Banking Solutions 2010

Page 1

2010

Riding the

Recovery Wave Expert Advice on What You Need to Know as the Economic Recovery Continues...

Consolidate your IT Services and improve your bottom line. One company… One contract… One set of service standards…

Contact Maintech today to learn how we can optimize your IT Services needs, while lowering your operating costs. Maintech’s wealth of service offerings can bolster your efficiency and deliver a true value to your company. •

Data Center Services: Your Single Source, Vendor Neutral services program delivered with unified performance. Maintech’s neutrality allows us to support a wide range of hardware.

Managed Services: Build the customized monitoring, administration and maintenance program for your enterprise that you’ve always wanted. Maintech can make it happen.

Desktop Services: All the desktops, laptops, PDAs, mobile devices, etc. can be overwhelming to maintain. Maintech offers solutions for managing them all.

Hardware Maintenance: In or out of warranty, your hardware maintenance is in great hands with our network of field representatives. Emergencies? No problem.

Maintech. Servicing IT since IT first needed servicing.

www.maintech.com © Maintech 2010

1.800.426.TECH

2010

Chairman Timothy M. Warren CEO & Publisher Timothy M. Warren Jr. President & COO David B. Lovins Group Publisher & Editor in Chief Vincent M. Valvo Controller & Director of Operations Jeffrey E. Lewis Custom Publications Editor Christina O’Neill Associate Editor Cassidy Norton Murphy Publications Group Sales Manager George Chateauneuf Advertising Account Manager Richard Ofsthun Advertising Account Manager Helene Sansoucy Advertising, Marketing & Events Coordinator Emily Torres Art Director John Bottini Senior Graphic Designer Scott Ellison Graphic Designer Nate Silva

©2010 The Warren Group Inc. All rights reserved. The Warren Group is a trademark of The Warren Group Inc. No part of this publication may be reproduced in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the publisher. Advertising, editorial and production inquiries should be directed to: The Warren Group, 280 Summer Street, Boston, MA 02210. Call 800-356-8805.

W

elcome to Banking Solutions 2010, a onestop publication for bankers and financial professionals. This magazine is an annual guide to the latest products and services that cater to the banking industry. Experts from a variety of fields has contributed editorial articles to keep you informed about the recent issues and problems plaguing banking institutions, and recommend specific solutions to those problems. From risk management to personnel development, from compliance issues to data security, you’ll find answers to help with both the day-to-day and long-term success of your institution. The past year has been a challenging one for banks, to put it mildly. The mistakes made by Wall Street during the first heady days of the decade came home to roost in the bailout, Dodd-Frank and a host of new regulations imposed on community banks. Businesses struggled and growth stagnated. Customers were faced with the loss of their jobs, and, in some cases, their homes. According to economists, the recovery has begun, but it will be slow going. In these pages you’ll find tips to better position you to support your customers through the recovery, and to aid your understanding of the ramifications of the new regulations. Social media, mobile banking and the increased sophistication of cyber attacks have created a strange new world for financial institutions – one that this publication will help you navigate with ease. The challenges will no doubt continue, but with Banking Solutions, you’ll be better prepared to meet them. u

Social media, mobile banking and the increased sophistication of cyber attacks have created a strange new world for financial institutions.

Banking Solutions 2010 | 3

2010

Technology

6 Preventing Credential-Stealing Attacks Against Your Internal Systems By John Verry 8 Traditional Mortgage Models Inadequate for Changing Industry Laws By B.J. Bounds 10 Beyond Table Stakes: When Banks Outsource Core Processing By Sam Boggs

Marketing

20 Consumers Seek Engagement and Solutions Offline and Online By Bryan Clagett 22 Marketing a Necessary Evil By Patrick “PJ” Schunke Risk Management

12 What Have You Done For Me Lately? Examining Your Core Relationship By John H. Jones 14 Choices, Options and Alternatives: Can Someone Please Make Sense of IT Service Contracts? By Bill Rudowitz Insurance

24 Effective ERM: The Roadmap to Operational Efficiency By Michael Cohn 26 Maintaining Long-term Stability in an Unstable Environment By John M. Floyd 28

16 Directors and Officers Liability: A Coverage Check-up for Financial Institutions By Joe Underwood and Chuck Soucy 18 Collateral Protection Insurance: What It is, What It Does, and Why Lenders Need It By Bruce Scudder

4 | Banking Solutions 2010

I Know it When I See it: What Board Compensation Governance and Pornography Have in Common By Arthur Warren

30 Overdraft Programs: The Next Chapter By Mike Potter

Does your current insurance company see your bank as less sophisticated than it is? No matter what size bank you are, Travelers will never treat you like a second-class citizen. For more than 110 years, our local presence and industry-leading underwriters have combined to offer a comprehensive suite of coverages designed to fit each client’s needs perfectly. Contact your independent agent today to learn more about our Travelers SelectOneÂŽ for Community Banks, and stop being treated like you are just another mouth at the trough. Š2010 The Travelers Indemnity Company. All rights reserved. The Travelers Indemnity Company and its property casualty affiliates. One Tower Square, Hartford, CT 06183

travelers.com

By John Verry

Technology

Preventing Credential-Stealing Attacks Against Your Internal Systems generally only effective against known malware. Newer malware-generating toolkits allow the malicious individual to easily generate a unique instance of malware, which allows the malware to infect even a well-protected system. Once on the system, the malware is very difficult to detect, operates silently, captures business critical credentials like user names and passwords, and transmits them in real time to the malicious party for real time or later use. Pivot Point Security offers a range of malware detection and prevention services to help you minimize this risk:

Once on the system, the m a l wa r e i s v e r y difficult to d e t e c t, o p e r at e s s i l e n t ly, c a p t u r e s b u s i n e ss c r i t i c a l credentials like user names and p a ss w o r d s , a n d transmits them in real time to the m a l i c i o u s pa r t y for real time or l at e r u s e .

6 | Banking Solutions 2010

M

alicious software, also called “malware,” has become a significant problem for the banking industry. Over the last year there has been a significant increase in the number of successful attacks against online banking customers. At this point, most banks are just coming to grips with the risk that the program Zeus (and other similar malware) presents to their customers when they use online banking. The risk is notable; losses relating to successful attacks have exceeded $1 million per incident, even for relatively small banks. A lesser-known and evolving attack targets the bank’s internal computers, rather than the bank’s clients’ computers. The risk associated with malware finding its way onto a bank’s internal network and stealing credentials for sensitive applications (for example, ACH, SWIFT, FedLine, SBA, etc.) is as large, or larger, than the risk posed by malware targeting the bank’s clients. The challenge is that there is no easy way to address this issue. Thwarting malware is exceptionally challenging, as anti-virus, anti-malware, and anti-spyware applications are

• Malware scanning. Active malware scanning against a sampling of highrisk workstations to detect malware and determine the effectiveness of current anti-malware practices. • Outbound firewall monitoring. Automated and manual analysis against outbound firewall logs to identify outbound communication to suspicious locations that may be indicative of malware communication that was not detected via malware scanning. • Wholesale payments system security review. An comprehensive review of the application, network, database, operating system, and physical controls over the wholesale payment system in accordance with FFIEC guidance

Making sure that you protect your ACH network, the direct deposits, checks, bill payments and cash transfers transits is critical, as this has quickly become the most popular way for hackers to target financial systems.

