This message was posted by a user wishing to remain anonymous
Hi!
I would say due to the sensitivity of Fannie Mae Documents, the information shared with this vendor should be strictly protected. Find out exactly where the documents will be stored, (i.e. could based, vendor servers, hybrid, an application on your servers), and exactly how and who will access your data. This is important, as you'll want to make sure any agreement with this vendor has the appropriate protections, and that any assurances you get are for the right things. Reviewing a SOC2 type 2 would be ideal, particularly one that evaluates all 5 principals.
If you feel this is for any reason a "trusted" vendor, I would still look into the assessments, audits and certifications that provide them such a title. Remember auditing 101 (and as a third party risk practitioner, you ARE essentially conducting audits): Trust but verify.
Hope this helps!
Original Message:
Sent: 12-21-2020 07:01 PM
From: Anonymous Member
Subject: Custodian For Fannie Mae Collateral
This message was posted by a user wishing to remain anonymous
Good Afternoon,
We are considering adding an additional document Custodian for Fannie Mae Documents. Can anyone provide any guidance how to Vet such a vendor? Since the Vendor is a Bank National Trust Company? Any guidance would be greatly appreciated.