ISSUE 4 2024-25 PRESIDENT’S MESSAGE Cultivating Positive Impact: Banks Back Nebraska OFFICIAL PUBLICATION OF THE NEBRASKA BANKERS ASSOCIATION
233 S. 13th St., Ste. 700 Lincoln, NE 68508 Phone: (402) 474-1555 • Fax: (402) 474-2946 www.nebankers.org NBA BOARD OF DIRECTORS RICHARD BAIER President and CEO richard.baier@nebankers.org KARA HEIDEMAN Director of Communications and Marketing kara.heideman@nebankers.org NBA EDITORIAL STAFF MARK LINVILLE NBA Chair First State Bank, Randolph TRAVIS SEARS NBA Chair-Elect Union Bank & Trust Co., Lincoln BRAD KOEHN NBA Past Chair Midwest Bank, Lincoln KRISTY BARTAK Nebraska State Bank & Trust Co. Broken Bow NICK BAXTER FNBO Omaha CORY BERGT Wells Fargo Bank, N.A. Lincoln KRYSTI CUNNINGHAM Security National Bank of Omaha Omaha CURTIS HEAPY Western Nebraska Bank Curtis ZAC HOLOCH Cornerstone Bank York JEFF KANGER First State Bank Nebraska Lincoln ZAC KARPF Platte Valley Bank Scottsbluff JOHN KOTOUC American National Bank Omaha KRISTEN MARSHALL-MASER Five Points Bank Grand Island JEREMY McHUGH Corn Growers State Bank Murdock AARON OTTEN Elkhorn Valley Bank & Trust Norfolk KEVIN POSTIER Henderson State Bank Henderson JAY PRESTIPINO First Interstate Bank Omaha LUKE RICKERTSEN Flatwater Bank Gothenburg BRIAN SCHWEIGER U.S. Bank, N.A. Lincoln RYNE SEAMAN Cattle Bank & Trust Seward RYAN STEFFENSMEIER First Community Bank Beemer KELLY TRAMBLY South Central State Bank Campbell NICK VRBA RVR Bank Fremont ANDREW WITT Dundee Bank Omaha 4 NEBRASKA BANKER
Discover® Debit keeps it simple. If you’re scanning through a hefty monthly debit statement, you’re likely missing hidden or confusing fees. With Discover® Debit you get a one-page statement, transparent fees, and more revenue. Let’s talk about it. Find out more at DiscoverDebit.com/NoGames We Don’t Play Games with Your Debit Program
EDITORIAL: Nebraska Banker seeks to provide news and information relevant to Nebraska and other news and information of direct interest to members of the Nebraska Bankers Association. Statement of fact and opinion are made on the responsibility of the authors alone and do not represent the opinion or endorsement of the NBA. Articles may be reproduced with written permission only. ADVERTISEMENTS: The publication of advertisements does not necessarily represent endorsement of those products or services by the NBA. The editor reserves the right to refuse any advertisement. SUBSCRIPTION: Subscription to the magazine, which began bimonthly publication in May 2006, is included in membership fees to the NBA. ©2025 The Nebraska Bankers Association (NBA) | The newsLINK Group LLC. All rights reserved. Nebraska Banker is published six times per year by The newsLINK Group LLC for NBA and is the official publication for this association. The information contained in this publication is intended to provide general information for review, consideration and education. The contents do not constitute legal advice and should not be relied on as such. If you need legal advice or assistance, it is strongly recommended that you contact an attorney as to your circumstances. The statements and opinions expressed in this publication are those of the individual authors and do not necessarily represent the views of NBA, its board of directors or the publisher. Likewise, the appearance of advertisements within this publication does not constitute an endorsement or recommendation of any product or service advertised. Nebraska Banker is a collective work, and as such, some articles are submitted by authors who are independent of NBA. While a first-print policy is encouraged, in cases where this is not possible, every effort has been made to comply with any known reprint guidelines or restrictions. Content may not be reproduced or reprinted without prior written permission. For further information, please contact the publisher at (855) 747-4003. CONTENTS 8 12 8 PRESIDENT’S MESSAGE CULTIVATING POSITIVE IMPACT: BANKS BACK NEBRASKA Richard Baier, President and CEO, Nebraska Bankers Association 12 WASHINGTON UPDATE CELEBRATING A LEGACY OF COLLABORATION Rob Nichols, President and CEO, American Bankers Association 14 COUNSELOR’S CORNER PRACTICAL GUIDE TO RESPONDING TO A DOCUMENT SUBPOENA Baird Holm LLP 22 TECH TALK RED TEAM TESTING Will Keller, Network Security Engineer, SBS CyberSecurity 26 THE ONUS OF “ON-US” CHECKS Theodore Kelly, JD, MBA, CCEP, Associate General Counsel, Compliance Alliance 30 2025 EDUCATION CALENDAR 6 NEBRASKA BANKER
INVESTMENT PRODUCTS Municipal Bonds Mortgage-Backed Securities Govt. & Agency Bonds Corporate Bonds Brokered CDs Money Market Instruments Structured Products Equities Mutual Funds ETFs FINANCIAL SERVICES Public Finance Investment Portfolio Accounting Portfolio Analytics Interest Rate Risk Reporting Asset/Liability Management Reporting Municipal Credit Reviews Balance Sheet Policy Development & Review www.FBBSinc.com Exceptional Service INDIVIDUAL ATTENTION 888-726-2880 MEMBER FINRA & SIPC. INVESTMENTS ARE NOT FDIC INSURED, NOT BANK GUARANTEED & MAY LOSE VALUE. * Audit Services are offered thru MIB Banc Services, LLC, a subsidiary of our holding company. MEMBER FDIC 40years GROWING STRONGER TOGETHER Lending Services Operational Services Audit Services* 800-347-4MIB mibanc.com * Audit Services are offered thru MIB Banc Services, LLC, a subsidiary of our holding company.
