Risk, Business Continuity Planning: Trends and Lessons from Covid-19

The Covid-19 pandemic has introduced unprecedented strains to the economy, enhancing concerns about credit risk and pressuring lenders’ ability to serve their borrowers.

Cybersecurity and other risk environments have also evolved, following government-mandated work from home models. These shifts are prompting bank leaders to evaluate their business continuity plans and pandemic planning initiatives to ensure they’re putting safety and efficiency first.

Bank Director’s 2020 Risk Survey, sponsored by Moss Adams, was conducted in January before the U.S. economy felt the full effect of the coronavirus. Yet, insights derived from this annual survey of bank executives and board members help paint a picture of how the industry will move forward in a challenging operating environment.

Credit Risk
Most community banks have issued loans through the Paycheck Protection Program (PPP), the Small Business Administration’s loan created under the Coronavirus Aid, Relief and Economic Security (CARES) Act passed in late March. These loans, which may be forgiven if borrowers meet specified conditions, allowed small businesses to retain staff, pay rent and cover identified operating expenses.

However, it’s likely that businesses will seek additional credit sources as the economy restarts. The lapse in business revenue generation will pose significant underwriting challenges for banks.

More than half of respondents in the 2020 Risk Survey revealed enhanced concerns around credit risk over the past year, while 67% believed that competing banks and credit unions had eased underwriting standards.

While there’s no way to determine what the future holds, near-term lending decisions will likely occur amid an uncertain economic recovery. There are some important questions institutions should consider when determining their lending approach:

  • How will our organization evaluate lending to businesses that have been closed due to the coronavirus?
  • Should a pandemic-related operational gap be treated as an anomaly, or should lenders consider this as they underwrite commercial loans?
  • What other factors should be considered in the current environment?
  • How much bank capital are we willing to put at risk?

Cybersecurity
Directors and executives who responded to the survey consistently indicate that cybersecurity is a key risk concern. In this year’s survey, 77% revealed their bank had placed significant emphasis on increasing cybersecurity and data privacy in the wake of cyberattacks targeting financial institutions, such as Capital One Financial Corp.

With more bank staff working remotely, cyber risks are even greater now. Employees are also emotionally taxed with concerns about their health, family and jobs, increasing the risk for errors and oversights. Unfortunately, the COVID-19 pandemic presents cybercriminals with a ripe opportunity to prey on individuals.

Business Continuity
In the survey, respondents whose bank had weathered a natural disaster within the last two years were asked if they were satisfied with their institution’s business continuity plan. The majority, or 79%, indicated they were.

However, the Covid-19 pandemic isn’t a typical natural disaster. Although buildings haven’t been destroyed, companies are still experiencing significant disruption to their normal operations — if they’re able to operate at all.

These circumstances, coupled with expanding technology and banks operations increasingly moving to the cloud, will likely lead to further changes in business continuity planning.

Remain Flexible
In an interagency statement released a week before the World Health Organization declared that the Covid-19 outbreak a pandemic, federal regulators reminded depository institutions of their duty to “periodically review related risk management plans, including continuity plans, to ensure their ability to continue to deliver their products and services in a wide range of scenarios and with minimal disruption.”

The Federal Financial Institutions Examination Council also updated its pandemic guidance, noting the need for a preventative program and documented strategy to continue critical operations throughout a pandemic.

Since that time, banks have encouraged customers to broadly adopt digital platforms and, when necessary, serve customers in person through drive-through lines or by appointment to reduce face-to-face contact. Bank employees wear masks and gloves, branches are cleaned frequently and, where possible, staff work remotely.

Gain Insights
The pandemic is a real-world tabletop exercise that can provide important takeaways about the effectiveness of an organization’s business continuity plan. It’s important for organizations to take advantage of this opportunity.

For example, there could be another wave of Covid-19 later this year; alternately, it could be years before we see an event similar to what we’re experiencing. Either way, your bank must to consider the potential consequences of each outcome and have a plan ready. Reviewing your organization’s business continuity plans and initiatives can help reveal opportunities to move forward with confidence, despite challenging operating environments.

Directors’ Defense Against the Pandemic Impact on Credit

Bank directors and management teams must prepare themselves and their institution for the potential for an economic crisis due to the COVID-19 outbreak.

