SDBA eNews

September 1, 2022

"SDBA Bank Squawk" Podcast Hosts First Guest, U.S. Senator Mike Rounds 

On Tuesday, August 16, U.S. Senator Mike Rounds joined Karl at the SDBA Office to talk about current banking issues and the impact they're having on the banking industry. Karl and Senator Mike Rounds talked about the Inflation Reduction Act (IRA), ECORA, the SAFE Banking Act and ESG. They also discussed the ongoing turbulence overseas between Russia and Ukraine, and China and Taiwan. The episode wraps up by briefly discussing Mike Round's decades of service to South Dakotans by way of a decade in state legislature, two consecutive 4-year terms as Governor and now, his second term as United States Senator. 

Catch the podcast episode here: Today's Banking Industry with U.S. Senator Mike Rounds 

Registration Open for SDBA's Next Step: Emerging Leaders Summit

The SDBA will host its 2022 NEXT STEP: Emerging Leaders Summit, October 19-20, at the Holiday Inn in Downtown Rapid City, S.D. This event encourages emerging bank leaders to find and express their voices within their organizations, communities and the banking industry and provides opportunities to network and exchange ideas with other industry professionals. It will also increase emerging bank leaders’ knowledge of topics of interest to the banking industry and promote involvement and advocacy.

The event will begin Wednesday afternoon at 1 p.m. MDT, with a reception that evening. We’ll resume the program Thursday morning and adjourn by noon. 

View the full agenda here. 

To register for the event click here. 

Nominate an Outstanding Woman in Banking Today! Submissions Close September 3! 

Each fall, BankBeat honors Outstanding Women in Banking. Nominations for bankers who have made outstanding contributions to their bank, industry and community will be accepted until September 3. The Outstanding Women in Banking program is sponsored by DCI. 

Nominated bankers should work in a bank from one of the following states: Colorado, Illinois, Indiana, Iowa, Kansas, Montana, Michigan, Minnesota, Missouri, Nebraska, North Dakota, South Dakota, Wisconsin or Wyoming.

Send nominations by September 3 to Mara Gawarecki at [email protected] or use snail mail: BankBeat, NFR Communications, 945 Winnetka Ave. N., #145, Golden Valley, MN 55427.

Click HERE to nominate a banker online.

Last Day to Order Your 2023 Scenes of South Dakota Calendars Before Price Increase! 

The SDBA is still taking orders for the 2023 Scenes of South Dakota Calendars! 

Orders placed by September 1 will receive the low price of $1.55 per calendar. After September 1 price will be $1.75 per calendar. Each order will have an additional $25.00 production charge (layout for press run, in-house press proof, boxing, labeling), plus shipping. Orders CANNOT be accepted after September 15. 

SDBA's IRA School to be Held in September

The SECURE Act impacts two main topics: RMDs and death distributions. The SDBA will offer the 2022 IRA School on Sept. 27-29 at the ClubHouse Hotel and Suites in Sioux Falls, and will address these relevant changes. In addition, IRAs are one of the most complicated areas of bank personnel responsibility, and it is very challenging to learn and understand everything. Continual education is necessary to ensure confidence. Working with IRAs is a process and must start with a strong foundation. This school can provide a firm foundation through a comprehensive curriculum.

Attendees can register to attend the full school, days one and two only, or day three only. For more information or to register, click here.

Arctic Wolf Presents: Up Your Grill Game with BBQ Expert Kevin Bludso

Join Arctic Wolf on Thursday, September 15th for sizzling security conversation and BBQ best practices with pitmaster, Kevin Bludso. Leaders from Arctic Wolf will walk you through the benefits of a security operations approach and how we keep thousands of organizations safe. Then, Kevin will answer attendee questions, share his story, and dish out BBQ tips and tricks so you can up your grill game! Register today! 

Annual Security Seminar to be Held on October 27

The Annual Security Seminar will be held on October 27, 2022 in Sioux Falls, S.D. at Hyatt Place Sioux Falls South. This well-rounded seminar presented by Barry Thompson focuses on a range of issues of concern to security officers, facility personnel, and management. Using current trends and examples, a variety of topics will be covered: 

  • The Security and Fraud Practitioner
  • Active Shooter: The Warning Signs
  • Cash Recyclers, Pod Banking, and ITMs
  • I Knew Something Was Wrong
  • Board Reporting: The Security Perspective
Security officers or directors, operations managers, auditors, HR directors, legal staff, loan officers, disaster recovery managers, collection staff and fraud investigators would benefit from this seminar. Registration can be found by clicking here. 

#BanksNeverAskThat Campaign

ABA’s #BanksNeverAskThat anti-phishing campaign was a big success in 2020 and 2021. They’re bringing the campaign back this October to help even more consumers beat scammers at their own game. They've added new content to their easy-to-use turnkey toolkit, including videos, social posts, digital signage, printables and more. 

