How Open Banking Changes the Game for Private Banks


technology-2-4-19.pngOpen banking is the most prominent response to the strong push from technology, competition, regulation and customer expectations. This begs the questions, why should a private bank’s open banking strategy be individual? What impact does it have on the IT architecture? How does it improve customer service?

The new “ex-custody 2.0” model provides the answers.

Regulation, competition from digital giants, changing client expectations, the rise of open API technology and next generation scalable infrastructure are the forces unbundling the financial industry’s business model. Open banking, or the shift from a monolithic to a distributed business model, is one strategy for banks to harness these forces and generate value.

Four strategies for private banks
While banks have traditionally played the role of an integrator, offering products to clients through their own channels and IT infrastructure, open banking provides them with more possibilities.

These include being a producer, or offering products through an application programming interface (API) as white-label to other institutions; a distributor that combines innovative products from third-party providers on their platform; or a platform provider that brings third-party products and third-party clients together.

Private banks may adopt a mix of these roles.

Two Areas of Products
The products generated through open banking can be separated into two areas. The first area includes the API data from regulatory requirements such as PSD2 in Europe. These products are dependent on payment account information as well as payment executions over the mandated APIs.

The second area of products is part of the open banking movement and use of APIs in general. The scope of potential products is much wider as they depend on more than just payment account data or payment execution. Many trend products like crowdfunding, event-driven insurance, financial data economy or comparison services are shaped by the open banking movement.

In practice, many products depend on regulatory APIs, but also on data from other sources. This has been developed into a multi-banking product dubbed “ex-custody 2.0.”

Multi-banking – The ex-custody 2.0 model shows how a client’s wealth can look if his bank can aggregate account information and other data. Technology like the automated processing of client statements or enhanced screen scraping allows, upon client consent, to gather and aggregate investment or lending data as well. The client’s full wealth can then be displayed in one place. From the bank’s perspective, what better place can there be than its own online portal? Terms like multi-banking, account aggregation and holistic wealth management have been coined by the market. We want to add another term to those existing ones:

“Ex-custody 2.0.” Ex-custody is not a new term in the industry. It refers to positions of an accounting area not banked by the bank itself, but where the bank takes over administrative custody and reporting tasks for the principal bank. Ex-custody 2.0 for multi-banking is the next step, where the principal bank does not need to compensate the custodian bank for any services. In the case of screen-scraping, it does not necessarily know the other bank.

Contrary to other multi-banking or account aggregation implementations, the ex-custody 2.0 model is not a standalone application or dashboard, but fully integrated into the bank’s core technology and online banking system. Data is sourced from fintech aggregators through APIs and batch files.

Positions are then booked in a separate accounting area before being fed to the online banking system. This allows the bank to offer innovative products to the customer that rely on integration with both a booking and an online system.

New products include:

  • Multi-banking: the service to manage one’s wealth on one portal
  • Automated advice suitability based on all connected positions on the platform
  • Dynamic Lombard lending based on bank and external investments
  • Cross-selling via direct saving suggestions
  • Risk profiling and portfolio monitoring across institutions and borders
  • Balance sweeping across the family wealth or managed trusts and businesses
  • What-if and scenario simulation through big data modules on the platform.

Conclusion
Open banking will change the business model of private banks. It is a great opportunity, but also a great threat to existing business. The opportunities consist mainly of new scalability options for products, new integration possibilities for third-party products and the creation of new products using the data from open banking.

The main threat is the loss of the direct relationship between banks and clients. However, there is no mix of the four strategies that fits every bank’s business model. It is vital for a private bank to define a position according to the four strategies discussed here and to do so in an individual, conscious manner.

The Latest Model of Modern Banking


fintech-1-18-19.pngMost people assume that fintech companies are out to take business away from banks, but what if the opposite is true?

What if, instead of being a threat, fintech companies actually open up new opportunities for banks?

That’s what a handful of banks are exploring right now. They’re doing so by essentially white-labeling deposit insurance, regulatory expertise and access to credit platforms.