This preparation process is different than how they would manage credit issues in more traditional economic downturns; traditional credit risk management tools and techniques may not apply or be as effective. Directors and others in bank management may need to consider new alternatives and act quickly and deliberately if they are going to be successful during this very difficult time.

The traditional three lines of defense against quickly elevating credit risk may not work to prevent the credit impact of the new coronavirus and its consequences. The “horse is out of the barn” and no existing, normal risk management system can prevent some level of losses. This pandemic is the proverbial black swan.

The real questions now are how can banks prepare to deal with the related issues and problems?

Some institutions are likely to be better prepared, including those with:

  • A strong capital base.
  • Good, conservative allowance reserve levels.
  • Realistic credit risk assessments and portfolio ratings prior to the pandemic.
  • Are poised to take part in a potential acquisition.
  • A good strategic approach that is not materially swayed by quarterly earning pressures.
  • A management and board that “tells it like it is” and is realistic.
  • Good relationship with regulators, CPA firms, professionals and investors.

What are a bank’s options when trying to assess and manage the pandemic’s impact?

  • Deny the problem and kick the can down the road.
  • Wait for the government and regulators to provide solutions or a playbook for the problems.
  • Sell the bank — most likely at a big discount if at all.
  • Liquidate the bank, likely only after expending capital, with assistance from the Federal Deposit Insurance Corp.
  • Be proactive and put in place processes to deal with the problem and consequences.

There are some steps a bank can take to be proactive:

  • Identify emerging and potential problems and the options to handle them, and then create a plan that is strategic, operational and provides the best financial result.
  • Commit to doing what’s right for the bank, its employees, customers and community.
  • Enhance or replace the current credit risk management system with a robust identification, measurement, monitoring, control and reporting program.
  • Adopt an “all hands-on deck” to improve focus and deal with material issues in a priority order, deferring things that do not move the needle.
  • Assess internal resources and consider moving qualified personnel into areas that require more focus.
  • Seek outside professional assistance, if needed, such as loan workout or portfolio analysis and planning.
  • Perform targeted reviews of portfolio segments that are or may become challenged because of the pandemic and potential fallout, along with others may have had weaker risk profiles before the pandemic.
  • Communicate the issues such as the magnitude of the financial challenge to employees, the market, regulators, CPAs and other professionals who provide risk management services to your bank.
  • Deal with problems head-on and decisively to maintain credibility and respect from various constituencies while achieving a superior result.

It is best for everyone in the bank to work together and act quickly, thoughtfully, honestly and strategically. There will, of course, be some expected and understood need in the short term for increases in allowance provisioning. If planning and actions are executed well, the long-term results will improve the bank’s performance and enhance its credibility with the market, regulators and all other professionals. Just as valuable as an outcome is that your bank’s reputation will be enhanced with your employees, who will be proud to have been part of the effort during these difficult times.

An Effective Way to Combat Cyber Breaches

Banks have always been in the business of risk management, but the risks they face aren’t stagnant; they migrate with time.

Traditionally, banks have faced two types of risk: interest rate and credit risk. Today, however, given the growth of digital banking and transactions, these two risks have been supplanted by another: cybersecurity.

The biggest challenge when it comes to cybersecurity risk is that it constantly evolves, as the threats, actors and attacks increase in sophistication. Banks that prepare for one method of intrusion may find themselves the victim of a different strategy.

Earlier this year, H. Rodgin Cohen, a partner at Sullivan & Cromwell and one of the industry’s most trusted advisors, commented on this change.

“I think the biggest risk in the [financial] system today is a successful cyberattack,” Cohen said. “That is a very serious risk, but I think the more likely [danger] is that a single bank — or a group of banks — are hit with a massive denial of service for a period of time, or a massive scrambling of records.”

Banks of all sizes feel pressure to keep their systems secure from intruders, according to Bank Director’s 2019 Risk Survey, which found that cybersecurity concerns among bankers have increased over the previous year.

Twenty percent of survey respondents say they address cybersecurity as a full board rather than delegating it to a committee, and slightly more than a third say at least one director is a cybersecurity expert.

