Due Diligence and Ongoing Monitoring

 View Only

  • 1.  Financial due diligence

    This message was posted by a user wishing to remain anonymous
    Posted 04-06-2021 08:31 AM
    This message was posted by a user wishing to remain anonymous

    For new vendors, what's the cutoff everyone uses for determining whether to conduct financial due diligence? Is is based on anticipated spend or some other threshold?


  • 2.  RE: Financial due diligence

    Posted 04-07-2021 07:49 AM

    Classification: Confidential

    Hi there-

    In my organization, we first assess the vendor for Materiality to operations- if a vendor is deemed material we then look at the service being provided- if this vendor has any access to confidential data, you want them to be financially viable in the unfortunate event that you might have a breach for which they may need to cover you for. Insurance may be in place, but a financially weak company partnership is risky.   If the vendor does not access protected data, but the services provided by them are deemed as moderate or difficult to replace (unique, or took considerable time and resources to implement) you should want to make sure they are financially viable so you aren't stuck needing to find another provider in a year because they went belly up. That is an avoidable drain on your organization.  Regulators want to make sure that you are making sound, risk basked decisions on who you partner with for services. If your company can survive without negative customer impact should a vendor not perform or abruptly exit the services, then you can make the argument to waive the financial review.

     

    I hope that helps!

    All the best.

     

    Jenn Wilkinson

    Vice President

    Strategic Vendor Management

    Cenlar FSB

     

    This message has been marked as Confidential by Wilkinson, Jennifer on Wednesday, April 7, 2021 7:37:20 AM.

     



     

    ***********************************************************

    NOTICE: The information contained in this message is intended for the addressee(s) only and may be confidential,
    proprietary, or legally privileged. If you have received this message in error or there are any problems with the
    transmission, please immediately notify us by return e-mail. The unauthorized use, disclosure, copying, or alteration
    of this message is strictly forbidden. The sender will not be liable for any damages arising from alteration of the
    contents of this message by a third-party or as a result of any virus being transmitted.
    This notice is automatically appended to each e-mail message transmitted from the sender's e-mail domain.



    Original Message