You can think of it as a partnership that leverages a fintech company’s strengths on the front end of the customer experience, with attractive and refined digital interfaces, as well as a bank’s strength on the backend, by providing access to safe and secure financial products.

It’s a classic win-win situation.

One bank pursuing this course is TAB Bank, an online bank based in Ogden, Utah, with $711 million in assets.

We came to the conclusion that we would build our strategy around how we think the market will look in two to five years, not how it behaves today,” says Curt Queyrouze, president of TAB. “What we determined was that once consumers try a digital interaction, they stay in that lane.”

Queyrouze has been cultivating this model for years.

The 20-year-old online bank has “sponsored” non-banks before who wanted access to the Visa and MasterCard credit platforms, says Queyrouze. Then TAB began working with marketplace lenders and offering traditional transaction accounts—in other words, white-labeling banking services to its partners.

“To the extent we can be the infrastructure for that cash account that attaches to whatever payment systems are out there, yeah, there’s a lot of benefit to that,” says Queyrouze. “As traditional banks we can hold that money, we can insure it and then we can take that money and turn around as the traditional banking model has always been and lend out that money, (or) use it in other ways to create profitable margin.”

The Bancorp Bank is pursuing a similar course. The $4.4 billion online bank headquartered in Delaware makes it clear what their model is all about: enabling non-bank companies to offer bank-like products.

“Take a close look behind some of the world’s most successful companies: that’s where you’ll find The Bancorp,” the company boasts.

The Bancorp backs Varo Money, for example, a mobile app offering users insured deposits, fee-free ATM withdrawals, interest-bearing savings accounts and personal loans in 21 states. (Varo Money was among the first fintechs to apply for the new national charter offered by the Office of the Comptroller of the Currency last year.)

Yet another bank pursuing a similar strategy is Cross River Bank, a New Jersey-based bank with $1.2 billion in assets.

Getting back to TAB, another epiphany came to Queyrouze in late 2018 at one of the biggest financial services conferences of the year.

Queyrouze thought about all the money being spent to lure new customers by both banks and non-banks.

As Queyrouze saw it, this gave TAB two potential paths to follow.

One would require a massive marketing budget to compete against bigger banks and fintech companies in the competition to acquire customers. The other was to stick to what it knew on the backend—namely, banking—while leveraging the strength of fintech companies on the frontend.

While we do have the option to market against this tide, we also have the opportunity to build a banking infrastructure to align with the fintech world and provide banking services to support their client base,” says Queyrouze.

In short, small banks like TAB don’t have the resources to compete in the digital realm against larger peers. Nor can they pump money into a national marketing blitz to grow their customer base.

But they can stick to what they do just as well as any bank regardless of size—banking—and let fintech partners handle the rest.

What You Should Know About M&A in 2019



Deal values have been rising, and economic factors—including regulatory easing and increased deposit competition—could drive more deals for regional acquirers, explains Deloitte & Touche Partner Matt Hutton in this video. He also shares how nontraditional acquisitions could impact deal structures, and the importance of due diligence and stress testing at this stage in the credit cycle.

  • Today’s M&A Environment
  • Deal Structure Considerations
  • Expectations for 2019
  • Advice for Boards and Management Teams

Focus On This One Area To Position Your Bank For Success


data-12-27-18.pngWhether it’s compliance with forthcoming regulations or simply giving your customers an enjoyable experience, banks are realizing that one thing is central to achieving successful results across their operations.

Data management and governance has become a central element for banks positioning themselves for the future in a digital-first world and as new credit reporting requirements, like the current expected credit loss (CECL) provisions, are put into effect.

Banks that embrace and establish a robust data governance process will be better positioned to accomplish its strategic initiatives, whether they be in customer acquisition or relationship management, or with efficiently meeting the new accounting standards.


customer-12-27-18-tb.pngHow Banks Can Make Use of Data-Driven Customer Insight
Most are familiar with the algorithms and machine learning employed by big tech companies like Google, Netflix and Amazon. Banks are beginning to employ similar strategies as the competition for new customers and new deposits remains high.

data-12-17-18-tb.pngFrom CRM to CECL: Why Improved Data Governance Is Imperative for Your Bank
Banks know they have mountains of data about their customers that can help deliver attractive experiences on a variety of platforms. But data governance is not only about controlling large volumes of data, it’s about creating trust in the quality of data.

