Abstract image of a woman sitting on books and studying on a laptop

CBA EDRppt

Download as PPTX, PDF
Joe Benz, profile picture
Joe Benz

The document discusses regulatory expectations for vendor management in light of the 2008 financial crisis. Regulators now require ongoing due diligence, engagement, monitoring and oversight of third party vendors. This puts strain on financial institutions' resources. Vendor management software can help by centralizing vendor data, tracking performance metrics, and providing audit trails and reporting to facilitate compliance. The presentation focuses on how technology can help address regulatory requirements for ongoing vendor vetting, separation of duties, performance measurement, and enforcement of policies.

1 of 23
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
1 Smart Data. Smarter Workflow. Best Practices in Vendor Management Joseph Benz Regional Manager 2015 CBA Booth #302
2 EDR HISTORY • Founded 1990 • Headquarters: Shelton, CT • 260 Employees • Owned by DMG Information • More than 850 Lending Clients • Regional Compliance Summits
3 COLLATERAL360
4 COLLATERAL360 • Appraisal Management and Compliance • Tiered Environmental Reports and monitoring • Flood Certifications • Evaluations • Property Inspections • Tax Monitoring • Property Searches A central place to order, track and manage necessary reports for CRE
5 COLLATERAL360 Focus on compliance, workflow, and centralization • Live status of all reports • Bank-wide or loan specific view • Reporting abilities • See all exceptions made to loan policy • Listing of all vendors not currently “up to date” • Highlight all “issues”: delivery deadlines, expectations, revision requests • Staff and remote access
6 VENDOR MANAGEMENT Post Mortem • Vendors viewed as contributing factor in crisis • Inadequate oversight from financial institutions Why the focus on vendor management? Impact of Financial Crisis of 2008 Prior to Crisis • Vendor focus limited • Services were outsourced • So was vendor accountability Result: massive fraud and consumer distress
7 REGULATORY OVERSIGHT • OCC: Bulletin 2013-29 • OCC Bulletin 2001-47 • OCC Bulletin 2002-16: Foreign-Based Third-Party Service Providers • CFPB: Bulletin 2012-03 Service Providers • Federal Reserve: SR 13-19 Guidance on Managing Outsourcing Risk • FDIC Letter: Guidance For Managing Third-Party Risk – FDIC Compliance Manual, December 2012 – FIL-44-2008: Guidance for Managing Third-Party Risk – FIL-50-2001: Bank Technology Bulletin: Technology Outsourcing • NCUA: Supervisory Letter No.: 07-01 Multiple releases from multiple agencies
8 REGULATORY RESPONSE • Renewed regulator focus on third-party oversight  OCC, FDIC, FRB, CFPB, NCUA • Institutions must bear responsibility for supplier misdeeds • Enterprise-wide, especially executive involvement • Executive fingerprints on policy • Board of Directors involvement with policy and vendor selection • Clear process for selecting, communicating, monitoring, measuring performance of suppliers
9 Compliance as a System Board Oversight Compliance Program Compliance Audit Ownership Define Risk Define Scope Commitment Policy Training Monitoring Responsiveness Independent Periodic Transaction Testing https://www.fdic.gov/news/news/financial/ OCC Bulletin 2013-29 Mandates due diligence in selecting the third party
10 NEW REALITY • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
11 IMPACT OF REGULATIONS
12 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
13 DUE DILIGENCE Vetting your vendors • Centralized storage and tracking of vendor information: • Contact information • Appraisal licenses • E&O insurance • Coverage areas • Expertise
14 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
15 ENGAGEMENT Project versus Process • Central point for data entry • “Brick wall” separation • Automated engagement letter • Consider the appropriate vendors per policy: • Geographical expertise • Qualifications • History • Live status
16 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
17 VENDOR SCORING Tracking vendor experiences and performance, constantly • Recent Performance • Engagement Performance • Approved Expertise and Coverage Area • Instantly Verify License and E&O • Live Status OCC Bulletin 2013-29 Requires on-going and consistent monitoring
18 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
19 AUDIT TRAILS All correspondence, available when you need it
20 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, monitoring Combined, they put a strain on an already lean organization! Expectations, Summarized
21 POLICY ENFORCEMENT Enforce loan policy, vendor policy, and track exceptions Reporting • Policy exceptions • Vendor usage • License and E&O issues • Vendor performance • Response time • Quality • Invoice reports • Staff member production
22 FINAL THOUGHTS
23 Thank you! Questions or Comments: 203-265-2463 jbenz@edrnet.com CBA Booth #302

