago

More information

Statement of Guidance: Outsourcing All Regulated Entities

Statement of Guidance: Outsourcing All Regulated Entities Statement of Guidance: Outsourcing All Regulated Entities 1. STATEMENT OF OBJECTIVES 1.1. 1.2. 1.3. 1.4. This Statement of Guidance ( Guidance ) is intended to provide guidance to regulated entities on

More information

Third Party Relationships

Third Party Relationships 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 A B D INTRODUCTION AND PURPOSE Background Yes/No Comments 1. Does the credit union maintain a list of the third party

More information

Information Technology Risk

Information Technology Risk Information Technology Risk Joint World Bank/Federal Reserve System Seminar for Senior Bank Supervisors from Emerging Economies Adrienne Haden & Mike Wallas Board of Governors of the Federal Reserve System

More information

UNITED STATES OF AMERICA DEPARTMENT OF THE TREASURY OFFICE OF THE COMPTROLLER OF THE CURRENCY ) ) ) ) ) ) ) ) ) ) ) ) STIPULATION AND CONSENT ORDER

UNITED STATES OF AMERICA DEPARTMENT OF THE TREASURY OFFICE OF THE COMPTROLLER OF THE CURRENCY ) ) ) ) ) ) ) ) ) ) ) ) STIPULATION AND CONSENT ORDER UNITED STATES OF AMERICA DEPARTMENT OF THE TREASURY OFFICE OF THE COMPTROLLER OF THE CURRENCY #2005-12 In the Matter of: Chicago Title Insurance Company Settlement Agent for: Whitney National Bank New

More information

FEDERAL HOUSING FINANCE AGENCY ADVISORY BULLETIN AB 2014-07 OVERSIGHT OF SINGLE-FAMILY SELLER/SERVICER RELATIONSHIPS. Purpose

FEDERAL HOUSING FINANCE AGENCY ADVISORY BULLETIN AB 2014-07 OVERSIGHT OF SINGLE-FAMILY SELLER/SERVICER RELATIONSHIPS. Purpose FEDERAL HOUSING FINANCE AGENCY ADVISORY BULLETIN AB 2014-07 OVERSIGHT OF SINGLE-FAMILY SELLER/SERVICER RELATIONSHIPS Purpose This advisory bulletin communicates the Federal Housing Finance Agency s (FHFA)

More information

PRINCIPLES ON OUTSOURCING OF FINANCIAL SERVICES FOR MARKET INTERMEDIARIES

PRINCIPLES ON OUTSOURCING OF FINANCIAL SERVICES FOR MARKET INTERMEDIARIES PRINCIPLES ON OUTSOURCING OF FINANCIAL SERVICES FOR MARKET INTERMEDIARIES A CONSULTATION REPORT OF THE INTERNATIONAL ORGANIZATION OF SECURITIES COMMISSIONS STANDING COMMITTEE 3 ON MARKET INTERMEDIARIES

More information

Privacy Impact Assessment of the Nationwide Mortgage Licensing System and Registry

Privacy Impact Assessment of the Nationwide Mortgage Licensing System and Registry Privacy Impact Assessment of the Nationwide Mortgage Licensing System and Registry Program or application name: Nationwide Mortgage Licensing System and Registry (NMLSR) System Owner: Board of Governors

More information

Are You Ready for the New Foreclosure Processing Regulations?

Are You Ready for the New Foreclosure Processing Regulations? Are You Ready for the New Foreclosure Processing Regulations? New regulator guidance provides banks servicing residential mortgages with expectations in effectively assessing foreclosure processing. The

More information

Best Practices for Engaging With Intermediaries. Introduction

Best Practices for Engaging With Intermediaries. Introduction Best Practices for Engaging With Intermediaries Introduction This document is intended to provide IIUSA members with guidance regarding best practices for engaging with intermediaries who will introduce

More information

OUTSOURCING GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS, 2008

OUTSOURCING GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS, 2008 OUTSOURCING GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS, 2008 BANK OF TANZANIA PART I PRELIMINARY 1 These guidelines may be cited as the Outsourcing Guidelines for Banks and Financial Institutions,

More information

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA White Paper Achieving GLBA Compliance through Security Information Management White Paper / GLBA Contents Executive Summary... 1 Introduction: Brief Overview of GLBA... 1 The GLBA Challenge: Securing Financial

More information

Identity Theft Red Flags & Address Discrepancies under the FACT Act of 2003. Summary of Final Rule

