Kentucky Banker Magazine - January / February 2024

“We were content with the coverage we had and were not shopping our plan. After meeting with KBA Insurance Solutions, we had no choice but to make the move to Chuck and his team. They proposed a thoughtful plan design & introduced benefits that we had not previously offered. When we showed the rates KBA Insurance Solutions offered to our prior agent, she said: “…you have to make this change.” Since changing our results have been better coverage, expanded offerings and greater cost savings. I would highly recommend that any bank explore the options available through KBA Insurance Solutions.”

Mr. Charlie Dicken, EVP Trust Officer, First Kentucky Trust

WHO WE ARE: The KBA is a nonprofit trade association that has been providing legislative, legal, compliance and educational services to its member institutions since 1891. KBA's directors and staff work together with its members to make the financial services industry a more effective and successful place to work. The strength of the KBA is bankers unifying as an industry to speak as one voice.

WHAT WE DO: The purpose of the Kentucky Bankers Association is to provide effective advocacy for the financial services industry both in Kentucky and on a national level; to serve as a reliable and responsive source of information and education about areas of interest to the industry; and to provide a catalyst and forum for collective industry action. The KBA does this in 4 ways:

1. Government relations & industry advocacy

2. Information interchange

3. Education

4. Products and services

kybanks.com

KENTUCKY BANKERS ASSOCIATION

600 West Main Street, Suite 400 Louisville, Kentucky 40202

KBA STAFF

Ballard W. Cassady Jr. President & CEO bcassady@kybanks.com

Timothy A. Schenk General Counsel tschenk@kybanks.com

Miriam Cole Executive Assistant Office Manager mcole@kybanks.com

John P. Cooper Legislative Solutions jcooper@kybanks.com

Paula Cross Education Coordinator pcross@kybanks.com

Nina K. Gottes Sponsorship & Events Coordinator ngottes@kybanks.com

Casey Guernsey Enrollment and Billing Specialist cguernsey@kybanks.com

Jamie Hampton Education Coordinator jhampton@kybanks.com

McKenzie Just Caldwell Staff Accountant mcaldwell@kybanks.com

Chuck Maggard President & CEO

KenBanc Insurance cmaggard@kybanks.com

Lisa Mattingly Director of Sales & Service KBA Benefit Solutions lmattingly@kybanks.com

Donna McCartin Benefit Support Specialist dmccartin@kybanks.com

Tammy Nichols Finance Officer HOPE of the Midwest tnichols@hopeofthemidwest.com

Katie Rajchel Accounting Manager krajchel@kybanks.com

Selina O. Parrish Director of Membership sparrish@kybanks.com

Jessie Southworth Director of Education jsouthworth@kybanks.com

Jennifer Schlierf Sales Support KBA Insurance Solutions jschlierf@kybanks.com

Matt Simpson Communications Director msimpson@kybanks.com

Matthew E. Vance, CPA Chief Financial Officer mvance@kybanks.com

KENTUCKY BANKER is the official bi-monthly magazine of the Kentucky Bankers Association (KBA). No part of this magazine may be reproduced without express written permission from the KBA. The KBA is not responsible for opinions expressed by outside contributors published in KENTUCKY BANKER. The KBA reserves the right to publish submissions at the discretion of the KENTUCKY BANKER editorial team. For more information, or to submit an article, pictures or pass on a story lead, contact Matt Simpson, Managing Editor, at msimpson@kybanks.com facebook.com/kybankers

Tamuna Loladze Chief Operating Officer HOPE of the Midwest tloladze@hopeofthemidwest.com

Michelle Madison IT Manager mmadison@kybanks.com

Brandon Maggard Account Representative KenBanc Insurance bmaggard@kybanks.com

Billie Wade Executive Director HOPE of the Midwest bwade@hopeofthemidwest.com

Audrey Whitaker Insurance Services Coordinator awhitaker@kybanks.com

Wesley Githens IT Support Specialist wgithens@kybanks.com

Mark

April

W.

Represents Group 1

Jeff

President & CEO Farmers Bank & Trust Company

Represents Group 2

Michael W. Hunt, President & CEO

The Sacramento Deposit Bank

Represents Group 3

Greg Pawley, President & CEO

The Cecilian Bank

Represents Group 4

Jason T. Jones, President

Morgantown Bank & Trust Co.

Represents Group 5

Don D. Jennings, CEO First Federal Savings Bank of KY

Represents

Robert Miles, President &

Peoples Bank of Lebanon

Represents

Lucas

Represents

Ruth

Ballard

Represents

Manager First State Bank, Inez

Glenn

Vice President Citizens Federal Savings & Loan Assoc.

Represents

I’m Ready to Fight Back.

We are our clients best hope in the fight against fraud!

This month’s issue is focused on a topic, unfortunately, we deal with daily: fraud. Its impact on our industry and our clients grows every day, as the amounts get larger and those fraudulent transactions take place at ever faster paces.

In the last few months, our bank has endured multiple events. The first was a temporary shutdown of our Video Teller machines. Those machines were unavailable for more than a day. We were fortunate to have an excellent relationship with the technicians who minimized the inconvenience to our clients. One key takeaway for us: Never underestimate the impact of maintaining a positive working relationship with your

vendors.

The second was a mass texting campaign to phone numbers in our footprint from “the bank.” Literally thousands of texts were sent to local numbers. My wife and I both received messages from “the bank” noting transactions with issues. I had a text from our good friend who officiated our wedding and moved out of Grayson years ago on texts he had received, as he still uses a cell phone with a local number. These events will occur and having a plan in place always helps. We made clients aware using local media, social media, and email messages to online banking clients. We recommended greater use of out

of bank authentication, monitored internet banking traffic, including external transfer requests.

We contacted the risk officer at our core provider, KBA General Counsel Tim Schenk, and even security experts at one of our state’s largest banks to ensure there were not additional steps we could take that we had not already covered. Understand we’re not alone when something like this happens and the lessons learned by others can help minimize the potential for our clients to provide information they shouldn’t to these crooks.

