GCFM Sept_Oct 2022

I’VE DECIDED TO PARTNER WITH SHAZAM.

SHAZAM’s a nonprofit organization; we don’t answer to shareholders. While we work to earn a profit, we reinvest those dollars in technology and services, keeping costs down to the benefit of our clients.

John McNair

President & CEO john@cbaofga.com

Lori Godfrey

Executive Vice President and Chief of Staff, Government and Regulatory Relations lori@cbaofga.com

Kristi Greer

Senior Vice President Professional Development kristi@cbaofga.com

Lindsay Greene

Senior Vice President Member Services, Marketing lindsay@cbaofga.com

Lisa McNair

Director of Finance lisa@cbaofga.com

Cassie Cornell

Assistant Vice President Digital Strategy and Professional Development Marketing cassie@cbaofga.com

Becky Soto

Assistant Vice President Professional Development and LEAD Board becky@cbaofga.com

Connie Shepard

Assistant Vice President Professional Development and Member Engagement connie@cbaofga.com

Ellen Shea, CMP

Director of Association Services ellen@cbaofga.com

Why Invest in Cyber Security?

In May of this year, Bank of America CEO Brian Moynihan said his institution spends approximately $1 billion per year on cyber security. Total revenue for B of A through for 12 months ending June 30, 2022, was reported to be $96.89 billion- meaning, B of A is investing nearly 1% of their total annual revenue into cyber security. So, if B of A is investing 1% of their gross annual revenue into cyber security, why aren’t community banks doing similar? This is an important question that needs to be asked during senior management meetings and in the Board rooms of community banks across the country.

In doing research for this column, I came across a good article from Picus Security titled “Key Threats and Cyber Risks Facing Financial Services and Banking Firms in 2022.” The article is filled with information and statistics, and I encourage you to consider all in terms of the needs of your company and institution. While the facts and figures are worthy of serious consideration, as a community-

based institution, there are a multitude of other risks to be considered as well. Perhaps none more important than the bank’s reputation and potential harm to the local customers and community it serves. A cyber attack on a local community bank could cause irreparable damage to the bank’s reputation for safety and security. Additionally, the impact on its customers could result in the loss of savings, mortgage foreclosure, loss of business and similar. Outside of the facts and figures, there is a real risk for those that we serve. ALL must be taken into consideration when discussing a proper cyber strategy with management and the Board.

As a community bank leader, you have much to consider on a daily basis- especially in this current business cycle; however, I do believe it is important to allocate funding for a long term and strategic cyber security plan. Should you need assistance, please let us know at CBA as we have a multitude of resources and partnerships to assist.

Our Steadfast History Bears Repeating for our Customers & CommunitiesRebecaRomeroRainey

In today’s climate, the road ahead feels uncertain. Between growing inflation and fluctuating interest rates, the future may seem more clouded than ever, leaving us to ponder, “Where’s the crystal ball when you need it?” Yet, it doesn’t require clairvoyance to chart our path ahead; we can rely on our history and our experiences to map the course. For hundreds of years, community banks have stood strong, adapting to market changes and evolving to serve our communities. Through industry highs and lows, community banks have risen on a foundation of relationship banking and thoughtful

Marketpreparation.shifts

means that we must come back to those basics today, focusing on our strengths and what we can do to continue to excel. What sets us apart? How can we best demonstrate our commitment to our communities in the products and services we offer? Examining our strategic initiatives through this lens will help us ensure we aren’t simply reacting to a sense of urgency but proactively preparing for what lies ahead.

And we wouldn’t be community banks if we didn’t approach our businesses from a customer-first mentality. Fortunately, we have access to technological tools that enable data to tell our success stories. We have information on customer preferences, behaviors and needs, which, in turn, allows

us to make strategic decisions about how to prioritize our efforts and get real success stories out into the mainstream. But with everything in life, we can’t do it all. We need to prioritize as we enter budget discussions over the next few months. Our banks, customers and communities will benefit when we align objectives with the potential solutions or opportunities that are going to make the most impact. By focusing on the problems we’re trying to solve and how those solutions will benefit our customers, we can separate timely initiatives from those that can wait.

From courses with Community Banker University to our ThinkTECH initiatives to Bancard’s Payments Strategy Guide and the ICBA Tell Your Story Marketing and Communications toolkit, we strive to provide solutions to help you address this post-pandemic society of instant gratification and digital transformation in a thoughtful, strategic manner.

It’s no surprise that uncertain times lie ahead, but I can confidently say that community banks will continue to thrive with ICBA by their side. I don’t need a crystal ball to tell me that, though, because as they say, the best predictor of the future is past behavior, and for community banks, our steadfast history bears repeating for the customers and communities that continue to depend on us.

As General Counsel, our Financial Institutions team assists our clients in managing legal and regulatory exposure, training, and best practice development. Our Financial Institutions team – and our firm as a whole – has the depth of experience and resources available to assist your bank in navigating legal matters and answering questions. We are directly accessible to your employees and board of directors at all times to ensure a professional, timely resolution of issues or questions. We are committed to being well-acquainted with your organization, its strategic priorities, and with your employees, shareholders, and board of directors so that we wisely manage

ACCESSIBILITY

We offer all of our clients open lines of communication. We are committed to a high standard of responsiveness and to managing your matters at the pace your business runs. We employ our knowledge of your institution to internally allocate our most efficient and effective resources to ensure that our external response to you

RELATIONSHIP

As General Counsel, we want to be part of your team and a contributor to your success. As our relationship grows, we will develop an understanding of your needs, increasing our efficiency in handling your matters. We will understand your core system, ancillary software platforms, your policies and procedures, your

each matter in the best interests of all. We also work to ensure that our knowledge of your policies, procedures, general operations, strategic goals, and higher level business plans remains up to date and that our recommendations on any issue help you implement same with best practice in mind. Our ongoing representation is designed to serve as an integrated resource for your institution, and to be a right hand on any particular topic, regardless of its scope, at any time. Our goal is to bring our skill sets, experiences, and resources alongside you, and help your bank reach its ultimate potential.

is coordinated, professional, and guided by expertise and experience. If you need us, call us. Our phone numbers are direct lines to capable, experienced attorneys, ready to make you feel like your call is to another member of your team.

management structure, and your strategic goal, which will allow us to provide you with uniquely tailored legal services. We believe in superior client service and endeavor to foster a relationship with each client that reflects this standard of excellence.

