The rise of third party relationships means rise in risk and regulation. Non-compliance is risky business for financial institutions
|
|
- Lydia Alexander
- 8 years ago
- Views:
Transcription
1 The rise of third party relationships means rise in risk and regulation Non-compliance is risky business for financial institutions
2 Increasing dependency on third parties by banks has resulted in mandatory OCC/ FRB regulation and mandatory change Third parties that engage directly with customers. Outsourcing entire bank functions to third parties, such as tax, legal, audit, or information technology operations. Third parties whose employees, facilities, and subcontractors may be geographically concentrated. Third parties that subcontract activities to other foreign and domestic providers. Rise in Relationships with Banks A single third party to perform multiple activities, often to such an extent that the third party becomes an integral component of the bank s operations. Outsourcing lines of business or products to third parties. Third parties to address deficiencies in bank operations or compliance with laws or regulations. OCC expects a bank to practice effective risk management regardless of whether the bank performs the activity internally or through a third party. A bank s use of third parties does not diminish its responsibility to ensure that the activity is performed in a safe and sound manner and in compliance with applicable laws. Federal Reserve is issuing this guidance to financial institutions to highlight the potential risks arising from the use of service providers and to describe the elements of an appropriate service provider risk management program. OCC Bulletin , Released October 30,
3 A bank s failure to have an effective thirdparty risk management process may be an unsafe and unsound banking practice A process must be commensurate with the level of risk, complexity of third-party relationships, and organizational structure of the bank Operational risk is present in all products, services, functions, delivery channels, and processes. Third-party relationships may increase a bank s exposure to operational risk because the bank may not have direct control of the activity performed by the third party. Strategic risk comes into play when a bank uses third parties to conduct banking functions, offers products and services that are not compatible with the bank s strategic goals, cannot be effectively monitored and managed by the bank, or do not provide an adequate return on investment. Credit risk may arise when management has exercised ineffective due diligence and oversight of third parties that market or originate certain types of loans on the bank s behalf, resulting in lowquality receivables and loans. Reputational risk happens when third-party relationships do not meet the expectations of the bank s customers. Publicity about adverse events surrounding the third parties also may increase the bank s reputation risk. Compliance risk exists when products, services, or systems associated with third-party relationships are not properly reviewed for compliance or when the third party s operations are not consistent with laws, regulations, ethical standards, or the bank s policies and procedures. 3
4 Different approaches exist for financial institutions depending on the level of third-party risk and complexity Onboarding / Due Diligence of all Conducting a review of a potential third party before signing a contract5 helps ensure that the bank selects an appropriate third party and understands and controls the risks posed by the relationship, consistent with the bank s risk appetite. Ongoing Monitoring of all Performing ongoing monitoring of the third-party relationship once the contract is in place is essential to the bank s ability to manage risk of the third-party relationship. Comprehensive Risk Management Program for all Creating an effective risk management process throughout the entire lifecycle of all third-party relationships including onboarding/ due diligence, ongoing monitoring and oversight. 4
5 Banks should adopt the mandate for the continuous lifecycle of all third-party relationships and for all critical activities Planning Due Diligence & 3 rd Party Selection Contract Negotiation Ongoing Monitoring Termination Identification of Critical Suppliers and Initial Risk Level of Critical Suppliers and Initial Risk Level at a Country Level Risk Scores and Projected Failure Rate Basic Demographic Information Financial Information Payment Trends Public Filing Information Restricted Party Information Socio-Economic Status Corporate Family Linkage Officer Information Country Risk Notification of any significant changes in the business, such as: Change of Ownership Officer Changes Mergers Acquisitions Joint Ventures Provide a Benchmark for Auditing Purposes Alerts for significant changes to: Supplier Risk Score Shifts Change of Ownership Suits, Judgments and Liens Payment Trends Violations EPA, OSHA, OFAC, etc. Special Events Catastrophic Events Country Risk Scores The ability to secure information that may lead to the termination of a The ability to collect and maintain this information The ability to show trending of a Third Party and better explain what events led up to the termination 5
