SEPTEMBER/OCTOBER 2025 A PUBLICATION OF THE INDEPENDENT COMMUNITY BANKERS OF COLORADO BUILDING ON THE PAST, BANKING ON THE FUTURE. Building a Strong Cybersecurity Culture Within Your Organization
©2025 The Independent Community Bankers of Colorado (ICBC) | The newsLINK Group LLC. All rights reserved. Independent Report is published six times per year by The newsLINK Group LLC for ICBC and is the official publication for this association. The information contained in this publication is intended to provide general information for review, consideration and education. The contents do not constitute legal advice and should not be relied on as such. If you need legal advice or assistance, it is strongly recommended that you contact an attorney as to your circumstances. The statements and opinions expressed in this publication are those of the individual authors and do not necessarily represent the views of ICBC, its board of directors or the publisher. Likewise, the appearance of advertisements within this publication does not constitute an endorsement or recommendation of any product or service advertised. Independent Report is a collective work, and as such, some articles are submitted by authors who are independent of ICBC. While a first-print policy is encouraged, in cases where this is not possible, every effort has been made to comply with any known reprint guidelines or restrictions. Content may not be reproduced or reprinted without prior written permission. For further information, please contact the publisher at (855) 747-4003. 6732 W. Coal Mine Ave., #640 • Littleton, CO 80123 • (303) 832-2000 2025-2026 OFFICERS ICBC CHAIRMAN Mike Hurst President Del Norte Bank ICBC PRESIDENT Joe Martinez President & CLO San Luis Valley Federal Bank ICBC PRESIDENT-ELECT Robert Holt Senior Credit Officer & SVP North Valley Bank ICBC ICBA STATE DIRECTOR PJ Wharton President & CEO Yampa Valley Bank ICBC STAFF EXECUTIVE DIRECTOR Mike Van Norstrand mvannorstrand@icbcolo.org ADMINISTRATION DIRECTOR/ TREASURER Maelynn Lewis mlewis@icbcolo.org LEGAL COUNSEL Christian Otteson Partner Otteson Shapiro LLP LOBBYIST Mary Marchun Founding Partner The Capstone Group 2025-2026 DISTRICT DIRECTORS DISTRICT A Kent Jones, President & CEO, Flatirons Bank Jamie Santistevan, COO, Native American Bank Mark Sheeley, President & CEO, RNB State Bank/Front Range State Bank Jeff Walker, Senior Vice President & CCO, Redstone Bank DISTRICT B Mark Brase, President, Points West Community Bank Tim Croissant, Market President, Bank of Colorado Travis Goeglein, Senior Vice President, First FarmBank Scott Applegate, President & CEO, Bank of Estes Park DISTRICT C Ben Johnson, President, First National Bank Colorado Miles McClure, CEO, Rocky Mountain Bank & Trust Peter Page, Executive Vice President & COO, Frontier Bank Kathryn Perry, Senior Vice President, Park State Bank & Trust DISTRICT D Dan Ebert, Vice President, Evergreen National Bank John Stelzriede, Market President — Colorado River Region, Alpine Bank Niki Stotler, President & CEO, High Country Bank Chad Zummach, Executive Vice President, Gunnison Bank & Trust ICBC ADVISORY BOARD MEMBERS Eric Budreau Partner Eide Bailly Jim Hall Managing Director Bond & Specialty Insurance — Financial Institutions, Travelers Bill Mitchell President & CEO Bankers’ Bank of the West Christian Otteson Partner Otteson Shapiro LLP 2 | INDEPENDENT REPORT
18 CONTENTS 8 14 CONNECT Email us mlewis@icbcolo.org Like us on Facebook ICBColo Connect with us ICBColo Follow us on X ICBColo Give us a call (303) 832-2000 Follow us on Instagram ICBColo 2025 PUB. 4 ISSUE 5 4 Support the ICBC’s Associate Members! 5 ICBC Preferred Providers FLOURISH 6 Making A Difference, One Act at a Time By Rebeca Romero Rainey, President & CEO, ICBA FROM THE TOP 7 Riding The Pendulum of Regulatory Compliance By Jack E. Hopkins, Chairman, ICBA 8 Modernization Strategies for Banks and Credit Unions Replacing Legacy Systems To Boost Value and Security By Monica Moore, Chief Technology Officer, Alogent, ICBC Associate Member 10 Building a Strong Cybersecurity Culture Within Your Organization By Jon Waldman, President, SBS CyberSecurity, ICBC Preferred Provider and ICBC Associate Member 12 Navigating Regulatory Uncertainty With a Compliance Management System By Troy Snyder, Brad Birkholz and Ryan Colleran, Plante Moran, ICBC Silver Associate Member 14 How To Prevent Wire Fraud By Scott Anchin, Senior Vice President of Strategic Initiatives and Policy, ICBA 16 Reduce Collateralization A Path to Greater Efficiency and Depositor Satisfaction By Joseph Hooker, Chief Sales Officer, IntraFi, ICBC Associate Member 18 The Crucial Role of Staff Development Development = Better Customer Experience = Higher Profits By Connie West, Certified High-Performance Coach, Gallup Certified Strengths Coach, Regional Vice President, The James Paul Group, ICBC Associate Member 20 Logo Guides and Brand Standards By Jennie Brady, Director of Creative Solutions, Spry Inc., ICBC Associate Member 22 4 Signs You’re Ready for a Digital Banking Upgrade By Terry Gore, Director of Sales (Digital Banking), SHAZAM, ICBC Associate Member 24 Turning Your “Lenders” Into Fierce Deposit Warriors By Theodore A. Rosen, President, Expert Business Development LLC, ICBC Associate Member 26 On Your Marks How Bond Markets React To Rate Cuts By Jim Reber, President & CEO, ICBA Securities, ICBC Preferred Provider and ICBC Associate Member INDEPENDENT REPORT | 3
SUPPORT THE ICBC’S ASSOCIATE MEMBERS! ACCOUNTING | COMPLIANCE EideBaillyLLP. . . . . . . . . . . . . . . . . . . . . . . . . .(303)770‑5700 Fortner Bayens PC . . . . . . . . . . . . . . . ........ (303) 296‑6033 Forvis Mazars . . . . . . . . . . . . . . . . ......... (303) 861‑4545 Moss Adams LLP now Baker Tilly . . . . . . . . . . . . . . (503) 471‑1277 Plante Moran** . . . . . . . . . . . . . . . . ........ (303) 740‑9400 ADVERTISING | EQUIPMENT | PRINTING | SUPPLIES Kristopher James Company . . . . . . . . . . . . . . . . . (800) 274‑9212 Spry.. .. .. .. .. .. .. .. .. .. ............ (303) 323‑4341 CAREER ADVANCEMENT Graduate School of Banking at Colorado . . . . . . . . (800) 272‑5138 CONSULTING | HUMAN RESOURCES AND MANAGEMENT | MARKETING | STRATEGIC PLANNING BankStrategiesLLC . . . . . . . . . . . . . . . . . . . . . . (303)291‑3700 (A Bankers’ Bank of the West Bancorp Inc. Subsidiary) Expert Business Development . . . . . . . . . . ..... (610) 771‑2121 *ICBA CRA Solutions .. .. .. .. .. .. ........ (877) 232-0859 *ICI Consulting Inc. .. .. .. .. .. .. .......... (316) 201‑8590 TheJamesPaulGroup . . . . . . . . . . . . . . . . . . . . (877)584‑6468 MJCPartners . . . . . . . . . . . . . . . . . ......... (213) 278‑0429 The NaviTrust Group . . . . . . . . . . . . . . ....... (801) 438-1842 Piper Sandler & Co. . . . . . . . . . . . . . . ........ (415) 978‑5057 *S&P Global .. .. .. .. .. .. .. .. ........... (434) 951‑6948 CORRESPONDENT BANKING SERVICE *Bankers’ Bank of the West .. .. .. .. .. ....... (303) 291‑3700 BellBank. . . . . . . . . . . . . . . . . . ........... (701) 371‑3355 Citizens Bank Farmington . . . . . . . . . . . . ...... (505) 599‑0100 INTRUSTBank . . . . . . . . . . . . . . . . ......... (800) 732‑5120 PCBB.. .. .. .. .. .. .. .. .. .. ........... (888) 399‑1930 TIB — The Independent BankersBank . . . . . . . . . . . (972) 650‑6000 CYBERSECURITY | IT CONSULTING AND SERVICES | SECURITY Alogent..............................(719)583‑8004 ArcticWolf............................(888)272-8429 Botdoc.. .. .. .. .. .. .. .. .. ............ (719) 960-4475 CivITas Bank Solutions . . . . . . . . . . . . . ....... (303) 291‑3700 (A Bankers’ Bank of the West Bancorp Inc. Subsidiary) Cook Solutions Group . . . . . . . . . . . . . ....... (503) 260‑8562 Federal Protection Inc. . . . . . . . . . . . . . ....... (800) 299‑5400 FileInvite. . . . . . . . . . . . . . . . . . ........... (719) 771-3586 M.R.Solutions. . . . . . . . . . . . . . . . . . . . . . . . . .(303)296-3328 Richey May Cyber*** . . . . . . . . . . . . . . ....... (303) 721-6131 *SBS CyberSecurity .. .. .. .. .. .. .......... (785) 594‑0503 DATA PROCESSING | EFT | ATM | CARD PROCESSING | MERCHANT SERVICES *Bankers’ Bank of the West .. .. .. .. .. ....... (303) 291‑3700 *BluePoint ATM Solutions LLC .. .. .. .. ....... (540) 335‑2848 Computer Services Inc. . . . . . . . . . . . . . . . . . . . . (970) 212‑7104 DCI.................................(620)694-6800 *IBT Apps . . . . . . . . . . . . . . . . . . . . . . . . . . . . (512) 606‑1100 *ICBA Bancard / TCM Bank .. .. .. .. .. ....... (800) 242‑4770 Jack Henry & Associates . . . . . . . . . . . . ....... (417) 235‑6652 SHAZAM.. .. .. .. .. .. .. .. .. ........... (515) 288‑2828 VisaInc.. . . . . . . . . . . . . . . . . . ........... (415) 238‑3682 INSURANCE | BENEFIT SERVICES Bank Compensation Consulting . . . . . . . . . . . . . . (303) 482‑1844 First Insurance Services Inc. . . . . . . . . . . . ...... (719) 456‑2303 *ICBA Reinsurance . . . . . . . . . . . . . . . . . . . . . . (888) 790‑6615 *Travelers .. .. .. .. .. .. .. .. ............ (720) 200‑8416 INVESTMENTS | FUNDING AND LENDING PARTNERS B:SideCapital. . . . . . . . . . . . . . . . . . . . . . . . . .(303)657‑0010 TheBakerGroup. . . . . . . . . . . . . . . . . . . . . . . . (405)415‑7200 BancAlliance . . . . . . . . . . . . . . . . . ......... (301) 232‑5423 *BHG Financial Institutional Network*** .. .. .... (954) 263‑6399 Citizens Bank Farmington . . . . . . . . . . . . ...... (505) 599‑0145 Colorado Enterprise Fund . . . . . . . . . . . . ...... (303) 860‑0242 Colorado Housing and Finance Authority . . . . . . . . (303) 297‑7329 D.A.Davidson..........................(303)764‑6000 FHLBank Topeka — Denver Office . . . . . . . . ..... (720) 212‑9873 First Bankers’ Banc Securities Inc. (FBBS) . . . . . . ... (720) 709‑7613 GillCapital............................(303)296‑6260 HelloBello. . . . . . . . . . . . . . . . . . .......... (970) 946-6160 *ICBA Mortgage .. .. .. .. .. .. .. .......... (800) 253‑5356 *ICBA Securities . . . . . . . . . . . . . . . . . . . . . . . . (800) 422‑6442 IntraFi Network . . . . . . . . . . . . . . . . ......... (303) 706‑9265 Northland Securities Inc. . . . . . . . . . . . . . . . . . . . (303) 801‑3380 Olsen Palmer LLC . . . . . . . . . . . . . . . ........ (202) 803‑2620 Performance Trust Capital Partners . . . . . . . .... (312) 521-1000 Preferred Lending Partners . . . . . . . . . . . ...... (303) 861-4100 RocketPro. . . . . . . . . . . . . . . . . . .......... (704) 650-0622 Towne Mortgage Company . . . . . . . . . . ...... (303) 947-5244 USDA Rural Development . . . . . . . . . . . . ...... (720) 544-2916 West Gate Bank Mortgage . . . . . . . . . . . ...... (402) 434‑4116 LEGAL SERVICES Arnold&Porter. . . . . . . . . . . . . . . . . . . . . . . . .(303)863‑1000 Godfrey Law Group LLC . . . . . . . . . . . . ....... (303) 802‑6336 Markus Williams Young & Hunsicker LLC. . . . . . . . . (303) 830‑0800 Otteson Shapiro LLP (ICBC Counsel) . . . . . . . .... (720) 488‑0220 Spencer Fane LLP . . . . . . . . . . . . . . . ........ (303) 839‑3838 StinsonLLP . . . . . . . . . . . . . . . . . .......... (303) 376‑8400 Womble Bond Dickinson** . . . . . . . . . . . ...... (303) 623‑9000 LOAN REVIEW SERVICES EideBaillyLLP. . . . . . . . . . . . . . . . . . . . . . . . . .(303)770‑5700 Fortner Bayens PC . . . . . . . . . . . . . . . ........ (303) 296‑6033 ICBC LOBBYING AND PUBLIC RELATIONS The Capstone Group (ICBC Lobbyists) . . . . . . . . . . (303) 860‑0555 *ICBC Preferred Providers **Silver Associate Member ***Gold Associate Member 4 | INDEPENDENT REPORT
ICBC PREFERRED PROVIDERS ICBC Preferred Providers are selected by bankers just like you, so give them special consideration when considering their proposals for your bank! To learn more about ICBC’s Preferred Providers, contact the ICBC at (303) 832-2000. Please note: ICBC endorses the listed companies but not all products offered by the company. Contact: Scott Wintenburg | swintenburg@bbwest.com | (303) 291-3700 or (800) 601-8630 Merchant services from Bankers’ Bank of the West help you grow customer relationships with mobile payments technology, competitive unbundled pricing, efficient approvals and startups, responsive support and training. Contact: Alexis Simons | simonsa@bhg-inc.com Creator of the largest community bank loan network in the country. ICBC members can access the BHG Loan Hub, a secure, state-of-art loan delivery platform and the number-one source for professional loans. Contact: Wade Zirkle | wade@bluepointatm.com | (720) 295-9142 Colorado-based BluePoint ATM Solutions provides cost-efficient, reliable, branch and off-site ATM equipment and managed services to community banks across the Mountain West. From equipment sales/leases to custom installations, CIT, and ongoing service and maintenance — BluePoint provides dependable, cost-efficient ATM programs tailored to meet