Responsibilities When Outsourcing to Third-Party Service Providers

Guest Post from REVERSE Inquires by Mayer Brown, VOLUME 01, ISSUE 05 | August 14, 2018

Discussions on regulatory requirements generally focus on substance. Less often highlighted is how the nuts and bolts of compliance and daily operations are actually carried out—often by third-party service providers. FINRA recognizes the role third-party service providers play and even hosts the Compliance Vendor Directory. We discuss FINRA’s guidelines for the use of third-party service providers below using examples relating to technology governance, cybersecurity and anti-money laundering (“AML”) programs. These topics were included in the FINRA 2018 Regulatory and Examination Priorities Letter and were chosen to highlight the role of outsourcing across various focus areas.

Continue reading