The concern is ever present, and for some banks, very real: 18% of respondents, excluding chief lending officers and chief credit officers, reported that their bank experienced a data breach or other cyberattack within the last two years.

Concerns like these are why Bank Director created the “Best Solution for Protecting the Bank” category for its 2019 Best of FinXTech Awards. Judges selected winners from the most innovative solutions found in the FinXTech Connect platform.

The finalists for this year’s award were Rippleshot, which helps banks to identify credit and debit card fraud; IDEMIA, which  works to prevent card-not-present fraud; and Illusive Networks, which helps banks detect when their networks have been infiltrated.

This year’s winner was Illusive Networks, based in part on its work to secure the network of Israel Discount Bank, the third biggest bank in Israel.

Illusive approaches cybersecurity from a hackers’ point of view in order to beat them at their own game. Its strategy isn’t to stop an intrusion per se — a feat that seems increasingly impossible with the number of entry points into a system and the scores of malicious actors.

Rather, it detects and remediates an attack once it has happened. Intruders breaking into a bank’s system must persistently monitor the network for bits of information or credentials that will help them move from machine to machine and gradually close in on the data they want. Illusive plants false information across the bank’s network so that, when attackers act on it, the bank can catch them red-handed.

Illusive calls this “endpoint-focused deception.” The deceptive information is only visible to malicious actors and triggers an alert within Illusive. The technology then captures details about the bad actor directly from the machine they were using, which the bank then uses to track and stop the attack.

One of the main selling points of Illusive’s solution is the short implementation period. In Israel Discount Bank’s case, it took a matter of weeks to implement the solution. The net result is that, not only is the solution harder to detect for potential cyber criminals, but it’s also fast and easy to implement.

Addressing the Top Three Risk Trends for Banks in 2019



As banks continue to become more reliant on technology, the risks and concerns around cybersecurity and compliance continue to grow. Bank Director’s 2019 Risk Survey, sponsored by Moss Adams LLP, compiled the views of 180 bank leaders, representing banks ranging from $250 million to $50 billion in assets, about the current risk landscape. Respondents identified cybersecurity as the greatest concern, continuing the trend from the previous five versions of this report and indicating an industry-wide struggle to fully manage this risk.

Other top trends included the use of technology to enhance compliance and the potential effect of rising interest rates. Here’s what banks need to know as they assess the risks they’ll face in the coming year.

Cybersecurity
Regulatory oversight and scrutiny around cybersecurity for banks seems to be increasing. Agencies including the Securities and Exchange Commission are focused on the cybersecurity reporting practices of publicly traded institutions, as well as their ability to detect intruders. The Colorado legislature recently passed a law requiring credit unions to report data breaches within 30 days. It’s no surprise that 83 percent of respondents said their concerns about cybersecurity had increased over the past year.

Most of the cybersecurity risk for banks comes from application security. The more banks rely on technology, the greater the chance they face of a security breach. Adding to this, hackers continue to refine their techniques and skills, so banks need to continually update and improve their cybersecurity skills. This expectation falls to the bank board, but the way boards oversee cybersecurity continues to vary: Twenty-seven percent opt for a risk committee; 25 percent, a technology committee and 19 percent, the audit committee. Only 8 percent of respondents reported their board has a board-level cybersecurity committee; 20 percent address cybersecurity as a full board rather than delegating it to a committee.

Compliance & Regtech
Utilizing technological tools to meet compliance standards—known as regtech—was another prevalent theme in this year’s survey. This is a big stress area for banks due to continually changing requirements. The previous report indicated that survey respondents saw increased expenses around regtech. This year, when asked which barriers they encountered around regtech, 47 percent responded they were unable to identify the right solutions for their organizations. Executives looking to decrease costs may want to consider whether deploying technology could allow for fewer personnel. When this technology is properly used, manual work decreases through increased automation.

Other compliance concerns for this year’s report included rules around the Bank Secrecy Act and anti-money laundering. Seventy-one percent of respondents indicated they implemented or plan to implement more innovative technology in 2019 to better comply with BSA/AML rules.

Compliance with the current expected credit loss standard was another area of concern. Forty-two percent of respondents indicated their bank was prepared to comply with the CECL standard, and 56 percent replied they would be prepared when the standard took place for their bank.