your bank’s needs. Contact: Phil Layher | phil.layher@ibtapps.com | (512) 616-1188 IBT Apps® is an empowering core partner to community banks nationwide, offering end-to-end core and digital banking solutions that meet today’s customer demands. Their adaptable i2Suite banking system enables your bank to streamline operations, control costs and mitigate risks. Transform your bank with the power of one total solution. Contact: icba.org/solutions | (866) 843-4222 The ICBC supports and recommends the following products and services supplied by our national association, the ICBA: ICBA Bankcard and TCM Bank, N.A.; ICBA Compliance & Risk Management; ICBA Mortgage; ICBA Reinsurance; and ICBA Securities. Contact: Mike Hatch | mike.hatch@ici-consulting.com | (316) 201-8590 Since 1994, ICI Consulting has helped banks and credit unions to assess, cost justify, evaluate and convert core processing, digital banking, EFT, lending, document imaging, CRM and branch solutions. Contact: Brian Miller | brian.miller@sbscyber.com | (605) 923-8722 SBS is your cybersecurity partner. Our offerings include: TRAC™ — Cybersecurity risk management software; Cyber-RISK™ — Automated FFIEC cybersecurity risk assessment software; IT and Network Security Audits; Consulting Services; Full Service Vendor Management; Role-Based Certifications; Vulnerability Assessments; Penetration Testing and more! Contact: Joe Valdez | joseph.valdez@spglobal.com | (213) 549-2281 S&P Global combines exclusive analysis and in-depth data in real time for the banking, financial services and insurance industries. From bank branch data and government assistance programs to executive compensation and league tables, S&P is the final word in business intelligence on financial institutions. Contact: Madeline Dickman | mdickman@travelers.com | (720) 200-8293 Offering a wide range of customized insurance protection, Travelers SelectOne+® for financial institutions is designed to respond to the most recent trends in banking. INDEPENDENT REPORT | 5
We live, thrive and face challenges in lockstep with our communities. FLOURISH Making A Difference, One Act at a Time Community bankers are driven by a spirit of service. Giving back to our communities is simply part of who we are. But where does that instinct come from? Why is it a part of our DNA, and how has it been shaped over time? For me, the answer goes back to the ecosystem in which a community bank operates: We live, thrive and face challenges in lockstep with our communities. Just as our communities are shaped by opportunities, issues and events, so are the community banks that support them. In our nimbleness, we’re able to adapt and provide solutions to address urgent requirements and rally around our communities in times of need. For example, following the devastating floods in central Texas, multiple community banks in the state launched significant dollar-matching campaigns to provide aid. At the same time, ICBA’s Foundation, in coordination with the Independent Bankers Association of Texas, activated to support local rebuilding and long-term business recovery efforts. As part of the community banking family, this is how we respond in challenging times. It’s about stepping up and doing whatever we can. It’s also why we annually take the time to honor philanthropic work through our National Community Bank Service Awards. They help to shed light on the amazing stories of support that happen in our communities. Consider this year’s Exceptional Award winner, Gulf Coast Bank in Abbeville, Louisiana, By Rebeca Romero Rainey, President & CEO, ICBA which, through its partnership with the Boys & Girls Clubs of Acadiana, has raised nearly $700,000 for local at-risk youth. Or look at the 2025 Emerging Award winner, Legends Bank in Clarksville, Tennessee. They established Legends Lift, a volunteer service program that enables the bank to come to the community’s aid during times of crisis and helps fulfill ongoing community needs. These efforts exemplify the community bank spirit of service, because they aren’t about numbers; they’re about making lives better for the people of our communities. And they represent only two examples of how community banks around the nation rise to the challenge of meeting community needs on a daily basis. I hope you see yourself in these award winners and consider how you’re sharing your stories of service. While it’s simply a part of our DNA to give back, conveying what we do sheds light on the community bank difference and, in turn, helps our communities flourish. 6 | INDEPENDENT REPORT
Over the past decade, community banks have experienced their fair share of pendulum swings when it comes to regulation. We seem to toggle from one extreme to the other, with the most aggressive onslaught of regulations appearing in the past five years or so. Yet, we’re finally starting to see a healthy backswing, paving the way for a more productive environment for community banking. This regulatory rightsizing allows us to be more optimistic. Rule writing has slowed down, hindering rules that were enacted are being edited or rescinded, and we’re not faced with an onslaught of new compliance issues. Because we’re not trying to navigate a terrain of compliance pitfalls, we have more time to do what we do best: help our customers and our communities. However, even in the face of optimism, we recognize that with regulation, the only constant is change. That’s where ICBA and its pillars of advocacy, education and innovation truly step up to help us. From an advocacy standpoint, our work explaining the way regulations can tie our hands has clearly had an impact. (See My Top 3 for some big wins.) We have to keep telling the community bank story to ensure those messages are heard. We also must remain ever-vigilant and prepare for what may be in store. For that, the key lies in ICBA Education. At my bank, at least one team member has earned nearly every certification ICBA offers, with some boasting multiple certifications. We take pride in ensuring we have knowledgeable staff, and that investment in their professional development has been one of the best things we’ve done. For instance, our compliance exams go well because of their depth of knowledge; we have had examiners comment that they are impressed that we have so many highly trained staff. Innovation also strengthens our compliance response. New technologies are emerging that can streamline our efforts, more efficiently execute compliance screenings and flag potential issues. For FROM THE TOP MY TOP 3 Advocacy wins so far this year: 1. The repeal of the CFPB’s overdraft rule. 2. The change of course on 1033. 