Third Party Due Diligence and Strategic Planning FAQ Released
Yesterday, NCUA released a list of frequently asked questions (with answers!) that it received during its recent webinar on on "Key Examination Issues for 2008: Evaluation of 3rd Party Relationships and Strategic Planning.â Read the press release about the FAQ here.  Better yet, you can directly access the FAQ here.
I love FAQs. They are little pieces of guidance that can come in handy and clarify agency expectations. For example, here's question and answer # 21 and 22, which I found noteworthy.
21. Does a credit union need to have a written policy and procedure forevaluating third party vendors?
RESPONSE: A credit union does need to have a written policy and procedure for evaluating third party relationships. A policy and procedure outlines the credit union evaluation requirements and provides management and employees with the guidelines the officials established to oversee the vendor relationship and operate the product and service in a safe and sound manner.
22. Does a credit union need a separate policy for evaluating vendor relationships or can this policy be included within other policies such as our Security Policy?
RESPONSE: NCUA does not require credit unions to have a stand alone policy addressing the evaluation of third party vendors. This policy may be incorporated with other policies and procedures, but the credit union may determine it is prudent to have a stand alone policy.
For those working on due diligence issues, this document is a must read.