Interesting Zeus Facts (as of August 2010)

• There are zero known infections on the Macintosh operating system. • Zeus infections are generally a result of a phishing attack or a drive-by download continued on page

9

Get MORe tRactiOn aGainSt aUtO cHaRGe-OFFS Are charge-offs driving your auto portfolio off course? With State National’s industry-leading Collateral Protection Insurance, it’s easy to regain control. For more than 30 years, State National has been helping lenders guard against losses due to uninsured collateral. And while other companies may dabble in CPI, we’ve built our entire business around it — giving our clients the protection they need to accelerate their profitability. From behind-the-scenes tracking and reporting to frontline communications with your customers, State National goes the extra mile to help you protect your profitability. For more information, call us at 888-525-5977 or visit us online at www.statenational.com.

Technology

Traditional Mortgage Models Inadequate for Changing Industry Laws

The key to proper i n t e g r at i o n with current compliance policies is to e n s u r e t h a t t h e LO S used is flexible and customizable to banks’ procedures.

8 | Banking Solutions 2010

T

he mortgage industry has been under tremendous scrutiny for the past several years. For independent brokers and lending shops, changes that hit the news daily have them scrambling to develop rules and policies that enable them to comply. For banks, the struggle is a little different. There are already strict policies in place; banks just need to make sure the mortgage loan divisions are able to assimilate those practices with the technology available. Traditional core banking systems are inadequate for the seemingly indecipherable laws of the mortgage industry. There currently is no effective all-inone mortgage solution on the market. Many loan origination systems (LOS) offer end-to-end solutions, but they require third-party interfaces for some functionality – such as credit, closing documents, or floor certifications – to take each loan from application to sale. And while those third-party interfaces are essential for loan processing efficiency, it is the effectiveness of the core LOS that will determine how well a mortgage division thrives in its current environment. The key to proper integration with current compliance policies is to ensure that the LOS used is flexible and customizable to banks’ procedures. We all love the thought of implementing a solution that integrates seamlessly out of the box, but in reality,

blending the complexities of mortgage compliance with the intricate financial regulations in the banking industry requires a degree of customization and initial configuration. What works for one may not work for another. PointCentral from Calyx Software offers some out of the box functionality and starter rules, but then gives users the ability to custom-fit rules to suit specific business needs, or create personalized rules as needed. The flexibility of PointCentral is an important part of maintaining uniformity in compliance procedures. Consider some of the most significant mortgage regulations that have been in the news over the past several months: • The Real Estate Settlement Procedures Act (RESPA) is the guiding regulation for the Good Faith Estimate. RESPA includes a new definition of an application that would trigger a RESPA disclosure (GFE) in an effort to make fees more easily understandable to the borrower. • The Truth in Lending Act (TILA) proposes the elimination of the yield spread premiums. Another major effect of this regulation is the definition of the annual percentage rate (APR). The TILA regulates what can be counted as finance charge and must be included in the APR. • The Mortgage Disclosure Improvement Act (MDIA) dictates that the only fee that can be collected

By B.J. Bounds

Internal Systems continued from page

upfront, prior to a loan application, is a fee for the credit report. It also includes the 3/7/3 Rule, which means that the TIL disclosure must occur within three days of an application and loans cannot close within seven days of when the borrower was initially disclosed. If APR has changed with 0.125 percent or more, lenders must re-disclose the TIL form and wait an additional three days prior to closing the loan. Saturdays are included as a business day, and only Sundays and federal holidays are excluded. Because these new laws are extremely confusing and seem to be changing monthly, it is hard to keep up with even the most basic of compliance regulations. Complying with these requirements requires more workflow control, and mortgage professionals are still trying to wade through the mountains of rules regarding fees and disclosures. The use of PointCentral’s rules engine alleviates compliance and control concerns. Dedicated rules by screen, field or user can keep mortgage divisions in line with company polices. The flexibility of rules and templates, hard stops and soft stops can be used to enforce consistent workflow among all users of the system. Functionality and fields can be required or disabled, depending on the needs of the individual division or bank. By implementing division-wide rules and procedures within the mortgage division’s LOS, mangers can breathe a sigh of relief – compliance management just got a little easier. As a current user of server-based PointCentral says, “We can set up required fields so that we always receive complete documents, and we can also prevent mishandling of crucial company information with additional security fields.” Bottom line: One size will not fit all,

and you shouldn’t have to change your policies to accommodate your LOS. However, you do need to be aware of your internal policies and processes in order to configure your system rules accordingly – using an LOS that is adaptable, and can accommodate the way you do business. PointCentral is effective, configurable, and easier to use. It’s all you need – end to end. u B.J. Bounds is the senior marketing communications specialist for Calyx Software. She has over 10 years experience in sales and corporate marketing with a focus on technology that spans several industries. For more information about Calyx Software, visit www.calyxsoftware.com.

6

while surfing the web with a vulnerable browser. • It is estimated that as many as 3.6 million PCs in the U.S. may be infected with a Zeus variant.

See our blog for the best strategy to ensure your online banking activities are secure. Visit www. pivotpointsecurity.com/blogs, or call us at 1-888-PIVOTPOINT. u John Verry, principal consultant for Pivot Point Security, has lead hundreds of high-profile security assessments across a diverse cross section of noteworthy systems in the government, telecommunications, critical infrastructure, finance and transportation sectors over the past nine years. Pivot Point Security is a leading provider of information security assessments with a particular focus on banks. For a partial list of banking clients, please visit www.pivotpointsecurity.com/clients/ financial-services-banks.

The Northeast’s premier consulting firm to the Banking Industry hhconsultants.com

Contact Richard Sych, Sr. V.P., at 860-521-8400 · Actuarial Consulting

· Postretirement Health

· Executive Retirement Plans

· DB to DC Plan Consulting and Transition Services

· Defined Benefit Plans · 401(k) Plans

· Investment Advisory Services

Banking Solutions 2010 | 9

Technology

Beyond Table Stakes: When Banks Outsource Core Processing

T

here are two schools of thought on why banks are trending toward outsourcing their core processing to an application service provider: • Adoption from a solely cost-benefit perspective. • Looking at outsourcing as an enabler to grow business and enhance customer support. The more progressive viewpoint is that outsourcing allows a bank to reallocate the resources of its technology team to focus on its customers, and reducing the strain of building out and supporting a big IT infrastructure to support its core application. Outsourcing enables banks’ information and technology officers to become real business leaders, rather than having to worry about keeping the lights on in their branches. It frees them up to focus on how to use technology to enable business growth to meet and exceed business objectives and, most importantly, customer expectations. Surprisingly, many of the larger banks that have big IT organizations with hearty infrastructures already in place are looking to get away from that space. Why? Because it enables them to clearly focus on their customers. It frees up resources, and frees up their management teams to focus on what is really important – the customer experience, which drives growth of market share. Smaller banks tend to walk their own path; they end up at the same outsourcing decision as the larger institutions, but for different reasons. Smaller institutions tend to shift to outsourcing to upgrade their IT infrastructure. From a human and an infrastructure standpoint, a small bank with two or three people in its IT department and a server room set-up has several points of possible

10 | Banking Solutions 2010

failure that have nothing to do with the application. It is solely dependent on the application that sits on the hardware being managed by people. If any of those things fail, the bank is in trouble. By outsourcing to a top-core processor, a bank gets best-ofbreed technology, best-of-breed infrastructure, and almost as important, best-of-breed processes and people to host that critical application. Outsourcing buys the bank an upgrade in talent, an upgrade in infrastructure and best-of-breed technology. It’s a clear win for many community-based financial institutions. The right outsourcing provider brings great technology, a robust infrastructure, disaster recovery and business continuity right out of the box. The provider is responsible for maintaining compliance with federal regulations. More important, the right provider brings world-class process and world-class people to the table every day. The three most important things any financial institution, large or small, should consider when choosing an outsourcing provider are process, people and technology. Technology is at the base of the pyramid because, for world-class data centers, technology is the table stakes to get in the game. There are data centers all over the world, and a world-class data center can be set up in a lot of different ways. However, the infrastructure that supports them is fairly standard. They all have fire suppression systems (preferably FM-200), power backup systems including uninterruptible power sources and generator systems, and they also have data circuits to eliminate single points of failure in the data networks. It is also important to consider the flexibility of a data