3. Progress on 1071. Riding The Pendulum of Regulatory Compliance By Jack E. Hopkins, Chairman, ICBA example, my bank is now actively considering new AI-type products that will allow us to effectively address compliance red flags without increased manual intervention — a win-win for our bank and team. However, basic physics tells us that an object in motion stays in motion and that the regulatory pendulum will continue to sway. But with ICBA here to support us, no matter the environment, we will be prepared for our compliance future, armed with the right messaging, talented teams and state-of-the-art technology. Thankfully, with that kind of support, we’ll collectively be ready to ride out the next compliance swing when the time arises. Even in the face of optimism, we recognize that with regulation, the only constant is change. INDEPENDENT REPORT | 7
Modernization Strategies for Banks and Credit Unions Replacing Legacy Systems To Boost Value and Security By Monica Moore, Chief Technology Officer Alogent, ICBC Associate Member As technology continues to evolve, banks and credit unions are under increasing pressure to replace outdated systems. They must not only deliver greater value to account holders but also guard against the growing threat of fraud linked to legacy platforms. As software ages, it becomes costlier to maintain and more prone to security vulnerabilities. To move forward with confidence, financial institutions need a well-defined strategy — one that balances innovation and new capabilities with robust security and regulatory compliance. Financial institutions should keep these topics at the forefront when planning for a successful modernization strategy: 1. Start with a Clear Goal: Every successful modernization effort begins with a well-defined objective. Ask yourself: Are you aiming to replicate what you already have on a newer system, architect new capabilities or leverage commercial software to get you ahead? Having clear goals will facilitate the evaluation for investments, risks and ultimately your timeline. 2. Adopt Flexible Architectures: Pay attention to the target architecture. Plan for future needs, information accessibility with strong feedback mechanisms and flexible, open solutions to gain agility and the ability to evolve over time. A scalable, future-ready approach is crucial when undertaking complete modernization efforts and keeping pace with shifting demands. 3. Modernize in Phases, Not All at Once: Modernization doesn’t happen overnight; it’s a journey that requires room for trial, course correction, setbacks and adaptation. Instead of aiming for a “big-bang approach,” break your goals down into manageable phases, including quarterly initiatives or shorter, focused projects. Regular check-ups and milestones keep progress on track and allow your team to quickly adjust as priorities shift. 8 | INDEPENDENT REPORT
Financial institutions don’t have to navigate modernization alone. Today’s digital landscape offers a broad network of expert vendors and consultants who specialize in financial software transformation. By partnering with the right technology providers, institutions gain access to proven tools, established methodologies and practical strategies that simplify complexity and reduce risk throughout the modernization journey. CONSIDERATIONS FOR SELECTING MODERNIZATION PARTNERS Before committing to a solution upgrade, financial institutions should evaluate partners through three perspectives: 1. Long-Term Commitment to Innovation: Choose partners who are committed to continuous innovation and have a strong track record of evolving with their clients’ needs. Prioritize solutions that offer flexibility in hosting models, open architectures and configurable options to adapt to changing user demands. Rigid systems in any of these areas can lead to operational and financial strain as your institution grows. 2. Market Expertise and Best Practices: Identify partners with extensive experience in the fintech space. Look for platforms that offer interoperability between solutions and cores to facilitate integrations, lower costs and time to market. Leveraging proven industry best practices will accelerate decision-making and execution across the entire modernization process 3. Long-Term Partnerships: The technology ecosystem changes at a fast pace, thousands of organizations and solutions enter our space every year, making the selection of partners challenging. As you find select partners to join you in your modernization journey, build strong, valuable partnerships and look for solutions that not only provide a great offer but also are after your success. TACKLING MODERNIZATION CHALLENGES HEAD-ON The path to modernization comes with its share of challenges, especially when legacy systems, tight budgets and rising security threats intersect. But banks and credit unions don’t need to transform everything at once to make meaningful progress. With the right strategy, incremental steps can build a strong foundation for scalable, future-ready operations. LOOKING AHEAD: HOW ALOGENT LEADS THE WAY Alogent has been driving banking innovation for decades. From item processing to content and loan management, we’ve steadily grown our solutions through smart acquisitions and product development. Today, we offer a connected ecosystem built on modern technology and fresh thinking. Modernization isn’t a straight path. As new risks and opportunities arise, banks and credit unions need flexible partners with strong integration and security. With years of experience and a forward-looking roadmap, Alogent helps institutions modernize while staying compliant, user-friendly and in control. Visit www.alogent.com/company to learn more and see how we can help you move forward with confidence. INDEPENDENT REPORT | 9
Building a Strong Cybersecurity Culture Within Your Organization By Jon Waldman, President SBS CyberSecurity, ICBC Preferred Provider and ICBC Associate Member 10 | INDEPENDENT REPORT