Cultivating Positive Impact: Banks Back Nebraska Richard Baier, President and CEO Nebraska Bankers Association PRESIDENT’S MESSAGE 8 NEBRASKA BANKER
Over the past two months, I have had the opportunity to travel across the state, meeting with many of our NBA members — from South Sioux City to the Panhandle, with stops in both rural and urban communities along the way. These in-person visits are a vital part of the NBA’s effort to gather valuable member feedback and identify trends and challenges facing our industry. As expected, discussions during these bank visits almost always include pressing issues such as the recent regulatory tsunami, financial headwinds in agriculture, consumer fraud, staffing challenges and partisan politics. For me, one of the benefits of these visits is witnessing the positive impacts Nebraska banks have on their communities. In today’s chaotic world, it is easy to overlook the great work happening around us. Banks should not shy away from this important work but rather we should embrace our collective community impact! The following are several examples of the events and activities I witnessed during my recent travels: 1. Banks expanding, renovating and developing their physical locations, which often sparks additional construction growth throughout the community. 2. Support for philanthropic efforts, including the American Cancer Society’s Relay for Life, the Team Jack Gala and other valuable, charitable initiatives. 3. Banks providing volunteers, leadership and financial support to strengthen local chambers of commerce and economic development programs. In times of divisions and uncertainty, I encourage you to pause, reflect and celebrate the important role Nebraska banks play in our state’s growth and success. 9 NEBRASKA BANKER
THE NATION'S FIRST BANKERS' BANK Your Full-Service Bankers' Bank United Bankers' Bank is proud to be the nation's first bankers' bank, serving over 1,000 community banks from the West Coast to the Great Lakes and South Atlantic. We can't wait to share our passion for community banking with you! To Request Pricing or Additional Information Visit ubbRequest.com Contact your Nebraska Calling Officer: Michael Hahn VP, Correspondent Banking Officer michael.hahn@ubb.com First for Your Success'" ubb.com • Member FDIC 4. Efforts to address Nebraska’s childcare shortages through matching grant funds, facility financing and coordination of new community services. 5. Affordable and workforce housing development made possible by banks providing matching funds and direct investments. 6. Students developing financial skills at the more than 71 in-school savings banks operating in Nebraska elementary schools with local bank support. 7. Development of the next generation of bankers as high school and college students gain practical experience working in local banks. 8. Bankers dedicating their personal time to provide financial education and experiential learning opportunities in Nebraska schools. 9. Banks adapting to serve an increasingly diverse customer base, offering services in several different languages. 10. Account options created for the traditionally unbanked and underbanked. Some banks are also working with the Department of Corrections to provide financial products and services to previously incarcerated individuals. This list is just a snapshot of the great work being done by NBA members. It serves as a reminder of the important leadership role Nebraska banks play in strengthening communities. In times of divisions and uncertainty, I encourage you to pause, reflect and celebrate the important role Nebraska banks play in our state’s growth and success. 10 NEBRASKA BANKER
SUPPORTING INDEPENDENT ADVISORS WITH TURNKEY SOLUTIONS FOR FINANCIAL INSTITUTIONS 800-262-9535 | 402-483-2555 9060 Andermatt Drive, Suite 101, Lincoln, NE 68526 jfcadvisor.com Securities and advisory services are offered through LPL Financial (LPL), a registered investment advisor and broker-dealer (member FINRA/SIPC). Insurance products are offered through LPL or its licensed affiliates. The bank and JFC are not registered as a broker-dealer or investment advisor. Registered representatives of LPL offer products and services using JFC and may also be employees of the bank. These products and services are being offered through LPL or its affiliates, which are separate entities from, and not affiliates of, the bank or JFC. Securities and insurance offered through LPL or its affiliates are: Not Insured by FDIC or Any Other Government Agency I Not Bank Guaranteed | Not Bank Deposits or Obligations I May Lose Value JFC ADVISOR NETWORK Where do you want to go? We’ll get there together. Incorporate A Successful Investment Program In Your Bank JFCAdvisorNetwork JFC Advisor Network Visit Our Site A Successful Investment Program Can: Provide an opportunity to acquire new customers Offer customers a platform where all their financial needs are addressed Build high-end referrals to your bank Present customers with robust wealth management solutions
WASHINGTON UPDATE Celebrating a Legacy of Collaboration Rob Nichols, President and CEO American Bankers Association At the beginning of this year, my travels on behalf of ABA took me to Southern California at a time when deadly wildfires were still raging through many neighborhoods in Los Angeles and the surrounding area. As I sat there in that room full of bankers, friends and colleagues, the sentiment I felt was unmistakable: When the smoke cleared and the dust settled, bankers would be there, ready to serve their communities and support the recovery — just as they have done throughout American history. 12 NEBRASKA BANKER
As I reflect on ABA’s 150th milestone anniversary in 2025, and as I look at where we are as a nation today, I am reminded that bankers have a long and proud tradition of coming together during hard times to work together and find solutions. That certainly was true of ABA’s founding; in 1873, the United States was facing a financial panic and one of the worst recessions in history. Unemployment and bankruptcies were surging, and 300 banks failed. It was on the heels of this unrest that two young bankers — inspired by the women’s suffrage movement and the power of collective action — worked to convene the first-ever meeting of the American Bankers Association in July 1875 in Saratoga Springs, New York. Since then, ABA has provided a forum for bankers to meet and together develop solutions that make the banking sector stronger, safer and more accessible. Just a few examples: We helped mobilize bankers to safeguard bank funds during a string of bank robberies in the 1890s; we pioneered the routing number system that made it easier for customers to move money; and we encouraged bank lending throughout World War II to help finance military operations through bank purchases of government bonds. In more recent times, ABA has supported banks’ role as economic first responders in the wake of major natural disasters (like the recent floods in Kentucky) and a global pandemic, and we have helped bolster their mission of making sure that the American dream is achievable for all Americans, particularly those in historically underserved communities. As we continue to face a climate of unprecedented challenges, from a deeply divided political landscape to heightened economic uncertainty, our nation’s banks remain strong, resilient and ready to respond to whatever comes our way. ABA is standing ready to aid them in their important work. Despite the many things today that threaten to divide us, much like our founders did 150 years ago, I, too, believe that we are stronger together. I hope that in the months and years to come, you’ll continue to be an active part of this organization. Continue sharing your voices, perspectives and ideas as we work to shape the future of banking policy in this country over the next 150 years. Together, we can — and will — achieve more. Email Rob at nichols@aba.com. Despite the many things today that threaten to divide us, much like our founders did 150 years ago, I, too, believe that we are stronger together. LINCOLN BRUNING endacotttimmer.com 402-817-1000 Legal advice. Community banking experience. 13 NEBRASKA BANKER
COUNSELOR’S CORNER Practical Guide to Responding to a Document Subpoena Baird Holm LLP Nebraska banks are regularly served with subpoenas commanding the bank to produce documents. Document subpoenas, formally known as subpoenas duces tecum, are orders from governmental entities, or the Court, that order a third party, such as a bank, to provide specific information. A subpoena might seek information regarding customer accounts, specific transactions, or the activities and operation of the institution itself.1 After receiving a subpoena, the bank should take immediate action to evaluate the type of subpoena and the validity of the subpoena, consult with legal counsel, and object and/or comply as appropriate. This article provides practical guidance informing how a Nebraska bank should manage responses to third-party civil subpoenas for documents. 14 NEBRASKA BANKER
1. Immediately Review Subpoena and Identify Deadlines Upon receipt, immediately review the subpoena to identify the deadline for compliance and categories of information the subpoena requests. Given the numerous issues that a bank served with a subpoena can face, it is inevitable that the bank will have questions regarding the validity, scope or response to the subpoena. Such questions should be immediately brought to legal counsel’s attention. Best practice is to implement policies and procedures to guide the bank’s subpoena response and immediately bring a subpoena to the attention of internal or external legal counsel, considering the short time frames for objection and compliance. Under both federal and Nebraska law, when the bank receives a subpoena in a civil case, it typically must object or respond to the subpoena within 14 days of receipt unless the subpoena specifies a different time for compliance.2 If the bank believes it will need more time to respond, it should have counsel request an extension of time from the issuing party or, if necessary, serve a written objection on the party who issued the subpoena or file a motion with the Court to extend the deadline and preserve the bank’s objections. In any event, immediate action — either to comply, respond, request an extension or file a motion — is required upon the receipt of a subpoena. 2. Contact Legal Counsel and Verify the Subpoena’s Validity In immediately discussing the subpoena with legal counsel, the bank should, at minimum, verify the validity of the subpoena before responding. A valid subpoena should state on its face: (1) the individual and/or business that is the topic of the request; (2) the information the subpoena seeks; (3) the authority of the subpoena’s issuing party; and (4) the deadline for compliance. For example, if a subpoena does not include a case caption, court seal or any request regarding your institution, the subpoena may be flawed or invalid. A civil subpoena is invalid and should be objected to if the issuing party failed to notify the bank’s customer or obtain that customer’s consent before issuing the third-party subpoena for the customer’s records.3 If a subpoena seeks documents of a customer who is a party to the captioned case, the customer should have been given the opportunity to review the subpoena and an opportunity to object.4 15 NEBRASKA BANKER
