The Nebraska Independent Banker LET’S COME TOGETHER TO ADDRESS FRAUD 2025 • Issue 3 The Onus of “On Us” Checks
INVESTMENT PRODUCTS Municipal Bonds Mortgage-Backed Securities Govt. & Agency Bonds Corporate Bonds Brokered CDs Money Market Instruments Structured Products Equities Mutual Funds ETFs FINANCIAL SERVICES Public Finance Investment Portfolio Accounting Portfolio Analytics Interest Rate Risk Reporting Asset/Liability Management Reporting Municipal Credit Reviews Balance Sheet Policy Development & Review www.FBBSinc.com Exceptional Service INDIVIDUAL ATTENTION 888-726-2880 MEMBER FINRA & SIPC. INVESTMENTS ARE NOT FDIC INSURED, NOT BANK GUARANTEED & MAY LOSE VALUE. MEMBER FDIC 40years GROWING STRONGER TOGETHER Lending Services Operational Services Audit Services* 800-347-4MIB mibanc.com * Audit Services are offered thru MIB Banc Services, LLC, a subsidiary of our holding company.
8 ©2025 Nebraska Independent Community Bankers (NICB) | The newsLINK Group LLC. All rights reserved. The Nebraska Independent Banker is published six times per year by The newsLINK Group LLC for NICB and is the official publication for this association. The information contained in this publication is intended to provide general information for review, consideration and education. The contents do not constitute legal advice and should not be relied on as such. If you need legal advice or assistance, it is strongly recommended that you contact an attorney as to your circumstances. The statements and opinions expressed in this publication are those of the individual authors and do not necessarily represent the views of NICB, its board of directors or the publisher. Likewise, the appearance of advertisements within this publication does not constitute an endorsement or recommendation of any product or service advertised. The Nebraska Independent Banker is a collective work, and as such, some articles are submitted by authors who are independent of NICB. While a first-print policy is encouraged, in cases where this is not possible, every effort has been made to comply with any known reprint guidelines or restrictions. Content may not be reproduced or reprinted without prior written permission. For further information, please contact the publisher at (855) 747-4003. Nebraska Independent Community Bankers 1201 Lincoln Mall, Ste. 103 Lincoln, NE 68508 (402) 474-4662 nicbonline.com The Nebraska Independent Banker is a publication of The Nebraska Independent Community Bankers Association. 2025 • Issue 3 Take a Look INSIDE 16 20 NICB Executive Committee CHAIRMAN Jim Niemeier Citizens State Bank Friend PRESIDENT/CEO Dexter Schrodt SECRETARY Kelly Lenners First State Bank Nebraska Pickrell TREASURER Arnold Lowell CerescoBank Ceresco IMMEDIATE PAST CHAIRMAN Rick Heckenlively Points West Community Bank Sidney PRESIDENT’S MESSAGE 4 Collectively Advocating for Community Banking By Dexter Schrodt, President and CEO, NICB FLOURISH 6 Let’s Come Together To Address Fraud By Rebeca Romero Rainey, President and CEO, ICBA PORTFOLIO MANAGEMENT 8 Fannie and Freddie 3.0 The Trump Administration Begins the Process of Reprivatizing the Housing GSEs By Jim Reber, President and CEO, ICBA Securities and Ron Haynie, ICBA 10 Compliance Q&A By Bill Showalter, Senior Consultant, Young & Associates Inc. PAYMENTS PULSE 14 Changing for the Better By Jacob Eisen, CEO, ICBA Payments 16 Top 10 ACH Audit Findings of 2024 By Trista Woolston, AAP, APRP, EPCOR Electronic Payments Core of Knowledge 18 The Onus of “On Us” Checks By Theodore Kelly, Associate General Counsel, Compliance Alliance 20 What Will Happen to FinCEN’s Priorities? How Financial Institutions Should Prepare Under the New Administration By Terri Luttrell, CAMS-Audit, CFCS, Abrigo 22 NICB Endorsed Partners 22 Associate Members 2025 23 Banker Showcase We Want to Feature You in Our Next Issue of The Nebraska Independent Banker!