Fostering a cybersecurity-savvy culture isn’t just a best practice — it’s essential for protecting sensitive data and maintaining business continuity. Wait, did I just say that culture plays a role in business continuity? Yes, I did! Technical defenses alone aren’t enough to counter constantly evolving cyber threats. A well-established cybersecurity culture ensures that employees at all levels understand their role in protecting the organization and actively work to prevent security incidents. In this article, we’ll explore how to build and sustain that culture so that security becomes second nature rather than an afterthought. UNDERSTANDING CYBER THREATS A reactive approach to cybersecurity isn’t enough — organizations must take proactive steps to identify and mitigate risks before they become full-blown incidents. Regular security assessments help identify vulnerabilities, while timely software updates protect systems from known exploits. Ongoing employee training ensures staff can recognize and respond to threats, strengthening overall cybersecurity and reducing the likelihood of costly breaches. CREATING A CULTURE OF CYBERSECURITY AT WORK Building a cybersecurity-focused culture means integrating security into everyday workplace behavior. This involves setting strong and clear expectations through policies, providing ongoing (not just once-a-year) and role-appropriate training, and ensuring employees understand and apply their responsibilities through regular testing. When employees know what’s expected, receive training to meet those expectations, and have opportunities to practice and be evaluated, security becomes part of how they work — not just a checkbox. Testing results can also be tracked to measure improvement over time. Doing these things consistently helps create an environment where employees feel personally responsible for safeguarding customer information and the business. Leadership plays a crucial role — when executives prioritize cybersecurity and lead by example, it reinforces its importance across the organization. When security is ingrained in the culture, best practices become instinctive, and employees act with awareness. Evidence and transparency are vital in establishing this culture. Organizations must back up their commitment to cybersecurity with clear actions and policies. Regular reporting and open communication build trust and accountability. For example, sharing security audit results or lessons from incident response exercises demonstrates a proactive stance. Transparency also means acknowledging vulnerabilities and collaborating to address them. STRATEGIES TO BUILD A CYBERSECURITY CULTURE Top-Down Approach Executives and managers can embed cybersecurity into the culture by modeling strong security behaviors, supporting awareness initiatives and allocating resources for training and tools. Enforcing policies and reinforcing cybersecurity priorities through company-wide communication sets the foundation for a security-conscious workplace. When leadership is visibly committed to security, it fosters accountability across all levels of the organization. Continuous Training and Awareness Programs Cybersecurity training shouldn’t be a one-time event — it must be an ongoing effort tailored to different roles. IT teams may need advanced threat detection training, while customer service staff must recognize phishing attempts. Interactive formats like workshops, webinars and gamified learning enhance engagement and retention of security principles. Simulated phishing exercises provide real-world testing opportunities, sharpening response skills. Periodic refresher courses keep staff informed on emerging threats and risk mitigation techniques. Recognizing and Rewarding Positive Security Behaviors Training and testing are essential, but it’s just as important to recognize employees who take initiative when it comes to cybersecurity. For example, when someone reports a real phishing attempt that helps stop a threat in its tracks, that action should be acknowledged and praised as the heroic move it is. When you ask employees to follow specific security protocols that may fall outside their usual responsibilities, reinforcing positive outcomes with recognition is key. Acknowledging these efforts builds confidence and motivates employees to stay alert and engaged. Creating a Collaborative Environment A strong cybersecurity culture thrives when security is seen as a shared responsibility beyond formal training. Encouraging employees to report suspicious activity and share security tips increases collective awareness. Regular team discussions about cybersecurity issues and solutions can foster accountability, while cross-functional cybersecurity teams can further integrate security measures across departments. By embedding security considerations into daily operations, organizations create an environment where safe practices become the norm. NAILING DOWN YOUR ORGANIZATION’S CYBERSECURITY CULTURE Building and maintaining a strong cybersecurity culture is vital for protecting your organization from cyber threats. By implementing the strategies outlined in this article, you can cultivate a proactive security culture that strengthens your defenses and resilience. This article was originally published on sbscyber.com. SBS helps business leaders identify and understand cybersecurity risks to make more informed and proactive business decisions. For more information, contact Ryan Kast at (605) 270-9381 or ryan.kast@sbscyber.com. Learn more at sbscyber.com. INDEPENDENT REPORT | 11
Navigating Regulatory Uncertainty With a Compliance Management System By Troy Snyder, Brad Birkholz and Ryan Colleran Plante Moran, ICBC Silver Associate Member The regulatory environment for financial institutions is complex and constantly changing. Learn how a robust compliance program coupled with a compliance management system ticks all the boxes to maintain integrity and adaptability in the face of uncertainty. Rapid changes in the regulatory landscape have created new and unexpected compliance challenges for financial institutions. The issue isn’t missing deadlines or failing to comply — boards and executives are grappling with the complexities of tracking compliance obligations amid ongoing regulatory shifts and adapting their programs in a timely manner. Many of these challenges stem from recent changes in regulatory agencies, including the Consumer Financial Protection Bureau (CFPB), Federal Deposit Insurance Corporation, the NCUA and Office of the Comptroller of the Currency. A stated theme in these developments has been to reduce bureaucracy and streamline; however, the ensuing restructuring, leadership changes, rescinding