Those larger scale events will happen from time to time with all of us. Smaller scale attempts to defraud our clients one at a time happen again and again. From the elderly lady whose granddaughter is draining their account $100 at a time to the widower who has found love on the internet to the pavers who will fix a driveway at a “reduced” cost, people are taken advantage of for a variety of reasons every day. We are often their best hope of keeping them from willfully giving their life savings out a dollar at a time.

I’m confident your coworkers are as adept at catching these attempts to defraud your clients as our bank’s have been. Praise those who keep your neighbor from a loss they can ill afford to lose. Set up training through social media, videos on YouTube and/or your web page, or with events set up throughout your service area to educate clients on these very real threats to their livelihoods. KBA has been advised that our state is unfortunately a leader in the number of such scams. We have taken steps such as the Fraud Academy (coming up for the second time August 6-8) to help push back against this trend.

I encourage you to utilize your Association as a resource in helping us help our clients keep their hard-earned dollars protected. This type of service is a key reason I decided to become a banker and one of the clearest ways I see we make a difference in our communities.

EXPERT ADVICE: FIVE WAYS YOUR BANK CAN PREVENT FRAUD!

Following these cybersecurity recommendations isn’t just a good idea – it’s often a must-do if you want to have cyber insurance coverage and keep your regulators happy. These practices aren’t just about staying safe from fraud; they’re about showing that you’re serious about protecting your data and systems. Insurers and regulators usually insist on these practices because they improve your defenses against cyberattacks, lower your risks, and keep you in line with industry regulations. Sticking to these guidelines is essential for keeping your network secure and meeting the expectations of both insurers and auditors.

1. Implement Multi Factor Authentication

MFA adds an extra layer of security by requiring users to provide multiple forms of verification before gaining access to their accounts or systems. This additional step significantly reduces the risk of unauthorized access, even if passwords are compromised through phishing attacks or data breaches. By adding a mobile device notification or security token MFA drastically enhances security against cyber threats, brute force attacks, credential stuffing and account takeovers.

2. Use a Password Management Tool

Everyone knows the importance of unique and strong passwords - but how do your employees keep up with their passwords? Even if your passwords are unique and complex, storing passwords incorrectly can create a risk for fraud. Password databases and password managers are tools to combat this risk. Password databases provide a secure and organized way to store and manage numerous passwords for various accounts. Password managers not only generate and store complex passwords but also offer features like encryption, multi-factor authentication, and secure sharing, to enhance overall security. By utilizing these tools, organizations can better protect their digital identities, confidential data, and financial assets, contributing to a safer and more resilient network.

3. Phishing Testing and Training

One wrong click can impact your business, even if you have appropriate security measures in place. Employee susceptibility to phishing attacks can be significantly reduced through testing and training solutions. These solutions mimic real phishing scams and monitor how employees react to potentially dangerous emails. Successes or failures by those receiving these test emails provide learning opportunities that can arm your employees with the knowledge to spot real phishing emails.

4. Enhanced Security (SIEM, MDR, XDR)

Staying one step ahead of fraud demands proactive measures and advanced security precautions, so here come the acronyms. Implementing robust solutions like Security Information and Event Management (SIEM), eXtended Detection and Response (XDR), and Managed Detection and Response (MDR) can significantly strengthen a company’s defense against evolving threats. These technologies offer real time monitoring, threat detection, and rapid response capabilities, enabling your bank to detect suspicious activities and breaches before they escalate into a crisis. By embracing advanced security measures, your bank can proactively protect against fraudsters aiming to exploit vulnerabilities.

5. Create and Maintain an Accurate Asset Inventory

Maintaining an up to date inventory of everything on your network serves as a vital defense against fraud by providing comprehensive visibility and control over your whole system. With a clear understanding of everything that touches your network you can promptly identify any unauthorized or suspicious activities. When remote monitoring and management tools are put in place, they offer a proactive approach to threat detection. This proactive approach enables swift detection of threats and fraud such as rogue devices or unauthorized access attempts. These inventories also serve to ensure that software updates and patches are applied promptly, reducing the risk of exploitation.

Box Lake Networks is proud to have been endorsed by the Kentucky Bankers Association for IT Managed Services for 5 years. We partner with numerous banks throughout the state to provide either full or partial management of their IT infrastructure. Our primary goal is to deliver high-quality support solutions and consulting services that align with banking regulations, ensuring seamless operations for your bank. We offer solutions for all of the fraud-prevention strategies listed here and would be happy to talk to your bank about proactively preventing fraud.

CFPB Continues Their Assault on American Banks

In a mad fury to impose unshakeable ideologies, the CFPB is singled handedly waging war on the way banks do business. Their tactics are rutheless, misguided, and will have consequences that reveberate throughout our economy for years to come. When the wolves begin to circle, will Congress have the guts to stand up for the American people?

“Stupid is as stupid does.” In one of the most memorable roles of his career, Tom Hanks stamped that piece of wisdom on a generation, a reminder to judge people by what they do instead of how they appear.

That’s especially true these days of how people appear on paper. Too many of those in positions of bureaucratic authority over our industry – with their top-tier educations and unshakable ideologies – look profoundly stupid when judged by what they do. At the CFPB, there is a flagrant abundance of such persons.

Was the CFPB always going to be a magnet for people with massive ideological blind spots and a hunger to

take control of the private sector’s primary economic engine? Or is it just the tendency to take on the character of the guy at the top, most recently Rohit Chopra? I think it’s both, but either way, the buck stops in the same place.

With every CFPB pronouncement, I hear Forrest saying, “Stupid is as stupid does.” And it’s become a weekly occurrence for the CFPB, and by extension its Director, to come out with some suggested guidance that constitutes a checklist on how to go broke in business. To the extent Mr. Chopra and his minions credit any academic source of business education for their understanding of fundamental business principles, they should all sue for a refund.

of consumers value their bank’s overdraft fees, and 77% who have paid a fee for this service in the past year consider it a worthwhile expense.

88% “ ”

Just this week, the CFPB said that comparison-shopper tools that recommend certain products and lenders in return for financial compensation potentially violate the Consumer Financial Protection Act (i.e. points on your credit card). The bureau also said that lead generators can violate the prohibition on abusive practices if they steer consumers to a participating financial service provider instead of another because they receive payment for doing so (i.e. points). The Bureau specifically called out the credit card market, claiming that it “has found evidence of practices that may imply anti-competitive behavior.” Huh?