By Sam Boggs

center’s core processing application itself when determining which core processing system to choose, and this clearly should be tied in to the selection process. Obviously, the legacy mainframe applications are at a disadvantage in this regard. Any world-class provider should be able to keep the lights on in a data center, so the differentiators are more about bringing the right resources to bear in order to get the most out of technology, freeing up internal staff to focus on business growth and customer service. The only way an outsource provider can do that is by understanding its customers’ business objectives, understanding their growth requirements, and understanding their needs around regulatory compliance issues. This is why “people” and “process”

are the top two tiers of the outsourcing pyramid. People are in the middle because great people can do a great job, as long as they really understand the space, understand what the bank’s business needs are, and can translate technical requirements into operational activities that support their customers’ needs. To accomplish this, the team of the outsourcing partner must have a high degree of flexibility, a great depth of experience in banking regulation and process, as well as a high degree of technical competency; those are the kinds of things a bank should look for when choosing an outsourcing partner. Why put process in the top spot? It allows a great team to become even greater. Having a very strong focus on process makes a great outsource provider even better, because it

enables consistency. Our goal as an outsource partner is to make sure we are consistently bringing the A-team to the table, consistently pushing the limits of our application, and that it is hosted on the best technology. This enables us to ensure we are supporting our customers’ goals and business objectives. When you have great technology, great people, and a focus on process improvement, you have banks that can achieve tremendous success and high customer satisfaction. u Sam Boggs is executive vice president of group operations for Open Solutions, Inc. The company provides state-of-the-art technology and services to banks, insurance providers, retailers and wealth management companies worldwide. Open Solutions operates two data centers in North America. For more information, visit them online at www.opensolutions.com.

Banking Solutions 2010 | 11 ®

By John H. Jones

T echnology STRATEGY

What Have You Done For Me Lately? Examining Your Core Relationship

It is the mixture of i n n o va t i o n w i t h responsive support a n d c o l l a b o r at i v e development with a c o r e p r o c e ss o r t h at a l l o w s b a n k s to offer the h i g h e s t l e v e l of service.

C

ore processing technology is not what it used to be. The acceptance of “what you see is what you get” technology is becoming less common. Today’s ideal technology partner must be agile, advanced and engaged with the bank when developing updates and creating new products and services. Bank technology today can be seen as a profit center versus expense, and as a cornerstone of a bank’s strategic business plan. It should help banks survey and adjust their strategy, and in doing so, save time and money for both the bank and its customer. And it should be more than just crunching numbers.

Emerging core trend

Banks today must anticipate and adjust to the varied needs of their accountholders, and they should look at their core processing relationships with the same expectations. It is no longer enough for banks to tolerate their core relationship. Institutions can, and should, demand a responsive and interactive partnership from their technology provider. Core technology should be functionally flexible, continually updated, and provide client satisfaction.

Functionality

There are several questions banks should ask of their core technology. Can 12 | Banking Solutions 2010

it make me more profitable? Uniquely competitive? Reduce expenses? Integrate with my other technology choices? Can the company provide a clear, honest description of its architecture, infrastructure and operation? Functional core technology is a strategic advantage and vital component of business and should be designed and managed around the bank’s key goals – retaining customers, and competing better with other financial institutions through product customization and service automation through its bank management system. Tom Timmons, a California bank strategist and former bank president, CEO and ICBA Banker of the Year, said, “When it is all said and done, banking is an information and relationship business. Bankers who cannot quickly put their hands on reliable and usable information to better help their customers will have trouble succeeding. It is clear to many that there is a void to be filled for more flexibility and responsiveness in core processors.” Fred Henrich, president of Coatesville, Pennsylvania-based Coatesville Savings Bank said, “We looked at a lot of companies and finally chose our core processor because its flexibility in design and operation will more easily grow with us and expand our competitive service capabilities as we need it.” However, technology alone is not enough. It is the mixture of innovation with responsive support and collaborative development with a core processor that allows banks to offer the highest level of service.

Flexibility

A core processor must be flexible, collaborative and responsive, adapting to your needs and growth. The best continued on page

15

Did the financial crisis really have to be this bad? Banking expert Bill Isaac details how desperate government decisions and forgotten financial lessons led to a Senseless Panic.

“ If Washington politicians ignore Isaac’s insights, we will pay a fearful price.” —STEVE FORBES, CEO, FORBES, INC.

“ Bill Isaac has dedicated his life to the public policy arena. He thinks straight, and he talks straight.” —LAWRENCE KUDLOW, HOST OF CNBC’S THE KUDLOW REPORT

“ Learn from past crises and prevent the next collapse, says this experienced and outspoken former bank regulator.” —RALPH NADER, LAWYER, AUTHOR, AND POLITICAL ACTIVIST

Available wherever books and e-books are sold.

T echnology STRATEGY

Choices, Options and Alternatives: Can Someone Please Make Sense of IT Service Contracts?

W

I f y o u f i n d t h at your contracts are coming up f o r r e n e wa l , or even if a piece is coming up for r e n e wa l , f i n d a t h i r d pa r t y i n y o u r a r e a a n d h av e a c o n v e r s at i o n with them.

14 | Banking Solutions 2010

hen running a large or mid-size data center, there are enough headaches and anxieties to go around with just the everyday issues that arise. Someone in this position does not need, but is often faced with, the burden of managing the maintenance contracts for all of the equipment and services that help keep that data center running. The choices are typically to go with either the large, global firm that can come in and handle everything for you, or to go with the myriad individual providers who specialize in just their own equipment, or some specific area of equipment. In the first case, the large, doeverything contract may leave you feeling like you have no control over your own environment. The terms are typically inflexible, and can inspire you to wonder what, exactly, it is that you’re paying for. It sometimes seems impossible to supplant the vendor in the event that you want to make a change. As a result, you can feel stuck in the contract. In the other case, you may wind up with so many vendors that deciding who to call is an anxiety-builder all by itself. There are so many contracts to manage, and not all of them may terminate at the

same time, so renewals seem like they are never-ending. Too many vendors handling similar or related equipment may result in finger-pointing; problem resolution takes longer and you can never be sure that the root cause was determined and mitigated. This scenario happens most frequently when you hire the manufacturer to service their own systems, which may be because you were led to believe that they are the only ones who can provide the warranty service that comes with the new equipment. This claim, no matter who gives it to you, is simply not true. In fact, many third party providers are authorized by the manufacturers to provide warranty services, and the provider actually handles all of the administration for you, simplifying the process considerably. You may not realize it, but even now it may be a third-party provider delivering your services, though your contract is with the manufacturer. Additionally, whether you are dealing with a global firm or many manufacturers, you may not always be able to count on having the same set of personnel providing the service. Shared resources, dispatch service methods and staff rotation/advancement can leave you dealing with new faces on a regular basis, which only adds to your frustration and confusion. The bottom line is that the servicing of your computer infrastructure can be simplified. It does not have to be cumbersome, arduous and burdensome. There are options available in today’s market that can bring some common sense to the task of supporting your IT infrastructure. Consider an independent, third-party provider. Some people may say, “A third party? Isn’t that risky?” The answer is: it can be, but it doesn’t have to be. If you find that your contracts are coming up for renewal, or even if a piece is coming up for renewal, find a third party in

By Bill Rudowitz

Core Relationship continued from page

your area and have a conversation with them. Ask for some references for whom they are handling similar equipment, or who are in your vertical, and see what response you get. If you have found a quality third-party provider, you will get good references, and many of them who will be more than happy to fill you in on the type and level of service they are receiving. Ask the third party to provide some hard numbers for you, including the provide pricing on a variety of service level scenarios. Inquire about on-site sparing, dedicated staff, manufacturer warranty services, how long they have been in business and what certifications the company and the staff have. If you ask the questions, and get the answers that meet your needs, and the pricing provides you with some significant savings, ask them what other services they provide and what types of IT infrastructure equipment they can service. Armed with that information, you now have choices, options and alternatives. You can go back to your current provider or providers and ask about the pricing. You can ask about contract flexibility and service level options. You have leverage, and if you don’t get good answers in response, you know you can bring in that thoroughly vetted third party, which will simplify your support by consolidating contracts under one flexible umbrella – an umbrella with commitments the big firms may not offer, and streamlining the multiple vendor approach just can’t offer. It can’t hurt to investigate, but it may just make life easier. u

12

core processor/bank relationship should involve communication from both sides – with support and product development representative of industry trends, as well as client needs and input. Henrich adds, “Our core processor is also a great partner. We look forward to their frequent visits and enjoy having access to their management and a voice in their development process.”

