Career Search

Senior Vendor Risk Analyst - 3DHO0 in Buffalo, NY at M&T Bank

Date Posted: 3/22/2018

Job Snapshot

Job Description


Support business units across the M&T enterprise in the assessment of potential and existing vendors, support M&T’s efforts to effectively manage third-party risk, partner with business units to ensure proper completion of service risk assessments and other forms of due diligence, facilitate ongoing monitoring of vendors, drive data-informed and risk-based decisions, update and maintain third-party risk management systems, collaborate across risk and business unit managers to maximize profitability consistent with M&T’s risk appetite, and lead third-party risk related projects that include policy changes, program enhancements, system changes and process improvements.


Partner with business units to ensure vendor engagements are appropriately risk assessed, and identified risks are suitably monitored and mitigated in line with M&T’s risk appetite, including the identification of risk concerns and the recommendation of control enhancements. 
Partner with business units to ensure accurate and timely completion of assessments and escalation of complex issues discovered by vendor assessment via the Third-party Risk Management program (the “Program”).
Help maintain and review reports from M&T's system of record for the Program with the most timely and accurate information available, including the review and dispositioning of questionnaires, attestations, due diligence reports, and other records and information in the Third-party risk system of record.
Perform complex quality reviews regarding the Program.
Answer escalated inquiries concerning the Program.      
Manage projects to develop and execute enhancements to the Program based on industry practices and regulatory expectations. 
Enhance policy, process, workflows, and procedures as necessary in order to improve efficiency and mitigate risk.
Complete periodic validations of third-party monitoring activities handled by subject matter experts and business units to ensure activities are in line with Program expectations. 
Work with third-party risk management stakeholders to close out past due items. 
Remain current with all outsourcing and third-party risk management (“TPRM”) regulatory guidelines that would influence the Program, including relevant guidelines from the Federal Reserve Bank (FRB), Federal Financial Institutions Examination Council (FFIEC), New York State Department of Financial Services (DFS), Office of the Comptroller of the Currency (OCC), and Consumer Financial Protection Bureau (CFPB). Identify, recommend, and implement Program enhancements to remain current with such guidelines.
Remain current on industry best practices that may enhance the Program. Identify, recommend, and implement Program enhancements.
Develop and deliver third-party risk management training to business unit personnel on procedures and controls designed to ensure compliance with outsourcing and third-party risk management regulatory requirements.
Lead meetings to provide analysis, feedback, and observation on third-party risk management requirements to ensure their awareness of pertinent issues.
Create and analyze regular management reporting focusing on strategic enterprise and vendor specific risk conditions. Create and produce routine and ad-hoc third-party risk management reporting for regulators, auditors, business units, senior management, and the Board of Directors. 
Understand and adhere to the Company’s risk and regulatory standards, policies and controls in accordance with the Company’s Risk Appetite.  Design, implement, maintain and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.
Promote an environment that supports diversity and reflects the M&T Bank brand.
Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable. 
Complete other related duties as assigned.


Third-party risk management is rapidly growing in importance as M&T continues to outsource products and services. This position develops, manages, and ensures the quality of projects and underlying methodology to ensure business units adhere to M&T policy to risk assess vendors, perform due diligence, review contracts, and perform ongoing monitoring. Third-party risk management governance structure guides such policy, sets requirements, and manages residual risk decisions.

Provide on-the-job training/support to new team members

Bachelor's degree and a minimum of 2 years' experience in audit, compliance, risk management, vendor management, project management or quality control, OR in lieu of a degree, a combined minimum of 6 years' of higher education and/or work experience, including a minimum of 2 years' experience in audit, compliance, risk management, vendor management, project management or quality control.

Strong verbal and written communication skills.

Ability to communicate concepts/theories and develop alternative recommendations.

Ability to maintain solid working relationships with internal and external business partners.

Strong problem solving skills.

Strong quantitative skills.

Proficiency with personal computers as well as pertinent spreadsheet and word processing software. 

Bachelor's Degree in Risk Management, Supply Chain Management, Sourcing, Economics, Finance, or related discipline.

Advanced Degrees, including Masters and J.D. 

Ability to function professionally at many different levels (clients, management, and peers). 
Knowledge of applicable products, systems and workflows. 
Knowledge of financial services industry. 
Knowledge of bank-wide policies, procedures, and responsible area. 
Knowledge of process improvement methodology and business process management techniques. 
Strong interpersonal skills necessary for business partner relationships within and outside program. 
Self-motivated, well-organized individual. 
Demonstrated experience working under time constraints. 
Demonstrated experience handling multiple tasks in support of various assignments. 
Demonstrated experience managing and supporting projects. 
Demonstrated experience working individually as well as a member of a team.

About M&T: 
At M&T, we strive to be the best place our employees ever work, the best bank our customers ever do business with and the best investment our shareholders ever make. So when looking to advance your career, look to M&T. As a top 20 US bank holding company and one of the best performing regional banks in the country, we offer a wide range of performance based career development opportunities for talented professionals. And through our longstanding tradition of careful, conservative and consistent management and a strong commitment to the communities we serve, we continue to grow with a focus on the future.

M&T Bank Corporation is an Equal Opportunity/Affirmative Action Employer.
M&T Bank Corporation does not sponsor individuals for the purpose of obtaining H-1 Visas.
M&T Bank Corporation has policies and procedures in place to promote a drug free workplace.