FDRemediationTrackerReportTPRSSmallTeamVRC1 –VRO –VRC2Criticals and“WhollyOutsourcedDepartment”s1,322AnNDAHighDecemberlatenoticelog-noreply@spfarm.bok.com1b1HighestInherent RiskofCompliance,BC, and SRMRegulatoryperspectiveincluded inannual criticalreportingFormerlycriticalDelegation14calendardaysImpactscustomersbroadly enoughto threatenmarket share100June1,069FinancialCrimesVicePresidentVRCOCCBulletin2013-29FISRiskCouncilAnalysisbased on thenature of theengagement2/14/2019ThirdParty RiskSummaryBlankWhat isthe singletransactionlimit?OverallcommentsBankConfidentialData3/26/2019ErnstandYoungOCCRiskRatingExempt2020BCTier@bokf.comValueAddedResellerNon-USHeadquartersor Non-USOperationsMonthlyHighest RiskRating of allactiveRelationships21calendardaysAnyTierMediumCubaCoupa5.01Access@WorkRequestBusinessProcessTiersPushthroughassignedprogramsOFACHitSharedSLAsVRC1'sEvaluationQueueThird PartyProviderManagementStandardRegenerateSSAE18Upon acompletedFinancialCrimesreview5PropertyMaintenanceAnyoneSupplierNameChangeCommitteeReview thefile posted inthe VMOSharePointsiteModeratelyLowThird PartyProviderManagementPolicyIneffectiveNoHIPAAAnnualReportYesConga3DaysA completedMaterialityAssessmentIf 1.01AND 1.17areapplicableFalseFDRemediationTrackerReportTPRSSmallTeamVRC1 –VRO –VRC2Criticals and“WhollyOutsourcedDepartment”s1,322AnNDAHighDecemberlatenoticelog-noreply@spfarm.bok.com1b1HighestInherent RiskofCompliance,BC, and SRMRegulatoryperspectiveincluded inannual criticalreportingFormerlycriticalDelegation14calendardaysImpactscustomersbroadly enoughto threatenmarket share100June1,069FinancialCrimesVicePresidentVRCOCCBulletin2013-29FISRiskCouncilAnalysisbased on thenature of theengagement2/14/2019ThirdParty RiskSummaryBlankWhat isthe singletransactionlimit?OverallcommentsBankConfidentialData3/26/2019ErnstandYoungOCCRiskRatingExempt2020BCTier@bokf.comValueAddedResellerNon-USHeadquartersor Non-USOperationsMonthlyHighest RiskRating of allactiveRelationships21calendardaysAnyTierMediumCubaCoupa5.01Access@WorkRequestBusinessProcessTiersPushthroughassignedprogramsOFACHitSharedSLAsVRC1'sEvaluationQueueThird PartyProviderManagementStandardRegenerateSSAE18Upon acompletedFinancialCrimesreview5PropertyMaintenanceAnyoneSupplierNameChangeCommitteeReview thefile posted inthe VMOSharePointsiteModeratelyLowThird PartyProviderManagementPolicyIneffectiveNoHIPAAAnnualReportYesConga3DaysA completedMaterialityAssessmentIf 1.01AND 1.17areapplicableFalse

Wild Card - Call List

(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
  1. FD Remediation Tracker Report
  2. TPRS Small Team
  3. VRC1 – VRO – VRC2
  4. Criticals and “Wholly Outsourced Department”s
  5. 1,322
  6. An NDA
  7. High
  8. December
  9. latenoticelog-noreply @spfarm.bok.com
  10. 1b
  11. 1
  12. Highest Inherent Risk of Compliance, BC, and SRM
  13. Regulatory perspective included in annual critical reporting
  14. Formerly critical
  15. Delegation
  16. 14 calendar days
  17. Impacts customers broadly enough to threaten market share
  18. 100
  19. June
  20. 1,069
  21. Financial Crimes
  22. Vice President
  23. VRC
  24. OCC Bulletin 2013-29
  25. FIS
  26. Risk Council
  27. Analysis based on the nature of the engagement
  28. 2/14/2019
  29. Third Party Risk Summary
  30. Blank
  31. What is the single transaction limit?
  32. Overall comments
  33. Bank Confidential Data
  34. 3/26/2019
  35. Ernst and Young
  36. OCC
  37. Risk Rating
  38. Exempt
  39. 2020
  40. BCTier@bokf.com
  41. Value Added Reseller
  42. Non-US Headquarters or Non-US Operations
  43. Monthly
  44. Highest Risk Rating of all active Relationships
  45. 21 calendar days
  46. Any Tier
  47. Medium
  48. Cuba
  49. Coupa
  50. 5.01
  51. Access@Work Request
  52. Business Process Tiers
  53. Push through assigned programs
  54. OFAC Hit
  55. Shared SLAs
  56. VRC1's Evaluation Queue
  57. Third Party Provider Management Standard
  58. Regenerate
  59. SSAE18
  60. Upon a completed Financial Crimes review
  61. 5
  62. Property Maintenance
  63. Anyone
  64. Supplier Name Change Committee
  65. Review the file posted in the VMO SharePoint site
  66. Moderately Low
  67. Third Party Provider Management Policy
  68. Ineffective
  69. No
  70. HIPAA
  71. Annual Report
  72. Yes
  73. Conga
  74. 3 Days
  75. A completed Materiality Assessment
  76. If 1.01 AND 1.17 are applicable
  77. False