IBAT News

Director Training

The best bank boards are always looking down the road in an attempt to improve and modernize their institutions to better serve their communities. In a recent article featured in IBAT's magazine, S. Scott MacDonald, Ph.D., of the Southwest Graduate School of Banking (SWGSB), outlined the questions that should be on every board member's mind, including:

  1. How do we prepare for changing economic conditions?
  2. What are the essential elements of a superior balance sheet?
  3. How do we build and maintain a strong management team?
  4. How will new regulatory and compliance requirements affect the bank?
  5. What do new consumer technology trends mean for the future of banking relationships?
  6. How do we control noninterest expense and generate noninterest income?

These and other questions will be explored in earnest at the upcoming Certified Community Bank Director Program (CCBD®) on October 31-November 1. Registration is now open. We look forward to seeing you in Dallas in October.

Staff contact: Julie Courtney, jcourtney@ibat.org, 512-275-2227

Regulatory Hearing

Testifying before Congress last week, America's top banking regulators expressed their support and agency efforts for mitigating costly and time-consuming regulations for community banks.

Federal Reserve Governor Daniel Tarullo said his agency is considering policies that could exclude community banks, such as the Volcker rule and incentive-based compensation requirement. He also said the agency is recalibrating its community bank examination process.

Comptroller of the Currency Thomas Curry told the committee that his agency works to tailor its supervisory programs to bank risk and complexity and listens to community bank concerns with its rulemakings. He cited rules on lending limits and capital.

FDIC Chairman Martin Gruenberg cited his agency’s research of community banks and pledged a continued commitment to research and analysis on community banking issues.

IBAT and ICBA have worked tirelessly to advocate the need for federal agencies to consider the impact and applicability of existing and new regulations on community banks.

"It is heartening to hear that our message that a one-size-fits-all regulatory approach doesn't work is finally resonating with the agencies," said IBAT President and CEO Chris Williston. "I sincerely hope we soon see evidence that banking regulators are carefully considering every regulation and its applicability to financial institutions consistent with risk profile and their banking practices."

Staff contact: Chris Williston, cwilliston@ibat.org, 512-474-6889

Another Regulatory Overreach

A rule recently proposed by the Financial Crimes Enforcement Network (FinCEN) would require financial institutions to identify beneficial owners who own, directly or indirectly, 25% or more of a legal entity. Last week, IBAT submitted a comment letter to FinCEN registering opposition to this further expansion of customer due diligence requirements. The letter detailed a number of complex legal questions that arise from the proposal, as well as IBAT’s belief that it would add to the significant regulatory burden already faced by community banks.

IBAT encourages every financial institution in Texas to use our letter as a guide in drafting and submitting comment letters to FinCEN on this unnecessary, expensive and time-consuming regulatory expansion.

“As a community banking trade association in a border state, we are sensitive to the need for customer due diligence in opening and maintaining accounts,” said Chris Williston, IBAT President and CEO. "However, a balance must exist between regulatory need and regulatory cost that doesn’t exist in the proposed rules.”

Staff contact: Shannon Phillips, sphillips@ibat.org, 512-275-2221

 

Prepare Your Team

The month of October has been designated as National Cybersecurity Awareness month, a component of the Department of Homeland Security’s Stop.Think.Connect.™ Campaign.  During October IBAT members are encouraged to promote greater awareness of everyday cybersecurity threats among their employees and customers.  To do so, a number of resources are available here, including:

·       Getting Cybersecurity Through to Employees (Powerpoint Presentation)

·       Internet Safety & Security Tips for Parents

·       Stop.Think.Connet. Tips and Advice for Consumers

·       Workplace Security Risk Calculator

"The bad guys are good, and getting better at what they do", said Chris Williston, IBAT President and CEO. "It is incumbent upon all of us to take appropriate steps to address this growing threat to our institutions and our customers."

Consumer Tips

The September edition of IBAT’s Consumer Tips is now available to download.  This month’s issue includes information on how you can help seniors in your family and community avoid being victims of fraud and details some of the most common tactics used by criminals to defraud seniors.