Company culture and structure

Banks need a core processing partner they can count on for the long haul. Institutions should not hesitate to ask: Is my core technology partner stable and positioned for growth? What are the plans for not only product development, but for the company overall? How are core system decision made and by whom? Is the company driven more by stockholder expectations or the banks it serves? Is it likely to be acquired or sold?

It is not enough for a core technology provider to claim good service. The company must also embrace and demonstrate a company culture and structure driven by customer satisfaction and success. “Our core processor’s unique ownership, advice and regular technology enhancements were a major reason we chose to implement their system – it is unique in an industry where that is rarely the case,” said Thomas Ellison, chairman and president of the Commercial Bank of Texas. “The contact with our core processor throughout the year has a significant influence on their product development and business model, which directly applies client needs/input into technology offerings.” u John H. Jones is president and CEO of Data Center Inc. (DCI), a nationwide provider of core bank technology solutions, featuring the award-winning iCore360® bank processing and management system. Find more information about DCI and iCore360® at www.datacenterinc.com.

For more information, or to see if a niche market ISO like Maintech might be a good option for you, call Bill Rudowitz at (973) 3303277, email at wrudowitz.com or visit the website at www.maintech.com. Banking Solutions 2010 | 15

Insurance

Directors and Officers Liability: A Coverage Check-up for Financial Institutions

O

f critical importance to every bank and financial institution is its ability to attract and retain qualified board members. In these times of heightened awareness of corporate governance responsibilities, board members are also becoming more inquisitive regarding the breadth and scope of the directors’ and officers’ (D&O) liability protection. Unlike many other types of insurance, there are no standard D&O policies. Terms and conditions often vary greatly. Outlined below are six questions that board members may ask; they are questions every bank should be prepared to answer. Does the bank purchase a sufficient D&O limit, which generally applies to both defense and settlement costs for all claims throughout the policy period? There is no one right answer for how much limit to purchase. In establishing the bank’s position on what limit to purchase, evaluate the claim history for your specific bank and others like it, consider current litigation trends and special hazards (such as merger and acquisition activity), and benchmark against peers. The ultimate decision is often driven by the bank’s risk tolerance and its desire to attract and give reasonable comfort to its directors to allow them to serve effectively. How will coverage apply if the company has an obligation to reimburse a director or officer, but cannot due to financial impairment or bankruptcy? To respond to this question, it is important to understand how the typical D&O insurance policy is structured. Side A provides coverage when the bank is unable to indemnify a director or officer due to insolvency or a prohibition by the bank’s bylaws or state

16 | Banking Solutions 2010

statute. Side B covers the cost to the company of indemnifying directors or officers. Side C refers to coverage for suits brought against the bank. Typically Side C coverage is limited to securities claims for publicly-held institutions. In bankruptcy situations, some courts have ruled that the D&O policy, which protects both the bank and the individuals under the same limit of protection, is an asset of the estate. Therefore, directors and officers are left high and dry when they most need coverage. To address this, insurers offer what is known as a “Side A Excess and Difference in Conditions (DIC)” policy. This insurance only protects individuals, so there is no motivation for a bankruptcy court to seize the policy. Additionally, coverage can “drop down” to apply as primary insurance for claims not covered by the bank’s regular D&O policy. Coverage is only triggered under the rare instance that the bank cannot indemnify. Thus, a bank should not reduce its standard D&O limit in consideration of limits on a Side A DIC policy. If we do not have enough D&O limit and a lawsuit names me personally as well as the company, can I be assured that I am first in line? A “priority of payments” provision can be added to D&O policies that states that payments will first be made for claims against individuals that are not reimbursable by the company (Side A). Some policies also give priority to reimbursement coverage (Side B) before claims directly against the bank (Side C). If a suit alleges that I have done something fraudulent, does the insurer still have a duty to defend me until it is proven? How must it be proven? This is one of the great paradoxes of D&O insurance. Virtually every

By Joe Underwood and Chuck Soucy

claim alleges dishonesty or fraud, and every D&O policy excludes such acts. Therefore, the burden of proof is critically important. Most D&O base policy forms merely require that the offense be proven “in fact.” What remains unsaid is who makes the determination. To address the issue, if requested, many insurers will modify the burden of proof to “final adjudication,” which ensures that a court ruling as to the conduct must precede the insurer’s declination of coverage. If another board member commits a fraudulent act and I am also named within the lawsuit, am I still covered? Severability language in your policy should state that coverage applies separately to each insured. Therefore, if one insured party commits an act that is excluded by the policy, it does not void coverage for “innocent” insured persons. If facts are misrepresented on the D&O insurance application, can I be certain that coverage remains for me? With respect to coverage under Side A, the insurance application should be severable so that misrepresentations on the application do not jeopardize coverage for parties that did not have knowledge of the matters misrepresented. However, caveats apply to Sides B and C. Certain individuals’ knowledge is imputed to the bank for purposes of determining coverage for the bank. Knowledge imputation should be negotiated to only the CEO and CFO. u Joe Underwood is a senior consultant at Albert Risk Management Consultants, where he offers objective counsel to a variety of institutions regarding directors’ and officers’ insurance matters. Chuck Soucy is a principal consultant and the financial institutions practice leader at Albert Risk Management Consultants, one of the nation’s leading independent risk and insurance advisory firms.

Do your statements look like this? �

Full-Color Redesigned Statements with Custom Formatting

Interactive PDF Delivered Electronically

Reduced Processing Costs

Targeted Cross-Marketing

Eliminate Inserts with Onserts

Built-In Response Buttons

Improved Customer Service

Call

888-FSI-6200 today to schedule an online demo and see what eDoc can do for your statements.

Trust well placed.

21 Harristown Rd, Glen Rock, NJ 07452 • 201.652.6000 • 888.FSI.6200 • www.insideFSI.net Core Processing • Item Processing • Integrated Packages • Corporate & Branch Capture OFAC & Patriot Act Solutions • Web Hosting & Services

You can order a professional reprint of any article in Banking Solutions 2010.

To learn more visit our website at www.thewarrengroup.com/portal/Publications/Reprints/tabid/149/Default.aspx

Banking Solutions 2010 | 17

ISTRATEGY nsurance

Collateral Protection Insurance: What It is, What It Does, and Why Lenders Need It

B e c a u s e o n ly uninsured b o r r o w e r s p ay premiums, CPI i s m o r e e q u i ta b l e t o the lender and its insured borrowers.