Poor data governance practices can lead to poor decision making by bank management, which is a risk no institution can afford.

No matter what lies ahead for your bank, how your institution manages and utilizes data will be an essential piece to its strategic initiatives and goals.

2019 Bank M&A Survey: What’s Driving Growth


acquisition-12-3-18.pngOver the past year, Congress has passed both tax reform and regulatory relief—signed into law by President Donald Trump in December 2017 and May 2018, respectively. And the Trump administration has appointed regulators who appear to be more favorable to the industry, including former bankers Joseph Otting, to the Office of the Comptroller of the Currency, and Jelena McWilliams, to the Federal Deposit Insurance Corp.

As a result, the 184 bank executives and directors participating in the 2019 Bank M&A Survey, sponsored by Crowe LLP, voice a resoundingly positive view of Washington, particularly for Trump and Mick Mulvaney. Eighty-seven percent say the Trump administration has had a positive impact on the banking industry. The same percentage give glowing marks to Mulvaney, the interim head of the Consumer Financial Protection Bureau who has turned the agency into less of a regulatory cop and more into a regulator with an even-handed approach toward the financial industry.

The survey examines industry attitudes about issues impacting M&A and growth, along with expected acquisition plans and expectations for the U.S. economy through 2019. It was conducted in September and October 2018.

Tax reform had a big impact on the industry, with many making investments to grow their business. Thirty-seven percent say their bank invested in new growth initiatives as a result of tax reform, and 36 percent in new technology. One-quarter indicate the bank raised employee salaries, and 19 percent paid a one-time bonus to employees. Some shareholders saw gains as well: 25 percent of respondents say their bank paid a dividend, and 10 percent bought back stock.

When asked where the bank designated the largest percentage of its tax windfall, 32 percent point to new growth initiatives, and 26 percent to shareholders.

Additional Findings

  • More than half believe the current environment is more favorable for deals, and 50 percent say they’re likely to acquire another bank by the end of 2019.
  • Thirty percent believe their bank is more likely to acquire as a result of the Economic Growth, Regulatory Relief and Consumer Protection Act, which rolled back some regulations for the banking industry. Two-thirds indicate regulatory reform will have no impact on their M&A plans.
  • Acquiring deposits is very attractive to today’s potential dealmakers: 71 percent say the potential target’s deposit base is a highly important factor in making the decision to acquire. 
  • To better compete for deposits, 29 percent say their bank will acquire deposits via acquisition.
  • Fifty-three percent say branch locations in attractive or growing markets are highly important, and 49 percent place high value on lending teams or talented lenders at the target.
  • Despite more sympathetic regulators and the passage of regulatory relief, 72 percent say their bank’s examiners have grown no less stringent over the past two years.

To view the full results to the survey, click here.

One Tool To Get a Better Grasp on Cybersecurity Risk Oversight


cybersecurity-11-26-18.pngAs new types of risk – and new regulatory requirements – are introduced, bank directors play an instrumental role in making sure the executive team is properly addressing cybersecurity risks.

This can be an especially challenging responsibility as it is rare for board members to have the technical background or expertise to appropriately assess an entity’s cybersecurity risk management program without external resources. In many instances, directors find themselves in the uncomfortable position of relying primarily on management reports or the advice of third-party providers to meet their oversight responsibilities.

Annual scorecards from management and vulnerability assessments from third-party providers have value, but can make it difficult to compare and assess risk management programs with confidence.

To address this challenge, boards can consult new guides that offer ways to explore and dig into potential cyber risk management issues and other technical matters.

The Center for Audit Quality (CAQ), recently released a new publication, “Cybersecurity Risk Management Oversight: A Tool for Board Members.” The tool, like other emerging frameworks, is designed to help board members probe more deeply, challenge management assertions from a position of knowledge and understanding, and make more informed use of independent auditors.

