ABA Newsbytes: Inspector general report finds FHFA systems vulnerable to hacking

August 14, 2024 

The Federal Housing Finance Agency’s information technology network has “serious vulnerabilities that increase the likelihood that hacking attempts will succeed,” the FHFA Office of Inspector General concluded in a new report.

The office noted that the FHFA’s network and systems host a variety of data and information, such as financial reports and data from Fannie Mae and Freddie Mac and the Federal Home Loan Banks. However, in a penetration test conducted by the office, it accessed a privileged user account that allowed it to view, edit or save files on the local drives of any user’s laptop or desktop, including FHFA executives at the highest levels.

“We were also able to elevate a standard user account to a domain administrator and take full control of FHFA’s network,” according to the report. “We essentially had unfettered access to the agency’s information technology infrastructure.”

The office made 22 recommendations as a result of its findings. The FHFA agreed to the recommendations and has taken corrective actions, such as updated password creation features and additional employee training.

Link to Original Article.

CISA NEWS: The Rise of Impersonation Scams

In an era when digital connectivity is integral to daily life and the economy, the threat of impersonation scams has grown exponentially. These scams, in which imposters mimic trusted entities to deceive individuals, have led to staggering financial and personal losses. The Federal Trade Commission reported over $1.1 billion in U.S. consumer losses due to such scams in 2023 alone​​.

Impersonation scams are not just simple tricks but a sophisticated form of social engineering where cybercriminals use techniques such as phishing and smishing to direct individuals to fake websites that look and feel like legitimate ones. These attacks can lead to account takeovers, identity theft, and significant financial loss. Cybersecurity and online protection review site DataProt found that a new phishing site was created every 11 seconds in 2023, underscoring the scale of the problem​ and the need for increased vigilance in detecting these sites. A massive online campaign targeting popular apparel brands such as Nike, Crocs, and Adidas was uncovered by Bolster last year. This campaign employed typosquatting, which relies on consumers mistyping a popular company’s web address to direct them to a malicious site.

The proliferation of AI technologies has further exacerbated this issue, making it easier and faster for fraudsters to create convincing digital fakes. Companies and consumers often fail to detect these fraudulent sites quickly, leaving them vulnerable for weeks or months. In addition to consumer impact, damages to businesses can be severe, including financial losses, increased expenses, and reputational damage​.

Companies’ current approach is to scan the internet for illegitimate domains and file a request to remove illegitimate copycats. Yet “scanning the internet for new domains takes time, and is done at intervals, between which a new fake site can go live, be used for an attack, and be taken down by the cybercriminal,” said Israel Mazin, co-founder, CEO, and chairman of Israeli cybersecurity firm Memcyco.

Continue reading here.

---

ABA Newsbytes: Three key ways banks can drive core checking deposits

August 13, 2024 | By Kristopher Lazzaretti

Checking accounts may not be the most glamorous of financial products. But ask any banker or regulator to identify the cornerstone of a strong, stable institution and most will say it is a portfolio of retail checking balances. The inherent stability of FDIC-insured accounts, with low or no interest expense, are highly impactful to an institution’s overall soundness and even better for its bottom line.

Checking products almost always pay lower interest rates than high-yield products like money market accounts and CDs. Thus, from a pure expense perspective, it is clearly more favorable economically to grow checking balances, and especially non-interest-bearing checking balances.

Also to consider is that some customers who put money in higher yielding products are rate shoppers and will move from one institution to another as soon as a better rate comes along. Checking balances are less sensitive to such market forces. Here are three key ways banks can drive core checking deposits:

Understand what drives consumer decisions

When consumers switch banks, the reasons are many and varied. But the leading drivers that move customers from one institution to another are negative experiences, high or unexpected fees and life events.

The latter driver is an especially powerful force according to the excellent Path to Purchase Study published by Oliver Wyman. Their research found that nearly 75 percent of consumers who switched banks did so after experiencing a life event. In our experience, the top life events driving switching behavior include listing a home for sale, moving, getting married and having children.

Now, with technology enabling the ability to aggregate data on such events quickly and efficiently, banks can promote relevant products and offers to prospective switchers in near real time, at scale, in ways that were previously not possible.

Our internal analysis shows life event marketing typically generates 1.5 to 2.5 times the response of traditional marketing tactics. And when you consider that over a million life events occur in the U.S. every week, the opportunity for banks to grow their checking base is evident.

Recognize opportunities to optimize your offers

The reality is, almost all checking account marketing today is accompanied by the offer of a cash incentive, which means if you don’t have a competitive offer you’re not in the game. Unfortunately, the expense of these offers can be considerable and without proper analytical tools, a meaningful portion of newly acquired checking relationships can be quickly lost as those who were only interested in the incentive close their accounts (“gamers”).

