Best Practices in Banking Vendor Management – Documentation

Documentation

The best vendor management program is not worth much during regulatory exams if you cannot demonstrate your compliance and capabilities. That is why documentation is key.

Documentation is the evidence of complying with the requirements of the bank’s policies and procedures, regulatory/legal requirements and contractual obligations.   

Effective documentation should maintain:

  • Each vendor’s risk report, due diligence and monitoring reports (ideally, a copy of the vendor contract would be contained in this file);
  • All contracts in a centralized and organized filing system;
  • All reports to the board;
  • All internal vendor management audits;
  • Vendor-related customer complaints;
  • Regulatory notifications;
  • Control testing results: The bank should routinely test all vendor management controls and requirements and document the results;
  • Updated risk assessments and due diligence to the vendor files; and
  • Deviations from policy or procedures with appropriate explanations.

评论

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注