6 A bank s risk management plan should also include oversight throughout the third-party relationship lifecycle Oversight & Accountability Documentation & Reporting Independent Reviews A better way to show the complete picture of a to Senior Leadership The ability to monitor and document changes that have happened to a third party The ability to show why action needs to be taken with a Third Party View detailed information on each Monitor each for change Search for suppliers that may want to do business Collect Tier N supplier information and monitor those suppliers for change Survey and collect critical documents Report on the overall risk of a Ability to show overall risk of the and why that risk is present Provide Auditors with intelligence prior to conducting a review Provide Auditors with the complete corporate family details, who owns who, subsidiaries, divisions, parents, foreign entities related to Better understanding the overall risk of a Country the is engaged in doing business 6
7 D&B is the undisputed leader in risk management and compliance 7 7 More than 87% of Fortune 500 companies around the world rely on D&B insight and analytics to drive business results D&B is the global leader of predictive and anticipatory analytics driven by over 50,000 potential predictive attributes The world s leading business information provider with over 200 million supplier profiles across the globe A legacy of innovation for over 173 years groundbreaking predictive scores and analytical capabilities with built-in foresight Strong relationships with some of the largest global companies to implement rigorous compliance programs
Any business relationship between a bank and another entity, by contract or otherwise
An Overview for Bank Directors Managing the Third Party Relationship Patrick Neuman Boardman & Clark LLP Madison, Wisconsin Any business relationship between a bank and another entity, by contract or otherwise
More informationOCC 98-3 OCC BULLETIN
To: Chief Executive Officers and Chief Information Officers of all National Banks, General Managers of Federal Branches and Agencies, Deputy Comptrollers, Department and Division Heads, and Examining Personnel
More informationTo: Our Clients and Friends March 25, 2014
Financial Services Group To: Our Clients and Friends March 25, 2014 A Significant Change Is Occurring Regarding Regulatory Oversight of Banks and Their Third Party Relationships. Both Banks and their Vendors
More informationBoard Responsibility. A bank can outsource a task, but it cannot outsource the responsibility.
Third-Party Risk Board Responsibility The Board of Directors and senior management are ultimately responsible for managing activities conducted through third-party relationships as if the activity were
More informationSimplify the Complexity of Managing 3rd Party Anti-Bribery / FCPA Compliance
Simplify the Complexity of Managing 3rd Party Anti-Bribery / FCPA Compliance Arm Stakeholders with Critical Information to Assess 3rd Party Relationships and Comply with the Foreign Corrupt Practices Act
More informationOutsourcing Technology Services A Management Decision
Outsourcing Technology Services A Management Decision A Telephone Seminar for National Banks Tuesday, July 20, 2004 And again on Wednesday, July 21, 2004 Agenda Outsourcing activities and relationships
More informationOutsourced Third Party Relationship Management/ Vendor Management. TTS Webinar July 15, 2015 Susan Orr CISA, CISM, CRISC, CRP
Outsourced Third Party Relationship Management/ Vendor Management TTS Webinar July 15, 2015 Susan Orr CISA, CISM, CRISC, CRP 1 Risk Management Guidance 2 3 Appendix J: 4 - Key Elements Third Party Management
More informationFinTech Webinar Series: Vendor Management Principles
FinTech Webinar Series: Vendor Management Principles Evolving Best Practices of Bank Service Providers February 14, 2013 Speakers Russell Bruemmer Partner Eric Mogilnicki Partner Jeffrey Hydrick Special
More informationOutsourcing has become a critical component of financial institutions management
Skadden Skadden, Arps, Slate, Meagher & Flom LLP & Affiliates If you have any questions regarding the matters discussed in this memorandum, please contact the following attorneys or call your regular Skadden
More informationGUIDANCE FOR MANAGING THIRD-PARTY RISK
GUIDANCE FOR MANAGING THIRD-PARTY RISK Introduction An institution s board of directors and senior management are ultimately responsible for managing activities conducted through third-party relationships,
More informationWhite Paper on Financial Institution Vendor Management
White Paper on Financial Institution Vendor Management Virtually every organization in the modern economy relies to some extent on third-party vendors that facilitate business operations in a wide variety
More informationBITS GUIDE TO CONCENTRATION RISK
BITS GUIDE TO CONCENTRATION RISK IN OUTSOURCING RELATIONSHIPS BITS A DIVISION OF THE FINANCIAL SERVICES ROUNDTABLE 1001 PENNSYLVANIA AVENUE, NW SUITE 500 SOUTH WASHINGTON, DC 20004 202-289-4322 WWW.BITS.ORG
More informationAre You Ready for the New Foreclosure Processing Regulations?
