Regulations

 View Only

Welcome to the Regulations Community. Here you will find the latest discussions and resources that can help you in this area. Use this community to stay abreast third-party risk industry guidance, updates, ask questions, discuss pending regulatory changes, or seek advice. Note: You will need to Sign In to join in the discussions and access resources. 

About Industry Regulations: It’s always a good idea to keep any eye on the most recent and stringent regulatory guidance to stay compliant and ensure you're doing everything you should in third-party risk management. Regulatory guidance and best practices evolve regularly. Therefore, not only should you be reviewing your own prudential regulator’s guidance, but you should also review other regulatory guidance. This will help ensure you meet industry standards and best practices in third-party risk management.

Latest Discussion Posts

  • Profile Picture

    RE: 4th Party Vendors as it relates to Customer designated vendors

    By: Veralyn Hensley , one month ago

    I just want to add the guidance doesn't state there is no expectation to perform due diligence on third parties subcontractors. You should evaluate the risk to your organization, and apply mitigation as appropriate. For Gene's organization that mitigation ... More

  • Profile Picture

    RE: 4th Party Vendors as it relates to Customer designated vendors

    By: Hannah MacDonald , one month ago

    In the scenario you describe, I agree. If your platform or solution is required to integrate with another, you should be completing a level of due diligence on them. For example, I would expect security checks, pen tests etc. There should still be a ... More

  • Profile Picture

    RE: 4th Party Vendors as it relates to Customer designated vendors

    By: Gene Fox , one month ago

    The new Interagency Guidance (FDIC, OCC, Fed) issued in June 23 clarifies that they do not expect us to perform due diligence around our third-party's subcontractors, but expect us to have a very good understanding of what oversight is performed by the ... More

  • Profile Picture

    RE: 4th Party Vendors as it relates to Customer designated vendors

    By: Anonymous Member , one month ago

    This message was posted by a user wishing to remain anonymous I agree that your org has a responsibility to do due diligence where it is allowing any party (whether a third party or a fourth party) access to its core service which in turn potentially ... More

  • Profile Picture

    RE: 4th Party Vendors as it relates to Customer designated vendors

    By: Anonymous Member , one month ago

    This message was posted by a user wishing to remain anonymous Thanks for your feedback. I still think it is murky on this issue of responsibility of due diligence as it relates to 3rd party regulations. We have a responsibility to all our customers ... More

Polls

Most Active Users List