With regulatory bodies putting vendor management under a magnifying glass, credit unions must tighten project management and installation requirements to have an in-depth knowledge of how their technologies perform.
Monett, Mo.-based Jack Henry & Associates' Symitar division introduced a consultancy. SymAdvisor provides on-site consultants to help credit union managers develop a strategy to most effectively utilize their systems and integrate third-party vendor products.
In March, NCUA Chairman Debbie Matz appealed for Congress to give the National Credit Union Administration, the authority to scrutinize and control vendors, which range from large companies to small companies that only serve credit unions.
"Vendors are such an integral part of the financial services industry," Matz said. "We feel like our hands are really tied." The NCUA is the only federal banking regulator that does not have the muscle to examine third-party vendors.
There is sufficient regulatory guidance in place for credit unions to contemplate, according to a presentation, "Understanding the Fundamentals of Credit Union Third-Party Vendor Due Diligence" on the NAFCU web site. Current guidelines from the NCUA, CFPB and OCC cover vendor criticality, risk contained within third party relationships, processes they facilitate and vendor management.
"A significant amount of resources are being consumed in projects related to regulatory and compliance. It seems every week that new regulations and compliance requirements are released and have to be addressed as an immediate priority," Ted Bilke, Symitar president, said. SymAdvisor helps credit union managers develop a strategy to effectively utilize their Symitar systems, complementary Jack Henry solutions, and integrated third-party vendor products.
Bilke advised it is critically important for credit unions to understand the core vendor both as a system and business provider.
"Without the depth of resources to adequately analyze and implement the continually growing list of regulatory and compliance requirements, your vendor may leave you out of compliance and in a bad situation," he said.
If a vendor or its employees have access to member data and do not have the proper processes and procedures in place to secure that data, the credit union is at risk and ultimately responsible.
"Having a good vendor management program at your credit union and creating a checklist of requirements for doing business with a vendor can save a credit union a significant amount of time and effort eliminating potential vendors that don't measure up to your requirements," Bilke explained.
The $3 billion Wright-Patt Credit Union in Beavercreek, Ohio, for example, used SymAdvisor to gain a perspective on how its business and IT units can maximize efficiencies with Symitar's Episys core platform.
"The SymAdvisor process gave us a new view of how to better leverage the technology we already have, and fresh ideas for changing key operating procedures," Aaron Vaubel, one of the credit union's IT managers, said in a press release.
"One of our key philosophies is that Episys remain the most open and assessable platform in the marketplace. Our customers expect real-time access to information that historically has been locked inside the core and required vendor developed integration to access," he continued.
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Roy Urrico
Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).