Are You Ready for the New Foreclosure Processing Regulations? New regulator guidance provides banks servicing residential mortgages with expectations in effectively assessing foreclosure processing. The
More informationVendor Management: An Enterprise-wide Focus. Susan Orr, CISA CISM CRISC CRP Susan Orr Consulting, Ltd.
Vendor Management: An Enterprise-wide Focus Susan Orr, CISA CISM CRISC CRP Susan Orr Consulting, Ltd. Why Focus on Vendor Management Increased financial regulatory scrutiny GLBA and Identity Theft Red
More informationFEDERAL HOUSING FINANCE AGENCY ADVISORY BULLETIN AB 2014-07 OVERSIGHT OF SINGLE-FAMILY SELLER/SERVICER RELATIONSHIPS. Purpose
FEDERAL HOUSING FINANCE AGENCY ADVISORY BULLETIN AB 2014-07 OVERSIGHT OF SINGLE-FAMILY SELLER/SERVICER RELATIONSHIPS Purpose This advisory bulletin communicates the Federal Housing Finance Agency s (FHFA)
More informationThe New Third-Party Oversight Framework: Trust but Verify kpmg.com
Financial Services Regulatory Point of View The New Third-Party Oversight Framework: Trust but Verify kpmg.com The New Third-Party Oversight Framework: Trust but Verify 1 Financial services regulatory
More informationWHITE PAPER Third-Party Risk Management Lifecycle Guide
WHITE PAPER Third-Party Risk Management Lifecycle Guide Develop and maintain compliant third-party relationships by following these foundational components of a best-practice assessment program. Third
More information6/8/2016 OVERVIEW. Page 1 of 9
OVERVIEW Attachment Supervisory Guidance for Assessing Risk Management at Supervised Institutions with Total Consolidated Assets Less than $50 Billion [Fotnote1 6/8/2016 Managing risks is fundamental to
More informationAPEC General Elements of Effective Voluntary Corporate Compliance Programs
2014/CSOM/041 Agenda Item: 3 APEC General Elements of Effective Voluntary Corporate Compliance Programs Purpose: Consideration Submitted by: United States Concluding Senior Officials Meeting Beijing, China
More informationManaging third-party relationships: It s complicated
Regulatory November 2013 brief A publication of PwC s financial services regulatory practice Managing third-party relationships: It s complicated Overview On October 30, 2013, the Office of the Comptroller
More informationCore Principles for Effective Banking Supervision: New Edition Released
News Bulletin September 17, 2012 Core Principles for Effective Banking Supervision: New Edition Released Last Friday, September 14, 2012, the Basel Committee on Banking Supervision published a new set
More informationSample Financial institution Risk Management Policy 2011
Sample Financial institution Risk Management Policy 2011 1 Contents Risk Management Program...2 Internal Control and Risk Management Diagram... 2 General Control Environment... 2 Specific Internal Control
More informationGUIDANCE NOTE ON OUTSOURCING
GN 14 GUIDANCE NOTE ON OUTSOURCING Office of the Commissioner of Insurance Contents Page I. Introduction.. 1 II. Application...... 1 III. Interpretation.... 2 IV. Legal and Regulatory Obligations... 3
More informationII. Compliance Examinations - Compliance Management System. Compliance Management System. Introduction. Board of Directors and Management Oversight
Compliance Management System Introduction Financial institutions operate in a dynamic environment influenced by industry consolidation, convergence of financial services, emerging technology, and market
More informationTHIRD PARTY SUPPLIER RISK MANAGEMENT. Meeting Emerging Financial Services Regulatory Requirements. By Joseph Yacura, ISG Director. www.isg-one.
