Templates
Vendor Management
FFIEC Vendor Management Due Diligence Checklist
đź“ť

FFIEC Vendor Management Due Diligence Checklist

1
Identify the vendor
2
Assess risk level of vendor
3
Collate all necessary documentation on vendor
4
Review vendor’s financial stability
5
Examine vendor’s compliance history
6
Confirm vendor’s insurance coverage
7
Verify adequacy of vendor’s personnel and internal controls
8
Ensure vendor's experience and qualifications match the service provided
9
Review service level agreements with the vendor
10
Approval: Vendor Documentation
11
Conduct ongoing vendor performance monitoring
12
Establish continuity plan in case of vendor failure
13
Monitor the vendor's compliance to agreed terms
14
Evaluate vendor's disaster recovery and business continuity plans
15
Ensure vendor's financial condition is not harming performance
16
Update vendor risk ratings periodically
17
Approval: Vendor Risk Ratings Update
18
Document all self-assessment and independent reviews performed
19
Retain all vendor-associated records as per regulatory requirements
20
Ensure compliance with all FFIEC guidance on outsourcing