UDAAP and Vendor Management - How to Protect Your Reputation and Bottom Line


  • July 18, 2012: Capital One pays $140 million consumer refund over credit card marketing
  • September 24, 2012: Discover pays $200 million consumer refund for deceptive marketing practices   



11 financial institutions use vendors for various aspects of providing products and services to their customers. They range from data processing, credit bureau reporting, telemarketing, loan servicing, ODP processing, and many other activities. A financial institution's responsibility for third-party activity is the SAME as if it were being handled directly by the financial institution. UDAP (Unfair Deceptive Acts and Practices, and the UDAAP potential under Dodd-Frank for abusive acts) are being cited more frequently in enforcement actions, particularly with third-party services. Learn now to integrate third-party activities into your financial institution's Compliance Management System.  Effective third-party management programs incorporate:

  1. Risk Assessment
  2. Due Diligence
  3. Contract Structuring and Review
  4. Oversight

What steps should your financial institution take to avoid some of the recent enforcement actions and violations cited for UDAAP, BSA, Reg E and various compliance regulations that involved inadequate due diligence and Board oversight for third-party activity?

What You Will Learn:

  • What are the five types of risk in third party activities?
  • How can the risks be managed and mitigated?
  • What provisions should be included in your vendor contracts?
  • What areas should be reviewed in the third party provider's policies, procedures, and internal controls? What about their training programs and complaint procedures?
  • What type of monitoring programs and internal controls should your financial institution incorporate to ensure compliance with Federal laws and regulatory guidance?
  • What are some of the current regulatory guidance references?
  • What are some "best practices" for third-party oversight, monitoring complaints, and anticipating UDAAP issues?
  • What are some of the recent UDAP cases in third-party services?
  • BONUS - The materials include a Due Diligence CHECKLIST for a new service provider and to several helpful regulatory publications. A sample complaint policy and tracking form will be provided in WORD for participants to modify and use for your financial institution's internal procedures.

Who Should Attend?

This informative webinar is designed for senior management, risk managers, Board members, loan and deposit operation managers, compliance officers, and internal auditors.