Great question and I see a lot of responses.
Currently I help managed third parties risk and cybersecurity compliance in medical malpractice insurance space vis-à-vis NYDFS, NIST, CSA and COSO/TSC controls for our vendors and SaaS offerings, as well as provide guidance on onboarding process to business units. Previous firm was CTO responsible for compliance across 1st and 2nd banking departments in over 43 states; and prior to that had own hosted software firm that provided compliance-aware hosted software services, do-not-call, HMDA reporting, credit report tracking, OCC-approved APR, warehouse and sales team SaaS offerings for settlements, mortgage banking, mortgage brokers, title, appraisal and foreclosure with emphasis on business-to-business communications, OCC, State AG and regional FBI recommendations. [In those days (1996+), we required the mortgage bankers to sponsor the mortgage brokers in order to provide the quick app and HMDA reporting services to the brokers -- by sponsoring, the banker was responsible for policing that the broker was licensed in the state of the transactions being requested. Being web-based, it was faster than fax machines, and most brokers got their applications "stipped" out within 15 to 20 minutes. An early version of rocket-mortgage speed.
Original Message:
Sent: 03-05-2022 12:12 PM
From: Pamela Rackley
Subject: Anyone here working in an industry other than Banking?
It seems that the majority of people that are active on this forum work at banks. Working at a FinTech company that supports banks by providing a Mobile Banking Platform, our regulations and requirements (and possibly best practices) are different. Would love to touch base with others here that are running a TPRM program within an industry other than banking. Please reach out to me or post here if this is you! TIA.
------------------------------
Pam Rackley
Risk Analyst
------------------------------