Due Diligence and Ongoing Monitoring

 View Only
Expand all | Collapse all

Due Diligence for the FRB

  • 1.  Due Diligence for the FRB

    Posted 03-23-2023 10:01 AM

    Hi All,

    For those of you in the financial industry, can you tell me what you do as far as performing Due Diligence or Periodic Reviews on the Federal Reserve Bank? 

    We recently contracted with our VM software vendor to assist with their review this year. Our vendor said we may want to pick another vendor, because the FRB does not answer questionnaires and provides little documentation. The only documentation we are able to obtain is financials, so other than that, there is very little information to review. We may as well do that ourselves. 

    I'm curious as to what the rest of you that utilize the FRB are doing for Due Diligence on them.

    Thanks so much! 



  • 2.  RE: Due Diligence for the FRB

    Posted 03-23-2023 10:11 AM

    Good Morning, 

    Here at our financial institution the Vendor Management Policy scopes out Government Agencies, see sample below; 

    Further, vendor relationships that meet any of the following relevancy criteria may be treated as exceptions


    (i.e., this policy does not apply).
     Appraisers
     Legal services provided by licensed attorneys
     Charitable contributions
     Direct marketing costs/supplies
     Furniture, equipment and supplies
     Facilities expenses (including rent and landscaping)
     Government agency expenses (e.g. taxes)
     Loan related expenses (e.g., condo doc fees)
     Professional dues, education and subscriptions
     REO/Foreclosure expenses
     Utilities
     General Corporate Expenses

    It is merely impossible to obtain IT related data to complete for SOC1 or SOC2 assessments. We have not had any challenges from our regulators relative to our policy. (knock on wood, no jinx). 

    Hope this helps



    ------------------------------
    Julio Hernandez
    ------------------------------



  • 3.  RE: Due Diligence for the FRB

    Posted 03-23-2023 11:18 AM

    Hi Julio,

     

    Thanks so much for this information. It is very helpful. If you have some time, I'd like to ask you a couple additional questions, offline.

     

    Please email me at [Email has been removed by the Community Manager for privacy reasons. You can access the member's contact information by clicking their name, which will redirect to their profile] if that works for you.

     

    Much appreciated.

     

    Cheryl

     






  • 4.  RE: Due Diligence for the FRB

    Posted 03-23-2023 12:55 PM

    I agree with Julio.




  • 5.  RE: Due Diligence for the FRB

    Posted 03-23-2023 02:14 PM

    Hi Katherine,

     

    So, you consider the FRB exempt too?

     

    Cheryl

     






  • 6.  RE: Due Diligence for the FRB

    Posted 03-23-2023 02:47 PM

    I would not consider FRB as a third party supplier.  Even though they may provide services, they are a regulatory agency as well.

    Current functions of the Federal Reserve System include:

    • To address the problem of banking panics
    • To serve as the central bank for the United States
    • To strike a balance between private interests of banks and the centralized responsibility of government
      • To supervise and regulate banking institutions
      • To protect the credit rights of consumers
    • To manage the nation's money supply through monetary policy to achieve the sometimes-conflicting goals of
      • maximum employment
      • stable prices, including prevention of either inflation or deflation[27]
      • moderate long-term interest rates
    • To maintain the stability of the financial system and contain systemic risk in financial markets
    • To provide financial services to depository institutions, the U.S. government, and foreign official institutions, including playing a major role in operating the nation's payments system
      • To facilitate the exchange of payments among regions
      • To respond to local liquidity needs
    • To strengthen U.S. standing in the world economy



  • 7.  RE: Due Diligence for the FRB

    This message was posted by a user wishing to remain anonymous
    Posted 03-23-2023 03:31 PM
    This message was posted by a user wishing to remain anonymous

    We do not perform due diligence on the FRB.  Our VM policy excludes those we cannot influence or hold accountable. We also exclude government or regulatory agencies (which includes federal banking agencies).




  • 8.  RE: Due Diligence for the FRB

    Posted 03-23-2023 04:29 PM

    We created a due diligence matrix specific for financial institutions including the Federal Reserve.  For the Fed we pull the annual financial statements for our Fed bank and the annual Federal Reserve Board of Governors report.  



    ------------------------------
    Shelly Chase
    VP Operational Risk
    ------------------------------



  • 9.  RE: Due Diligence for the FRB

    Posted 03-24-2023 09:44 AM

    Hi Shelly,

     

    I would love to see your matrix, if that's something you can share. Please email me directly if that works.

     

    Thanks so much!

     

    Cheryl Turner, CRVPM II

    Vendor Manager





  • 10.  RE: Due Diligence for the FRB

    Posted 03-24-2023 11:17 AM

    Happy to share, a little context.  We have vendor categories that we exclude from TPRM completely by policy (like utilities, municipalities) and vendor categories that we exempt from our standard due diligence requirements or have separate and distinct due diligence requirements for such as financial institutions.  Part of developing the below for financial institutions was thinking about what we think its reasonable to provide as a third party to another financial institution and developing a matrix that manages the risk for such heavily regulated entities that doesn't ask for more than we would be willing to give. 

    Required Due Diligence- Banks, Financial Institutions and GSEs

    Risk

    Due Diligence

    Reputational Risk

    ·        Data base

    ·        Ongoing reputation monitoring

    Financial Risk

    ·        FFIEC UBPR (Uniform Bank Performance Report)

    ·        Third party report (DNBi, LexisNexis or similar)

    ·        10-K (if public)

    ·        Annual Report (if available)

    Regulatory Risk

    ·        Enforcement Actions (FED, FDIC, OCC)

    ·        FFIEC CRA Rating

    Data Privacy Risk

    ·        NDA/Confidentiality (If contract/SLA contains NDA/confidentiality, separate NDA not required)

    Operational Risk

    ·        Contract/Service Agreement

    For GSEs supervised by FHFA (Federal Housing Finance Agency) including Fannie Mae and Federal Home Loan Banks (FHLB) will additionally obtain a copy of annual reports to Congress.

    For Federal Reserve Bank(s) will additionally obtain a copy of the Federal Reserve Board of Governors annual report.



    ------------------------------
    Shelly Chase
    VP Operational Risk
    ------------------------------



  • 11.  RE: Due Diligence for the FRB

    Posted 03-27-2023 01:23 PM

    How awesome! I needed that too, thank you Michelle.

     

     






  • 12.  RE: Due Diligence for the FRB

    Posted 03-23-2023 03:32 PM

    Awesome. Thanks for the information.

     

    Cheryl