Welcome » IT Booklets » Outsourcing Technology Services » Risk Management » Service Provider Selection » Due Diligence
A financial institution should perform due diligence on the service provider's response to an RFP as well as the service provider itself. Due diligence should serve as a verification and analysis tool, providing assurance that the service provider meets the institution's needs. Due diligence should confirm and assess the following information regarding the service provider:
Other important elements include probing for information on intangibles, such as the third party's service philosophies, quality initiatives, and management style. The culture, values, and business styles should fit those of the financial institution. When a foreign-based service provider is considered, the evaluation should assess the relationship in light of the above items as well as the information discussed in Appendix C, Foreign-Based Third-Party Service Providers.
Financial institutions may perform due diligence on one or more of the service providers that respond to the RFP. The depth and formality of the due diligence performed may vary according to the risk of the outsourced relationship, the institution's familiarity with the prospective service providers, and the stage of the provider selection process.
Once institutions issue RFPs, receive and evaluate responses, and perform due diligence, they enter into contract negotiations with one or more of the service providers they have determined can best meet their needs.