More Related Content

PPTX
The New Auditor's Report
International Federation of Accountants
 
DOC
RogersD Resume (1)
David Rogers
 
PPTX
IAASB New Auditor's Report
International Federation of Accountants
 
PPTX
SMP Committee Strategic Initiatives
International Federation of Accountants
 
PPTX
Growing Your Practice: Review, Compilation and AUP
International Federation of Accountants
 
PPTX
Confidence in Financial Reporting
International Federation of Accountants
 
PPTX
BSA/AML in the USA and AML/CTF in the Caymans
Elizabeth Baker, JD, CRCMP
 
PPTX
Growing Your Practice: Review, Compilation and Agreed-Upon Procedures Engagem...
International Federation of Accountants
 
The New Auditor's Report
International Federation of Accountants
 
RogersD Resume (1)
David Rogers
 
IAASB New Auditor's Report
International Federation of Accountants
 
SMP Committee Strategic Initiatives
International Federation of Accountants
 
Growing Your Practice: Review, Compilation and AUP
International Federation of Accountants
 
Confidence in Financial Reporting
International Federation of Accountants
 
BSA/AML in the USA and AML/CTF in the Caymans
Elizabeth Baker, JD, CRCMP
 
Growing Your Practice: Review, Compilation and Agreed-Upon Procedures Engagem...
International Federation of Accountants
 

Similar to CBA EDRppt (20)

PDF
Third-Party Oversight & Governance
EDR
 
PDF
Vendor Management Best Practices: Is Your Program Up to Par?
EDR
 
PPTX
Outsourcing and Vendor management
Raminder Pal Singh
 
PPTX
Accountability – Managing the Risks of Innovation Procurement
lisaabe
 
PDF
Audit practice manual of ICMA Pakistan By: Tariq Mahmood FCA, ACMA
michrist75
 
PPTX
Supplier Performance Management Webinar
Qualsys Ltd
 
PPTX
The Journey to World Class Presentation Contract Management - IACCM Sydney Co...
David Gee
 
PDF
Managing-Supplier-Performance-Key-Competitive-Advantage
ddodd
 
PDF
Prepare for the asc 606 revenue standard
Promapp Solutions
 
PPTX
Transwatch am lfor emailing
Graham Wicks
 
PPTX
CREDIT RATING METHODOLOGY
prekshakrai
 
PPTX
IA Watch/Assette: Advertising & Marketing Compliance Webinar on 1/26/16
Assette
 
PDF
The Evolving Regulatory Landscape: Insights for Compliance Officers
MyComplianceOffice
 
PDF
The Art & Science of Valuation - CleanTech North
bwatsonctn
 
PDF
04/28/2010 Meeting - Contract Compliance
acfesj
 
PDF
Shared Services_Compliance_credential
Gene Goziker
 
PDF
OECD, 7th Meeting on Public-Private Partnerships - Greg SMITH
OECD Governance
 
PDF
Best Practices & Considerations in “IT Suppliers Audit”
Shankar Subramaniyan
 
PPTX
Auditing_Assignment.pptxwhhwbebebebenebeb
ashkechum205
 
PDF
Gain Faster Closure, Lower Risk and Better Results with IBM Emptoris
Perficient, Inc.
 
Third-Party Oversight & Governance
EDR
 
Vendor Management Best Practices: Is Your Program Up to Par?
EDR
 
Outsourcing and Vendor management
Raminder Pal Singh
 
Accountability – Managing the Risks of Innovation Procurement
lisaabe
 
Audit practice manual of ICMA Pakistan By: Tariq Mahmood FCA, ACMA
michrist75
 
Supplier Performance Management Webinar
Qualsys Ltd
 
The Journey to World Class Presentation Contract Management - IACCM Sydney Co...
David Gee
 
Managing-Supplier-Performance-Key-Competitive-Advantage
ddodd
 
Prepare for the asc 606 revenue standard
Promapp Solutions
 
Transwatch am lfor emailing
Graham Wicks
 
CREDIT RATING METHODOLOGY
prekshakrai
 
IA Watch/Assette: Advertising & Marketing Compliance Webinar on 1/26/16
Assette
 
The Evolving Regulatory Landscape: Insights for Compliance Officers
MyComplianceOffice
 
The Art & Science of Valuation - CleanTech North
bwatsonctn
 
04/28/2010 Meeting - Contract Compliance
acfesj
 
Shared Services_Compliance_credential
Gene Goziker
 
OECD, 7th Meeting on Public-Private Partnerships - Greg SMITH
OECD Governance
 
Best Practices & Considerations in “IT Suppliers Audit”
Shankar Subramaniyan
 
Auditing_Assignment.pptxwhhwbebebebenebeb
ashkechum205
 
Gain Faster Closure, Lower Risk and Better Results with IBM Emptoris
Perficient, Inc.
 
