Member Login
Search

SDBA eNews spring

May 1, 2025

News

SDBA Updates

SDBA Events

Online Education

Compliance Alliance

ABA Banking Journal: ABA raises concerns about proposed standardization of financial performance indicators

April 30, 2025

ABA raises concerns about proposed standardization of financial performance indicators

In comments today, the American Bankers Association said it does not support a proposal by the Financial Accounting Standards Board to establish and track a standardized set of financial key performance indicators for businesses.

A financial KPI is a measure calculated or derived from the financial statements and/or underlying accounting records not presented in Generally Accepted Accounting Principles, or GAAP, financial statements, according to FASB. The board late last year invited comment on whether to establish a standardized set of financial KPIs and whether that information should be disclosed in financial statements.

ABA is opposed to the proposal. Among other things, the association noted that stakeholders already receive the information they need through the disclosure of non-GAAP measures. It also said that codification of “non-GAAP” measures may create confusion regarding the well-established framework currently employed by the Securities and Exchange Commission for non-GAAP disclosures, and that the FASB will not have the necessary resources to perform the ongoing surveillance necessary to continually monitor and maintain an up-to-date list of financial KPIs.

“While GAAP provides a firm base of consistent and robust financial information for users, investors greatly benefit from non-GAAP information tailored to specific industries or entities,” ABA said. “Attempting to develop uniform definitions across all industries would introduce unnecessary complexity and could reduce the relevance of the resulting measures for end users.”

Back to Top

ABA Banking Journal: What’s next in the fight for financial literacy

Teach Children to Save Day is over, but the work continues.

April 30, 2025 | Lindsay Torrico

What’s next in the fight for financial literacy

Each year, on Teach Children to Save Day, banks across the country participate in creating a lasting, positive impact on young people and their financial futures.

This year, more than 11,000 bank volunteers from nearly 500 banks gave their time and talent on April 24 — and we took it to a new level.

Thanks to a new collaboration with the Department of Treasury, along with the hard work of our bank volunteers, we came together to further our mission — empowering the next generation with tools to save, invest and build wealth.

Treasury Secretary Scott Bessent provided the highlight. He recorded a video that was played during Teach Children to Save presentations to K-8 students across the country.

The secretary’s message to students, educators, parents and bankers was clear: financial literacy is a priority, and we all have a role to play in building stronger, more resilient communities.

This was a rallying moment for banks, nonprofits and government leaders to advance financial literacy — not just on Teach Children to Save Day, but all year long.

Here are three ways that banks can continue to drive that message in their communities:

1. Host financial literacy presentations year-round. To move the needle, teaching financial literacy should not be a one-time event— but an ongoing commitment year-round. While Teach Children to Save Day provides a great start, schools and youth organizations benefit from ongoing workshops. Banks can develop monthly or quarterly presentations focusing on budgeting, savings and credit management. They can establish strategic partnerships with local schools and lean on trusted nonprofits like Junior Achievement to coordinate volunteer activations on a regular basis. Sign up for the Teach Children to Save program to access free ABA Foundation resources all year and continue to show Secretary Bessent’s video during presentations to underscore that students are a critical part of a larger financial ecosystem that allows our country to thrive and flourish. Capture the positive energy at those sessions by posting pictures and videos to your social media channels showing the learning in action, so others in the community know about your efforts.

2. Help implement financial literacy curriculum in your state. Banks can play a vital role in supporting the implementation of financial education in classrooms. With 27 states now requiring students to take a personal finance course to graduate high school, many states are determining how to incorporate it into school curriculum and bankers can help ensure these efforts are well-informed and effective. By actively participating in these conversations, banks can enhance curriculum standards, provide input on real-world financial challenges students should learn to navigate, and offer training sessions for teachers on how to effectively teach financial concepts. In the states that do not require financial literacy, banks can partner with their state bankers associations to advocate and share the message about the power of educating youth on financial literacy.

