Information security officer for Wells Fargo Bank: “Make sure you’re aware of the updated guidance” Third-party vendors should be completing their internal risk assessments, he says. Banks need to make sure they’re coordinated with their company and addressing any changes that need to be made. “It’s not at all acceptable for us to say at Wells Fargo, or any bank for that matter, it’s not our fault we’re not complaint. We outsource that to a third party,” says Wells Fargo’s information security officer.”]
Source: https://www.cuinfosecurity.com/vendors-ffiec-guidance-you-a-3917