Posts

Midwest Bankers Insurance Services (MBIS) will be celebrating its 10-year anniversary in December. Following several years of financial downturn throughout the U.S. and an increasing need for state association-run insurance agencies that could defend and advocate for the banking industry, MBIS was founded in 2011. What started as a purchase of BancInsure’s “Book of Business” flourished into policies that span multiple insurance carriers and specialization of offerings that better help protect local, Midwestern banks.

“Wisconsin Bankers Association (WBA) is a co-owner of MBIS along with the Minnesota Bankers Association (MBA). MBIS is an independent insurance agency focused exclusively on community banks” says Daryll Lund, MBIS president as well as WBA executive vice president and chief of staff. “As an association owned company, ultimately revenue we receive from our success in MBIS supports the overall mission of WBA. MBIS now serves over 225 bank clients in Wisconsin, Minnesota, and North Dakota.”

MBIS prides itself on their understanding of community banks, emerging claim trends, best practices, internal control guidance, and policy placement which provides safety and security to banks. “Insurance for banks by people who know banks” has allowed each of MBIS product offerings to be customized for insurance protection and a high level of policy education to meet the needs of member banks.

MBIS is comprised of a team of dedicated professionals who understand insurance and community banks. Along with Jeff Otteson, vice president of sales, the Wisconsin MBIS team members include Melissa Noonan, account manager, and Becky Gatzke, insurance assistant.

As well as providing professional insight and education, keeping up on industry trends that effect community banks is a priority for MBIS. “In my 32 years working with financial institutions, I haven’t seen a market harden [like] I’ve seen the cyber liability market” said Otteson. “This is primarily due to the huge increase in ransomware claim payments. The insurance carriers are requiring various internal controls, getting ahead of these internal control requirements before renewal date will be key to securing terms and to soften the premium increase.”

By proving the highest quality service and education, MBIS has helped community banks protect their earnings and capital in times of uncertainty while providing guidance ahead of emerging trends.

By Hannah Flanders

Josh Ghena, senior vice president, equity business funding at Cinnaire.

Cinnaire has announced the promotion of Josh Ghena to senior vice president, equity business funding. Mike Witt has been promoted to senior vice president of asset management. In these leadership positions, Ghena and Witt will play a key role in supporting Cinnaire’s strategic plan and providing executive oversight for the organization’s $4.9 billion asset portfolio.

Ghena joined Cinnaire in 2014 and has held positions of increasing responsibility including vice president of asset management, asset stabilization expert, director of special assets and, asset manager. As senior vice president, equity business funding, Ghena manages Cinnaire’s investment strategies and provides oversight of the organization’s equity funds, investor due diligence, and fund modeling. He brings more than 10 years of experience to the position.

Prior to joining Cinnaire, Ghena provided technical assistance to distressed HUD Grantees. His work as a technical assistance provider specialized in CDBG, HOME, and NSP. Ghena earned his Bachelor of Science from Calvin College and his Master of Science from the University of Wisconsin.

Mike Witt, senior vice president, asset management at Cinnaire.

An affordable housing industry veteran, Witt joined Cinnaire in 2020. As senior vice president, asset management, he is charged with overseeing the growth and development of Cinnaire’s Asset Management team and overseeing investments made by Cinnaire in numerous multifamily developments across multiple business lines.

Witt previously served as acting chief of housing at the Michigan State Housing Development Authority (MSHDA), where he was responsible for oversight of all multifamily rental programs and community development decisions. He earned his Bachelor of Arts in Finance from Michigan State University. Witt serves on the board of directors for the Midwest Affordable Housing Management Association (MAHMA) and treasurer of his local homeowner’s association board.

Cybersecurity graphic

By Cassandra Krause 

With a recent uptick in activity, ransomware attacks are a form of cyberattack that has been prevalent in recent news — and for good reason. The effects can be detrimental in terms of monetary loss and reputational damage to the victim. Ransomware is a type of malicious software (a.k.a. malware) that usually encrypts a victim’s files, and the bad actors have upped their game to steal the data first, then threaten to also publish the data to the public. Criminals set their sights on businesses with the goal of extorting money, making community banks prime targets. 

Organized crime networks are becoming increasingly sophisticated. In general, the risk of getting caught for cybercrimes is much lower than for traditional crimes like robbery, and the financial gains are far higher. Ransomware developers write and sell the software to other bad actors for a cut of the profits when they deploy it and collect ransom payment, usually in the form of cryptocurrency, which is hard to trace. Compromised data may also be used to open fraudulent lines of credit. 

“The U.S. is in a ransomware crisis right now,” said Jeff Otteson, vice president of sales at Midwest Bankers Insurance Services (MBIS), a subsidiary of the Wisconsin Bankers Association. He explained that it has created a hard insurance market with carriers tightening up on internal control requirements such as multifactor authentication (MFA) for privileged users (users with the ability to install software or change security settings on critical systems) and encryption of backups. 

In their 2021 Cost of a Data Breach Report, IBM Security and the Ponemon Institute calculate that the average total cost of a data breach is $4.24 million, a 10% increase from 2020–2021. The per-record cost of personally identifiable information averaged $180. 

Prevention 

With the incredibly high stakes in mind, banks are dedicating significant resources to preventing malicious cyberactivity, both in terms of staff and money. Respondents to a 2020 Deloitte survey of financial institutions reported spending about 10.9% of their IT budget on cybersecurity on average, up from 10.1% in 2019. In terms of spending per employee, respondents spent about $2,700 on average per full-time employee (FTE) on cybersecurity in 2020, up from about $2,300 the prior year. 

“There is an industry-standard framework for ransomware prevention and all cybersecurity,” explained FIPCO’s Director InfoSec and Audit Ken Shaurette. FIPCO is also a WBA subsidiary. A good consultant will walk the bank through a comprehensive review of their network security, improving endpoint protection to replace traditional antivirus and endpoint detection solutions, including adding authentication improvements such as MFA, improved password strength, and protecting backups. As more and more of the digital tools that bankers utilize require users to download and install software and updates, depending on signature-based solutions for malware detection is not acceptable — it has become critical to safeguard user, file, network, and device-level activities. 

A bad actor gaining access to a bank’s data may encrypt the data and demand payment in exchange for granting access back to the bank. In this situation, having a data backup is essential.  

“The rule of thumb for data backups is 3-2-1,” said FIPCO Information Security and IT Audit Advisor Rob Foxx. “There should be three copies of all data stored on two different mediums. One of the copies should be stored off site.” 

Ransomware prevention is only one part of a complete cybersecurity system. Experts agree that early detection of unusual activity within a system can help keep a minor incident from quickly escalating into a major incident like a ransomware threat. 

“Ransomware isn’t the first attack,” said Wolf & Company, P.C. Manager of the I.T. Assurance Group Sean Goodwin, who recently presented at WBA’s Secur-I.T. Conference. “Ultimately, it’s on I.T. to put controls in place because an employee will inevitably fall for a phishing email. It becomes a question of whether we can catch that quickly.” 

Social engineering remains the greatest concern; it’s easier for bad actors to trick an employee rather than break through a firewall. Verizon’s 2021 Data Breach Investigations Report found that almost half of the breaches in the financial services industry involved internal actors committing various types of errors. The report stated that the financial sector frequently faces credential and ransomware attacks from external actors, 96% of which are financially motivated (followed by small percentages of motives of espionage, grudge, fun, and ideology). 

Goodwin emphasized that I.T. must be able to act quickly when there’s an indication that someone is accessing something they don’t normally access. “Prevention is ideal. If we can prevent it, that’s best-case scenario, but if not, early detection becomes critical,” he said. This area of solution, known as endpoint detection and response, is rapidly becoming a key point of protection from ransomware and all other malicious events. 

Establishing an incident response program within a bank is an important part of the overall cybersecurity program. 

Preparation 

Creating a culture of cybersecurity awareness throughout the bank is important, so that bank employees are prepared for an incident. Employee training on what to do in the event of an attack should be standard practice. Making security part of the organization’s DNA is a best practice. 

“Every bank needs an incident response plan, and that needs to be approved all the way up through the board. Part of this plan is notification of incidents to the insurance carrier,” said MBIS’s Otteson. 

FIPCO’s Foxx emphasized that the roles and responsibilities in the incident response plan must be clearly defined, and banks should revisit their plan regularly.  

“As the insurance agent, I’m the first call a bank makes when there’s an incident,” said Otteson. “It’s important that banks choose to work with an agency that understands cyber insurance.”  

MBIS insures about 220 banks and has access to a large number of carriers that provide the right coverage for their customers. Otteson recommends reporting all incidents as even a minor incident could result in a claim down the line and having reported that incident when it occurred is key to a successful claim. He says to keep in mind that the owner of the data is liable for it whether the incident occurred in house or with a vendor the bank shared customer data with. 

Mitigation 

It’s important to work with the insurance carrier to ensure that all the bases are covered and that the vendors who participate in the response are approved. Not using the cyber insurance carrier’s approved vendors may result in expenses not being covered under the insurance policy. In the event of a ransomware attack, the insurance agent or bank will immediately notify the insurance carrier. Beazley, a carrier partner of MBIS, maintains a 24/7 helpline, which has become common with other carriers as well. Knowing how to report incidents, when to report, and what to expect is key. 

