Vendor Management and Oversight

Growth through Oversight and Mitigation

Against the backdrop of heightened investigations and enforcement actions, the Collingwood Group’s Vendor Management and Oversight team helps clients comply with third party vendor management requirements in an ever-changing regulatory environment.

An overall objective of our services is to provide our clients with a detailed roadmap to ensure on-going regulatory compliance and to mitigate enterprise, operational and reputational risk associated with their utilization of third party vendors. We focus on all third party vendor activities and outsourced functional business areas, with particular emphasis on those vendors who interact directly with consumers or whose functions potentially impact an institution’s safety and soundness assessment.

We assist our clients to enhance their understanding of, and operational readiness regarding, applicable regulatory guidance published to date by:

As a Washington, DC based firm, The Collingwood Group provides clients up to date industry knowledge of and business intelligence regarding the evolving financial services regulatory landscape, DC relationships and the benefit of routine interactions with regulators, in additional to significant and practical hands-on experience selecting, managing and overseeing third party vendor relationships.

Compliance Obligations and Requirements

It is no longer sufficient for financial services firms to simply qualify third party service providers. Today, financial services firms (including many non depositories who previously were not subject to regulatory oversight) are required to qualify, diligence and actively monitor their third party service providers for ongoing compliance with applicable statutes and regulations. These compliance obligations are particularly heightened in connection with the utilization of third party service providers who interact directly with consumers, as they relate to UDAAP, the ability to comply with applicable consumer laws and the protection of consumer data, and in those instances where third party vendors perform critical functions which may impact an institution’s potential safety and soundness assessment.

To satisfy these evolving requirements, companies should have in place enterprise level business and technology policies, processes and systems specifically designed to ensure the consistent performance of third party oversight activities, including vendor selection, qualification and diligence, risk assessment, on-going monitoring, internal training and compliance with published standards.

To ensure compliance as regulatory standards evolve and business grows, companies should conduct periodic audits and obtain annual certification of the adequacy and efficacy of their vendor management and oversight functions.

Key Services

The Collingwood Group’s Vendor Management and Oversight team’s services include: