Reducing Risk in Third Party Relationships in the Financial Industry

Why Should You Attend:

As the number and complexity of relationships with third parties increases, the need for a consolidated approach toward the management and risk reduction of third parties becomes more important. The third party relationship may take many forms and address many of the FIs needs. Typically, cost controls are the reason for employing the third party. FIs may:

• Outsource entire bank functions to third parties, such as tax, legal, audit, or information technology operations.
• Outsource lines of business or products.
• Rely on a single third party to perform multiple activities, often to such an extent that the third party becomes an integral component of the bank’s operations.
• Work with third parties that engage directly with customers.
• Contract with third parties that subcontract activities to other providers.
• Work with a third party to address deficiencies in bank operations or compliance with laws or regulations.

Areas Covered in the Webinar:

• What’s a third party?
• Third party risk management life cycle
• Plans that outline the FI’s strategy
• Identify the inherent risks of the activity
• Detail how the bank selects, assesses
• Oversees the third party.
• Proper due diligence in selecting a third party.
• Written contracts that outline the rights and responsibilities of the FI and the third party
• Ongoing monitoring of the third party’s activities and performance.
• Contingency plans for terminating the relationship in an effective manner
• Clear roles and responsibilities for overseeing and managing the relationship and risk management process.
• Documentation and reporting that facilitates oversight, accountability, monitoring, and risk management.
• Independent reviews that allow the FI’s management to determine that the bank’s process aligns with its strategy and effectively manages risks.

Who will Benefit:

• Executive (VP, CEO, CFO)
• Compliance Management
• Risk Management
• Vendor Management
• Software Development
• Business Managers that employ third party providers
• Audit and Compliance Personnel
• Risk Managers
• Operations Managers
• Chief Operating Officers
• CPA Firms
• Attorneys
• Investment Management/Portfolio Managers
• Compliance Consulting Firms
• Outsourced IT Firms/Cyber Security Firms
• Client Service Managers
• Human Resources Personnel in Finance or IT

Instructor Profile:

Marc Perl brings over 30 years of professional experience to technology associates. His diverse experience includes risk management, payments processing, data security, product development, software development and software quality assurance.

During 20 years at Visa, he was a key member of Visa’s risk management team, where he developed the latest version of Visa’s third party registration system, managed the compliance program for the payment card industry data security standard (PCI DSS) and led the team that developed the business requirements for Visa’s Point-to Point encryption (P2PE) solution.

Mr. Perl continues to conduct risk reviews at financial institutions and third parties globally. As a merchant acquiring expert, he built and managed Visa’s Integrated Debit platform to support merchants such as Walmart, Radio Shack, Kmart and others.

Mr. Perl also served as project manager for Visa’s Y2K effort and assisted with the spin-off of Visa’s acquiring processor business into a joint venture with Total Systems Services (TSYS) called Vital Processing Services. In addition to his Visa experience, Mr. Perl has consulted with organizations as varied as Visa Inc., Jet Propulsion Laboratories, TSYS Acquiring Solutions and others. His early experience included computer operations, computer programming, creation of software development methodologies and software engineering.

Mr. Perl holds a BA from California State University at Northridge.

Topic Background:

Financial institutions (FI) often outsource banking functions to qualified third party service providers and software vendors. A third party relationship is any business arrangement between a bank and another entity, by contract or otherwise. This webinar provides assistance to FIs for assessing and managing risks associated with third party relationships. Regulators expect an FI to practice effective risk management regardless of whether the bank performs the activity internally or through a third party. An FI’s use of third parties does not diminish the responsibility of its Board of Directors and senior management to ensure that the banking function is performed in a safe and sound manner and in compliance with the FI’s policies and applicable laws.

Managing the third-parties is an integral aspect of the FI’s risk management function. The engagement, operation, oversight and termination of third party relationships require each FI to create and maintain a set of policies and procedures to address this risk. The framework for the policies and procedures is often provided by one of a number of federal agencies tasked with oversight of the financial industry. These agencies include, but are not limited to:

• Federal Financial Institution Examination Council (FFIEC)
• Federal Reserve System (FRB)
• Federal Deposit Insurance Corporation (FDIC)
• National Credit Union Administration (NCUA)
• Office of the Comptroller of the Currency (OCC)
• Consumer Financial Protection Bureau (CFPB)

Please note that the framework and principles that are presented in this webinar are appropriate for any organization that uses third-parties to conduct their business. Your business, despite not being an FI, will benefit from the webinar and can drive the policies and procedures that you will use to establish and maintain an effective relationship with your third-party partners.

Follow us :