Another potential defect is the issuing party’s failure to notify all the other parties in the lawsuit prior to issuing the subpoena; the subpoena must expressly state notice occurred.5 The failure to notify other parties to the litigation likely invalidates the subpoena and impacts the customer’s privacy rights. The bank should attempt to verify that the issuing party afforded the bank customer proper notice of the subpoena and an opportunity to object before complying. 3. Evaluate the Bank’s Grounds for Objecting to the Subpoena A bank can object to a subpoena for various reasons, including (a) it does not provide a reasonable time for compliance; (b) it requires the disclosure of privileged or confidential information; or (c) it subjects the bank to undue burden.6 The bank should consult with its legal counsel regarding these and other potential objections. a. Reasonable Time for Compliance If the bank objects to the time for compliance specified in the subpoena, a court may quash the subpoena, declaring it invalid. A court determines a reasonable time for compliance by considering the burden of the request and the time given for compliance. This is necessarily a fact-intensive inquiry that will turn on the specific circumstances of each subpoena. For example, in one case, the court found 10 business days an unreasonable time to comply with a subpoena for documents seeking information extending over a decade and implicating thousands of confidential files.7 If there is a significant burden placed on the bank to identify and produce the requested documents, a court may require the issuing party to shoulder the costs of compliance. In such instances, the bank can ask for an advance of reasonable costs before undertaking the burden of compliance.8 b. Disclosure of Privileged or Confidential Information Another important aspect of responding to a subpoena is recognizing that federal and state law protects various information held by the bank as privileged or confidential. i. Bank Examination Privilege Federal law prohibits an FDIC-insured bank’s disclosure of any information regarding a suspicious activity report (SAR).9 If a bank receives a subpoena that would require the production of a SAR or related documents, it should object and also notify the FDIC.10 Nebraska law is also clear that any regulatory report by a financial agency is a confidential record of that agency.11 The bank should object to any subpoena seeking information about SARs or regulatory reports. ii. Attorney-Client and Work-Product Privilege The attorney-client privilege protects confidential communications between an attorney and the attorney’s client. Generally, the privilege applies if (1) the bank communicates with its attorney; and (2) the communication relates to information shared with the attorney for a legal opinion or legal services.12 The work-product privilege applies to materials prepared in anticipation of litigation, even when the bank is not a party to the litigation but is a third party to the proceeding. This privilege does not apply to documents prepared in the regular course of business.13 A bank should withhold any information constituting confidential communication between the bank and its attorney or prepared in Continued on page 18 16 NEBRASKA BANKER
At C/A’s Compliance Hub, we understand where to start and are available via live chat to answer your questions. We also have tools developed in-house for you to begin using Day One. Once you have a starting point, circle back for any additional clarification needed. We answer an unlimited numbers of questions from our members. This is where our Compliance Hub is vital, built to be next-level compliance support.
anticipation of litigation, from production and object to a subpoena on grounds of privilege when appropriate.14 iii. Harmful Disclosure of Confidential Information The Court is authorized to quash, modify or condition a subpoena to protect a third party from unnecessary or unduly harmful disclosures of confidential information. The law protects the disclosure of any records that implicate the bank’s trade secrets, confidential research, development or commercial information; the bank can object to any subpoena requests impacting these interests.15 c. Undue Burden A party issuing a subpoena is under an obligation not to unduly burden a third party when it issues the subpoena.16 A bank can object if a subpoena subjects the bank to undue burden by requesting (1) irrelevant information; (2) documents the issuing party does not need; (3) documents whose costs exceed its usefulness; (4) extensive time periods; (5) documents not described with particularity; and (6) information whose burden outweighs its benefit.17 The issuing party should ensure the information requested by the subpoena identifies relevant documents.18 A burdensome request is one seeking the disclosure of more information than what is relevant to the lawsuit or failing to appropriately limit the time period of the requests. A bank should coordinate with its data management team to identify the universe of responsive documents and determine if the volume unduly burdens the bank. Remember, if the burden is significant, the bank can request the issuing party advance the reasonable costs of production.19 4. Asserting Objections by Motion to Quash If the bank believes it cannot reasonably comply with a subpoena, it should confer with legal counsel to determine its options. The bank must always respond to a subpoena, but that does not mean the response must comply with the subpoena. Other responses include objecting to a subpoena or negotiating with the issuing party to narrow its scope. If negotiations prove unsuccessful, the bank can serve written objections on the party who issued the subpoena setting out the grounds for the objections or file a motion to quash with the court raising its objections to the subpoena for the court to determine. If a subpoena contains multiple requests and the bank makes a partial production addressing certain requests, ensure that any response includes a statement confirming that the production does not waive Continued from page 16 Continued on page 20 18 NEBRASKA BANKER
