Ace Banking And Static Awareness Book Third Edition Pdf Free Download ((INSTALL))

The purpose of this article is to heighten banker and examiner awareness of third-party risks and the effect these risks can have on financial institutions and the consumers they serve. Through examples drawn from actual examiner experiences, the authors provide some insights on identifying and managing third-party risk and how examiners assess third-party arrangements. The authors also provide a list of additional resources for further information.

We recommend that regulated firms undertake substantive and thorough due diligence when selecting third-party technology service providers. Not all providers are equal with regard to business, operational, and compliance tool offerings. Further, some regulated firms are required to have third-party service providers attest to certain and specific undertakings. If the third-party technology provider is unaware of financial service regulatory requirements, regulated entities should factor that into their decision-making. Regulated financial firms must have contractual terms combined with policies, procedures, and controls to monitor and surveil the third-party service providers' performance and adherence to the agreement(s). Further, these agreements cannot be static, but evolving as facts, circumstances, and technology evolves. Finally, regulated entities should, at a minimum, have biannual meetings with their service providers as a part of monitoring and updating processes and procedures.