The Office of the Comptroller of Currency recently sent a bulletin regarding third party relationship OCC 2013-29 – Third-Party Relationships & Risk Management Guidance
Highlights
1. A bank should adopt risk management processes commensurate with the level of risk and complexity of its third-party relationships.
2. A bank should ensure comprehensive risk management and oversight of third-party relationships involving critical activities
3. An effective risk management process throughout the life cycle of the relationship includes:
- plans that outline the bank’s strategy, identify the inherent risks of the activity, and detail how the bank selects, assesses, and oversees the third party.
- proper due diligence in selecting a third party.
- written contracts that outline the rights and responsibilities of all parties.
- ongoing monitoring of the third party’s activities and performance.
- contingency plans for terminating the relationship in an effective manner.
- clear roles and responsibilities for overseeing and managing the relationship and risk management process.
- Documentation and reporting that facilitates oversight, accountability, monitoring, and risk management.
- Independent reviews that allow bank management to determine that the bank’s process aligns with its strategy and effectively manages risks.
GET HELP WITH THIRD PARTY COMPLIANCE
The OCC is concerned that the quality of risk management over third-party relationships may not be keeping pace with the level of risk and complexity of these relationships. The OCC has identified instances in which bank management has
• failed to properly assess and understand the risks and direct and indirect costs involved in third party relationships.
• failed to perform adequate due diligence and ongoing monitoring of third-party relationships.
• entered into contracts without assessing the adequacy of a third party’s risk management practices.
• entered into contracts that incentivize a third party to take risks that are detrimental to the bank or its customers, in order to maximize the third party’s revenues.
• engaged in informal third-party relationships without contracts in place.
These examples represent trends whose associated risks reinforce the need for banks to maintain effective risk management practices over third-party relationships.
ProcessUnity’s Vendor Risk Management solution helps banks and financial institutions comply with OCC guidance and reduces the costs of managing third party risks. For more information please read our white paper: Four Keys to Creating a Vendor Risk Management Program That Works
Related Articles
ProcessUnity Recognized as a Leader in...
Leading research firm provides the company with the highest scores in the Current Offering and..
Learn More
ProcessUnity and Interos Partner to Enable...
Integration to unify third-party risk management across the enterprise and increase confidence in cyber and..
Learn More
ProcessUnity Introduces Industry’s All-In-One Third-Party Risk...
Completes Integration with Global Risk Exchange; Augments Resources to Extend Coverage to More Outsourced Service..
Learn More
ProcessUnity Named Winner of the Black...
Company recognized for having the potential to achieve a $1B valuation ProcessUnity, provider of comprehensive..
Learn More
ProcessUnity Achieves ISO/IEC 27001 Certification for...
Leader in helping organizations manage third-party risk verifies its data security practices with compliance for..
Learn More
ProcessUnity and CyberGRX Combine to Form...
Combined Company Integrates the Full Third-Party Risk Lifecycle, Enabling a Collaborative Risk Assessment Process Between..
Learn More
ProcessUnity Closes 2022 with Significant Growth,...
Record-Setting Year Shaped by Third-Party Risk Management Innovation, Demand for Cybersecurity Performance Management Tools Concord,..
Learn More
The Boston Globe Names ProcessUnity a...
Magazine honors the best employers in Massachusetts CONCORD, MASS - DECEMBER 07, 2022 – ProcessUnity,..
Learn More
ProcessUnity Acquires AI/NLP Technology from ISMS...
Extends Artificial Intelligence Capabilities for Analyzing Third-Party Risk Data CONCORD, MASS. – NOVEMBER 01, 2022..
Learn More
ProcessUnity 2022 Customer Summit Highlights Trends,...
Thought Leadership Conference Returns In-Person: Customers, Partners and Industry Experts Collaborate on Risk Innovation, Third-Party..
Learn More
The Boston Globe Names ProcessUnity a...
Magazine honors the best employers in Massachusetts CONCORD, MASS - DECEMBER 02, 2021 – ProcessUnity,..
Learn More
ProcessUnity Announces Significant Growth Investment from...
CONCORD, MASS – SEPTEMBER 28, 2021 – ProcessUnity, a leading provider of third-party risk and..
Learn More
ProcessUnity Wins Two Global InfoSec Awards...
Awards Validate Market Authority with Recognition in IT Vendor Risk Management, Third-Party Risk Management CONCORD,..
Learn More
ProcessUnity 2021 Virtual Customer Summit Features...
Thought Leadership Conference Goes Online to Connect Customers, Partners and Industry Experts on Risk and Compliance Innovations CONCORD, MASS. – May 18,..
