Marlette Funding makes money accessible to people so they can achieve their goals and enjoy their lives. This spirit drives constant innovation and has made them a leader in the Fintech market.
They pride themselves on providing outstanding customer service and understanding the needs of people who suffer from temporary financial difficulty. As a result, most of their employees are customer-facing.
It’s not unusual for an extremely agile company to hear an idea in the morning, implement it in the afternoon, and refine it at the end of the same day. They try lots of new ideas and are continually innovating. If they fail at something, they want to fail quickly, learn what they can, and move on to the next challenge.
This means that they use a lot of third-party suppliers. They needed help assessing and managing many vendors, and Whistic turned out to be the ideal partner.
A fast problem with a slow solution
“Our investors are carefully regulated, so we need to meet not only industry best practices but also regulatory requirements. We need to withstand the rigors of regulatory review,” said Chet Sharrar, Chief Information Security Officer. “That’s the business answer.”
The other side to this is their obligation to outstanding customer service, which means maintaining trust with customers and keeping their information private and secure — just as customers expect a financial institution to do.
When bringing on a new vendor, they used to send a spreadsheet questionnaire and wait for it to return. It could take up to a couple of months, which was way too slow for their pace.
Once a questionnaire was returned, it was evaluated for compliance and risk. They would classify and determine if the vendor was a high, medium, or low risk. Evaluations of either high or medium risk add follow-up activities, which could include a two-day on-premise visit for high-risk vendors or a remote process for suppliers deemed as medium risk.
For vendors determined to be low-risk, the questionnaire was the only instrument used. Risk analysis was formalized with a written report.
“Whistic allows us to take a more fine-grained approach to the security review process,” said Chet. “Now, depending on their results, we may just do a remote assessment and not send someone on-site, so we realize large savings from not doing unnecessary evaluations.”
“We still have the same number of vendors with high inherent risk, but getting the scoring through Whistic, we’re able to carve out suppliers who don’t require the on-site follow-up procedure,” said Chet. This is why the detailed evaluation is so vital to Marlette Funding. It provides greater insights into a vendor’s control environment. They also utilize Whistic’s patented CrowdConfidence™ scoring algorithm as part of their evaluation process.
On-site follow-up activities cost nearly $30k each, so eliminating unnecessary visits is essential. The analysis possible with Whistic allows them to accurately distinguish which follow-up method is the most appropriate. In addition to cost savings, the time to onboard a new vendor is greatly reduced.
On the other end of the spectrum are suppliers who provide service, but only one department uses them. “In the past, we would have done nothing with them. But now, since we have a smaller inventory of high-risk vendors, we can do more and evaluate these suppliers,” said Chet. “We may send them a SIG assessment through Whistic, for example, so we’re able to do more due diligence with our low-risk suppliers than we were previously.”
“By using Whistic, we have a truer picture of what the residual risk is from our suppliers,” said Chet.
This is true for both high and low-risk vendors. “We’ve reduced expense on the highs, and there’s not a monetary amount associated with it, but we now have a clearer view of our low-risk vendors,” said Chet.
Evaluating low-risk suppliers is essential as well, because, even in circumstances where no PII is ever exposed, there’s still a reputational risk if any information is breached.
Increased visibility and greater reach to more vendors provide better overall visibility
Cost savings from having appropriate follow-up activities
Used Whistic to clean up their existing vendor inventory, and all new vendors go through the same process providing accurate across-the-board information
The previous process relied on spreadsheets and email
Marlette Funding is a fast-growing and dynamic company. And Whistic is their perfect partner.
Whistic looks forward to adapting, changing, and growing with Marlette. We’re both in the market for the long haul, and we’ve got things to prove.