Vendor Management/Third-Party Relationships

Develop a vendor management policy that addresses planning, due diligence, and controls required before engaging in third-party relationships. The level of planning, due diligence, and controls required to safely engage in any relationship depends upon the credit union’s risk profiles and the type of relationship with the vendor. For more information on vendor/third-party relationships, see the following Letters to Credit Unions:

• 08-CU-09, Evaluating Third Party Relationships Questionnaire

• 07-CU-13, Evaluating Third Party Relationships

• 01-CU-20, Due Diligence Over Third Party Service Providers

Last updated on March 30, 2026