Main Menu
Download Print

Client Alert: New FDIC Guidance on Technology Service Provider (TSP) Contracts

Photo of
Proactive Risk Management is Key

Action Items

FDIC FIL-19-2019 – Technology Service Provider Contracts

The FDIC recently issued FIL-19-2019 regarding Technology Service Provider Contracts, which can be found at: https://www.fdic.gov/news/news/financial/2019/fil19019.html. The letter addresses deficiencies FDIC examiners found in many TSP contracts that, among other things, insufficiently addressed business continuity risks and data breach/cyber security incidents. We have observed the FDIC (and other bank regulators) raise these issues in recent exams. The topic is especially timely and critical in light of the growth of FinTech relationships, which often contain a TSP element.

The principles enunciated by the FDIC in FIL-19-2019 involve both the contractual issues examiners identified and the necessity of proactive risk management. Even if the FDIC is not your bank’s primary federal regulator, these principles are indicative of the evolving expectations in this area.

Contractual Inadequacies

The FDIC’s guidance focused on contractual inadequacies, including:

Proactive Risk Management

A bank’s directors and senior management retain primary responsibility for overseeing and managing the risks that accompany technology outsourcing relationships. Accordingly, whether a TSP relationship is new or has been in place for some time, Banks are encouraged to take the following measures:

TSP contracts are frequently offered to banks with little time to properly vet them from due diligence, regulatory, and legal standpoints. Don’t let that happen. Your bank needs to follow best practices in managing TSP relationships to ensure contractual protections and adequate risk oversight and compliance.

We Can Help You

Please contact us to review your bank’s current and potential TSP contracts and if you are considering a new TSP relationship, renewing an existing TSP contract, or if you want to discuss how to address an existing TSP relationship in light of the FDIC’s guidance.

We have addressed trends in this area in recent Client Alerts regarding TSPs, third-party vendor management, and FinTech relationships:

Subscribe

Related Practice Areas

Related Industries

Back to Page