PRESIDENT’S MESSAGE COLLECTIVELY ADVOCATING FOR COMMUNITY BANKING I extend my heartfelt gratitude for your unwavering commitment to serving our communities with integrity and personalized care. In a financial landscape increasingly dominated by large, national institutions, your dedication ensures that local businesses, families and farmers have access to the trusted, relationship-based banking they need to thrive. However, our ability to serve effectively is profoundly influenced by decisions made in Washington, D.C. It’s imperative that we collectively advocate for policies that recognize and support the unique needs of community banks. A group of our community banker members and I did just that recently as part of the ICBA’s Capital Summit, where we met in person, one-on-one with four of the five members of Nebraska’s congressional delegation to discuss issues of importance to our state’s community banks. Those priorities, which I have By DEXTER SCHRODT President and CEO, NICB 4 NEBRASKA INDEPENDENT BANKER
included a brief description of below, are essential to lowering regulatory burden and fostering an environment for continued community bank success. • Oppose the CFPB’s Section 1071 Rule: This rule mandates extensive data collection on small business credit applicants, imposing significant burdens on community banks. We support legislative efforts to repeal or reform this requirement to protect both banks and small businesses. • Major Tax Legislation: With the impending expiration of the 2017 Tax Cuts and Jobs Act, it’s crucial to extend provisions that benefit Subchapter S banks and small businesses, such as the Section 199A deduction and the current estate tax deduction. • Tax Credit Unions with Assets Over $1 Billion: Large credit unions operate similarly to commercial banks but enjoy tax exemptions and freedom from most of the same regulations. Taxing these entities would promote a fair competitive landscape and generate significant revenue to offset tax cut legislation. • Access to Credit for Rural Economies (ACRE) Act: This bipartisan legislation would create a tax exclusion for interest on loans secured by farmland and residential mortgages in towns under 2,500 population, directly benefiting Nebraska’s rural communities. • Ensure Stablecoin Frameworks Don’t Harm Community Banks: As digital currencies evolve, it’s essential to establish regulatory frameworks that mitigate risks without disadvantaging community banks. We emphasized the need to prevent nonbank issuers from accessing Federal Reserve accounts and to limit activities of big tech companies that could disrupt traditional banking services. Your active participation in advocacy efforts — whether through direct communication with state and/or federal legislators, participation in the ICBA Capital Summit, or engagement in local initiatives — is vital. When policymakers hear from dedicated professionals like you, who understand the unique challenges and opportunities within our communities, it reinforces the importance of supporting community banks in our state. Together, we can influence policies that ensure community banks continue to serve as pillars of economic stability and growth in Nebraska. NEBRASKA INDEPENDENT BANKER 5
FLOURISH LET’S COME TOGETHER TO ADDRESS FRAUD When it comes to fraud, it takes a village. That may be partly because fraudsters continue to get more sophisticated, and fraud’s effect on banking is skyrocketing. According to the Federal Trade Commission, consumers lost upwards of $12.5 billion to fraud in 2024 — a 25% increase year after year. Additionally, community banks ranked cybersecurity as the highest internal risk to their banks, notes the Conference of State Banking Supervisors. Fortunately, the core pillars of ICBA — education, innovation and advocacy — all address fraud risks by providing information, tools and resources to circumvent mounting threats. We’re empowering you with knowledge of the latest attacks and ways to protect against them, technology solutions to employ to shield your organizations, and connection to government agencies to ensure just and fair fraud protections, as well as collaborations to stop it in its tracks. Case in point: Consider our partnership with the U.S. Postal Inspection Service to combat the threat of check fraud. We are working together to deliver in-branch educational materials with step-by-step instructions to help consumers safeguard their financial assets and respond if they experience this type of fraud. Yet, some of the most effective approaches to fraud prevention emerge through conversations about what has worked within your banks. That firsthand knowledge goes a long way in providing a tried-and-true solution to an immediate problem. It’s also this connection that enables you to alert one another to the latest scams and advise each other on how to prevent losses for your customers and your banks. By REBECA ROMERO RAINEY President and CEO, ICBA 6 NEBRASKA INDEPENDENT BANKER
