Vendor Management       

CFPB has advised that brokers as well as bankers are responsible for the performance of their vendors, the people and companies to whom they outsource.  The CFPB Examination Manual includes guidance on how they will examine for Vendor Management.  This could be as simple as using a spreadsheet to track your review process and approval.

CFPB Announcement
CFPB Bulletin 2012-03

This is also a good business practice as ultimately, your customer will suffer the same outcome that you suffer from your vendors' performace and you might be held liable for failures or breaches of your vendors.  This includes data breaches, privacy failures, compliance failures and data loss failures.

Areas of business you might review are (non-exhaustive):
  • information security, including "need to know", locked storage systems and secure offices
  • data retention and / or destruction
  • data security and recovery (backups) due to crashes, fires, floods, break-ins
  • outside vendors and software they may use and which you are not aware
Examples of vendors you should review prior to engaging (and annually) (non-exhaustive):
  • software providers
  • network, web and computer systems technitians and administrators
  • janitors
  • document shredding firms
  • contract processors
  • wholesalers
  • MI companies
(c) 2013 - 2015  Association of Texas Mortgage Professionals