of prior guidance and changes in the emphases of regulatory reviews have complicated the compliance journey for financial institutions, leaving many in a state of ambiguity, struggling to decipher compliance obligations and anticipate future requirements. Further complicating matters are legal challenges to major regulations. For example, Section 1071 of the Dodd-Frank Act, which requires financial institutions to collect and report demographic data on small business loan applications, is currently in a state of legal limbo. Although the CFPB finalized its implementing rule in 2023, ongoing lawsuits have resulted in court-ordered delays and ongoing uncertainty regarding enforcement. Similarly, efforts to modernize the Community Reinvestment Act have faced setbacks, with rule changes being rescinded and new proposals under consideration. With institutions caught in a “wait-and-watch” regulatory environment, one thing can be said for certain: Complacency isn’t an option. Now more than ever, engaged leadership is critical to ensure that compliance is a strategic priority as new rules emerge and old ones are rescinded. In this climate of uncertainty, organizations need more than reactive measures — they need a proactive, structured approach to compliance. This is where an effective Compliance Management System (CMS) becomes essential. COMPLIANCE MANAGEMENT SYSTEM FUNDAMENTALS A CMS is a critical framework that institutions use to ensure they operate within legal and regulatory boundaries while upholding internal policies and ethical standards. It provides a structured approach to identifying, managing, monitoring and mitigating compliance risks across all levels of the organization. A well-designed CMS not only helps prevent violations but also fosters a culture of accountability and integrity. At the heart of an effective CMS are two foundational cornerstones: board and management oversight and a robust compliance program. These elements work in tandem to establish clear expectations, allocate responsibilities and ensure ongoing adherence to applicable laws and regulations. Effective board and management oversight begins with setting a strong tone at the top. Visible commitment to compliance sends a clear message throughout the organization that regulatory responsibility is a shared priority. In today’s unpredictable regulatory environment, this leadership is essential not only for accountability but also for agility. When boards and executives are actively engaged, they can help institutions respond quickly to change, allocate resources effectively and ensure that compliance remains integrated into strategic decision-making. A successful compliance program in a rapidly changing environment operationalizes an institution’s commitment to regulatory integrity and translates the oversight into action through policies, procedures, oversight, training, monitoring and reporting back to the board. It involves a combination of tools, business processes and internal controls designed to ensure orderly regulatory compliance and reduce risk, and it enables institutions to adapt quickly, identify emerging risks and maintain consistent standards across business lines. It ensures 12 | INDEPENDENT REPORT
that compliance is not a one-time effort, but a continuous process that evolves with the environment. To deal with evolving regulations effectively, your CMS should have capabilities in the following core areas. BOARD AND MANAGEMENT OVERSIGHT • Board of Directors: Strategic oversight and accountability. As the ultimate authority over your institution’s CMS, the board is responsible for setting a strong tone at the top — demonstrating a clear and consistent commitment to compliance and ethical conduct. This leadership includes defining your institution’s compliance risk appetite, ensuring it aligns with business objectives and approving key policies such as your compliance framework, risk assessments and governance structure. Your board should formally appoint a qualified compliance officer and ensure that the compliance function is properly resourced, empowered and independent. By regularly reviewing compliance reports and acting on findings, your board helps drive accountability and responsiveness. It also plays a vital role in overseeing third-party risk, ensuring that vendor and partner relationships are governed by appropriate compliance expectations and controls. In times of regulatory uncertainty, this level of strategic oversight helps your institution remain agile, informed and prepared. • Senior Management: Operational execution and implementation. Your senior management team is responsible for turning your board’s compliance vision into reality by embedding it into day-to-day operations. This includes implementing your compliance program by translating board-approved policies into actionable procedures and controls across business units. Your leaders must supervise compliance staff, ensuring they have the authority and independence needed to monitor and enforce standards effectively. Senior management also plays a key role in conducting compliance risk assessments, identifying and evaluating risks across the institution, and reporting findings back to your board. Through ongoing monitoring, testing and issue tracking, they help ensure timely resolution of compliance concerns. Just as importantly, they promote a culture of compliance through regular training and clear communication, helping your entire organization stay informed, engaged and agile in the face of regulatory change. COMPLIANCE PROGRAM • Policies and Procedures: Given the current volatile landscape, policies must be readily adaptable. Your CMS should include clear documentation aligned with current laws and regulations, along with capabilities to quickly facilitate updates reflecting new or rescinded regulations. This function should include a policy review calendar that aligns with regulatory developments, coupled with a version control system to ensure that your staff operates from the latest guidelines. Implementing a rapid response protocol for immediate updates will prevent falling behind during legal shifts. • Monitoring and Testing: Regular evaluations of business activities are crucial for maintaining compliance and identifying weaknesses. Your CMS should prioritize high-risk areas for more frequent testing and employ data analytics to detect potential compliance drifts. By leveraging