Skip to content

Is CRINDATA right for your Third Party Service Provider business?
Take the quiz…

Is CRINDATA right for you? Find out by answering a few short questions, or give us a call today!

1. 
Do you, or does a Subcontractor on your behalf, provide or support a Critical Dependency of a Financial Institution?

2. 
In the course of your relationship with a Financial Institution, does confidential information of a Financial Institution or consumer non-public information/personally identifiable information (NPI/PII) reside on or pass though your systems or the systems of a Subcontractor?

3. 
Are you a banker’s bank, corporate credit union, or CUSO?

4. 
Do you receive multiple requests for “Vendor Due Diligence” data (VDD) (e.g., SOC-1/2, SOC audit, business continuity plan, financial information, cybersecurity plan, insurance, etc.) from your customers? OR do you make multiple requests for VDD from your subcontractors?

5. 
Do you have formal policies, procedures, and processes for notifying your Financial Institution customers of business disruptions or cybersecurity events that could affect them?

6. 
In the aftermath of a business disruption or cybersecurity event, will you be able to prove you complied with your contract and applicable regulations?

7. 
Do you have published requirements and a platform that you require your Subcontractors to follow and use when they experience business disruptions or cybersecurity events that could affect your Financial Institution customers?

CRINDATA Podcasts
Summarization of the Key Issues Arising From the Public Comments on the Regulatory Guidance Issued

A Summarization of the Key Issues Arising From Public Comments on Regulatory Guidance

Jim Freis talks about the key issues related to the public comments phase on the regulatory guidance…

comments and risk podcast

Comments on the Guidance Issued for Public Comment by Federal Banking Regulators

Jim Freis talks about the comments made during the public comment phase of the regulatory guidance i…

Crisis Averted

Reporting Requirements for Loss of Customer Data

Jim Freis talks about the reporting requirements for financial institutions that have suffered a dat…