ICBA Community (community.icba.org) offers a platform to facilitate these conversations in a secure, digital fashion all year round. Outside the individual relationships you have with colleagues, ICBA Community allows you to connect with new bankers, throw out a question to see who’s experienced something similar, share a strategy about what worked in preventing an attack and so much more. This spirit of helping one another makes community banking unique. We come together to offer advice and support for the common good. Very few industries can point to the level of collective positive impact we have. For fraud, that makes all the difference, because fraud is everyone’s problem. To hit it head on, we have to approach it holistically across the industry, taking advantage of all the tools in our toolboxes. It takes this community of community bankers to make a difference. Collectively, we will continue to have an impact, thwarting one fraud attempt at a time. NEBRASKA INDEPENDENT BANKER 7
PORTFOLIO MANAGEMENT FANNIE AND FREDDIE 3.0 The Trump Administration Begins the Process of Reprivatizing the Housing GSEs By JIM REBER, President and CEO, ICBA Securities AND Sept. 7, 2008, was a watershed in the history of housing finance. On that day, as housing market conditions deteriorated, Fannie Mae and Freddie Mac, the two massive housing government-sponsored enterprises (GSEs), were placed in “temporary” conservatorship. The shareholders, both common and preferred, were essentially wiped out. The bondholders, who included community banks, ironically had their positions preserved, as the federal government all but guaranteed the GSEs’ debt. Fast forward to 2025, and not much has changed. You and I still own Fannie and Freddie. Their bonds, still a staple of community bank investment portfolios, are considered safe by investors and banking regulators. What has changed is the new presidential administration, which seems highly interested in completing the job of reprivatizing these entities. We’ll investigate what this strategy may look like, and how this could affect your community bank. Ending the GSE Conservatorship During the first Trump administration, Treasury Secretary Steven Mnuchin and Federal Housing Finance Agency (FHFA) Director Mark Calabria initiated the process of ending the conservatorship but were not able to complete it. However, they did finalize a robust capital framework for the GSEs and directed the GSEs to retain earnings to build capital. Under the Biden administration’s watch, with no new actions to end the conservatorship, the GSEs continued to build capital in accordance with the Enterprise Capital Framework, which calls for very robust levels of capital and will make exiting the conservatorship easier. Currently, the GSEs have far more capital than in 2008, before they were placed into conservatorship. We should clarify that the GSEs are not government agencies. Rather, they are government-chartered, shareholder-owned private companies, like national banks. However, during the past 16 years, their regulator, FHFA, has run both companies. Imagine if the Federal Reserve or the Office of the Comptroller of the Currency (OCC) did that to banks. Like many private companies — including some automobile manufacturers, insurance companies and Wall Street firms — the GSEs received government assistance to help them through the worst of the Great Recession. And like those other entities, the GSEs paid their bailout back in full. Unlike those other entities, the government never relinquished control of the GSEs, even though they repaid their federal assistance, plus an additional $100 billion in earnings. Also, in exchange for government assistance, the GSEs gave the Treasury stock warrants equating to 79.9% ownership — which are, in a sense, senior preferred RON HAYNIE, ICBA 8 NEBRASKA INDEPENDENT BANKER
stock. This means that once they are released from conservatorship, the government will again benefit from selling all or some of those preferred shares. The Trump administration has indicated it wants to finish the job of releasing the GSEs from a perpetual conservatorship, which would be great news for taxpayers and the housing market in general. Taxpayers would no longer be on the hook if any future housing bubbles resulted in exposure for the GSEs, and Fannie and Freddie would be free to support the secondary mortgage market as publicly owned enterprises. So, now what needs to happen? First, the Treasury and the FHFA need to formally agree to end the conservatorship. The new Treasury secretary will need to work with the new FHFA director to amend the federal preferred stock purchase agreements and resolve the government’s ownership, which would declare the bailout paid in full and the sweep of GSE earnings eliminated. This would allow the GSEs to access the capital markets, raise equity, become fully recapitalized and, finally, exit conservatorship. Once this occurs, FHFA’s role in the operations of the companies will end. Its role will convert to that of a prudential regulator responsible for safety and soundness. Bond Market Considerations Before we start a game of “what if,” let’s look at “what is.” Community banks own a lot of debt securities issued by Fannie and Freddie; nearly half of all the bonds in bank portfolios are obligations of the two GSEs. This includes all manner of mortgage-backed securities, as well as straight agency bonds. Immediately after their default in 2008, Fannie’s and Freddie’s debt values plummeted. This was despite Treasury bonds’ prices spiking, in a classic flight to quality. It took both the Treasury and the Federal Reserve to calm down the debt markets. The Treasury, under Hank Paulson, all but guaranteed the GSEs’ debt in an arrangement that remains in place today, while the