Ncontracts - Risk & Vendor Management Software & Software

Verified Vendor
Vendor214 Overlook Circle, Suite 152
Brentwood, TN37027
Ownership: Private

Description

Ncontracts is a leading provider of risk and vendor management software and services to financial institutions. While we started with our industry-leading vendor management platform, our portfolio offerings have evolved to feature enterprise risk management, business continuity planning, compliance management, findings management, and cybersecurity management. More than 650 banks and credit unions use Ncontracts to manage risk more efficiently and effectively using our integrated suite of software and services.

Products

Nvendor - Vendor Management Software

on

Nvendor is a secure, feature-rich, online vendor and contract management solution that enables financial institutions to achieve and maintain regulatory compliance in their third-party vendor relationships.

Software-only vendor management products cannot cut it in today’s evolving financial landscape. Increasing industry regulations and compliance scrutiny mean financial institutions need more comprehensive support outside of software installation and user training.

Financial institutions that use Nvendor get much more than software. They also receive the benefit of leveraging our experienced team of legal, financial and technology experts who provide guidance regarding their overall risk management obligations.

The Ncontracts Vendor Management Team combines proven methodology, software, and more than two decades of legal, financial, contract, and compliance expertise to help financial industry clients assess, identify, automate contracts and reporting, and maintain critical vendor management areas.

Our Client Services Team provides personalized training on software dashboards and works to resolve any technical or account challenges clients may encounter.

These include:

  • Vendor Policy and procedures
  • Vendor Classification
  • Contract Management
  • Vendor Due Diligence
  • Risk Assessment
  • Vendor Monitoring

Ncyber - Online Cybersecurity Assessment Tool

on

Ncyber is a secure online system that provides the FFIEC Cybersecurity Assessment Tool in an easy to utilize format to help financial institutions analyze their inherent risk and cybersecurity maturity levels. Ncyber integrates with the other solution sets provided by Ncontracts to improve inefficiencies and accuracy of the assessment.

With Ncyber, any financial institution can collaborate internally to assess their risk and access robust reporting.

Nrisk - Improve Risk Management Processes

on

Nrisk is a secure, online risk management solution that enables financial institutions to continuously measure financial and non-financial impacts by location, department, business process, application, or line of business. Nrisk simplifies the risk assessment process using natural language navigators and wizards that guide users step-by-step through the process of evaluating risk and related financial exposures. Nrisk also comes preloaded with over 2,000 risks and 1,500 controls covering all areas of your institution.

Blog: Top 10 Risks - Strategic Risk

Employee at a Company (USA)

This blog post is part of a series of posts on risks that impact financial institution. See the original article here or download the attached PDF.

Planning to Fail or Failing to Plan

Strategic risk's role in vendor management

The future doesn’t always work out the way we think it will. You know it—and I know it.

Yet we work and struggle and try to prepare for it. We spend hours assessing industry trends and trying to figure out which way the winds will blow. We do everything thing we can to position our organizations for success, balancing short-term needs with long-term goals—but not everyone else is that careful.

Strategic risk is the possibility that a company...

READ THE FULL ARTICLE: Download the attached PDF

    Free Webinar this Thursday - How to Respond when a Vendor Gets Hacked

    Employee at a Company (USA)

    Good morning, bankers. We hope you'll join us as we discuss how to respond when a vendor gets hacked. How do you keep your institution and your customers safe? This webinar will help risk managers have a game plan with how to incorporate a vendor incident management plan into the vendor management program. We will begin at 3:00pm EDT (I think EDT is correct since we're in daylight savings time still) and we'll send out the recorded webinar to all registrants. If you can't join us live, no problem. We'll still send you the video.

    Here's the registration page and a little picture that we like.

      Blog: Top 10 Risks - Reputation Risk

      Employee at a Company (USA)

      This blog post is part of a series of posts on risks that impact financial institution. See the original article here or download the attached PDF.

      Reputation Risk

      Assess Vendor Reputation Risk—Before You Have to Rebuild Yours

      Ben Franklin once wrote that “Glass, china and reputation are easily cracked, and never well mended.”

      It’s a lesson that many financial institutions have learned the hard way as they’ve entrusted their reputation to third-party service providers whose mistakes have caused material damage. Whether it’s lawsuits, outages, fraud or data breaches, consumers notice bad headlines and take their business elsewhere.

