I would not recommend moving forward with an alternate vendor before reviewing evidence of an independent review. A BSA/AML transaction monitoring vendor is likely going to be high-risk, in addition to critical because of the regulatory compliance ...
Hi Christine, Industry best practice for tracking refusals on specific clauses in third-party vendor contracts typically involves a structured contract management process that ensures transparency, traceability, and accountability. Here are ...
If I find anything concerning or need further explanation, I attach the SOC report and send it to whoever the contact is for the vendor and ask for more details. I take their response and attach it to the review before marking it acceptable ...
This message was posted by a user wishing to remain anonymous We had a Qualified SOC 2 report on a well-known company. Does anyone follow up on the report for the issues? Has it led to larger concerns about the company as a whole?
Here is the form we used to create our Beneficial Ownership. I believe it is from Bankers Online.
Join a community dedicated to an area of third-party risk including contracts, infosec, risk assessments, policies, and more.
Network with others who are running very mature or complex programs at their organizations that require a unique way of thinking.
Meet, connect, and network with other users using the same third-party risk tool as you - get support and share new ideas and best practices.
Download the latest guides, infographics, samples, whitepapers, checklists, and more that can help guide you through best practices on third party risk. Visit Resources
Register and join live webinars to learn current trends and best practices from knowledgeable experts. Free CPE eligible webinars. Register Now
Make sure to sign up to our notification list and be one of the first to know about our self-paced eLearning courses.Get Notified