18 | Banking Solutions 2010

W

hen borrowers take out vehicle loans, their loan agreements typically require that they maintain physical damage insurance to cover the loan collateral, naming the lender as an additional interest on the policy. Unfortunately, not all borrowers will fulfill this agreement, either never purchasing insurance or letting their coverage lapse. Lenders can choose to retain the risk of loss if damage occurs to uninsured vehicles they repossess. However, most lenders transfer this risk through insurance, such as collateral protection insurance (CPI).

How it works

CPI shares some basic characteristics with all types of insurance: policies are written, and CPI insurers pay claims when losses occur. However, there are significant

differences between CPI and other types of insurance that lenders need to understand in order to choose a CPI program and provider that are the best fit for their business and philosophy. For borrowers, the most noticeable difference between CPI and private auto insurance is that it is “forceplaced.” Borrowers who do not comply with loan requirements to purchase insurance on their own will have CPI policies issued in accordance with CPI program objectives, and those borrowers pay the majority of CPI premiums. Once a program is in place, borrowers are not individually underwritten, and issuance of CPI policies is guaranteed by the provider. Another important difference is the type of coverage provided by CPI. Most providers offer “dual interest” coverage that protects both the lender’s and the borrower’s interest in the collateral.

By Bruce Scudder

Finally, because CPI placement is based on the status of underlying insurance, CPI requires a higher level of service, monitoring and management by the CPI provider than regular insurance does. Data on borrowers’ private insurance must be obtained and kept current to ensure that placements of CPI are properly made and that refunds are accurately issued when noncompliant borrowers do purchase required insurance.

What a CPI provider does

Typically, lenders contract with a CPI provider to track the insurance status of each loan in their portfolio. The provider receives data files on all new loans and verifies that acceptable physical damage coverage is in force and that the borrowers’ insurance companies have the lender named as the lien holder. The CPI provider also receives regular updates on existing loans in the lender’s portfolio from the lender and processes proof of insurance information when a private insurance policy is issued, cancelled, or materially changed. If a borrower does not obtain insurance coverage for loan collateral, the CPI provider sends a notice urging the borrower to do so. Throughout the life of a loan, they monitor proof of insurance to ensure that policies remain in force and, if policies lapse, they send notices asking borrowers to reinstate coverage.

What lenders do

Should a borrower fail to respond in either case, the CPI provider notifies the lender, which may choose to place CPI on the borrower’s loan. If a borrower purchases or reinstates private coverage, the provider cancels the CPI policy and issues a premium refund. Throughout the process, the CPI provider is responsible for service

to and inquiries from lenders and borrowers. The more sophisticated CPI suppliers also provide lenders with access to online tracking tools and with detailed management reporting on their CPI program. Companies that specialize in CPI have the experience and capability to design and offer a program that requires minimal work on lenders’ part to administer. Lenders simply need to forward insurance-related documents to their service center and provide a loan file on a pre-agreed schedule. The provider issues CPI certificates only in accordance with parameters their clients establish, whether the client chooses to review all noncompliant situations before placement, have the provider make all placements automatically, or anywhere in between. Of course, lenders should post billed CPI premiums to borrowers’ loans on a timely basis. Claims should also be reported promptly, just as with any other insurance policy.

Why expertise is needed

Because CPI is force-placed, a CPI program must be handled efficiently or it can, understandably, create negative borrower reaction. Your CPI provider must combine effective tracking technology with personal, customer-focused service to ensure that placements are made accurately, refunds are issued promptly, and requests are handled expediently. Texas-based State National Companies specializes in collateral protection insurance and effectively protects borrower relationships and minimizes work for the lender’s staff. For instance, their streamlined claim submission process is handled online, and most claims require no documentation. Also, State National’s InsurTrak system is considered the most efficient

and technologically advanced platform in the CPI marketplace, and both their data security procedures and business processes have passed compliance audits and received independent certification. State National continues to invest in technology to ensure that their communication with lenders and their borrowers is based on the most current information and to minimize unnecessary notices and placements. State National also provides a dedicated service team and a unique contact phone number for each of their customers to ensure that they deliver personal service and respond to borrowers’ questions and needs promptly and courteously. The ultimate goal is to enhance the relationship between lenders and borrowers.

CPI benefits

In addition to protecting loan collateral, there are several advantages to CPI. Because only uninsured borrowers pay premiums, CPI is more equitable to the lender and its insured borrowers. Second, any lender costs associated with the program can be offset with an administrative reimbursement. Finally, since CPI transfers the risk of loss to an insurance company, loan portfolio expenses are predictable and loan business can be more competitive. Collateral protection insurance has proven to be the best and fairest source of protection for an auto loan portfolio. Understanding how CPI works will help you choose a provider that is best able to provide the protection and service you need and make your CPI program a success. u For more information about State National or CPI, please contact Bruce Scudder at bscudder@statenational.com or (978) 764-8072. Banking Solutions 2010 | 19

M arketing STRATEGY

Consumers Seek Engagement and Solutions Offline and Online

Consumers don’t wa n t t o h e a r the words “marketing” and “selling”– t h e y a r e wa r y o f being “sold.”

20 | Banking Solutions 2010

W

e have all heard that consumer trust in the banking industry remains relatively low. As Debbie Bianucci, president and CEO of BAI, put it in a May 2010 release, “Our latest research indicates that consumer sentiment toward the banking industry as a whole has declined in the past six months. In this same time period, many banks have experienced strengthened customer loyalty with their own customer base, as measured by improving customer satisfaction and engagement metrics. But when you look at sentiment toward the industry as a whole, the gap between what consumers and bank executives think has widened considerably.” Even in this time of economic uncertainty and financial legislation reform, little has impacted the retail banking industry, and consumer behavior, more than recent technological innovations. There has been overwhelming mainstream

acceptance of mobile devices such as application-driven smart phones, and social media is on fire, as Twitter and Facebook continue to impact how we interact, communicate and express ourselves. The continued proliferation of online banking, bill pay and personal finance tools have collectively made an indelible impact on the way your customers prefer to interact with you. Banks have had to shift service focus from in-branch sales to engaging customers and prospects on their own terms – when, where and how it is convenient for them, the customer. Generally speaking, consumers view banking as both a chore and a commodity. And while we try to compete by offering varying degrees of ease, convenience or price differentiation, it’s simply not enough. In addition, in this interest rate market, differentiation on price is difficult and simply adds to the commodity mindset of the consumer. So we need to do more, and we need to address the consumer differently. As a result, banks that are seeing improved customer satisfaction are getting there by engaging their customers in a more meaningful way. It is the era of Engagement Banking. Now is the time to engage our customers by establishing relevant dialog and conversation. Consumers and prospects need to be motivated and reached out to in ways banks have never seen before. Consumers don’t want to hear the words “marketing” and “selling” – they are wary of being “sold.” What they really need is help in managing daily finances and reaching financial goals. Banks need to be better positioned as a solution provider, but need to do so through the execution of an experience, not simply through traditional branding. This means bankers need to actively engage their customer across all channels, through