DATA EXPERT

Meet our data privacy expert, G. Grant Greenwood. Mr. Greenwood has experience in data security privacy laws and is a Certified Information Privacy Professional/U.S. Credential “CIPP/US”. For more information, Mr. Greenwood can be reached at (478) 749 9935 or ggreenwood@jamesbatesllp.com.

Town Hall Talks - Building Relationships Between Legislators, Constituents & CBA

The highly successful Town Hall Talks were held in August in Valdosta, Augusta, Milledgeville and Watkinsville. This multilocation grassroots alternative to the Day at the Dome allows bankers the opportunity to continue building our grassroots advocacy efforts and to meet their legislators in person. At each location, bankers, partners and small business owners had the opportunity to engage with legislators in a question-and-answer session and to hear their perspectives on legislative

CBAissues.was

pleased to partner with National Federation of Independent Business (NFIB), Hunter Loggins, and Nathan Humphrey. CBA’s John McNair, Lori Godfrey and Becky Soto were instrumental in the success of the Town Hall Talks. Special thanks to the bankers, legislators, small business owners and partner firms who participated.

Thank you to the Town Hall Talk sponsors - Fitech, ICBA, IntraFi, James Bates Brannan Groover LLP, and SHAZAM.

As always, CBA’s Swaggin Wagon thoroughly enjoyed the road trips visiting with bankers, legislators, partner firms and stopping at community banks along the way.

Repurpose pledged funds for balance sheet flexibility.

Reduce collateralized deposits and increase asset liquidity.

By significantly reducing the collateral it holds for pledging purposes, your bank can avoid having pledging requirements drive its investment strategy. Reducing collateralization can give your bank more flexibility to manage interest rate risk. And, decreasing the need to track collateral on an ongoing basis can save time for both your bank and its customers.

Talk to us today about IntraFi's solutions for collateral reduction.

Contact your Managing Director Danny Capitel at (866) 776-6426, x3476, or dcapitel@intrafi.com.

Use of IntraFi Network Deposits and IntraFi Funding is subject to the terms, conditions, and disclosures in the program agreements, including the IntraFi Participating Institution Agreement. Limits apply and customer eligibility criteria may apply. A list identifying IntraFi Network insured depository institutions at which funds may be placed through IntraFi Network Deposits may be found at https://www.intrafi.com/network-banks. As provided in the applicable Deposit Placement Agreement, the depositor may exclude particular insured depository institutions from eligibility to receive the depositor’s funds.Network Deposits and the IntraFi hexagon are service marks, and IntraFi, ICS, CDARS, and IND are registered service marks, of IntraFi Network LLC.

CBA'S ADVOCACY COMMITTEE

The banking industry continues to deal with issues that will have a profound effect on how we do business as community banks in the future. The Community Bankers Association of Georgia’s Advocacy Committee is a vital tool for educating members of the Georgia Legislature about the issues and concerns of the state’s community banking industry.

WHAT IS SPORTING CLAYS?

Sporting clays is a shotgun shooting competition in which clay pigeons are presented to the gunner in ways that mirror the flight pattern of game birds. The shooting grounds are laid out in stations with each station representing one type of bird or a combination of game. Teams will be made up of foursomes, and scoring is based on the Lewis system.

WHAT IS PROVIDED

· Explanation of competition and rules

· Safety instruction

· Clays

· Lunch

· Prizes

· Eye and ear protection

· Course Transportation

WHAT TO BRING

· Shotgun (A limited number of shotguns is available for rent. Call CBA for more information)

· Ammunition - There will be no opportunity to buy ammunition on the plantation grounds

Closing SBA loans keeps doors

SB157 Crosses $300 Million!

For years, Georgia’s community banks were at a distinct disadvantage compared to large, mostly out of state financial institutions when competing for municipal deposits. The pledging requirements in place made it cost prohibitive for community banks to secure deposits from local municipalities that wanted to keep their money local. As Georgia’s community banking-only state association, CBA made changing the law a top priority in the fall of 2018 to help level the playing field for community banks. In May 2019, CBA’s efforts were realized when Governor Kemp came to CBA headquarters to sign SB157 into law. The law allows banks to use the reciprocal deposit network to place municipal deposits and provide 100% FDIC insurance for all balances. Onerous and costly pledging is no longer required!

At the time of signing, projections suggested that over $1 billion in deposits would flow into the networks over a two-year period. Even with the pandemic and current liquidity positions, approximately $300 million combined has been placed by the two approved provider firms. With the need for core funding on the rise again, we will be tracking the progress and reporting to the membership and the Kemp administration over the coming months. In the meantime, please contact CBA with any questions.

The success of SB157 is a clear indication of the value of single constituent advocacy in the financial services industry. Large banks and community banks have different needs and concerns, and the fight over SB157 provides all with a very recent example of those differences. As the voice for the community banking industry, we need your help to fight for the legislative and regulatory priorities that are important to you. To be effective, please consider supporting the CBA Advocacy Fund. Your contributions go directly towards efforts to advance the community bank agenda here in Georgia. Thank you for your support!

Are You the Next Ultimate Grillmaster?