The most sophisticated marketers are systematically testing multiple incentive amounts to develop offer elasticity curves, finding that after developing such curves, they can optimize account production vs. cost-to-acquire. Many find they end up paying a higher incentive up front ($400 or $500 vs. $300) but end up enjoying a lower overall acquisition cost thanks to better overall conversion rates.

Case in point: A super-regional bank found that by increasing their cash incentive on premium checking accounts by $100, they ultimately ended up lowering their incremental (or net-of-control) pre-incentive marketing cost-to-acquire by over $200, more than offsetting the additional offer expense.

To complement offer optimization programs, banks are also adjusting their targeting approaches to avoid those who are looking to close their accounts as soon as they receive the incentive. By systematically training marketing models to analytically remove these “gamers” from direct response marketing initiatives, banks are enjoying significant improvements in first-year retention.

With an elasticity curve and a targeting approach trained on quality response, further levers become available, such as optimizing offer stipulations by segment and implementing progressive offer designs (e.g., progressively offering higher incentives to high-potential households who have yet to convert).

Aim at small businesses

Banks are winning with the segment of businesses with annual revenues less than $10 million. One of the most powerful factors here is the average size of small business checking accounts. Marketing campaigns targeting established small businesses regularly generate average business checking balances of $15,000-$25,000 per account, far exceeding the $3,000-$4,000 average consumer checking balance generated in typical consumer campaigns.

And similar to consumers, small businesses experiencing milestone events can be good targets for business checking marketing. In fact, we’ve found that new-to-world businesses are four times more responsive on average to checking marketing than other small business segments. And with over 5 million new businesses formed over the last 12 months according to the U.S. Census Bureau, the market opportunity is material.

A common concern with these newly formed businesses is their capacity to fund accounts at attractive levels. To explore this concern, we monitored marketing-acquired checking accounts established by both mature businesses and new-to-world businesses for an 18-month window. We observed that, while average checking balances from mature businesses were 28 percent higher upon acquisition, the checking relationships generated by the new-to-world segment grew at a far more rapid pace, 131 percent, eventually converging with the mature segment, which grew by 86 percent over the same timeframe.

The clear fact is winning with the small business segment can be central to your overall success.

Kristopher Lazzaretti is president of data solutions at Deluxe, a full-service data, analytics and marketing services company.

Link to Original Article.

ABA Banking Journal: FinCEN releases commercial on beneficial ownership information reporting

August 8, 2024 

2025 South Dakota Bank Directory

All member banks have been contacted by NFR (our publisher for the SD Bank Directory) regarding any updates your bank may have. Please complete the form and send it back ASAP so that our 2025 directory can be as current as possible.

Place your order for your 2025 SD Bank Directory! All member banks, associate members, and endorsed vendors receive one complimentary copy.

2024 SDBA Annual Security Seminar

October 10, 2024 | Holiday Inn & Suites | 2040 Russell Street | Sioux Falls, SD

Registration is now open for the 2024 SDBA Annual Security Seminar, Thursday, October 10 at the Holiday Inn & Suites located at 2040 Russell Street in Sioux Falls, SD. This well-rounded seminar focuses on a range of issues of concern to security officers, facility personnel, and management. Using current trends and examples, a variety of topics will be covered, such as The Robbery Experience; Active Shooter Vs. Armed Robbery; Increasing Customer Service and Security; and Security Assessments. Security officers or directors, operations managers, auditors, HR directors, legal staff, loan officers, disaster recovery managers, collection staff and fraud investigators are encouraged to attend.

Information and Registration 

2024 SDBA NEXT STEP: Emerging Leaders Summit

Tuesday, October 29, 2024 | Holiday Inn City Centre| Downtown Sioux Falls, SD

Plan to attend the 2024 SDBA NEXT STEP: Emerging Leaders Summit in downtown Sioux Falls, South Dakota, on Tuesday, October 29, 2024. This year's agenda is another good one, with guest speaker and emcee kicking things off, Jack Stahlmann, the Don't Flinch Guy. Jack’s presentation, The Intangible It, examines the "it" quality movie stars possess that you can't quite put your finger on… or can you? Also on the agenda: former South Dakota Governor and Lt. Governor, Dennis Daugaard and Matt Michels; Marissa Brinkman; Sioux Falls Mayor, Paul Ten Haken; Janet Kittams with The Helpline Center; and South Dakota native, Andrew Kightlinger, film director and writer. Register for last year's registration rate through September 1st!

A small block of rooms has been held at the Holiday Inn, available through September 28. Make your reservation now!

Information & Registration

Question of the Week

Learn how to put compliance management solutions from Compliance Alliance to work for your bank, by contacting (888) 353-3933 or [email protected] and ask for our Membership Team.

For timely compliance updates, subscribe to Bankers Alliance’s email newsletters.

SDBA eNews Archive
View past issues of the SDBA eNews

Advertising Opportunity
Learn more about sponsoring the SDBA eNews

Questions/Comments
Contact the SDBA at 605.224.1653 or via email