VyStar, based in Jacksonville, Florida, has been enjoying the kind of growth other credit unions envy. VyStar supports communities throughout Central to North Florida as well as Southeast Georgia counties. VyStar is the 16th largest credit union, by asset size of $8.5 billion, serving over 650,000 members, and is nationally ranked in the United States. But success has come with growing pains: a team of just three people was already responsible for managing 300 – 400 third-parties, with more growth coming. With the growth of the thirdparty portfolio and the demand to meeting ever-evolving regulatory requirements from its regulatory authority, the National Credit Union Administration, VyStar required an automated solution to manage the program. Franchesca Williams, Vice President of Third-Party Risk Management, VyStar Credit Union began investigating potential platform solutions with a clear vision in mind: “a complete third-party risk management program automated end-to-end, with the flexibility to adapt to VyStar’s program and accommodate our growth.”
Williams and her colleagues examined more than 50 solutions to build a “top-five” list of third parties capable of meeting their stringent requirements including: flexible risk methodologies, multi-tiered risk assessment functionality, the ability to contact and communicate with third parties, and all the tools necessary for conducting due diligence and sustained monitoring. Their RFP documented more than 100 requirements, and demanded sophisticated contract review and management functionality, including a renewal date notification system that could communicate to both internal and external partners. Although VyStar at the time had no integration requirements, they insisted on a platform that could support enterprise-level integrations and electronic signature capabilities in the future.
“ProcessUnity was the only option that met 99% of our requirements,” says Williams. “The next best came in at 90%.” For VyStar, ProcessUnity not only met crucial demands, but offered greater flexibility. “The other software systems we looked at didn’t allow administrators to change settings on their own. You had to go to the provider for an additional work order, as opposed to ProcessUnity, where all you need to do is make a few clicks. We have the ability to configure the system and make it what we want.”
Implementation began in August 2017 with a three-phase rollout that started among the internal team in December, then moved into a test pilot and a full launch. Following recommendations from ProcessUnity, VyStar used the phased approach to gain insights into the platform, and to provide sufficient training to internal teams. By June 2018, the platform was fully operational.
One of Williams’ greatest concerns was acceptance: would stakeholders inside and outside the credit union find the platform useful? “Everyone we trained found it easy to use,” she says. “They liked the visuals, the charts, the reports, and we got a great response.” Risk Assessment is now much faster. “We’ve reduced questionnaire responses from our internal stakeholders from a matter of days to just ten or twenty minutes,” Williams says. Despite a “huge uptick in workload” from the credit union’s “growth,” ProcessUnity is “helping us manage and maintain a compliant program with just a few staffers.” Before ProcessUnity’s Third-Party Risk Management platform was in place, VyStar could only actively monitor the most critical subset of its third-party list, about 30 relationships; now it has the power to monitor all 300 – 400 vendors and meet the demand as the credit union continues to grow.
“Through ProcessUnity’s automation of the risk management process,” concludes Williams, “we can manage third parties more responsibly with fewer resources.”
Get in Touch
Start the conversation with a quick introduction
Necessary cookies are absolutely essential for this website to function properly. This category only includes cookies that ensure basic functionality and security features of this website. These cookies do not store any personal information.
Functional cookies help to perform certain functions including sharing the content of this website on social media platforms, collect feedback, and other potential third-party features.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Any cookie that may not be particularly necessary for the website to function and is used specifically to collect user personal data are termed as non-necessary cookies.
Marketing cookies are used to provide visitors with relevant content and campaigns.
Undefined cookies are those that are being analyzed and have not been classified into a category as yet.
Preference cookies are used to store user preferences to provide content that is customized and convenient for the users, like the language of the website or the location of the visitor.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
