PORTFOLIO Keeping vendors in check Compliance C Are your third-party service providers putting your community bank at risk? By Mary Thorson Wright ommunity bank compliance managers oversee innumerable activities to ensure sound compliance practices and technical adherence to laws, regulations and other guidance. If they are not also effectively managing the bank's use of third-party service providers (vendors) and compliance for their activities, there may be a critical gap in 36 Q ICBA Independent Banker Q August 2018 the compliance management system (CMS). Rising reliance on vendors to provide a variety of products and services, reduce banks' operating costs and access core competencies not present in organic staffing increases community banks' risk exposure. Why are community banks responsible for their vendors' compliance? Federal regulators direct banks to ensure comprehensive risk management and oversight of third-party relationships involving critical activities. The OCC defines critical activities as " significant bank functions (such as payments,