3. Get creative during the summer months. As we approach the summer months, financial literacy does not need to stop at the end of the school year. Summer presents an excellent opportunity to bring financial education beyond the classroom and into community spaces. Banks can take a creative approach by embedding financial literacy into local events such as community block parties, farmers’ markets, festivals and sports events. Partner with summer camps to host hands-on financial literacy workshops, scavenger hunts and trivia contests. By meeting people where they are — outside of traditional classroom settings — banks can make financial literacy more approachable while fostering trust within the community.

Keeping the momentum going

Teach Children to Save Day may come once a year, but the opportunity to educate and empower young people happens every day. By continuing financial literacy presentations, supporting state-level curriculum efforts, and embedding lessons into summer community events, banks can make a lasting impact that strengthens families and communities for generations to come.

Financial literacy is the foundation for economic empowerment — let’s make it a year-round priority.

Full Article

Back to Top

ABA Banking Journal: House lawmakers debate regulatory burden on banks

April 29, 2025 

ABA

During a hearing today on bank regulation, House Republicans accused regulators of failing to appropriately tailor regulation to bank size and risk while Democrats said the Trump administration has sought to overturn regulatory reforms put in place to prevent a repeat of the 2008 financial crisis.

The House Financial Services Subcommittee on Financial Institutions held a hearing on regulatory overreach by banking agencies. In his opening remarks, subcommittee Chairman Andy Barr (R-Ky.) said the Dodd-Frank Act and subsequent regulator actions created a “one-size-fits-all” approach to regulation that has hurt community banks.

“I’ve heard from community bankers across the country about the inconsistency and lack of clarity in the supervision and examination framework being driven by partisan bureaucrats in Washington,” Barr said. “Rather than our prudential regulators working alongside supervised institutions to ensure compliance, we have seen a shift to promoting agendas such as climate-related finance or the debanking of legally operating businesses – dangerous deviations from the core mission and purpose of these agencies.”

Subcommittee Ranking Member Bill Foster (D-Ill.) accused President Trump of attacking independent agencies such as the Federal Reserve, which he said has injected volatility into financial markets. He also criticized the administration for allegedly rolling back Dodd-Frank reforms by attempting to trim the staff and missions of agencies such as the Consumer Financial Protection Bureau, which was created by the law.

“Each of these agencies, along with our banking and market regulators, serve critical roles in the financial stability of the United States, yet their missions are under assault,” Foster said.

Among the hearing’s witnesses was J. Michael Radcliffe, chairman and CEO of Community Financial Services Bank in Benton, Kentucky, who said that the regulatory burden for community banks has increased significantly since 2008. He urged lawmakers to return to a system of regulatory tailoring.

“Under the existing ‘one-size-fits-all’ regulatory regime, community banks are often held to the same standards as multinational banks with trillions in assets,” Radcliffe said in prepared remarks. “This approach disregards the minimal systemic risk posed by community banks and places an undue burden on their operations.”

Full Article

Back to Top

CISA News: AI-Powered Polymorphic Phishing Is Changing the Threat Landscape

April 24, 2025 | Stu Sjouwerman

Google Phishing

Our threat research team has observed a rise in polymorphic phishing campaigns being launched on a much larger scale than before. We found a 17% increase in phishing emails in February 2025 compared to the previous six months. Last year, at least one polymorphic feature was present in 76%of all phishing attacks.

Understanding Polymorphic Phishing

Polymorphic phishing is an advanced form of phishing campaign that randomizes the components of emails, such as their content, subject lines, and senders’ display names, to create several almost identical emails that only differ by a minor detail. In combination with AI, polymorphic phishing emails have become highly sophisticated, creating more personalized and evasive messages that result in higher attack success rates. Of all phishing emails we analyzed, 82% contained some form of AI usage, a 53% year-over-year increase.

Traditional detection systems group phishing emails together to enhance their detection efficacy based on commonalities in phishing emails, such as payloads or senders’ domain names. The use of AI by cybercriminals has allowed them to conduct polymorphic phishing campaigns with subtle but deceptive variations that can evade security measures like blocklists, static signatures, secure email gateways (SEGs), and native security tools. For example, cybercriminals modify the subject line by adding extra characters and symbols, or they can alter the length and pattern of the text.

