Improve Vendor Risk Management by Using Enforcement Actions

Video Transcript

Welcome to this week’s Third Party Thursday! My name is Kelly Vick and I’m the President here at Venminder. We are going to talk a little bit about how to use an enforcement action in order to make your third-party risk management program more efficient.

The news is filled every week with a new enforcement action focusing on some area that may impact your third-party risk management program. Most commonly these come in the form of a Consumer Financial Protection Bureau (CFPB) action surrounding UDAAP (Unfair Deceptive or Abusive Acts and Practices).

When you find one of those enforcement actions, it’s a terrific opportunity to use that as a lens to look at your own program and look for any underlying activities that may resemble something in your vendor risk management program.

For example, the CFPB has focused heavily on the use of add-on products such as Life Lock and other items that might cause customer confusion, saddle with high fees or difficult for consumers to understand. They often lead to a number of complaints which you can find in the CFPB Consumer Complaint Database. It seems CFPB uses that as an excellent breeding ground for where they are going in enforcement actions.

Once you have seen an enforcement action:

1. Take the opportunity to review it carefully.
2. Look for elements that may be present in your program.
3. Consult with your audit, legal and compliance department and have them review it as well.

Often you can find things there where you can head off items of the past before they become problems for your own company. 

Again, I’m Kelly and thanks for tuning in to this week’s third party Thursday; if you haven’t already done so, please subscribe to our series.