Federal Reserve-supervised banking organizations use the interagency guidance to manage risks from third-party relationships. The guidance applies across the relationship life cycle and expects banking organizations to identify, assess, monitor, and control risks related to third parties.
Official sources
- Federal Reserve: Interagency Guidance on Third-Party Relationships
- Federal Reserve SR 23-4
- Federal Register: Interagency Guidance on Third-Party Relationships: Risk Management
Federal Reserve SR 23-4 announced the final interagency guidance for Federal Reserve-supervised banking organizations.
What the guidance covers
The guidance covers planning, due diligence, contract negotiation, ongoing monitoring, and termination. It also addresses governance, board and senior management oversight, independent review, and documentation.
For Federal Reserve-supervised organizations, the important implementation question is whether the organization can explain how the process works for different types of relationships and different levels of risk.
Evidence to maintain
- Third-party relationship inventory.
- Risk assessment and planning records.
- Due diligence and approval evidence.
- Contract review and executed agreements.
- Monitoring, incidents, complaints, issues, and remediation.
- Termination and contingency planning.
- Board, senior management, and independent review materials.
Common gaps
- The relationship inventory does not show which providers support critical operations or regulated
services.
- Monitoring is calendar-based rather than event-based.
- Provider incidents are not tied back to risk ratings and management reporting.
- Independent review findings are tracked separately from third-party remediation.
How Halbarad helps
Halbarad helps teams keep provider records, evidence, monitoring, issues, approvals, and reporting connected. It can help a Federal Reserve-supervised organization show how third-party risk decisions were made, what evidence was reviewed, what remains unresolved, and how the relationship is being monitored.
Halbarad supports implementation and evidence. It does not ensure compliance.
Disclaimer
This guide is for general information only and is not legal advice. Review the official regulation, guidance, and supervisory materials, and consult qualified counsel or compliance advisors for your organization's specific obligations.