Interest Rate & Credit Risk
The potential for additional interest rate increases made this a new key issue for the 2019 report. When asked how an interest rate increase of more than 100 basis points, or 1 percent, would affect their banks’ ability to attract and retain deposits, 47 percent of respondents indicated they would lose some deposits, but their bank wouldn’t be significantly affected. Thirty percent indicated an increase would have no impact on their ability to compete for deposits.

However, 55 percent believed a severe economic downturn would have a moderate impact on their banks’ capital. In the event of such a downturn, deposits and lending would slow, and banks could incur more charge-offs, which would impact capital. This fluctuation can be easy to dismiss, but careful planning may help reduce this risk.

Assurance, tax, and consulting offered through Moss Adams LLP. Investment advisory services offered through Moss Adams Wealth Advisors LLC. Investment banking offered through Moss Adams Capital LLC.

Exclusive: How This Growing Community Bank Focuses on Risk


risk-5-16-19.pngManaging risk and satisfying examiners can be difficult for any bank. It’s particularly hard for community banks that want to manage their limited resources wisely.

One bank that balances these challenges well is Bryn Mawr Bank Corp., a $4.6 billion asset based in Bryn Mawr, Pennsylvania, on the outskirts of Philadelphia.

Bank Director Vice President of Research Emily McCormick recently interviewed Chief Risk Officer Patrick Killeen about the bank’s approach to risk for a feature story in our second quarter 2019 issue. That story, titled “Banks Regain Sovereignty Over Risk Practices,” dives into the results of Bank Director’s 2019 Risk Survey. (You can read that story here.)

In the transcript of the interview—available exclusively to members of our Bank Services program—Killeen goes into detail about how his bank approaches stress testing, cybersecurity and credit risk, and explains how the executive team and board have strengthened the organization for future growth.

He discusses:

  • The top risks facing his community bank
  • Hiring the right talent to balance risk and growth
  • Balancing board and management responsibilities in lending
  • Conducting stress tests as a community bank
  • Managing cyber risk
  • Responding to Bank Secrecy Act and anti-money laundering guidance

The interview has been edited for brevity, clarity and flow.

download.png Download transcript for the full exclusive interview

Credit Due Diligence Is Even More Important Now


due-diligence-4-17-19.pngWith loan quality generally viewed as benign while M&A activity continues into 2019, is any emphasis on credit due diligence now misplaced? The answer is no.

With efficiency driving consolidation, bank boards and management should not be tempted to take any shortcuts to save time and money by substituting credit quality through recent loan reviews and implied findings of regulatory exams.

The overarching reason is the nature of the current business and credit cycle. The economy is strong right now, and among many banks net recoveries have replaced net charge-offs.

But it is not a matter of if but when credit stress rears its head.

And time truly is money when trying to stay ahead of the turn of the credit worm. That means now is the time to highlight a few buy- or sell-side justifications for a credible M&A credit due diligence.

Some challenges always require vigilance. These include:

  • Heightened correlated lending concentrations
  • Superficial underwriting and/or servicing
  • Acquired third-party exposures through participations or syndications
  • Insider lending (albeit indirect)
  • Getting upside down on commodity or collateral valuations
  • Covenant-light lending
  • Credit cultural incongruity

New Risks, New Assessments
The emergence of a portfolio-wide macro approach to credit risk during the past decade has ushered in a flurry of statistical disciplines, such as calculating probabilities of default, loss-given defaults, risk grade migrations, and probability modeling to project baseline and stress loss credit marks for investors and acquirers.

Credible due diligence now provides rich assessments of various pools and subsets of loans within a target’s portfolio. These quantitative measures provide a precise estimate of embedded credit losses, in parallel with the adoption of the current expected credit loss (CECL) standard, to project life of portfolio credit risk and end deficiencies in the current allowance guidance.

Good credit assessment is capped by qualitative components. There are several factors to consider in the current credit cycle.

