Dodd-Frank and Vendor Management: “The Exposure Is Real”

Since its passage in 2010, implementation and interpretation of the Dodd-Frank Act has touched nearly every aspect of banking. In this post-crisis era, bank regulators like the OCC and the Federal Reserve are leveraging laws like the Dodd-Frank Act to reel in risk-taking by financial institutions. In the first quarter of 2015, regulators stepped up their enforcement actions under Dodd-Frank. One area that is drawing significant attention is how banks manage their third-party vendors, particularly in the area of real estate mortgage lending. Last week, EDR helped promote a teleconference on this timely topic that was sponsored by the Environmental Bankers Association’s Risk Management Committee. The event focused on vendor management and how financial institutions are managing these complex requirements. Speakers included: John Rybak and Greg Lampe of BB&T Bank, and attorney Brad Merrill of Snell-Wilmer.

1Q15 Enforcement Up

Enforcement actions, specifically taken against community banks, rose sharply in the first quarter of 2015. The uptick is tied to higher regulatory oversight as more Dodd-Frank Act rules take effect. Consider these statistics from the Banking Compliance Index from Continuity, a provider of compliance services to community banks:

  • 176 enforcement actions were taken in 1Q2015 against banks and credit unions, up by a dramatic 30% over 4Q14.
  • Sixty percent of the 1Q2015 enforcement actions were against small banks (i.e., banks with assets of $250 million or less), an increase of 12 percentage points above 43% in 4Q14.

In an extremely competitive market environment, regulatory compliance is challenging to say the least, especially at community banks that may lack the resources or technical expertise of their larger counterparts. Given that today’s regulatory pressures are not expected to diminish any time soon nor are enforcement actions, risk managers will need to find efficient ways to follow and comply with requirements, including those related to vendor management.

EBA Webinar: Vetting the Vendors Under Dodd-Frank

Given the widespread impact of the 2,323-pages long Dodd-Frank Act on financial institutions, especially in light of the just-released 1Q15 compliance data, last week’s webinar titled The Impact of the Dodd-Frank Act on Your Bank was extremely timely.  The three speakers covered the myriad regulations related to vendor management, and provided steps that banks can and should be taking to reduce their potential risk exposure for non-compliance. Below are a few speaker highlights from last week’s event:

  • “Needing to have more controls in place over their vendors is a real change that was formalized for banks under Dodd Frank.”
  • “A key impact of the vendor management regs is what I call The Sheepdog Effect. A sheepdog can only manage and watch two dozen or so sheep at a time. After that, the wolves will get a few of them. The shift is that we’re leaning toward using larger vendors with greater coverage and greater capabilities. The smaller firms are becoming the anomaly. It’s because we have to limit our liability and implement significant QC programs.”
  • “It’s no longer the case that vendors are on the list and stay there forever. They have to be engaged and performing.”
  • “The responsibility for compliance flows through the institution and goes right up to the bank’s upper management.”
  • “The exam manuals of regulators have been revised to include vendor management as a key area of examination. How safely and soundly is a bank managing its vendors? Selecting them? Conducting due diligence on them? Monitoring them?”
  • “Many institutions are moving to using larger, more established vendors simply as a matter of course and safety.”
  • “Bank vendor managers need to realize that the exposure related to what their vendors do is real. And it can be dramatic. And it needs to be a main focus of bank policies and procedures, and a main focus of diligence and aggressive enforcement at the bank management level.”



If you are looking for first-hand experience from risk managers speaking candidly about the day-to-day impact that Dodd Frank has had on how they manage their vendors—and the impact associated with not following the regulations, then the EBA webinar is worth a listen. You will hear a detailed overview of the requirements related to vendor management and valuable advice on how best to adhere to the requirements and avoid the perils of noncompliance.

To listen to the webinar:

[NOTE TO READERS: Be sure to skip ahead to the approximately 2:00 minute mark to avoid the sound checks.Speakers refer to slide numbers during the presentation, so be sure to have the slide deck open.] 

Contact webinar hosts Jan Sheinson (, ERM with BMO/Harris Bank or Dennis Firestone (, CBRE for more information.


The Environmental Bankers Association (EBA) is a non-profit trade association that represents the financial services industry, including bank and non-bank financial institutions, insurers, and those who provide services to them. Its members include lending institutions, property & casualty and life insurers, the environmental consulting and appraisal community, and attorneys. The EBA was established in 1994 in response to heightened sensitivity to environmental risk issues, and the need for environmental risk management and due diligence policies and procedures in financial institutions. The EBA specializes in educating its members to enable them to stay abreast of regulatory changes, case law, and technological advancements for mitigating environmental issues. The EBA meets twice a year, in addition to hosting various webinars like this one throughout the year. The association’s events are valuable forums for risk managers and due diligence professionals to share technical information and stay abreast of the latest issues affecting their business.

The latest agenda for their Summer Conference, to be held in Denver June 14-17, is posted here. EDR Insight’s Principal Analyst Dianne Crocker will be delivering the State of the Market lunch presentation on Tuesday, June 16.