For Financial Institutions

Here’s what CRINCIDENTS can do for your Financial Institution.

Common sense suggests, and new regulations confirm, that the quality of the information and the speed with which you receive notice of a Critical Incident from your Third Party Service Provider will make a big difference in your ability to mitigate the effects of the Incident on your business and on your customers.  

Do you have backup systems or other providers prepared to step into the gap left by service disruption or cybersecurity event at one of your Critical Third Party Service Providers? The sooner you receive notice, the sooner you can commence mitigation.

Does your Chain Risk Map show the Critical Incident failure point is a Subcontractor common to several Third Party Service Providers? Knowing this will influence or change your risk mitigation actions. The sooner you know, the sooner you can alter course.

Will you have a chance to investigate and consider mitigation efforts in the midst of the crises?  Perhaps and perhaps not, but one thing is for certain, the more time you have and the better information you have, the less likely the crises is to materially affect your business and your customers.   

CRINCIDENTS is a platform that will facilitate your receipt of the best information in the shortest possible time. It allows your Third Party Service Providers to notify you and other affected parties (even hundreds of them) of an Incident in a matter of a few minutes. It allows you to manage who receives notice of Incident and how the notices are communicated. It allows you to view and upload documents, share calendars with stakeholders, and build a record of what happened, when and how it happened, and what was done. Finally, it will allow you to track Incidents in the media which could lead you to ask the right questions sooner.     

We imagine a world in which Financial Institutions receive notice service disruptions and cybersecurity events and then commence evaluation and mitigation actions within minutes of occurrence rather than hours or days. We imagine a industry-wide interdependencies map among Financial Institutions, their Critical Third Party Service Providers, and the “downstream” parties (like communications infrastructure, data centers, critical financial facilitators) that will allow stakeholders to identify Critical Dependency risks and pre-plan for disruptions. As elite endurance athletes say, “Pain is inevitable, but [with preparation] suffering is optional.”

Here’s what CRINRISK can do for your Financial Institution.

To deliver on the promise of expanding product and service offerings and to navigate an ever more complex operational and regulatory environment, you outsource some products, services, and systems to Third Party Service Providers.  Some of this outsourcing involves Critical Dependencies like core, payments, cybersecurity, compliance infrastructure (e.g., OFAC compliance), which if affected by a service disruption or cyber crime, can materially affect your ability to do business and adversely affect your customers. Some of your Third Party Service Providers, in turn, outsource some of these critical products or functions to Subcontractors.  Some Subcontractors even outsource to what regulators call “Fourth Parties” (Sub-Subcontractors).  CRINRISK helps you identify, map, and mitigate the risks associated with Chain Risk.  

Having identified and mapped Chain Risk, best risk management practice—enforced by new regulations and examiner focus on Third Party Relationships–invites you to quantify and mitigate the identified risks. You likely have a handle on the “vendor due diligence aspects” of the Chain Risk, but do you have a plan to truly engage with your Third Party Service Providers and, indirectly, their Subcontractors, in a way that allows you to anticipate service disruption and cybersecurity risks and to implement a plan in collaboration with your Third Party Service Providers that will give you the best possible of the least possible impact on your business and your customers in time of crises? CRINRISK will help!

Here’s what CRINSEAL can do for your Financial Institution.

Do you periodically send a few documents or regulatory or contractual notices to a few counterparties either for signature or as notices required by regulations or by contract? Do you send these documents securely?  How do you track them to confirm they were received or executed by the recipients?

A few documents by email a few times per year is one thing, but what if there are dozens or hundreds of documents to dozens or hundreds of counterparties sent by regular/potentially insecure email that you track by spreadsheet? There’s a better way that is cost efficient and virtually eliminates the need to track documents, send reminders, and collect and collate signatures or sent receipts. That’s CRINSEAL and it’s now part of the CRIN™ family of solutions.