Even though there are hundreds of card issuers and thousands of card options and features out there, the CFPB (and by extension Mr. Chopra) says that the credit card business is not competitive. In an effort to be generous to Mr. Chopra, I’m willing to posit that he has a rogue lawyer on staff whose undergraduate degree was in Puppet Arts – yes, that’s a degree option at the University of Connecticut – and who is completely disconnected from the experience of millions of cardholders across the country.

To quote the ABA, “American consumers know they have a wide array of credit card options to choose from, including terms that are fully disclosed by law, which allows them to compare offers and select the card that best meets their needs. By every measure, including by the [Department of Justice’s] standard and even in the view of the U.S. Supreme Court, this market is competitive, and saying otherwise as part of a misleading campaign does not change that fact.” That’s putting it tactfully. If I may translate: STUPID IS AS STUPID DOES.

If this was an isolated incident, you could probably have a good laugh at the statement and move on. Unfortunately, the regulatory agencies in Washington under the guidance (or lack thereof) from this White House are assaulting the banks daily with insidious rules and “suggested guidelines” – that’s code for “do it or we will write you up under UDAP or some other nefarious rule.”

A handful of recent examples:

· Proposed changes to Reg II by the Fed. – this would immediately slash debit interchange revenue by more than a third.

· The CFPB issued a proposal to reclassify bank overdraft services as “credit” subject to truth in lending Act and Reg. Z.

· CFPB 1034© advisory opinion (there is that code phrase again) prohibits banks from charging even modest fees to cover their cost of responding to consumer information request.

The unintended casualties -- and I’m being generous here when I say unintended -- are low to moderate income individuals and families. Mandates that cap fees below the cost of the service will cause the service to go away.

If Mr. Rohit truly doesn’t get that, he’s got himself a good exhibit to use in suing for his tuition refund. Also, 88% of consumers value their bank’s overdraft fees, and 77% who have paid a fee for this service in the past year consider it a worthwhile expense. Americans continue to need ready access to short -term liquidity, as only 44% of U.S. adults say they would be able to pay an emergency expense of $1000 or more. If you take away consumers’ overdraft privileges and

leave them without access to liquidity when needed most, that number would jump off the charts.

To repeat myself – as I do at every opportunity – the most important Supreme Court ruling for banking and our free enterprise system in general was the WV vs EPA case where the Supreme Court ruled (using the major question doctrine) that regulatory agencies can’t expand on what Congress intended in the laws they pass. When will Congress take the reins back from these bureaucratic agencies and do the job that

must be done by the only branch of government that is answerable to the American electorate?

Yes, Congress, that will take working harder and smarter and placing the common good above your reelection calculations. The pessimistic among us think the culture and norms of our federal government are too far gone for that to happen. If you’re someone who prays, pray very hard that they’re wrong.

Enhanced Transparency and

The Arrival of the BO IT Database

Along with the new year, 2024 has ushered in the Financial Crimes Enforcement Network (FinCEN)’s new database: the Beneficial Ownership Information Technology System (BO IT). As part of administering compliance with the AML Act of 2020, legal entities are now required to report beneficial ownership information federally to FinCEN. Prior to January 1, 2024, beneficial ownership information was collected when an entity became a customer at a financial institution. Prior to the database, beneficial ownership information was gathered and housed at each individual financial institution.

What the BO IT database achieved is the ability to bring all beneficial ownership information together in one place. Company A that is based out of California, that is 26 percent owned by an individual who owns Company B in Kentucky, can be tied together with Company B to reflect that they are significantly owned by the same individual. The database is a successful step to pierce the corporate veil in identifying shell companies to better fight financial crimes.

While this database is a useful tool for law enforcement and the federal government in their efforts to tackle the ever-evolving fight against criminals using the United States financial system for illicit purposes, many bankers begin to wonder what cost and additional employee time this system would require of them if they were required to ensure that their customers were inputting their information into this system. Each additional step at account opening takes time, and additional employee time is an expense to the bank.

To address this concern, on December 21, 2023, Federal regulatory agencies issued an Interagency Statement for Banks on the Issuance of the Beneficial Ownership Information Access Rule. This statement is critically important for two reasons as it states: bankers have the option to utilize this system or not, and they do not have to change their current practices. However, it also stated that banks will be given access to the system to use if the banker chooses to. The choice that this statement gives bankers takes away additional regulatory burden.

Kentucky Bankers Day 2024

Thank you to everyone who showed up in solidarity at the Kentucky Bankers Day in Frankfort! Your continued efforts to fight for the future of Kentucky banks do not go unnoticed. This year, a big topic of conversation at the capitol was fraud prevention. Remember, there’s untold strength in numbers. We’ll see you again in DC!

TRIGGERED!

How Federal Agencies and Credit Bureaus Are Working Against You

Have you heard customers complain about receiving junk phone calls from other lenders after applying for credit?

Based on what we’re hearing from banks, it’s an issue happening across the board. The cause for these unwanted solicitations? Trigger leads.

Trigger leads are leads that come from mortgage trigger products offered by the three major credit bureaus. When a lender requests a credit report, that inquiry automatically “triggers” lenders that a customer is looking for credit. Lenders of all sorts purchase that information and then begin calling your customer, tens, if not hundreds, of times.

The nature of these calls is concerning. One bank president who recently asked what we are doing to

combat trigger leads told a shocking, but not unique, story of harassment.

His credit report was pulled on a Tuesday at 9:30 a.m. His first call from lender came just ten minutes later. By Friday, he had received fifty-one harassing calls. Lenders refused to stop calling, would not provide their full names, offered unrealistic loan terms (often the source of bait and switch), and knew personal details that he could not trace. It all began when the credit bureau sold

his personal information. He asked the same thing that many bankers ask: How is this legal?

Trigger leads are not only legal, but are encouraged by some regulators. The Federal Trade Commission and Consumer Financial Protection Bureau believe these triggers are valuable because they offer more options for customers. While the regulatory compliance side of me wonders how any of this passes the ever-obscure standards of UDAAP, I’ll digress for purposes of this article.