THIRD PARTY SUPPLIER RISK MANAGEMENT Meeting Emerging Financial Services Regulatory Requirements By Joseph Yacura, ISG Director www.isg-one.com INTRODUCTION U.S. and Canadian financial services companies
More informationCredit Union Liability with Third-Party Processors
World Council of Credit Unions Annual Conference Credit Union Liability with Third-Party Processors Andrew (Andy) Poprawa CEO, Deposit Insurance Corporation of Ontario Canada 1 Credit Union Liability with
More informationOutsourcing in the Financial Services Industry: Finding Opportunities and Managing Risk. New York. OCC and FRB Guidance on Managing Third-Party Risk
March 24, 2014 If you have any questions regarding the matters discussed in this memorandum, please contact the following attorneys or your regular Skadden contact. Stuart D. Levi New York / 212.735.2750
More informationTHE UH OH MOMENT. Financial Services Enterprises Focus on Governance, Transparency and Supply Chain Risk
THE UH OH MOMENT Financial Services Enterprises Focus on Governance, Transparency and Supply Chain Risk By Lois Coatney, Chuck Walker and Joseph Yacura, ISG Directors www.isg-one.com INTRODUCTION A top
More informationVII 4.1. VII. Unfair and Deceptive Practices Third Party Risk. Third Party Risk. Introduction. Background
Third Party Risk Introduction The board of directors and senior management of an insured depository institution (institution) are ultimately responsible for managing activities conducted through third-party
More informationHow To Audit A Company
INTERNATIONAL STANDARD ON AUDITING 315 IDENTIFYING AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT THROUGH UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT (Effective for audits of financial statements for
More informationIdentity Theft Prevention Program
-- Sample Policy -- Identity Theft Prevention Program Purpose To establish an Identity Theft Prevention Program designed to detect, prevent and mitigate identity theft in connection with the opening of
More informationPutting the Management Back in Vendor Management February 20, 2014
Putting the Management Back in Vendor Management February 20, 2014 Moderator: Brian O Reilly The Collingwood Group, LLC Panelists: Calvin Hagins, CFPB Ken Markison, MBA Jonathan McKernan, Wilmer Hale Dan
More informationUnderstanding the Entity and Its Environment and Assessing the Risks of Material Misstatement
Understanding the Entity and Its Environment 267 AU-C Section 315 Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement Source: SAS No. 122; SAS No. 128. Effective
More informationFFIEC Cybersecurity Assessment Tool
Overview In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed the Cybersecurity Tool (), on behalf of its members,
More informationRisk Management Framework
Risk Management Framework Mandate and commitment Design of framework for managing risks Continual improvement of the framework Implementing risk management Monitoring and review of the framework Source:
More informationWHITE PAPER THIRD PARTY MANAGEMENT: FUNDAMENTALS
THIRD PARTY MANAGEMENT: FUNDAMENTALS by Linda Tuck Chapman Sponsored by Third Party Management Fundamentals Third Party Management isn t new, but its importance is growing in every industry and the financial
More informationOCC BULLETIN OCC 2001-47
OCC BULLETIN Comptroller of the Currency Administrator of National Banks Subject: Third-Party Relationships Description: Risk Management Principles TO: Chief Executive Officers of National Banks, Federal
More informationVendor. Management. For sponsorship or to become our partner, contact: marketing@achromicpoint.com
Knowledge Partner Presents 27th May 2015 - Bengaluru 5th June 2015 - New Delhi 24th June 2015 - Mumbai Vendor Risk Management For sponsorship or to become our partner, contact: marketing@achromicpoint.com
More information30-SECOND SUMMARY The Federal Reserve and the Office of the Comptroller of the Currency (OCC)
30-SECOND SUMMARY The Federal Reserve and the Office of the Comptroller of the Currency (OCC) have issued extensive new guidance to financial institutions about the use of third parties to perform functions
More informationSHARED ASSESSMENTS PROGRAM STANDARD INFORMATION GATHERING (SIG) QUESTIONNAIRE 2014 MAPPING TO OCC GUIDANCE (2013-29) ON THIRD PARTY RELATIONSHIPS
SHARED ASSESSMENTS PROGRAM STANDARD INFORMATION GATHERING (SIG) QUESTIONNAIRE 2014 MAPPING TO OCC GUIDANCE (2013-29) ON THIRD PARTY RELATIONSHIPS An overview of how the Shared Assessments Program SIG 2014
More informationVII 5.1. VII. Abusive Practices Third Party Procedures. Third Party Risk. Introduction. Background
Third Party Risk Introduction The board of directors and senior management of an insured depository institution (institution) are ultimately responsible for managing activities conducted through third-party
More informationcompany policy number 0001 LEGAL AND ETHICAL CONDUCT
company policy number 0001 LEGAL AND ETHICAL CONDUCT eff. date replaces page 28 Mar. 2011 14 Feb. 2006 1 of 10 PURPOSE CPI has adopted this Code of Legal and Ethical Conduct ( Code ) to promote: honest
More informationPRINCIPLES ON OUTSOURCING OF FINANCIAL SERVICES FOR MARKET INTERMEDIARIES
PRINCIPLES ON OUTSOURCING OF FINANCIAL SERVICES FOR MARKET INTERMEDIARIES TECHNICAL COMMITTEE OF THE INTERNATIONAL ORGANIZATION OF SECURITIES COMMISSIONS FEBRUARY 2005 Preamble The IOSCO Technical Committee
More informationIdentifying and Managing Third Party Data Security Risk
Identifying and Managing Third Party Data Security Risk Legal Counsel to the Financial Services Industry Digital Commerce & Payments Series Webinar April 29, 2015 1 Introduction & Overview Today s discussion:
More informationBlind spot Banks are increasingly outsourcing more activities to third parties. But they can t outsource the risks.