Asking the right questions
In addition to offering board members a high-level overview of cybersecurity risk management issues and board responsibilities, the tool offers a series of probing questions board members can use as they engage in discussions about cybersecurity risks and disclosures with management and with independent financial auditors.

The questions are organized into four groups:

  1. Understanding how the financial statement auditor considers cybersecurity risk. These questions help board members understand the auditor’s approach to cybersecurity-related risks, and how such risks get addressed in the audit process.
  2. Understanding the role of management and responsibilities of the financial statement auditor related to cybersecurity disclosures. These questions help board members explore compliance with current SEC guidance, as well as other regulatory and disclosure requirements.
  3. Understanding management’s approach to cybersecurity risk management. These questions look beyond financial reporting and compliance, and begin to probe broader cybersecurity-related issues, including the governing framework, policies, processes, and controls the bank has in place to manage and mitigate cybersecurity risk.
  4. Understanding how CPA firms can assist boards of directors in their oversight of cybersecurity risk management. These questions help board members learn about additional offerings CPA firms can provide to assist them, and what factors to consider when engaging outside auditors to perform readiness assessments and examinations.

Starting the conversation
The CAQ says the cybersecurity oversight tool is not intended to be a comprehensive, all-inclusive list of questions for board members to ask. It also cautions against using the questions as a checklist for board members to use.

Rather, board members should look at the questions as conversation starters, examples of the types of issues they should raise with management and financial statement auditors. The purpose of the questions is to spark a dialogue to clarify responsibilities and generate a conversation and help board members develop a better understanding of how the company is managing its cybersecurity risks.

Expanding CPAs’ capabilities
As noted, one group of questions is designed to help board members learn more about other cybersecurity assurance services offered by CPA firms. One example of such services is the new System and Organization Controls (SOC) for Cybersecurity examination developed by the AICPA.

The information within the report provides management, directors or clients a description of the organization’s cybersecurity risk management program and an independent opinion on the effectiveness of the controls in place.

As concerns over cybersecurity risks in banking continue to intensify, directors will find it increasingly necessary to be capable of effectively challenging executive management and financial auditors. This tool is one guide alongside other evolving frameworks and services, that can help boards fulfill their responsibilities while also adding significant value to the bank and its shareholders.

Cybersecurity: What You Need To Know


cybersecurity-10-29-18.pngAsk most top bankers one thing that keeps them up at night, and many of them will say cyber threats and risks to their company’s cybersecurity is chief among them.

Even the biggest banks wrestle with this important issue, and breaches can have serious financial, reputational and regulatory ramifications.


security-10-29-18-tb.pngBasic Cybersecurity Protections
For most companies, the question of a cyber-attack is when or how many, not if. There are basic protections to have in place to prepare and defend against the risk of an event, but with ongoing and persistent risk of threats, its best to have a strategy practice for any potential event.

data-10-29-18-tb.pngUse Data To Protect Data
To mitigate the risks of cyber events and threats, using data-based model can be effective. Data can quantify the risk to the institution and make regulatory reporting more efficient. It can also make the threat identification process more efficient by highlighting areas of risk more easily.

cyber-10-29-18-tb.pngWhat is “Threat Intelligence?”
One of the toughest challenges in cybersecurity is maintaining an edge against potential attackers who are continually making their attempts more sophisticated and difficult to defeat. One way many companies maintain that edge is to collect and use “threat intelligence,” which is information that can help prepare and preempt potential incoming cyberattacks. But, you have to use the intelligence effectively.

talent-10-29-18-tb.pngThe Cybersecurity Talent Threat
Research, including that conducted by Crowe and Bank Director, has indicated that bank executives and boards have concerns about the capability and readiness of the bank and its employees to identify, prevent and respond to cyberattacks. Regardless of asset size, there are ways to find and prepare your employees for real and perceived threats.

finances-10-29-18-tb.pngFinancial implications
Just one breach can cost a company millions of dollars and untold more in other areas, potentially wiping out any projected revenue gains for the quarter, or longer. Analyses conducted my major firms have estimated a wide range of potential per-record costs for data breaches, making it difficult to truly project what any single event could carry in terms of financial impact. But some have been estimated to cost tens of millions of dollars, making the threat highly worrisome.