Identity Theft Red Flags & Address Discrepancies under the FACT Act of 2003. Summary of Final Rule Identity Theft Red Flags & Address Discrepancies under the FACT Act of 2003 Summary of Final Rule On November 9, 2007, the Office of the Comptroller of the Currency ( OCC ), Federal Reserve Board ( Board

More information

CCE Consumer Compliance Examination. Compliance Management System. Comptroller s Handbook. August 1996 CCE-CMS

CCE Consumer Compliance Examination. Compliance Management System. Comptroller s Handbook. August 1996 CCE-CMS CCE-CMS Comptroller of the Currency Administrator of National Banks Compliance Management System Comptroller s Handbook August 1996 CCE Consumer Compliance Examination Compliance Management System Table

More information

How to Buy Loans Originated by Failed Financial Institutions from the FDIC

How to Buy Loans Originated by Failed Financial Institutions from the FDIC March 2009 How to Buy Loans Originated by Failed Financial Institutions from the FDIC BY CHRIS DANIEL, DANIEL PERLMAN, TODD BEAUCHAMP AND AZBA HABIB Introduction The Federal Deposit Insurance Corporation

More information

Executive Summary. Guidelines on Merchant and ISO Underwriting and Risk Monitoring MARCH 2014 COUNSEL DEVELOPED BY

Executive Summary. Guidelines on Merchant and ISO Underwriting and Risk Monitoring MARCH 2014 COUNSEL DEVELOPED BY TM MARCH 2014 Guidelines on Merchant and ISO Underwriting and Risk Monitoring Executive Summary DEVELOPED BY www.deanarich.com COUNSEL Venable LLP Jeffrey D. Knowles Ellen Traupman Berge Leonard L. Gordon

More information

<[Z[hWb <_dwdy_wb?dij_jkj_edi ;nwc_dwj_ed 9ekdY_b

<[Z[hWb <_dwdy_wb?dij_jkj_edi ;nwc_dwj_ed 9ekdY_b FFIEC TABLE OF CONTENTS INTRODUCTION 1 BOARD AND MANAGEMENT RESPONSIBILITIES 2 RISK MANAGEMENT 3 Risk Assessment and Requirements 4 Quantity of Risk Considerations 4 Requirements Definition 5 Service Provider

More information

Risk Management Examiners

Risk Management Examiners Risk Management Examiners Introduction to Red Flags Examination Procedures Section 615(e) requires the federal banking agencies and the NCUA (the Agencies) as well as the FTC to prescribe regulations and

More information

Vendor Management Best Practices

Vendor Management Best Practices Vendor Management Best Practices Presented by: Raji Sathappan, MBA, CRCM, CISA, CAMS FMS East Coast Regional Conference September 2015 Certified Public Accountants Consultants Wealth Management Technology

More information

Information Technology

Information Technology Information Technology Information Technology Session Structure Board of director actions Significant and emerging IT risks Practical questions Resources Compensating Controls at the Directorate Level

More information

CREDIT RISK MANAGEMENT GUIDANCE FOR HOME EQUITY LENDING

CREDIT RISK MANAGEMENT GUIDANCE FOR HOME EQUITY LENDING Office of the Comptroller of the Currency Board of Governors of the Federal Reserve System Federal Deposit Insurance Corporation Office of Thrift Supervision National Credit Union Administration CREDIT

More information

Outsourcing has become a critical component of financial institutions management

Outsourcing has become a critical component of financial institutions management Skadden Skadden, Arps, Slate, Meagher & Flom LLP & Affiliates If you have any questions regarding the matters discussed in this memorandum, please contact the following attorneys or call your regular Skadden

More information

TB 82a Handbooks: Thrift Activities Section: 310 Subject: Oversight by the Board of Directors

TB 82a Handbooks: Thrift Activities Section: 310 Subject: Oversight by the Board of Directors Office of Thrift Supervision September 1, 2004 Department of the Treasury Thrift Bulletin TB 82a Handbooks: Thrift Activities Section: 310 Subject: Oversight by the Board of Directors Third Party Arrangements

More information

Vendor Compliance Management Series: Performing an Effective Risk Assessment

Vendor Compliance Management Series: Performing an Effective Risk Assessment Vendor Compliance Management Series: Performing an Effective Risk Assessment Legal Disclaimer This information is not intended to be legal advice and may not be used as legal advice. Legal advice must

More information

Chief Executive Officers of All National Banks, Department and Division Heads, and All Examining Personnel.

