ABA Banking Journal: ABA banker: Long-term Farm Bill would boost ag economy
July 16, 2025
The agricultural provisions in the recently enacted budget reconciliation bill will provide a strong backstop for agricultural producers, but a long-term Farm Bill is still needed, Clint Hood, SVP for Synovus Bank in Dublin, Georgia, told House lawmakers today.
Hood, representing the American Bankers Association, testified before the House Agriculture Subcommittee on General Farm Commodities during a hearing on the importance of credit and risk management in financial farm operations. In his testimony, Hood noted that banks remain a primary source of credit to U.S. farmers and ranchers, but the agricultural economy is experiencing headwinds and economic assistance can provide some relief.
“Bankers continue to monitor the agricultural economy, and we are very cognizant of how economic headwinds affect our customers and our communities where we live and serve,” Hood said. “While both of these steps were needed and appreciated, Congress has several tools to help the farm economy – starting with the passage of a strong and durable Farm Bill.”
The reconciliation bill contains a partial version of the Access to Credit for our Rural Economy Act, as well as provisions from the Farm Bill, that will lower the cost of credit and make credit more widely available, he said. Still, the Farm Bill provides an opportunity to make needed changes to the credit title, including increased limits for the Farm Service Agency guaranteed loan programs, changes to the bona fide operator definitions, and modifications to Farmer Mac eligibility.
“Bankers commend the inclusion of increased reference prices and increased cost share for crop insurance programs, among the many other positive provisions” in the reconciliation bill, Hood said. “However, changes are still needed in the credit space to provide farmers and ranchers with the credit they need to work through the current downturn in the agricultural economy.”
ABA Banking Journal: ABA urges FCC to impose call authentication requirement for non-IP networks, mandate IP transition
July 16, 2025
The American Bankers Association today joined six trade associations in urging the Federal Communications Commission to adopt a proposal to create a new call authentication requirement designed to limit criminal access to the U.S. calling network.
Current FCC rules require voice service providers to implement the “STIR/SHAKEN” call authentication framework, which requires calls to be signed at origination and attested through the call pathway until the call reaches the recipient. STIR/SHAKEN works only over IP networks, and not over non-IP networks. The FCC’s proposal would require voice service providers that use a non-IP network – that is, a legacy time division multiplexing network – to implement a caller ID authentication framework for that non-IP network within two years.
Since 2022, ABA has urged the FCC to require voice service providers to implement caller ID authentication solutions on non-IP networks. ABA also has called for a “whole-of-government” effort to combat the ever-increasing incidence of fraud.
“Over the past two years, we have sounded the alarm regarding the increasing incidence of impersonation of legitimate companies, often accompanied by illegal “spoofing” of the number used in the caller ID,” the associations said. “[W]e urge the Commission to require Non-IP Providers to transition to IP by a date certain and to require voice service providers within one year to implement caller ID authentication solutions on non-IP networks.”
ABA Banking Journal: ABA Fraudcast: How the ABA Foundation helps banks protect their customers
As more older Americans are major targets for criminals, Safe Banking for Seniors is an effective program to inform and defend against targeted scams.
July 16, 2025
One of the major efforts from the very busy team at the ABA Foundation these days is helping bankers help older Americans protect themselves from scams. The Foundation’s Safe Banking for Seniors program focuses on a number of ways seniors can avoid financial danger.
“We provide free, turnkey programs and materials to help bankers lead personal finance presentations with kids, young adults and seniors in their communities,” explains Sam Kunjukunju, ABA’s VP for consumer education, in this episode of the ABA Fraudcast. “Unfortunately the criminals are definitely targeting Americans of all ages, and it’s very challenging when we look at the older American population.”
The ABA Fraudcast will be published every three weeks, on this site, in ABA Daily Newsbytes and wherever you listen to and subscribe to your favorite podcasts. Please subscribe!
ABA offers resources to help banks prevent, identify, measure and report fraud, and to serve and protect consumers and their financial data.
CISA News: Hiring the Enemy: When Job Scams Target Companies and Consumers Alike
A new wave of employment fraud is targeting U.S. companies, with fake candidates using AI-enhanced resumes and stolen identities to infiltrate organizations. Socure uncovers how these sophisticated schemes, often linked to foreign operatives, pose significant security risks and highlights the urgent need for advanced identity verification in hiring processes..
