LSP Governance Agent AI

Invoked when: a new LSP is proposed for enrollment — whether a referral partner / agent, a technology service provider, a recovery agent, or a co-lending partner

• –Runs the due diligence checklist against the CBUAE / SAMA outsourcing guidelines and the LSP CBUAE Standard / SAMA circular: legal entity status and certificate of incorporation, VAT registration, prior regulatory action history (CBUAE / SAMA, SCA (Securities and Commodities Authority), national companies register enforcement history), data protection compliance documentation (PDPL-readiness assessment for LSPs that will handle borrower data), cybersecurity posture (for technology LSPs — SOC 2 certification, pen test reports, data encryption standards), consumer protection conduct training evidence for recovery agents, and financial stability indicators for LSPs whose operational continuity is material to LendingIQ's services.
• –Checks the proposed contract against the mandatory contractual provisions required by the CBUAE / SAMA outsourcing guidelines: CBUAE / SAMA's right to inspect the LSP's records, LendingIQ's right to audit the LSP, data security and confidentiality obligations, prohibition on sub-outsourcing without LendingIQ's consent, termination rights and transition provisions, and the LSP's obligation to follow CBUAE / SAMA consumer protection standards in all borrower interactions.
• –Does not approve the enrollment. The due diligence report — checklist results, documentation gaps, contract gap analysis, and a risk assessment — is delivered to the Vendor Compliance Manager for review and enrollment decision. The agent surfaces the information; the human decides whether to onboard the LSP.

Invoked on contract calendar trigger (obligation due dates) or on event (complaint spike, fraud signal, contract renewal approaching)

• –Maintains the obligation calendar for every enrolled LSP — every contractual obligation with its due date: monthly performance reports, quarterly data security attestations, annual audits, consumer protection compliance certifications, and contract renewal dates. Generates proactive reminder alerts at 30 days, 14 days, and 3 days before each obligation deadline. Where an obligation is not fulfilled by the due date, flags it as a compliance failure and escalates to the Vendor Compliance Manager.
• –Monitors LSP performance signals available in LendingIQ's data: complaints attributable to LSP conduct in the grievance management system (filtered by complaint category and sourcing channel), referral partner / agent-sourced application fraud signal rates from the Fraud Risk Agent AI, and NPL rates on referral partner / agent-sourced portfolios compared to direct origination — providing an early signal of sourcing quality deterioration that may indicate the referral partner / agent is sourcing from riskier segments or falsifying application data.
• –Flags contract renewal opportunities at 90 days before expiry — with a contract performance summary covering the LSP's compliance record over the contract term, so the Vendor Compliance Manager can decide whether to renew, renegotiate, or terminate before the contract lapses. A contract that lapses without renewal creates a gap in the LSP's contractual obligation to comply with LendingIQ's standards and CBUAE / SAMA's requirements.

Invoked when: an LSP's annual review date falls within the next 30 days

• –Produces the annual review report for each enrolled LSP: a comprehensive assessment of the LSP's compliance performance over the year — obligation fulfilment rate (how many contractual obligations were met on time vs late vs outstanding), complaint attribution record (how many customer complaints were attributable to this LSP's conduct), data security certification status, and any changes in the LSP's regulatory status or financial stability since last review.
• –Checks whether the LSP's enrollment documentation remains current — certificates that have expired, changed ownership or management structure, or new regulatory actions against the LSP since onboarding. An LSP whose circumstances have materially changed since enrollment must be re-assessed against the current due diligence standards, not simply rolled over.
• –Produces a tiered performance rating for the Vendor Compliance Manager's annual review decision: Continue (strong compliance record, no material concerns), Continue with conditions (specific remediations required before next renewal), or Escalate for termination review (material compliance failures, conduct concerns, or risk too high to continue). The rating is a recommendation; the human Vendor Compliance Manager makes the decision.