Regulators Require Stringent Oversight of Third-Party Vendors.

Note Mogul Online Bootcamp

The most expensive real estate education is ignorance. We offer the antidote.

View The Course

Regulators Require Stringent Oversight of Third-Party Vendors.

Stricter standards and increased scrutiny by the Office of the Comptroller of the Currency (OCC) and the Consumer Financial Protection Bureau (CFPB), as well as the Federal Deposit Insurance Corporation (FDIC) and the Federal Financial Institutions Examination Council (FFIEC), mean financial institutions now have the same responsibilities for in-house and out-of-house services.

While the regulations don’t spell out specific requirements in each area, such as what sort of due diligence a servicer should do, they make it clear that servicers must oversee and control every operation that can affect a customer. To ensure that vendors comply with the regulations, we recommend that financial institutions/servicers follow these steps:

  • Perform due diligence before selecting a vendor of the provider’s ability to perform in a safe and sound manner
  • Review each service provider’s policies, procedures, internal controls, and training materials
  • Establish internal controls, including procedures for ongoing monitoring and reporting
  • Establish contracts that provide clear expectations of compliance and consequences for non-compliance
  • Take prompt action to address any compliance problems or issues
  • Mutually design risk management and disaster recovery strategies with each vendor to ensure that critical operations continue uninterrupted during a man-made or natural disaster, including security breaches
  • Document all policies, procedures, and interactions with third-party vendors

Using these practices will protect both you and the customer.

This is some text inside of a div block.