June 18, 2025 | Mike Cook, Head of Fraud Insights, Socure
Over the past few months, Socure has found itself squarely in the crosshairs of a new wave of employment fraud — and we’re not alone.
We’ve seen fake candidates applying to work at Socure, using stolen or synthetic identities and AI-polished resumes. What at first appeared to be isolated incidents quickly revealed themselves as part of a broader, coordinated campaign — one that is targeting U.S. businesses and our customers in nearly every vertical, including crypto, gaming and marketplaces.
In April 2025, HR Grapevine reported that hundreds of North Korean IT operatives have successfully infiltrated U.S. companies, including some in the Fortune 500, by posing as remote software engineers. U.S. intelligence officials estimate these operatives have earned tens of millions in disguised wages — funds believed to be funneled back into North Korea’s sanctioned weapons programs. Beyond financial gain, it is believed that some operatives are aiming to gain access to sensitive codebases and customer systems to steal IP and trade secrets, while others are seeking consumer data to leverage in further attacks.
These actors often pose as freelancers from South Korea, Japan, or Latin American countries, using fake LinkedIn profiles, stolen or borrowed identities, and AI-enhanced credentials. Often they are dependent on U.S. citizens or residents who act as accomplices by establishing bank accounts to receive payroll, and then sending money abroad. This phenomenon is an insidious intersection of fraud, money laundering and sanctions violations.
A May 2025 report from SHRM echoes these concerns, highlighting a sharp rise in employment fraud, especially in remote roles across tech, finance and defense contracting.
What we’re seeing is a foundational vulnerability: the lack of standardized identity verification in hiring, which is enabling sophisticated fraudsters to bypass existing controls. The U.S. hiring ecosystem is dangerously behind the curve. At Socure, we’re sharing what we’ve learned to help employers stay ahead of this growing threat.
Because without stronger identity defenses, we’re all hiring blind.
SOCURE VS. FAKE JOB APPLICANTS
Socure’s own experience makes this problem very real. Our internal recruiters and hiring managers began noticing unsettling trends a few months ago in our applicant pool — particularly for senior engineering roles. What started as a trickle of too-perfect resumes quickly evolved into a deeper concern that aligns closely with warnings from federal law enforcement and investigative reporting.
We discovered that several job applicants were entirely fabricated. They did not exist.
To make sure that the candidates were indeed fake, our Fraud Investigation team compared identity attributes from these suspicious resumes against our proprietary identity graph and third-party investigative tools. We also ran our Email and Phone RiskScores to check the viability and correlation of the contact information on the applicants’ resumes.
The results were striking.
As you can see in the graph above, the Email and Phone RiskScores for "good" applicants were much less risky when compared to the fake applicant population. Specifically, "good" candidates had mature emails with an average of 1,646 days since the email was first seen in the Socure ecosystem versus 48 days for fake candidates. Additionally, correlation of phone ownership to name was much weaker for fake applications — .09 vs. .99 for "good" candidates (range of score is .00 to .99, with the lowest being the least likely that the phone is owned by the individual).
These would not just be risky hires — they are potential national security threats.
SPOTTING THE RED FLAGS EARLY
Patterns of deception don’t start during the interview — they emerge in the application process, and are seen in online social networks. Common signals in these fraudulent profiles include:
Resumes loaded with big-brand employers (Google, Amazon, Netflix)
Western names like “James Bailey” paired with East Asian appearance and accented English in much higher numbers than would match demographics that fit this combination
Aggressive interest in remote-only roles (candidates will share that their current employer is requiring back to the office — the driver of why they are seeking a new role)
Sparse LinkedIn activity, often with a single post and minimal connections
Profiles that disappear mid-hiring process as LinkedIn shuts them down
Shared patterns across resumes, including impressive educational backgrounds such as Harvard and Carnegie Mellon, suggesting AI-generated content
But making decisions based off of an unusually great resume combined with a shallow LinkedIn profile isn’t exactly scientific and could result in blind spots and great candidates missed.
That’s where data-driven analytics come into play.
SEEKING RISK INDICATORS BEHIND THE SURFACE
Even the basic contact information on a resume — email, phone number and name — can reveal powerful signals. With passive verification using Socure’s Email, Phone and Address RiskScores and Correlation Values, you can analyze these identity elements with high precision, enabling organizations to detect anomalies and flag suspicious or synthetic identities early in the hiring process without causing user friction.