Learn More
ProcessUnity Enhances Third-Party Risk Management Programs...
ProcessUnity Vendor ESG Intelligence Leverages Environmental, Social and Governance (ESG) Ratings for Informed Vendor Due..
Learn More
ProcessUnity and HCL Technologies Partner to...
ProcessUnity Vendor Risk Management Platform to Power HCL Managed Services for Third-Party Risk Management CONCORD,..
Learn More
ProcessUnity Launches Vendor Screening Intelligence Powered...
Offering Accelerates and Informs Vendor Onboarding, Due Diligence and Ongoing Monitoring CONCORD, MASS. – April..
Learn More
ProcessUnity Extends Third-Party Risk Management Market...
Demand for Next-Generation Vendor Risk Automation Tools, Partner Ecosystem Expansion Pace Fast Start to 2021..
Learn More
ProcessUnity Launches Vendor Identity Intelligence to...
Targeted Intelligence Provides Crucial Insight into Vendor Identity and Ownership for Onboarding and Due Diligence CONCORD, MASS. – April 5, 2021 – ProcessUnity, a leading..
Learn More
ProcessUnity VRM Essential Edition Brings Full-Featured...
New Offering Brings New Levels of Efficiency and Expertise to Small Vendor Risk Management Teams..
Learn More
Idaho Central Credit Union Selects ProcessUnity...
Automates Workflows, Assessments and Due Diligence with Vendor Cyber Intelligence Solution CONCORD, Mass., March 09,..
Learn More
ProcessUnity Introduces Third-Party Risk Assessment Service...
Third-Party Risk Assessment Outsourcing Service Increases Scale, Extends Risk Expertise and Reduces Risk from Vendors..
Learn More
ProcessUnity Introduces Third-Party Risk Assessment Service...
Third-Party Risk Assessment Outsourcing Expands Risk Expertise for Greater Scale, Enhances Business Insight into Vendors and..
Learn More
ProcessUnity Introduces Cybersecurity Program Management Solution
Industry's First Comprehensive, Prepackaged Solution to Effectively Manage an Organization's Cybersecurity Program CONCORD, MASS. – December 1, 2020 – ProcessUnity, a leading..
Learn More
ProcessUnity and Dun & Bradstreet Partnership...
Data Integration Provides Expanded Insight into Financial Health of Vendors and Suppliers CONCORD, MASS. – October 20, 2020 – ProcessUnity, a leading provider of cloud-based applications for..
Learn More
Meridian Bank Selects ProcessUnity to Streamline...
Automated Workflows, Assessments and Processes Modernize Third-Party Risk Management CONCORD, MASS. – October 14, 2020 – ProcessUnity, a leading provider of cloud-based applications for risk and compliance..
Learn More
ProcessUnity and RiskRecon Partner to Provide...
Partnership increases visibility into the security of key business partners Concord, MA, and Salt Lake..
Learn More
ProcessUnity Vendor Risk Management Now Available...
CONCORD, MASS. – SEPTEMBER 8, 2020 – ProcessUnity, a leading provider of cloud-based applications for..
Learn More
ProcessUnity Launches Vendor Financial Intelligence Powered...
Offering Provides Crucial Insight into Financial Health of Vendors and Suppliers CONCORD, MASS. – JULY..
Learn More
ProcessUnity’s Amanda Giroux Honored as One...
Director of Alliances at ProcessUnity Recognized as an Influential Channel Leader for the Second Consecutive..
Learn More
ProcessUnity Introduces Vendor Intelligence Suite, Launches...
First in a Series of ProcessUnity Vendor Intelligence Capabilities Integrates Cybersecurity Ratings for Complete Vendor..
Learn More
Edna Conway Joins the ProcessUnity Board...
New Appointment Adds Cybersecurity and Risk Management Expertise CONCORD, MASS. – April 22, 2020 –..
Learn More
ProcessUnity Wins Two Awards for Vendor...
ProcessUnity Named Next-Gen Leader of Third-Party Risk Management and IT Vendor Risk Management CONCORD, MASS...
Learn More
Businesses Can Quickly Assess Third Parties...
Complimentary Questionnaire Provides Baseline for Third-Party Risk Management Teams to Survey Vendor Populations CONCORD, MASS...
Learn More
ProcessUnity Expands Vendor Risk Management Software...
New Out-of-the-Box Configuration Provides Quick-to-Deploy, Comprehensive Solution for Third-Party Risk Management CONCORD, MASS. – February..
Learn More
ProcessUnity Extends Vendor Risk Management Market...