Tailgating season is here, and what better way to enjoy football season than with a smokin’ hot Recteq wood pellet grill? CBA’s Lori Godfrey and Becky Soto visited the Recteq headquarters in Evans and picked up both the RT-700 and the RT-340.

Each grill comes with two bags of pellets and a grill cover. Enter for a chance to win at CONNECT. Proceeds support CBA’s advocacy efforts.

Special thanks to James-Bates-Brannan-Groover LLP for sponsoring this fundraiser.

Bankers, speakers, and partner firms are gathering at Amelia Island for CBA’s Annual Convention “CONNECT!” The CBA Convention Committee, led by Richy Everly, President & CEO, Bank of Wrightsville, and comprised of both bankers and Associate Members, has been hard at work building an unforgettable experience full of impactful speakers, relevant topics and numerous networking opportunities including the popular mini-trade show. Take a look at the agenda, speaker line-up, sponsors, exhibitors and networking activities. A full recap of this year’s convention will be in the next issue of Georgia Communities First.

Talbot Ballroom

8:30 AM - 9:15 AM

6:00 PM - 6:30 PM

Plaza Prefunction Board Reception

Talbot Ballroom

General Session - Banking as a Service Eric Spink

6:30 PM - 7:30 PM

Plaza Ballroom Board Dinner

THURSDAY, SEPTEMBER 15

7:00 AM -8:00 AM

Talbot Ballroom Hot Breakfast

7:00 AM - 12:35 PM Registration Desk Open

8:00 AM - 9:15 AM

Talbot Ballroom

Behind Every Business is a Story Stephanie Stuckey

Talbot Ballroom Stretch Break

9:15 AM - 9:30 AM

9:30 AM - 10:15 AM

Talbot Ballroom

General Session - Panel Strategies to Support Small Business & Community Banking - Ask the Banker. Ask the Small Business Owner.

Moderator: Dan Speight

Panelists: Chris Cochran, Heath Fountain, Stephanie Stuckey & Eli Tinsley

Talbot Ballroom Exhibit Break Time

10:15 AM - 11:15 AM

11:15 AM - 12:00 PM Plaza II

11:15 AM - 12:00 PM

Talbot Ballroom

12:00 PM - 12:25 PM

Talbot Ballroom

Breakout Session A - Cryptocurrencies: The Landscape, Use Cases, and Future Projections Rahm McDaniel & Marcie Bomberg

Breakout Session B - Five Critical Strategic Traps That Face U.S. Community Banks In 2022 Marty Mosby

General Session & Announcements

Afternoon On Your Own

8:00 PM - 10:00 PM Advocacy Silent Auction Fundraiser Event

9:15 AM - 9:30 AM

Talbot Ballroom Stretch Break

9:30 AM - 10:15 AM

Talbot Ballroom

10:15 AM - 11:15 AM

Talbot Ballroom

11:15 AM - 12:00 PM Plaza II

11:15 AM - 12:00 PM Talbot Ballroom

12:00 AM - 12:35 PM Talbot Ballroom

General Session - Panel The Great Resignation: Engage & Retain, Recruitment, Compensation

Moderator: Greg Proffitt

Panelists: Clare Easterlin, Dawn Ghering, Grant Greenwood, David Salters

Exhibit Break Time

Breakout Session C - Core Market Update: Disruption is changing bank technology...forever. David Saylor

Breakout Session D - Strategic Decisions Using Data Sanjay Bhaskar

General Session & Announcements ICBA Update Rebeca R. Rainey

Afternoon On Your Own

SATURDAY, SEPTEMBER 17

7:00 AM - 8:00 AM Talbot Ballroom Breakfast

7:00 AM - 12:35 PM Registration Desk Open

8:00 AM - 8:15 AM Talbot Ballroom Kick Off

8:15 AM - 9:30 AM Talbot Ballroom

Regulator Panel Regulator Debrief/Recap and Legal Update with Q/A Moderators: Corrie Hall & Lori Godfrey Panelists: Melissa Snead, Tim Rich, Terence Mack, Trey Wheeler

9:30 AM - 9:40 AM Talbot Ballroom Stretch Break 9:40 am - 10:25 AM Talbot Ballroom

General CultivatingSessionaPositive Culture that Leads to Innovation Damon Moorer

10:25 am - 10:40 AM Break for Breakouts

10:40 AM - 11:25 AM Plaza II

10:40 AM - 11:25 AM Talbot Ballroom

11:30 AM - 12:40 PM

Talbot Ballroom

12:40 PM - 12:45 PM Talbot Ballroom

Breakout Session E: Value Added Agribusiness Opportunities - What are the trends in agriculture? What opportunities are being created in agribusiness? Kent Wolfe

Breakout Session F:Cyber Security Incident Response Tabletop Scenarios Grant Greenwood

To Boldly Go To Boldly Go...Stepping out of Ordinary into Extraordinary Ray McElroy

General Session & Announcements

Afternoon On Your Own

6:30 PM - 7:15 PM Talbot Prefunction Reception

7:15 PM - 8:30 PM Talbot Ballroom

8:30 PM - 11:30 PM Talbot Ballroom

Chairman’s Dinner

Chairman’s Party Dueling Pianos

Thank you to our individual sponsors

Classic Sponsors

Eclipse Brand Builders is an award-winning commercial design-build experience the institutions throughout the as a single source of respon sibility for and con struction an unwavering commitment to

Taking Charge

October Is Cybersecurity Awareness Month

CBA’s popular Cyber Risk Summit was held in August in Savannah with close to 70 attendees. Information security officers, digital innovation experts, operations managers, and risk managers gathered to learn, share resources, and ensure their bank is cyber aware and compliant. A few topics this year included computer security incident notification requirements, vendor management & risk assessments as well as IT and cyber governance.

In honor of Cybersecurity Awareness Month in October, we polled several community bank cyber experts on best practices, recent threats and what keeps them up at night.