Cybersecurity should be if it is not already among the pinnacle talking points and areas of focus for your board. Without that preparation and ongoing discussion, your institution can find itself at risk that can harm your customers and your institution. But remember there is plenty of opportunity to prepare, secure yourselves and respond in the event of a cyber event.

Concentration Risk Management Remains an Exam Focus: Stress Tests are Vital


risk-9-4-18.pngMake no mistake about it: If your bank has concentrations that are at or above regulatory guidelines, examiners will expect to see a stress test that supports your concentration risk management plan.

Stress testing has never been mandated for community banks—but it is a tool examiners expect banks to use if they have concentration issues in their portfolio. And this isn’t going to change, no matter what Congress does to ease regulatory burden.

In the past year, many community banks have had regulators question their concentration risk management practices. Examiners have said the stress tests will be the primary focus, and in some cases the only focus, of the inquiry.

In several cases, regulators downgraded the bank’s CAMELS score for not having adequate stress testing in place. Regulators are most focused on the management’s command of the tests, and how they make real and critical decisions related to capital and strategic planning.

Banks with New Concentration Issues of Interest
Commercial real estate (CRE) concentration risk management is not a new issue, but regulators are especially targeting banks without a long history of managing CRE concentrations, and are growing their CRE book at excessive rates. 

A BankGenome™ analysis shows that 2,004 banks have grown their CRE portfolios by more than 50 percent in the last three years, a level that has regulators concerned. As of the first quarter of 2018, 293 banks were over the 100 percent construction threshold and 420 banks exceeded the 300 percent total CRE guidelines. Of banks exceeding the thresholds, 54 banks also had 50 percent or more growth within the last three years – a sure sign they will face increased scrutiny under current guidance.

Anticipate Exam Scrutiny
If you are one of these banks, the worst thing you can do is overlook your next safety and soundness exam. Regulators will come in guns blazing, and you should prepare yourself accordingly.

There will be findings and perhaps even formal Matters Requiring Attention (MRAs), no matter how prepared you are.

Make Minor Findings a Goal
However, the key is to manage those findings. You want only minor infractions, such as not having enough loans with Debt-Service Coverage Ratios (DSCRs) in your core, or having to deal with model risk and model validation. Those are easy to address, while allowing examiners to show their boss that they extracted blood from you. 

You do NOT want examiners to say management doesn’t understand or use the stress test. Those type of findings are far more serious and could lead to CAMELS rating downgrades or worse.

Regulators Expect Stress Tests
Examiners expect banks with CRE concentrations to conduct portfolio stress testing, so bank management and the board can determine the correct level of capital the bank needs. 

Banks with concentrations would be smart to follow the stress testing best practices outlined by the Federal Reserve Bank of Richmond’s Jennifer Burns. Those include:

  • Running multiple scenarios to understand potential vulnerabilities
  • Making sure assumptions for changes in borrower income and collateral values are severe enough
  • Varying assumptions for what could happen in a downturn instead of just relying on what happened to a bank’s charge-off rates during the recession
  • Using the stress test results for capital and strategic planning
  • Changing the stress test scenarios to stay in sync with the bank’s current strategic plan

Burns’ article also notes that one new area of concern is owner-occupied CRE loans, which for years were considered extremely safe.

Report Finds Increased Scrutiny and Risk
The Government Accountability Office issued a report in March that warned of increased risk from CRE loan performance, though still lower than levels associated with the 2008 financial crisis. The GAO found that banks with higher CRE concentration were subject to greater supervisory scrutiny. Of 41 exams at banks with CRE concentrations, examiners documented 15 CRE-related risk management weaknesses, most often involving board and management oversight, management information systems and stress testing.

Prudential regulators acknowledge that proper concentration risk management is a supervisory concern for 2018.
The Office of the Comptroller of the Currency’s latest semi-annual risk perspective noted that “midsize and community banks continued to experience strong loan growth, particularly in CRE and other commercial lending, which grew almost 9 percent in 2017. Such growth heightens the need for strong credit risk management and effective management of concentration risk.”

