Amid rapid digital transformation, operational resilience is more important than ever. An increasing reliance on third parties and outsourced IT solutions, combined with the risk posed by cyber threats and other sources of business interruption, has led to new approaches from regulatory bodies across the US and overseas.
In recent years, a range of agencies in the US have released guidance on managing the risks associated with third-party relationships. While different organizations govern different business areas, many of the key principles overlap - and all are aimed at helping banking and financial services organizations to identify, assess and manage third-party IT risks.
The Federal Reserve Banking System provides guidance on managing outsourcing risk for all financial institutions supervised by the Federal Reserve, including those with $10 billion or less in consolidated assets.
A general framework that financial institutions should use for oversight and risk management of significant third-party relationships.
Are credit unions regulated by the FDIC? No, the Federal Deposit Insurance Corporation (FDIC) only insures deposits in banks. Credit unions have their own insurance fund, run by the National Credit Union Administration (NCUA), a US government agency that regulates and supervises credit unions.
Download our guide to learn more about the FDIC’s guidance for managing third-party risk
The OCC is an independent bureau of the US Department of the Treasury, the OCC charters, regulates and supervises all national banks and federal savings associations, as well as federal branches and agencies of foreign banks. The OCC Regulations provide guidance for banks for assessing and managing risks associated with third-party relationships.
What banks are regulated by the OCC? The OCC supervises national banks, federal savings associations, and federal branches and associations of foreign banks. The OCC ensures that national banks and federal savings associations provide fair access to financial services, act in a safe and sound manner, and comply with relevant regulations and laws.
Download our guide to learn more about the OCC rules and regulations for vendor management.
FINRA is a government-authorized, not-for-profit organization that oversees US broker-dealers. FINRAs guidance includes considerations for firms that use, or are contemplating using, third-party vendors to establish whether their procedures and controls for outsourced activities and functions are sufficient.
Who is regulated by FINRA? Does FINRA regulate hedge funds? The Financial Industry Regulatory Authority (FINRA) writes and enforces the rules governing registered brokers, broker-dealers, capital acquisition brokers, and funding portals.
Download our guide to learn more about FINRAs guidance for firms.