Ad

CBA EDRppt

  • 1. 1 Smart Data. Smarter Workflow. Best Practices in Vendor Management Joseph Benz Regional Manager 2015 CBA Booth #302
  • 2. 2 EDR HISTORY • Founded 1990 • Headquarters: Shelton, CT • 260 Employees • Owned by DMG Information • More than 850 Lending Clients • Regional Compliance Summits
  • 4. 4 COLLATERAL360 • Appraisal Management and Compliance • Tiered Environmental Reports and monitoring • Flood Certifications • Evaluations • Property Inspections • Tax Monitoring • Property Searches A central place to order, track and manage necessary reports for CRE
  • 5. 5 COLLATERAL360 Focus on compliance, workflow, and centralization • Live status of all reports • Bank-wide or loan specific view • Reporting abilities • See all exceptions made to loan policy • Listing of all vendors not currently “up to date” • Highlight all “issues”: delivery deadlines, expectations, revision requests • Staff and remote access
  • 6. 6 VENDOR MANAGEMENT Post Mortem • Vendors viewed as contributing factor in crisis • Inadequate oversight from financial institutions Why the focus on vendor management? Impact of Financial Crisis of 2008 Prior to Crisis • Vendor focus limited • Services were outsourced • So was vendor accountability Result: massive fraud and consumer distress
  • 7. 7 REGULATORY OVERSIGHT • OCC: Bulletin 2013-29 • OCC Bulletin 2001-47 • OCC Bulletin 2002-16: Foreign-Based Third-Party Service Providers • CFPB: Bulletin 2012-03 Service Providers • Federal Reserve: SR 13-19 Guidance on Managing Outsourcing Risk • FDIC Letter: Guidance For Managing Third-Party Risk – FDIC Compliance Manual, December 2012 – FIL-44-2008: Guidance for Managing Third-Party Risk – FIL-50-2001: Bank Technology Bulletin: Technology Outsourcing • NCUA: Supervisory Letter No.: 07-01 Multiple releases from multiple agencies
  • 8. 8 REGULATORY RESPONSE • Renewed regulator focus on third-party oversight  OCC, FDIC, FRB, CFPB, NCUA • Institutions must bear responsibility for supplier misdeeds • Enterprise-wide, especially executive involvement • Executive fingerprints on policy • Board of Directors involvement with policy and vendor selection • Clear process for selecting, communicating, monitoring, measuring performance of suppliers
  • 9. 9 Compliance as a System Board Oversight Compliance Program Compliance Audit Ownership Define Risk Define Scope Commitment Policy Training Monitoring Responsiveness Independent Periodic Transaction Testing https://www.fdic.gov/news/news/financial/ OCC Bulletin 2013-29 Mandates due diligence in selecting the third party
  • 10. 10 NEW REALITY • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
  • 12. 12 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
  • 13. 13 DUE DILIGENCE Vetting your vendors • Centralized storage and tracking of vendor information: • Contact information • Appraisal licenses • E&O insurance • Coverage areas • Expertise
  • 14. 14 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
  • 15. 15 ENGAGEMENT Project versus Process • Central point for data entry • “Brick wall” separation • Automated engagement letter • Consider the appropriate vendors per policy: • Geographical expertise • Qualifications • History • Live status
  • 16. 16 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
  • 17. 17 VENDOR SCORING Tracking vendor experiences and performance, constantly • Recent Performance • Engagement Performance • Approved Expertise and Coverage Area • Instantly Verify License and E&O • Live Status OCC Bulletin 2013-29 Requires on-going and consistent monitoring
  • 18. 18 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, compliance Combined, they put a strain on an already lean organization! Expectations, Summarized
  • 19. 19 AUDIT TRAILS All correspondence, available when you need it
  • 20. 20 TECHNOLOGY AS A SOLUTION • Due Diligence – ongoing vetting of vendor’s license, insurance, and qualifications • Engagement – define, separate, engage • Scorecards – vendor performance measurement process • Audit trail – on all vendors • Several other areas of focus - policy enforcement governance, complaint resolution, reporting, onboarding, monitoring Combined, they put a strain on an already lean organization! Expectations, Summarized
  • 21. 21 POLICY ENFORCEMENT Enforce loan policy, vendor policy, and track exceptions Reporting • Policy exceptions • Vendor usage • License and E&O issues • Vendor performance • Response time • Quality • Invoice reports • Staff member production
  • 23. 23 Thank you! Questions or Comments: 203-265-2463 jbenz@edrnet.com CBA Booth #302