To be examined by regulators vendor would need to be a SSP (significant service provider) or TSP (technology Service provider). We contact our regulator in writing, for us its the FDIC, directly on an annual basis and request ROE's for all vendors we know are examined. We also submit a listing of new vendors added since the last request and ask if any of our new vendors are examined. We track as part of our vendor inventory if a vendor is a FFIEC TSP or SSP.
We use some I will say basic common sense when we submit our listing of new vendors to the FDIC to see if they are examined as a SSP or TSP. FFIEC resources are finite so vendors that are smaller, not providing significant services in financial services arena we generally don't include. Your regulator will want a copy of your contract for any of your vendors that are a TSP or SSP and you will only be eligible for ROE's performed after your contract effective date.
Your core provider(s) are definitely examined so ask for those. I would then work through your critical or significant technology services vendors and ask about those. In my experience the FDIC is willing to work through a reasonable listing and let you know which vendors are examined.
------------------------------
Shelly Chase
VP Operational Risk
------------------------------
Original Message:
Sent: 01-26-2024 05:29 PM
From: Anonymous Member
Subject: Report of Examination
This message was posted by a user wishing to remain anonymous
Hello,
How would we know which of our vendors are examined by regulators.
For example, could we request a ROE from FDIC, and if they don't conduct examination on that particular vendor, they would just tell us? Is there a any other way to find out?
Which of your vendors do you request the ROE?
Any input would be appreciated.