Holidays and weekends are prime times for ransomware attacks: employees who are in a rush to leave may be more likely to click on a bad link, and with employees away from work, it’s easier for the bad actors to get into the network. Even if a problem is detected, it’s more likely that staff who could help put a stop to the attack may be on vacation or unavailable, buying the criminals more time to take over. 

As soon as a cyber liability claim is made, the insurance carrier’s pre-approved vendors come into play.  

“Nobody has the resources in house to effectively manage ransomware attacks,” said Foxx, who has experience working both within a bank and as an external auditor and consultant. The specialization of skills and the amount of people needed to perform adequate analysis and remediation are so significant that even large banks will not have all the players they need on staff. 

If a bank’s data becomes encrypted and made inaccessible, a vendor such as Tetra Defense would be engaged on forensics. Managed endpoint detection and response vendors such as Cynet can help from detection and prevention to response, including providing digital evidence for a vendor performing forensics. Meanwhile, a vendor such as Coveware would handle ransom negotiations with the criminals. Wolf & Company, P.C.’s Goodwin said that you don’t really know who’s on the other side of the transaction — some criminals may be willing to negotiate and others not. He referred to ransomware as a “niche space in cybersecurity that is now getting more attention.” The criminal organizations involved in these types of attacks in some ways act like a legitimate business in that they rely on their reputation and may even have customer service departments — if they fail, it will hurt their chances of getting more business in the future.  

Typically, in the event of a ransomware attack, a legal firm will handle communications and PR for the bank — putting a statement on the bank’s website, assisting staff with customer phone calls, and determining whom to notify. Getting legal involved early protects all communications and discovery with attorney-client privilege. The requirements for notification vary from state to state, and a bank may have customers in multiple states or even other countries, making the expertise of a legal team invaluable. The language used in communications matters, as the term “breach,” for example, can have different legal implications and potentially create larger issues than terms like “incident,” “situation,” or “event.” Education of staff far in advance using regular testing of the plan is a key factor in mitigating an incident. Inappropriate statements made by employees on social media or even at informal social gatherings can have severe ramifications for the bank. 

Follow Up 

While anyone who experiences a ransomware attack may be eager to breathe a sigh of relief and move on when it is over, it is essential to review the incident and revise the bank’s incidence response plan. Assessing what went well and what needs to be improved are critical steps.  

Goodwin also warns that victims of ransomware are commonly re-targeted. A Cybereason study found that 80% of organizations that previously paid ransom demands confirmed they were exposed to a second attack. He said that once a company has paid a ransom it is known that (1) you were compromised, (2) you do not have proper backups of your files, and (3) you were willing to pay. 

Summary 

Cyberattacks are the biggest risk to a financial institution — even surpassing the risk of past-due loans. The cost of a ransomware attack can be astronomical, with many factors contributing to the price tag, including vendor fees and staff hours to resolve the issue; the cost to inform customers and offer identity or other protections; the loss of destructed data; and the down time of the business. All of this, followed by the loss of customers’ trust (and subsequent loss of their business), has the potential to put a community bank out of business.  

There are safeguards banks can put in place, including a sound incident response plan, improved monitoring with better endpoint detection and response, cyber liability coverage, and employee education. FIPCOMBIS, and a wide range of WBA Associate Members are ready to support banks in keeping their data and that of their customers safe.  

Vaccination Card

By Jennifer Mirus, Boardman Clark, a WBA Gold Associate Member

On September 24, 2021, the Biden Administration released guidance regarding the scope of Executive Order 14042 which mandates that employees of covered federal contractors demonstrate proof of full vaccination against COVID-19 by December 8, 2021That guidance is available here.

The guidance lists several categories which, if applicable to an employer, will trigger its obligation to ensure its employees have been fully vaccinated. The guidance defines “contract” broadly to include: “all contracts and any subcontracts of any tier thereunder, whether negotiated or advertised, including any procurement actions, lease agreements, cooperative agreements, provider agreements, intergovernmental service agreements, service agreements, licenses, permits, or any other type of agreement, regardless of nomenclature, type, or particular form, and whether entered into verbally or in writing.” 

This broad guidance left certain questions unanswered regarding which entities qualify as a covered federal contractor. Notably, it is unclear whether banks are considered federal contractors due to their FDIC relationship with the federal government. Because the guidance is written in broad terms, it could be construed to mean that banks are considered federal contractors because they obtain a “service” from the federal government in the form of FDIC insurance and thus have a “service agreement” for the purposes of the vaccination requirement. However, this is a very literal reading of the guidance which may not be how the Executive Order and guidance are intended to be interpreted. Additionally, an earlier executive order regarding minimum wage used a similar definition of “contract,” and there is no clear guidance or rulings that banks were subject to that order.  

