As a pioneer in the financial technology services industry, Finicity has been leading the way with industry trends and best practices for going on 20 years. While this culture often celebrates innovation, it also comes with a unique set of challenges revolving around vendor security management. With more than 16,000 bank integrations, maintaining the security and compliance of client and partner data is a top priority for Finicity, so when it came time to figure out how to automate and streamline vendor risk management workflows, ensuring impeccable security was paramount.
Responding to security reviews from various third-party vendors was costing the Finicity team between 5–8 manual work hours a piece. At the rate the team was growing — and given the number of unique vendor partnerships — these workflows were inefficient and definitely not scalable.
The Finicity team started to realize that:
- Simply filling out spreadsheets for each security questionnaire left the team with no way to organize these answers.
- The lack of a clear process left gaps open for manual error or compliance issues.
- There was a clear need for a specialized tool to help with this manual lift.
The Finicity team turned to the Whistic vendor security risk management platform to help address these challenges in an easily implemented way. Additional features that stood out to the Whistic team included the back-end reporting capabilities, a real-time audit loop that shows all comments and feedback on a particular questionnaire, as well as the ability to access multiple security questionnaires from a single location.
Today, the Finicity team has effectively replaced their manual workflows with Whistic’s automated vendor security questionnaire workflows. Instead of spending 8 hours or more answering questionnaires only to have to hunt down the same answers the very next day, the Finicity team can efficiently access all of their vendor security data in a single, searchable location.
In addition to streamlining internal processes and creating a scalable vendor risk management process, the Finicity team has also:
- Seen a 100% acceptance rate from the nearly 40 financial institutions that have seen its Security Profile.
- Been able to quickly and easily change or edit their Security Profile if the need arises.
- Shorten the sales cycle by quickly sending or responding to vendor security requests.
The best part? The Finicity team was able to start benefiting from the Whistic platform on day one of implementation. With a completely secure cloud-based solution, Whistic makes it easy to get up and running fast without adding any confusion or complexity to InfoSec team’s workloads.
You can learn more about how Finicity is leveraging the Whistic platform to manage their third party security processes here (file will download automatically).