Fed, then chaired by Ben Bernanke, began buying then-record sums of bonds through open market operations. By mid-2009, credit spreads had returned to pre-panic levels. Back to the current era. If the GSEs successfully navigate the road back into private hands, what will bond investors demand for adequate compensation? The feeling is, “It depends.” It depends on whether the implied government backing of Fannie and Freddie’s debt is underwritten into their recapitalization. Other factors include how much regulatory oversight is mandated, as well as more traditional measures of safety and soundness, such as levels of capital and subordinated debt. The GSEs’ capital framework requires almost bank-like capital requirements, which should put their ratings similar to those of the largest national banks. However, the bigger question for the U.S. economy is if the GSEs under private ownership will be able to provide efficient housing finance. Somewhat wider credit spreads for a time should be expected. Headwinds already exist for homebuyers due to high prices and elevated rates, so this could add another challenge to the housing market. It could also be years before this complicated offloading is finally completed. The best outcome would be a trifecta: 1. The GSEs move off taxpayers’ balance sheet; 2. The federal government reaps a windfall on the transaction; and 3. Fannie and Freddie continue to subsidize mortgage rates. Here’s hoping for a successful third iteration of the housing GSEs. Community banks own a lot of debt securities issued by Fannie and Freddie; nearly half of all the bonds in bank portfolios are obligations of the two GSEs. NEBRASKA INDEPENDENT BANKER 9
COMPLIANCE Q & A The following questions and answers (Q&A) are drawn from questions asked by bankers calling Young & Associates’ Compliance Hot Line. Please note that Young & Associates Inc. is not engaged in the practice of law. The answers given here apply to individual situations that may differ from one institution to another. The advice of legal counsel should be sought on specific situations. EFTA. Q: We issued a provisional credit to a customer for an online card-not-present transaction while we investigated the error they alleged. The dispute for the transaction was filed through our EFT system provider. The merchant denied the dispute based on the methods used to verify the customer at the time of initiating the transaction. The merchant provided us with a copy of the bank customer’s driver’s license as well as a “selfie” photo which the merchant requires when initiating a transaction. We recognize the selfie as being a picture of our customer. In your opinion, is the evidence of a driver’s license and selfie photo sufficient evidence to revoke the provisional credit? A: We cannot make the final decision regarding the legitimacy or not of the “error” for the bank. It does sound like the merchant’s evidence is compelling, but only the bank can determine if it is “enough” since that can depend on the bank’s risk appetite. One step you could take (if not done already) is to contact the customer with this information and see what they say. It may very well be that this will jog their memory, and they may ask to end the dispute process. If this happens (or if the bank otherwise determines that the evidence proves the correctness of the EFT transaction), debiting the provisional credit from their account would seem appropriate while complying with Regulation E requirements for notifying the customer and honoring items and preauthorized transactions initiated based on the provisional credit for five business days after notifying the customer. TILA. Q: Currently, we disclose the fee for the automobile title on an auto loan, even if we do not do the titling ourselves. Do we have to disclose the fee, or can we stop doing that? A: Regulation Z generally requires disclosing only amounts that are paid from/with a loan transaction. One exception to that is “security interest charges” (translation: filing fees). Generally, anything paid by the customer to perfect the lender’s security interest is a finance charge unless particular steps are taken. This applies whether the lender collects the fee(s) and pays them to the relevant government agency itself, a dealer collects the fee and pays it to the relevant government agency, or the customer goes directly to the government agency and pays them to file the lender’s lien. By BILL SHOWALTER, Senior Consultant, Young & Associates Inc. 10 NEBRASKA INDEPENDENT BANKER
If there are security interest charges (filing fees) involved in a transaction that are required to perfect the bank’s security interest, they are a finance charge unless the fee(s) is (are) “itemized and disclosed” by the lender on/with the disclosure statement given to the borrower. The covered security interest charges are pretty broad, including any fees or taxes specified by relevant law to be paid to a government agency or premiums for insurance obtained in lieu of filing a lien (generally only in states where such insurance costs less than the governmental security interest changes). Whether the fee for the title itself is included would depend on your state’s process for issuing titles and notating liens. If a new title must be obtained to file the bank’s lien (with a fee for the title issuance), then the title fee would need to be included in the filing