Thus, at this time, it is a reasonable conclusion that banking institutions are not covered federal contractors that must comply with the vaccination mandate. More guidance and clarification will be needed before it is clear whether banks are considered federal contractors under the Executive Order.  Banks that have explicit contracts with the federal government likely do qualify as federal contractors, even if they are not federal contractors by virtue of FDIC programs.  

Banks with 100 or more employees might be subject to the anticipated emergency temporary standard under the Occupational Health and Safety Administration (OSHA) that will require COVID-19 testing or vaccination. Details on OSHA’s standard are anticipated in the near future. 

By Robb Rempel, executive vice president, Haberfeld, a WBA Associate Member

With 2020 in the review mirror, the economy is reopening. Many teams are excited to return to the office, but others hope to follow a hybrid model. The last 18 months have challenged banks to innovate and embrace different staffing models and arrangements to continue serving their communities. As leaders, managers, and team members, we have an opportunity to not just go back to the way things were but to build something even stronger. Creating an environment of engagement is an on-going strategy that drives employee retention, satisfaction, productivity, and ultimately higher revenues and profitability.

State of Employee Engagement

At a high level, engagement means having such a positive impression about a job or role that great effort is gladly given, essentially, the individual has a “calling.” Most recent Gallup Poll results show that 35% of employees are engaged, 52% disengaged or psychologically unattached to work, and 13% not engaged. On a positive note, employees who are engaged have increased by 7% since 2019. While we do not know how these numbers might shift with some employees wanting the autonomy of working remotely,  Pew Research reports that more than half of employees whose jobs have allowed them to work remotely during COVID-19 want to keep doing so all or most of the time; another third said they’d like to work from home some of the time. Whether or not your bank will offer these options, it is important to create an environment of employee engagement. This must be driven by the leadership team, helping your team find the “calling,” the “why,” and meaningful connections.

Leadership is the Key To a Calling

Building trust with your team enables you to take people from where they are to where you know they can be. We need to help our team members find a higher calling than just business-as-usual. Simon Sinek, in his valuable TED talk and book “Start with Why …,” describes how most companies and individuals understand the What and How of their products and work, but few understand or identify the WHY. When we focus on the What and How, it doesn’t contribute much meaning to our work. However, if we help our team members understand the WHY of our organization — the higher calling we have as community bankers — it provides a greater sense of meaning and value. Rather than focusing on products and processes, let’s reorient around our purpose.

Community banks exist to make our communities’ and people’s lives better. We spent this last year helping small businesses survive a terrible threat. We helped families manage their money during times of great uncertainty. In the future, we’ll help folks buy their first home, save for college or retirement, and much more. We help people realize their goals and dreams. We just happen to do so by providing caring service, trusted advice, and fair and valued banking products and services. When we “start with WHY,” we help our team members find a higher calling and greater meaning in work.

Meaningful Connections

When so many of us were taken out of our normal work environment, separated from our colleagues, and asked to be productive in new contexts, it became difficult to remember how our work connected to the broader organization. We each knew our own role and continued to perform at the best of our ability. However, many individuals may have lost sight of how their work contributed to the greater organization. We need to unite our teams around a common cause. What is the vision that drives our organizations forward? What goals are we trying to achieve together? What can be the common cause that unites us in our work? We need to provide a common cause involving the entire organization — each team contributing in its own way within its own role — to rebuild a sense of unity of purpose.

As an example, a strategy oriented toward growing the number of core customers can involve every part of the organization. The operations group helps evaluate and shape products, policies, and processes to enable growth in customers. Marketing brings innovative tactics and approaches to drawing in new customers and creating opportunities for the branches. Lending teams leverage their customer relationships to ensure that those customers get a chance to hear about other bank products and services. Branch teams learn service and sales techniques to capitalize on the prospects responding to the marketing. Senior management lends vocal support to the frontline teams, recognizing their key role in achieving the goal of growth. And every employee encourages those in their circle of influence to become a customer, because they understand the importance of growth for the organization’s future health and success.

