Products
- Products
  - Third-Party Risk Management
    A third-party management solution to match your program maturity
  - ABAC Compliance
    Combat third-party bribery and corruption risk and comply with international regulations
  - Environmental, Social & Governance (ESG)
    Hold your suppliers to a standard of integrity that reflects your organization’s ESG policies including German Supply Chain Due Diligence Act (LkSG)
  - Financial Services Risk Assessment
    Conduct a comprehensive Financial Services Risk Assessment directly aligned to OCC guidance
  - Information Security
    Protect digital assets by assessing risks from vendors that access your data and/or networks
  - Data Privacy & GDPR
    Ensure vendors are compliant with data privacy regulations and standards, including the CCPA, GDPR and more
  - Performance Management
    Understand, monitor, and manage the performance standards of your third-party suppliers
  - Risk Intelligence Connectors
    Augment Aravo assessments, continuous monitoring, and other due diligence with specialized data providers
  - Supply Chain Resilience
    Prevent, defend, respond, and recover from hazards that put continuity of supply at risk
  - Capabilities
    Pre-configured, best practice solutions that are aligned to customers’ maturity
- What’s New — Aravo for ESG Learn how to build sustainable and ethical supply chains across your extended enterprise
Industry
- Industries
  Supporting successful programs across virtually every sector, we understand your business
  - Financial Services Industry
    A third-party management platform that understands regulatory and compliance requirements
  - Insurance
    Third-Party Risk Management and Compliance for the Insurance Industry
  - Pharma
    Third-Party Risk Management and Compliance Solutions for the Pharmaceutical and Life Sciences Industry
  - High Tech
    Third Party Risk Management and Compliance Solutions for the High Tech Industry
  - Consumer Goods
    Third-Party Risk Management Solutions for the CPG Industry
  - Manufacturing
    Third-Party Risk Management and Compliance Requirements for Manufacturing Companies
- Featured Resource
  
  Learn more about Aravo and how we can help organizations like yours
Resources
- Resources
  - Customer Tools / Aravo Academy
    The Aravo Academy will help get you up and running with Aravo’s technology.
  - Strategic Alignment Framework™
    An adaptive framework aligning your TPRM goals, plan, and delivery program for your organization.
  - Blog
    Aravo’s blog for expert third-party risk and compliance content
  - TPRM Solution Voyage
    Explore how to choose the right TPRM software for your business
  - TPRM Maturity Calculator
    How mature is your third-party risk management program? Calculate your score
  - Events and Webinars
    Explore Aravo’s events and webinars to get the latest in TPRM and compliance trends from leading experts.
  - Glossary
    The ABCs of TPRM. Here you will find business terms risk professionals use on a daily basis
  - Guidance and Regulations
    An overview of the vast range of regulations and guidance that encompass TPRM
- Featured Resource
  
  Get your need-to-know guide on the future of supply chain regulations
About Us
- About Aravo
  Find out more about Aravo, our purpose, and why leading brands trust our technology solutions
  - Expertise
    Market leaders for 20 years, our services professionals have the expertise to work as an extension of your team
  - Leadership
    Our management team. Commited to supporting “Better Business”, delivering the best experience for our customers
  - Partners
    Learn more about our partner ecosystem
  - Press Releases
    Get the latest information on Aravo, including company and product updates
  - Careers
    Explore career opportunities globally and learn more about Aravo culture
- Latest Analyst Report
  
  Learn why Aravo is a third-time category leader for TPRM
Request Demo
Contact

OCC Bulletin 2002-16

The bulletin provides guidance to national banks on managing the risks that may arise from their outsourcing relationships with foreign-based third-party service providers. It also addresses the need for a national bank to establish relationships with foreign-based third-party service providers in a way that does not diminish the ability of the OCC to access, in a timely manner, data or information needed to effectively supervise the bank’s operations.

“As with domestic outsourcing arrangements, the board of directors and senior management are responsible for understanding the risks associated with the bank’s outsourcing relationships with foreign-based service providers and ensuring that effective risk management practices are in place.”

“Specifically, before a national bank contracts for the services of a foreign-based service provider, it should properly assess the associated risks and exercise appropriate due diligence, including careful consideration of contract matters and choice of law and forum provisions. Additionally, the bank should have in place sufficient risk management policies, performance monitoring and oversight processes, expertise, and access to critical information to enable it to properly oversee the risks of the outsourcing relationship, including country and compliance risks.”

Read the full guidance

Source Regulation

OCC Bulletin 2002-16

The Definition of Better Business