FinXTech Intel 2023 report final 2 - Flipbook - Page 19
Questions for the Bank Board
•
What is our bank’s plan for approaching ongoing due diligence of our fintech partners?
What are we doing with the information they give us?
•
How often should we revisit our third-party vendor management program to ensure we’re
comfortable with the risk our bank is taking and our oversight of it?
•
What monitoring and reporting is necessary to support our ongoing evaluation of these
relationships?
•
Are we comfortable with the risk this vendor creates for us from a financial standpoint? What about
from a reputation standpoint? What about from a regulatory standpoint?
•
Are our existing processes operationally resilient enough to meet the demands and expectations of
our customers? How will we manage a disruption of our partner that impacts our customers?
Sources for questions: Alloy Labs/Crowe’s white paper, RSM’s John Behringer; Clayton Mitchell, managing
principal, fintech at Crowe LLP
established company with a variety of products and revenue?
Understanding the maturity of a prospective fintech can help
Is it in growth mode or focused on profitability? How much
a bank establish the due diligence priorities and objectives
money has it raised, and what are the odds it may need to
that create a solid foundation for effective and successful
right-size its employee base or shut down?
partnerships, wrote the Federal Reserve authors in their
white paper on fintech partnerships. That includes agreeing
Crowe has collaborated with Alloy Labs, a bank consortium,
on a white paper outlining what they call a “minimal acceptable maturity” model with a range of expectations and due
diligence for fintech partners, based on the vendor’s size and
on the appropriate use of customer data, establishing effective risk management standards, sharing a mutual emphasis
on bank regulatory compliance, and engaging in frequent and
direct communication.
complexity, the level of customer interaction and access to
certain types of data. The model helps banks create a documented assessment system, and outlines the process, systems
and controls that should be in place to satisfy regulatory
Check out page 24 for more on regulatory
compliance.
expectations and risk appetites.
Kiah Lau Haslett is managing editor of Bank Director.
FINDING FINTECHS: HOW DO YOU DECIDE? | 17