  • Vintage of loan originations: Late-cycle loans to chase growth goals or to entice investors carry higher risk profiles.
  • Exotic lending: Some banks have added less conventional loan products to their offerings, which may require specialized talent.
  • Leveraged financial transactions: For some banks, commercial and industrial (C&I) syndications have replaced the real estate participation of a decade ago. They have recently grown in leverage and stress, and would be susceptible to an economic downturn.
  • Hyper commercial real estate valuation increases: Recent studies have shown significant increases in commercial property values, well over the pace of residential 1-4 family properties, along with the headwinds of higher interest rates and the advent of diminished real estate requisites accompanying the tech-driven virtual marketplace.
  • Dependence on current circumstance as proxies for future credit quality: We must accept that we are affected by trailing, rather than by leading, credit metric indicators.
  • Lending cultural protocols: Knowing the skill sets and risk appetites of prospective teammates is imperative. Some would argue that in today’s consolidation environment, cultural incongruity trumps loan quality as the biggest determinant of success.

What Should Lie Ahead
Credit due diligence should provide a key strategic forerunner to the financial and cultural integration between institutions that might have disparate lending philosophies.

It should include an in-depth quantitative dive combined with a skilled assessment of qualitative factors, both of which are critical in providing valuable insight to management and the board. Yet, to reduce costs some have difficulty swallowing any in-depth credit diligence, given the de minimis nature of recent losses and low levels of problem loans.

Many economic indicators point to tepid economic growth in 2019. At some point, the current credit cycle will turn. A lesson learned from the financial crisis has been to be proactive in risk management to stay ahead of the risk curve—and not be left to be reactive to negative effects.

During the crisis, many banks suffered greater losses due to their reluctance to initiate remediation in response to deteriorating credit. M&A credit due diligence must be treated as an anticipation of the future, not a validation of the past, and an investment in curtailing future losses.

The Modern Roadmap To Gold



Today, data helps competitive banks identify key targets and make smarter—and quicker—loan decisions. In this video, Bill Phelan, president of PayNet, explains how data analysis is shifting loan decisioning, and how banks can survive and thrive through the next credit crisis. He also shares his outlook for business lending, and believes that Main Street America is still looking for capital to grow and improve their businesses.

  • Using Data to Make More Profitable Loan Decisions
  • How Credit Risks Analysis is Changing
  • Preparing for the Next Downturn
  • The Outlook for Business Lending

Five Reasons Why You Should Reconsider Short-Term Loans


lending-7-16-18.pngFor the better part of a decade, regulatory agencies have placed obstacles in front of banks that all but prohibited them from offering short-term, small-dollar lending options for their customers. Now, at least one major regulator has signaled a shift in its opinion about those products, which should inspire banks to reconsider those options.

Here are five reasons banks often cite when discussing why they don’t offer short-term, small-dollar options, and a case why they should rethink those ideas.

You don’t think your customers need it
Perhaps many of your branches are in affluent areas, or you believe that your customers have access to other types of short-term liquidity. But the statistics regarding American personal finances may surprise you:

Nearly 50 percent of American consumers lack the necessary savings to cover a $400 emergency, according to the Federal Reserve.
The personal savings rate dipped to 2.8 percent in April 2018, the lowest rate in over a decade, according to the St. Louis Fed.
Each year 12 million Americans take out payday loans, spending $9 billion on loan fees, according to the Pew Charitable Trusts.

Based on these statistics, it’s likely that a portion of your customer base is affected by the lack of savings, or has a need for better access to liquidity, and chances are good that they’d be receptive to a small-dollar, short-term loan solution.

It’s Cost and Resource Prohibitive
For most financial institutions, introducing a traditional small-dollar loan program is cost-prohibitive–operationally, and from a staffing standpoint. From the cost of loan officers and underwriters to the overhead, the reality is it would take time and resources many banks do not have.

Enter fintech firms, bringing proprietary technology and the application of big data. The right fintech partner can manage the time, human and financial resources you may not have, such as application, underwriting and loan signing processes. In some cases, the whole thing can be automated, resulting in a “self-service” program for your customers, eliminating the human resource need.

Underwriting Challenges and Charge-Off Concerns
Another challenge is the loan approval process and how to underwrite these unique loans. A determination of creditworthiness by a traditional credit check does not adequately predict the consumer’s current ability to repay using recent behavior instead of a period of many years. Today’s fintech firms use proprietary technology to underwrite the loans, incorporating a variety of factors to mitigate charge-offs.