Most polymorphic phishing attacks use compromised accounts (52%), followed by phishing domains (25%) and webmail (20%) to send phishing emails that can bypass domain authentication checks.

The standard way of grouping individual attacks into campaigns to improve detection efficacy will become irrelevant by 2027. Organizations need to find alternative measures to detect polymorphic phishing campaigns that don’t rely on blocklists and that can identify the most advanced attacks.

AI-Powered Polymorphic Phishing Attacks Are Raising the Stakes

The role of AI in the proliferation and increasing dangers of polymorphic phishing attacks is increasingly apparent. Here are some ways in which AI models are powering up polymorphic phishing:

Bypassing Traditional Defenses: AI-powered polymorphic phishing campaigns use advanced evasion techniques, such as dynamic URLs, payload adjustments or delivery method modifications to elude security detection and constantly adapting strategies by learning from failed phishing attempts to bypass defenses.

Dynamic Email Content: AI can prevent two emails from being identical by creating distinct email content for every recipient. This makes it hard for security tools, like Secure Email Gateways (SEGs), to identify patterns or signatures applied to detect phishing attacks.

Enhanced Personalization: AI can rapidly search enormous volumes of public data for victim information, such as social media profiles and messages, online accounts, and compromised databases, to produce extremely customized phishing emails.

Continuous Adaptation: AI-based polymorphic phishing attacks can adjust in real time to the behavior, actions, or preferences of victims, modifying the content or their actions for a successful attack. For instance, if a victim clicks on a link but does not complete the field where their credentials are asked for, AI may send a believable follow-up message to establish trust or instill a sense of urgency.

Improved Persuasion: AI has the ability to craft convincing and personalized emails that closely imitate the tone and style of trusted individuals or organizations, making them feel authentic and more likely to deceive the recipient.

Spear Phishing: AI is used by attackers to target high-value targets with access to sensitive data and control over critical systems. AI scans publicly available data on the victim’s role, interests, and communication style to send a personalized and convincing message. The sender in this case may be a known contact, mentioning a particular project or an urgent task in the phishing email. At times, synthetic voice or video messages created through deepfakes are attached to the message. Attackers send follow-up emails through various channels to build legitimacy and urgency.

Protection Against AI-Based Polymorphic Phishing

Just as AI enables the evolution of polymorphic phishing, it can be used to build a defensive strategy against such threats. Here are some effective strategies:

Make Emails Secure: Verify the authenticity of senders with email authentication protocols such as SPFDKIM, and DMARC. Using techniques of natural language processing (NLP) and pattern recognition, AI-based defense systems analyze the structure and content of emails to identify legitimate emails over spam.

Keep Security Systems Updated: Regularly update your security controls, such as email protections and other relevant systems, to stay prepared for new and emerging threats.

Train Employees on Security Awareness: Use simulation platforms to educate employees on polymorphic phishing attacks in a real-world-like environment. This will enable employees to more readily identify polymorphic phishing and report it instantly.

Implement Strict Access Controls: Use multi-factor authentication to provide an extra security layer while accessing sensitive data and systems. Apply the least privilege access approach, which limits access to critical systems and sensitive data based on an employee’s specific role and needs.

Develop a Strong Security Culture: Engage employees to report security incidents or suspicious emails to the IT security team immediately without fear of blame or reprisal. By informing users of the situation and actions taken, security teams can create a culture of trust and teamwork. This will help develop continuous security vigilance against attacks.

AI-Powered Defenses: Proactively defend against deceptive attacks using techniques such as natural language processing and anomaly detection to block threats at they occur. AI-powered defenses continuously learn from new data and incidents and improve their detection capabilities to protect organizations against newly evolving threats. They can see the bigger threat picture by correlating data from emails and network activities, user endpoints and servers, to address immediate threats and underlying vulnerabilities.

