Third-Party Vendor Management Remains a Critical Issue for Banks

Manatt, Phelps & Phillips, LLP
Contact

Manatt, Phelps & Phillips, LLP

More than ever before, banks are relying on third-party vendors for important services such as marketing, underwriting assistance, technology, collections, settlement services and even outsourcing of product lines. These third-party services can offer significant benefits in terms of efficiency and customer service, but they also present a range of risks that must be managed carefully. Regulators expect boards of directors and senior management to identify and control risks arising from third-party relationships as if the bank were performing the activities itself, and they have made these relationships a focus of supervision.

Third-party risks are not always easy to identify. For example, the Real Estate Settlement Procedures Act (RESPA) prohibits giving or accepting “any fee, kickback, or thing of value” as part of a referral agreement. Because some settlement services are paid for by the lender while others are paid for by the borrower, settlement service vendor relationships can create RESPA risk when the vendor “bundles” both types of services. If a settlement service provider discounts its lender-paid services but not its borrower-paid services, this could be found to violate Section 8(a) of RESPA by providing a thing of value (reduced-price lender-paid services) in exchange for the lender sending its borrower-paid services to the same settlement service provider without the same discount. Although a consumer may not be harmed financially, there is still a thing of value (the reduced costs of the lender-paid services) being provided in exchange for what looks like a referral arrangement.

In order to manage these risks, banks should maintain robust vendor management programs that include assessing the risks of using a third-party vendor, conducting adequate due diligence on vendors before using them, documenting vendor responsibilities in well-drafted contracts, overseeing and monitoring vendor relationships with ongoing documentation, and adopting contingency plans such as the use of backup vendors to mitigate operational failures. All of these efforts should follow guidance from the OCC, the FDIC, the Federal Reserve or state regulators, as applicable.

Outside counsel can help banks assess third-party risk, conduct due diligence, document vendor relationships, and design oversight and monitoring programs consistent with best practices and regulator expectations.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Manatt, Phelps & Phillips, LLP | Attorney Advertising

Written by:

Manatt, Phelps & Phillips, LLP
Contact
more
less

Manatt, Phelps & Phillips, LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.