Regulators Issue Guidelines for Third-Party Risk Management
Federal banking regulators issued joint guidance for financial institutions regarding the management of risks associated with third-party relationships, including technology providers.
The guidance establishes principles for all banking organizations to consider when developing and implementing risk management practices for third-party relationships. It provides direction and expectations for various stages of these relationships, including planning, due diligence, selection, negotiation and termination of contracts. Additionally, it offers guidance on conducting independent reviews and maintaining documentation. The agencies emphasized that they will assess a bank's risk management practices related to third-party relationships as part of their regular supervisory processes.
Federal Reserve Governor Michelle Bowman issued a statement expressing her opposition to the guidance. "Although this guidance suggests that a sound third-party risk management framework should be appropriately tailored to a bank's level of risk, complexity, and size, it does not provide the necessary clarity or supplemental tools to facilitate small bank implementation," she said.
Read the Guidance
Proposal Released to Implement Standards for Automated Valuation Models
Several federal regulatory agencies released a proposed rule aimed at regulating the reliability of algorithmic models used in real estate valuations. The rule would mandate institutions involved in covered transactions to implement policies, practices, procedures, and control systems to ensure that automated valuation models (AVMs) meet quality control standards that safeguard the credibility and integrity of valuations. This proposal is part of the Biden administration's broader initiative to address concerns of bias in the appraisal process.
Learn More
CFPB Announces Section 1071 Enforcement Guidance
The Consumer Financial Protection Bureau (CFPB) released guidance on how it will enforce the final rule for Section 1071 of the Dodd-Frank Act. The rule mandates the collection and reporting of credit application data for small businesses, including those owned by women and minorities.
The CFPB will focus on the response rates of lenders to data requests from applicants and will compare response rates among lenders of similar size, type and other factors. Low response rates may indicate non-compliance with the rule or discouragement of applicants. The agency will also consider anomalies in responses, such as a high number of applicants choosing not to provide information. This could suggest steering, improper interference, or potential obstruction of applicants' preferred responses.
Read the Guidance
|