      Consider the headache $18.4 billion-asset First National Bank of Omaha faced earlier this year...

      READ THE FULL ARTICLE: Download the attached PDF

        Blog: Top 10 Risks - Operational Risk

        Employee at a Company (USA)

        This blog post is part of a series of posts on risks that impact financial institution. See the original article here or download the attached PDF.

        Top 10 Risks - Operational Risk

        Sometimes it seems like nothing in life is simple. Even activities meant to streamline operations and improve efficiency and offerings—like outsourcing products and services to a third-party vendor—can be complicated and involve risk to the bottom line.

        That’s why operational risk is one of the top 10 vendor management risks facing financial institutions. Operational risk...

        READ THE FULL ARTICLE: Download the attached PDF

          Free Webinar: Blindsided - How to Respond when a Vendor Gets Hacked

          Employee at a Company (USA)

          Hello Bankers! We invite you to join us for the October webinar where we talk about some of the recent security breaches from widely used critical vendors and how your financial institution can appropriately respond to this type of news. See the promo below and join us on October 19th.

          Blindsided: How to Respond when a Vendor Gets Hacked

          It’s easy to forget that vendors store and transmit a tremendous amount of sensitive financial institution data. If you get notified that your vendor has been breached, naturally you’d be blindsided by the event, having to deal with lost staff time, organizational focus, or worse – sensitive customer data. Which would you rather be: Prepared to handle the situation or floundering and worrying about what to do?

          This webinar will help risk managers have a game plan with how to incorporate a vendor incident management plan into the vendor management program. Specific topics include:

          • Issues to handle in vendor data break incidents
          • Best practices for managing third-party risk in every department
          • Responses to each issue and documentation to create
          • Contingency plans in case the responses are ineffective

          Join us as we examine how financial institutions can best protect their blindside by having a documented vendor incident management plan to further mitigate their risk in working with vendors that have access to GLBA-protected data.

          REGISTER HERE

            [Quiz] What Breed of Risk Manager Are You?

            Employee at a Company (USA)

            It's National Dog Week, so to celebrate, we've put together a quiz for you. Don't worry, the OCC won't see the results, so enjoy and share with your coworkers to see what they're results are, too.

            What Breed of Risk Manager are You?

            Take the quiz

            Forget which Hogwarts House you belong in (Ravenclaw, all the way). Today we tackle a far more important question: Which dog breed best represents your risk management style?

            Risk managers are the very definition of dogged. At their best they are...

            READ THE ARTICLE AND TAKE THE QUIZ: Visit the Ncontracts blog

            Blog: Top 10 Risks - Credit Risk

            Employee at a Company (USA)

            This blog post was originally published on December 7, 2016 at the Ncontracts blog

            #10 - Credit Risk

            Banks and credit unions maintain loan loss reserves to protect against loan defaults—but what can a financial institution do to protect itself against the possibility of a vendor going under?

            It can avoid choosing a financially troubled vendor in the first place.

            That’s the goal of credit risk—or the strength and ability of a company...

            READ THE FULL ARTICLE: Download the attached PDF.

              Blog: CUNA Mutual Sues Insuritas - A Vendor Due Diligence Reminder

              Employee at a Company (USA)

              Good morning, bankers. You may have seen where CUNA Mutual is suing Insuritas for allegedly defamatory statements meant to do harm. This intriguing battle is a great reminder that vendor due diligence helps uncover changes in vendor ratings as a result of such events. Check out the article below to read our take.

              When Vendors Fight: CUNA Mutual Sues Insuritas

              There’s an old African proverb: When the elephants fight, it’s the grass that suffers.

              And that’s exactly what my first thought was on seeing that CUNA Mutual Group is suing Banc Insurance Agency, also known as Insuritas, for spreading “false and defamatory communications with the intent to harm,” according to a report in CU Today.

              The suit, filed July 26, centers around an article...

              READ THE FULL ARTICLE: Download the attached PDF or visit our blog

                Blog: Does Vendor Size Matter?

                Employee at a Company (USA)

                Good afternoon, bankers. Today, we're discussing the costs and benefits of working with big vendors. This post was orginally published on the Ncontracts blog.

                Does Vendor Size Matter?

                Sometimes, but it doesn’t replace the need for vendor risk management

                Some institutions try to simplify vendor management by picking the biggest vendor in each category. Going big lets them play it safe—or so they think.

