For years now, financial institutions have been hearing vendor management caveats playing on repeat. They come from the regulators, banking associations, peers and even the vendors themselves. The last major “guidance” on the subject for financial institutions was released back in October 2013 by the Office of Comptroller of the Currency (OCC). And while the guidance was pretty clear in its expectations for the risk management practices that the regulators expect you, as a financial institution, to have in place for YOUR vendors, there has been one point that has not recently been addressed. What about you, the financial institution, AS a vendor?