After devouring the new OCC guidance (2013-29, “Third Party Relationships: Risk Management Guidance”) that replaces bulletin 2000-9, we recently released our latest Compliance Bulletin (November 12, 2013). [DOWNLOAD LINK] We weren’t really surprised by much. Most of the requirements and guidance are aligned with the development path we’ve been pursuing for well over a year now, affirming our strategic direction. In fact, we half expected this guidance as we prognosticated in our September 9 post. Now the real work begins. Customers will need to be guided to the features in VendorInsight® they may not be utilizing actively so that they can be protected and be compliant with the new expectations. One of the most significant prescriptions in the guidance: Vendor monitoring is now “essential.” Management controls and reviews are not enough. This guidance really affirms our leadership in the area of vendor monitoring. The good news: Even if you don’t run VendorInsight®, and utilize one of our competitors’ products to manage, you can subscribe to our vendor monitoring services.
What happens if you suddenly lose your point of contact (POC) at a vendor? A POC is an individual or a specific department who acts