LINKED: Vendor Risk Management: When It’s Done Right, It’s Never Done

Vendor risk management is a lot like counting inventory at a mom-and-pop store: It’s a continuous process. That’s one of the insights from a new article posted on the American Bankers Association (ABA) Banking Journal this week.

  • Security consultant Eric Holmquist says smaller banks often focus on two or three core vendors that post the most risk, but that smaller vendors and second-tier vendors also pose a major risk.
  • Michele Sullivan, a partner at Crowe Horwath, says that third party risk needs to be a continuous process, not just an assessment that occurs at the beginning of an engagement.
  • The expectation from regulators on third parties is that banks need to monitor their activities as if they were conducting those activities themselves.
  • There’s a shortage of talent in the market when it comes to risk management. “As the laws and regulations become more complex, and vendor risk management is a piece of that, it’s taken a toll on how many experts are available, ” says Ryan Rasske, SVP of risk and compliance at ABA.

Read the full article here, or visit our new Vendor Risk resource page.



Share this post:

Glen Gower

About the author

Glen is the director of marketing and communications at Iceberg.

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign-up to our Risk Intelligence Newsletter for updates on new content, resources and events from the Iceberg team.

We promise to respect your time and inbox!

Thank you! Please check your email to confirm your subscription.