7 Strategies for Mitigating Cybersecurity Risk Five Myths Holding Community Banks Back from Digital Transformation OFFICIAL PUBLICATION OF THE COMMUNITY BANKERS OF WASHINGTON FALL/WINTER 2023
Contents 4 Equitable Access to Credit Program By Patti Kibbe, President & CEO, Evergreen Business Capital Community Finance and Evergreen Business Capital 7 Five Myths Holding Community Banks Back from Digital Transformation By Tyler Brantley, VP of Revenue & Marketing, Core10 9 Application Red Flags How To Prevent Financing Fraud By BHG Financial 10 Congratulations Community Bankers of Washington LeadFWD Scholarship Award Recipients 11 In Pursuit of Accessibility By Sarah Young, Compliance Services Group 12 Time Out For Trivia Q’s and A’s To Enlighten Portfolio Management By Jim Reber, President and CEO, ICBA Securities 14 7 Strategies for Mitigating Cybersecurity Risk By Tyler Leet, Director of Risk and Compliance Services, CSI 17 ICBA LIVE March 14-17 Orlando World Center Marriott 18 Welcome New CBW Associate Members FALL/WINTER 2023 © 2023 Community Bankers of Washington | The newsLINK Group, LLC. All rights reserved. Currency is published by The newsLINK Group, LLC for CBW and is the official publication for this association. The information contained in this publication is intended to provide general information for review, consideration and education. The contents do not constitute legal advice and should not be relied on as such. If you need legal advice or assistance, it is strongly recommended that you contact an attorney as to your circumstances. The statements and opinions expressed in this publication are those of the individual authors and do not necessarily represent the views of Community Bankers of Washington, its board of directors, or the publisher. Likewise, the appearance of advertisements within this publication does not constitute an endorsement or recommendation of any product or service advertised. Currency is a collective work, and as such, some articles are submitted by authors who are independent of Community Bankers of Washington. While Currency encourages a first-print policy, in cases where this is not possible, every effort has been made to comply with any known reprint guidelines or restrictions. Content may not be reproduced or reprinted without prior written permission. For further information, please contact the publisher at 855.747.4003. OFFICERS CHAIRMAN John Manolides Commencement Bank CHAIRMAN ELECT Jim Arneson Community First Bank VICE CHAIRMAN Josh Deck Olympia Federal SECRETARY/TREASURER Leanne Antonio Yakima Federal PAST CHAIRMAN Tony George Kitsap Bank ICBA STATE DIRECTOR Denise Portmann Bank of the Pacific PRESIDENT/CEO Kathy Swenson DIRECTORS Dwayne Aberle Security State Bank Susan Dumontet 1st Security Bank of Washington Dean Brydon Timberland Bank Greg Deckard State Bank Northwest Rick Darrow Liberty Bank Russ Keithley Coastal Community Bank Dan Cox Riverview Bank Jolene Riggs Baker Boyer Bank Neil Zick Twin City Bank Andy Hunter SaviBank Mike Wilson RiverBank (360) 754-5138 www.communitybankers-wa.org CURRENCY | 3
In Washington state, you may now earn dollar-for-dollar B&O tax credits up to $1 million when you contribute to the Equitable Access to Credit Program. This new program, authorized by the Washington State Legislature in 2022 and overseen by the Department of Commerce, creates a new revolving funding source of up to $8 million for non-credit union Community Development Financial Institutions (CDFIs) operating as non-profits to help widen access to credit for those who struggle to qualify for traditional financing. The scope for any contributions is up to $1 million per calendar year per contributor through 2027, and any entity with a B&O tax liability in Washington state is eligible to contribute simply by directing a portion of the B&O obligation already being paid by your bank. In addition, the contribution may be eligible for CRA credit by supporting underserved small businesses in the state. The Equitable Access to Credit Program helps broaden the spectrum of options for those who are often left outside of our banking system and, therefore, often struggle to access economic opportunities for themselves and their communities. Operating as non-profits, CDFIs are certified by the U.S. Department of Treasury but are not depositories. This means that, in order to offer financing to their customers, CDFIs fundraise contributions from traditional banks, philanthropic organizations and now, in Washington, efforts such as the Equitable Access to Credit Program. Contributions to this new effort will help provide financing services to those who are not yet qualified for support from a traditional bank, but it will put them on the path toward that goal. A specific focus of the Equitable Access to Credit Program is to invest in indigenous and rural communities with at least 65% of the value of all grants awarded to be allocated toward these priorities. Equitable Access to Credit Program BY PATTI KIBBE, PRESIDENT & CEO, EVERGREEN BUSINESS CAPITAL COMMUNITY FINANCE AND EVERGREEN BUSINESS CAPITAL 4 | CURRENCY
