The increased regulatory focus on 3rd party oversight programs has created a growing demand for professionals with specialized expertise in building and managing compliant vendor management programs. This Certified Regulatory Vendor Program Manager (CRVPM) course provides the regulatory knowledge, methodology and best practices required to build and manage a compliant 3rd party oversight program that meets FFIEC Guidance, GLBA 501(b) requirements as well as OCC, FDIC, NCUA, FRB, CFPB Guidance and bulletins. In addition, this course covers the preparation to present documentation in support of exams and audits. This course is web-based and self-paced.
This course and certification is provided by Compliance Education Institute. Recertification is required annually.
Those who hold this designation are often risk officers, compliance officers, CIOs, CFOs, auditors, examiners, vendor management specialists, operations officers, info security officers and those involved in building and managing a compliant vendor management program.
To achieve the CRVPM designation, you must pass each of the seven chapters quizzes with a passing score of 70% for each. Scoring is instant, so you will know your results immediately.
“In a world where we are trusting more vendors to do more things for our members, educating yourself is the best place to start. This course is full of practical ideas and resources you can use, without requiring a small army of staff to get the job done.” -- Matthew Bailey, CUCE, BSACS, CRVPM, Director of Compliance, Linn Area Credit Union
The Great Depression of 1929 led to a number of regulatory acts intended to protect bank customers. This chapter covers the historical events and subsequent regulations from the Glass-Steagall Act to the Gramm-Leach-Bliley Act, providing the student with the knowledge of the driving issues behind the regulations.
The regulatory burden is overwhelming and only growing in scope. Very often regulations from multiple agencies often overlap. This chapter helps you sort through the proliferation of regulations, bulletins and Guidance that financial institutions must be aware of and ensure that their vendors comply with.
Some of the regulations reviewed include:
Compliance is most often seen as a cost center with the perception that the benefit of being compliant is “not being fined”. This chapter presents examples of the many benefits of a compliant vendor management program and the methodology to determine the many hard dollar and soft dollar savings that can be realized. Leveraging this knowledge, a business case can be built for program funding or enhancement and gaining Executive Sponsorship.
Some of the benefits discussed include:
A filing cabinet full of folders is not a vendor management program! A program is a series of inter-related steps to be carried out inclusive of policy, procedure and process in order to achieve a goal or set of goals.
This chapter dives into the details of the 9 key components of a compliant vendor management program that every institution must address including:
Once the regulations, benefits and components are understood, this chapter instructs how to put it all together and begin implementing or enhancing your program.
It addresses all steps including:
The increased regulatory focus on vendor management programs and the high profile security breaches in recent years have given regulators cause for concern over whether financial institutions are complying with regulatory requirements to ensure that their vendors’ physical, technical and administrative controls are being properly evaluated. This chapter provides the insight gained through interviewing financial institutions across the country to provide the details needed to properly prepare for your next regulatory exam or audit. The chapter covers the 5 Vendor Management Audit Objectives along with the expected 13 controls.
Documentation discussed in this chapter includes preparation of the following:
While Best Practices are not always practical for all institutions, this chapter presents a wide variety of Best Practices that have proved valuable to successful vendor management program implementations at institutions across the country.
Practices will be discussed for:
Mick Kless is the founder and CEO of RISC Associates, a regulatory compliance consultancy and compliance automation tools developer, and Compliance Education Institute, the training and education division of RISC. He is a recognized industry expert on vendor management and the creator of the Certified Regulatory Vendor Program Manager (CRVPM) course. Mick has spent more than 30 years in financial services, has focused on GLBA 501(b) issues since 2001 and has specialized in vendor management regulatory issues since 2004.
For course access questions, email firstname.lastname@example.org.
Course length: 6 hours