IT Governance

Learn About the New Change in the Financial Sector

The Fed, Office of the Comptroller of the Currency (OCC), and Federal Deposit Insurance Corporation (FDIC) have taken a unified step to develop a joint third-party risk management and data security framework. It can transform the financial sector to a great extent. The decision was taken after observing the interference of third parties. Experts believe that the decision of the joint risk management framework is probably the reason for the drastic growth of service organization control reports (SOC 2). With the consistent rise of outsourcing activities, banks plan to partner with fintech companies. This decision may increase risks in the financial sector. In her article for Corporate Compliance Insights, Eva Pittas talks about the joint risk management framework and how it reflects on the financial industry.

Previous Financial Endeavours

Pittas talks about the distinct financial endeavors undertaken by the FDIC, Federal Reserve, and OCC. In 2008, FDIC introduced ‘Guidance for Managing Third-Party Risk,’ which was succeeded by ‘Guidance on Managing Outsourcing Risk’ by the Federal Reserve in 2013. During the same time, the OCC came up with ‘Third-Party Relationships: Risk Management Guidance.’ Pittas mentions that the recently launched joint regulations seem to be an effort to tackle disharmony and incoherence.

Risk-Oriented Framework

The joint guidelines plan to keep high-risk vendors that are providing critical services under comprehensive and secured systems. The draft further asserts that when an enterprise is assessing third-party finance, the analysis must be “as comprehensive as if it were extending credit to the third party.” The draft also states that the “financial analysis should reach to credit-approval levels for high-risk vendors, and if an organization claims not to hold any relationships with critical vendors, they’ll need to explain that claim.”

Apart from the fact that the OCC, Fed, and FDIC have jointly issued a financial framework, the draft is an innovative attempt in several other ways. For example, it requires organizations to analyze third-party’s diversity policies and hiring procedures.

Click on the link to read the article:

Related Articles

Back to top button

We use cookies on our website

We use cookies to give you the best user experience. Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.