Blind spot Banks are increasingly outsourcing more activities to third parties. But they can t outsource the risks. For anyone familiar with the banking industry, it comes as no surprise that banks are
More informationMISSION VALUES. The guide has been printed by:
www.cudgc.sk.ca MISSION We instill public confidence in Saskatchewan credit unions by guaranteeing deposits. As the primary prudential and solvency regulator, we promote responsible governance by credit
More informationRegulatory Compliance Management (RCM) (formerly Legislative Compliance Management (LCM))
Guideline Subject: Category: (RCM) (formerly Legislative Compliance Management (LCM)) Sound Business & Financial Practices No: E-13 Date: November 2014 I. Purpose and Scope of the Guideline The purpose
More informationFCPA 10 Hallmarks Self- Assessment
FCPA 10 Hallmarks Self- Assessment How exposed is your business to corruption risk? Take this assessment to find out if your systems are sufficiently robust to protect your business October 2014 Prepared
More informationHow To Manage Risk At Atb Financial
Guidelines for Financial Institutions Legislative Compliance Management (LCM) Date: July 2004 Introduction Regulatory risk is the risk of non-compliance with applicable regulatory requirements. For the
More informationA Look at the Varied Responsibilities of Internal Auditors. internal auditing: All in a days work
ALL IN A DAY S WORK A Look at the Varied Responsibilities of Internal Auditors internal auditing: All in a days work The Institute of Internal Auditors Achieving Objectives For the most part, companies
More informationCAPABILITY STATEMENT CONTROL RISKS MEXICO
CAPABILITY STATEMENT CONTROL RISKS MEXICO GENERAL 15 AUGUST 2012 Control Risks Mexico, S.A. de C.V. Cottons Centre Cottons Lane London SE1 2QG United Kingdom T: +5255 5000 1700 www.controlrisks.com TABLE
More informationCOMPLIANCE MANAGEMENT SYSTEM
COMPLIANCE MANAGEMENT SYSTEM INTRODUCTION Financial institutions operate in a dynamic environment influenced by industry consolidation, convergence of financial services, emerging technology, and market
More informationSubject: Safety and Soundness Standards for Information
OFHEO Director's Advisory Policy Guidance Issuance Date: December 19, 2001 Doc. #: PG-01-002 Subject: Safety and Soundness Standards for Information To: Chief Executive Officers of Fannie Mae and Freddie
More informationM-Aud. Comptroller of the Currency Administrator of National Banks. Internal and External Audits. Comptroller s Handbook. April 2003.
