What type of client are you?
Choose your location
Choose your location
Choose your location
Fidelity Supplier Onboarding
Overview
Thank you for your interest in becoming a supplier to Fidelity International. Here we give you an introduction to the onboarding process and what to expect.
We want to make this process as fast and easy as possible. Its exact nature and length will depend on what type of supplier you are, but we will guide you through every step.
We encourage you to engage with the process as early as possible. The sooner you do so, the sooner you can start supplying goods or services to Fidelity International.
What we aim to achieve
Our supplier onboarding process is designed to achieve three things:
Risk management
We work with sensitive data in a highly regulated environment. Our onboarding journey reflects that, with different routes for different levels of risk.
Value alignment
Suppliers are an extension of Fidelity International and should align with our values and code of conduct. We aim for a diverse supplier base that is open, transparent and innovative.
Our partnership
We want to welcome you into the Fidelity International team and set you up as a supplier as quickly as possible. We see our suppliers as true partners.
Start the supplier onboarding process
All potential suppliers must go through a qualification process. The nature of our business means we have to show stakeholders and regulators that we do everything possible to minimise risk and protect our customers.
In some cases where you are providing goods or services which are considered to be of a low risk and low spend for one off transactions, you may not need to go through the full risk assessment process and can be paid with a “Procurement Card” or “P-Card”. If not, you will need to follow the full process. To understand more about what process your organisation will have to follow, please see the FAQ’s here.
To start the process, we’ll collect basic information about your organisation, what you’ll be doing for us and your payment details. We’ll use this to decide whether you have to go through more detailed risk assessment checks. If you’re defined as a low risk supplier, you might be able to move straight to contract and financial set-up. If you’re not, you will need to undertake the additional risk checks which will be illustrated once you have responded to seven initial risk questions.
To begin, please answer Yes or No to the following questions. To the best of your knowledge:
Low Risk Path Checks
Average timeline – 1-2 weeks
External Security Review
Average timeline – 4-6 weeks
FIL makes protecting client and customer data a high priority, so when data, applications and processes are managed by our suppliers, an External Security Review (ESR) is required to assure us that our third-party partners have the right levels of security to protect our client data.
Why is an External Security Review (ESR) Required?
- The ESR process assesses whether Fidelity's third-party suppliers manage supplier risk effectively. It identifies the risk posed by each of Fidelity's suppliers to the business and the organisation as a whole, as well as effectively managing and documenting that risk
- To provide assurance that FIL’s business is protected against any threats a supplier may pose
What triggers an ESR review?
- When a supplier receives, processes, hosts, stores or has access to internal, confidential or highly confidential data
- When the supplier provides an application as part of their product or services to Fidelity
- When a supplier has direct or remote access to Fidelity applications/systems hosted within the Fidelity network
Cloud Service Provider Review
Average timeline – 1 week
As technology evolves, use of Cloud computing is increasing. When the Cloud is integral to the supplier’s service to FIL, we need to validate the Cloud service provider and its management before FIL can fully adopt the service.
Additional information on where your Cloud computing will be stored and located or hosted will also have to be captured and monitored.
Business Continuity Plan Review
Average timeline – 4 weeks (part of contract construction)
When FIL places critical and important business services, processes or operations with a third-party supplier, we need to work with them to understand their business continuity plans in the event of disaster or if the supplier is unable to deliver services to FIL.
A Business Continuity Plan will be documented and added to your FIL contract to provide assurances that you can deliver services to FIL.
Enhanced Due Diligence Checks
Average timeline – 1 week
Where FIL places its most important services with a third-party supplier and places a high degree of reliance on them, we will conduct enhanced due diligence checks. These are to provide insight and to ensure that the supplier is financially sound, there are no adverse media reports that may harm FIL’s reputation and if any external sanctions exist.
These checks are mandatory and will be repeated throughout the life of the FIL relationship.
Anti-Bribery and Corruption Checks
Average timeline – 2 weeks
Where third-party suppliers are government-owned or represented by politically exposed persons, FIL will undertake an additional assessment to understand the nature of the ownership and any political exposure that may result from the relationship.
This questionnaire will be sent directly to the supplier’s representative and onboarding will be completed once the assessment is complete.
The assessment will be reviewed annually.