| Bank Stock Loans | Loan Participations | ATM/Debit | International Services | | Cash Management | Securities Safekeeping | Merchant Services | 800-873-4722 | NE: 888-467-5544 | www.bbwest.com Where community banks bank Est. 1980 – 40+ years of service to community banks “As a service provider exclusively focused on community banks, Bankers’ Bank of the West is here to help strengthen our clients and the communities they serve.” Across the western states and Great Plains, we’re the place where community banks bank. That’s because we provide the services, technology, and expertise to help you extend your resources, deliver for your customers, and stand out in your market. 5 reasons to partner with us BBW - President and CEO - Bill Mitchell You can unlock efficiencies and cost savings. We can provide sophisticated solutions and economies of scale because we’re powered by hundreds of community banks across our region. Our priorities are aligned with yours. You can expand your capabilities. We’ll never compete for your customers. You can count on prompt, reliable service. • Independent loan review • Loan and credit administration consultation • Strategic planning facilitation • Management, staffing, & succession planning • Acquisition & expansion • BSA/AML compliance • Regulatory risk consultation President, Jim Swanson President, Anne Benigsen • Consulting • Phishing Tests • Vulnerability Management • Security Monitoring Cyber/information security, strategic planning, independent loan review, AND MORE. Consulting Services $ 8.6B assets under management $ 1.9B daily transaction value processed/settled Serving more than 60% of community banks across 7 states
any objection of the bank to the subpoena. Therefore, the bank will maximize the likelihood of preserving its objections to the other requests to be further negotiated or quashed as appropriate. In all instances, the bank should strongly consider seeking a protective order from the court to ensure that any production of documents remains confidential and for use only in the immediate lawsuit.20 5. Practical Suggestions for Compliance A bank should include language in customer account agreements confirming that, while it will not generally disclose account information, if the disclosure is required under the law, the bank will produce it. The Gramm-Leech-Bliley Act21 generally prohibits the disclosure of any nonpublic personal information by a bank; complying with a valid subpoena is an exception to this rule.22 If the bank concludes that the subpoena is valid after reviewing the requests, determining its obligation to respond and identifying the universe of responsive, non-privileged documents, the bank should respond to the subpoena. The bank must produce the documents as kept in the ordinary course of business or must organize and label them to correspond to each request.23 If a responsive document includes privileged or objectionable information, the bank should withhold or redact the privileged information. When producing the documents, the bank should send them via encrypted email or a secure file transfer service. After production, the bank should keep a record of its subpoena response and production. In any instance, immediately notifying legal counsel of the subpoena is imperative to ensure that the bank properly responds to the subpoena, whether by producing the documents sought or objecting as needed. Continued from page 18 1. Rhonda Henry-Webb, Kyle Owens, Subpoena Responses for Financial Institutions, REUTERS (March 2023), https://www.reuters.com/practical-law-the-journal/litigation/ subpoena-responses-financial-institutions-2023-03-01/. 2. FED. R. CIV. P. 45(d)(2); NEB. REV. STAT. § 6-334(A). 3. 12 U.S.C.A § 3407. 4. FED. R. CIV. P. 45(a)(4); NEB. REV. STAT. § 6-334(A)(b). 5. NEB. REV. STAT. § 6-334(A)(d)(2)(e). 6. FED. R. CIV. P. 45(d)(2); NEB. REV. STAT. § 6-334(A). 7. BNSF Railway Company on behalf of United States v. Center for Asbestos Related Disease, Inc., 2022 WL 1442854, at *4 (D. Mont., 2022). 8. Arthur Miller, § 2459 Subpoena for the Production of Documents and Things—Quashing or Modifying a Subpoena, 9A FED. PRAC. & PROC. CIV. § 2459 (3d ed.) (June 2024); NEB. REV. STAT. § 6-334(A)(a)(2). 9. 12 C.F.R. § 353.3. 10. Suspicious Activity Reports, 61 FR 6095-02, 1996 WL 64862 (February 16, 1996). 11. NEB. REV. STAT. § 8-108; See NEB. REV. STAT. § 8-112; § 8-101.03(11). 12. Thomas v. Marshall Public Schools, 690 F.Supp.3d 941, 958 (D. Minn., 2023). 13. Thomas v. Marshall Public Schools, 690 F.Supp.3d 941, 955 (D. Minn., 2023). 14. FED. R. CIV. P. 45(d)(2). 15. FED. R. CIV. P. 45(d)(2). 16. FED. R. CIV. P. 45(d)(1); NEB. REV. STAT. § 6-334(A)(d)(8). 17. James Buchwalter, Litigation of Standing to Challenge Subpoena to Nonparty under Fed. R. Civ. P. 45, 187 AM. JUR. TRIALS 1 (Originally published in 2024); NEB. REV. STAT. § 6-334(A). 18. Lupe Development Partners, LLC v. Deutsch, 2023 WL 11960418, at *6 (D. Minn., 2023) (finding subpoena sought irrelevant information regarding financial information spanning 2006 – 2023). 19. Arthur Miller, § 2459 Subpoena for the Production of Documents and Things—Quashing or Modifying a Subpoena, 9A FED. PRAC. & PROC. CIV. § 2459 (3d ed.) (June 2024); NEB. REV. STAT. § 6-334(A)(a)(2). 20. FED. R. CIV. P. 26(e); NEB. REV. STAT. § 6-334(A)(d)(7). 21. 15 USCA § 6802 (2011). 22. James Buchwalter, Litigation of Standing to Challenge Subpoena to Nonparty under Fed. R. Civ. P. 45, 187 AM. JUR. TRIALS 1 (originally published in 2024). 23. FED. R. CIV. P. 45(d)(2); NEB. REV. STAT. § 6-334(A)(f)(1)(a). 20 NEBRASKA BANKER