“His credit report was pulled on a Tuesday at 9:30 a.m. His first call from lender came just ten minutes later. By Friday, he had received 51 harassing calls.”

So what is being done? The good news is that we are taking the fight to the credit bureaus.

On the federal level, bipartisan legislation has been introduced – the Homebuyers Protection Act (S.3502/ H.R. 7297). These bills would not only enhance consumer protection and strengthen trust in the financial system, but would significantly limit the ability of credit bureaus to share your customers’ information with third parties.

On the state level, Representative Steve Bratcher has filed House Bill 578, which would essentially ban trigger leads. The bill prohibits credit reporting agencies from furnishing customer information to third parties without customer consent, provides for supervision from the Attorney General, a private right of action

that would allow customers to sue credit bureaus that violate the law and statutory damages. As of the date of this writing, House Bill 578 passed unanimously out of the House Banking and Insurance Committee and was referred to the House of Representatives for a full vote.

While legislative action is in process, you can educate customers to minimize the impact of trigger leads. Optoutprescreen.com will take your customers’ name off of the “trigger lists” from the credit reporting agencies for five (5) years or permanently. The site will ask your customers for personal information, including their name, address, social security number and address and may take several weeks to process, but it has proven to be effective. The customer can even selectively choose which portions of “trigger leads” they would like to screen (calls, but not mail, for example). OptOutPrescreen.com is the only internet website authorized by Equifax, Experian, Innovis and TransUnion for consumers to opt-out of firm offers of credit or insurance.

Another option is for customers to register their number on DoNotCall.gov. The process takes a minute or two but can prevent unsolicited phone calls. It can take up to thirty-one (31) days to process, but it can prevent many unwanted calls.

The other means of protecting your customers is education. You are likely the first person to discuss trigger leads with your customer. By bringing their attention to the issue, you may prevent them from falling prey to scams and fraud while also protecting your institution from losing that customer.

While we cannot promise an overnight fix to these issues, we are fighting for you on every front to stop trigger leads. In the meantime, please make your customers aware of the options they do have to fight trigger leads to avoid potential harassment, confusion and deception!

REVIEW:

THE WIT AND WISDOM OF CHARLIE MUNGER

Born in Omaha, Nebraska in 1924, Charlie Munger studied mathematics at the University of Michigan, trained as a meteorologist at Cal Tech Pasadena while in the Army, and graduated magna cum laude from Harvard Law School without ever earning an undergraduate degree.

The investing world lost a legend last November with the passing of Charlie Munger, Vice Chairman of Berkshire Hathaway. Just a month shy of his 100th birthday, Munger leaves behind a treasure trove of wit and wisdom from his almost century of experience. While never penning an autobiography, Munger’s many commencement speeches and interviews provide financial journalists and biographers with more than enough material to compile numerous books. In lieu of picking just one, I am recommending two that make for excellent reads, The Tao of Charlie Munger, edited by David Clark and Poor Charlie’s Almanack edited by Peter Kaufman.

Munger was born in Omaha, NE on New Year’s Day in 1924. He trained as a meteorologist in the military and later graduated magna cum laude from Harvard Law School. A wildly successful investor (his net worth at the time of his death was reported to be $2.6 billion), it is worth noting that he never had an economics, marketing, finance, or accounting class. What Munger missed in the classroom he made up for with a voracious reading habit and an insatiable appetite to learn all that he could from a wide range of disciplines, ranging from architecture to psychology. This wide-ranging reading caused Munger to develop what he termed mental models that allowed him to make effective decisions. Munger talks in numerous speeches about having close to 100 mental models that he used to decide which investments to make and how to live a happy life.

The Tao of Charlie Munger is a quick read that contains 138 quotes from Munger. Each quote is then expanded on with commentary by David Clark. Much can be gleaned from this compilation. My top three:

“Knowing what you don’t know is more useful than being brilliant.”

“Capitalism without failure is like religion without hell.”

“Being rational is a moral imperative. You should never be stupider than you need to be.” (Munger’s twist on Immanuel Kant)

Title: The Tao of Charlie Munger

Author: David Clark

Publisher: Scribner

Poor Charlie’s Almanack (the title a tribute to Charlie’s hero, Benjamin Franklin’s Poor Richard’s Almanack) is a collection of speeches that Munger gave over several years. This book is for the reader that wants to take a deeper dive into the thought process of the legendary investor.

I especially recommend the Psychology of Human Misjudgment from Chapter 4. In this talk (which was never given but was rather a combining of three speeches that Munger had delivered years apart) he discusses 25 of what he calls ‘psychology-based tendencies’. The list of cognitive biases that he describes are instantly recognizable and highly relatable to anyone accustomed to making lots of decisions or reacting to the decision of others and wondering how they could have possibly arrived at the decision they made.

Munger stated on more than one occasion that “In my whole life, I have known no wise people who didn’t read all the time - none, zero.” Munger has left behind a lot for us to read and contemplate, which hopefully makes us all wiser.

SPOTLIGHT

In The shining a light on new KBA Associate members!

ALM First, Dallas, TX

Associate Members serve an important and supportive role in the KBA and to the Kentucky banking industry by providing quality products and services. We look forward to having these new associate members involved in KBA and supporting the member banks!

To learn how you can be a KBA Associate Member, contact Selina Parrish at sparrish@kybanks.com

ALM First, headquartered in Dallas, TX is a leading, trusted strategic partner for financial institutions, offering an array of financial advisory services. The firm’s expertise in asset liability management, fixed income portfolio management and hedging, has allowed ALM First to deliver deeper insights into financial institutions’ balance sheets, strengthening their financial performance and building efficiencies.

Contact: Jim McGrath

BankTech Ventures, Sandy, UT

BankTech Ventures is a strategic investment fund for the community bank industry. BankTech sources, evaluates, de-risks and invests in leading bank-enabling solutions on behalf of their banks, and helps the banks adopt and get value from the companies.

Contact: Carey Ransom, Managing Director

ByteSpeed, Moorhead, MN

ByteSpeed is known for their custom-built desktop computers and servers while also partnering with many industry leaders to provide enterprise networking solutions and professional IT services.

