Information Technology for Directors Q1 2021

70% of bankers said that cyber risk is the most important risk they face.

There has been a substantial increase in the number of cyber-attacks that impact the banking industry. One survey found that 70% of bank CEOs said that cyber-risk is the most important risk their institutions face.

“Ransomware is one of the fastest-growing and largest cyber threats that can quickly cripple a business’ system, resulting in disruption to daily life and ultimately, severe financial loss,” U.S. Secret Service Office of Investigations Deputy Assistant Director Steven Stanford said in a recent article. The Secret Service, FBI and other government agencies work with business partners to share information and protect against this growing threat. The vendors your institution relies on should be cultivating these relationships. It is worth the effort to ask your vendors about how they create and cultivate relationships such as these.

Reducing and managing other growing cyber threats.

New cyber threats are constantly emerging and current threats are evolving.

• Data Communications Reliability and Survivability: Financial institutions rely heavily on data communications – both dedicated connectivity and Internet connectivity – to perform most every transaction. Additionally, many voice calls also rely the data communications circuits. Natural disasters, cyber incidents and terrorist attacks all can create severe business disruption when such an incident impacts the central office of a telecommunications provider. Similar to streets and highways we drive, software is helping create multiple paths to the destinations you need to reach electronically. However, it also takes reliable physical infrastructure to be effective and there is a large amount of marketing spin about the benefits it will provide. Find out more here.
• Reduce your surface attack area: The attack surface of a technology network is the total of all the different points where an unauthorized user can try to enter, remove, destroy or prevent data from being used. Think of windows and doors on a building – the more entry and exit points you have on a building the more challenging it is to defend. In a technology network it is not only the connection points you have to the outside world, but also all of the individual software applications you utilize. Reducing the number of connections and the number of applications in use is a good place to start for mitigating this risk. Learn more by visiting BankOnIT's blog.
• Email: Email continues to be the biggest door into a technology network – and one that nearly all of your employees are able to open for a potential attacker. Social-engineering attackers, the con artists of the online world, are very adept at getting their targets to do what they request. It takes lots of employee training, coupled with multiple security layers, to mitigate this risk. Visit this link to discover more.

If you are interested in discovering more about reducing technology risks in your institution ask us at Solutions@BankOnITUSA.com or 800-498-8877.

Economies of Scale in Community Banks

Using financial and supervisory data from the past 20 years, a recent FDIC Staff Studies report found that from 2000 to 2019 the cost-minimizing size of a bank’s loan portfolio rose from approximately $350 million to $3.3 billion. However, the study shows that efficiency gains accrue early with 90% of the potential efficiency gains occurring by $300 million in loan-portfolio size. Of the potential cost savings from increased loan portfolio size, 95% are reported to be gained around $600 million. See the full report here.

Relationships Matter

There is a difference in lending styles between big banks and smaller banks. Big banks rely heavily on formulas, while smaller banks are much more relationship driven. Smaller banks can out-perform big banks in areas such as credit-decision speed, understanding the local market, and being more familiar with the borrowers they are lending to. That all creates greater efficiencies and more opportunities.

If a potential commercial borrower made an inquiry 12 months ago at a branch...

Would your bank be aware of that touch if the same potential customer made a follow-up inquiry today? What if the follow-up was made online, by email or on the phone to a different branch? More banks are relying on a variety of applications to track contacts before a prospective borrower becomes a customer.

90% of banks in the United States have assets of less than $1 billion in assets.

While there has been substantial consolidation, the vast majority of banks in the nation are traditional banks – not “too big to fail” banks.

Technology Levels the Playing Field

Cloud computing, artificial intelligence and specialized software applications: These are some of the technology solutions that all institutions now have access to, allowing them to drive efficiency and grow shareholder value.

If you are not planning for the future in technology, you’re going to get left behind.

January is traditionally a time for New Year’s resolutions. One of the best resolutions you can make for your institution is to intentionally plan for the use of technology instead of responding in a fire-fighter manner to technology.

IRS PIN Protection

The U.S. Internal Revenue Service (IRS) said that beginning this year it will allow all taxpayers to apply for an identity-protection, personal-identification number (IP PIN). That is a single-use code designed to block identity thieves from falsely claiming a tax refund in a taxpayer’s name. Historically, IP PINs are issued only to those who fill out an ID-theft affidavit, or to taxpayers who’ve experienced tax-refund fraud in previous years. Find the IRS info here.

The Last Word...

Turns out that 10 months into a work-from-home routine, people report actually missing their home-to-office commute. The buzz phrase “fake commute” is gaining traction on social media as people share stories about new routines they’re adopting. What people say they’re missing isn’t the drive time, but the demarcation that commuting provided between their work and non-work lives. Popular #FakeCommute activities include walks and even driving for to-go coffee a few times a week in the old office neighborhood. Perhaps even going to the bank drive-through is a needed commute stand-in – with the bonus of a friendly face on the other side of the window.

Are you a bank director with questions about IT compliance that you would like to ask in a confidential manner? Send us a secure note under the Contact section at www.BankOnITUSA.com.

If you’d like to receive the Information Technology for Directors publication directly in your email inbox, please email us at Guidance@BankOnITUSA.com.