                But choosing the largest vendor is no replacement for solid vendor management.

                Big vendors can offer a lot of benefits. They are traditionally...

                READ THE FULL ARTICLE: Download the attached PDF.

                  Blog: What the FDIC Really Wants

                  Employee at a Company (USA)

                  This is the 4th of 5 blog posts discussing with the federal agencies want from banks and credit unions when it comes to risk and vendor management. This blog post was originally published on the Ncontracts blog on April 12, 2017.

                  What the FDIC Wants Banks to Know about Vendor Management

                  Today we’re looking at the FDIC’s approach to vendor management to better understand what the agency really wants from FIs. Different regulators use different terms to talk about vendor management. While they all ultimately have the same goal, they go about it in different ways.

                  Third-party risk is a hot button issue for regulators. When a bank outsources an activity to an outside vendor, it can introduce all kinds of risk. Vendor management is all about assessing, measuring, monitoring and controlling those risks.

                  The FDIC offers broad guidance on the topic, but perhaps the most concentrated source of information is the FDIC Compliance Exam Manual. Part VII on Unfair and Deceptive Practices hosts a section on Third Party Risk that spans 20 pages. It lets bankers know exactly what examiners will be looking for.

                  READ THE FULL ARTICLE: Download the attached PDF.

                    Blog: Vendor Management - What the NCUA Really Wants

                    Employee at a Company (USA)

                    This is part 3 of a 5-part blog series where we discuss what the agencies look for regarding vendor management.

                    This post was originally published on May 2, 2017 at the Ncontracts blog.

                    Today we are looking at the NCUA’s approach to vendor management, to better understand what the agency really wants from FIs.

                    The NCUA outlines its expectations in Supervisory Letter No.: 07-01, Evaluating Third Party Relationships. Its guidance is based on three key concepts:

                    1. Risk assessment and planning
                    2. Due diligence
                    3. Risk measurement, monitoring and control...

                    Risk assessment should begin by looking within. A credit union should...

                    READ THE FULLL ARTICLE: Download the attached PDF

                      Blog: Vendor Management - What the OCC Wants you to Know

                      Employee at a Company (USA)

                      Welcome to part 2 of a 5-part series where we discuss what the agencies want from banks and credit unions regarding vendor management.

                      This post was originally published on April 10, 2017 at the Ncontracts blog

                      Third-party risk is a hot button issue for regulators. When a financial institution (FI) outsources an activity to an outside vendor, it can introduce all kinds of risk. Vendor management, or third-party relationship management, is all about identifying, measuring, monitoring and controlling those risks.

                      Different regulators use different terms to talk about vendor management. While they all ultimately have the same goal, they go about it in different ways. Today we’re looking at the OCC’s approach to vendor management to better understand what the agency really wants from FIs.

                      The OCC views the failure to “engage in a robust analytics process” for vendor management as potentially “an unsafe and unsound banking practice,” according to OCC Bulletin 2013-29 – Third Party Relationships. Naturally risk-averse, the agency...

                      READ THE FULL ARTICLE: Download the attached PDF.

                        What Does Ncontracts Actually Do?

                        Employee at a Company (USA)

                        Sometimes is great to get a straightforward description of what a company does and why they may be valuable to you. Here's a quick overview of Ncontracts and how we help guide your financial institution through the risk and vendor management lifecycle.

                        Watch the video: https://youtu.be/_IJZydvDFOM

                        Blob
                        • VP at a bank ($1.4BUSA)

                          We just finished our second state exam since utilizing Ncontracts for our vendor program and received very positive comments from the examiners! Ncontracts makes it easy to organize the risk rating of the vendors and then complete the due diligence tasks. Providing reports is simple and quick, too! A big thank you to the team at Ncontracts for all you do to make me look good!

                          • Employee at a Company (USA)

                            That's wonderful to hear! Congrats on the successful exam! This is exactly why we do what we do.

                            Blog: Vendor Management - What the Fed Really Wants

                            Employee at a Company (USA)

                            Good morning, bankers. This series of posts on what the agencies really want in regards to vendor management has been one of our most popular to date, so I thought I would revisit the series and begin with the Fed. Enjoy.

                            This blog post was originally published on April 17, 2017 at the Ncontracts blog.

