Abortion pills in Jeddah |• +966572737505 ] GET CYTOTEC
Annex_A_-_Outsourcing_Due_Diligence.docx
1. Page 1 of 6
ENTERPRISE BANK, INC. Annex A
OUTSOURCING DUE DILIGENCE – Internal
Instructions:
Completely fill up this form.
Do not leave any field blank.
Put a check mark () on the appropriate box(es).
Write N/A if the information being asked is not applicable to the subject.
Use additional sheet if necessary, to sufficiently provide the information being asked.
SERVICE TO BE OUTSOURCED
1. Type of service to be outsourced:
Accounting/Finance Compliance Consulting
Legal Services Administrative Functions
Information Technology Operations/Support Functions
HR Functions Other:___________________
Provide brief description of service to be outsourced.
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
2. Is this service essential to the operation of the Bank? Yes No
Provide brief explanation.
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
APPROPRIATENESS OF OUTSOURCING
1. Potential impact on the Bank if Service Provider fails to perform:
High Medium Low N/A
Financial Impact
Reputational Impact
Operational Impact
Customer Service Impact
Potential Losses to Customers
Exposure of Bank to Lawsuits
Exposure of Bank Regulatory Sanctions
Comply with Regulatory Requirements
Costs to Firm
Degree of Difficulty Replacing Service Provider
v
v
v
v
v
v
v
v
v
v
v
v
v
v
v
v
v
v
v
v
v
v
2. Page 2 of 6
ENTERPRISE BANK, INC. Annex A
OUTSOURCING DUE DILIGENCE – Internal
Comments:
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
2. Is there an affiliation or other relationship between the Bank and the Service Provider? Yes No
If yes, please describe the relationship and any potential conflicts of interest:
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
3. Is the Service Provider a regulated entity subject to independent supervision? Yes No
If yes, name of regulator:
________________________________________________________________________________
SERVICE PROVIDER INFORMATION
1. General Information
Business Name:
Business Address:
2. Contact Person(s):
Name Designation Contact No(s). Email/Website
3. Is the Service Provider owned/controlled by a Parent Company? Yes No
If yes, name of parent company:
________________________________________________________________________________
3. Page 3 of 6
ENTERPRISE BANK, INC. Annex A
OUTSOURCING DUE DILIGENCE – Internal
4. Personnel:
Approximate # of employees: _______
Does the Service Provider hire independent contractors? Yes No
If yes, who is/are the independent contractor(s) and what functions do they perform?
________________________________________________________________________________
________________________________________________________________________________
5. Background Information:
How many years has the Service Provider been in business? _______________________________
How many years has the Service Provider provided the outsourced function? ___________________
6. Is the Service Provider known to the Bank or employees of the Bank? Yes No
If yes, please name the individual(s) and describe any prior experience each had with the Service
Provider:
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
DUE DILIGENCE
1. What methods did the Bank use to verify the Service Provider’s information? (Choose all that apply.)
SEC Public Disclosure Internet Research Entity Formation Documents (Permits, etc.)
Credit/Background Check Independent Research Media/News Reports
Personal Referral Business Plan Policies and Procedures Manual(s)
Personal Interviews Marketing Materials Financials
Onsite Inspection Sales Materials Other: __________________________
Comments:
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
2. Does the firm maintain evidence of the above methods used to verify the Service Provider’s
information (i.e. copies of documents reviewed; notes from personal interviews and onsite
inspections; printouts from public disclosure sites etc.)? Yes No
4. Page 4 of 6
ENTERPRISE BANK, INC. Annex A
OUTSOURCING DUE DILIGENCE – Internal
If yes, please identify where these evidence/documents are maintained:
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
3. Please list any other Firms/Companies that use this service (if contacted personally, identify the name
of the contact and the result of the contact):
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
4. Please describe the background and experience of individuals who will be performing the services:
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
5. Based on your review of the information, has the Service Provider and/or its principals been subject
to any regulatory, criminal or civil disciplinary issues? Yes No
If yes, please describe:
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
6. Based on your review of the information, please describe the Service Provider’s ability and capacity
to perform the outsourced activities effectively, reliably, and to a high standard (include in your
description relevant technical, financial, human resources, and/or other assets of the Service
Provider):
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
7. Does the Service Provider have a business continuity plan? Yes No
5. Page 5 of 6
ENTERPRISE BANK, INC. Annex A
OUTSOURCING DUE DILIGENCE – Internal
If yes, review a copy of the plan and comment on its adequacy:
________________________________________________________________________________
________________________________________________________________________________
8. Is privacy and protection of non-public information a factor in outsourcing? Yes No
If yes, comment on the adequacy of the Service Provider’s for safeguarding non-public information:
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
9. After reviewing the information, are there any questionable issues or potential conflicts of interest?
Yes No
If yes, please describe:
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
CONTRACTS AND AGREEMENTS
1. Has (or will) the Bank entered into a written agreement with the Service Provider? Yes No
If yes, please identify the relevant provisions and disclosures in the contract (choose all that apply).
Provides for Bank and regulator access to records Bank and client confidentiality
Limitations on Service Provider’s ability to sub-contract Payment arrangements
Defines responsibilities of all parties subject to contract Provide quality services measures
Defines how responsibilities will be monitored Guarantees and indemnities
Liability for unsatisfactory performance or other breach Information security provisions
Requirement to maintain a disaster recovery plan Disclosure of breaches in security
Time Commitment
Other relevant provision(s): ____________________________________________________________
2. Was the written agreement reviewed by the Firm’s legal counsel? Yes No N/A
If yes, name of legal counsel: _______________________ Date of Review: ___________________
3. Was the written agreement reviewed by the Department Head recommending/requesting the
outsourcing of the functions? Yes No
6. Page 6 of 6
ENTERPRISE BANK, INC. Annex A
OUTSOURCING DUE DILIGENCE – Internal
If yes, name of Department Head: _______________________ Date of Review: ________________
OVERSIGHT AND PERIODIC REVIEW
1. Who is responsible for the periodic oversight and review of the outsourced service?
________________________________________________________________________________
2. Please identify the individual(s) who will monitor the outsourced service?
________________________________________________________________________________
________________________________________________________________________________
3. Please identify the tools that will be used to monitor the outsourced service (Choose all that apply):
Service delivery reports prepared internally Service delivery reports supplied by the Service Provider
Publicly available resources Performance levels established in written agreement
Internal auditor Onsite inspection
External auditor Attestations by Service Provider
Other: ______________________________________________________________________________
4. Frequency of monitoring: Daily Weekly Monthly Quarterly Annually
Other ______________________________________________
5. If deficiencies are found, are there procedures in place to respond to such deficiencies (i.e.
communicate with the Service Provider; terminate the contract)? Yes No
DOCUMENTATION REVIEW AND APPROVAL
1. Individual(s) responsible for completing this due diligence review:
Name Signature Date Completed
1.1. ___________________________________ _________________ _______________
1.2. ___________________________________ _________________ _______________
1.3. ___________________________________ _________________ _______________
1.4. ___________________________________ _________________ _______________
1.5. ___________________________________ _________________ _______________
Board of Directors Approval:
Board Resolution No.______________________ Date Issued: ________________
v