Third-Party Vendor Management Checklist

Summary

This checklist, which is predicated on the notion that activities can be outsourced but responsibility cannot, is intended to assist practitioners and bank and nonbank boards of directors in evaluating risks related to third-party relationships and calibrating appropriate vendor risk management standards—regulatory demands and expectations continue to evolve as new laws are introduced and banks and nonbank entities alike are faced with the task of assessing, monitoring, and managing third-party vendor practices. Regulatory scrutiny frequently goes beyond regulatory entities to now impact third-party vendors.