The FDIC issued guidance concerning managing third-party risk. The guidance discusses the types of potential risks that third-party relationships may pose to banks and how banks should manage these risks through risk assessment, due diligence in selecting a third party, contract structuring and review, and oversight. According to the FDIC, future compliance examinations may focus upon the failure of banks to manage these risks, and corrective actions, including enforcement actions, may be pursued for deficiencies related to third-party relationships that pose a safety and soundness or compliance management concern or result in violations of applicable laws or regulations. Click here for a copy of the guidance.
Alert June 17, 2008