THE LAW : BY BRAD R. BERGMOOSER, FREEBORN & PETERS LLP
Vendor due diligence remains a very important issue for credit unions, highlighted by recent statements
by NCUA Chairman Debbie Matz regarding NCUA’s desire to obtain regulatory authority over credit union vendors. But instead of developing a rigid, all-inclusive due diligence policy to account for the complex subject, credit unions should consider a more flexible approach. The problem with analyzing vendor due diligence is that it is far too broad to be considered one topic. A credit union’s approach to selecting a third party to provide a service with minimal financial impact on the credit union and no exchange of any private member information should be an entirely different process from the retention of vendors who will have full access to credit union operations. And there are a host of product and service providers falling at various points within that spectrum.
Credit unions are most successful when management’s actions achieve a balance between effectiveness and efficiency, and vendor due diligence should follow this same idea. Fixed and detailed policies do not provide adequate management discretion and could ultimately lead to an inappropriate due diligence process for certain vendors. A better approach is to break down each potential relationship and evaluate it based on these three components: 1) what the credit union needs to know; 2) the details of the relationship (the contract); and 3) continued monitoring.