Leaders have an opportunity to build even more meaningful connections with those on our teams as we come back together. We’re all busy so the hard work of building relationships and connections is best accomplished as part of a strategy through regular practices like:

  • Team meetings — gathering the team together weekly will be especially important after the separations of the last year. Rather than focusing on policy or process discussions, use it to reestablish connections. Let team members share their successes and their challenges. Encourage them to celebrate the good they’ve seen in their coworkers — “Cheers for Peers.” The foundation of personal trust you build here will be the basis of your team’s future growth.
  • Check-ins — 15-minute weekly, individual conversations with each team member. Allow these to be both personal and professional updates. We all found that during the pandemic those lines between our work and our personal lives blurred. Showing you care about them as people, not just as employees, will enable you to serve them far better.
  • Coaching sessions — spend time observing your team members at work with customers, then debrief with them. Perhaps skills have grown rusty. We’ve reinvented the way we serve customers because of the circumstances in which we found ourselves. Coming alongside as their coach will again build trust that you are going to help them thrive whatever the future holds.

The pandemic caused many to question the way things have been. The old ways aren’t good enough anymore. We have an opportunity to do more than just return to business as usual by reengaging our teams and building something better and more rewarding. By reminding our folks of the WHY — the Higher Calling, uniting them around a Common Cause, and creating more Meaningful Connections, we’ll not just survive but thrive.

Robb Rempel, is an Executive Vice President at Haberfeld, a data-driven consulting firm specializing in core relationships and profitability growth for community-based financial institutions.

Investment securities have undergone big changes this year.

If there’s a constant in the world of a community bank investment manager, it’s disappointment. If you buy a bond today and yields go down tomorrow, you wish you’d have bought more; if yields go up, you wish you had bought none. If your overall portfolio has unrealized gains, you lament the poor yields that are available; if you are presented with attractive rates on new offerings, it means you’ve got losses on the balance sheet.

As we navigate the volatile rate environment of 2021, I’d like to convey some data that we’ve gathered about community bank portfolios. The motive is expressly not in the vein of misery loves company, but rather to share what your peers’ portfolios, sector weightings and yields look like.

I am also pleased that we’ve got two great reference points by which to measure performance: December 31, 2020 and June 30, 2021. That six-month period saw a rise in interest rates and a steepening of the curve, and more than a 50 basis-point shock (0.50%) in the middle of the maturity range. The five-year treasury note started 2021 at 0.36% and six months later was 0.89%.

Crowd favorites

Our sample portfolio, which I’ve used often in this space over the years, is the Vining Sparks bond accounting client base. Vining Sparks, which is ICBA Securities’ exclusive broker, provides this service for about 400 community banks with an average portfolio size of $140 million, which is 46% larger than pre-pandemic levels.

These portfolios have more than half of their dollars in some type of mortgage security. Fixed-rate mortgage-backed securities (MBSs) comprise 31% of the total, fixed-rate collateralized mortgage obligations (CMOs) are 14% and floating rate MBS are 7%. Right around 29% of the investments are in municipals. The bulk of the remainder, 8%, is in government agency bonds.

Stretched out

While the sector weightings are essentially unchanged over the past year, there are two stark differences: duration and market values. On December 31, 2020, the average portfolio had a duration of 3.2 years. (Duration is a major yardstick for investment managers, as it affects cash flow and market risk. The higher the duration, the greater the risk.) Six short months later, duration had risen to 4.3 years. So, portfolios, at least in theory, have 34% more risk than at year end.

This duration growth was the result of two separate events. The first was the rise in longer-term rates. I think we’ve come to realize that higher rates move average durations out on the curve, as prepayments of amortizing securities tend to slow, and other callable securities don’t get called. The second — and more salient — cause was the very deliberate extension of average maturities as portfolio managers have tried to sop up the excess liquidity residing on community bank balance sheets.

Something else that’s changed as a result is the unrealized profit. Back in December 2020, the average portfolio was sitting on a 2.7% gain. By June, that number had shrunk to 1.0%. What this, in effect, means is that most banks currently own some bonds at gains and some at losses, which can be seen as condition that affords maximum flexibility.

Plug the leak

Many portfolio managers are now focused on limiting further extension risk. That should not be terribly difficult to do, as most securities that have any seasoning to them have already been repriced to a longer expected maturity. Prepayment “speeds” have slowed from their peaks in the spring, and most models are predicting relatively consistent speeds for the near future.

Nonetheless, not all MBSs are created equally. Collateral with 10- to 20-year finals typically can continue to prepay with some consistency even if interest rates rise. Of course, the scheduled principal repayments will be much greater for shorter pools than for 30-year pools, independent of prepays.

A variation on this theme is to buy “structure.” This usually means a CMO. Recently issued CMOs have low pass-through rates (“coupons”) relative to the borrowers’ rates on the underlying collateral. This allows investors to keep their book prices closer to par, which will preserve book yields if prepayments were to kick back into high gear.

So, there you have a revisiting of the portfolio changes during 2021. By being on top of the changing complexion of your community bank’s investments, you can minimize your disappointments. Avoiding the constant sorrow of portfolio management — with apologies to the Soggy Bottom Boys — can be your milestone accomplishment of the year.

