• Abstract and Figures
• Public Full-text

VENDOR MANAGEMENT

Credit unions have many significant relationships with critical vendors, and both NCUA and OFIR examiners are increasingly focusing on vendor management issues when reviewing credit union operations. A vendor relationship can be seen as having four distinct phrases (although they will overlap), these being as follows:

1. Selection of a vendor to provide a service. 2. Establishing the relationship through a contract. 3. Managing the ongoing relationship. 4. Ending the relationship.

The selection process can be extensive. The credit union may be looking at various vendors. It needs to do a thorough due diligence on all prospective vendors; the extent of the due diligence will depend on how significant the relationship is and how difficult it will be to replace the vendor should it go out of business.

The process needs to be as impartial as possible; what employees may be comfortable with due to a relationship through a previous employer or other events of the past needs to be screened out of the process. The degree to which a vendor is willing to make contractual commitments needs to be considered. And its reputation and past performance in the marketplace need to be reviewed. Don’t rely solely on the vendor for references; there may be other sources of information to determine who is using which vendor and thus can be contacted about it.

NCUA has published a variety of items on this subject. Below is a brief description and a link to several of them:

1. NCUA Supervisory Letter on evaluating third party relationships. Although addressed to examiners, it contains much helpful information for credit unions and a listing of additional resources: www.ncua.gov/Resources/Documents/LCU2007-13ENC.pdf. This item was sent to credit unions as an attachment to NCUA Letter 07-CU-13. 2. NCUA Questionnaire for third party relationships. Again, this is directed at examiners but will be very helpful for credit unions, particularly with their more significant, large dollar amount contracts: www.ncua.gov/Resources/Documents/LCU2008-09ENC.pdf.

3. NCUA Letter 01-CU-20 dealing with due diligence and third parties: www.ncua.gov/Resources/Documents/LCU2001-20.pdf.

4. Indirect Lending and Appropriate Due Diligence -- NCUA Letter 10-CU-15 -- www.ncua.gov/Resources/Pages/LCU2010-15.aspx. The information here may be helpful in evaluating a variety of relationships.

Negotiating the contracts is a key part of the process; a vendor hasn’t been selected until an agreement is signed, and vendor selection should be viewed in this manner. Examiner reviews will focus, in part, on this part of the process. The examiners are looking for evidence that credit union management and the credit union’s board have identified key provisions of their contracts, particularly major agreements (such as for data processing) and have made business decisions concerning those provisions.

The examiners do not expect that credit unions will be able to negotiate favorable provisions in all instances; they fully understand that any contract is a matter of negotiation. But they do expect to see evidence that the credit union understands the key provisions and has made conscious business decisions concerning them. They also expect that all contracts will comply with applicable laws and regulations (such as NCUA’s Privacy Rule). Note that everything important to the credit union must be in the contract itself. Inevitably, contracts will contain language that won’t allow the credit union to rely on anything a sales representative says or anything in any sort of sales proposal unless they also appear in the contract.

Ending the relationship Before the contract is signed is also the time to think about when the relationship will end. Your credit union is in the best position to negotiate these provisions before it signs anything. This is also the best time to negotiate the provisions.

The relationship is new and everyone is excited to get the contract signed. If you wait until the end of the relationship, at that point parties are likely to be less cooperative and seeking to only protect their interest. Make a list of all the issues that will likely arise and decide how you will want to address them. The more that has to be dealt with, the more complicated it will be.

Especially tricky are relationships such as data processing contracts where the credit union will need something from the vendor at the end of the relationship, such as delivery of files or an interface with another party, so we’ll use data processing contracts as our example.

The first issue to deal with is when the relationship will end. Some contracts are set up so that they can be terminated by notice at any time (often with 30 or so days lead time) by either party. But relationships where more up-front work and commitment are involved will typically have a set term, such as three or five years. Often, the length can be negotiated. But once the term has been decided, the credit union needs to make note of benchmarks for its future planning. If the contract will not renew, the credit union will need to line up a replacement source if it still needs the service. However, most data processing and other contracts provide for automatic renewal if notice of non-renewal isn’t given. And that’s where problems arise.

Many contracts require that notice of non-renewal be given well before the expiration of the initial (or renewal) term. So, the credit union’s decision-making process has to be established accordingly. If a contract requires six months advance notice for non-renewal, the credit union must make its business decision, complete its evaluation of alternatives, and enter into a contract with a new vendor (if that’s the decision) well before this six-month point.

The credit union needs to have a schedule of its significant contracts, the dates their terms end, and the last date for giving notice of non-renewal so it doesn’t end up renewing a contract inadvertently. If the credit union misses the notice date, the contract may still allow a termination, but only if a significant termination fee is paid. Or, it may not provide for such a termination (absent default) at all, leaving the credit union at the mercy of the vendor.

Assuming that the timing of the termination is handled correctly, the next issue is what happens at termination. If the credit union won’t need anything from the previous vendor, such as with a snow removal or a lawn care contract, the only concern will be that the new people show up when needed and that employees of the former vendor don’t appear unexpectedly because they don’t know of the change.

But with a data processor, the credit union will need to have its records delivered at exactly the right time either to the credit union itself (if it is going in-house) or to its new processor. These issues need to be resolved before the relationship begins, not when it is about to end. For instance, will there be any sort of deconversion fee? Deconversions do involve extra work, so a fee of some sort is reasonable. But it should be agreed upon ahead of time, as opposed to being charged at the vendor’s “standard” or “then current” rates. There might also be a “per account” component. If so, it needs to be spelled out. And the contract needs to make clear that these are the only fees involved.

How the information is to be delivered also needs to be dealt with. We haven’t heard of any situations, at least lately, where the vendor stated that it would have the credit union’s data printed and on its doorstep within four hours after termination, and then indicate that a steep fee would be involved if the credit union preferred to have it delivered electronically.

A review of a vendor’s contract will likely show that electronic delivery of information at termination will be provided. But when? And in what format and at what price? Is the agreed upon format something that the credit union and a new vendor can handle without significant time and expense being involved?

After the contract is signed, the credit union must tend to the initial implementation and testing; then monitoring the ongoing relationship. What the credit union is to receive, and when it is to receive it, should be spelled out in the agreement. The credit union needs to have a program in place to check periodically to determine that it is in fact getting what it contracted for. It needs to frequently consider what could go wrong, and what the credit union would do if something actually does go wrong.

If there is a breach of the agreement, the credit union needs to have a plan to deal with it. Credit unions should periodically research who potential replacement vendors will be if something goes wrong, and how difficult it would be to switch to a new vendor if its current vendor just doesn’t perform.

The credit union also needs to conduct due diligence on an ongoing basis. Has the vendor’s position or reputation in the marketplace been eroding? Is it giving an indication of financial issues, such as being slow to turn money over to the credit union or suddenly becoming more anxious about when it will be paid (or offering too much of a discount for advance payment)? Have key personnel begun to leave? (Note that some degree of turnover is normal, but too much is an indication of trouble.) Have quality issues begun to emerge? The credit union needs to conduct performance reviews and also keep a log of all problems so it can identify trends. If a problem arises, everyone will be looking at the contract, so this needs to be kept in mind when the negotiating is going on.

To assist credit unions in negotiating their agreements, documenting their business decisions, and identifying issues for legal review, we have prepared a checklist for credit unions to use. The checklist is available for all credit unions. Credit unions interested in purchasing the checklist are asked to contact managing partner, Chuck Holzman, at [email protected].

Load more

  4

Copy Link