Contact: Garret Duncan, Kentucky Territory Manager

Oculus Software, Cookeville, TN

BNControl is a unique software platform that can benefit most every area of a community bank. Most software implemented by a bank has limited use cases whereas BNControl is utilized by executive management, deposit and loan operations, compliance, risk management, CSRs and tellers, marketing, business development, and more. There is no other software product on the market that provides such a comprehensive suite of modules tailored towards a community bank.

Contact: Shaw Lokey, EVP/Director of Sales

Pioneer Programming, Inc., dba Pioneer-360, New Philadelphia, OH

Pioneer-360 is a 34-year-old SOC 2 Type II Certified MSP/MSSP located in New Philadelphia, Ohio. They provide IT solutions that fit any IT environment and partnering with them allows their clients to optimize their organization’s performance, minimize risk to their IT environment, and stay up to date with the best technology practices and tools.

Contact: Taylor McCartney

RelPro, Short Hills, NJ

RelPro, with its leading business development and relationship management solution for Financial & Professional Services, was also recognized as one of thee fastest-growing companies in the northeast. RelPro integrates data from best-in-class partners and the web to deliver a unique global database.

Contact: Sara Allen

Spectrum Enterprise, Charlotte, NC

Spectrum Enterprise delivers the fastest Internet and WiFi download speeds and is on a plan to evolve its network at a lower cost and to offer symmetrical and multi-gigabit speeds across its entre footprint.

Contact: Melissa Root

NEW KBA CLASS A ASSOCIATE MEMBER

American Momentum Bank, College Station, TX

American Momentum Bank provides Nationwide SBA Loans.

Contact: Brandon Prather

Onward & Upward

First Kentucky Bank President Will Hayden announces that Nicole Sullivan has been named Senior Vice President, Human Resources. “Nicole has been a loyal, committed employee for 23 years and is an integral component of our management team. She is a tremendous asset to First Kentucky,” stated Hayden.

To celebrate the opening of FNB’s new Mayfield Main Office, located at 101 East Broadway, FNB will host a Grand Opening & Ribbon Cutting Celebration on Thursday, February 1, 2024. FNB’s former Mayfield Main Office was destroyed in the December 10th, 2021, tornado that swept through Mayfield and FNB proudly rebuilt on the same block of land where the Bank has been located since 1875. The newly constructed Main Office opened for business on Tuesday, January 16th, 2024.

Bank of the Bluegrass & Trust Co. in Lexington is pleased to announce the promotion of Caroline French to Assistant Vice President, Private Banking Specialist, at our Southland Drive location. Caroline joined the bank in 2015 and has 13 years of banking experience.

Bank of the Bluegrass & Trust Co. in Lexington is pleased to announce Nathan Hamblin, Credit Analyst Team Lead and Assistant Secretary to the Board of Directiors, has been promoted to Vice President. Nathan graduated from of the Graduate School of

Banking at LSU and has recently celebrated his 10-year anniversary with the bank.

Bank of the Bluegrass & Trust Co. is pleased to announce they have elected Keith A. Jones to their Board of Directors. Keith is retired from his position as V.P., Worldwide Marketing, Imaging Solutions and Services of Lexmark International.

Bank of the Bluegrass & Trust Co. in Lexington is pleased to announce Tracy Witt has been promoted to Vice President, Compliance and Loan Operations Manager and member of the Executive Committee.

Bank of the Bluegrass & Trust Co. in Lexington is pleased to announce Alyssa Luckett, Financial Center Manager of our Southland Drive location, has been promoted to Assistant Vice President.

Community Trust Bancorp, Inc. (NASDAQ: CTBI) is pleased to announce the appointment of Jeff Sandlin to its Board of Directors on January 23, 2024. Mr. Sandlin will serve on the Audit & Asset Quality Committee and the Risk and Compliance Committee.

Central Bank Chairman, President, and CEO Luther Deaton, Jr., announces Lesley D. L. King joins Central Bank as vice president, trust officer. Mr. Deaton would also like to announce that Lauralea Pfendler joins Central Bank as CIC registered operations

specialist officer. Further, Mr. Deaton would like to announces the selection of eight new members to its Lexington Advisory Board, including:

Brian McCarty – Bluegrass Hospitality Group

Bruce Drake – Bluegrass Hospitality Group

Jeff Yeary – Atlas Street, LLC

Adolph “Chip” Rupp – Rupp and Associates, Inc.

Shelby Marshall – Lynn Blueprint & Supply

Rick Avare – MAP Entities

Lucas Campbell – Gorman Company

John Irvin, Jr. – Kinkead & Stilz, PLLC

CG Bank is pleased to announce the appointment of Dr. Bill Reynolds, Advisory Board Member for our Richmond Market; the appointment of Matt Roan, Advisory Board Member for our Richmond Market; the appointment of Samantha Burford, Advisory Board Member of our Richmond Market.

The Fight Against Fraud

From romance scams to cyber crime, the financial industry is getting hit by fraud harder than ever. Shane Ensminger, Financial Intelligence & Security Director at Central Bank & Trust, is ready to fight back.

The following is a true story of fraud in Kentucky. The names and some details have been changed to protect the innocent. The amount lost to fraud, and manner in which the fraud occurred, are all accurate to the original case.

When John Smith filed for bankruptcy in 2013, the future of his Lexington, Kentucky dance studio hung in the balance. Like so many in America, Smith and his wife faced crushing debt and an uncertain future. The uncomfortable thought that everything he had worked

for would soon crumble was starting to feel more and more like an inevitable nightmare.

While good business sense and a knack for money management might not have been one of his strong suits, Smith was, by all accounts, a charming guy and doting husband. At age 41, Smith and his family had developed something of a fanbase within his small community. There were those who found an identity at his studio, who trusted Smith when he told them the business could be saved. All he needed was a little help

from his friends.

Of those friends was Jane Doe, who, under the promise of repayment within 5 years, loaned Smith a staggering $30,000. Doe was a kind and nurturing elderly woman, and had been a member of the dance studio since its inception. Like so many others, the quiet studio had become a place of community for Doe. Somewhere she felt safe and needed.