Third-Party Risk Management Automation Demand, Increased Industry Recognition Fuel 2019 Results CONCORD, MASS. – January..
Learn More
Elaine Beitler Joins the ProcessUnity Board...
New Appointment Amplifies Vendor Risk Management Momentum CONCORD, MASS. – December 17, 2019 – ProcessUnity,..
Learn More
ProcessUnity Positioned by Gartner in the...
ProcessUnity Achieves the Highest Overall Position for Ability To Execute CONCORD, MASS. – December 4,..
Learn More
ProcessUnity Promotes Sean Cronin to CEO
CONCORD, MASS. – November 19, 2019 – ProcessUnity, a leading provider of cloud-based software for..
Learn More
The Boston Globe Names ProcessUnity a...
Magazine Honors the Best Employers in Massachusetts CONCORD, MASS. – November 18, 2019 – ProcessUnity,..
Learn More
ProcessUnity Awarded Two Cyber Defense Global...
Award Recognition Further Validates ProcessUnity’s Leadership in Vendor Risk Management CONCORD, MASS. – October 23,..
Learn More
ProcessUnity and Sila Partner to Deliver...
Sila Adds ProcessUnity’s Industry-Leading Third-Party Risk Management Platform to its Portfolio CONCORD, MASS. – October..
Learn More
ProcessUnity Expands Contract Management Capabilities in...
New Contract Terms Tracking Provides Greater Visibility into Vendor Commitments and Obligations CONCORD, MASS. –..
Learn More
ProcessUnity Recognized as a Leading Provider...
CONCORD, MASS. – August 29, 2019 – ProcessUnity, a leading provider of cloud-based applications for..
Learn More
Elements Alternative and ProcessUnity Announce Strategic...
Elements Alternative adds industry-leading ProcessUnity platform to its portfolio CONCORD, MASS. – July 19, 2019..
Learn More
ProcessUnity and DVV Solutions Partner to...
DVV Solutions Adds Industry-Leading ProcessUnity Platform to Its Expanding Managed Services Portfolio CONCORD, MASS. –..
Learn More
ProcessUnity Updates Intelligent Risk and Compliance...
Flexible, Powerful Automation Makes Risk and Compliance Programs More Effective and Efficient CONCORD, MASS. –..
Learn More
ProcessUnity Launches New Partner Program to...
Provides Technology and Co-Marketing Support to Help Partners Solve Business Governance Challenges CONCORD, MASS. –..
Learn More
ProcessUnity’s Amanda Giroux Honored as One...
Director of Alliances at ProcessUnity Recognized as an Influential Channel Leader CONCORD, MASS. – May..
Learn More
New Risk and Compliance Platform Release,...
ProcessUnity Customers, Partners and Industry Experts Gather to Shape Best Practices in Risk and Compliance CONCORD,..
Learn More
EY, BitSight and RapidRatings to Sponsor...
Leading Organizations to Share Expertise and Best Practices at Signature Risk and Compliance Conference CONCORD, MASS...
Learn More
ProcessUnity Vendor Risk Management Update Extends...
Industry-Standard Assessment Combined with Powerful Automation Tools Enhance Vendor Risk Management Speed and Efficiency CONCORD,..
Learn More
ProcessUnity Accelerates Growth in 2018
Demand for Third-Party Risk Management Automation, Channel Expansion Fuel Fourth-Straight Record Year CONCORD, MASS. –..
Learn More
Registration Opens for 2019 ProcessUnity Customer...
Customers, Partners and Industry Experts to Gather to Share Best Practices in Risk and Compliance..
Learn More
ProcessUnity Launches Newest Version of Its...
Enhanced Workflow Capabilities, Dashboard Visualizations, Assessment Automation and Formalized Change Management Highlight the Fall 2018..
Learn More
ProcessUnity Recognized in Gartner Critical Capabilities...
CONCORD, MASS. – November 14, 2018 – ProcessUnity, a leading provider of cloud-based applications for..
Learn More
ProcessUnity Appoints New Board Members to...
CONCORD, MASS, -- October 30, 2018 - ProcessUnity, a leading provider of cloud-based solutions for..
Learn More
ProcessUnity Announces Majority Growth Capital Investment...
CONCORD, MASS. – September 18, 2018 – ProcessUnity, a leading provider of cloud-based software for..
Learn More
ProcessUnity Vendor Risk Management Update Adds...
Industry-Standard Assessment Combined with Powerful Automation Tools Enhance Vendor Risk Management Speed and Efficiency CONCORD,..