As a member of the Washington Community Investment Coalition, we are proud of the mission-driven outcomes of the 16 CDFIs investing in our state’s communities. In 2021, we: • Invested more than $81 million in more than 1,500 young and growing small businesses • Invested $115 million total to finance individuals, businesses and non-profits • Financed more than 700 homeowners and consumers and provided pandemic relief funds to more than 3,700 businesses • Provided more than 8,000 hours of technical assistance and training programs such as business planning classes, financial literacy training and one-on-one business coaching No community may fully access economic opportunity unless there is a range of financing options, from traditional banks to non-profit CDFIs. We are all partners when it comes to making someone’s dream of owning a home or starting a new business a reality. A CDFI’s services can also be critical for those with poor credit or medical debt struggling to find a financing option for their legitimate needs, such as assistive technologies for those living with a disability. My colleague, Emerson Sekins, Executive Director of the NW Access Fund, a CDFI providing services in Clark County, detailed in the Vancouver Business Journal how “the financial strain of having a disability is significant — a household with a person with a disability requires 28% more income to achieve the same standard of living as a household without a disability. It’s not uncommon for those that we serve to put their basic needs on a credit card, to have gone through a bankruptcy or a disruption in employment. This makes many families unable to qualify for loans and vulnerable to predatory lenders.” Your contribution to the Equitable Access to Credit Program will directly and effectively benefit those most vulnerable in our local economy while also directly lowering your firm’s B&O tax obligation. It’s a virtuous and proven cycle to lower barriers to opportunity in our financial system. I hope that you consider making a contribution to this innovative new program so that we may deepen our investment in community members who today may not qualify for traditional banking services but one day will be able to walk through the doors of a major financial institution so that they may continue widening their circle of prosperity in their community. You may learn more about contributing to the Equitable Access to Credit Program by scanning the QR code. https://www.commerce.wa.gov/program-index/ equitable-access-to-credit-program/ Patti Kibbe is the President & CEO of Evergreen Business Capital Community Finance, a CDFI, and Evergreen Business Capital, an SBA 504 Lender based in Seattle with offices serving communities in Alaska, Idaho, Oregon and Washington. The Equitable Access to Credit Program helps broaden the spectrum of options for those who are often left outside of our banking system … CURRENCY | 5
bank webinars, made for you 250+ WEBINARS AVAILABLE NOW fin-ed.info/cbw
BY TYLER BRANTLEY, VP OF REVENUE & MARKETING, CORE10 Despite “digital transformation” being a key buzzword in banking for the last five years, many banks are still early in their journey to adopt new technologies. The reasons are unique to each institution, but as a whole, banks often fall victim to a number of misconceptions about digital transformation before the process even begins. But that doesn’t have to be the case. We’re here to help banks bite off the low-hanging fruit of their digital transformations and overcome perceived hurdles. To begin, let’s demystify the five myths we most commonly hear from banks about adopting digital capabilities. MYTH 1: DIGITAL PLATFORMS ARE TOO COMPLEX AND EXPENSIVE Complexity and cost often deter community banks from implementing digital platforms. In reality, there are cost-effective solutions designed for community banks. These solutions often incorporate APIs and cloud-based technology, enabling banks to build upon existing legacy systems without a complete technological overhaul. Additionally, digital banking providers often offer managed services, reducing the need for an extensive in-house IT team. Implementing digital platforms doesn’t have to be complex. Community banks can set their pace for innovation, adopting a crawl, walk, run approach. The journey toward digital innovation is non-linear and varies from bank to bank. The key is taking action and establishing strategies to sustain progress. MYTH 2: GOING DIGITAL MEANS SACRIFICING IN-BRANCH CUSTOMER SERVICE While many customers prefer online banking, over 20% still seek an in-branch experience, especially for significant and complex banking decisions. To remain competitive, community banks must adopt digital-first strategies and personalized in-branch experiences that build customer relations. Empower both customers and bank teams with omnichannel digital solutions that offer the same services in-branch and online. Embracing digital doesn’t mean compromising the in-branch experience; it means ensuring a consistent experience, regardless of where or how customers choose to bank. MYTH 3: DIGITAL PLATFORMS ARE MORE SUITED FOR MID-TO-LARGE SIZE BANKS Asset size does not correlate to how advanced a bank’s digital ecosystem should be. Every bank is at a different stage of its digital transformation journey, and all banks should focus on embracing innovation Five Myths Holding Community Banks Back from Digital Transformation CURRENCY | 7
