Cyber Attacks are Everyone’s Nightmare.
Part 1 of 2
From the desk of Stephen Kohn, Founder and Chair of the Financial Professionals Coalition (www.finprocoalition.com), a 25-year veteran owner of a FINRA broker-dealer, a former member of FINRA’s National Adjudicatory Council and a former FINRA Governor.
The Financial Professionals Coalition, Ltd. is a diverse resource for over 1.2 million registered representatives, associated persons, traders, bankers, back-office staff, owners of broker-dealers and registered investment advisories. The Coalition provides courtesy consultations with industry experts. Membership is free.
Protecting Your Firm: Understanding Vendor Risk Management in 2024
With an Educational Webinar Invitation
Contributing Author: Vincent Guyaux, Financial Professionals Coalition Featured Member,
Founder, CISO & Chairman, Buckler
Published: 08/01/2024
Vendor Risk Management (VRM) has long been a focus within financial services, with considerable resources allocated to evaluating and managing risks associated with vendors. Traditionally, this process involves each advisor or organization independently assessing the same vendors, often leading to redundant efforts and inefficiencies. This means that each advisor asks the same questions, gathers similar documentation, and conducts parallel due diligence processes for the same vendors that their peers are evaluating.
The Importance of Vendor Risk Management
In recent years, supply chain attacks have risen 26% from 2022 to 2023, underscoring the vulnerabilities organizations face due to improper software updates, inadequate security protocols, and compliance inconsistencies among vendors. These vulnerabilities make vendors a prime target for cybercriminals seeking access to sensitive data and systems.
Whether termed Vendor Risk Management, Supply Chain Management, or Third-Party Risk Management, the core objective remains consistent: understanding and mitigating risks associated with third-party vendors. This involves ensuring vendors comply with relevant laws and regulations, reflecting the same standards as their client organizations.
Impact of Global Shifts
The global shift to remote work during the 2020 pandemic exacerbated vulnerabilities, with cybercriminals exploiting weaknesses in unsecured networks and devices. Incidents like the recent Crowdstrike update highlight how vendor missteps can have far-reaching consequences, emphasizing the need for robust VRM strategies.
Leverage a New Approach
To address these inefficiencies and streamline the process, a group of eight board members established an extended initiative called Open VRM. This free platform aims to facilitate the exchange of information and due diligence documentation between vendors and advisors, significantly easing the vendor risk management process.
Open VRM operates on a collaborative basis, inviting clients and advisors to choose vendors from the platform. If a vendor is not listed, users can notify the platform administrators, who will then add the vendor to the system. This approach ensures a continuously growing and comprehensive database of vendor information, enhancing the platform's utility and relevance.
Currently, Open VRM lists over 1,000 vendors with available information. This vast repository enables advisors to access up-to-date and standardized vendor information without repeating the labor-intensive data collection and assessment processes. This collaborative effort not only saves time and resources but also improves the quality and consistency of vendor risk assessments across the industry.
Advisors and vendors are encouraged to leverage the Open VRM platform to its full potential. By actively participating in the platform, users can contribute to a more efficient and streamlined VRM process, benefiting the entire financial services industry. The platform's open and free nature ensures that all stakeholders, regardless of size or resources, can access and benefit from this shared repository of vendor information.
The creation of Open VRM marks a significant shift in how vendor risk management is approached, moving from a fragmented, repetitive process to a collaborative, centralized system.
Your Path Forward
Attend Buckler's upcoming 30-minute webinar to explore Compliance-Driven Vendor Risk Management (VRM) strategies designed to fit within budget constraints. Gain practical knowledge on navigating regulatory landscapes from SEC, FINRA, NYDFS, and NAIC perspectives, ensuring your firm remains resilient against evolving threats.
Join an educational initiative from Buckler. This webinar offers insights into VRM's legal nuances, efficient business practices, and cost-effective solutions tailored for financial services.
______________________
WEBINAR INVITATION
Date: AUGUST 7th, 2024
Time: 2:00 -2:30 PM EST
Achieving Compliance-Driven Vendor Risk Management (VRM) on a Budget
Registration Link:
Achieving Compliance-Driven Vendor Risk Management (VRM) on a Budget
September 5, 2024
David Banerjee, Financial Professionals Coalition, Ltd. Featured Member, An... Read On
August 8, 2024
From the desk of Stephen Kohn, Founder and Chair of the Financial Prof... Read On
August 1, 2024
Cyber Attacks are Everyone’s Nightmare.Part 1 of 2 From the desk of ... Read On
July 11, 2024
Just in case you missed what the CAT is, it's a database, off in ... Read On
July 8, 2024
July 7, 2024 -- Lt. Col. Elton Johnson, Jr., a Founding Me... Read On
June 20, 2024
When will FINRA Rules 3270 and 3280 Reflect Today’s Industry Trend? ... Read On
March 13, 2024
As the adage goes, if you get something for nothing it has no value. ... Read On
February 13, 2024
2024, A New Year of Financial Industry Transition - FINRA/NASAA Licensing 1... Read On
January 30, 2024
2024, A New Year of Financial Industry Transition, an interview with Ron Ed... Read On
January 26, 2024
2024, A New Year of Financial Industry Transition, an interview with Simon ... Read On