Due Diligence and Ongoing Monitoring

 View Only
  • 1.  LexisNexis Risk Assessment

    This message was posted by a user wishing to remain anonymous
    Posted 07-05-2022 05:14 PM
    This message was posted by a user wishing to remain anonymous

    We use LexisNexis as an additional tool for customer due diligence (e.g., address verification, derogatory media, TIN status, company formation information). As a data aggregator, the vendor is not Critical, but I am not sure if the vendor should be classified as High Risk and how much due diligence documentation, I should obtain to complete a Risk Assessment. Looking forward to your comments on the best practices being used by those who have LexisNexis as a vendor.

    Thanks.


  • 2.  RE: LexisNexis Risk Assessment

    Posted 07-06-2022 10:01 AM

    We currently also use LexisNexis as an additional tool to supplement research we may need to conduct in certain circumstances. I do not view this vendor as  critical to our every day business functions, however, I am absolutely placing sensitive and at times NPI into the system for a due diligence assessment. I treat them as a tier 2 vendor, which does require a good amount of documentation for initial due diligence, just not on-going outside of collecting updated E&O policies as applicable.

     

     

     

    Meg Swinehart

    Vice President, Quality Assurance

     

    Description: <a href=image002.png@01D1F2F1.2B8FF5B0">