through a strategic selection of fintech resources tailored to the institution’s needs. Programs such as the ICBA ThinkTECH accelerator, of which Core10 is a graduate, are fueling a growing interest and investment in fintech solutions specifically designed to fit the needs of community banks. This initiative plays a significant role in ensuring community banks are equipped with the technology they need to succeed in the digital age. MYTH 4: IMPLEMENTING DIGITAL PLATFORMS INCREASES FRAUD Digital platforms don’t inherently expose community banks to a higher risk of security breaches. When community banks partner with fintech providers with the proper security protocols and certifications, they have built-in safeguards to identify and prevent fraud attempts. Rather than viewing digital solutions as a catalyst for heightened fraud, embrace these tools to enhance your security strategy and improve the overall efficiency of the banking experience. MYTH 5: DIGITAL TRANSFORMATION MEANS REPLACING EMPLOYEES WITH TECHNOLOGY Digital transformation doesn’t replace bank employees but elevates them to their full potential. Deloitte found customers continue to prefer human interactions for complex financial products and services. Digital tools automate routine tasks, enabling employees to focus on building stronger customer relationships and driving business growth. At Core10, we’re committed to supporting community banks in their modernization efforts. Our Accrue platform offers a comprehensive omnichannel solution for digital lending and deposit account opening. Our Mesh middleware layer provides a flexible, modern infrastructure to enhance your technology ecosystem. And, with a wealth of experience and expertise accumulated over the years providing API and product development support, Core10 stands as your trusted partner for digital innovation. Digital transformation is not just a buzzword; it is a crucial step that community banks are taking to remain competitive in today’s evolving landscape. Don’t let the common myths above keep your team from growing as you serve your communities! The journey toward digital innovation is non-linear and varies from bank to bank. The key is taking action and establishing strategies to sustain progress. 8 | CURRENCY
APPLICATION RED FLAGS How To Prevent Financing Fraud BY BHG FINANCIAL In the world of financial lending, institutions need to have multiple checks and balances in place to protect their assets, their customers and the future of their organization. Sadly, some individuals try to use our fair nature against us for deceptive gain. Efforts to obtain funding through fraudulent means can often be recognized during the initial application review or customer interaction. Outlined here are several methods to support your institution in recognizing fraudulent activities. DUE DILIGENCE IN FRAUD PREVENTION According to the Federal Trade Commission, nearly $8.8 billion was lost to fraud in 2022, representing an increase of over 30% from 2021.1 More than ever, due diligence must be conducted to confirm that applicants who come to you for financing are forthright in their intentions. Below are several fraud indicators your credit team should look for in applications that may reveal a bad actor’s true intentions: • Inconsistent information: If the applicant provides loan information that does not align with or contradicts other documentation, it could be a sign of fraud. Advise your team to pay particular attention to discrepancies in income details, address history and employment history. » Prevention tips: While typos or small mistakes can happen, these errors can be quickly fixed in a conversation with your applicant. If the applicant is evasive when responding to these inconsistencies or disappears from the process, your suspicions of fraudulent activities were most likely correct. • Unverifiable information: Applicants who provide information that cannot be easily verified may be attempting to deceive a lender. Examples of unverifiable information include non-existent references, fake employment details and degrees earned from defunct institutions. » Prevention tips: You can ask for new references and confirm employment and degrees via your own independent searches. You can also confirm whether the employer still exists and is still active by visiting a business entity search website where the company is located. Educational degrees