Vendor Risk Management as Applied to Fintech Contracts
Regulatory compliance is an area of fundamental concern – not only for strategic investors – but also for financial institutions contracting for services from financial technology providers, warns Adam Chernichaw, a partner in the New York office of White & Case.
“Where a financial institution classifies a product or service being procured as an ‘outsourcing,’ its vendor risk management (VRM) function will carefully scrutinise the proposed relationship,” Chernichaw writes. “The VRM function will usually take the position that regulators will look at the service provider as an extension of the institution. Accordingly, the institution is required to impose contractual obligations on the provider so that the provider acts as the institution itself would act when it comes to compliance.”
In his article he emphasizes the importance of parties to align on the contractual VRM requirements that will be sought by the financial institution, and whether the fintech provider can meet those obligations.