The Office of the Comptroller of the Currency (OCC) is the U.S. Department of Treasury’s independent regulatory authority. The OCC is responsible for chartering, regulating, and supervising all national banks, federal savings associations, and federal branches and agencies of foreign banks. The OCC’s mission is to ensure that entities under its wing operate in a safe and sound manner, provide fair access to financial services, treat customers fairly, and adhere to all applicable laws and regulations.
The OCC Bulletin 2013-29: Third-Party Relationships: Risk Management Guidance document was issued on October 30, 2013. It sets the expectation that banks effectively manage risk regardless of whether the bank performs the activity internally or through a third party. The document takes a risk-based approach to managing third parties by both the level of risk and complexity of the relationship and has provisions for initial due diligence, on-going monitoring, and good governance procedures that include management accountability.
The OCC Bulletin 2020-10 rescinded OCC Bulletin 2017-21 and was published on March 17, 2020. This is a document that provides clarification on the original bulletin in the form of an FAQ (Frequently Asked Questions).
Entities that are not directly regulated by the OCC should take note of these requirements if they sit within the Financial Services Value Chain, as the requirements can be passed down via contractual obligations.