Click here to download the article.  As always, IBAT’s consumer tips article will be distributed to weekly newspapers around the state of Texas. If you would like a customizable edition of the tips to share with your customers or for distribution to your local paper, please contact Christopher Williston.

Staff contact: Christopher Williston, clwilliston@ibat.org, 512-275-2208

Outdated Regulations?

The Economic Growth and Regulatory Paperwork Reduction Act of 1996 (EGRPRA) requires that the FFIEC, OCC, FDIC and the Fed review regulations at least once every 10 years. The purpose of this review is to identify outdated, unnecessary or unduly burdensome regulations and consider how to reduce regulatory burden on insured depository institutions while, at the same time, ensuring their safety and soundness and the safety and soundness of the financial system. The second EGRPRA review is underway, and IBAT commented on some of the regulations currently under review. These comments address Change in Bank Control (Reg. Y), Appraisal Rules and Availability of Funds and Collection of Checks (Reg. CC). The final report from the first EGRPRA review was submitted to the Congress in 2007.

Staff contact: Shannon Phillips, sphillips@ibat.org, 512-275-2221

Political Endorsement

The IBAT Board recently endorsed Glenn Hegar in his race for Comptroller of Public Accounts. The Hegar campaign announced the endorsement in a press release last week. Additionally, the IBAT PAC has contributed financially to his campaign.

As included in the release, "IBAT is pleased to endorse Glenn Hegar for the critically important position of Comptroller of Public Accounts,” said Steve Scurlock, executive vice president of IBAT. "We have had the pleasure of working with Glenn in both the Texas House and Senate, and have also observed his leadership on a variety of difficult issues over the years. He is forthright, smart, articulate and willing to work to find solutions to move Texas forward. He is a good man, and we have no doubt he will make an outstanding comptroller."

“Job creation and innovation has put Texas on the map,” Hegar added. “The community banking industry is a vital part of our state’s economy and provides many of our small business owners in Texas the resources they need to expand their businesses. I am honored to have their endorsement and look forward to working with them as the next comptroller.”

Staff contact: Steve Scurlock, sscurlock@ibat.org, 512-275-2226

Bank Fraud


By Bruce Zaret, Carolyn Bremer, James Mihills and Neha Patel

This article originally ran in the September/October 2014 edition of IBAT's magazine, The Texas Independent Banker.

In February 1999, the movie “Office Space” portrayed a comedic tale of company workers who hate their jobs and decide to rebel against their boss.  The workers band together to alter the company’s accounting application and route small amounts to a bank account they control.  The film demonstrated that employees committing the fraud were “average Joes” who found a way to circumvent the system.

In June 2014, a former officer with a Texas financial institution was ordered to federal prison for defrauding her former employer.  Using her position as branch manager from 1998 to 2010, the bank officer used the names and personal information of several individuals, without their permission, to create more than 58 fictitious loans.  She was able to defraud the bank of approximately $2.4 million.

Who were the “suspects” in each of the instances above?  They were long-term employees familiar with the processes, who understood where the internal control weaknesses existed.  Employee fraud, or occupational fraud, according to the Association of Certified Fraud Examiners (ACFE), is “using one’s occupation for personal enrichment through the deliberate misuse or misapplication of the organization’s resources or assets.”

With banks heavily regulated, they tend to have more internal controls than most industries.  Yet, banking has the highest incidences of occupational fraud.  When considering the enormous number of internal controls banks require, individuals may think it is difficult to commit internal fraud.  Add to the equation that a bank’s internal controls are reviewed by regulators, internal auditors and financial statement auditors and it leads one to question, “How can fraud exist after all these highly-skilled professionals have reviewed the bank’s internal controls?”

But aren’t these trusted employees?

Overwhelming data supports that internal controls alone are not enough to prevent and/or detect fraud.  While internal controls only provide reasonable assurance, any control can be overridden or circumvented by people with the right knowledge and motivation.

Research also supports that internal fraud is often committed by long-term employees who are faithful and dedicated to their organization.  These are often the individuals no one suspects.

Motivation for long-term employees to commit fraud includes: (a) feeling unfairly treated, (b) having been emotionally hurt by a colleague with the desire to seek revenge, (c) having financial difficulties which cause added stress, or (d) just because they can. 

Where to start: fraud identification, prevention and detection

Most banks are probably burned out on conducting risk assessments.  Be of good cheer because the following is not a typical risk assessment.  Here, bank management can put on their sleuth hats and get creative.  The objective is to start by looking at various areas of the bank and identifying scenarios or possible fraud schemes.  These represent the risks.  Although the risks seldom focus on trusted, long-term employees, these employees tend be in the best position to manipulate or work around the system.  Because of their tenure, they can often give instructions and not be questioned.  This is why they represent a greater occupational fraud risk. 

Things to consider when evaluating internal fraud schemes or “red flags”:

  • Management compensation is closely tied to company value, profitability or key performance indicators.
  • Management team is dominated by a single person or small group.
  • Employees are permitted to set up GL accounts and/or post journal entries without oversight.
  • Employees regularly override controls, such as having the ability to process transactions without following established protocols. 
  • Employees have broad access to multiple applications and physical locations without oversight or monitoring.
  • Employees have been in the same role for a number of years and their duties are not performed when they go on vacation.

The following depicts common internal fraud schemes committed by long-term employees along with possible controls to mitigate the fraud risk:

Areas Typically Vulnerable

Common Fraud Scheme

Possible Control

(Prevent / Detect)

Cash

· Taking cash from a teller drawer or vault over a period of time and adjusting reconciliation to cover

· Surprise cash audits

· Review over/short account activity and reconciling items

Loans

· Creating fictitious loans with the ability to disburse funds

· Advancing funds to self or related party on an existing customer loan

· Funding reviewed by an independent employee

· Review past due reports by loan officers and management

· Automatic mailing of past due notices by third party

Wires

· Processing of a fraudulent wire from a customer account

· System parameters requiring two employees to process and release wires

· Callbacks performed by one employee, separate from the employee receiving the wire request

· Daily reconciliation of correspondent bank/wire clearing accounts by an independent person

Accounts Payable

· Creating a fictitious vendor to receive disbursements

· Change address for funds diversion

· Review system-generated vendor maintenance reports by an independent employee

· Provide system-generated check register to officer signing checks to verify all disbursements are included

Information technology considerations

Information technology controls specific to fraud prevention and detection include: 

Fraud Prevention

Fraud Detection

· Restrict system access by limiting the ability to authorize, approve and override transactions to the fewest number of individuals who require the function for their job responsibilities.

· Develop segregated roles in the system.  This will prevent an individual from being able to bypass controls built into the system/application.  Separate any one user’s ability to initiate and approve (or override) within the system.

· Use application controls.  Some systems have automated controls that can be configured to require a second approval before proceeding, or triggering a supervisor approval for transactions above established thresholds.

· Review the setup of new clients, vendors, employees.  A monthly or quarterly review of newly established master data files will help organizations identify if something requires further follow up. 

· Perform data analytics over specific transactions.  This may include transactions that are initiated outside of normal business hours; or by individuals who do not typically perform a function.

· Establish logs and actively review for specific events; those activities that relate to abnormal events, like overriding a step/approval.

The following can help bank management in developing a fraud risk mitigation strategy:

  • Establish written guidelines for ethics and codes of conduct.  Ensure employees receive fraud and ethics training at least annually.  This helps management and board communicate expectations and establish a strong tone from the top.
  • Establish an employee hotline to report suspicious activity to the audit committee or to another independent party.
  • Perform reconciliation of key balance sheet and internal DDA accounts (including secondary review).  This aids in detecting suspicious transactions.
  • Conduct targeted internal audits by independent, qualified employees or by a third party.
  • Require mandatory five-day vacations annually, with monitoring conducted by Human Resources.
  • Periodically rotate assignments of routine duties. 
  • Be aware of “red flags” such as employees living beyond their means, experiencing financial difficulties, having a close association with a vendor (potential kickbacks), exhibiting control issues, displaying a reckless attitude with money, or experiencing a major life event such as divorce, major illness or addiction problems.

How to handle those “unusual suspects”

Fraud is increasing at a dramatic rate and most banks are not aware of the risk until an event occurs.  The risk is often compounded by human nature to trust, especially tenured employees.  A good rule of thumb to consider is the adage President Reagan used: “Trust, but verify.” 

Fraud risk can be mitigated by developing a culture of fraud awareness coupled with employee training, and establishing appropriate internal and technology controls.  If someone becomes suspicious or aware of employee fraud, a qualified forensics professional should be used to confirm whether or not fraud has occurred, and to ensure a proper protocol is followed to gather evidence for legal proceedings.  Fraud investigations require certain expertise and skills, and the bank should ensure those performing investigations possess the proper forensic training and credentials. 

A 2014 Report to the Nations from the ACFE indicates:

  • Banking and financial services was the industry group with the highest reported fraud cases at 17.8%. 
  • For the cases reported, the median duration from the time the fraud commenced until it was detected was 18 months.
  • The median fraud loss was $145,000, with 22% of the cases having losses of at least $1 million.
  • More than 40% of fraud cases were detected by a tip – twice the rate of any other detection method.  Employees accounted for nearly half of all tips.

Organizations with hotlines were much more likely to identify fraud by a tip.  These organizations experienced frauds that were 41% less costly and detected frauds 50% more quickly.

Bruce Zaret, CPA is a partner in financial institutions consulting and advisory services at Weaver, the largest independent accounting firm in the Southwest.  Carolyn Bremer, CPA is a senior manager in Weaver’s forensic and litigation services; James Mihills, CPA is a senior manager in Weaver’s financial institutions consulting and Neha Patel, CPA, CISA is a senior manager in Weaver’s IT advisory services.  They can be reached at: Bruce: 972.448.9232, Bruce.Zaret@Weaver.com; Carolyn: 972.448.6951, Carolyn.Bremer@Weaver.com; James: 817.882.736, James.Mihills@Weaver.com; and Neha: 972.448.9804, Neha.Patel@Weaver.com.

CFPB Guides Updated

The Consumer Financial Protection Bureau recently issued its updated small entity compliance guide on international fund transfers. As reported previously, the guide makes note of a temporary extension that allows federally insured financial institutions to estimate third-party fees and exchange rates when providing remittance transfer disclosures to account holders when exact amounts cannot be determined. It also clarifies other aspects of the rule, including:

  • The treatment of faxes and certain written or electronic communications from a sender to the provider.
  • Disclosure of website addresses other than the Bureau’s main website address that a provider may list on consumer receipts (including websites in foreign languages).
  • Delays due to investigations required by fraud screening procedures, or BSA, OFAC or similar laws.
  • Amount appropriate to resolve an error for the failure to make funds available by the date of availability.

Additionally, the CFPB released an updated guide on the TILA-RESPA integrated disclosures and an updated guide to the loan estimate and closing disclosure forms.

Staff contact: Shannon Phillips, sphillips@ibat.org, 512-275-2221

Post-ICBA Convention Event

The 2015 ICBA Convention will be held at the Gaylord Palms Resort & Convention Center in Kissimmee Florida, March 1-5.  IBAT is pleased to offer to you and your directors a Post-Convention Program in Paradise Island, Bahamas – March 5-7.

Registration and room block are now open for this event, which will feature two educational sessions facilitated by consultants familiar to Texas community bankers. 

Click here to access full event details.

Director Education


The Certified Community Bank Director Program (CCBD) will be held October 30-November 1, 2014 at the Cox School of Business on the campus of Southern Methodist University. The CCBD designation is a collaboration of and is administered by IBAT and the Southwestern Graduate School of Banking (SWGSB) Foundation. A comprehensive curriculum has been created to address all areas of bank directorship – from duties and responsibilities to the foundations of bank finance.

IBAT also offers a bank director series of webinars for live viewing, digital download or CD-Rom receipt. Upcoming programs include:

Bank Board Strategic Questions


By S. Scott MacDonald, Ph.D.

The world is rapidly changing and the best bank boards are always looking down the road in an attempt to continually improve and modernize their institutions to serve their communities better.  Below, I have outlined a few of the more pressing strategic questions bank boards should be asking.

Prepare for and Continue to be Mindful of Economic Conditions

The economy continues to struggle to get traction.  A total lack of fiscal policy and monetary policy that pegs the return to risk at zero are both hindering a full recovery.  This has forced the Federal Reserve into heroic and unprecedented measures.  They have increased their balance sheet over fourfold, kept short-term rates at near zero for almost six years, and purchased nearly 80 percent of net new issues of mortgage-backed securities using quantitative easing.  We all know interest rates must increase “someday.”  The question is when is someday and how much will they increase? 

Bank boards should be asking, “Do we truly know the degree of interest-rate risk on our books?”  Interest rates could increase sooner and faster than we expect, and the banking industry has been reaching up the yield curve by increasing their holdings of longer-term assets, in particular, mortgage-backed securities.  Don’t feel alone; the Fed is the worst offender.  In a recent article in the Wall Street Journal, Scott Hein from Texas Tech University argues the Fed would fail its own stress test due to significant interest-rate risk.  The Fed is borrowing short-term by paying 25 basis points for bank reserves and investing primarily in longer-term treasuries and mortgage-backed securities, similar to many savings and loans in the 1980s.  This massive and unprecedented increase in the Fed’s balance sheet will inevitably lead to much higher levels of inflation and a corresponding increase in interest rates.  The Fed is unlikely to be able to unwind this gracefully.  Don’t do as the Fed does by reaching for yield with longer-term assets.  You don’t have a printing press! 

Build and Maintain a Superior Balance Sheet

A high quality balance sheet is critically important today.  There are many parts to a strong balance sheet:  high capital levels; a diversified, high quality portfolio, which is not overweight longer-term, fixed-rate assets; and strong liquidity built on a solid core deposit base and limited noncore borrowings.

Maintain a strong capital base. A strong capital base takes into consideration the regulatory environment, the strength of the bank’s balance sheet and the board of directors’ risk appetite.  Capital is needed to meet regulatory requirements, but, more importantly, to support the strategic direction of the institution.  Regulators look to capital as one of the indicators the board and management fully understand the level of risk the bank has assumed and is prepared if everything does not go as planned.

The second purpose of a strong capital position is strategic.  The more risk the institution assumes the greater levels of capital needed or are expected by regulators.  Those institutions with the greatest growth or acquisitions opportunities in their future need additional capital.  Institutions with concentrations in loans, products, geographic areas or other income sources, might warrant additional capital to support these activities as well.  Bank boards should ask, “Do we have sufficient capital to support our strategic objectives?”

Finally, having sufficient capital today might not be enough.  The last thing you want to do is start looking for capital after you actually need it!  Bank boards should also ask, “What would we do if we needed to raise capital?”  Develop a contingency capital plan by working from the inside out.  Start inside the board room:  If the bank had an opportunity or was in need of additional capital, would you be willing to contribute additional capital?  If the answer is not as positive as you hope, you must determine what you are not doing correctly to make it attractive to your own board and management?  Then look outside the board room.  “Where could we raise additional capital if needed?” 

Maintain a high quality diversified portfolio.  Be mindful of all concentrations, whether they be in loan types, asset maturities, products, geographic areas and even people.  One problem we face in diversifying our portfolio is the tools in our tool belt.  If we only have one tool, a hammer, all problems look like nails.  Diversification out of real-estate loans, for example, often requires retooling.  If our loan officers are primarily real-estate lenders, asking them to start making cattle loans might be a stretch!  We must either retrain or retool to maximize their productivity.  Diversification of loan types, products and geographic areas is also an opportunity to expand our reach into new markets by employing new talent with new skills.  Bank boards should ask, “Do we have the right talent in the right places to fulfil our vision for the future?”

Strong liquidity.  A solid core deposit base with limited noncore borrowings are the building blocks to strong liquidity.  Similar to capital, you don’t want to start looking for liquidity after you need it.  Today, our ability to grow is no longer limited to our ability to grow core deposits.  Banks have many more funding sources available to fund growth, e.g., noncore borrowings.  But those same funding sources represent contingent liquidity sources that once used, are no longer available as liquidity sources.  In fact, many of the recent bank failures were due to an over dependence on noncore borrowings.  Today’s low interest rates mean brokerage companies’ money market accounts are less attractive and have left many community banks flush with deposits.  As interest rates begin to increase, however, returns offered by the brokerage houses will improve and put pressure on banks’ deposit sources and with it, potential liquidity needs.  Bank boards should ask, “As interest rates increase and loan demand picks up, will we have sufficient liquidity?”

Build and Maintain a Strong Management Team

Most community banks view their people as their single greatest asset.  Community banks are in the relationship banking business rather than the transactional banking business.  Community banks develop and nurture their relationships with customers to provide superior financial services.  Building and maintaining a strong management team is central to this approach.  To be the best, we have to train our staff to be the best.  The staff in a community bank often wears many hats and must be able to contribute in many areas.  Bank boards should ask, “Do we have a high quality training program that supports our staff in being the best providers of superior financial services?”

But building a strong management team is still not enough.  We must retain them and prepare for succession.  Community banks have historically suffered from a future talent gap at the top, but it is more severe this time.  Some of our best and brightest are the aging baby boomers and there is a smaller and smaller population of qualified folks coming up the ranks.  What is the solution?  Train and develop it.  Find it externally.  Buy it.  Or sell into it.  Training and developing young staff is typically preferred, but this can be years in the making.  Opportunistic hires as well as acquisitions of other institutions or teams are more immediate, but more costly and could dilute the bank’s culture.  Bank boards should ask, “What is our long-term plan for succession?”  Without a viable long-term succession plan, the board should ask the very difficult question, “Will we maximize the value of the bank by exiting the business?”

Prepare for and Continue to be Mindful of New Regulatory and Compliance Requirements

We must continue to change the regulatory environment as we can.  However, this new environment is here to stay for a while.  We must build a new banking model that not only accepts the new environment, but also can be successful in it. Know when to hold ‘em, know when to fold ‘em, know when to walk away and know when to run!  Train your staff extensively.  Create a culture that makes regulatory compliance everyone’s job.

Embrace New Technology

The bank’s technology will make the difference between a successful and less successful company.  “But this time it is different” is a familiar refrain.  During the past half-decade we spent much of our efforts playing defense while technology moved on at a dizzying pace.  One only needs to visit a Nordstrom’s or Starbuck’s to see the progress made in America’s payment system.  Many retailers no longer use expensive cash registers which require you to go to the counter to check out.  They now come to you in the middle of the store with a $600 iPhone.  At Starbuck’s you can pay for coffee using your iPhone and a QR code.  No money needed.  With all this new technology, bank boards should ask, “Do we have all the technology we need, or have we fallen behind?”  Employ all the new technology you can and eliminate the perceived “large bank technology advantage.”  It’s much less expensive than it used to be.  Then hand your customers your business card with your cell phone number on it!  Let them know you are their financial consultant, available 24/7!

Re-evaluate and Modernize the Branching Model

Branch banking has been the lifeblood of many institutions over the past two decades.  When moving into a new market, the branch was often seen as the only viable means of announcing our arrival.  Today, however, the expense and low returns to the brick-and-mortar branch require a re-evaluation of this long-time method of delivering services.  Many banks have too many branches, or they are too large, or in the wrong location.  Just as we have been slow to adopt new technology we have been slow to adopt new methods of delivering services.  Bank boards should be asking, “Is our branching strategy appropriate going forward?”  “Are our branches the appropriate size and in the correct locations?”