By Bryan Clagett

both human interaction and technology driven experiences. Easier said than done. As reported by online bank branding resource The Financial Brand, “People aren’t interested in listening to you talk… about you. If you want to see someone’s eyes light up, ask them questions and encourage them talk about things that interest them – namely themselves, their experiences, their questions and their concerns.” Rudimentary messaging and branding strategies, combined with employee training, can address some aspects of engagement banking in the branch and the call center. But how do you begin to engage your customers online and through all your alternative delivery channels? This is a particularly important consideration as your customers continue to adapt to online and mobile banking technologies. And clearly, you’ll want to impress Gen Y. Start with the web. The Internet can be leveraged beyond the mere transaction. It’s time to move beyond online banking as we know it today. Personal financial management (PFM) goes well beyond simply providing retail banking users with another online transaction tool. PFM is the ideal engagement tool. By offering account aggregation and budgeting and cash flow tools, a bank can get closer to consumer needs. Certainly the added ease and convenience associated with PFM is of tremendous value, but the ability to identify member need and then offer a relevant online messaging strategy is priceless. A kind of intimacy can evolve from better aligning relevant offers with specific needs. A closer, more focused relationship with your online banking users no doubt drives satisfaction and share-of-wallet. Customers are decreasingly making a distinction between what is physical, such as interpersonal interactions with

tellers, and what is digital, such as online bill payment. Consumers expect a high level of customer service to be delivered seamlessly and consistently across multiple channels. The data and consumer understanding obtained through PFM does not need to stay within the online experience. This data should be leveraged to enhance other channel experiences, ideally where there is human interaction, such as in branch or via a call center. Simply put, PFM can drive the relevant conversation and could be the epitome of engagement, because it provides bank and marketers with real-time insight into the holistic needs of the consumer. Imagine your CRM or MCIF system supplemented with what can be learned, in real time,

from your online users. The financial services industry needs to be better prepared to offer consumers empowerment and engagement. The competitive and legislative landscape will continue to evolve – and so shall the opportunities – if you engage consumers by leveraging technology and clearly appreciate the fact that it is the customer who calls the shots. u Bryan Clagett is the chief marketing officer of Geezeo, a provider of online financial management solutions for banks and other financial institutions. For more information about Geezeo, please www. geezeo.com or contact Clagett via at bclagett@geezeo. com or via telephone at (757) 645-2490.

Banking Solutions 2010 | 21

By Patrick “PJ” Schunke

M arketing STRATEGY

Marketing a Necessary Evil and/or beautify the look and feel of their statements without requiring expensive and time-consuming changes. You can transform unattractive, basic, monochromatic statements into documents that use color, multiple fonts and data-driven graphics and messaging for close to or less than what you are paying now.

Save money, make money

The key to s u c c e ss f u l c r o ss - s e l l i n g and up-selling is to focus your efforts on meeting the customer’s needs, r at h e r t h a n s i m p ly pushing products and services.

22 | Banking Solutions 2010

A

t a time when banks are under enormous pressure to improve their bottom lines, strengthen margins and increase market share, cross-selling can be a powerful survival tool. Banks can anticipate that crossselling to their existing customers will be the most significant source of growth over the next year. Retaining current customers and engaging them in all your products and services is vital. So why not take a necessary evil – your monthly statements – and turn them into marketing tool that can increase revenue and reduce expenses? For many banks, producing monthly statements can be costly, timeconsuming and quite simply a necessary evil. Despite these undesirable qualities, producing them is absolutely necessary to maintain compliance and provide customer service. What if you could take your mundane, black-and-white statements, laden with inserts and heavy in postage, and turn them into an eyecatching, information-rich, full-color marketing tool that capitalizes on all the unused white-space – and that can be delivered electronically? Statement enhancement and redesign is an innovative offering that allows banks to redesign, clean up, reformat

Eliminate the cost of inserts with “onserts,” placed directly on the face of your newly redesigned statement, reducing print costs as well as postage costs. Customize and change your offers monthly and target your audience; you can segment customers and deliver targeted offers on statements delivered electronically or printed and mailed. The chances are greater of a customer reading an onsert instead of an insert, which is usually discarded as soon as they open the envelope. Customization can include large, easy-to-read fonts for seniors; cool graphics and vibrant colors for Gen X customers; a rich look and feel for Platinum accounts; or seasonal themes. The key to successful cross-selling and up-selling is to focus your efforts on meeting the customer’s needs, rather than simply pushing products and services. Banks can facilitate targeted affiliate and partner advertising campaigns, and generate revenue by selling white space to business clients. For example, a local construction company – that is also one of your customers – can purchase an onsert on your statements, targeting customers who have just procured a home equity loan through your bank. Alongside the onsert, your bank markets your home equity loan rates. Improve your image and branding, and differentiate your bank from others continued on page

27

my core processor doesn’t give me the same functionality my competitors have…

thankfully. Being a DCI client is different than the usual core processing experience. DCI customers play an integral role in our ownership and the development of our leading-edge iCore360® technologies. Just ask Fred Henrich, president of Coatesville Savings Bank in Pennsylvania. “We chose DCI and iCore360® because the flexibility in design will easily grow with us and expand our competitive capabilities. And DCI is a great partner. We enjoy their frequent visits, the access to executive management and having a voice in the iCore360® development process.”

At DCI, we always remember who we work for. Because we are privately owned by banks, you can be sure we focus on what’s best for you. Join Fred and bankers nationwide who enjoy today’s most advanced technology, backed by nearly 50 years of personal relationships, for a more rewarding banking experience, focused on you.

Make it personal. Make DCI your core processor.

— Fred Henrich

President, Coatesville Savings Bank

a more rewarding experience, focused on your success

featuring:

• 620.694.6800 • datacenterinc.com

R isk Management STRATEGY

Effective ERM: The Roadmap to Operational Efficiency for your institution. A structured ERM program provides a holistic view of the institution’s business opportunities and risk profile, with the goal to minimize operational losses while maximizing returns on new business ventures.

Understanding the risk management lifecycle

R

isk management used to be a “trial by fire” method of operation: You wait for something to happen and clean up the mess when it does. Today’s world of on-demand information, market fluctuations, and constantly evolving computer vulnerabilities requires a much more proactive approach. Enterprise risk management (ERM) helps business leaders control risk and make decisions swiftly. The challenges for any risk management system stem from complexity in maintenance and coordination. Each new regulatory mandate adds a new project initiative, and the integration and maintenance of these new project initiatives usually involves little synchronization. By instituting ERM, you will have set the framework for evaluating uncertainties, thereby managing threats and providing opportunity to build value

24 | Banking Solutions 2010

In order to better understand the process of ERM, consider the risk management lifecycle. Composed of three separate parts – assess, audit and remediation – the lifecycle will help you link previously unconnected activities. First, you assess the likelihood of adverse effects that may result from exposure to vulnerabilities. Following the assessment the audit examines and validates the controls and records your performance against internal policies and procedures. Lastly, the institution remediates control deficiencies and develops response plans. Having a strong risk management life cycle in place provides protection against unforeseen business or regulatory changes and is the base process necessary for an effective ERM program.

Two paths for successful ERM

There are two approaches that you can take when creating an ERM program, but both take into account the same four elements within the institution: strategy, reporting, compliance and operations. Knowing which one will work best in your institution is best determined by looking at whether your institution views its world operationally or strategically. If your institution has a business model where the strategic objectives come first, the top-down method will work most effectively (see graphic at right). First, you take into account the strategic objectives of the institution. Next, you identify the positive and

By Michael Cohn

negative events that affect the institution and whether they come from an internal or external source. Third, you distinguish the influencing factors of the events, such as those that are related to swings in the economy or technology dependent. Lastly, event identification will recognize the impact these events will have throughout the organization if the event occurs. A bottom-up approach works best when an institution is operationsoriented. Beginning with each business operation, you must create an inventory of the people, business processes and technologies used therein. Next, you utilize a common language of assessing risk. This common language means measuring the quantity (or inherent) risk against the quality of risk management and controls. Once residual risk has been measured, it is time to integrate individual risk management assessments (i.e. technological, vendor, transactional, etc.) with each assessment focusing on different threats. Lastly, you must communicate with directors and executive managers so that they can evaluate risks and controls according to the products and services offered.