fees disclosure — unless the fee would be paid in a comparable cash transaction. This last criterion generally means that a title fee paid as part of an auto purchase transaction will not be included in the disclosed filing fee, while the same fee for a non-purchase transaction would have to be included in the “filing fee” disclosure. As you can see, how this process is handled in your state impacts what needs to be disclosed as “filing fees.” Flood Insurance. Q: Can the bank use a previous flood determination if it is not more than seven years old when we do an extension with no new money added to the loan? I read that you can rely on previous determination if the Federal Emergency Management Administration (FEMA) has made no map revisions or updates. Is there a way for the bank to check if revisions or updates have been done 100 South Phillips Avenue, Sioux Falls (605) 335-5112 | Teresa Thill advantage-network.com CONVENIENT, SECURE, AND FLEXIBLE DEBIT CARD PROGRAMS Whether it’s a business needing purchasing cards or an insurance card for medical expenses, we offer a variety of options to help you meet your customers’ needs. • Consumer and Business • Co-Branded and Affinity • Health Savings Accounts Visit our website to learn more about our debit card programs, or reach out to me and let’s start a conversation. NEBRASKA INDEPENDENT BANKER 11
since the flood determination was performed if it is within the seven years? Should the bank put this step into the processes when extending the loan? A: A lender may rely on a previous flood hazard determination when increasing, extending or renewing a loan on the same property. The previous determination must be no more than seven years old and meet the three following conditions: original determination was made on FEMA’s standard flood hazard determination form (SFHDF); the basis for the determination is set forth on the SFHDF; and there have been no map revisions affecting the property since the original determination. A new determination is required when either a different lender refinances or assumes the loan or when the original lender is making a new loan. So, for the extension of an existing loan you describe, you may rely on the previous flood determination (as long as it meets the previous criteria). As for determining if there have been any flood map changes, there are a couple of ways to do this. If you paid the nominal fee for life-of-loan monitoring from your flood determination vendor, they would have notified you of any changes. Of course, you can always contact them to verify that no changes have occurred. Another way to find any map changes is you can go to fema.gov to their flood map utility, input the address and see for yourself. RESPA. Q: We recently sent out annual escrow account statements, and we have a customer who paid his shortage in a lump sum. He was only $220 short, but dropped off $250 to have put into his escrow account. Based on what I’m reading in the regulation, I believe we are allowed to accept the additional funds and credit them to the escrow account. We would not be required to run a new analysis based on the overpayment, and in the event that it creates a surplus in his account, we would just have to credit him if the surplus exceeded $50 during the next annual analysis in 2026. Am I understanding this correctly? A: You are correct. There is no prohibition against the bank accepting the (slight) overpayment and that there is no requirement to perform a new escrow account analysis in this situation. You can just let it ride, so to speak, until the next annual escrow account analysis and statement. BSA. Q: I want to clarify something regarding the procedure related to a Suspicious Activity Report (SAR) filing and later receiving a subpoena. Several months ago, we filed a SAR. We received a phone call today from the U.S. Secret Service informing us that they were notified of the SAR filing through the Financial Crimes Enforcement Network (FinCEN) and are going to need copies of the documents referenced in the narrative of the SAR. The agent stated he would be sending us a subpoena for the documents but was giving us a verbal heads-up that it would be coming. Since the subpoena is coming from a law enforcement agency, do we still have to notify FinCEN? I think not but want to make sure I am not overlooking a step. A: You are correct that the bank does not need to notify FinCEN in this case — providing supporting documentation for a SAR to a law enforcement agency under a subpoena. FinCEN issued guidance on SAR filings in its release FIN-2007-G003. Of course, there is also no prohibition against the bank reaching out to FinCEN for guidance, even when notification is not required. Compliance Policies. Q: The bank does not have a separate Fair Lending Policy. We have always felt we had this covered in our Loan Policy; Unfair, Deceptive, and Abusive Acts of Practices (UDAAP); and Equal Credit Opportunity Act (ECOA) policies. Is it necessary to have a separate policy? A: There is not a specific mandate for financial institutions to have a separate fair lending policy. However, at least some examiners or agencies seem to prefer individual policies for each law/regulation. Young & Associates provides banks and thrifts with support for their compliance programs, independent reviews and in-bank training, as well as a full menu of management consulting, loan review, IT consulting and policy systems. 12 NEBRASKA INDEPENDENT BANKER