The role of the brick-and-mortar branch will change dramatically in the next decade.  The airlines, for example, have a well-orchestrated push to reduce costs by guiding passengers to “self-serve” using ticketing kiosks.  Ditto grocery stores, gas stations, automobile insurance and Internet shopping.  Banks have resisted and held fast to expensive structures to provide the most common banking services.  Smart ATM machines, like ticketing kiosks, allow for smaller branches and fewer staff.  Teach your customers to self-serve with technology.  I hated the airline kiosk a few years back, now I often choose it over a ticketing agent!  The branch bank is not dead.  It just needs to be modernized for the new technology age.

Controlling Noninterest Expense

Controlling costs must be a strategic objective, not a once-a-year exercise.  Improving earnings is not just about generating more income, but also about controlling or reducing expenses.  Bank boards should ask, “Do we have a strategic cost-control program?”  Surprisingly, many don’t.  Employees fear the words “cost control.”  Yet, staff is often the best resource for controlling overhead.  Ask them to involve their entire departments.  Create incentives for great ideas.  If our people are the best, let them dazzle us with their ability to contribute!

Generating Noninterest Income

Larger banks generate almost twice as much noninterest income to total assets as smaller institutions.  This is often due to staff being unfamiliar with the products the bank offers, rather than not charging fees.  Bank boards should ask, “Do we have the all the products we need?  Is the staff knowledgeable about them?  Are they priced correctly?”  For community banks, it’s not about fees.  Fees are a bad word to customers, yet we are the guiltiest in promoting this.  When was the last time you paid a FEE for a nice steak dinner?  Hopefully, the price paid was commensurate with its value.  It’s not about charging fees.  It’s about delivering superior financial solutions at a reasonable price.  The real opportunity comes from offering dessert with the steak dinner.  That is, do we offer all the products our customers might want or need?  Does our staff even know there’s a dessert menu?

Boards spend a good deal of time looking in the rear view mirror, looking over historical financials.  But the real questions bank boards should be asking are the strategic ones.  The best boards spend their time looking out the front windshield determining where we are going rather than where we have been!

S. Scott MacDonald, Ph.D. is President and CEO, SW Graduate School of Banking Foundation, Director, Assemblies for Bank Directors, and Adjunct Professor, Edwin L. Cox School of Business, Southern Methodist University, scott@swgsb.org.

Technology Survey


Community bank CEOs, IT personnel and operations staff are called to participate in IBAT’s Annual Technology Survey before Wednesday, September 10.

The survey seeks to identify trends in mobile and online banking adoption by bank customers, as well as current technology priorities of Texas community banks. 

“The information provided by IBAT members in this survey plays a critical role in helping IBAT build our education programs at events like TechMecca,” said IBAT President and CEO Chris Williston.

Click here to complete the survey.

Two-Day Cyber Attack Exercise


The Financial Services - Information Sharing and Analysis Center (FS-ISAC), a non-profit financial industry owned association, is co-sponsoring a free two-day, table-top exercise called Cyber Attack Against Payment Processes (CAPP). This exercise is designed to help bankers assess their institution’s readiness in the event of a cyber attack. It takes approximately one hour each day and FS-ISAC membership is not required to participate. 

In urging bank participation, Texas Banking Commissioner Charles G. Cooper sent an email saying, “Executive members of the Texas Bankers Electronic Crimes Task Force who have participated in previous sessions have said the exercise requires minimal work and has helped prepare their staff to defend against inevitable cyber fraud. The exercise is an excellent way for institutions to help develop their corporate culture of security, which is increasingly being evaluated during examinations due to its importance in today’s banking environment.”

The registration deadline for the first exercise on September 9-10 is September 5. The exercise is repeated on September 16-17 with a registration deadline of September 12. Registration information and additional details are located on the FS-ISAC website.

Also on the cyber security front, last week federal and state bank regulators were provided with IP addresses associated with intrusions against the financial sector. The agencies sent emails to regulated entities recommending that they forward the IP addresses to their IT staff or network service provider(s) and add them to the list of malicious addresses for blocking and network monitoring. If you have not received an email from your regulator with these IP addresses, please contact them directly.

Pages