M-Aud Comptroller of the Currency Administrator of National Banks Internal and External Audits Comptroller s Handbook April 2003 M Management Internal and External Audits Table of Contents Introduction...1
More informationNORTHERN TRUST CORPORATION BUSINESS RISK COMMITTEE CHARTER
NORTHERN TRUST CORPORATION BUSINESS RISK COMMITTEE CHARTER Effective January 20, 2015 (Supersedes the Business Risk Committee Charter Effective October 21, 2014) The By-laws of Northern Trust Corporation
More informationINTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 315
INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 315 IDENTIFYING AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT THROUGH UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT (Effective for audits of financial
More informationForensic Services. Third Party Risks. March 2013
Forensic Services Third Party Risks Landscape of third party risk Focus on third parties that: perform functions on behalf of the company provide products and services that the company does not originate
More informationCOMMERCIAL LENDING POLICY DEVELOPMENT GUIDE Minimum Expectations
Additional Tools: COMMERCIAL LENDING POLICY DEVELOPMENT GUIDE Minimum Expectations Class 2 Institutions February 2014 Ce document est également disponible en français. COMMERCIAL LENDING POLICY DEVELOPMENT
More informationHSBC FINANCE CORPORATION CHARTER OF THE RISK COMMITTEE
HSBC FINANCE CORPORATION CHARTER OF THE RISK COMMITTEE I. Committee Purpose The Risk Committee is appointed by the Board of Directors of HSBC Finance Corporation (the Corporation ) and is responsible,
More informationOutsourcing Technology Services OT
Federal Financial Institutions Examination Council FFIEC Outsourcing Technology Services OT JUNE 2004 IT EXAMINATION H ANDBOOK TABLE OF CONTENTS INTRODUCTION... 1 BOARD AND MANAGEMENT RESPONSIBILITIES...
More informationBANK EXAMINERS MANUAL FOR AML/CFT RBS EXAMINATION
BANK EXAMINERS MANUAL FOR AML/CFT RBS EXAMINATION 1 Contents 1. EXAMINATION PROCEDURES ON SCOPING AND PLANNING 1..1 2. EXAMINATION PROCEDURES OF AML/CFT COMPLIANCE PROGRAM...3.. 3 3. OVERVIEW OF AML/CFT
More informationNavigating Vendor Management Issues in Today s Regulatory Environment
Navigating Vendor Management Issues in Today s Regulatory Environment May 6, 2015 Elizabeth E. McGinn, Partner Moorari K. Shah, Counsel 1 Disclaimer The information contained herein is for informational
More informationFederal Branches and Agencies Supervision
Comptroller s Handbook EP-FBS Examination Process (EP) Federal Branches and Agencies Supervision September 2014 Updated December 2015 for RAS Office of the Comptroller of the Currency Washington, DC 20219
More information2016 The global ABB integrity program. www.abb.com/integrity
2016 The global ABB integrity program www.abb.com/integrity Tone from the Top Don t Look the Other Way A culture of integrity is a prerequisite for a world-class business. Many valuable customers choose
More informationCommunity Bank Risk-Focused Consumer Compliance Supervision Program
Community Bank Risk-Focused Consumer Compliance Supervision Program I. INTRODUCTION Overview of the Risk-Focused Framework The consumer compliance risk-focused supervision program is designed to promote
More informationManaging the Weight of the World - Best Practices in Global Subsidiary Compliance. Add TX Chapter logo
Managing the Weight of the World - Best Practices in Global Subsidiary Compliance Add TX Chapter logo September 10, 2014 Kelli Cubeta General Counsel ISS World Robert Munden Senior Vice President, General
More informationThird-Party Risk Management: Busting Myths and Telling Truths
Third-Party Risk Management: Busting Myths and Telling Truths Richik Sarkar, Esq. McDonald Hopkins LLC 600 Superior Avenue, East, Suite 2100 Cleveland, OH 44114 (216) 430-2009 rsarkar@mcdonaldhopkins.com
More informationOur Due Diligence, Background Checks & Investigations Rates/Fees (50% Discount Offer on our REGULAR FEE for all ITC Members)
Our Due Diligence, Background Checks & Investigations Rates/Fees For ITC Members and 3rd Party Referrals, we prefer to work on flat rate for all assignments. Hence we offer 50% Discount off our regular
More informationFINANCIAL INSTITUTIONS: MANAGING OPERATIONAL RISK WITH RSA ARCHER