The OCC recently released a bulletin outlining “reasonable policies and practices specific to short-term, small-dollar installment lending.” It stated such policies would generally include “analysis that uses internal and external data sources, including deposit activity, to assess a consumer’s creditworthiness and to effectively manage credit risk.” The right fintech partner will apply big data solutions to assess creditworthiness using the OCC’s criteria and other factors.

Compliance Burdens
There’s no question short-term loan options have been heavily regulated over the past eight years. The CFPB placed predatory lending and payday loans under scrutiny. In 2013, the OCC and FDIC effectively ended banks’ payday loan alternative, the deposit advance. The CFPB cracked down even harder in October 2017 with their final payday lending rule, which had the potential to devastate the storefront payday loan industry, forcing consumers to seek alternative sources of quick liquidity.

The pressure is easing. The OCC was the first agency to encourage banks to make responsible and efficient small-dollar loans. If history has taught us anything, it’s that the other regulatory agencies likely will soon follow suit.

Concern About Cannibalizing Overdraft Revenue
Exclusive data collected by fintech firms experienced with overdraft management has shown there are two distinct groups of consumers managing their liquidity needs in different ways:

The Overdrafters
These are consumers that struggle with transaction timing and incur overdraft or NSF fees. A significant portion of this group might have irregular income streams, such as small business owners or commissioned salespeople. In many cases, these consumers are aware of their heavy overdraft activity, and will continue to overdraft, because for them, it makes financial sense.

The Loan-Seekers
A second group includes those consumers who simply lack the cash to promptly pay their bills, and either can’t obtain adequate overdraft limits or failed to opt-in to overdraft services. These consumers are actively seeking small-dollar loans to avoid the double whammy of hefty late fees and negative hits to their credit score for late payments.

Savvy financial institutions will ensure they have the programs in place to serve both groups of consumers, and fill the gap for the second category by using an automated small-dollar lending program with sound underwriting from a trusted fintech vendor.

2018 Risk Survey: Technology’s Impact on Compliance


regtech-3-19-18.pngIn addition to better meeting the needs of consumers, technology’s promise often revolves around efficiency. Banks are clamoring to make the compliance function—a significant burden on the business that doesn’t directly drive revenue—less expensive. But the jury’s out on whether financial institutions are seeing greater profitability as a result of regtech solutions.

In Bank Director’s 2018 Risk Survey, 55 percent of directors, chief executive officers, chief risk officers and other senior executives of U.S. banks above $250 million in assets say that the introduction of technology to improve the compliance function has increased the bank’s compliance costs, forcing them to budget for higher expenses. Just 5 percent say that technology has decreased the compliance budget.

Regtech solutions to comply with the Bank Secrecy Act, vendor management and Know Your Customer rules are widely used, according to survey respondents.

Accounting and consulting firm Moss Adams LLP sponsored the 2018 Risk Survey, which was conducted in January 2018 and completed by 224 executives and board members. The survey examines the risk landscape for the banking industry, including cybersecurity, credit risk and the impact of rising interest rates.

Fifty-eight percent say that the fiscal year 2018 budget increased by less than 10 percent from the previous year, and 26 percent say the budget increased between 10 and 25 percent. Respondents report a median compliance budget in FY 2018 of $350,000.

Additional Findings

  • Cybersecurity remains a top risk concern, for 84 percent of executives and directors, followed by compliance risk (49 percent) and strategic risk (38 percent).
  • Respondents report that banks budgeted a median of $200,000 for cybersecurity expenses, including personnel and technology.
  • Seventy-one percent say their bank employs a full-time chief information security officer.
  • Sixty-nine percent say the bank has an adequate level of in-house expertise to address cybersecurity.
  • All respondents say that their bank has an incident response plan in place to address a cyber incident, but 37 percent are unsure if that plan is effective. Sixty-nine percent say the bank conducted a table top exercise—essentially, a simulated cyberattack—in 2017.
  • If the Federal Reserve’s Federal Open Market Committee raises interest rates significantly—defined in the survey as a rise of 1 to 3 points—45 percent expect to lose some deposits, but don’t believe this will significantly affect the bank.
  • If rates rise significantly, 45 percent say their bank will be able to reprice between 25 and 50 percent of the loan portfolio. Twenty-eight percent indicate that the bank will be able to reprice less than 25 percent of its loan portfolio.
  • One-quarter of respondents are concerned that the bank’s loan portfolio is overly concentrated in certain types of loans, with 71 percent of those respondents concerned about commercial real estate concentrations.

