I heard that the OCC issued some kind of guidance in the last couple of years to banks about risk scoring of third parties. Wouldn't this affect payment processors and registered ISOs doing business with merchant acquiring banks? I haven't found anything about it in The Green Sheet.
Marilyn Tarpe, Superlative POS LLC
I found nothing in our archives pertaining to the Office of the Comptroller of the Currency and risk scoring of third parties. The guidance you are referring to is probably Bulletin 2013-29 issued by the OCC on Oct. 30, 2013. The subject of the bulletin is third-party relationships, and it was issued to "Chief Executive Officers and Chief Risk Officers of All National Banks and Federal Savings Associations, Technology Service Providers, Department and Division Heads, All Examining Personnel, and Other Interested Parties." The bulletin defines third-party relationships as "any business arrangement between a bank and another entity, by contract or otherwise."
Registered ISOs, independent payment processing companies, equipment vendors, information technology service providers, data security consultants and many more enterprises within the payments sphere serve as third-party service providers to banks. The bulletin stated that an "effective risk management process throughout the life cycle of the relationship" should include:
The full bulletin is on the web at www.occ.gov/news-issuances/bulletins/2013/bulletin-2013-29.html.
The federal government has stepped up scrutiny of our industry on multiple fronts in recent years. If you search our website for Operation Choke Point, for example, you'll find numerous references to one of the most draconian programs to date. Also, "Coming to terms with escalating compliance requirements," which we published Jan. 12, 2015, in issue 15:01:01, describes what payment companies are up against in the current environment and highlights the increased emphasis on "know your customer" best practices. You'll find it at www.greensheet.com/emagazine.php?story_id=4241.
Thank you for your question. This is an issue vital to all in the payments industry.
Have actions taken by federal and state governments to regulate or otherwise influence our industry changed the way you run your business? If so, what are you doing differently now? Have any of the regulatory steps been beneficial, or do you see them as mostly a pain in the neck? Do let us know. And please keep your questions, suggestions and insights coming to us at firstname.lastname@example.org.
The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.Prev Next