| Bank Stock Loans | Loan Participations | ATM/Debit | International Services | | Cash Management | Securities Safekeeping | Merchant Services | 800-873-4722 | NE: 888-467-5544 | www.bbwest.com Where community banks bank Est. 1980 – 45 years of service to community banks “As a service provider exclusively focused on community banks, Bankers’ Bank of the West is here to help strengthen our clients and the communities they serve.” Across the western states and Great Plains, we’re the place where community banks bank. That’s because we provide the services, technology, and expertise to help you extend your resources, deliver for your customers, and stand out in your market. 5 reasons to partner with us BBW - President and CEO - Bill Mitchell 1. You can unlock efficiencies and cost savings. We can provide sophisticated solutions and economies of scale because we’re powered by hundreds of community banks across our region. 5. Our priorities are aligned with yours. 2. You can expand your capabilities. 4. We’ll never compete for your customers. 3. You can count on prompt, reliable service. • Independent loan review • Loan and credit administration consultation • Strategic planning facilitation • Management, staffing, & succession planning • Acquisition & expansion • BSA/AML compliance • Regulatory risk consultation President, Jim Swanson President, Anne Benigsen • Consulting • Phishing Tests • Vulnerability Management • Security Monitoring Cyber/information security, strategic planning, independent loan review, AND MORE. Consulting Services $ 8.45B assets under management $ 1.9B daily transaction value processed/settled Serving more than 60% of community banks across 7 states
PAYMENTS PUL SE CHANGING FOR THE BETTER By JACOB EISEN, CEO, ICBA Payments Winston Churchill famously said, “To improve is to change, so to be perfect is to have changed often.” If that’s true, the community banking industry must be edging close to flawlessness because change has become second nature over the past few years. We respond to market shifts and regulatory demands with resilience and tenacity, precisely because we place our communities and customers at the center of what we do, creating better experiences for them. Now ICBA Payments is asking you to consider making changes once again, with the goal of introducing a better solution for your customers and your bottom line. A New Card Partner As we announced at ICBA LIVE, ICBA Payments and Mastercard have built a new partnership model centered on empowering community banks to deliver outstanding experiences to their cardholders while boosting the banks’ card program profitability. This change will both enhance the value of your card program for your bank and extend enhanced, modern payment capabilities to your customers. Specifically, as part of this transition, ICBA Payments negotiated the following upgrades to your program: • Modern, contactless plastics. • Tokenization to digital wallets. • Industry standard eight-digit BINs. • Enhancements to business BINs. In short, you will be able to offer a modern card experience that better supports your bank and your customers now and into the future. 14 NEBRASKA INDEPENDENT BANKER
“To improve is to change, so to be perfect is to have changed often.” — Winston Churchill Expanding Profitability But it’s not just about the experience. We’re also introducing greater revenue potential. One of the most exciting components of this shift lies in the marketing support Mastercard will bring, resulting in an uptick in cardholder engagement and spending. In fact, Mastercard reports that by introducing its best practices, community banks can see an average increase of more than 18% in debit spending, along with an increase in overall activation rates and provisioning for recurring payments. And this change is happening now. Current ICBA Payments clients have already received an acknowledgment form to confirm their agreement to comply with all necessary transition requirements. Once that form is returned to ICBA Payments, details on the implementation timeline and resources to assist with the transition are provided. We hope community banks that are not already ICBA Payments clients will consider joining us at this stage, with all the new potential this change brings. Just reach out to mastercardupgrade@icba.org for more information. I’ve always felt that change for the sake of change is foolish, but when it brings with it new opportunities, innovative potential and a better business return, it’s an educated, worthwhile pursuit. And that’s what we see in this new partnership. We look forward to working with each of you as we create an exciting, profitable future with Mastercard as a key partner. Jacob Eisen (jacob.eisen@icba.org) is CEO of ICBA Payments and its wholly-owned subsidiary TCM Bank, N.A. For more information on ICBA Payments’ new partnership with Mastercard, visit icba.org/payments. NEBRASKA INDEPENDENT BANKER 15