Every day, thousands of people fall victim to fraudulent emails, texts and calls from scammers pretending to be their bank. They want to change that by raising awareness among banks and their customers of best practices for phishing defense. Utilize their tools and resources to run a stellar antiphishing campaign, and educate and protect your customers every step of the way.

Sign up to receive your easy-to-use toolkit before kickoff on October 3! 

CISA News: THREAT ADVISORY: Online Banking Advanced Social Engineering

SBS CyberSecurity has been made aware of an attack on customer online banking accounts. This attack is a combination of:

  • Social engineering
  • Open-source intelligence (OSINT)
  • Dark web content purchase

This new twist on an old attack is an advanced social engineering attack, targeting customers that are connected to their financial institution via social media. Attackers leverage social media and open-source intelligence (OSINT) to gather reconnaissance information on a customer, then contact the customer while posing as the financial institution.

The attacker's objective is to convince the customer that their online banking account has been compromised and the customer needs to change their online banking password to a "temporary" password and provide the MFA code. Once successful, this attack will give the attacker full access to the customer's online banking account, which has and will lead to a significant loss of customer funds.

SIEM or IDS/IPS cannot identify the attack, and no indicators of compromise are present until customers complain about their accounts being drained of funds.

The attacker starts by:

  1. Using recon from a financial institution’s Facebook page. Individuals who “like” the financial institution’s posts appear to be the attackers' primary targets, giving the attacker a probable customer target list.
  2. The attacker then performs OSINT on these customers, gathering details about the potential customer and creating their own social profile. OSINT allows anyone to be profiled for their public information, such as their street address, phone number(s), email addresses, other social media accounts, date of birth, etc.
  3. The attacker utilizes the dark web and internet search resources for potentially compromised personally identifiable information (PII) for the customer, including Social Security Number (SSN) and any other account numbers from previous compromises.

Once the attacker has a complete OSINT profile of the potential customer:

  1. The attacker may make some innocuous calls to the financial institution to verify that the person is indeed a customer at the financial institution.
  2. Once verified, the attacker plans an advanced social engineering attack on the customer.
  3. The attacker pulls up the financial institution’s online banking webpage and calls the customer.
  4. The attacker spoofs the financial institution’s phone number to appear official.
  5. The attacker convinces the customer that their online banking account has been compromised, asking the customer to then browse to the financial institution’s online banking portal.
  6. The attacker may use the customer’s previously obtained information to convince them that they are official.
  7. The customer is directed to the financial institution’s website and asked by the attacker to reset their password to something simple, like “password1234”. The customer might tell them that they do not want their password set to that. The attacker states they understand that, and this password reset is only temporary. Victims stated that the social engineers are very convincing and have even been able to convince the victims to provide the attackers with the resulting MFA authorization code, where needed.
  8. Once the password is reset, the attacker has access to the customer’s account and can drain customer funds in various ways.

Currently, the only known ways to potentially protect your online banking customers against this fraud are:

  • Disable the “reset password” button on the online banking website for the short term. This will cause a potential customer service issue until the hackers move on to another target financial institution.
  • Inform your customers of this ongoing social engineering attack and provide education on how the customer can best protect themselves.
    • Remind customers that the financial institution will never ask for passwords or MFA passcodes.
    • Encourage customers to set up appropriate online banking alerts (SMS or email), including alerts for password reset and large transfers.
  • Review social media privacy settings and consider restricting which users can see who “likes” or comments on social media posts.

If you have a customer that has fallen victim to this attack:

  • Collect incident details, including:
    • Phone number of the customer that was called
    • Date and time of the call
    • Call duration (if possible)
  • Contact the FBI and be prepared to share details of any attack your financial institution is experiencing.

This attack is widespread. The FBI is aware of the issue and is actively working to mitigate the attack.

  Compliance Alliance logo


Q.  If an individual named as a beneficial owner of a new legal entity account is an existing customer of the covered financial institution subject to the financial institution’s CIP, is the bank still required to identify and verify the identity of this individual or may it rely on the CIP verification of the individual that it previously performed?

A.  In general, banks must identify and verify the identity of beneficial owners of their legal entity customer at the time of account opening. If the beneficial owner, however, is an existing customer of the bank who is subject to the bank’s CIP then the bank may rely on information in its possession to fulfill the CIP identification and verification requirements, provided that the existing information in the bank’s possession is up-to-date, accurate, and the legal entity customer’s representative certifies the accuracy of the pre-existing CIP information either verbally or in writing.

Compliance Alliance offers a comprehensive suite of compliance management solutions. To learn how to put them to work for your bank, call (888) 353-3933 or email [email protected] and ask for our Membership Team.

For timely compliance updates, subscribe to Bankers Alliance’s email newsletters.

 SDBA eNews Archive
View past issues of the SDBA eNews

Advertising Opportunity
Learn more about sponsoring the SDBA eNews.

Contact Haley Juhnke, SDBA, at 605.224.1653 or via email.