can be verified via the National Student Clearinghouse or Department of Education websites within the institution’s state. • Abnormal behavior: Applicants who display overly aggressive, evasive or unwilling behavior when asked to provide additional information may likely be trying to hide something. » Prevention tips: Knowing the difference between someone having a bad day versus someone attempting to deceive us is not easy to judge. Here are some helpful tips to consider. During inperson engagements, watch closely for individuals who avoid eye contact or turn their bodies away during one-on-one conversations. In emails or on the phone, fraudulent cues can be more difficult to detect. But if someone suddenly gets defensive when asked a question or becomes noticeably quiet, there may be a hidden reason behind it. • Unusually high income: While a high income does not indicate fraud, it is well worth looking into further if an applicant’s income seems excessively high relative to their stated profession or if there is a sudden, large shift relative to the income they earned compared to the previous year. CURRENCY | 9
» Prevention tips: Third-party vendors, such as Inscribe, can be instrumental in finding inconsistencies in an applicant’s income. These third-party automated systems can provide insight into which documents may or may not be fraudulent, such as pay stubs, W-2s and bank statements. • Rushed application process: Often, fraudsters will want to rush the application process to minimize the chances of being caught. Be extra cautious if an applicant pressures you or your team for quick approval. » Prevention tips: Slow it down. Take your time and review the application carefully. The applicant could innocently want to expedite the process to get the desired result sooner. Regardless, never allow their need for speed to accelerate the process to the point of negligence. • Use of stolen identity: Stolen or fabricated identity documents may be used by bad actors applying for loans. Be vigilant about verifying the authenticity of the provided documents. » Prevention tips: Leverage third-party vendors to help identify stolen or faked identities. Companies such as Vouched can review identification and provide accurate, real-time insights into the authenticity of the documents. Alternatively, your team should be looking for any missing holograms, cheap lamination or identification that does not have images under ultraviolet light. CLOSING THOUGHTS As financial institutions navigate the lending landscape, it is important to adopt a stance of informed prudence. The battle against fraud and deceit requires unwavering commitment, steadfast due diligence, and a keen awareness of the red flags that hint at ulterior motives. By employing a multifaceted approach that blends human discernment with cutting-edge technology, institutions can safeguard their assets, their reputation and the trust placed in them by their customers. 1. https://www.ftc.gov/news-events/news/pressreleases/2023/02/new-ftc-data-show-consumersreported-losing-nearly-88-billion-scams-2022 10 | CURRENCY
The digital world continues to evolve around us, and as such, many daily tasks, including financial services, are being increasingly performed using websites or other digital platforms. While this reality offers a number of advantages for the average consumer, it also presents significant challenges in ensuring equal access to products and services offered online for individuals with disabilities. From vision or hearing impairments to seizure disorders and reading comprehension speed, all customers should be adequately served by a company’s online content. To address these concerns, banks should strive to be in compliance with the Americans with Disabilities Act (ADA) and the Web Content Accessibility Guidelines (WCAG). This article highlights the importance of ADA compliance for bank websites, the benefits it offers and the steps that banks can take to ensure accessibility for customers. The Americans with Disabilities Act is a landmark civil rights law, enacted in 1990 to provide protections for individuals with disabilities. It prohibits discrimination in various aspects of life and requires reasonable accommodations to be made to ensure equal access to services and information contained online. With the increasing ubiquity of services on the internet, it stands to reason that individuals with disabilities must be provided equitable treatment on websites and mobile apps. This includes the ability to check account balances, pay bills and contact financial institutions through all avenues made available. The Department of Justice (DOJ) has not provided specific guidance on ADA compliance for financial institution websites at this time, and the resulting ambiguity creates a challenging environment for even the most thoughtful web developers. In 2019, the Supreme Court decided against hearing an appeal regarding website accessibility, leaving the Ninth Circuit’s ruling