Is anyone aware of specific Regulatory Records Retention requirements for Vendor Contracts and/or vendor Due Diligence/risk assessments?
Are there any documents we must maintain the original hard copy (e.g. Contracts with wet signatures, FFIEC TSP Exams)?
I'm hoping to go "paperless" as best we can within Vendor Management to eliminate a lot of manual processes as we leverage Venminder software to hold our vendor documentation in a centralized location (with the backup being on our Bank's network).
I'm curious if there's any challenges or things to consider when trying to reduce the amount of documents printed/retained. At the moment we've been managing our program in three places (physical files, network, and Venminder).
Have other FI's taken this full "paperless" approach to third-party vendor risk management?
Any comments/feedback is greatly appreciated!
Thank you!