How does your bank keep employees up to date on policy changes, new information security risks, and best practices?

We leverage our employee intranet to promote cyber awareness and policy changes. We continually share information on the latest threats and best practices from a combination of resources (government agencies and service providers). We share a “scam of the week”, examples of phishing emails, and news articles. We also conduct on going phishing exercises and monthly training to keep cyber security top of mind.

What keeps you up at night?

Insurance issues as it relates to ransomware and major breeches. Is there language in the policy that is not aligned with our application, or does the carrier disagree with our approaches as it relates to mitigation. We use an outside consultant, but the carrier takes the position of denial, then we need to prove the claim.

We recently increased our insurance coverage, but again, the carrier will make us prove we did everything according to their policy and our application. That’s a lot of information that has to be precisely correct, and to the carrier’s liking.

Does your bank have a plan for responding to a cyber security emergency?

Notify insurance carrier very early in the process. They, in turn, will assign one of their approved attorneys to represent the bank throughout the incident. The attorneys will provide forensic experts to help mitigate the incident. This method also helps ensure claims payments.

CRA Investment and Lending Test Credit For Protecting Local Seniors

Our foundation partners with community banks on programs that promote safety in nursing homes, HUD housing, and Veterans Homes across America. We support those that gave us so much with systems that prevent financial and physical abuse. Join the hundreds of banks that already participate. To get involved and earn CRA credit, please contact: info@shcpfoundation.org

What keeps you up at night?

Cyber-attacks are what keeps us up at night. Specifically ensuring we are prepared and have enough controls to prevent imminent attacks.

How does your bank keep employees up to date on policy changes, new information security risks and best practices?

We help employees identify security threats through various training programs. For example, our bank uses Knowb4 to educate and test our staff on different types of social engineering scams and phishing attacks. Our best defense has been our quarterly training. We can prevent loss if our staff is knowledgeable and aware.

What threats have you seen recently?

Spear smishing has been especially prevalent the last 12 months. Bad actors are actively using LinkedIn and other forms of social media to collect cell numbers of new team members. They then send SMS text messages to the new team members posing as our CEO or other C-level executives. To date, every reported case started out as a pleasantry, like a welcome to the team text. Fortunately, we had users report the strange texts early and now we periodically send out emails to educate users on the scam.

What keeps you up at night?

I worry about the sheer volume of security related information that needs to be analyzed and addressed. I, like many of my peers, are signed up for security related notifications and alerts from a plethora of resources. Whether it be newsletters, CISA/US-CERT alerts, audit firms, etc..., I am constantly bombarded with security information, vulnerability information, ransomware information, data breach information, and more. Some are easy to discard, but much of it requires time and analysis to determine if we are impacted and how we can mitigate it. The scariest part is that most of the time, by the time I receive an alert, that means the vulnerability or event has been in the wild for weeks or months or even longer.

How does your bank keep employees up to date on policy changes, new information security risks, and best practices?

Our bank has a weekly operations meeting that has representatives from all areas of the bank. There are standing agenda items for change management requests, which would include new policy changes. Relevant policy information is cascaded throughout the bank from that meeting.

Staying Ahead of the Cyber Security Curve

Staying ahead of the Cyber Security curve is no easy task. Kim Kirk, Executive Vice President, COO, Queensborough National Bank & Trust Co., Louisville, has graciously shared some insights from her bank’s efforts. From recent threats, to tools, to keeping customers and employees informed, and more, Kim shares her thoughts on this constant threat and how she and her team are working to stay ahead:

What threats have you seen recently?

Phishing emails have increased significantly over the last year. Bad actors are targeting the bank’s most vulnerable assets, our teammates. We have so much information coming at us today, and it is easy for folks to mistake a phishing e-mail for a legitimate one. We put tools and procedures in place to minimize our risk to malware and ransomware. We conduct routine phishing test campaigns for our users to maintain awareness. We also conduct information security training for new teammates and provide refresher training for existing users, and additional training modules for users who fail phishing tests. We see particular sensitivity and higher failure rates on phishing test campaigns that appear to be originating from Human Resources.

What keeps you up at night?

Supply Chain Risk. While we try to perform as much vendor due diligence as we can on our third-party providers, we don’t always have line of sight or control to the vendors and software that our vendors use. We review SOC reports and document the disclosed underlying software’s that our critical vendors, particularly, are utilizing, so that when an incident like Solarwinds occurs, we can assess our impacts as quickly as possible.

As community banks we are very dependent on the security controls and processes of our third party vendors, from core vendors, to online banking vendors, to website hosts, to correspondent banking vendors, we are exposed to risks with each, and are dependent upon those vendors to have effective controls in place for the level of sensitive information they have on the bank and our customers.

What tools are you using and how are you using these tools?

The list of solutions that the bank uses for information security and cybersecurity continues to extend. We leverage a number of tools through our Managed IT provider such as endpoint threat detection and endpoint threat prevention from Crowdstrike. We also employ their enhanced vulnerability management solution to scan our external and internal environments for known vulnerabilities and to remediate those vulnerabilities with stated SLAs based upon the criticality of the vulnerability.

We also employ enhanced perimeter security through our online banking provider that includes bot management. The bank was subject to a credential stuffing attack a couple years ago. There were no customer logins breached because the bank employs multi factor authentication, but it was a nuisance for our customers whose logins were locked out. With the bot management solution, the malicious bots are throttled and challenged preventing the attack.

Additionally, both for the bank’s network and online banking domain, we blacklist high risk geographies from access, and monitor attempts.

We also employ website defacement tools to monitor any changes to the bank’s public website. We are alerted on any changes made. Separately we monitor vulnerability reports for the website host to monitor any risks in that environment. We also replicate our website to ensure if there are any impacts to the bank from ransomware or DDoS attacks, we can recover quickly.

Does your bank have an integrated information security strategy?