In 2022, nearly 70,000 people reported a romance scam. Losses hit a staggering $1.3 billion. ”

Over time, she had come to trust and admire Smith. Those close to Doe would describe her affection for Smith as romantic, though Doe would never use those words to describe the nature of their relationship. In Doe, Smith saw the life line he had been dreaming of. A way out. But what started as a simple gesture of honest goodwill, soon frayed and spiraled out of control into a careless cycle of reckless exploitation.

Within 5 years, Smith would go on to convince Doe to lend him over $150,000 in personal loans. Smith and his wife would open credit cards under Doe’s name, and together they accumulated upwards to $310,000 in credit card debt. Beyond saving the dance studio, these fraudulent credit cards paid for Smith’s children’s college education, new cars, and expensive clothes. To compensate, Doe was often promised an ownership percentage of the dance studio. However, to this day, no legal documentation suggests that Doe has any rightful ownership of the studio.

“One of the investment officers we work with told us they were suspicious of the requests for distributions out of Doe’s retirement fund,” said Angela Campbell, BSA Officer and Elder Exploitation Expert at Lexington’s Central Bank & Trust. Campbell was one of the first to take notice of Doe’s situation and immediately knew something was wrong. “We don’t have access to her retirement fund records, and they don’t have access to her bank records, so we had to work together. This had to be a collaborative effort to get a clear picture of what was happening.”

That clear picture quickly showed an ongoing funnel

of cash from Doe to Smith, prompting Campbell and her team to quickly make a personal visit to Doe’s home. Campbell herself broke the news that, based on evidence gathered at the bank, it was suspected that Doe was a victim of fraud and being taken advantage of.

“It was emotional,” Campbell said. “She had no idea how much money she had lost. When we told her the dollar amount, there were lots of tears. And yet, she didn’t want to take action against Smith.”

Doe’s case, tragic as it might be, is hardly a rare occurrence. In 2022, nearly 70,000 people reported a romance scam, and losses hit a staggering $1.3 billion. And that’s just the ones that were reported. Victims rarely know the amount of money they’ve given to fraudsters. And more often, they simply don’t want to know.

“We honestly have trouble convincing them,” said Shane Ensminger, Director of Financial Intelligence & Security Unit at Central Bank & Trust. “We hear it all the time - I don’t care if I’m getting scammed. This is the only person who will talk to me on the phone for an hour a day.”

Ensminger, a retired police officer and Lexington native, has loads of experience fighting against bad guys like Smith. Most of his career was spent in Special Investigations working narcotics and organized crime. In 2006, a new pattern began to emerge for Ensminger. He noticed that high-level drug dealers were starting to open mortgage companies, tax preparation services and home construction businesses. The drug dealers were turning from narcotics to mortgage fraud in a move fueled by the relaxed lending standards resulting from the subprime mortgage crisis.

It was this evolution that inspired Ensminger to take the fight against these so-called white-collar crimes. Ensminger was charged with forming a crime unit consisting of the city’s best detectives, and together, they hit the door running against the new face of organized crime. “This was stuff that no one wanted to touch initially,” Ensminger said. “But then we started to hit the bad guys hard. We were quickly joined by our partners at the FBI, US Marshalls, IRS, DEA, USDA and FDA, all working together to target white-collar and financial crime.”

After retiring, Ensminger found himself with a particular skill set that made him invaluable to the banking industry. Here was a guy that knew all the tricks of the trade when it came to financial fraud, standing at the brink of an industry getting hit harder than ever by criminals. For Central Bank & Trust

President & CEO Luther Deaton, JR., Ensminger was the perfect weapon in the fight against fraud. He quickly brought Ensminger on to help the bank combat fraud losses. Originally an 8 person team, the unit has now expanded under the leadership of Ensminger to 11 fraud prevention specialists. The fruits of their labor can already be felt throughout the bank.

“Last year, we investigated $16 million in fraud perpetrated against the bank and our customers,” Ensminger said. “Our total losses were low due to our internal and external training and awareness conducted throughout the year.”

In a newly released statement from the Federal Trade Commission, data suggest that consumers reported losing more than $10 billion to fraud in 2023, marking a new record high in total losses reported. That number is an unheard of 14% increase over 2022. Nasdaq, in their 2024 Global Financial Crime Report, released data revealing that fraud and scams totaled an estimated $485 billion globally in 2023. It is important to note that this data tracks banks with an asset size of over $10 billion. When you consider how many community banks don’t reach that criteria, it’s not hard to imagine the staggering amount of losses that simply goes unreported by our smaller banks. It’s an issue Ensminger says he is ready to tackle head on.

“Awareness is key to all of this,” Ensminger said. In

2023, in conjunction with the Kentucky Bankers Association, Ensminger helped to form the KBA Fraud Academy in an effort to equip community bankers with the tools needed to elevate that awareness. “It’s our top priority, our number one goal. There are still so many people that can’t comprehend the magnitude of forces working to fraud you at every moment.”

“ ” consumers reported losing more than $10 Billion to fraud in 2023.

The KBA Fraud Academy saw a massive turnout during its first year, and starts again August 6th - 8th, 2024, in downtown Lexington. “The KBA Fraud Academy is the ultimate first step in identifying and fighting fraud the same way I have for the last 8 years,” said Ensminger.

Ensminger will be hosting the KBA Fraud Academy again this year, along with several hand-picked presenters ranging from DEA, Secret Service members and more. Bankers across Kentucky will learn what it takes to reduce loss due to fraud. “To truly fight against bank fraud, we have to come together as an industry. Fraud Academy is going to be a key weapon in that fight,” said Ensminger.

Ultimately, it was discovered that John Smith was doing more than exploiting the kindness of the most vulnerable around him. He has since been charged with PPP loan fraud totaling over $40,000. As for Doe? She has only been repaid $166 in total. In her heart, there’s still a small place that wants to believe that Smith is a friend.

