Latest Discussions

Hi there, While there isn't a specific template available for managing fourth-party risks, you can definitely incorporate relevant content into your existing policy to cover this topic. I don't recommend creating a separate policy, as it might be overlooked ...

This message was posted by a user wishing to remain anonymous What you seek for documentation for your due diligence process is a great consideration approaching due diligence. Here is a link to a good infographic produced by Venminder that breaks ...

Looking for recommendations for a fourth party/subservice organization monitoring provider as part of Vendor Management. In addition, if anyone has a checklist they would be willing to share for this as well. Thank you!

One strategy I've seen organizations do with OFAC/PEP checks is to simply perform these searches more frequently or use some type of real-time screening tool. There are risk intelligence tools on the market that can help screen for both compliance and ...

This message was posted by a user wishing to remain anonymous We have recently engaged with a consulting firm to help implement Salesforce. What type of due diligence documents should we request for? They have access to NPPI

This message was posted by a user wishing to remain anonymous We found this third-party template in the Venminder Communities and were hoping if there is a fourth-party version. Or, if someone knows where we can get a fourth-party template, that would ...

This is a great question and highlights a really important issue about document expiration. I would say the best approach is to have a system in place to make sure you're tracking any documents like insurance certificates or SOC reports that have expiration ...

Hi there I think these are great questions. You may also consider these additions or refinements: Commitment to DEI : Does your organization have a formal DEI policy? Can you provide examples of how DEI is integrated into your company's values ...

Hi everyone, Could someone help me to identify the main restricted lists such as OFAC, UFLPA...?

This message was posted by a user wishing to remain anonymous Hi all. I have been facing the same challenges. So far, we request to schedule a call between or credit risk team and their CFO or controller and then have our credit risk team create a statement. ...

This message was posted by a user wishing to remain anonymous We have been very successful in requesting a P&L statement from the vendors that do not provide financials.

This message was posted by a user wishing to remain anonymous We're a private company and likely are more attuned to the sensitivities of such companies. Our approach is to make our next request for the balance sheet only. It tell us if they have ...

We purchase them from credit bureaus like Experian. Those that do not report their financials, we request for a director's statement or unaudited financial s tatements. If all else fails, this is flagged as high risk and escalated, vendor needs to provide ...

This message was posted by a user wishing to remain anonymous We have been having issues obtaining financials from privately owned companies what do other companies do to assess this risk?

Hello! Our bank just did a deep dive to pivot away from OnSemble to Claromentis as our intranet provider.

This message was posted by a user wishing to remain anonymous Not sure what regulation(s) Direct access to systems is a very odd ask of a regulator. Especially if you can provide any and all documentation needed. As a Governance, Risk and Compliance ...

This message was posted by a user wishing to remain anonymous Probably best to share which regulator is asking. Practices and requirements vary. The advice will be better if those subject to the same regulator respond.

This message was posted by a user wishing to remain anonymous Hello all, Our regulators have requested direct access to our systems to help them take a holistic approach with their reviews. I am interested in your experience and thoughts on the below ...

I would like to thank all who contributed in this topic , but I am still find the answer to my question about TPRM stress testing please if any one has an concrete answers I will be appreciated best regards said

Thank you Kelly. This is very helpful. Much appreciated. Cheryl