I would consider our information security strategy integrated across our procedures, particularly as we implement new initiatives or make changes in our environment. We assess risks at the beginning of the initiative and ensure that risks are addressed during our readiness assessment before we launch the initiative. We address configurations for the solution and data flows to ensure we understand the security of information as it traverses inside and outside of the bank’s environment.

We also have a system of monitoring in place to monitor what our users do in the normal course of business. Issues that are identified are escalated for remediation.

How does your bank keep employees up to date on policy changes, new information security risks, and best practices?

Having a holistic training plan for all teammates is key to maintaining awareness. Our information security team also sends alerts when phish e-mails are reported by users to help all teammates see what legitimate phishing e-mails look like. The information security team sends additional awareness alerts to users on current issues and topics, and

reports industry trends in our information security report to the IT Steering Committee.

How does your bank educate customers about information security risks and best practices?

October is Cybersecurity Awareness month! The bank hosts shred events throughout the year across our footprint to help customers securely destroy sensitive documentation, with one held every year in October in Louisville. We take the opportunity to provide customers information on how to protect themselves and their private information online. Throughout October we also provide customers other cybersecurity and information security tips through social media and online banking.

How is your bank effectively managing and monitoring system configurations?

Through our ongoing change management process, we document network configurations. We also document data flow

diagrams to ensure that the bank understands the kinds of information that is moving and its end-to-end flow. Administrative changes to our systems are independently reviewed by our information security team.

Every year we also work through a number of risk assessments including the GLBA Risk Assessment, Cybersecurity Assessment Tool, Online Banking Risk Assessment, Business Impact Analysis, Disaster Recovery Walk Through, and Business Continuity Plan. In addition, each year during the organizational meeting of the IT Steering Committee, we review the itemization of the software applications, and hardware support systems used institution-wide noting changes that have happened during the year. Having this annual hygiene helps us ensure we understand our systems, the information contained in them, and potential impacts from failures.

LOOKING

When Georgia’s community bankers are looking to do business, they look to CBA Associate Members first. Members have been approved by CBA’s Board of Directors and these companies offer competitive products and services designed to help community banks

What’ssucceed.more,CBA

Associate Members support the association with their sponsorships, advertising, informative articles, and participation in CBA programs. We salute this group of professionals and offer our sincere gratitude!

360 View

Abram Armored

AdamsacxellAbrigo

Keegan, Inc.

AldenAdPharosInvestment Group

Alkami Technology

Alston & Bird LLP

AmTrustAMATAS

Financial Services, Inc.

Arctic Wolf Networks

AtlantaAssetAscensusBlackMedia Services, LLC

StreetShares, a MeridianLink company

ATM Solutions, Inc.

Atris BalchTechnology&Bingham LLP

BDS Technology, Inc.

Bennett Thrasher

Berman Fink Van Horn P.C.

Cabretta Capital

CapitalCalTechCity Home Loans

Captive Solutions & Options, LLC

Carputty Inc.

Carr, Riggs & Ingram, LLC

Carty & Company, Inc.

Cash Transactions, LLC

CommunityCBIZ

Bankers Bank

Community Bankers Webinar Network

Community Lending Partners

Community Sustainability Enterprise Computer Services, Inc.

Computer Service Professionals, Inc.

Consolidated Banking Services, Inc. Consultants & Builders, Inc.

DataOceans, LLC

DataSeers, Inc.

DeNyse

EngagedElliottEconocheckEngageDytrix.IncCompaniesFiDavisBankereXperience LLC

Evans, Simpson & Associates, Inc.

Federal Home Loan Bank of Atlanta

FEMAC Security Solutions

FirstFirstFinzlyFinProFinosecLibertyNational

Bankers Bank

Bankers-InsightBankersBanker’sCardDashboardFactoringGroup, LLC

Banc

CornerstoneCore10

Barret School of Banking

CRS Data

Commercial Mortgages, LLC

Fiveash-Stanley,FiservFIS Inc.

Dart Appraisal

GEC,FrameworkResearchHomeownershipInc.

Foresight

Georgia Department of Community Affairs

Georgia Rural Investment Fund

Gerrish Smith Tuck, PC GT Credit

Habitat for Humanity of Georgia, Inc.

Nelson Mullins

NFP Executive Benefits

Nichols Cauley & Associates

StrategicTheSymphonaBurkeGroupResource

Clenney Rumsey Huckaby, P.C.

IBT Apps

ICI Consulting, Inc.

Integration 4.0 Inc

Intercept Consulting Group

PentegraPCBBPaymentsFirstOttoMotoOlsenNXTSoftNovusNovatechArchitectsPalmerLLCRetirement Services

Performance Solutions Inc.

Performance Trust

Jack Henry Banking King Services, Inc.

LenderSelect Mortgage Group

Liberty Technology

Lincoln James Financial Marketing Solutions

Logue Advisory Group

Martin Snow, LLP

McNair,MaxwellMcLemore, Middlebrooks & Co., LLC

Merchants Credit Bureau, Inc.

Miller & Martin PLLC

Clarke, DuVall & Rodgers, P.C.

National Bank Products, Inc.

National Loan Acquisitions, LLC

Piper Sandler & Co.

PNC Capital Markets, LLC

Prime Contractors, Inc. ProBank

Profit Resources, Inc

Management (SRM)

Technology Association of Georgia Tenax ThompsonSolutionsHine LLP TIB, TroutmanTripPlanetN.A. Pepper

United Bankers’ Bank Upgrade, Inc

USDA - Department of Rural Development Varci YorkWilliamWebbMasonVSoftMediaCorporationMarketingMillsAgency&Associates,LLC

Logos represent CBA Preferred Services Providers.

S&P Global Market Intelligence Safe Systems

SBA Company

Securitas Financial Services, Inc.