Key success factors for an effective ERM program

An ERM program can only be as successful as the sum of its parts. Defining a risk management methodology with measures consistent throughout the institution and aligned with the institution’s strategy will warrant a workable program. Remember that simplicity is fundamental in order to make the ERM program explainable to each person in the institution. Additionally, the roles and responsibilities of the program should be understood by everyone. The institution’s board of directors and audit committee must provide guidance and oversight with support for the program articulated and

enforced at the executive level. Finally, the program must be viewed as a living thing, so as regulatory and economic factors change, you integrate new risk management tools into the daily activities and operations. A structured ERM program can increase the operational efficiency at your institution by providing insight to minimize operational losses while maximizing returns on new business ventures. The institution can begin to address risk from a strategic nature, first aligned with business objectives or across operational units and business lines. Whichever approach is chosen, the program needs to be adopted across the organization, practiced by all employees, and supported by management and the board at every turn. u Michael D. Cohn, CPA, CISA, CGEIT, is the director of WolfPAC Solutions Group at Wolf & Company, P.C., a certified accounting and business consulting firm headquartered in Boston, Massachusetts. Find out more about effective ERM at www.wolfpacsolutions.com.

Defining a risk management methodology with measures consistent throughout the institution and aligned with the institution’s s t r at e g y w i l l wa r r a n t a workable program.

Top-down

Strategy Reporting Compliance Operations

Bottom-up Banking Solutions 2010 | 25

By John M. Floyd

R isk Management STRATEGY People

Maintaining Long-term Stability in an Unstable Environment

W

Don’t just look for the quick fixes when identifying sources o f s av i n g s a n d n e w product offerings.

26 | Banking Solutions 2010

ith the implementation of Regulation E restrictions on overdraft charges for electronic transactions and passage of the Dodd-Frank Financial Reform Bill, community banks have a better idea of the challenges they face in the future. Unfortunately, the new rules, implemented to prevent a repeat of the Wall Street meltdown that threatened America’s entire financial system, are fraught with restrictions that cast a disproportionate burden on Main Street institutions. As regulators complete the process of writing and implementing the specific new rules tied to financial reform, community banks could be burdened with additional costs and loss of fee income that some industry experts fear will have devastating effects. Additionally, forecasts for continued economic improvement have been downgraded by slow growth in the second quarter and lagging employment statistics. In light of the possibility that new regulatory and legislative requirements will result in lost fees and additional implementation costs, some institutions may announce or prepare to implement additional service fees. But consumers, who are also continuing to deal with an uncertain economic future, are demanding that any additional costs are accompanied by valuable services. And while they don’t hesitate to complain about unnecessary fees, most are willing to pay a reasonable charge for a service that helps them maintain financial stability.

Complete a thorough review of your organization Banks would be much better served, both immediately and in the long term, by putting in motion a series of strategies designed to reduce expenses, increase income and enable employees

to focus more of their time and attention on helping account holders with valuable financial services. By spending the time to evaluate your organization from top to bottom, you can find ways to streamline processes, improve employee performance, build stronger customer relationships and increase the value of your bank. This process should involve bank leadership and key employees asking hard questions. Areas that should be evaluated during this process include: • Organizational structure. Senior management should determine departmental functionality, noting any personnel and staffing issues. Departmental needs and budgets should also be analyzed as you look for ways to improve efficiency. • Department workflow. How is the staff workload distributed? Is there too much or too little work for current employees? Re-examination of all departments will help you to eliminate work duplication and possibly find cost savings. • Program compliance. Now isn’t the time to try to implement financial services that might not meet new and existing regulations, as well as interagency guidance and best practices. Make sure your overdraft privilege program will pass your next compliance exam. Once you have completed this process and re-engineered your basic systems, take a look at both sides of your balance sheet to determine how you might lower your operating expenses and increase your revenue. But as initially stated, don’t just look for the quick fixes when identifying sources of savings and new product offerings.

Review your service contracts

Whether your bank has one location

with an ATM or multiple branches serving different cities and states, negotiating through the maze of service contracts can seem like a daunting task – especially when you are already strapped with additional responsibilities and expectations. However, you may find substantial savings and improved service from your vendors if you take the time to re-negotiate your contract terms and conditions. Areas where cost-savings and service efficiencies can be experienced include: • ATM/debit card processing • Check vendors • Core data processing • Telecommunications • Image/item processing

Necessary Evil continued from page

22

with this groundbreaking technology that not only minimizes your costs, but also makes you money. Get in on the ground level and gain a competitive advantage in the marketplace.

Delivery methods

While you may have a broad mix of customers, they are all looking for convenience, speed, security and good service from their bank. And whether your services include online banking resources, protection from fraud and identity theft, or a safety net in the event customers encounter an unexpected emergency, by emphasizing organizational efficiency, regulatory compliance and cost-effectiveness you can distinguish yourself from your competition. And in a post-recession period, having an experienced business partner to steer you through the regulatory maze and provide solutions to help you lower your expenses and increase your income, will help you maintain stability in an unstable environment. u

You can print and mail statements to your existing customers, or you can take it a step further. Illustrate your commitment to the environment with electronic delivery of interactive PDFs. Statements arrive in inboxes as interactive PDFs, which include drilled-down information about their accounts, plus your targeted marketing onserts. When they click an onsert or advertisement, they are driven directly to your website page highlighting that promotion. Now we’re driving business to your home page. Take it another step further! Let’s run a report to see who visited the offer page and have your marketing department contact them with more information. FSI recognizes that today’s customer base is changing and that you need to change with it. We understand the need to improve communications and marketing efforts to your customers while minimizing costs. FSI is providing enriched solutions, revenue enhancements and cost reductions to your bank. FSI has come up with a way for you to differentiate your bank from others, by providing a new platform for electronic document delivery and producing revenue through crossselling to your existing customers. u

Recognized as a leader in the financial services industry, John M. Floyd is chairman and chief executive officer of John M. Floyd & Associates (JMFA), a profitability and performance improvement consulting firm, based in Baytown, Texas.

Patrick “PJ” Schunke is senior vice president and managing director of data processing for FSI. For more information about how FSI can improve your communications efforts while minimizing costs, visit www.insidefsi.net.

Quality programs and services set you apart

Banking Solutions 2010 | 27

R isk Management STRATEGY People

I Know it When I See it: What Board Compensation Governance and Pornography Have in Common

G

E a c h o r g a n i z at i o n is responsible for its own c o m p e n s at i o n design and risk management to ensure the safety a n d s o u n d n e ss of the bank.

28 | Banking Solutions 2010

overnment oversight of compensation issues is the inevitable fallout of the bank bailout during the Great Recession of 2008. Community bank compensation programs are now subject to intense review under the Dodd-Frank Wall Street Reform legislation, intended for publicly traded banks, and the recently announced Sound Incentive Compensation Guidance, which applies to all banks, regardless of size. Even routine safety and soundness examinations place great emphasis on compensation governance and incentive plan risk-management. Bank boards and executives will certainly be expected to perform under new rules, new roles, and new responsibilities as a result of government intervention into compensation programs. How can community bank boards and management prepare to meet the regulators’ expectations? Community banks should embrace and demonstrate strong compensation governance. Regulators have rightfully linked strong compensation governance with successful banks. The problem arises when we attempt to determine what constitutes strong compensation governance. Congress, the Treasury Department and the FDIC have issued only broad principles, not a set of precise rules and definitions, to guide boards through the maze of community bank compensation issues. There are no quantitative benchmarks which boards must meet in order to achieve strong compensation governance. In many ways, defining “strong compensation governance” is akin to defining pornography. In the past 60 years, there have been many attempts by various courts to reach a consensus of the definition of pornography. In a 1964 U.S. Supreme Court case, Justice Potter Stewart made an attempt to define pornography and wrote the

best description he could conjure: “I know it when I see it.” Regulators are grappling with many forms of acceptable compensation governance practices, and many instances of less than successful governance practices. They have no reliable list of prescribed do’s and don’ts, and so must resort to the standard of knowing strong compensation governance when they see it. This may not be helpful to community bank boards, but it does offer boards the opportunity to review, reflect, reassess and rewrite their compensation governance practices. In my experience, boards which pass regulator review in regard to compensation governance include board members who understand a realistic business mission for their bank. These boards have independent compensation committees which actively monitor compensation. The board members actively monitor risk and reward, questioning whether their incentive plan practices may motivate undue risks. Such board members will ensure that management is focused on the business of the bank, and not on pay. It is equally important to understand the complaints which regulators have registered against banks with weak compensation governance. Such situations include the “one-man bank,” wherein a board is bullied by a CEO. Often, boards have no memorialized compensation philosophy and no demonstrated method of monitoring pay. And a quick estimation will tell the regulators there is a problem when total board and executive compensation are not justified by bank financial performance. Regulators expect bank boards to take immediate action to address deficiencies in compensation related risk-management and governance process. Here are my recommendations for community bank boards:

By Arthur Warren

Arthur Warren, Esq. Executive Compensation and Benefits Consultant

Arthur Warren Associates • Review and revise compensation philosophy for executives and for board members to ensure support of the business strategy given this new economy. • Establish or enhance the compensation committee with outside members, active pay monitoring procedures, and detailed meeting minutes. • Audit and redesign all incentive plans to determine if they encourage too much risk, which would impair asset quality and capital. • Design and implement a clawback policy to recover incentive awards based on financial inaccuracies. • Reward and attract top executive and board talent with competitive compensation programs that are benched-marked against realistic peer banks. The standards for balanced compensation arrangements will vary among community banks. Each bank has unique board, management and employee talent. A compensation plan for one bank will not necessarily be found appropriate by regulators, even for a peer bank. Each organization is responsible for its own compensation design and risk-management to ensure the safety and soundness of the bank. When community bank boards practice strong compensation governance, their efforts will be evident – and the regulators will know it when they see it. u Arthur Warren, Esq. specializes in executive and board compensation and benefits planning. He has more than 30 years experience in the design and administration of compensation, benefits, perquisites and employment arrangements with over 100 community bank clients. He can be reached at arthur@afwarren.com or (508) 660-0280.

1600 Boston-Providence Highway Walpole, MA 02081 508-660-0280 arthur@afwarren.com www.afwarren.com

Compensation Audits for Bank Regulator Safety and Soundness Examinations Bank regulators are focusing on Board Compensation Governance, Board Fees, Executive Salaries, Incentive Compensation, Benefits, SERPs and Perquisites. I offer my services to assist you.

Compliance

My office conducts confidential audits to address potential regulatory deficiencies regarding Compensation Governance, Compensation Plan Design and Incentive Plan Risk-Management.

Credibility

I work in partnership with my clients to identify problems and develop practical solutions.

Confidence

I am an independent advisor with more than 100 community bank clients in 12 states. I provide services on a fee only basis.

Plan Now and Avoid Problems Later

You can order a professional reprint of any article in Banking Solutions 2010.

To learn more visit our website at www.thewarrengroup.com/portal/Publications/Reprints/tabid/149/Default.aspx

Banking Solutions 2010 | 29

By Mike Potter

R isk Management STRATEGY People

Overdraft Programs: The Next Chapter

B

ased on conversations with bankers, association executives, and the content of some recent examinations, I’d like to offer a few comments on the post-Regulation E environment for your consideration. For the last five years at least, the regulatory community has promulgated multiple rounds of guidelines and descriptions of best practices that largely focused on more and more disclosure of the nature of overdraft programs, so that customers were better prepared to understand them. The underlying premise seemed to be that customers were under-informed, and that if they had better information, such as adding the Reg. DD additions to monthly statements, they would use overdraft services less often. The Reg. E amendments took that idea to a new level by requiring that customers specifically opt in to having their debit and ATM transactions covered before the bank could charge a fee for providing overdraft services on those transactions. The simple fact, however, is that none of the enhanced disclosures have resulted in any discernable change in customer behavior. Similarly, my conversations with bankers who have successfully completed their Reg. E efforts in recent months suggest that the Reg. E amendments are having relatively little impact on customer acceptance of well-designed overdraft programs, other than making everyone’s lives a bit more complicated. All of this suggests that customers do not behave the way they do because they lack information, despite the desire of some industry observers to believe that. Customers behave the way

30 | Banking Solutions 2010

they do because they find strong value in the overdraft services offered by the vast majority of community financial institutions. The focus of the regulatory community seems now to be moving beyond how much information the customer has about their overdraft program to assessing how much information the financial institution has about their overdraft program. Further, additional focus is being placed on determining if the program’s risk is managed appropriately, and if the manner in which the program is being offered is potentially in violation of the Federal Trade Commission’s definitions of Unfair or Deceptive Acts or Practices (UDAP). This article cannot hope to fully discuss these issues, but all bankers should be aware of some basics, including the recently proposed guidance from the FDIC and OTS. The recent publication by the OTS of their proposed Supplemental Guidance on Overdraft Protection Programs is something that all bankers should consider. An excerpt from this proposed guidance is instructive: “Although OTS believes that many institutions provide overdraft protection in a responsible manner, the proposed guidance, if adopted, would conclude that institutions that engage in certain overdraft practices violate the prohibition on unfair or deceptive acts or practices in section 5 of the Federal Trade Commission Act (FTC Act). OTS has recently articulated the standards that it applies to determine whether an act or practice is unfair or deceptive under the FTC Act.” The guidelines go on to make it clear that “The adoption of these standards provides OTS with a useful method of

analyzing whether practices are unfair or deceptive. The other federal financial institution regulatory agencies and FTC take the same approach. (Emphasis added.)” The proposed guidelines provide specific definitions of the kinds of “harm” that customers might suffer as a result of an improperly managed program that could be found to violates. Let’s be clear. The vast majority of community banks try very hard to offer services that benefit their customers and the bank. No bank can thrive in the long term by mistreating customers, even unintentionally. The OTS discussion would seem to agree with that opinion. Though this proposed guidance is not yet final as this article goes to print, I offer the thought that community bankers who review the new proposed FDIC guidance on overdraft programs with an eye toward thinking about the design, execution, communication, and daily management of their overdraft programs might find valuable material here. Main Street bankers have already been unjustly tarred with the same brush that should have been exclusively aimed at the instigators of the mortgage market meltdown. Prudent risk management (particularly “reputation risk” management) can help ensure that the egregious behavior of a handful of players doesn’t destroy the perceived value of a service that the vast majority of our customers enjoy. u Mike Potter is senior vice president of Houstonbased Strunk & Associates, L.P. Strunk’s Overdraft PrivilegeSM service is the most frequent choice of bankers around the country. He can be reached at mpotter@strunklp.com.

Do you have the right tools to reach your destination?

It could get rough between here and the horizon.

For more than three decades, through strong and weak economies, JMFA has helped thousands of financial institutions improve their bottom lines and perform at their peak through innovative programs and products, and unsurpassed service. JMFA is the total solution for smooth financial sailing.

®

JMFA OVERDRAFT PRIVILEGE · Non-Interest Income Enhancement· Executive Recruitment Service Process Improvement· Sales and Service· JMFA Contract Optimizer www.JMFA.com· 800.809.2307

© 2010 John M. Floyd & Associates, Inc. J|M|F|A® and JMFA OVERDRAFT PRIVILEGE® are registered trademarks of John M. Floyd & Associates, Inc.

experience the difference is

From site evaluation to building design to construction administration, DRL Associates can help you realize your vision, goals and budget for your bank’s new facility or branch renovation. Contact us and discover the value of working with an experienced design partner.

2 West St. Suite G Weymouth, MA 02190 tel. 781-331-8541 http://www.drlarchitects.com

DRL ARCHITECTS

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.