that ADA requirements are applicable to digital platforms in place. While the Department of Justice has not issued final rules on web content accessibility that apply to private entities, such as banks, banks can benefit from the inclusivity generated by providing an accessible website, in addition to lowering the risk of potential lawsuits. Creating an online space that is usable by a wider swath of the population inherently increases a bank’s potential customer pool. Many accessibility practices, such as descriptive image text, can also boost a website’s search engine optimization (SEO), improving the site’s visibility in search results. Every user’s experience is improved with functions like text-to-speech, closed captioning, and keyboard navigation, not just those users with disabilities. With a commitment to inclusivity, banks reflect a dedication to social responsibility, ultimately culminating in a more positive brand image and more longlasting customer loyalty. Practical steps for ADA compliance can include conducting an accessibility audit, designing websites and mobile apps with accessibility in mind and fostering awareness of accessibility issues throughout the institution. An accessibility audit will identify existing issues and areas that may benefit from improvement. This is typically performed with software that can test the website content with automated tools. The software can test a website’s code to ensure compatibility with accessible technology like screen readers or translation programs. Some items may be more easily identified manually. Flashing images, too-small text or videos that lack closed-captioning are some common and easily remedied issues. Banks should look at items such as alternative text to describe the content of images to a user with visual impairment. Website layout, colors, fonts and navigation elements should also be userfriendly for all those visiting a bank’s website. Ensuring ADA compliance for banks is not only a riskmitigation technique for avoiding discrimination lawsuits but also a fundamental step toward creating an inclusive digital landscape for all users. By providing equal access to financial services and information, banks not only expand their potential customer base but also enhance their reputation as responsible community leaders. In Pursuit of Accessibility BY SARAH YOUNG, COMPLIANCE SERVICES GROUP CURRENCY | 11
Q’s and A’s To Enlighten Portfolio Management BY JIM REBER, PRESIDENT AND CEO, ICBA SECURITIES Time Out For Trivia If you’re a sports fan (and I know you are) and you’re also of a vintage that can recall back several decades, you may have heard of Todd Donaho. Donaho was the self-proclaimed “Commissioner of Sports Trivia” as the host of Time Out For Trivia (TOFT), a popular live call-in show that ran on the USA Network on weekday evenings from 1985 to 1990. The Commish would fire off questions in rapid-fire succession to phone-in contestants who hoped to win prizes ranging from telephones to grills. Players would compete at their own peril, as Donaho would often ask “boneheads” who guessed incorrectly to “take a hike.” Nonetheless, it was a winning formula, and by cable TV standards, TOFT had high ratings. What does this have to do with community banking? Hang with me as I pose a series of my own questions relating to community banks, which I hope you will view as more helpful than trivial. Even better, your author supplies the answers, so there’s no risk of nationally broadcast humiliation. As Donaho himself would exhort, “Who’s playing Time Out For Trivia?” Question: If you buy a callable bond, are you long or short a call option? Answer: You are short. Mechanically, you have simultaneously bought a bond and sold an option. The issuer has done the opposite and owns the right to take the bond away from you at designated dates in the future. Most callables have periodic call features (e.g., quarterly), but some are callable one time only. The aggregate value of the series of options translates into the additional yield over and above a noncallable “bullet.” Question: Why is Average Life always longer than Effective Duration for a given bond? Answer: Average Life is the weighted average period of time to receive your principal, whereas Effective Duration is the weighted average period of time to receive principal and interest. Average Life is more relevant for amortizing securities such as mortgage-backed securities (MBS). Since interest is received periodically (as well as early and late) in the life of a bond, the weighted average time period is less than for the principal alone. Average Life is more useful for calculating portfolio cash flows and liquidity; Effective Duration is a standard for measuring price volatility. Question: If you sell the guaranteed portion of an SBA 7(a) loan, what are the total proceeds? Answer: There are two sources and a third element that bears mentioning. First, the proceeds include the principal plus the premium paid by the buyer. If