WHAT TO EXPECT: Lab tests can detect signs of thyroid disease, pre-diabetes, heart disease, & liver function. PHA Health & Wellness Partners want to work with you to keep your quality of life high and your health care costs low. Become an informed consumer of healthcare and participate in our annual Preventive Care Clinics (PCC)! 106 West 3rd Street | P.O. Box 488 | McCook, NE 69001 | (877)345-7775 *Not all services are available in every state. Please contact us to determine if you qualify. PARTICIPATE IN A PREVENTIVE CARE CLINIC MANY DISEASES ARE PREVENTABLE THROUGH LIFESTYLE CHANGES Comprehensive Lab Testing - Over 40 tests including Vitamin D, A1C, & Testosterone. Health Risk Assessment - Height, Weight, Blood Pressure, & Waist Circumference Educational Materials - We distribute health education materials such as monthly newsletters, and a quarterly magazine to help you stay informed. Coaching with our Team of Specialists - We want to help you create a customized plan to prepare you for success. Receive personalized coaching with our Registered Nurses, Exercise Physiologist, Registered Dietitian, and Registered Pharmacist. There is NO COST to You - We understand that healthy living can be expensive and want you to have the resources and tools you need. There is NO COST to members covered on the NBA Benefit Plan’s Health Insurance. All Conversations and Reports are Confidential - Conversations with our specialists and personally identifiable information such as lab results will not be shared with anyone without your permission. Your results will be mailed to your mailing address on file. DON’T MISS OUT ON FREE LAB WORK FROM NBA!
TECH TALK Red Team Testing Simulating Real-World Attacks to Strengthen Security Will Keller, Network Security Engineer SBS CyberSecurity Cyberattacks have become certain, compelling organizations to rethink their approach to cybersecurity. Traditional penetration tests assess overall network vulnerabilities and highlight potential attack vectors a threat actor could leverage. However, they seldom replicate a full-chain attack in real-world scenarios without warning. Red team testing fills this gap by simulating an organized, targeted attack to evaluate how well an organization’s people and security controls withstand an active threat. This proactive method allows organizations to develop response strategies, expose critical or overlooked vulnerabilities, appraise defenses and enhance response readiness. 22 NEBRASKA BANKER
What Is Red Team Testing? In red team testing, an attacker studies your organization and its network, using every available tool and technique to take over, exfiltrate data from or otherwise compromise predefined high-value targets (HVTs). These may include Social Security numbers, sensitive company data or other critical assets identified during scoping. Red team testing has two primary goals: 1. Determine the extent of damage an attacker could inflict on HVTs. 2. Evaluate the organization’s ability to detect and respond to such activities. By simulating real-world attack scenarios, red team testing provides a clearer picture of network resilience and response effectiveness. Why Is Red Team Testing Important? Red team testing complements traditional penetration testing by demonstrating how an attacker would actively compromise your systems. It prepares organizations for modern cyber threats, including data theft and system destruction. Today’s cyberattacks, turbocharged by advances in artificial intelligence, leverage both advanced and traditional techniques, such as: • Phishing: Tricking users into revealing sensitive information. • Compromised credentials: Exploiting stolen passwords. • Insider threats: Malicious or careless employees misusing access to critical systems. By proactively addressing these risks, red teaming enables organizations to identify and secure critical vulnerabilities, improve monitoring systems and strengthen incident response. This reduces the impact of real-world breaches and ensures teams are ready to respond when it matters most. By simulating real-world attack scenarios, red team testing provides a clearer picture of network resilience and response effectiveness. How Does Red Team Testing Work? The red team testing process typically includes the following stages: 1. Open-Source Intelligence The first phase of red team testing focuses on gathering publicly available information about the target organization from resources that criminals use. This involves conducting thorough outside reconnaissance without direct interaction with the network. Red teamers analyze company websites, social media profiles and domain records — just as real attackers do — to craft a tailored attack strategy. 2. Initial Attack Once the necessary intelligence is gathered, the red team executes the initial attack using social engineering, phishing attempts and vulnerability scanning tactics. The goal is to gain an initial foothold within the organization, often by exploiting weak points in security systems or tricking users into revealing sensitive information. 3. Persistent Attack In this phase, the red team builds on the initial successes by expanding access using techniques like privilege escalation and lateral movement. This tests how well an organization can detect, contain and respond to an attacker who is already inside. 4. Reporting In the final phase, the red team delivers a detailed report highlighting strengths, weaknesses and key takeaways identified during the test. The report provides a clear narrative of your internal defenses 23 NEBRASKA BANKER