real-time dashboards for risk visibility, it’s possible to eliminate repeat findings and improve governance. Thorough documentation of your findings and remediation efforts underscores a proactive risk management approach. • Compliance Audit: Your CMS should facilitate independent reviews to validate the effectiveness of controls and identify areas for improvement. Audits provide a reality check on how well your institution can adapt to regulatory changes, ensuring interim policies and procedures are compliant and effective. • Issue Management and Corrective Action: It’s critical to track, resolve and prevent recurring issues. By incorporating these processes into your CMS, you demonstrate proactive compliance to regulators and highlight your institution’s capacity to tackle issues amid shifting regulations. • Consumer Complaint Response: Complaints are often more than just isolated issues; they’re an early warning system for compliance risks tied to unclear or changing rules. By leveraging them effectively, you can identify patterns of potential consumer harm that can draw regulatory focus. By integrating complaint management within your CMS, analyzing trends and updating training, you can reduce complaints, improve customer satisfaction and minimize compliance risks. To facilitate this, your CMS should include centralized complaint intake, analysis of trends and integration with risk functions. Training staff on effective complaint handling will help bridge gaps, fostering a proactive culture of compliance and risk awareness. • Training: If a regulator knocked on your door today, could you prove that your teams are up to date with the current rules? Your CMS ensures accurate delivery and tracking of ongoing and role-specific training for all staff, including core compliance knowledge and recent changes. It can deliver “compliance alert” training as rules change, tailor content for role relevance and track completion to ensure accountability. This approach underlines a culture of compliance, which is vital when external guidance fluctuates. TAKING THE NEXT STEP With concerns over personal liability and reputational fallout from compliance breaches, many financial institution leaders are experiencing the mental toll of “what if we miss something?” Now’s the time to answer that question by assessing your current CMS. Is it equipped for today’s pace of regulatory change? Are your compliance processes both integrated and auditable? Do you have the visibility and controls needed to stay ahead of the risks? Is your CMS agile enough to adapt to new rules quickly? If any of these questions raise concerns, consider bringing in experienced advisors for a CMS assessment. They can review your compliance program, help identify potential gaps and explore solutions that will ensure both day-to-day and long-term regulatory success. Compliance today is more than just meeting deadlines — it’s about confidently navigating the complexities of tomorrow. A strong CMS is a vital tool in keeping your financial institution ahead of evolving expectations. Scan the QR code for more insights from our trusted advisors. https://www.plantemoran.com/industries/financial-services/ banks?utm_source=qrcode&utm_medium=association&utm_ campaign=PEN-FSG-2025_ICBC INDEPENDENT REPORT | 13
With electronic payments increasingly the norm, wire fraud is becoming more common and varied in format. Wire fraud generally involves the use of electronic communication to defraud another person by phone, fax, telegram or, most commonly now, the internet. Notable scams to watch out for include romance scams on dating apps and social media; advance-fee scam emails promising rewards for financial help; phishing emails claiming account information has been compromised, with a link to input credentials; and hiring scams, where prospective “employers” request personal information like birth dates and Social Security numbers or a “processing fee.” Community banks must remain vigilant, as prosecutors or regulators may act against financial institutions that fail to recognize or prevent cases of wire fraud. Banks can launch awareness campaigns to educate customers on avoiding scams. Encourage them to: • Use strong passwords and multifactor authentication. • Double-check the identity of anyone requesting funds. For example, call a family member directly if “they” ask for financial help via social media before responding. • If the request is for an “urgent” transfer of funds, don’t rush to pay it. That is a red flag. • Avoid clicking on links. If you receive an email that appears to be from your bank, check the email address or go (separately) to the bank’s website to verify the request. • Watch for hiring scams offering unrealistically high salaries and complicated onboarding processes that involve requests for money. Banks can also work internally to protect customers from wire fraud by doing the following: • Have a clear plan for responding to suspected fraud, from freezing transactions to notifying law enforcement. • Train bank employees to spot red flags, like urgent requests for money and changes in vendor payment information. • Use multifactor authentication for access to financial systems. • Create clear wire transfer protocols within the bank. • When a wire transfer is requested, especially a new one, use multiple verification steps like multifactor authentication, callbacks or confirmation pop-ups. • Monitor real-time transactions using advanced algorithms and AI to flag suspicious patterns. • Look for — and flag — unusually large amounts being transferred or consider setting limits for wire amounts. • Look for transfers to countries at risk for financial fraud and money laundering. Refer to the Financial Action Task Force’s black and gray lists. • Require two individuals to verify high-value transfers. • Place holds on unusual transfers, allowing time for potential fraud to be caught. • Conduct regular internal audits to make sure the whole team is in compliance. Wire fraud is just one of many fraud and scam typologies. Community banks should integrate wire fraud education and internal controls into a comprehensive enterprise strategy. Proactive measures and ongoing vigilance can turn fraud prevention into a competitive advantage that builds lasting customer trust. Scott Anchin is senior vice president of strategic initiatives and policy for ICBA. Email Scott at scott.anchin@icba.org. How To Prevent Wire Fraud By Scott Anchin, Senior Vice President of Strategic Initiatives and Policy ICBA 14 | INDEPENDENT REPORT