ServisFirst Bank

South State Bank, N.A.

Southern Bank Equipment & ATMs

Steve H. Powell & Company

PREFERRED2022 SERVICE PROVIDERS

DIAMOND LEVEL

ICBA Securities

Jim Reber | jreber@icbasecurities.com | 901.762.5884

Independent Community Bankers of America

Scott Brown | scott.brown@icba.org | 334.328.5731

James Bates Brannan Groover LLP

Dan Brannan | dbrannan@jamesbatesllp.com | 404.997.6023

SHAZAM

Alex Jernigan | jjernig@Shazam.net | 229.220.0064

PLATINUM LEVEL

Genesys Technology Group, LLC

David Saylor | david@genesystg.com | 770.729.4139

Vericast

Christine Ahlgren | christine.ahlgren@vericast.com | 678.500.5330

Warren Averett

Lisa Berry | lisa.berry@warrenaverett.com | 205.769.3388

Wipfli

Mary Boortz | mboortz@wipfli.com | 715.858.6677

GOLDBankersLEVELHealthcare Group

Brian Mullett | bmullett@bhg-inc.com | 315.663.1121

Crescent Mortgage

Skip Willcox | swillcox@crescentmortgage.net | 478.357.4441

DefenseStorm

Sarah Martin | Sarah.Martin@defensestorm.com | 470.702.9407

Eclipse Brand Builders

Sharon Morris | smorris@eclipsebrandbuilders.com | 678.890.1140

FITECH

Sarah Humphrey | shumphrey@fitech.com | 817.698.2268

Holtmeyer & Monson

Arne Monson | amonson@holtandmon.com | 800.340.7304

IntraFi Network

Danny Capitel | dcapitel@promnetwork.com | 770.630.6796

Mauldin & Jenkins

Ron Mitchell | rmitchell@mjcpa.com | 229.446.3600

Newcleus Bank Advisors

JR Llewellyn | jr.llewellyn@newcleus.com | 678.427.1015

Interested in becoming a Preferred Service Provider?

Point to Point Environmental

Mark Faas | mfaas@p2penvironmental.com | 678.565.4435 Ext 151

STS Group

Chris Nelson | cnelson@stsgrp.com | 205.567.3613

Travelers

Diana Baker | dcbaker@travelers.com | 678.317.7882

SILVER LEVEL

ACG

Phil Winn | Phil.Winn@acgworld.com | 678.458.9899

BCC-USA

John Gianacaci | JGianacaci@BCC-USA.com | 609.915.9168

College Ave Student Loans

Reid Moehn | rmoehn@collegeave.com | 619.865.3395

CRA Partners

David Lenoir | david.lenoir@shcpfoundation.org | 901.529.4786

Executive Insurance Agency, Inc.

Ryan Sower | ryan@executiveinsuranceagency.com | 770.474.2355

Kasasa

Ryan Busenitz | Ryan.Busenitz@kasasa.com | 678.595.0625

QwickRate

Melissa Wallace | melissa.wallace@qwickrate.com | 678.797.4062

Stokes Carmichael & Ernst LLP

Michael Ernst | mje@scelaw.com | 404-603-3441

BRONZE

AgoraEversoleLEVEL

Chis Bates | chris@agoraeversole.com | 601.366.7370

Bahr Consultants, Inc.

Hank Bahr | hank@bahrconsultantsinc.com | 865.694.6098

Darnel, Inc.

Greg Herring | gtherring@darnelrecovery.com | 770.786.4500

The Preferred Service Provider packages offers Associate Members the option of upgrading to package of your choice. A few benefits include early access to advertising, exhibiting and sponsorship opportunities, simplified budgeting and of course – increased exposure! All packages are reviewed by CBA’s Member Services Committee. To learn more, please contact Lindsay Greene at 770.541.0376.

Price pullback prospects

Availability of discount bonds causes a rethink of strategies

I’ve learned a few things about human nature as it relates to bond portfolio management over the years. Some of these notions or biases in the minds of investors are more logical than others. For example, it seems community bankers take some pride in owning a collection of bonds whose price has risen since purchase. An unrealized gain is much preferred over an unrealized loss in the minds of a lot of seasoned portfolio managers, investment committees and boards. This is in spite of the fact that the gain is residue of rates falling since purchase. The natural consequence is that the overall portfolio’s yields are on the way down, and I haven’t met many people who are hoping for lower returns on their Abonds.great

paradox is that many of these same bankers prefer to buy bonds whose prices are less than 100 cents on the dollar, rather than at premiums. In some cases, they’ll opt for discount bonds even if they have lower yields to maturity. I think they get satisfaction out of knowing they’re better off than the poor suckers who originally paid par or more for the same investment.

In that community banking is a cyclical industry, and its earnings have some correlation to market interest rates, there are periods in which certain strategies are in play, and others are not. An environment in which rates are high and rising, such as 2022, will produce bonds whose prices are below par. Like it or not, discounts are the story of the day, so let’s review how discount-priced bonds can be used strategically to improve portfolio performance.

Agency options: The simplest investment sector to analyze is government agencies. These bonds are issued by some of your favorites, such as Fannie Mae, Freddie Mac and the Federal Home Loan Bank. These do not have periodic principal repayments, so your original investment remains intact until maturity date. That is, unless it has a call feature, which is present in about 88% of outstanding issues. For these bonds, the borrower can decide to “call,” or prepay, the debt early, and on designated dates.

If a given bond is purchased in the secondary market at a price below 100, and the issuer later calls the bond early, the investor’s yield to call is higher than yield to maturity. This yield improvement can be dramatic if the callable is owned at a deep discount. Of course, the investor doesn’t expect the call to ever be exercised, so it’s a pleasant surprise to see the yield jump. These discount callables are typically priced to the worst case (i.e., maturity) to yield slightly more than non-callable bonds (i.e., bullets).