FINANCIAL INSTITUTIONS: MANAGING OPERATIONAL RISK WITH RSA ARCHER As a board-level discussion topic at all financial institutions (FI) today, operational risk is real and public disclosure of significant
More informationSpecial Considerations Audits of Group Financial Statements (Including the Work of Component Auditors)
HKSA 600 Issued September 2009; revised July 2010, May 2013, June 2014*, February 2015 Effective for audits of financial statements for periods beginning on or after 15 December 2009 Hong Kong Standard
More informationAddressing Risk in Partner / Contractor Selection and Onboarding. Michael Davidson VP Quality Systems and Compliance March 2014
Addressing Risk in Partner / Contractor Selection and Onboarding Michael Davidson VP Quality Systems and Compliance March 2014 Industry Trends Pfizer Overview Pfizer s Approach Risk Based Robust Due Diligence
More informationMorgan Stanley. Policy for the Management of Third Party Residential Mortgage Servicing Providers
Morgan Stanley Policy for the Management of Third Party Residential Mortgage Servicing Providers Title Policy for the Management of Third Party Residential Mortgage Servicing Providers Effective Date Owner
More informationTHIRD PARTY. T i m L i e t z R e g i o n a l P r a c t i c e L e a d e r R i s k A d v i s o r y S e r v i c e s
MANAGING THIRD PARTY RISK T i m L i e t z R e g i o n a l P r a c t i c e L e a d e r R i s k A d v i s o r y S e r v i c e s Experis -- a different kind of talent company. Experis Tuesday, January 08,
More informationIntroduction to Social Compliance & Its Business Benefits
Proposal for Conducting Seminar on Introduction to Social Compliance & Its Business Benefits Submitted to: Environment Agency, Abu Dhabi Table of Contents Summary..02 Seminar Objectives 02 Content Outline..02
More informationValidating Third Party Software Erica M. Torres, CRCM
Validating Third Party Software Erica M. Torres, CRCM Michigan Bankers Association Risk Management & Compliance Institute September 29, 2014 MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT
More informationI. Introduction. FRB Guidance June 22, 2000 Page 1 of 14
I. Introduction Guidance on Equity Investment and Merchant Banking Activities of Financial Holding Companies and Other Banking Organizations Supervised by the Federal Reserve Over the past several years,
More informationTrade risk management: a global approach
World Customs Journal Trade risk management: a global approach Abstract Lorraine Trapani This article discusses IBM s global approach to managing risk associated with importing product into more than 170
More informationCloud Computing: Legal Risks and Best Practices
Cloud Computing: Legal Risks and Best Practices A Bennett Jones Presentation Toronto, Ontario Lisa Abe-Oldenburg, Partner Bennett Jones LLP November 7, 2012 Introduction Security and Data Privacy Recent
More informationO OCC BULLETIN OCC 2006-39. Automated Clearing House Activities. Risk Management Guidance
O OCC BULLETIN Comptroller of the Currency Administrator of National Banks Subject: Automated Clearing House Activities Description: Risk Management Guidance TO: Chief Executive Officers, Chief Risk Officers,
More information1 5 9 5 8 N a t i o n a l F u n e r a l D i r e c t o r s A s s o c i a t i o n 2 0 0 8
S A M P L E I D E N T I T Y T H E F T P R E V E N T I O N P R O G R A M F O R F U N E R A L H O M E S 1. I n t r o d u c t i o n : I f y o u r f u n e r a l h o m e u n d e r t a k e s a n y o f t h e
More informationCOMMERCIAL LENDING POLICY DEVELOPMENT GUIDE Minimum Considerations
DRAFT FOR COMMENT Additional Tools: COMMERCIAL LENDING POLICY DEVELOPMENT GUIDE Minimum Considerations Class 2 Institutions April 2013 This document is also available in French. COMMERCIAL CREDIT POLICY
More informationCOMPLIANCE PROGRAM FOR XL GROUP PLC
1 COMPLIANCE PROGRAM FOR XL GROUP PLC I. PURPOSE The purpose of the XL Group plc Compliance Program (the Program ) is to (a) help protect XL Group plc companies from financial or reputational harm that
More informationwww.pwc.com Third Party Risk Management 12 April 2012
www.pwc.com Third Party Risk Management 12 April 2012 Agenda 1. Introductions 2. Drivers of Increased Focus on Third Parties 3. Governance 4. Third Party Risks and Scope 5. Third Party Risk Profiling 6.