the guaranteed portion is $250,000 and the bid is 108.00 (which isn’t unusual), the total is $270,000, of which $20,000 is gain, and booked on the sale date (not settlement date). Additionally, SBA mandates that the seller retains 1% of the interest flow from future payments as servicing income. Finally, the entire amount of the unguaranteed portion, principal and interest, is retained by the original lender. Question: Why does the inflation gauge consumer price index (CPI) usually come in higher than the Fed’s preferred measuring stick, personal consumption expenditures (PCE)? Answer: It’s a two-pronged answer. First, the basket of goods for both indices (which is very deep — more than 80,000 items) changes over time as new products enter the market, some 12 | CURRENCY
disappear, and others’ popularity rise and fall. PCE is quicker to adjust the basket to reflect what you and I actually consume. This brings us to the second prong: Informed consumers will prefer cheaper goods to more expensive ones, given suitable substitutes. Since PCE mirrors more quickly what our new basket of goods actually holds, it tends to be several tenths of a percent lower than CPI. Question: Why do straight pass-through MBS use the prepayment model conditional prepayment rate (CPR), while their first cousin, collateralized mortgage obligations (CMO), uses the model known as the Public Securities Administration (PSA) when estimating how a given security will perform? Answer: At one point in the distant past, examiners decided that PSA was more accurate in predicting how a cohort of mortgages would prepay, so that became the standard. PSA is in fact derived from CPR and is an attempt at refining prepayment estimates based on the age of mortgages in a pool. These standards (set in the 1980s at the dawning of the mortgage derivative market and in TOFT’s heyday) have been relaxed, even though CPR/PSA information is still calculated and available for all CONTACT US TODAY! 801.676.9722 sales@thenewslinkgroup.com Your Customers Are Too. Advertising Space Available. QR Code manner of mortgage securities. Best practices can still call for documenting and modeling how a pool would perform using both methodologies. So there you have our trip down cable TV lane, compliments of the venerable USA Network. As the commissioner of sports trivia himself would sign off, “Feeling tremendous, I might add.” And if you’re so inclined, you can view some classic episodes of TOFT on YouTube. Jim Reber (jreber@icbasecurities.com) is President and CEO of ICBA Securities, ICBA’s institutional, fixed-income broker-dealer for community banks. CURRENCY | 13
7 Strategies for Mitigating Cybersecurity Risk BY TYLER LEET, DIRECTOR OF RISK AND COMPLIANCE SERVICES, CSI When it comes to cybersecurity, a good offense is a key component of a good defense. Much like organizations, hackers continuously learn and hone their skills. So, it’s critical to keep up with the latest threats they deploy, identify potential vulnerabilities and understand how your bank would respond to an attack. By examining vulnerabilities before a real hacker has the opportunity, your institution can take an offensive approach and mitigate cybersecurity risk. HOW TO MITIGATE YOUR BANK’S RISK How can financial institutions take steps to strengthen cybersecurity in the face of evolving threats? Here are several tips to mitigate cybersecurity risk for your institution: 1. Conduct Penetration Tests: During a penetration test, a tester identifies vulnerabilities or security weaknesses and then attempts to leverage them to gain deeper access into your network. Penetration tests often reveal eye-opening results by showing how many points of entry exist across your network. 14 | CURRENCY
By examining vulnerabilities before a real hacker has the opportunity, your institution can take an offensive approach and mitigate cybersecurity risk. While still valuable, a vulnerability scan or assessment offers a broader view than a penetration test; however, the results are much more generic. Since a penetration test is more manual and object-oriented, it provides directly actionable information to help you evaluate and resolve weaknesses likely to be leveraged by a malicious individual. Combining these with a layered security approach offers the most protection. 2. Remediate results: Don’t be afraid of the results from a penetration test or vulnerability assessment. Assessments aim to strengthen your approach, not to serve as a pass/fail benchmark. Your institution should analyze the results and remediate any issues for optimal effectiveness. Remediating any issues or critical vulnerabilities after an assessment is a key step in preventing bad actors from exploiting your weaknesses. 