Jim Reber  is president and CEO of ICBA Securities, ICBA’s institutional, fixed-income broker-dealer for community banks.

By, Cassie Krause

The global pandemic has created many hits to the financial system. One of these is rising fraud rates, which could create unrecoverable losses to banks of all sizes. Suspicious Activity Report (SAR) filings for all types of fraud are up substantially, with wire transfer fraud filings rising almost 40% last year over 2019 (FinCEN SAR Stats). Managing this risk means strengthening the control environment — improving policies and procedures, beefing up and targeting employee training, and implementing effective monitoring and reporting to executives and the board of directors. Making these efforts successful requires an accurate risk assessment, necessitating accurate and complete fraud data across all channels and payment rails. Building better fraud data is where the FraudClassifierSM Model can help. 

Each type of payment has its own rules and methods for identifying fraud and resolving cases, making the tabulation of fraud across an institution, or even defining what is or is not fraud nearly impossible. As envisioned by multiple Fed districts and built with the help of a broad workgroup of industry thought leaders, including banks, third parties, government agencies, and others, FraudClassifier solves this problem. The Fed released the final model in summer 2020, and adoption has begun at financial institutions of all sizes. By allowing for the proper measurement of fraud risk, the model significantly strengthens the risk assessment process. The model categorizes fraud across all payment methods, creating a broad, holistic look across an entire organization.  

The model begins by asking who initiated the payment, unlike the rules of payment associations, which focus on who committed the fraud and how. The benefit is categorization becomes agnostic of the payment rail. By dividing categories between authorized and un-authorized parties, and in the next step asking about the method of fraud, the model delineates meaningful categories, eight for authorized parties and four for unauthorized.  These fourteen categories are the finished product and describe the fraud committed — what and who — providing powerful insights into fraud trends by creating standard definitions across all payments. 

FraudClassifier is entirely voluntary and for internal use. There is no mandate that a bank adopt the model and no fixed time frame to do so. The data generated is for a bank’s internal use, not for law enforcement or industry statistics. A bank could choose to share FraudClassifier data, but there is no intention to make it mandatory. After the model becomes widespread, it could become more common for examiners to ask for resulting data, but there is no intent to require it. 

While core providers and other processing platforms have begun discussing incorporating the model into their products, none has to date. For now, tracking the model’s results and tabulating categories will rely on homegrown solutions — a spreadsheet or a more full-featured reporting and analytics solution. Depending on the size of the bank and rates of fraud, a spreadsheet could work just fine to start. 

The Fed has established a timeline for implementation, targeting 2022 and 2023 for widespread adoption. Depending on a bank’s size and complexity, it could take a few months or more to implement the model, and for data management purposes, year-end is a convenient time to do it. So, for many, it’s not yet too late for 2022. Such a project would require buy-in from the board and senior management, setting up a team to work out the details, solving the tracking problem, and training the appropriate staff. Ongoing requirements likely mean evolving the implementation team into a more permanent workgroup. Periodic meetings, perhaps quarterly, would ensure that things stay on track. And, of course, someone needs to be the internal champion for the model. The right person for that role will vary, possibly from the back office, a compliance person, or another appropriate resource. An employee that already has responsibility for fraud monitoring at the bank is an obvious choice. 

FraudClassifier is the first industry-wide attempt to improve risk management by making fraud classifiable across all payment types. Banks that use the model will establish better controls and manage real risks by compiling complete, meaningful fraud data. While the use of the model will remain voluntary, its benefits may become clear enough that one day it may be unusual to find a bank that has not implemented it.

Bauer is FVP/Compliance, BSA & Security at Bankers' Bank, a WBA Gold Associate Member.

By, Cassie Krause

Bank First is pleased to announce Kelly Fischer, Chief Operating Officer at Bank First, has been elected to the board of directors at UFS, LLC, a bank technology outfitter headquartered in Grafton, Wisconsin. As a founding owner of UFS, Bank First has representation on the board of directors. Mike Molepske, CEO of Bank First, has transitioned his position on the board to Fischer.

Molepske has served on the UFS board since 2008 and as chairman of the board since 2019. During his tenure, UFS has grown from a local core provider to a regional technology outfitter in the FinTech space (Financial Technology) with a focus on innovative Cyber Security, Managed IT (Information Technology), and Cloud services. The bank’s relationship with UFS allows quick access to the latest advancements in banking technology as well as the ability to offer customizable solutions that match or exceed our competitors’ offerings delivered with significant efficiencies. “With a large data processor, our customers would be far removed from the experts. With UFS, the experts are right there and can get the IT elephant to dance,” stated Molepske.

