BankBryanCave.com

Bank Bryan Cave

Third Party Relationships

Main Content

Part 2 of Reviewing Third Party Vendor Service Contracts, a Seven Part Guide

September 6, 2016

Authors

Jerry Blanchard

Part 2 of Reviewing Third Party Vendor Service Contracts, a Seven Part Guide

September 6, 2016

by: Jerry Blanchard

This is part 2 of a Seven Part Guide to reviewing vendor contracts. Part 1 can be found here, and other parts can be found here.

Recitals.

Some contracts will contain several “WHEREAS” clauses at the inception of the document followed by a recitation of various facts about the parties and what they are trying to accomplish by entering into the contract. From a pure legal standpoint, “WHEREAS” clauses are not required but many parties like to include them to properly set the stage for what is to come afterwards. If they are included, the bank needs to review them, particularly those that describe the parties and the services that the vendor will perform. The recitals provide for an introduction to the parties and provide a high level overview of their agreement. It is a bit like looking at a topographical map and following two streams as

Read More

Reviewing Third Party Vendor Service Contracts, a Seven Part Guide

August 30, 2016

Authors

Jerry Blanchard

Reviewing Third Party Vendor Service Contracts, a Seven Part Guide

August 30, 2016

by: Jerry Blanchard

Introduction

Managing third party vendor relationships has always been an important function in banks. More recently it has become a hot topic for state and federal financial bank regulators. The increasing complexity of what vendors are doing for banks and the related attention to cybersecurity threats all contribute to the greater scrutiny. The 2016 white paper by the OCC, “Supporting Responsible Innovation in the Federal Banking system: An OCC Perspective,” is just one of several guidance documents issued by the federal financial regulators over the past five years that focus to a large extent on third parties providing services and technology to banks. Significantly, some examinations have resulted in the regulators imposing settlements and impose civil money penalties on vendors. Previous to the OCC white paper, the CFPB issued third party guidance in 2012, the FFIEC provided guidance on IT service vendors in 2012 and

Read More

A Significant Change in the Regulatory Oversight of Third-Party Relationships

April 7, 2014

Authors

Bryan Cave

A Significant Change in the Regulatory Oversight of Third-Party Relationships

April 7, 2014

by: Bryan Cave

Both Banks and Their Vendors Must Pay Attention

Introduction

First there was the bulletin about third-party vendors issued by the Consumer Financial Protection Bureau (CFPB) in April 2012. Then it was the FFIEC’s guidance on IT service providers in October 2012.  Next came the FDIC’s September 2013 Financial Institution Letter about payment-processing relationships with high-risk merchants.  Then there was the news on October 30, 2013 about the OCC’s guidance on third-party relationships, followed shortly by the Federal Reserve Board’s guidance on managing outsourcing risks in December 2013.

Let’s face it. There has always been guidance and concern about banks and their relationships with third-party service providers. But in recent years it has become quite obvious that the bar has been raised on how banks relate to their third-party processors, program managers, and other service providers. These

Read More

Regulators Go After Banks for Vendor Management

February 20, 2014

Authors

Bryan Cave

Regulators Go After Banks for Vendor Management

February 20, 2014

by: Bryan Cave

While the issue of vendor oversight and management is not new to the financial services industry, recent enforcement actions by the Office of the Comptroller of the Currency (OCC) and the Consumer Financial Protection Bureau (CFPB) manifest heightened attention by federal regulators.  A bank’s board of directors is required to remain vigilant to the hazards posed by outsourcing functions to third parties, or else risk significant financial and reputational harm to its institution.

Federal regulators traditionally have looked with an understanding, yet skeptical, eye towards the issue of outsourcing. Current guidance is clear, however, as to where the responsibility lies. As summarized by the Federal Deposit Insurance Corp. (FDIC) in FIL-44-2008, “An institution’s board of directors and senior management are ultimately responsible managing activities conducted through third-party relationships, and identifying and controlling the risks arising from such relationships, to the same extent as if the activity were handled within the

Read More

Five Practical Tips To Manage Your Vendor Risk…

February 6, 2014

Authors

Bryan Cave

Five Practical Tips To Manage Your Vendor Risk…

February 6, 2014

by: Bryan Cave

… and not micromanage your vendors!

A cursory review of the Risk Management Guidance issued by the Office of the Comptroller of the Currency (OCC), and similar guidance from the Federal Reserve, may impart the notion that a financial institution is obligated to essentially run its vendor’s business as well as its own, meticulously examining every policy and procedure for each of its vendors and testing operational compliance issues. (See OCC Bulletin 2013-29 Third-Party Relationships (October 30, 2013))

Despite the initial impression, a financial institution can implement a vendor management and monitoring program that is both prudent and practical.  Focusing on both the spirit and detail of the regulatory guidance can be essential. Institutions have an overarching obligation to manage their risk and ensure that vendors are conducting business in a way which is “safe and sound and in compliance with all applicable laws.” The level of risk and

Read More
The attorneys of Bryan Cave LLP make this site available to you only for the educational purposes of imparting general information and a general understanding of the law. This site does not offer specific legal advice. Your use of this site does not create an attorney-client relationship between you and Bryan Cave LLP or any of its attorneys. Do not use this site as a substitute for specific legal advice from a licensed attorney. Much of the information on this site is based upon preliminary discussions in the absence of definitive advice or policy statements and therefore may change as soon as more definitive advice is available. Please review our full disclaimer.