This alone helps eliminate unnecessary costs tied to interviewing candidates who don’t ultimately get an offer — estimated at approximately $800 to $1,000 per applicant at Socure. It also prevents lost productivity and time spent recruiting high-impact candidates.
Once an applicant is accepted into the interview process and connects to your internal HR platform, with identity verification solutions integrated, like Socure’sDevice Intelligence, you immediately have a view of their device which builds a story of risk around location and additional historic behavior begins to reveal itself. When the applicant then submits additional personal information — such as their home address, Social Security number (SSN) and date of birth (DOB) — Socure can apply advanced passive risk scoring tools like Sigma Identity and Sigma Synthetic. These scores enable recruiters and hiring managers to assess, behind the scenes, whether the applicant is using a completely fabricated identity or attempting to pass off a stolen one. Those that are most risky should be subjected to some form of friction and additional validation. Socure’s DocV, which validates thousands of government documents and analyzes live selfies, is the type of step-up authentication that should be used.
SCRIPTED INTERVIEWS, SYNTHETIC RESPONSES
Even with great passive verification tools running, there are telltale signs to look out for during the interview process — ones we documented live during actual interviews.
Candidates who sail through initial questions often stumble on follow-ups. They read answers out loud, clearly generated by AI. Some even repeat ChatGPT responses nearly word for word.
They struggle with:
Contextual or situational questions
Multipart problem-solving
Adapting when the interviewer changes direction
Questions related to where they live
In one case, a Socure interviewer had tested a technical prompt in ChatGPT before the call. The candidate’s response matched it exactly.
MEET "ANTHONY"— A REAL-WORLD EXAMPLE
To illustrate how this type of fraud plays out in practice, consider a candidate we encountered — let’s call him “Anthony.” He had a polished resume, a LinkedIn profile, and all the surface markers of legitimacy. But as we examined his application more closely, several red flags began to emerge.
Anthony’s LinkedIn profile featured an “Open to Work” banner and a resume filled with impressive credentials. However, his profile had minimal engagement — few posts, limited connections — and many of the indicators outlined earlier were present. Our internal Fraud Investigation team, supported by Socure RiskScores and correlation analysis, flagged the application as likely fraudulent. We decided to invite Anthony to a video interview.
To our surprise, he agreed.
On camera, Anthony came across as articulate, personable and well-prepared. He had clearly studied the technical details of the roles he claimed to have held. But his answers closely mirrored AI-generated responses — often sounding like something produced by ChatGPT — and he paused noticeably before replying to each question. At times, he shifted his eyes left to right during his responses, like he was reading a script. Despite having a surname with Italian or Catalan roots, his accent was clearly North Korean.
But here’s the biggest giveaway — we ran a specific question — Have you worked with sensitive PII and how do you protect that data? — through ChatGPT before the interview.
Below you can see the striking likeness in response:
We scheduled a follow-up interview and at the end of the session sent Anthony a Socure DocV request for document verification and a live selfie. He never completed the verification, nor did he attend the second interview. However, he did click the verification link, allowing us to capture valuable device intelligence.
While his stated location was Staten Island, N.Y., the IP address used to access the link originated from a New York-based data center VPN, suggesting the activity could have come from anywhere in the world. It’s worth noting that when Anthony was randomly asked about how he felt about Staten Island vs. living in Brooklyn, he tried to evade the answer.
To date, Anthony has not responded to multiple follow-up requests.
WHY THIS THREAT IS DIFFERENT
Identity fraud in hiring used to be rare — and usually caught during background checks or I-9 verifications. But in a remote-first world, we rarely meet the person behind the resume. Today, AI allows bad actors to fake credentials, photos, documents, and even live interviews at scale.
And legacy hiring systems weren’t built to catch this. I-9 verification confirms document format, not identity. E-Verify checks SSN, DOB and name validity, not ownership. Background checks assume the identity is real in the first place.
WHAT EMPLOYERS SHOULD DO
This isn’t just about hiring the wrong person. It’s about risking exposure to hostile nation-state actors, data exfiltration and regulatory liability.