Mortgage maneuvers: Mortgage-backed securities (MBS) remain popular as community bank investments. The

majority of the dollars in all bank portfolios are in some type of MBS. And it is a deep and liquid (and growing) market, so supplies are plentiful for a given investor to shop around.

The cash flows of an MBS are mostly predicated on how much prepayment (not repayment) is received each month. There is a direct link between prepayment activity and the borrowers’ rates (in MBS parlance, “Gross WACs”) of a given pool, so investors can (within limits) create a predictable risk/reward profile. And have I mentioned that MBS are currently available at discounts?

Buying below-market coupons means two things in the near term. First, your monthly cash flows will be limited, and that may be fine for your bank’s needs. Secondly, the market price has room to improve, up to and beyond par, if rates begin to fall. For example, a 15-year MBS with a 2.00% coupon is currently priced around 94 cents on the dollar, and was worth around 102 at the start of 2022. Since the borrowers’ rates on these pools will be well below 3%, there is no financial incentive to prepay the loans early, so average lives will be quite long in the near future.

Offset to falling rates: Maybe the biggest benefit to owning bonds at prices less than 100 is that their returns will be inversely related to general market rates. When interest rates fall, the “optionality” comes “in-the-money” and some bonds get called away. To the extent they’re owned at discounts, their yield-to-call is enhanced. This is true for all bonds: agencies, MBS and even munis at discounts.

Further, since most all community banks have interest rate risk profiles that are built for rising rates, investments that out-perform as rates fall can help offset the margin compression that’s likely to occur. Perhaps best of all, discount bonds’ yields will automatically (magically?) increase as interest rates decline, without the need to sell the investments.

All told, owning bonds at prices less than par can help bring stability to the cash flows while lessening exposure to falling rates. It can also feed the needs, however subliminal, to get a bargain price, while improving future chances for unrealized gains. Paradoxical? I’d call it logical.

Cyber Risk: Are you Complacent or Proactive?

As your financial institution broadens the use of technology to become more competitive and efficient, you become increasingly more susceptible to cyberattacks. Hackers continuously exploit these new opportunities to breach your systems. This constantly changing environment makes it imperative that you operate with a proactive mindset instead of reacting when the attack happens. When a champion boxer steps into the ring, he isn’t just walking into a fight. He’s come primed for battle. He has spent months training, assessing his opponent, and devising a strategy in preparation to win. He doesn’t just take the punches; he goes on the attack. It is essential for financial institutions to do the same in the face of cyberattacks. Organizations need to reevaluate their strategy for cybersecurity and move beyond mitigating a breach after it occurs.

How can financial institutions approach cybersecurity differently and more effectively?

At DefenseStorm, we encourage financial institutions to change their way of approaching risk management with a fresh perspective, putting readiness at the forefront. We use the 4 C’s as a method for reevaluating how to manage cyber risk: Continuous, Consistent, Centralized and Clear. Identification and assessment of potential threats must be continuously exercised in real-time as they materialize. A one and done approach to risk assessment doesn’t allow institutions to assess new risks as they emerge, leaving them vulnerable. Implementing a consistent means for evaluating risks as well as uniform application, scoring, and evidencing of internal controls within a centralized platform ensures data accuracy and integrity. Lastly, gain a clear picture of how the institution’s risk profile has evolved over time by leveraging robust audit logs, dashboards, and reporting.

In a recent speech to the financial sector, Acting Comptroller of the Currency, Michael J. Hsu, raised his concern that what has been good enough will not be sufficient going forward, and that there is work to be done. Stating that “success can breed a false sense of security,” he urged that financial institutions “cannot be complacent. In a world of constantly evolving threats, vigilance must be maintained,” particularly with the “increasingly complex dependencies in the provision of financial services.”

How can financial institutions fortify their cyber defenses proactively?

1. Understand that complacency is a risk in itself. Relying on a static method of security and believing that it is sufficient exposes financial infrastructures to threats. Ensure your program is evolving at a pace commensurate with the evolving threat landscape.

2. Establish awareness of where and why the majority of breaches occur. This will allow your cybersecurity team to create a more strategy for preventative controls. Leverage information sharing partnerships and open dialogue with contacts in the public and private sectors to collectively recognize, assess, share, and address cyber threats.

3. Employ ongoing assurance testing methods. Put ongoing monitoring and testing programs in place to identify and remediate deficiencies and gaps in your program in a timely manner.

Your Institution Can Achieve Cyber Risk Readiness

Many financial institutions now partner with cybersecurity companies who can assist with 24/7 monitoring for cyber threat detection and investigation. Outside Security Operation Centers (SOC) focus on maintaining security while lessening the burden on the financial institution so they can prioritize daily business functions. Partnering with a proficient credentialed resource to assess and evaluate threats gives financial institutions an advantage in the war against cyberattacks.

As technological advancements continue to revolutionize the financial industry, the threat of cyber attacks equally gain momentum. By altering perspective, implementing a proactive plan, and approaching cybersecurity with a collaborative effort, financial institutions are prepared to triumph against malicious acts.

1890 Travelers begins to offer coverageInstitutionsFinancial

1964 Travelers becomes one of the first domestic markets to write Directors & Officers Liability insurance 1999 Travelers brings its marketcoverageReimbursementFraudIdentityExpenseto 2011 Travelers CyberRisk coverage introducedis to the market 2021

Travelers distributes more than $4 million to ICBA members participating in the dividendpolicyholderprogram

BANKING CHANGES. OUR COMMITMENT TO YOU NEVER DOES .

Throughout our long history, we’ve stayed focused on keeping community banks on the cutting edge. We do this with industry-leading specialists, expertise and offerings –all backed with local banking knowledge.