Learn More
ProcessUnity Continues Fast Growth in 2017
Partner Ecosystem and Demand for Third-Party Risk Management Automation Fuel Third-Straight Record Year CONCORD, MASS...
Learn More
Farmer Mac Selects ProcessUnity for Third-Party...
CONCORD, MASS. – October 31, 2017 – ProcessUnity, a leading provider of cloud-based solutions for..
Learn More
ProcessUnity Introduces New Version of its...
Fall 2017 Release Includes More Configuration Options, Tools to Reduce Vendor Risk Management Fatigue CONCORD,..
Learn More
New Risk and Compliance Platform Release,...
ProcessUnity Customers, Partners and Industry Experts Gather to Discuss Best Practices in Risk and Compliance..
Learn More
ProcessUnity Extends 2017 Customer Summit with...
CONCORD, Mass., September 22, 2017 - ProcessUnity, a leading provider of cloud-based solutions for risk management,..
Learn More
ProcessUnity Appoints Sean Cronin, Richard Wastcoat...
CONCORD, Mass., September 7, 2017 - ProcessUnity, a leading provider of cloud-based solutions for risk management,..
Learn More
BitSight Provides ProcessUnity Customers Access to...
CAMBRIDGE and CONCORD, Mass., August 2, 2017 - BitSight, the Standard in Security Ratings, and ProcessUnity,..
Learn More
VyStar Credit Union Selects ProcessUnity Vendor...
CONCORD, MASS. – July 25, 2017 – ProcessUnity, a leading provider of cloud-based solutions for..
Learn More
ProcessUnity Recognized by Gartner as a...
CONCORD, MASS. – July 20, 2017 – ProcessUnity, a leading provider of cloud-based solutions for..
Learn More
RapidRatings, ProcessUnity Partnership Helps Organizations Gain...
Technology integration delivers Financial Health analytics to the third-party due diligence process NEW YORK, NY..
Learn More
ProcessUnity and NominoData Partner to Enrich...
CONCORD, MASS. – MAY 2, 2017 – ProcessUnity, a leading provider of cloud-based solutions for..
Learn More
Cadence Bank, N.A. Selects ProcessUnity Vendor...
CONCORD, MASS. – March 14, 2017 – ProcessUnity, a leading provider of cloud-based solutions for..
Learn More
ProcessUnity Updates Risk and Compliance Management...
Newest Version of Cloud-based Suite Expands Reporting and Dashboard Capabilities; Increases Configuration Options CONCORD, MASS...
Learn More
SecurityScorecard Provides ProcessUnity Vendor Risk Customers...
Technology partnership offers, within one single platform, a comprehensive look into risk of doing business..
Learn More
Demand for Third-Party Risk Management and...
Cloud-Based Risk Solutions Drive Record Customer and Revenue Growth in 2016 CONCORD, MASS. – January..
Learn More
ProcessUnity Updates Risk and Compliance Management...
Newest Version of Cloud-based Suite Adds SLA Tracking, Customer-Defined Subject Areas and Microsoft Word Integration..
Learn More
ProcessUnity to Host TRID Compliance and...
CONCORD, MASS. – May 10, 2016 – ProcessUnity, a leading provider of cloud-based applications for..
Learn More
ProcessUnity Hosts Inaugural Customer Summit
Industry Experts and Customers Gather to Discuss Top Trends in Third-Party Risk and Offer Management..
Learn More
ProcessUnity Integrates its Third-Party Risk Management...
SIG Integration Improves Assessment Accuracy, Shortens Response Times and Reduces Administrative Burdens for Both Organizations..
Learn More
Global Lending Services Selects ProcessUnity for...
CONCORD, MASS. – March 22, 2016 – ProcessUnity, a leading provider of cloud-based applications for..
Learn More
ProcessUnity and Argos Risk Partner to...
Integration Delivers 24/7 Real-Time Risk Mitigation for Vendor Risk Management MINNEAPOLIS, MN AND CONCORD, MA..
Learn More
ProcessUnity and CastleHill Partner to Deliver...
CONCORD, MASS. – February 16, 2016 – ProcessUnity and CastleHill Managed Risk Solutions today announced..
Learn More
ProcessUnity Introduces Cloud-Based Policy and Procedure...
Online System Streamlines Policy Creation, Distribution, Certification and Updates CONCORD, MASS. – January 25, 2016..
Learn More
Demand for Third-Party Risk Management, Product...
Cloud-Based Risk Solutions Power Record Customer and Revenue Growth in 2015 CONCORD, MASS. – January..
Learn More
ProcessUnity Names Sean Cronin President
Promotion Reflects Record 2015 Results and Customer Success Metrics Concord, Mass. — January 5, 2016..
