Resources
WolfPAC > Resources > The 3 Biggest Vendor Management Pitfalls (and how to avoid them)
Back to Resources

The 3 Biggest Vendor Management Pitfalls (and how to avoid them)


Financial institutions utilize more vendors than ever before to provide services for their customers. For many organizations, this results in more efficient and cost-effective offerings. However, you must have a robust vendor management program in place to reap these benefits.

Time and time again, we see institutions fall victim to the following three vendor management pitfalls:

  1. Not understanding who belongs in a vendor management program.
  2. Monitoring every vendor and every point.
  3. Having contracts in many different places.

Vendor Management Pitfall #1: Not understanding who belongs in your program

Often, when someone hears “vendor management,” they assume that it means every third party you pay money to needs to be in the program. This isn’t the case. The focus of a vendor management program is third parties you have a business relationship with that perform operational functions integral to your product or service offerings.

Think of it this way:

  • Your loan origination software is a vendor. They’re directly involved in the services you provide to your customers.
  • Your copy paper delivery guy? Not so much. They are simply a supplier, not a vendor, and don’t belong in the program.

Pitfall #2: Monitoring every vendor and every point

A common misconception for people maintaining a vendor management program is that they need to examine everything available for every vendor. That isn’t necessary.

You want to monitor based on the vendor’s inherent risk rating. The higher the inherent risk, the more monitoring is required. This works in the opposite direction also! The lower the inherent risk, the less monitoring is needed.

  • You don’t need to monitor every available SOC report for every vendor, just your highest-risk ones.
  • Instead, monitoring only what’s relevant allows you to spend your time in your vendor management program more efficiently.

Pitfall #3: Having contracts in many different places

Time and time again, we see institutions with their contracts in many different places. Centralizing your contracts means having all the pertinent details of your partnerships right at your fingertips whenever you need them. You should also never be surprised by the renewal of a vendor.

Centralizing your contract location facilitates effective tracking of renewal dates. Tracking dates means being prepared for these actions and seeing them in a holistic view with the rest of your vendors.

Attribution: Randy Marsicano