An Ill Wind That Blows No Good

Economic Headwinds and Asset and Liability Management

Financial institutions are facing headwinds on account of burgeoning non-performing assets, corporate malfeasance, a slowdown in the economy, and a mismatch between the maturity profile of assets and liabilities. Severe liquidity strains caused the failure of Silicon Valley Bank, Signature Bank and First Republic Bank. Yet despite weaker economic conditions, sharply higher interest rates, high inflation, financial market stress and concerns over a potential recession, the banking industry demonstrated resilience. How?

Asset and Liability Management (“ALM”): it is a common phrase thrown around a board room when in discussions about the viability and future of a bank. It is the practice of mitigating financial risks resulting from a mismatch of assets and liabilities, a combination of risk management and financial planning. Not only is it vital for the sustainability and longevity of financial institutions within the financial landscape, but it solidifies the important roles that banks play in

maintaining the stability and growth of economies.

Liquidity risk has become an increasingly important parameter for the assessment of a financial institution. But with a new age of depositor behavior and evolution of regulations, achieving a dynamic, integrated ALM program is challenging for banks of all sizes.

Low interest rates lasted years, resulting in a complacency among financial institutions regarding deposit balance behavior. Then, during the past two rising rate cycles, deposit balances grew, coupled with an unusual systemic deposit inflow from 2020-2021 as a result of COVID-19 pandemic-related government fiscal stimulus. But those early 2023 bank failures proved that depository behavior is changing.

One of the more important lessons surrounded concentration risk. Prior, deposits were considered one of the safest

products in the liability structure of a bank. But, as the industry quickly learned, some types of depositors are more sensitive than others. Large concentrations of a particular type of client create a higher risk of deposit flight, as was the case with SVB. As a result, banks are needing to diversify their funding basis.

The ALM function covers a prudential component and an optimization role within the limits of compliance. Prudential meaning the management of all possible risks and rules and regulation, with optimization covering the management of funding costs, generating results on balance sheet position. But the industry is riddled with change: business cycles becoming aggressive, global ecosystems and third-party risks becoming more complex, regulations rapidly changing, more stringent compliance enforcement—financial institutions are going to be forced to adopt an agile ALM framework with a broader perspective scoping out broad objectives of the bank’s asset/liability portfolio, as dictated by the Board in order to address new situations where a policy does not yet exist.

“Financial institutions need to recognize that change is necessary for how they tackle managing liquidity and interest rate risks.”

With the adverse interest rate environments, it has been found that most ALM system and processes are not providing accurate and explainable outcomes scaled to meet transaction processing requirements. They lack flexibility to support interest rate risk reporting, scenario modeling requirements and “what if” analysis and are unable to scale to account for a bank’s contract and account volume of deposits and loans. There exists a lack of transparency in the underlying calculation logic, resulting in unexplainable and independently unverified data.

It is important banks assess the three pillars within an ALM program to include: ALM Information Systems, ALM Organization and ALM Processes. These pillars address the four key components examiners test on: board and senior management oversight policies, procedures, and risk limits; management information systems; and internal controls and audit.

ALM Information Systems addresses Management Information Systems and information availability,

accuracy, adequacy, and expediency. Information is the key to ALM strength. ALM Organization requires a strong commitment from the Board and Senior Management to integrate basic operations and strategic decision making within risk management. The ALCO decision-making unit monitors market risk levels comparative to Board set risk-limits, articulates the current interest rate view and view on the future direction of interest rate movements to strategize for future business opportunities, and reviews the results of and progress in implementation of the decisions made.

Lastly, the ALM process encompasses a scope of liquidity risk management, management of market risks, trading risk management, funding and capital planning, and profit-planning and growth projection.

While the above is not all-encompassing, it does assist financial institutions in knowing that their ALM foundation is robust and agile to respond to evolving needs, and that it is modelling the balance sheet, projecting net interest income and economic value of equity all while performing scenario analysis and stress testing to assess the impact of key performance indicators. This means also hiring a quality of ALM professional who understands the need to replicate the portfolio from a sensitivity point of view when modelling a balance sheet or replicating cashflow including complex structured products and embedded optionality. It requires accuracy and reliability to demonstrate what is happening right now within a portfolio. As stress testing and scenario analysis demands continue, banks need to be able to respond consistently to multiple scenarios via its credit stress models. It should account for evolving requirements, meaning the bank should be able to run a scenario analysis, including stress testing non-interest-bearing checking accounts if there is a move to a higher interest rate.

Financial institutions need to recognize that change is necessary for how they tackle managing liquidity and interest rate risks. ALM and liquidity as two essential parts of the bank’s overall model risk management structure. Ensure the Board has at least one director with a solid understanding of balancesheet management concepts. Be proactive in identifying risks and updating policies and procedures before implementing new products or activities. Reevaluate and communicate guidance and risk tolerances to bank personnel. With the economic landscape, particularly that of community banks, changing significantly, it directly correlates to a heightened need of attention to ALM risk management strategies and processes.

Do You Need to Manage Fourth-Party Risk?

You’re a pro at managing third-party risk, but how do you deal with fourth-party risk?

Your vendors are likely farming out critical activities to other vendors. It’s all a part of ordinary business operations. Just as you want to maximize efficiencies, so do your vendors. However, your vendors’ contracts with fourth parties introduce additional operational, financial, cybersecurity, and compliance risks for your financial institution.

Financial institutions often wonder how closely they need to monitor fourth-party risk. What are the regulatory expectations? How far down the ladder does it go? Do you need to evaluate fifth-party and sixthparty vendors?

Thankfully, the recent Interagency Guidance on Third-Party Relationships: Risk Management answers the above questions.

What the regulators expect from fourth-party risk management.

Financial institutions are responsible for having a strong vendor management program – and a large part of having a robust vendor management program is ensuring that your vendors have one as well. Regulators don’t expect you to follow up with all your vendors’ vendors. They expect you to ensure your vendors are properly managing vendor risk.

The role of contract management in managing fourth-party risk.

Contract provisions play a vital role in managing fourth-party risk. As a financial institution, you need access to information about your vendor’s third-party risk management (TPRM) program. Regulators expect two essential items to be included in contracts with third-party vendors to ensure their vendor oversight is sufficient.