Learn More
Safety Insurance Group Selects ProcessUnity for...
CONCORD, MASS. – December 16, 2015 – ProcessUnity, a leading provider of cloud-based solutions for..
Learn More
Viewpost Selects ProcessUnity Vendor Cloud for...
CONCORD, MASS. – December 15, 2015 – ProcessUnity, a leading provider of cloud-based applications for..
Learn More
Vendor Risk Management Portal, Analytics Database...
Newest Version of Cloud-based Risk and Compliance Platform Streamlines Vendor Self-Assessments, Powers Advanced Analytics CONCORD,..
Learn More
Gateway Mortgage Group Selects ProcessUnity for...
CONCORD, MASS. – November 10, 2015 – ProcessUnity, a leading provider of cloud-based applications for..
Learn More
ProcessUnity Launches Newest Version of its...
Salesforce and Microsoft Office Integration, Third-Party Risk Management Enhancements Highlight Summer 2015 Release CONCORD, MASS...
Learn More
ProcessUnity Infographic: Where are Benefit Plan...
CONCORD, MASS. – December 4, 2014 – ProcessUnity today introduced a visual guide to help..
Learn More
NTFN Selects ProcessUnity Vendor Cloud for...
CONCORD, MASS. – November 18, 2014 – ProcessUnity, a leading provider of cloud-based applications for..
Learn More
ProcessUnity Introduces Third-Party Risk Management Solution...
CONCORD, MASS. – November 10, 2014 – ProcessUnity today introduced Vendor Cloud Community Bank Edition..
Learn More
ProcessUnity and Deloitte to Co-Present at...
Presentation will outline steps for achieving service delivery excellence for retirement services providers WHO: ProcessUnity..
Learn More
Survey: Understanding Service Value is the...
Executives from Retirement, Health and Insurance, and Equity Compensation Organizations Sound Off to Improve Client..
Learn More
GRC Expert Sean Cronin Joins ProcessUnity...
Signals Growing Market Demand for Vendor Risk Management Solutions CONCORD, MA — ProcessUnity, a leading..
Learn More
ProcessUnity Expands SDRM Team With Key...
ProcessUnity, a leading provider of cloud-based application software, today announced key additions to its team..
Learn More
ProcessUnity to Host “The Vendor Manager’s...
Enterprise risk management expert John Nye will examine ways to manage vendor risk and implement..
Learn More
Andrew Cacossa Joins ProcessUnity to Lead...
Prominent GRC Sales Leader Accelerates Company Expansion ProcessUnity, a leading provider of cloud-based application software,..
Learn More
John Nye to Speak on Risk...
Session will highlight the importance of improving and refining enterprise security processes WHO: John Nye,..
Learn More
Risk Management Expert John Nye Joins...
Risk Assessment and Security Industry Veteran to Lead Risk Suite Business Concord, MA — September..
Learn More
ProcessUnity Introduces SDRM Service Delivery Risk...
SDRM Delivers an Innovative Platform for Financial Service Providers to Control Service Offerings for Greater..
Learn More
Lisa Weil Named to SPARK Institute’s...
ProcessUnity Vice President Will Help Shape National Policy for the Retirement Services Industry Washington, DC..
Learn More
Lisa Weil Joins ProcessUnity Leadership Team
Financial services industry executive to lead SDRM business Concord, MA — April 30, 2013 —..
Learn More
“Venture Funding Arrives On Time for...
The Worcester Business Journal covered ProcessUnity’s recent funding announcement: For the first time in its..
Learn More
ProcessUnity Raises $5 Million, Round Led...
Funding to Boost Marketing and Distribution of Company’s Risk Management Solutions Concord, MA — April..
Learn More
ProcessUnity & KLC Consulting Offer Integrated...
Concord, MA, April 23, 2012 – ProcessUnity and KLC Consulting today announced a partnership to..
Learn MoreAbout Us
ProcessUnity is a leading provider of cloud-based applications for risk and compliance management. The company’s software as a service (SaaS) platform gives organizations the control to assess, measure, and mitigate risk and to ensure the optimal performance of key business processes. ProcessUnity’s flagship solution, ProcessUnity Vendor Risk Management, protects companies and their brands by reducing risks from third-party vendors and suppliers. ProcessUnity helps customers effectively and efficiently assess and monitor both new and existing vendors – from initial due diligence and onboarding through termination. Headquartered outside of Boston, Massachusetts, ProcessUnity is used by the world’s leading financial service firms and commercial enterprises. For more information, visit www.processunity.com.