and response mechanisms, showcasing which critical moments during testing led to the most success for the red team. Benefits of Red Team Testing Through its focus on real-world attack scenarios, red team testing reveals critical insights beyond the scope of traditional penetration testing. These insights translate into three key benefits that help organizations fortify their internal defenses and improve overall resilience: 1. Enhanced Incident Detection and Response Red team testing reveals how well an organization can detect and respond to internal threats, highlighting blind spots in monitoring tools and gaps in incident response workflows. 2. Strengthened Internal Security This testing method uncovers vulnerabilities that traditional penetration tests often miss, such as over-permissioned accounts, unsecured service accounts and weak network segmentation. 3. Proactive Risk Mitigation Simulating realistic attack scenarios in a controlled environment allows organizations to identify and fix vulnerabilities before they are exploited. By adopting an attacker’s perspective, red team testing equips organizations with the insights needed to strengthen internal defenses, improve detection and enhance response readiness. This article was originally published on SBS CyberSecurity’s blog at sbscyber.com/blog/what-is-red-team-testing. SBS helps business leaders identify and understand cybersecurity risks to make more informed and proactive business decisions. For more information, contact Valerie Spicer at (605) 270-9381 or valerie.spicer@sbscyber.com. Learn more at sbscyber.com. 24 NEBRASKA BANKER
JOIN US. RSVP NOW. The Rewind Hotel 6075 Mills Civic Pkwy West Des Moines, IA 50266 Anniversary Celebration Tuesday, JUNE 10th AT 4 PM Wednesday, June 11th FROM 9:30 am – 3:00 pm CAN’T MISS SPEAKING SESSIONS: TIM PRANGER Founder & CEO, Appli, Inc. Fight Fraud and Secure Trust in the Digital Age CHRIS ZIEGLER Chief Product Officer, Merchant’s PACT Key Innovations Shaping the Future of Payments ROBB REMPEL Executive VP, Haberfeld The Prosperity Paradox: Banking’s Biggest Hurdle PAUL COWLEY VP of Technical Support, DBE ATM Security: The Deep Dive To RSVP + learn more, visit: dbeinc.com/dbeforum 25 NEBRASKA BANKER
The Onus of “On-Us” Checks An “on-us” check is one that is drawn on an account held at the same bank at which it is presented. That is, the bank is both the depository bank and the payor bank. In simple terms, the opposite of an on-us check is a transit check. A transit check is presented at another financial institution and subsequently sent to the payor bank through a clearing process for settlement. On-us checks carry different risks than transit checks, creating distinct responsibilities, particularly regarding wrongful dishonor and funds availability. No federal requirement obliges banks to pay on-us checks “over the counter.” If a non-customer physically presents an on-us check to “Bank of Snow,” there is no explicit requirement for the bank to pay that item (at least from a federal standpoint). Of course, most banks contractually agree to pay duly presented and properly payable items, so refusing an on-us check may incur legal risk from the drawer. That’s not to say the bank is prohibited from dishonoring this type of check for a valid reason, such as insufficient funds in the drawer’s account or failure of the payee to provide reasonable identification; but wrongful dishonor may occur in the absence of a valid reason (UCC 3-501, 3-502 and UCC 4-402). Theodore Kelly, JD, MBA, CCEP, Associate General Counsel Compliance Alliance 26 NEBRASKA BANKER
of good faith or to limit potential damages. Improper intervention between a customer’s promised payment to another party may evidence a lack of good faith or, worse, increased liability for proximate damages if bad faith can be proved (UCC 4-103). If what has been previously stated isn’t enough to initiate a conversation with bank counsel, my compliance colleagues may want to consider the UDAAP ramifications associated with disparate treatment. Let’s say your bank has a policy of cashing an on-us check for non-customers for $5.00. Simultaneously, the bank requires customers to deposit on-us checks and will only make those funds available according to its Funds Availability Policy. Refusing to pay an on-us check to a customer according to the same terms as a non-customer would likely incur UDAAP risks. For instance, if a customer’s account is overdrawn, but they merely want to cash the on-us check to prevent an offset of those funds, is it “fair” to not provide the same service to customers as the bank does to non-customers? Probably not. A customer could easily endorse the check to a third-party non-customer or deposit it at another financial institution to avoid the bank’s offset of funds. I certainly don’t want to be the person trying to explain the “countervailing benefits to consumers or competition” that somehow outweigh the injurious effects of this type of policy. Of course, these analyses are dependent on your bank’s specific policies, agreements and the relevant federal and state authorities — it’s uncertain whether the practices previously described will result in administrative or civil liability. Determination of whether a violation even exists is left to the factfinder (i.e., auditor/examiner or judge/ jury). That said, banks should consider implementing policy changes and other controls to bring any identified risks within the limits of their risk appetite (along with safety and soundness considerations). We always recommend consulting with bank counsel for guidance relating to legal risks. On-us checks carry different risks than transit checks, creating distinct responsibilities, particularly regarding wrongful dishonor and funds availability. Wrongful dishonor occurs when a bank lacks a valid reason for refusing its obligation to pay an item according to its terms. A bank may be held liable for damages proximately caused by its refusal (UCC 4-402). Further, some states require banks to pay on-us checks without regard to whether the payee is a customer (provided the check is properly payable and the payee provides reasonable identification). That is, if the bank would otherwise cash an on-us check for a customer, some states require banks to do the same for non-customers. Further, a bank’s agreement with its customer may not disclaim responsibility for lack 27 NEBRASKA BANKER