                            Third-party risk is a hot button issue for regulators. When a financial institution (FI) outsources an activity to an outside vendor, it can introduce all kinds of risk. Vendor management is all about assessing, measuring, monitoring and controlling those risks.

                            Different regulators use different terms to talk about vendor management. While they all ultimately have the same goal, they go about it in different ways. Today we’re looking at the Federal Reserve’s approach to vendor management to better understand what the agency really wants from FIs.

                            The Federal Reserve’s Guidance on Managing Outsourcing Risk, released December 5, 2013, offers comprehensive insights on the subject. Over the course of 12 pages, it explains the types of risk that most concern the Fed. It also highlights the core elements of an effective “service provider risk management program.”

                            The Fed makes it clear that vendor management starts...

                            READ THE FULL ARTICLE: Download the attached PDF

                              Blog: 3 Ways to Keep Your Business Continuity Plan Current

                              Employee at a Company (USA)

                              This blog was originally published on August 17, 2017 on the Ncontracts blog.

                              The other day my friend’s basement flooded.

                              It was a rainy night, the kind where television programs are interrupted by an emergency alert warning of a flash flood, but he wasn’t worried. He was in for the night. His roof was solid. His gutters were clean. He’d lived in his house over a decade and had never had a problem so why would things be any different this time?...

                              READ MORE: Download the attached PDF

                                Blog: Is the Cloudbleed Bug Putting Vendor-Held Data at Risk?

                                Employee at a Company (USA)

                                Remember Cloudbleed? Hopefully you or your vendors weren't victims, but I thought I would post this blog as a quick reminder of what happened and what you can do about it. Happy Friday. Get our blog posts in your inbox by subscribing at https://ncontracts.com/blog/

                                This post was originally published on March 10, 2017 at https://ncontracts.com/articles/cloudbleed-bug-putting-vendor-held-data-risk/

                                A security flaw is once again forcing us to change our passwords and contact vendors. Nearly 3,400 websites, including Uber, Bain Capital, Security Scorecard, Bitsight, and Fitbit,[i] may have been affected by “cloudbleed,” a vulnerability affecting user data at sites using the Cloudflare security service. User data at these sites was published to the public...

                                READ MORE: Download the attached PDF

                                  Blog: Why Broker-Dealers Need Vendor Management Too

                                  Employee at a Company (USA)

                                  This blog post was originally published January 24th, 2017 at https://ncontracts.com/articles/broker-dealers-need-vendor-management-too/

                                  The Financial Industry Regulatory Authority (FINRA) is putting broker-dealers on notice that vendor management of cybersecurity will be a hot topic in 2017.

                                  In its Regulatory and Examination Priorities Letter highlighting areas FINRA plans to review in 2017 and “brief…

                                  READ MORE: Download the attached PDF.

                                    Blog: Why it was a Bad Idea for a Banker to Name his Boat 'Overdraft'

                                    Employee at a Company (USA)

                                    *This blog post was originally posted February 21, 2017 at https://ncontracts.com/articles/why-its-a-bad-idea-for-a-banker-to-name-his-boat-overdraft/ *

                                    Gary Hart had Monkey Business. Now former TCF National Bank CEO William Cooper has Overdraft.

                                    The newly famous boat, named in honor of the role overdraft fees played in the success of the TCF Bank, is making national headlines as part of a lawsuit filed by the CFPB alleging the $21.1 billion bank was “tricking consumers into costly overdraft services in order to preserve its bottom line.”

                                    TCF Bank, based in Wayzata, Minn., denies the allegations, saying it did not violate...

                                    Continue Reading: Download the attached PDF.

                                      Blog: After Six Years, Agencies Fine Mortgage Processor $65 Million

                                      Employee at a Company (USA)

                                      This article was originally posted February 8th, 2017 at https://ncontracts.com/articles/after-six-years-agencies-fine-mortgage-processor-65-million/

                                      It’s bad enough to be hit with a regulatory consent order. Now imagine the expense and public relations nightmare when those proceedings drag on for years.

                                      Just ask Fidelity National’s subsidiary ServiceLink. This week the Fed, FDIC and OCC fined the company $65 million for improper actions taken by its predecessor company, Lender Processing Services, resulting in “significant deficiencies in the foreclosure-related services that LPS provided to mortgage servicers.”

                                      You might remember LPS from the heyday of the mortgage foreclosure robo-signing scandal....

                                      To read the full article:
                                      Download the attached document.