Inventory
info icon
Single family homes on the market. Updated weekly.Powered by Altos Research
682,150-7,865
30-yr Fixed Rate30-yr Fixed
info icon
30-Yr. Fixed Conforming. Updated hourly during market hours.
6.91%0.02
Mortgage

3 security concerns when working with third-party vendors

OCC: Vendor relationships create added risks

As more lenders turn to third parties, regulators are emphasizing the importance of gauging the potential risks involved.

“You have to assess not only the vendor; you may also have to assess the vendor’s relationships. Some of these third parties have connections to other institutions and servicers,” Comptroller of the Currency Thomas Curry said in a speech to the Independent Community Bankers of America

“Each new relationship and connection provides potential access points to all of the connected networks, thereby introducing more complexity as well as new and different weaknesses into the system,” Curry added. 

This follows a report last week that the source code for an Android mobile banking Trojan application was released on an underground forum, breaking down the door for a large number of cyber attacks. 

With the increased threat, Curry outlined three areas to be concerned about. 

1. The extent that service providers are consolidating

“This means that more financial institutions are dependent upon a single vendor. Where that happens, deficiencies at one vendor have the potential to affect a large number of banks simultaneously.” 

2. The rising reliance by banks, directly and indirectly, on foreign-based subcontractors to support critical activities

“Third-party service providers and subcontractors of third parties that operate in foreign jurisdictions present unique problems,” He said. “Banks need to consider the legal and regulatory implications of where their data is stored or transmitted, and make a determination as to whether geographic limitations are needed in their contracts.” 

3. The access third parties have to large amounts of sensitive bank or customer data

“For an industry in which reputation means everything, a single data breach involving confidential customer information can be extremely costly,” Curry said. Banks open themselves up to be particularly vulnerable to events that erode trust, and once an institution’s reputation is damaged, it can take years to repair.
 

Most Popular Articles

Latest Articles

loanDepot’s Frank Martell on building lifelong consumer relationships through technology 

In this week’s episode of the Power House podcast, HousingWire President Diego Sanchez sits down for a tantalizing conversation with Frank Martell, the president and CEO of loanDepot, to discuss the company’s profitability in the third quarter of 2024 and its Project North Star growth plan for 2025.

3d rendering of a row of luxury townhouses along a street

Log In

Forgot Password?

Don't have an account? Please