Over the last six to twelve months, Fiserv has had the opportunity to work with numerous financial institutions in establishing vendor management programs. Although we have seen numerous approaches to these programs, there has been one consistent theme: the desire for formal documentation. Along with that need, the majority of vendor management program implementations share two key components.
First and foremost, lenders are creating a new type of vendor database across all lines of business. Previously, this was usually handled by each business segment, and the content varied across the entire organization. Now, database content is being designed to include more detailed information on the vendor and services provided. Despite having different levels of detail, some of the newer items being stored include copies of contracts and amendments; service level agreements; site audit results; contract expiration dates; key contacts; operational guidelines; and fee schedules.
These additions may not seem ground-breaking, because most organizations have tracked this information before. The difference lies in having it stored in one centralized place. Moving to a formalized storage system that can be readily accessed by an entire organization will lead to a more structured approach to updating data and making reports available.
CFPB AUDIT RAMIFICATIONS
This trend has prompted an interesting change in our interactions with our clients. The vast majority of institutions with which Fiserv works are heavily involved with the services we provide. They are key stakeholders, and there is regular contact for almost every aspect of our relationship. This connection between customer and vendor is prevalent across all industries, but how many organizations can provide written support that shows how frequently these discussions occur? If a CFPB audit or even an internal audit is in progress, what documentation do you have that actually proves the hard work your team has put into its vendor relationship?
So, in order to provide that proof and verification, the second key component in a vendor management program is documentation. There have been numerous discussions within the industry about the level of detail needed to meet audit requirements. In response to vendor management best practices, a growing number of financial institutions are asking vendors for their own policy-and-procedure manuals. If a company has “comingled” its procedures across its entire client base — or worse, not documented them at all — it may be difficult to produce meaningful documentation.
We are seeing many organizations beginning to create a formalized interaction plan that includes regularly scheduled meetings; site visits; formalized meeting agendas; published meeting minutes; scheduled service-level-agreement (SLA) reviews; written, corrective-action plans; and procedures for follow-up items. The ability to produce this type — and amount — of documentation during any type of audit can be a determining factor in your overall results. Documentation of the simple steps that most of us do every day will help you create a successful vendor management program.
-Craig Carrow is Vice President, Lending Solutions at Fiserv.