3. Prioritize cybersecurity education: Since cybersecurity is a business issue, employees outside the IT department play an important role in cybersecurity. From loan officers to tellers, employees have access to a myriad of systems and are potential targets as a result. While employees don’t have to be cybersecurity experts, it is still beneficial to practice good security hygiene. This is also a cost-effective measure, as the cost of educating users will almost always be less than the cost of dealing with a breach. Hackers often rely on weak passwords or phishing attacks to gain system access, but educating your users on the latest tactics and common social engineering schemes — and how to report them when spotted — helps mitigate your risk of a successful attack. Ensure your employees and customers remain vigilant when they receive an unexpected email with an urgent message that includes a strange link or attachment, as this is a common hacker tactic. 4. Implement multi-factor authentication: One way to encourage hackers to move on to a different target is by making it as difficult as possible to carry out their objective, which is often account access. Multi-factor authentication (MFA) is an excellent way to discourage hackers, as it requires more than a username and password to obtain account access. This additional information can include a token, text message, email or biometric data such as a face scan or fingerprint. Not only should employees use MFA when accessing your systems and network, but your institution CURRENCY | 15
should encourage customers to enable this control on their financial accounts, email accounts and even social media. 5. Implement patch management: Most bad actors use tools that take advantage of your system vulnerabilities, so it’s important to invest in routine vulnerability and patch management to shore up your defenses. If you remediate a vulnerability, bad actors don’t have an easy way to exploit it and will likely move on to low-hanging fruit elsewhere. Further, good patch management minimizes surface area and attack exposure. While updating your patches can be resource-intensive, it is worth it in the long run. This approach includes encouraging employees to update software, operating systems, applications, etc., to mitigate the risk of hackers taking advantage of any vulnerabilities. 6. Assess your risk: If done properly, risk assessments are a key component of a cybersecurity plan. A risk assessment helps an organization identify and manage financial, operational and other risks associated with internal and external incidents. And proper risk assessments should be more than filling out a spreadsheet; they’re about the lessons learned along the way as you produce it. During this assessment, you should identify assets you need to protect and understand how controls in place work together. The resulting document should help you prioritize your limited resources. 7. Involve your leaders: Cybersecurity involvement should not be limited to your IT department. Since this issue touches nearly every part of your bank, it’s important to have board and senior management involvement. Senior management should be invested in understanding cybersecurity threats and have enough familiarity with the topic to ask credible questions to IT leaders. Further, they should serve as advocates for your cybersecurity plan and reinforce the importance of education and training at all levels. When determining the appropriate cybersecurity investment, leaders should consider your institution’s individual objectives, risk assessment and risk appetite — or a representation of how much risk an institution is willing to accept. As an integral component of a holistic approach to IT, security and compliance, IT governance ensures that an institution’s technology and business objectives support its larger strategies. FINDING THE VULNERABILITIES BEFORE CYBERCRIMINALS With evolving threats and opportunistic hackers, investing in cybersecurity for your institution should be a priority. Tools like penetration tests and vulnerability assessments should be components of your larger cybersecurity strategy and help you stay ahead of cybercriminals. Scan the QR code to download our white paper for more strategies to strengthen your cybersecurity posture. https://www.csiweb.com/what-to-know/content-hub/ whitepapers/a-guide-to-strengthening-your-institutionscybersecurity-posture/ Tyler Leet serves as Director of Risk and Compliance Services for CSI’s Regulatory Compliance Group. With over 20 years of experience in the information security, risk and compliance industries, Tyler oversees and participates in the development and maintenance of the risk and compliancerelated services conducted for a wide variety of financial institutions and organizations. 16 | CURRENCY
ORLANDO 2024 ICBA LIVE MARCH 14–17 ORLANDO WORLD CENTER MARRIOTT ICBA LIVE is the annual destination for thousands of community bankers, solution providers, and experts to exchange strategies and resources. Join us for three days of inspiration, learning, growing, and connecting. Share and gain ideas from your peers to power your potential as leaders in your bank and community. Learn more and register icba.org/LIVE2024.