More informationVENDOR RISK MANAGEMENT UPDATE- ARE YOU AT RISK? Larry L. Llirán, CISA, CISM December 10, 2015 ISACA Puerto Rico Symposium
1 VENDOR RISK MANAGEMENT UPDATE- ARE YOU AT RISK? Larry L. Llirán, CISA, CISM December 10, 2015 ISACA Puerto Rico Symposium 2 Agenda Introduction Vendor Management what is? Available Guidance Vendor Management
More informationAttachment. OCC Guidance on Due Diligence Requirements in Determining Whether Securities Are Eligible for Investment
Attachment OCC Guidance on Due Diligence Requirements in Determining Whether Securities Are Eligible for Investment The guidance below was issued by the Office of the Comptroller of the Currency (OCC)
More informationKnowing your customers and their customers and their customers and so on and so on
Knowing your customers and their customers and their customers and so on and so on Identifying your Third-Party s and their Nested s This ACH risk management white paper provides an overview of ACH relationships
More informationGlobal Security Program Overview
STATE STREET GLOBAL SECURITY Global Security Program Overview ASIS International Kansas City Chapter March 5, 2015 Stephen D Baker CPP Vice President & Deputy Chief Security Officer About State Street
More informationVendor Management Compliance Top 10 Things Regulators Expect
Vendor Management Compliance Top 10 Things Regulators Expect Paul M. Phillips, CFA Attorney, Adams and Reese Pamela T. Rodriguez, AAP, CIA, CISA EVP, Risk Management & Education, EastPay 2014 EastPay.
More informationVendor Management Best Practices
Vendor Management Best Practices Presented by: Raji Sathappan, MBA, CRCM, CISA, CAMS FMS East Coast Regional Conference September 2015 Certified Public Accountants Consultants Wealth Management Technology
More informationDon t Originate in the Dark: Shine Some Light on Your Third-Party Senders and Their Originators
Don t Originate in the Dark: Shine Some Light on Your Third-Party Senders and Their Originators This ACH risk management white paper examines the risks related to ACH transactions processed by Third-Party
More informationNCUA LETTER TO CREDIT UNIONS
NCUA LETTER TO CREDIT UNIONS NATIONAL CREDIT UNION ADMINISTRATION 1775 Duke Street, Alexandria, VA 22314 DATE: August 2008 LETTER NO.: 08-CU-19 TO: SUBJ: Federally Insured Credit Unions Third-Party Relationships:
More informationPART I - PRELIMINARY...1 Objective...1 Applicability...2 Legal and Regulatory Provision...2
PART I - PRELIMINARY...1 Objective...1 Applicability...2 Legal and Regulatory Provision...2 PART II POLICY REQUIREMENTS...3 Investment and Risk Management Policy...3 Monitoring and Control...5 Roles of
More informationFINANCIAL SERVICES FLASH REPORT
FINANCIAL SERVICES FLASH REPORT OCC Updates Guidance on Third-Party Relationships December 2, 2013 Introduction On November 4, 2013, the Office of the Comptroller of the Currency (OCC) released Bulletin
More informationTB 82a Handbooks: Thrift Activities Section: 310 Subject: Oversight by the Board of Directors
Office of Thrift Supervision September 1, 2004 Department of the Treasury Thrift Bulletin TB 82a Handbooks: Thrift Activities Section: 310 Subject: Oversight by the Board of Directors Third Party Arrangements
More informationKNOW YOUR THIRD PARTY
Thomson Reuters KNOW YOUR THIRD PARTY EXECUTIVE SUMMARY The drive to improve profitability and streamline operations motivates many organizations to collaborate with other businesses, increase outsourcing
More informationOUTSOURCING GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS, 2008
OUTSOURCING GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS, 2008 BANK OF TANZANIA PART I PRELIMINARY 1 These guidelines may be cited as the Outsourcing Guidelines for Banks and Financial Institutions,
More informationBest Practices C-TPAT 5-Step Risk Assessment Process
Best Practices C-TPAT 5-Step Risk Assessment Process 17 th Annual T&T Conference April 3, 2013 Karen Lobdell Director Global Solutions Integration Point 1 Is This Your Current Process? 2 CBP s Approach
More informationGUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012
GUIDANCE NOTE FOR DEPOSIT-TAKERS Operational Risk Management March 2012 Version 1.0 Contents Page No 1 Introduction 2 2 Overview 3 Operational risk - fundamental principles and governance 3 Fundamental
More informationANNUAL PREQUALIFACTION APPLICATION. Interested Subcontractor:
ANNUAL PREQUALIFACTION APPLICATION Interested Subcontractor: Each Frank L. Blum Construction subcontractor that has the potential of having a contract greater than $50,000 must submit a completed Subcontractor
More information