Remote Vendor Management Exams During a Pandemic Crisis

Let’s face it. The working world has changed a bit over the past few months. Many of us in the industry are mainly doing our jobs remotely, and at times, lacking access to things that we realize are back at the office. And to take it a step further, the regulatory examiners are also working remotely.

Remote Vendor Management Exams

The concept of remote examinations – completely remote examinations – is a new one.

For many years, we’ve been used to the cadence of planning and preparing for on-site examinations: setting up workrooms, briefing staff on what to expect, setting up times for discussions, defining perimeters on who to speak with (or not), along with a sequence of review of documents.

That’s all changed as regulators are utilizing remote examination processes due to the pandemic environment. Coming from two previous FDIC banks, we were accustomed to loading certain things through FDICConnect; however, we were always ready to discuss in person. Now, in this new, remote world, it all becomes a bit more challenging.

For example, how do we make certain the examiners understand what they are reading? Currently, we don’t have the luxury of a casual or semi-formal interaction. From the perspective of note-keeping and proper protocol, in an on-site examination, we could reasonably control one-to-one interactions and make sure employees weren’t just approaching an analyst without the compliance officer involved. The documents you’re handing over, even as a matter of due course, may have names and contacts attached, and much like hallway chatter, how do you police it to make sure you’ve got the right information? 

5 Tips for Remote Vendor Management Exams

Our advice, stick to the basics.

1. Set firm rules from the beginning, both for your team and expectations from the examiners as to whom and from who to communicate.
2. Set timelines for delivery of information and funnel the workflow of information.
3. Review each document more carefully than before.
4. Schedule firm times for meetings.
5. Establish a protocol that any concern or finding will flow through you, as the compliance officer or third-party risk officer and not directly to the business area. 

Will this be the norm going forward? We simply don’t know. Some regulators, like the Federal Reserve and the OCC, announced that all bank examination activity will resume, but that all exams will continue off-site for the foreseeable future. With staff reductions and off-site exams, it will be interesting to see how it plays out in the name of efficiency.

Do you know what steps need to be taken after a vendor management exam? Download the infographic.