Maximizing the Power of Predictive Analytics



Data analytics affects all areas of the bank, from better understanding the customer to addressing regulatory issues like stress testing. However, organizations face several barriers that prevent unlocking the power of predictive analytics. John Sjaastad, a senior director at SAS, outlines these barriers, and shares how bank management teams and boards can address these issues in this video.

  • The Importance of Predictive Analytics
  • Barriers to Using Predictive Analytics
  • Considerations for Bank Leaders

A Timely Reminder About the Importance of Capital Allocation


capital-7-6-18.pngCapital allocation may not be something bank executives and directors spend a lot of time thinking about—but they should. To fully maximize performance, a bank must both earn big profits and allocate those profits wisely.

This is why the annual stress tests administered each year by the Federal Reserve are important, even for the 5,570 banks and savings institutions that don’t qualify as systemically important financial institutions, or SIFIs, and are spared the ritual. The widely publicized release of the results is an opportunity for all banks to reassess whether their capital allocation strategies are creating value.

There are two phases to the stress tests. In the first phase, the results of which were released on June 21, the Fed projects the impact of an acute economic downturn on the participating banks’ balance sheets. This is known as the Dodd-Frank Act stress test, or DFAST. So long as a bank’s capital ratios remain above the regulatory minimum through the nine-quarter scenario, then it passes this phase, as was the case with all 35 banks that completed DFAST this year.

The second phase is the Comprehensive Capital Analysis and Review, or CCAR. In this phase, banks request permission from the Fed to increase the amount of capital they return to shareholders by way of dividends and share buybacks. So long as a bank’s proposed capital actions don’t cause its capital ratios from the first phase to dip below the regulatory minimum, and assuming no other deficiencies in the capital-planning process are uncovered by the Fed during CCAR, then the bank’s request will, presumably, be approved.

There’s reason to believe the participating banks in this year’s stress tests will seek permission to release an increasingly large wave of capital. Banks have more capital than they know what to do with right now, which causes consternation because it suppresses return on equity—a ratio of earnings over equity. And last year’s corporate income tax cut will only further fuel the buildup going forward, as profits throughout the industry are expected to climb by as much as 20 percent.

We probably won’t know exactly how much capital the SIFIs as a group plan to return over the next 12 months until, at the soonest, second-quarter earnings are reported in July. But early indications suggest a windfall from most banks. Immediately after CCAR results were released on June 28, for example, Bank of America Corp. said it will increase its dividend by 25 percent and repurchase $20.6 billion worth of stock over the next four quarters, nearly double its repurchase request over last year.

The importance of capital allocation can’t be overstated. It’s one of the most effective ways for a bank to differentiate its performance. Running a prudent and efficient operation is necessary to maximize profits, but if a bank wants to maximize total shareholder return as well, it must also allocate those profits in a way that creates shareholder value.

One way to do so is to repurchase stock at no more than a modest premium to book value. This is easier said than done, however. The only time banks tend to trade for sufficiently low multiples to book value is when the industry is experiencing a crisis, which also happens to be when banks prefer to hoard capital instead of return it to shareholders.

As a result, the best way to add value through capital allocation is generally to use excess capital to make acquisitions. And not just any ole’ acquisition will do. For an acquisition to create value, it must be accretive to a bank’s earnings per share, book value per share or both, either immediately or over a relatively brief period of time.

If you look at the two best-performing publicly traded banks since 1980, measured by total shareholder return, this is the strategy they have followed. M&T Bank, a $119 billion asset bank based in Buffalo, New York, has made 23 acquisitions since then, typically doing so at a discount to prevailing valuations. And Glacier Bancorp, a $12 billion asset bank based in Kalispell, Montana, has bolstered its returns with two dozen bank acquisitions throughout the Rocky Mountain region.

The point is that capital allocation shouldn’t be an afterthought. If you want to earn superior returns, the process of allocating capital must be approached with the same seriousness as the two other pillars of extraordinary performance—prudence and efficiency.