WELCOME New CBW Associate Members HOLMAN CAPITAL Lance Holman (949) 981-0237 lance.holman@holmancapital.com Holman Capital Corporation specializes in financing tax-exempt and taxable debt solutions issued by state and local governments, fire districts, educational institutions and water agencies nationwide. We finance our client’s equipment, facility, infrastructure and energy needs. Our funding amounts range from $250,000 to $100,000,000, with financing terms of up to 30 years. We provide our community bank partners with a full-service loan platform to originate, underwrite, price and document public sector loans to reduce your operating expenses and build a high credit quality portfolio. We would like to partner with the members of the Community Bankers of Washington to grow their loan portfolio quickly and efficiently. PERFORMANCE TRUST CAPITAL PARTNERS John Tull (312) 521-1885 jtull@performancetrust.com Performance Trust is the largest fullservice investment bank focused on community depository institutions. We help our clients make better balance sheet decisions so they can serve their communities and help fuel small businesses by using revolutionary strategies, tools and insights to measure the risk and rewards of cash flows across the entire balance sheet. Education is the cornerstone for all we do, which allows our clients to deepen their expertise as they work alongside us. ADLUMIN, INC. Ryan O’Malley (858) 337-3157 ryan.omalley@adlumin.com Adlumin provides the enterprisegrade security operations platform and managed detection and response services that keep mid-market organizations secure. With one license and one platform, its patented technology gives organizations and solution providers everything they need for effective threat hunting, incident response, vulnerability management, darknet exposure monitoring, compliance support and much more. The Adlumin platform is feature-rich enough for organizations to operate on their own yet built specifically to amplify the skills and capabilities of managed service providers 18 | CURRENCY
SELECT BANKCARD Pete Mudrow (801) 901-8134 pmudrow@selectbankcard.com Select Bankcard facilitates electronic payments, including credit card and debit card transactions. We provide systems and services to help businesses and merchant service providers with their payment processing needs. Select Bankcard is committed to providing a straightforward, streamlined and superior experience to its merchants and sales partners and is headquartered in Lehi, Utah, in the shadow of the beautiful Rocky Mountains. We also have a sales office in Austin, Texas. STEPHENS, INC. Jimmy Troy (628) 233-4980 jimmy.troy@stephens.com Founded in 1933, Stephens is a family of privately held, independent financial services firms focused on building value for companies, state and local governments, institutions and high-net-worth investors. We are headquartered in Little Rock, Arkansas, with offices in leading cities across the country and overseas. Since our founding, Stephens has pursued an independent course. We’ve built our firm on long-term relationships and enduring values, establishing an international reputation for vision, integrity and innovation. Free from herd mentality, short-term thinking and quarter-to-quarter imperatives, we’ve always stayed focused on the people who matter most: our clients. As investors and business owners ourselves, we have a unique perspective on the world. We understand the needs and concerns of individual investors, industry leaders and public interest stewards. Because we sit on the same side of the table as our clients, we are able to understand their goals and help build their future in partnership. NCR Willis Overton (971) 325-4458 willis.overton@ncr.com On behalf of the NCR Digital Banking team, we are grateful for the opportunity to be a part of the Community Bankers of Washington. It is our mission to create loyal, lasting relationships through our tools and technology that uniquely position us as the best partner to transform, connect and run your digital banking platform. With over $100M spent in R&D in 2022 alone, this investment allows us to continue innovating and designing great technology. Our single platform across retail and commercial banking creates a better user experience and drives efficiencies across the back office. Our turnkey solution makes it easy to implement and maintain while also being highly customizable as you grow. • Over 300+ banks currently use the NCR digital banking solution. • Our clients have been on the digital platform for an average tenure of 14.5 years. You will rely on your digital banking partner to help accomplish your strategic goals. To achieve this, we will unite our people, our processes and our technology to: • “Humanize the Digital Experience:” Through thoughtful product design, seamless third-party customer service integrations and intuitive in-app marketing, the NCR digital banking platform will help Banks serve their customers in a fashion commiserate with the excellent service they’ve come to expect through other channels. We value the importance of relationships. • “Grow the Bank:” The NCR digital banking solution will help banks to increase products per household, sell higher profit margin products and target customers that may only have one line of service with the bank (e.g., customers with only an indirect relationship with the bank). • “Increase Operational Efficiency:” NCR will help banks digitize and automate workflows for common laborintensive requests. The single admin platform and app will reduce the level of duplicative work and increase the ease of use for both your staff and customers. CURRENCY | 19
Community Bankers of Washington 325 Washington Ave S #67 Kent, WA 98032 This magazine is designed and published by The newsLINK Group, LLC | 855.747.4003 The ideal combination of yield and asset quality is on the BHG Loan Hub right now. Our credit quality is at an all-time high and currently yielding 9%! Several hundred of your peers have taken advantage of this opportunity in the past few months—your bank can, too. Credit enhancements available. The BHG Loan Hub: Higher-than-market returns, historically high credit quality. on credit with a 744 FICO average Keith Gruebele EVP, Institutional Relationships 954.263.6399 kgruebele@bhg-inc.com BHGBank.Network/CBW Visit BHGLoanHub.com or scan the QR Code to gain access. Image is an example only and does not reflect actual customer information.
www.thenewslinkgroup.orgRkJQdWJsaXNoZXIy ODQxMjUw