Skip to main content

What We Do

October 19, 2021

Better Markets Files Comment Letter with Federal Banking Regulators on Third-Party Risk Management Guidance

Better Markets filed a comment letter with federal banking regulators in response to proposed guidance for banks in managing risks associated with third-party relationships, such as business arrangements with data providers and payment processes.

July 2021, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC) published proposed interagency guidance that provides banks with a framework for managing risks associated with third-party relationships, including consumer protection, cybersecurity, and operational risks.

The interagency guidance is primarily based on OCC guidance issued in 2013, which was later supplemented in 2017 with Frequently Asked Questions, and later updated through the publication of OCC Bulletin 2020-10 in March 2020.

Why It Matters: Advances in communications and information technology have led to banks competing to provide products and services that improve the access and functionality of banking services. These activities are often outsourced to third parties, which inherently raises the level of risk for banks and their customers. For example, many large banks today rely on cloud service providers to process and manage customers’ financial data. In 2019, a hacker breached Capital One’s data stored on AWS cloud— compromising the personal data of Capital One customers.

Establishing a uniform risk management framework for third-party relationships would assist regulators by ensuring banks are following sound risk management practices that protect against operational risks, data breaches, and reputational damage.

What We Said: The core principles of the guidance are sensible and if followed would work to lower risk in third-party relationships. However, the guidance should be made more specific to better delineate the types and levels of risks that must be managed. Additionally, considering the evolving and complex nature of third-party relationships, the management of the associated risks would be best served by a minimum set of standards implemented through regulation.

Bottom Line: Better Markets encourages federal banking regulators to provide additional clarity and specificity in the guidance and to follow the guidance with new regulations or modifications to existing regulations that set minimum standards.

Comment Letters
Share

Donate Today!

Contact Us

For media inquiries, please contact press@bettermarkets.org or 202-618-6433.

To sign up for our email newsletter, please visit this page.

Name(Required)
This field is for validation purposes and should be left unchanged.

Sign Up — Stay Informed With Our Monthly Newsletter

This field is for validation purposes and should be left unchanged.

For media inquiries,

please contact press@bettermarkets.org or 202-618-6433.

Donate

Help us fight for the public interest in our financial markets, protecting Main Street from Wall Street and avoiding another costly financial collapse and economic crisis, by making a donation today.

Donate Today