First, as part of planning and vendor due diligence, you must stipulate in your contracts that vendors must inform your financial institution if they outsource a critical function to a third party.

Second, you need a contract that requires vendors to inform you if they change critical vendors. The essence of quality vendor management begins with quality contract management. You should also evaluate the strength of critical vendors’ TPRM programs. How do they perform due diligence on third parties? How is their vendor monitoring program? Do they have foreign-based third-party vendors that pose additional compliance risks? How do they manage these relationships?

“You should focus on evaluating your vendors’ third-party risk management policies and processes and not on managing fourth-party risk directly.

Regulators have recognized that for financial institutions, it would be nearly impossible to manage fourth parties themselves. They don’t have a direct contractual relationship with these parties and lack leverage over them.

At the same time, financial institutions have the power to demand that their vendors control this risk in the contract process. You should focus on evaluating your vendors’ third-party risk management policies and processes and not on managing fourth-party risk directly.

SOC 2 reports and fourth-party risk.

One of the best tools in your arsenal for evaluating your

vendors’ TPRM program is their SOC 2 report. SSAE 18 audits offer the following on your vendors’ vendors:

Scope: SSAE 18 mandates that a vendor clearly outlines the roles and duties of every third-party vendor it engages. This includes detailing the significance of each vendor, pinpointing critical vendors and assessing their dependability through service-level agreements (SLAs), contractual terms, warranties, and guarantees.

Performance Review: Vendors need to evaluate the performance of their third parties. This can be achieved by verifying the accuracy of output reports, conducting on-site inspections, and using questionnaires. It is crucial to keep a record of each measure – if it’s not documented, it didn’t happen.

Audit Evaluation: Vendors must establish a procedure for examining their third-party vendors’ audits and SSAE reports and communicate these findings to management. It is particularly vital to assess how the vendor addresses issues identified in these reports, as this provides insight into the reliability and effectiveness of their vendors.

Monitoring: It is essential for a vendor to scrutinize customer complaints, reports from regulatory agencies, and information concerning financial status, legal disputes, shifts in key personnel, and other relevant data. Vigilant monitoring is necessary to identify any significant issues.

Final Thoughts

Without regular vendor oversight, particularly in cyber monitoring, banks leave themselves vulnerable to unforeseen third- and fourth-party risks. Financial institutions that allocate resources to top-tier vendor management programs actively mitigate risk and position themselves to capitalize on growth opportunities from third-party collaborations.

Both your institution and vendors must have robust TPRM programs in place.

2024 HUMAN RESOURCES MANAGEMENT CHECKLIST

1. EMPLOYEE HANDBOOK – Here are some items to consider:

• Dress Code – Many employers are relaxing their “no tattoos” policy. Make accommodation for applicants and employees with race based hair styles or cultural/religious attire.

• Social Relationships at Work – A supervisor or manager dating an employee should be prohibited.

• Remote Work Policy – This policy should include getting advance permission to work remotely, what constitutes working time, recording remote work time, accidents at home, accountability, etc.

• Words to Avoid – Avoid using words like (a) cause or good cause, (b) condition of employment, (c) annual salary, (d) permanent employee, (e) yearly, etc.

• Social Networking – National Labor Relations Board regulations prohibit employers from telling employees about what they can and cannot post on their personal social networking sites.

2. HARASSMENT AWARENESS AND PREVENTION TRAINING - This training should occur annually and cover all forms of unlawful harassment including harassment based on sex, race, religion, age, ethnicity, etc.

3. DRUG FREE WORKPLACE – Management should reserve the right to require a drug or alcohol test for “reasonable suspicion.” Employees with medical marijuana cards may not consume marijuana at work and may not report to work under the influence of marijuana.

4. PERSONALITY TEMPERAMENT ASSESSMENT - Consider administering the DISC profile, particularly for your leadership team.

5. AFFIRMATIVE ACTION PLAN – If you are covered, your Affirmative Action Plan must be updated annually and in compliance with the latest regulations.

6. EEO-1 REPORTS – Employers of 100 or more employees are required to electronically submit an annual EEO-1 Report.

7. VETS 4212 REPORTS – Most government contractors are required to file this annual report of employees who belong to the specified categories of protected veterans.

8. NEW HIRE REPORTS – Employers must submit specific New Hire Reports to the state employment agency database, on a regular basis

9. JOB DESCRIPTIONS – Both the employment regulations and HR Best Practices require a valid job description for each job.

10. MANAGEMENT TRAINING – Consider conducting several management training sessions this year.

11. EMPLOYMENT LABOR POSTERS – Check that you have all current required employment posters, placed in prominent locations

12. I-9 FORMS – Have valid I-9 Forms on file for every employee and use the latest iteration dated August 1, 2023.

13. EMPLOYEE FILES – Drug test records, financial statements, court orders, background checks, and other private or personal documents should not be included in the employee file.

14. UNEMPLOYMENT COMPENSATION - The burden of proof is always on the employer. Maintain detailed and comprehensive documentation.

15. NATIONAL LABOR RELATIONS BOARD – Under the “protected concerted activity” category, employees have the right to discuss their wages, benefits and working conditions among each other and employers may not prohibit them from doing so.

16. EMPLOYEE OPINION SURVEY – You will never know how your employees feel about working for you unless you ask them through an employee opinion survey or satisfaction survey.

17. TIME RECORDS – Digital time records rather than a time clock or a paper time card is more efficient and some employers permit employees to clock in on their mobile phones.

18. EXEMPT CLASSIFICATION – The exempt salary classification has a salary test and a duties test. Employees must meet both in order to be exempt.

19. COMPENSATION STUDIES – Perform annual compensation studies to make sure your pay rates are competitive.

20. HR MANAGEMENT COMPLIANCE AUDIT REVIEW – An HR audit will help you reduce or eliminate any potential liability or exposure, provide you with the assurance that you are in compliance with all of the employment regulations.

CONTACT US:

Email: admin@seay.us

Website: www.seay.us

Tel: 888-245-6272

It’s a new year, and with it, new changes to the banking industry are on the horizon. From artificial intelligence, constant pressure from ongoing regulation, to future proofing and more, being able to adapt to these evolving landscapes has never been more important.