| Bank Stock Loans | Loan Participations | ATM/Debit | International Services | | Cash Management | Securities Safekeeping | Merchant Services | 800-873-4722 | NE: 888-467-5544 | www.bbwest.com Where community banks bank Est. 1980 – 45 years of service to community banks “As a service provider exclusively focused on community banks, Bankers’ Bank of the West is here to help strengthen our clients and the communities they serve.” Across the western states and Great Plains, we’re the place where community banks bank. That’s because we provide the services, technology, and expertise to help you extend your resources, deliver for your customers, and stand out in your market. 5 reasons to partner with us BBW - President and CEO - Bill Mitchell 1. You can unlock efficiencies and cost savings. We can provide sophisticated solutions and economies of scale because we’re powered by hundreds of community banks across our region. 5. Our priorities are aligned with yours. 2. You can expand your capabilities. 4. We’ll never compete for your customers. 3. You can count on prompt, reliable service. • Independent loan review • Loan and credit administration consultation • Strategic planning facilitation • Management, staffing, & succession planning • Acquisition & expansion • BSA/AML compliance • Regulatory risk consultation President, Jim Swanson President, Anne Benigsen • Consulting • Phishing Tests • Vulnerability Management • Security Monitoring Cyber/information security, strategic planning, independent loan review, AND MORE. Consulting Services $ 8.45B assets under management $ 1.9B daily transaction value processed/settled Serving more than 60% of community banks across 7 states
Reduce Collateralization A Path to Greater Efficiency and Depositor Satisfaction By Joseph Hooker, Chief Sales Officer IntraFi, ICBC Associate Member Managing deposit collateralization can be a challenge in any environment. But in today’s volatile financial landscape, the liquidity constraints imposed by collateral can be especially burdensome. How can banks and large depositors reduce the need for collateralization? Through a reciprocal deposit placement network. Banks can use a reciprocal deposit network to make large deposits eligible for millions in aggregate FDIC insurance across network banks — replacing the need for collateral or repos. Reciprocal deposit placement services can dramatically reduce the high costs and complexities associated with collateral management, help optimize balance sheets and improve asset liquidity. Safety-conscious customers, such as government entities, nonprofits and businesses, are often unaware that they have alternatives to collateralization, yet are quick to recognize the benefits. By introducing options for reducing collateralization, a bank can earn the appreciation and loyalty of these customers and gain greater control over its balance sheet. For example, by working with IntraFi — provider of the largest reciprocal deposit placement network — a $640 million Minnesota bank was able to replace collateralized deposits with those eligible for FDIC insurance, reducing the percentage of its investments tied up in pledging municipal deposits from about 60% to about 5% without sacrificing safety.* CHALLENGES OF COLLATERALIZATION AND HOW A RECIPROCAL DEPOSIT NETWORK CAN HELP Traditionally, many banks rely on collateralization to secure deposits and repos and to manage risks. However, collateralization comes with several inherent challenges compared to FDIC-insured deposits, including reduced liquidity, stretched operational resources and the risk of shortfalls. Benefits of utilizing reciprocal deposits include: 1. Enhanced Asset Liquidity: When banks no longer have to hold specific assets as collateral, they gain the freedom to redirect capital toward more liquid, revenue-generating initiatives such as strategic lending or investments in higher-yielding vehicles. Greater liquidity allows banks to more easily meet short-term obligations and adapt to changing market conditions. 2. Operational Efficiency: Reciprocal deposits minimize the need for constant collateral valuation. With large deposits eligible for FDIC insurance, banks can significantly reduce the labor and technology investments required to track fluctuating collateral values, operating with a leaner, more flexible balance sheet. 3. Risk Mitigation: Access to millions in aggregate FDIC insurance across network banks provides a safety net that avoids the risk of shortfalls due to collateral-value deterioration. In volatile markets, providing this added layer of security can be an important competitive advantage. 4. Local Use of Funds: Deposits exchanged through a reciprocal deposit network can allow public fund depositors in all states to meet statutory requirements without complex collateral arrangements — all while supporting the local community. ADVANTAGES FOR BANK CUSTOMERS A reciprocal deposit network enables banks to strengthen their relationships with large-dollar depositors, particularly those with statutory or investment policy requirements for securing deposits. When deposits are placed via a reciprocal deposit network, depositors save time and enjoy enhanced transparency. Customers are relieved from the burden of constantly monitoring collateral values. And with one unified statement, customers benefit from a comprehensive view of their deposits, regardless of where they’re placed. A STRATEGIC SHIFT Joining a reciprocal deposit network represents a significant strategic shift for banks. As they move away from the burdens of traditional collateralization, banks can reallocate resources towards innovative growth strategies. The long-term benefits include: • Resilience in Volatile Markets: Enhanced liquidity and reduced operational risks give banks the flexibility to navigate market volatility, ensuring greater financial stability. • Stronger Competitive Positioning: Offering a wider array of financial services can help a bank position itself as an industry leader. • Balance Sheet Flexibility and Control: Participating banks can keep deposits on their balance sheets or sell them to network members for fee income as their balance sheet needs shift, allowing them to implement their strategic goals more easily. 16 | INDEPENDENT REPORT
www.thenewslinkgroup.orgRkJQdWJsaXNoZXIy MTg3NDExNQ==