Learn more travelers.com/business-insurance/financial-institutionsat

travelers.com

Travelers Casualty and Surety Company of America and its property casualty affiliates. One Tower Square, Hartford, CT 06183

This material does not amend, or otherwise affect, the provisions or coverages of any insurance policy or bond issued by Travelers. It is not a representation that coverage does or does not exist for any particular claim or loss under any such policy or bond. Coverage depends on the facts and circumstances involved in the claim or loss, all applicable policy or bond provisions, and any applicable law. Availability of coverages referenced in this document may depend on underwriting qualifications and state regulations.

© 2022 The Travelers Indemnity Company. All rights reserved. Travelers and the Travelers Umbrella logo are registered trademarks of The Travelers Indemnity Company in the U.S. and other countries. CP-9620 New 2-22

Our community bankers are blessed to have such awesome BSA associates working hard in this industry. In late August, CBA had the privilege of serving our industry’s BSA & AML professionals at our 15th annual advanced BSA/AML Officer School on St. Simons Island. CBA is your leader in providing educational programs that develop knowledge and skills to support our bankers. “CBA has a great reputation for their Advanced BSA Compliance School, and it has not disappointed. Kristi, Becky and Dianne put together a fantastic line-up of speakers and material. The networking with my peers was icing on the cake. This school is topnotch and well worth the time and money. Thank you CBA, for a job well done!” said Angela Woodard, PlantersFirst Bank

“When I started at CBA four years ago, my personal goal was to determine what programs were necessary, which programs needed enhancements, and where we could improve. With the partnership with Dianne Barton, PSi, the school’s lead instructor, CBA continues to be the leader in BSA education by providing an adult learning environment that works!” said Kristi Greer, SVP, Director of Professional Development. Participants gained knowledge and tools throughout the week from industry experts, including Erin Woodside and Doroteya Wozniak, James-Bates-Brannan-Groover, LLP; Melissa Snead, GA Dept of Banking & Finance; Sebrina Sweeney, Craig Hirsch, OCC; Marcie Bomberg, Wipfli; Jeff Garner, FDIC; Dan Haggerty, Federal Reserve Bank; and Mark Fellows, GA Bureau of Investigation.

Participants were asked, “What part of the program was most beneficial to you?” and we have already received almost 20 responses; some include: “Being almost brand new to BSA, I have limited knowledge. This was an amazing opportunity for me to gain contacts and get some great insights into the BSA role from many different sources and experts,” said Misty Folker, Bank of Newington.

“Discussions with other BSA Professionals.” Matthew Lynch, Peach State Bank “Elder adult abuse information in relation to personal care homes.”

Thank you to all the participants, speakers, and sponsors! We are proud to serve you!

At Stokes Carmichael LLP have been bringing “The Power of Legal Knowledge®” the challenges faced the financial community the areas of credit and collections, fraudulent conveyance of workouts we opened in 1972. clients appreciate the “Real World Legal Solutions®” that we bring to the myriad legal matters facing banks today. welcome the opportunity to put our experience to work for you. Please contact us to discuss how we can help you optimize recoveries for your bank.

Session IV - 12/6: Macon,

Join our Executive Channel to learn best practices and solutions for community banking success in 2022. We will meet quarterly to gain insight from subject matter experts, experienced bankers, and excellent community bank partners to bring strategic support while focusing on the heart of community banking, our passions, purpose, and power. Our program goals will include strategic, critical factors such as planning, people, and performance.

As a leader for your organization, these sessions will give you information to help effectively lead and carry out your role. Be sure and register for this timely session (or quarterly series) which provides in-depth coverage of current trends and tools for today’s community banks.

Topics include:

Interest Rate Risk Management

Round Table Discussion with Facilitator on topics and questions from attendees

· Current Challenges facing Community Banks

· Examination Pulse Points & Criticisms

· And other topics as deemed by the participants

Special Thanks to Our Session IV

BHG Bank Network National Seminar

Join us at the Naples Grande Resort for valuable insights on how BHG Financial can help Bank Network members navigate the current financial environment by setting their sights on success through our reliable suite of innovative solutions. FL | OCTOBER

SCAN NOW TO REGISTER

We encourage you to register early, as we anticipate this event will fill up quickly. bhgloanhub.com/GASeminar

Take advantage of a chance to meet with hundreds of Bank Network members from across the country.

Brian Mullet // SVP, Institutional Relationships 315.400.6192 • bmullet@bhgbanks.com

·

We heard our bankers are ready for more advanced and in-depth training in the areas of Deposit and Loan Compliance and this program delivers!

This program is divided into two sections. The first session on 10/18-19 will focus on Advanced Deposit Compliance and the second session on 10/20-21 will focus on Advanced Loan Compliance.

CBA is offering a flexible structure. Send one or more employees for all four days or you can split the two sessions and send one employee to cover Deposits and one employee to cover Loans for the price of a single attendee!

Advanced Deposits 10/18-19

· Electronic Funds Transfer Act (Regulation E)

· Expedited Funds Availability (Regulation CC)

· Truth-in-Savings Act (Regulation DD)

· Reserve Requirements (Regulation D)

· Privacy of Financial Information (Regulation P)

· Garnishment of Accounts Containing Federal Benefit Payments

· Electronic Signatures in Global and National Commerce Act (E-SIGN)

· Fair Credit Reporting Act

Advanced Lending 10/20-21

·

·

·

·

· FCRA/

·

Who Should Attend

This seminar is designed for all employees who deal with lending and deposit-taking functions. Designed to be a comprehensive analysis of regulatory requirements for experienced lending and deposit personnel, this program will benefit compliance officers, auditors, operations personnel, lenders, new accounts personnel, and new accounts personnel.

· Program Level: Advanced

· Prerequisite: Basic Knowledge of Deposit and Lending Compliance Respectfully

· Advanced Preparation: None

· Delivery Method: Group-Live

· Field of Study: Specialized Knowledge