So, we’ve discussed cashing on-us checks. Well, what if a customer deposits an on-us check? There is a question of the appropriate “funds availability” timeline for a deposit versus cashing an on-us check. Regulation CC generally requires a bank to make funds available to their customers as soon as the material risks associated with the type and amount of the check subside. The timelines act as a balance of safety and soundness and consumer protection risks. When a customer deposits an on-us check, the risk is relatively low because the bank can almost immediately determine that the check is authentic and that funds are available in the drawer’s account. When a customer deposits a transit check, the risk is much greater because the check could be altered, fraudulent, stolen, there may be insufficient funds, the clearinghouse or payor bank may have a system issue that delays settlement, etc. Because the risk is much lower, funds from on-us checks must generally be made available no later than the next business day following the banking day of deposit. A final word on funds availability — remember that banks are not permitted to invoke the “holds on other funds” rule when cashing on-us checks for customers. The handling of on-us checks presents unique challenges for banks, particularly regarding wrongful dishonor and funds availability. While federal regulations may not explicitly mandate the payment of on-us checks to non-customers, banks often have contractual obligations to do so. Additionally, state laws and UDAAP considerations may necessitate equitable treatment of customers and non-customers in on-us check cashing policies. Banks should carefully navigate these complexities by establishing clear procedures for on-us check handling and consulting bank counsel and your friendly neighborhood compliance advisors for guidance. Theodore “Theo” Kelly, JD, MBA, CCEP, associate general counsel, supports the Compliance Hub division. He holds a bachelor’s degree in political science from Ohio State University, a master’s in business administration from Franklin University and a Juris Doctor from Capital University Law School. 402.330.6300 www.walentineotole.com 11240 Davenport St. • Omaha, NE 68154-0125 WALENTINE O’TOOLE, LLP When time is of the essence, experience counts. Walentine O’Toole blends confidence, experience and knowledge with the personal attention you can expect from a regional law firm. Nebraska, Iowa and South Dakota Celebrating 40 years serving our valued clients. MORE FACE TIME. LESS WAIT TIME. Visit NebraskaBlue.com/Telehealth to learn more. Health benefits that give you access to virtual visits with doctors and specialists, even if you’re out of state. So you can get the care you need — wherever you are, whenever you need it. An independent licensee of the Blue Cross and Blue Shield Association. 28 NEBRASKA BANKER
800.228.2581 MHM.INC Now more than ever people want self-service options. With our core integrated ITMs we can make this a reality both in the lobby and in the drive-up of your branch. SELF-SERVICE BANKING
2025 EDUCATION CALENDAR MAY BSA/AML Compliance Management Workshop May 20-21 Virtual JUNE Advanced School of Banking, Year 2 June 2-6 Manhattan, KS Commercial and Industrial Lending Workshop June 11 Virtual Bank On Your Future: Summer Experience June 11 Hastings, NE NBA Annual Golf Outing June 12 Hastings, NE Bank On Your Future: Summer Experience June 18 Lincoln, NE Bank Compliance School June 23-27 Kearney, NE Section 1071 Rules Seminar June 24 Virtual CFO/Controller Forum June 25 Lincoln, NE CEO Executive Forum June 26 Lincoln, NE UNO Banking & Finance Camp June 26 Omaha, NE JULY Agricultural Lending School July 14-18 Manhattan, KS New Account Documentation & Compliance Workshop July 15-16 Virtual Principles of Banking July 17 Lincoln, NE AUGUST YBON Conference August 7-8 Lincoln, NE Fraud Academy August 12-14 Lexington, KY Robbery & Active Threat Prep Seminar August 20 Virtual Real Estate Lending Compliance Conference August 26-27 Lincoln, NE For more information about in-person and virtual education events and training tools, contact the NBA at (402) 474-1555 or nbaeducation@nebankers.org or visit nebankers.org/education. 30 NEBRASKA BANKER
Expand your loan portfolio profitability BHG Financial loans provide banks with rates up to 8%, premier credit quality, diversification benefits, lower expenses, and more. With average borrower incomes of $275K and 748 FICOs, these loans will look great on your books. Plus, no origination cost to your bank! Talk to us today about adding strong-performing assets to your portfolio. Diversify with loan yields up to 8% Alexis Simons 315.849.5658 simonsa@bhg-inc.com Contact your representative: OR Scan to learn more at BHGLoanHub.com Earn up to 8% BHG is an endorsed vendor
This magazine is designed and published by The newsLINK Group LLC | (855) 747-4003 233 S. 13th St., Ste. 700 Lincoln, NE 68508 SPACE AVAILABLE Advertise in this magazine and reach your customers anywhere in the cosmos. CONTACT US TO GET STARTED! (801) 676-9722 • (855) 747-4003 sales@thenewslinkgroup.com QR Code: website /ad-space
www.thenewslinkgroup.orgRkJQdWJsaXNoZXIy MTg3NDExNQ==