Liability for Third Party Vendor Conduct
December 1, 2015
Many services in today’s economy are being outsourced to third-party vendors, such as law firms, accountants, human resource consultants, payroll processors, recruiters and credit card processors. But it is difficult if not impossible to outsource liability. Regulators in some industries, and an increasing number of courts in jurisdictions across the country, are holding companies liable for mistakes made by their vendors.
The banking industry in particular has had to deal with vendor liability issues, via regulations imposed by the FDIC and by Dodd-Frank, but it’s only a matter of time until similar standards apply outside banking and financial services.
The authors provide a short list of best practices derived from the financial sector’s experience with third party vendors. These include conducting due diligence on vendors (because companies in any industry that are not selective in contracting with vendors may face an adverse presumption when their choice is called into question) and requiring vendors to adopt policies and procedures. The three most important policy areas are data security, employee controls and physical plant security. A comprehensive vendor management policy is important, but active enforcement is critical and so is documentation. Make certain your company can prove it managed its vendors and verified compliance.
Insurance should play an important role. Implementing best practices and compliance audits will never reveal every risk, so there is no substitute for insuring against third-party vendor liability.
Read full article at:
Daily Updates
Sign up for our free daily newsletter for the latest news and business legal developments.