If your company hires remotely — or grants employees access to sensitive systems or consumer data — here’s what we recommend: Train recruiters and hiring managers to spot the red flags: mismatched names and accents, AI-heavy interview answers, LinkedIn profiles with no engagement. Incorporate real-time behavioral interviews that go beyond static questions. Verify LinkedIn and resume claims via third-party validation or referrals. Flag and investigate applicants with no verifiable work history or social footprint, especially in senior-level roles. Use identity and device verification tools — not just I-9 and background checks, but solutions designed to catch synthetic identities and identity theft, and identify where they are attacking you from. Passively assess risk as you go and only step up those potentially fake candidates to document and selfie checks. Consider options to integrate identity verification workflows into your existing HR platforms for a more frictionless experience, which also creates an opportunity to pick up information related to the applicant’s device, which will help you understand what location they are actually coming to you from. By the way … this would also identify the insidious U.S.-based computer farms managed by U.S. accomplices that help to enable attacks from outside the country.
We know how important it is to not add friction to great candidates in the hiring process. Socure is in a very competitive employment market, and we want to make sure we hire the best candidates (who also happen to be real). It’s important that we don’t make the onboarding process difficult, especially in the initial reach out to new potentially great candidates.
We believe the best process is to use “passive authentication” of job candidates early on. Passive authentication is a fraud detection process deployed by sophisticated financial services organizations for years. As mentioned earlier, we have seen that our RiskScores can do a great job of separating fake from real candidates using just the information found on every job applicant’s resume — their name, email and phone number.
By analyzing this simple information quickly and behind the scenes, your recruitment team and hiring managers can cut the time they waste on fake applicants, and ensure only friction and ask for additional validation of only those candidates that are much more likely to be fake. Additional step-up authentication should include automated digital validation of a government document, like a passport or U.S. driver's license and a live selfie, which can help to identify any deepfakes or camera injection attacks.
IDENTITY IS THE NEW PERIMETER
In cybersecurity, we used to say the firewall was the first line of defense. In hiring, identity now plays that role.
Bad actors are using AI, stolen data and deepfakes to gain access to companies and exploit consumers. It’s time we adapt with the same level of sophistication. Identity must be verified as early as possible — quietly, passively and precisely.
We can’t stop every fake applicant from applying. But with the right defenses, we can stop them from getting in.
All member banks have been contacted by NFR (our publisher for the SD Bank Directory) regarding updates your bank may have for next year's directory. Please follow the instructions provided in the mailing so that our 2026 directory can be as current as possible.
USD "Meet the Firms" Beacom School of Business Networking Event
September 10, 2025 | 2:00-4:00pm CDT | Vermillion
This event will use a speed networking format where each employer has the opportunity to visit with accounting students in 10 minute intervals. This will transition into an open networking social to allow further visiting with students. During this time, you can share information about your company and any full-time or internship opportunities you might have available.
The Secure Act impacts two main topics: RMDs and death distributions. The SDBA’s 2025 IRA School on September 16-18, which will be offered in person in Sioux Falls, SD, will address these relevant changes. In addition, IRAs are one of the most complicated areas of bank personnel responsibility, and it is not possible to learn and understand everything. Continual education is necessary to ensure confidence. Working with IRAs is a process and must start with a strong foundation. This school can provide this foundation through a comprehensive curriculum. Details & Registration
South Dakota Land and Lending Conference
October 1, 2025 | Denny Sanford Premier Center | Sioux Falls
The conferencewill target challenges and opportunities in real estate (land) and its credit channels (lending), and includes, for 2025, four mainstage keynote events—targeting the macroeconomy, real-estate markets, real-estate education, and real-estate credit channels—and several concurrent breakout sessions.
The mainstage events include the following:
- A fireside-styled discussion about the path for the U.S. economy, federal fiscal discipline, and monetary policy withDiane Swonk(Chief Economist, KPMG), hosted by me;
- A panel discussion about the challenges and opportunities in real estate with Christine Gaffney,Eric Lynch, Jay Parsons, and Diane Swonk, moderated byJeff Eckhoff(Director of Planning and Development Services, City of Sioux Falls);
Participating in learning opportunities outside the bank can be challenging. Take advantage of the SDBA's extensive selection of webinars and on-demand training to enhance your banking expertise directly from your computer.
Susannah Marshall, Arkansas State Bank Commissioner
In this episode of Banking Matters, host, Linsey Hugueley, speaks with Susannah Marshall, the Arkansas State Bank Commissioner, about her journey in banking, the current challenges facing the industry, and the future of banking. They discuss the importance of community banks, the impact of regulatory changes, and the need for succession planning in the banking sector. Susannah shares valuable advice for aspiring bankers, emphasizing the importance of engagement and visibility in building a successful career in finance.