Pub. 4 2014 Issue 1

22 www.azbankers.org its own staff or consultants answerable to the bank. The policy should address how re- ports from the vendor will be required and reviewed. Too often, banks simply accept reports that the vendor gener- ates without evaluating whether the reports actually provide necessary information. w n Outsourcing — continued from page 21 Bank Consultants Young & Associates, Inc.................................................. Page 14 EideBailly. ......................................................................... Page 8 Pacific Coast Banking School ............................................ Page 8 Banking Equipment & Security Services Diebold . .......................................................................... Page 24 Brokerage/Receiverships De Rito Partners. ............................................................ Page 16 R.O.I. Properties . ............................................................ Page 23 Compliance and Internal Audit Services Iversen & Anderson.......................................................... Page 5 Law Firm Engelman Berger, PC....................................................... Page 15 Greenberg Traurig, LLP ..................................................... Page 9 Jennings Strouss............................................................... Page 3 Ogletree Deakins............................................................ Page 13 Ryley Carlock & Applewhite........................................... Page 27 Stinson Leonard Street ................................................... Page 17 Receiverships/Property Management Case Huff & Associates .................................................... Page 2 Technology Consultants GoNet USA...................................................................... Page 23 Telecommunications Cox Business Services..................................................... Page 28 The vendor management policy also should address how the bank will manage and monitor performance of the vendor. The bank should expect to monitor the vendor’s performance, using What Should You See in a Vendor’s Contract? Performance requirements and expectations are clearly defined. Standards of performance are clear and specific. Timeframe for performance, frequency of service, and related services, such as software support, are specified. Vendor assurance that it will comply with all pertinent laws, regulations, and guidances at a level of compliance appropriate for the bank. Identification of which party will be held responsible for delivering any required customer notices and disclosures. Contract specifies which party wiII receive and then respond to consumer complaints. Vendor will hold the bank harmless for vendor’s errors and violations. Vendor will take necessary steps to correct errors, pay restitution, and handle any other forms of customer redress. Vendor will document its work, retain records of documentation, and provide documents to the bank and/ or regulator on request. Vendor will provide regular reports of its performance. Contract provides for the bank’s review and monitoring of vendor performance at the bank’s request. Contract addresses the vendor’s compensation structure for its employees. Contract requires the vendor to maintain appropriate information security measures and to protect customer information privacy. Contract specifies that all customer and product information is the property of the bank. Contract authorizes or prohibits the use of subcontractors. Contract describes insurance coverage to be maintained by the third party. Note: The above points are guide- lines and are not a substitute for appropriate legal review of contract terms. Article originally published in the ABA Banking Journal, September 2013. Reprinted with permis- sion.