“It has been an honor to serve on the board of directors at UFS over the past 13 years,” Molepske also stated. “Kelly’s expertise leading our operations team along with our IT department have more than qualified her for her new appointment to the board. She has the essential skills and knowledge to represent Bank First, community banks as a whole, and assist UFS in furthering its success.”

“Our promise as a community bank is to provide innovative products and services that are value driven and UFS has been vital to our innovation strategy,” stated Fischer. “Through my role at Bank First, I have been privileged to work with the team at UFS for over 20 years and am honored to be selected to serve on the board. I am excited to work with fellow board members, the management team, and dedicated employees at UFS and look forward to contributing to its ongoing success in advocating for the needs of community banks.”

UFS was founded in 1991 by Bank First and two additional community banks with a purpose of empowering banks to thrive by delivering complex technology and FinTech solutions with flexibility and innovation. Today, UFS is a growing organization owned by 20 banks and serves banks across the United States.

By, Cassie Krause

This was one of the key takeaways from a recent virtual workshop held by the UFS banking community.

Treasury management products and services represent untapped opportunity for community banks to expand business relationships, enhance their critical role in unlocking the potential of their communities, and provide expanded non-interest fee revenue.

That was among several vital takeaways from a four-and-a-half-hour interactive webinar and workshop hosted in April 2021 by UFS Tech, the Grafton, Wis.-based technology outfitter for community banks. Presenter Marci Malzahn, an expert on cash management and treasury management solutions and services, as well as owner of Malzahn Strategic — a community bank management consulting firm in Maple Grove, Minn. — led 90 attending bankers of the UFS community with a deeper understanding of how treasury management tools can align with their business goals and benefit their customers.

Additionally, Malzahn shared ideas for integrating more treasury management services into banks’ offerings and provided sales and marketing strategies to ensure successful implementation.

“Treasury management products are the glue for your customers, providing non-interest fee income that banks need to maximize. These products also allow you to become trusted advisors and consultative experts in financial services for your business clients,” Malzahn told attendees, who participated in multiple online breakout discussions, interactive polls, and networking opportunities. Attendees also received valuable document templates, and actively engaged with Malzahn and UFS treasury experts.

What follows are summaries of five treasury management topics that Malzahn facilitated at length with members of the UFS community.

Why You Should Offer Treasury Management Products and Services

Banks and their employees can reap benefits by implementing a series of treasury management products and services. Those benefits include:

  • Becoming an “advisor” rather than simply a “transactor,” and a well-rounded “banker” rather than a “lender.” These products are great reasons to regularly engage with local businesses while enhancing employee’s knowledge of their business clients and deepen relationships with key business leaders.
  • Creating cross-selling opportunities. This can be accomplished, at least in part, by leveraging the use of account analysis statements to better understand your customers and sell the value of those services, whether or not you decide to hard charge.
  • Generating new non-interest fee income, determined by and based on the industries in which business clients are involved, and the level of national bank competition in your market.
  • Establishing a competitive advantage over other banks in the community.

Effectively Marketing Treasury Management Products and Services

Effective treasury management involves successfully marketing and selling products and services to new and existing customers. Here are five of Malzahn’s suggestions to help sell and spread the word:

  • Encourage teamwork: An institution’s business banker and the treasury management specialist should meet with prospective clients together to ensure seamless integration of products and services.
  • Provide needs assessments for clients: Get to know prospects using an assessment template (provided to attendees, courtesy of Malzahn) that explores the company’s industry, customers, suppliers, balances, transactions, business operations, and more.
  • Package cash management services: While any business can benefit from such services as positive pay and merchant credit cards, specialized industries may require specialized services. Retailers that provide refunds and warranty payments, for example, might be interested in digital disbursements, while law firms and construction companies could benefit from escrow accounts and zero balance accounts.
  • Offer customized proposals: This will allow the bank to provide the exact services a client needs, placing that customer at the “right level of services” from the start while also leaving open the possibility of additional cash management opportunities.
  • Promote your services: Incorporate your treasury management options into branding and marketing materials, and advertise for such enhanced services as positive pay or same-day ACH.

Treasury Management Products and Services Available

Malzahn shared details about various treasury management products and services. Here is a sampling of the most popular:

  • Cash Management Reporting through business-specific digital and mobile solutions.
  • ACH Origination, in which banks can be at the center of payroll, risk management, and cash management.
  • Merchant credit card processing, in which banks partner with a merchant credit card processing vendor and offer the merchant’s services to their business clients. 
  • Positive pay, in which businesses upload a list of checks issued, and the bank matches them to cleared items. This service can be automated or manual.
  • Remote deposit capture, allowing businesses to create and send check images to banks for deposit, thereby helping banks increase productivity for their clients.

