A Look Ahead to 2020: How Bank Directors Can Guard Against Risk


risk-12-11-15.pngAs banks look to the year 2020, we’ve identified five key risks that need to be actively assessed and monitored as the industry changes and adapts to consumer demands and competition. When it comes to data security and technology, regulatory risk, finding qualified personnel, profitability, and bank survival, bank directors need to ask:

  • How do we as an organization identify these risks on an ongoing basis?
  • How do they affect our organization?
  • How can we work with management to manage future risks?

Here’s a snapshot of the risk areas, what’s anticipated as we look to the future, and steps you can take to stay competitive and mitigate risk.

Data Security & Technology
It’s important to keep up with your peers and provide services as your clients demand them. More sophisticated payment platforms that make it easier to access and transfer funds will continue to gain popularity, particularly mobile platforms.

Being competitive requires innovation, which means software, bank integration, and sophisticated marketing and delivery. Third-party service providers may be the answer to help cut expenses and improve competition, but they also present their own unique risks.

With innovation comes opportunity: attacks on data security will increase, making the safeguarding of data a high priority for banks. While technology is an important element to this issue, the primary cause of breaches is human error. To this end, it’s essential for management to set the example from the top while promoting security awareness and training.

Regulatory Risk
Expectations from the Consumer Financial Protection Bureau regarding consumer protection will intensify. Anticipate some added expenditure to hire and retain technical experts to manage these expectations. Regulations are on the way for small business and minority lending reporting, as well as the structure of overdraft protection and deposit product add-ons, among others. Directors and management need to evaluate:

  • Compliance management infrastructure
  • Staffing needs and costs
  • Impact of proposed regulatory change to the bottom line

Qualified Personnel
For instance, baby boomers are retiring at a rate faster than Generation X can replenish, making it more difficult and costly to attract and retain skilled people. Meanwhile, the shrinking availability of skilled labor in this country is costing organizations throughout the United States billions of dollars a year in lost productivity, increased training and longer integration times.

A bank’s succession plan for its people should:

  • Identify key roles and technical abilities in your organization
  • Assess projected employee tenure
  • Develop a comprehensive employee replacement strategy
  • Prioritize training and apprentice programs

Profitability
The bottom line at traditional banks will continue to be stressed as momentum builds for institutions to reduce product and service-related fees. Overhead expenses also will continue to increase as banks boost spending for IT infrastructure to support demands by customers for mobile technology and technical innovation and finding and retaining qualified personnel to manage complex regulatory requirements. Responses to these trends are already underway. Some institutions are:

  • Divesting of consumer-related products laden with heavy regulatory requirements
  • Sharpening strategic focus on holistic customer relationships with professional and small business customers to increase relationship-driven revenue
  • Exploring new or more complex commercial lending products and partnerships designed to increase interest income to attract customers in new markets

Banks will need to closely monitor the impact of regulatory initiatives on future earnings from fees and alternative revenue sources.

Bank Survival
Here are some proactive steps to consider as your bank prepares for 2020:

  • Develop an ongoing strategy for mergers and acquisitions to expand capital
  • Consider charter conversions to lend flexibility in expanded product and service offerings or a change in regulatory expectations or intensity
  • Evaluate the impact of higher regulatory expectations

To help identify and manage risk, management should plan regular discussions in the form of annual strategic planning meetings, regular board meeting agendas, and targeted meetings for specific events. The focus should extend beyond known institutional risks, such as credit, interest rate and operational, but should also look at key strategic risks.

If your institution can innovate with the times to stay ahead of risk and competition with a systematic approach, then the path to 2020 will be less fraught with difficulties.

A Customer Focused Response to Data Breach: the Key to Survival


security-breach-7-13-15.pngThe unthinkable has happened: Data security measures have failed and sensitive customer information was taken. The next steps your company takes to respond are crucial. A poorly executed response to a data breach event can further anger customers, increase regulatory scrutiny, generate a media storm and have a lasting impact on customer loyalty.

AllClear ID has been working with companies to effectively prepare for and respond to data breaches for over a decade. During that time, there has been a noticeable shift in consumer expectations after a breach. Today, consumers expect—if not demand—a well orchestrated response. And they expect it to begin soon after the breach is made public. Data breaches are constantly evolving: Already in 2015, financial institutions account for about 9 percent of all data breaches, according to the Identity Theft Resource Center. That compares to about 3.7 percent in 2013. Whether that figure will hold up throughout the year remains to be seen.

The demands placed on businesses to get a breach response right are more intense than ever, as is the scrutiny when a response is perceived as mismanaged.

Because of the high pressure to get it right, a customer-centric approach to preparation is paramount. If you fail your customers, one in four may leave, according to a study from Javelin Research & Strategy. So financial institutions cannot rest upon past great customer service and relationships with clients in the event of a data breach.

When a breach is discovered, what to do? Companies that keep the focus on customers before, during and after a data breach fare far better than those that do not.

Minimize Brand Damage: With customers at the forefront of any response, it is likely that both the institution and your brand will survive long-term. Granted, that doesn’t mean an institution won’t encounter a few negative headlines from the outset. But if the response is bungled, the damage will be far greater. Unhappy customers may speak out on social media. Some may leave. And the breach could tarnish your image for years to come and ultimately can affect your bottom line.

Plan in Advance: To successfully manage a breach with a customer focus, companies must first have a plan in place. The plan should incorporate elements of crisis and or incident management such as likely breach scenarios, key decision makers, and key partners who will assist in the response. This will help diminish delays and costly mistakes during the response, and facilitate a return to normal business operations more quickly. Now that we have witnessed multiple destructive cyberattacks against U.S. companies, it’s clear that having an incident response plan in place is no longer optional. A recent blog post discussed the need for preparation in advance of a breach.

Questions to consider when preparing for a breach response operation:

  • When and how will customers be notified?
  • How will we answer customer questions?
  • Do we have the customer service capacity to manage the calls we receive from angered or fearful customers? Will we be able to train them to address customers’ concerns and alleviate their fear?
  • What identity protection will we offer?
  • How will we make things right if a customer is negatively harmed?

Quality Customer Support During a Breach: As breaches increase in scale and complexity—and 2014 was a watershed year for that as well—consumers have seen a lot of breaches, but still may react in anger or fear. Their first stop for information is the hotline and webpage you publish. Clear, consistent communication and messaging is key in restoring customer confidence. Scripts and Q&As must be available to trained, expert call center partners immediately. Responsible and knowledgeable front-line employees can do much to diffuse the situation and lessen customer anxiety.

And make it easy for your customers to have access to the most important protection – identity repair. The 2015 Javelin Strategy & Research Identity Fraud Study found the link between data breaches and identity fraud has increased. In 2014, 12.7 million consumers lost $16 billion to fraud—and two-thirds of them had received a data breach notification within the same year.

As McKinsey & Company says, “Much of the damage results from an inadequate response to a breach rather than the breach itself.”

Put yourself in the customers’ shoes: They have trusted you with their most valuable information – their identity. Whether you keep their trust depends, in part, on how they rate your performance in the face of a crisis.