Chief Executive Officers of All National Banks, Department and Division Heads, and All Examining Personnel. AL 2000 9 O OCC ADVISORY LETTER Comptroller of the Currency Administrator of National Banks Subject: Third-Party Risk TO: Chief Executive Officers of All National Banks, Department and Division Heads,

More information

Remarks by. Thomas J. Curry Comptroller of the Currency. Before a Meeting of CES Government. Washington, DC April 16, 2014

Remarks by. Thomas J. Curry Comptroller of the Currency. Before a Meeting of CES Government. Washington, DC April 16, 2014 Remarks by Thomas J. Curry Comptroller of the Currency Before a Meeting of CES Government Washington, DC April 16, 2014 Good afternoon. It s a pleasure to finally be here with you. I had very much hoped

More information

Technology Outsourcing. Effective Practices for Selecting a Service Provider

Technology Outsourcing. Effective Practices for Selecting a Service Provider Technology Outsourcing Effective Practices for Selecting a Service Provider Technology Outsourcing Effective Practices for Selecting a Service Provider Federal Deposit Insurance Corporation 550 17th Street

More information

TABLE OF CONTENTS INTRODUCTION... 1

TABLE OF CONTENTS INTRODUCTION... 1 TABLE OF CONTENTS INTRODUCTION... 1 Overview...1 Coordination with GLBA Section 501(b)...2 Security Objectives...2 Regulatory Guidance, Resources, and Standards...3 SECURITY PROCESS... 4 Overview...4 Governance...5

More information

GUIDANCE NOTE ON OUTSOURCING

GUIDANCE NOTE ON OUTSOURCING GN 14 GUIDANCE NOTE ON OUTSOURCING Office of the Commissioner of Insurance Contents Page I. Introduction.. 1 II. Application...... 1 III. Interpretation.... 2 IV. Legal and Regulatory Obligations... 3

More information

3 rd Party Risk Management is Broken Critical Vendors Should be Exam-Ready.

3 rd Party Risk Management is Broken Critical Vendors Should be Exam-Ready. 3 rd Party Risk Management is Broken Critical Vendors Should be Exam-Ready. Abstract: Kudos to the FFIEC agencies efforts to bring more attention and effort to managing 3rd party risk. With so much focus

More information

A Summary of Your Rights Under the Fair Credit Reporting Act

A Summary of Your Rights Under the Fair Credit Reporting Act A Summary of Your Rights Under the Fair Credit Reporting Act The federal Fair Credit Reporting Act (FCRA) promotes the accuracy, fairness, and privacy of information in the files of consumer reporting

More information

Featured Article Federal Red Flag and Related Identity Theft Prevention Rules: Is Your Organization in Compliance?

Featured Article Federal Red Flag and Related Identity Theft Prevention Rules: Is Your Organization in Compliance? Featured Article Federal Red Flag and Related Identity Theft Prevention Rules: Is Your Organization in Compliance? Article contributed by: Nancy L. Perkins, Arnold & Porter LLP As of November 1, 2008,

More information

Title Insurance and Settlement Company Best Practices. American Land Title Association

Title Insurance and Settlement Company Best Practices. American Land Title Association Title Insurance and Settlement Company Best Practices American Land Title Association Current Forces at Work Dodd Frank Wall Street Reform & Consumer Protection Act of 2010 Established the Consumer Financial

More information

Anatomy of an IT Outsourcing Deal. Bruce Laco Deloitte John Pickett IT World Canada Barry Sookman McCarthy Tetrault

Anatomy of an IT Outsourcing Deal. Bruce Laco Deloitte John Pickett IT World Canada Barry Sookman McCarthy Tetrault Anatomy of an IT Outsourcing Deal Bruce Laco Deloitte John Pickett IT World Canada Barry Sookman McCarthy Tetrault 3656867 Agenda Key Considerations for IT Outsourcing Decision Anatomy of an Outsourcing

More information

Managing Outsourcing Arrangements

Managing Outsourcing Arrangements Guidance Note GGN 221.1 Managing Outsourcing Arrangements 1. This Guidance Note provides further detail on the requirements for managing material outsourcing arrangements (refer Prudential Standard GPS

More information

New Hampshire & Maine Compliance Conference

New Hampshire & Maine Compliance Conference The Commonwealth of Massachusetts DIVISION OF BANKS New Hampshire & Maine Compliance Conference C h i e f D i re c t o r A my H a s s e y VIOLATIONS Anti-Money Laundering Program Became effective for mortgage

More information