Treasury Management Products and Services Evolving

Malzahn shared details about various emerging treasury management products that will help take bankers to the next level of service. Here is a sampling:

  • Digital payments and mobile wallet services, including Apple Pay, Google Pay, and Zelle. They provide for more secure transactions by not capturing personal information or requiring a signature or a card swipe.
  • Cryptocurrency settlement and custody solutions, and network access using Blockchain technology to transfer funds from one party to another securely.
  • Evolving solutions to mitigate fraud

Risks Involved with Treasury Management

Offering new treasury management and cash management products and services comes with increased risks — whether they be strategic, financial, legal, operational or technological. Compounding those risks is the fact that each one has the potential to adversely impact a bank’s reputation. Malzahn provided webinar attendees with several tips about how to navigate such risks, including the following:

  • Designate a point person. Each institution should have someone who monitors and conducts risk assessments.
  • Be aware of which products and services require risk assessments. They include mobile banking, remote deposit, and wire transfers.
  • Don’t be deterred by risks. Technologies already exist (with more on the way) to help protect banks and their clients against fraud, identity theft, and other risks associated with cryptocurrency and other emerging products and services.

Developing a Treasury Management Strategy

Malzahn wrapped up the interactive webinar by recommending attendees follow six “next steps” to implement and enhance the treasury management and cash management products and services they offer. The process begins with simply identifying which ones to make available, and then it builds in complexity with each successive step.

Malzahn encouraged and responded to questions from the UFS community throughout the webinar, while also promising to send all attendees several related bonus documents for them to use at their own banks.

In the end, she reiterated her initial assertion that attendees should stop waiving fees for treasury management and cash management services. Instead, they should follow her guidelines for creating a non-interest fee generation strategy that works for their particular institution and its clients.

This workshop, one of several planned for 2021, was the latest in a series of webinars/seminars UFS offers to help employees of community banks make technology work for them — rather than the other way around.

UFS is a WBA Silver Associate Member.

By, Alex Paniagua

After more than a year of limitations on travel, cancellation of group gatherings, and restrictions on community interactions, consumers are ready to get back to pre-pandemic life. For many, this means increasing their spending to recoup the purchases and experiences they missed in 2020. According to a report by McKinsey & Company, more than 51% of U.S. consumers expect to spend more to treat themselves after months of pandemic fatigue.

However, this can be troublesome for individuals whose jobs were impacted by business closures or reduced hours—or who weren’t able to build a savings buffer over the past year. In these situations, the temptation to ‘revenge spend,’ as the trend is being called, can lead to financial difficulties that will negate the temporary joy of a COVID-19-recovery spending spree.

Community banks have gone the extra mile throughout the pandemic to improve the account holder service experience and support ongoing—and sometimes changing—financial needs. As the recovery gets underway, there is still a great deal of need among consumers regarding their financial well-being. At the same time, expectations for exceptional service standards remain high.

As the uncertainty continues, here are five areas to consider that can strengthen your account holder relationships while alleviating some of the stress they are feeling about maintaining financial wellness.

1. Get to know your account holders’ needs

Based on account activity, are you able to position additional products to your account holders? Do you have a systematic process for offering a link to savings or line of credit? Can your team easily determine if there is a need for account management counseling?

2. Commit to total transparency

Do your account holders clearly know how their transactions are handled if they have a brief financial shortfall? Are they aware of the different overdraft protection options available to them?

3. Boost employee confidence with effective training

Do you rely solely on your employees to carry the entire training load? Does your training strategy include leveraging trainers with specific expertise? Does it sufficiently support your employees’ different learning styles?

4. Eliminate uncertainty with consistent communications

Is the information about your overdraft service shared consistently, whether it’s by phone, chat, or in-person? Do your account holders clearly understand how the service works, including fee amounts, limits, and other available options?

5. Utilize proven tools and resources to ensure optimal results

Are there tools and resources in place for identifying changes to program usage? How often does your staff take the time to evaluate program policies and procedures? Do you have someone on staff who is keeping up with potential changes in the regulatory environment and class-action risk?

Transparent, consumer-focused service yields more balanced results

As the desire to return to normal grows, ensure you’re providing valuable services and advice that can help your account holders avoid risking their long-term financial well-being.

A fully disclosed overdraft service reduces the stress caused by a financial shortfall for your account holders, leading to stronger relationships. And, when it is maintained correctly, it can be a catalyst to help you grow your business.

JMFA is a WBA Bronze Associate Member.

By, Alex Paniagua