Regulatory requirements and guidance targeting third-party and vendor management activities in the banking and financial services industry (FSI) look like — and call for — a whole lot of work. Most recently, issuances by the Office of the Comptroller of the Currency (OCC) and the U.S. Federal Reserve Board (FRB) have forced FSI executives to don their compliance overalls and get their hands dirty with tactical compliance work related to these new and evolving regulations. Leading FSI organizations, however, are treating this tactical requirement as not just a chore but as a strategic opportunity. These companies are taking a much more disciplined and systematic approach to meeting their third-party/vendor management requirements because they recognize the inherent opportunities that a sustainable and sophisticated vendor management organization (VMO) presents for their business. These opportunities include cost and efficiency gains from reduced vendor complexity through governance and streamlined operations, and an opportunity to evolve vendor relationships into collaborative or strategic partnerships that drive increased business value and greater transparency into vendor risks. These opportunities are available to FSI organizations regardless of their size. This paper presents the principles and building blocks of effective vendor management, including an example of a successful and evolving VMO organization. The building blocks of the vendor management framework presented in this paper can be assembled in ways that address each institution's unique organizational structure and needs.
Throughout this paper, we use the terms "vendor," "vendor management" and "vendor management organization." However, the principles discussed here apply to all third parties with which a financial institution has business relationships.