To view the full results to the survey, click here.

Why Loan Participations Still Work For Banking


community-banks-9-19-16.pngOne consequence of the relaxation of branching restrictions in recent decades has been the near demise of correspondent banking, and specifically “overline lending,” where a community bank looks to a larger, geographically distant bank to extend credit to a customer of the community bank in excess of that bank’s legal lending limit.

The spread of branch banking, though, has enabled larger banks to compete for customers once the sole province of community banks. Further, large banks are under increased regulatory pressure to lend to smaller businesses. Consequently, traditional overline lending has largely disappeared. Community banks must now look elsewhere to place that portion of a loan exceeding the bank’s lending limit.

At the same time, technology is leveling the playing field between large and small banks in assessing and managing credit risk of business customers. Although customer relationships are still at the heart of community banking, not only does computerized process-based lending reduce costs, but it can lead to better lending decisions when, for example, data analysis provides a defensible rationale for rejecting a loan request from a customer who has a strong relationship with the bank. Community banks should utilize this technology to strengthen their relationship with existing customers as well as to attract new customers.

The Transformation of Community Bank Lending
Today, community banks find much of their traditional business lending imperiled by changes in banking technology, structure and regulation:

  • Credit-risk evaluation techniques have become more sophisticated;
  • Branching restrictions no longer protect local lending markets;
  • Computerized, process-based lending increasingly drives small-business lending, reducing the importance of relationship banking;
  • Business customers can still outgrow the lending capacity of their community bank;
  • Overline lending through correspondent banks has largely disappeared; and
  • Regulatory compliance costs have risen while becoming more complex, increasing compliance risk.

Because of these irreversible trends, much traditional business lending has left community banks, with the consequence that they have become more dependent on commercial real estate (CRE) and construction and development (C&D) lending than is the case at larger banks.

Community bank CRE and C&D lending usually is limited to a bank’s immediate market area, leading to a concentration of geographical credit risk that can be dangerous, if not fatal, to the bank during an economic downturn. CRE and C&D loan losses were a major factor in the failure of many community banks following the 2008 financial crisis. Although community banks have been increasing their commercial and industrial (C&I) lending, they still are too heavily concentrated in CRE and C&D lending.

How Community Banks Can Compete More Effectively Today as Lenders
A major challenge facing many community banks today is how to reduce their dependency on CRE and C&D lending while profitably attracting and retaining other types of business customers and borrowers. Community banks, though, still have many advantages they can capitalize on?proximity to their customers, local market knowledge, the ability to develop and maintain personal customer relationships, and speed and flexibility in tailoring banking solutions to a particular customer’s needs.

Community banks must implement new techniques to increase their non-real estate business lending, especially when a customer’s credit needs outgrow the bank’s balance-sheet capacity to accommodate all of those needs. Selling participations in loans that the bank has originated represents an effective way to retain customers with growing credit needs; loan participations are the modern-day equivalent of overline lending. At the same time, buying loan participations represents an effective way for a community bank to diversify its loan portfolio, both geographically as well as by customer type.

Key, though, to selling and buying participations in business loans is efficiently evaluating credit risk as well as monitoring and servicing a loan over its life. Working collaboratively with third-party providers of specialized banking services who are not competitors represents an excellent way for a community bank to profitably and safely engage in both buying and selling loan participations.

Conclusion
Community banks have been burdened in recent years by increased regulation while technology has enabled large banks and some emerging non-bank firms to divert business lending away from community banks. Nonetheless, relationship banking still is a valuable service that community banks can and do provide. However, they need to collaborate with other community banks to create the scale necessary to compete against the big banks by utilizing new technology to make their lending processes more efficient and to enhance the banking experience for their customers. Using technology in buying and selling loan participations represents an important way to accomplish that objective.