The ability of AI-based polymorphic phishing attacks to evolve, customize, and bypass email gateways is a paradigm shift in the world of cybersecurity threats. Through the use of AI for sophisticated defense technology and through employee awareness and education, organizations can safeguard themselves against this new threat.

Full Article

Back to Top

UPDATES40 and 50-Year Banker Awards

awards

The SDBA will honor and recognize bankers with 40 or 50 years of service in banking during its Annual Business Meeting at this year’s 2025 Quad States Convention in Rapid City.

The deadline to submit an award to be presented at the 2025 Quad States Convention is May 16, 2025.

EVENTS2025 Quad States Convention - EARLY BIRD EXTENSION!Quad States 2025

Big Ideas Bold Bankers The Big Bank Theory!

Don’t forget to REGISTER for The Big Bank Theory Quad States Convention, happening June 8-10 in Rapid City, SD. We'll be mixing science, strategy, and just the right amount of fun at this year's gathering!

Early Bird Rate has been extended to May 16!!

Hotels are filling fast - - be sure to book your room(s) TODAY!

National School for Experienced Ag Bankers

June 23-26, 2025 | Spearfish

Ag SchoolThe National School for Experienced Ag Bankers is a seminar for experienced ag bankers who want to further develop their ag lending skills, learn new skills, confirm existing methodology and meet fellow bankers who share the same career path. Taught by a nationally-recognized faculty of bankers, academics and other real-world ag banking practitioners, this program is focused on ag lending opportunities and challenges that are relevant to ag bankers from across the United States.

Details & Registration

gsb

Online Education

online edParticipating in learning opportunities outside the bank can be challenging. Take advantage of the SDBA's extensive selection of webinars and on-demand training to enhance your banking expertise directly from your computer.

GSB Online Seminars
OnCourse Learning
SBS Institute
ABA Training

Compliance Alliance logo

Question of the Week

Q: I’ve heard that other banks are beginning to refer to their BSA / AML programs, policies, and procedures as “AML / CFT.” Is this a mandatory change, and something that our bank should do as well?  

A: Many banks are now beginning to use the term "Anti-Money Laundering / Countering the Financing of Terrorism" (AML/CFT) instead of “BSA/AML” to align (and for purposes of consistency) with the AML Act.  This is generally indicative of an overall initiative to have financial institutions update / enhance their existing BSA policies and programs to incorporate the AML Act and its associated processes to support more effective mitigation of risks connected with money laundering and the financing of terrorism.  

While, currently, there is not a direct requirement in the law for banks to adjust / update their internal programs to match this language, it would appear that the industry as a whole is gravitating towards this terminology – and more substantively, a more risk-based, innovative, and outcomes-oriented approach (as opposed to mere technical compliance with the requirements of the BSA) that goes along with it. 

This framework is the crux of FinCEN's proposed rule RIN 1506-AB52, "Anti-Money Laundering and Countering the Financing of Terrorism Programs." The proposed rule, announced on June 28, 2024, stated that should it become finalized, financial institutions would become required to not only review the government-wide AML/CFT priorities issued by FinCEN in 2021, but also incorporate them "as appropriate, into risk-based programs, as well as provide for certain technical changes to program requirements;". Additionally, financial institutions that do not already have a risk assessment process would need to develop one. The rule also provides greater detail for AML terminology and more defined parameters for assessing risk in this regard; but, again, the rule has yet to be finalized. 

For further reference, please see FinCEN’s summary of the proposed rule, as well as the FDIC’s and the OCC’s two cents on the matter, as well. We have also discussed this on our monthly Huddles. If you have any other questions about it, feel free to reach out to us on the Compliance Hub Hotline.

Learn how to put compliance management solutions from Compliance Alliance to work for your bank, by contacting (888) 353-3933 or [email protected] and ask for our Membership Team. For timely compliance updates, subscribe to Bankers Alliance’s email newsletters.

Back to Top

 

 UBB

SDBA eNews Archive
View past issues of the SDBA eNews

Advertising Opportunity
Learn more about sponsoring the SDBA eNews

Questions/Comments
Contact the SDBA at 605.224.1653 or via email