First look: Architect Magazine showcases Fannnie Mae’s new corporate digs

First look: Architect Magazine showcases Fannnie Mae’s new corporate digs

It’s big and beautiful and it saves the GSE money

Fannie Mae: Mortgage lenders unnecessarily restrict credit

Higher credit scores, additional documentation most common

Homeownership rate drops to 48-year low

Despite record sales, fewer Americans own homes

OCC sounds alarm on risk management of third parties

Banks must ensure responsible activities to keep in line with compliance


Banks need to practice effective risk management regardless of whether the bank performs the activity internally or through a third party, the Office of the Comptroller of the Currency said Wednesday.

A banking institution’s use of third parties doesn’t diminish the responsibility of its senior management to ensure that the activity is performed in a safe and sound manner and in compliance with related laws.

Banks continue to increase the number and complexity of relationships with both foreign and third parties. As a result, the OCC is concerned that the quality of risk management over these relationships may not be keeping pace with the risks associated with third parties.

"We have concerns regarding the quality of risk management on the growing volume, diversity, and complexity of banks’ third-party relationships, both foreign and domestic," said Comptroller of the Currency Thomas Curry.

He added, "This guidance provides more comprehensive instruction for banks to ensure these relationships and activities are conducted in a safe and sound manner."

Consequently, a bank needs to adopt risk management processes in conjunction with the level of risks and complexity of its third-party relationships.

Third-party relationships include business arrangements between the bank and another entity, by contract or otherwise.

Additionally, institutions should ensure appropriate risk management and oversight of third parties involving critical activities.

An effective risk management process throughout the cycle of the entities relationship includes plans that outline the bank’s strategy, proper due diligence in third party selection and written contracts that outline the rights and responsibilities of all parties.

Furthermore, a bank should perform oversight and accountability, documentation and reporting and independent reviews throughout the life cycle of the relationship as part of its risk management process.

For instance, conducting periodic independent reviews of the process enables management to assess whether the process aligns with the bank’s strategy and effectively manages risk posed by third parties.

Banks also need to execute a plan to terminate the relationship that allows the bank to transition the activities to another third party, bringing the activities in-house, or discontinuing the activities. 

Recent Articles by Christina Mlynski

Comments powered by Disqus