TOP 10 Auditing ACH transactions is an essential part of ensuring compliance and maintaining the integrity of your organization’s payments. It can often feel overwhelming, but fear not! EPCOR’s expert team is here to transform that chaos into a streamlined process. The following are the top 10 common ACH audit findings with practical solutions to tackle them. 1. Annual ACH Compliance Audits Finding: Neglecting to complete your annual ACH Compliance Audit could put your organization at risk of non-compliance with the ACH Rules. Solution: Schedule your annual ACH Compliance Audit ahead of the Dec. 31 deadline as required by Subsection 1.2.2.1, General Audit Requirements. Ensure that audit reports are securely stored for at least six years, as required by Subsection 1.2.2.2, Proof of Completion of Audit. 2. Periodic Risk Assessments Finding: Skipping regular ACH Risk Assessments could leave your organization unaware of potential emerging risks. Solution: Perform an ACH Risk Assessment periodically to identify and mitigate potential risks in accordance with Subsection 1.2.4, Risk Assessments. We recommend you complete a risk assessment every 12-18 months. Develop a comprehensive risk management program that addresses the risks of your ACH activities — such as operational, credit and fraud risks — to ensure ongoing compliance. ACH AUDIT FINDINGS OF 2024 By Trista WOOLSTON, AAP, APRP, EPCOR Electronic Payments Core of Knowledge 3. Security Policies and Procedures Finding: Outdated or inadequate security policies may leave ACH data vulnerable to breaches or cyber threats. Solution: Develop and regularly update security policies in line with Section 1.6, Security Requirements. Stay ahead of emerging threats by adapting your policies to meet the latest industry standards and ensure the safety of ACH transactions. 4. Origination Agreements Finding: Missing or incomplete language in origination agreements can lead to compliance gaps or operational challenges. Solution: Review your origination agreements to ensure they include all necessary provisions required by Subsection 2.2.2.1, ODFI Must Enter Origination Agreement with Originator and Subsection 2.2.2.2, ODFI Must Enter Origination Agreement with Third-Party Sender. This includes risk management clauses, indemnification language and proper authorizations. Secure signed copies of these agreements for your records. 5. Training and Education Finding: The ACH Rules are complex! Without adequate training, employees may lack the necessary understanding of ACH operations and compliance obligations. Solution: Implement an ongoing ACH training program so your staff can receive regular updates on the latest ACH requirements. 6. Incoming NOCs and Correcting NOCs Finding: Improper handling of Notifications of Change (NOCs) can result in inaccurate data and compliance issues. Solution: Establish clear procedures for managing incoming NOCs and instructing Originators to make corrections in a timely manner, ensuring compliance with Section 2.12, Notifications of Change. Originators must make the changes specified in the NOC or corrected NOC within six banking days of receipt of the NOC information or prior to initiating another Entry to the Receiver’s account, whichever is later. 7. Exposure Limits Finding: Not setting or reviewing exposure limits can leave your organization vulnerable to financial risks. Solution: Define and regularly review exposure limits based on your organization’s risk profile, as required by Subsection 2.2.3, ODFI Risk 16 NEBRASKA INDEPENDENT BANKER
Management. These limits help manage financial exposure and minimize the risk of significant losses. 8. Return Handling Finding: Improperly managed ACH returns can lead to delays and potential compliance issues. Solution: Develop efficient return handling procedures in accordance with Section 3.8, RDFI’s Right to Transmit Return Entries. Ensure your team processes returns promptly to minimize delays and stay compliant. 9. Record Retention Finding: Not retaining ACH-related records for the required duration can cause complications during audits or compliance reviews. Solution: Implement a record retention policy that aligns with Subsection 1.4.1, Retention Requirement for Records of Entries. Ensure ACH transaction records are securely stored for at least six years and can be easily accessed when necessary. 10. ODFI Due Diligence Finding: Inadequate due diligence on Originators and Third-Party Senders can expose your organization to unnecessary risks. Solution: Conduct thorough due diligence on all Originators and Third-Party Senders as outlined in Subsection 2.2.3, ODFI Risk Management. We recommend this include background checks, creditworthiness assessments and ongoing monitoring to manage potential risks. By tackling these common ACH audit findings with actionable solutions, you’ll not only ensure compliance with the ACH Rules but also help streamline your ACH operations and safeguard your organization from potential risks. NEBRASKA INDEPENDENT BANKER 17
THE ONUS An “on-us” check is one that is drawn on an account held at the same bank at which it is presented. That is, the bank is both the depository bank and the payor bank. In simple terms, the opposite of an on-us check is a transit check. A transit check is presented at another financial institution and subsequently sent to the payor bank through a clearing process for settlement. On-us checks carry different risks than transit checks, creating distinct responsibilities, particularly regarding wrongful dishonor and funds availability. No federal requirement obliges banks to pay on-us checks “over the counter.” If a non-customer physically presents an on-us check to “Bank of Snow,” there is no explicit requirement for the bank to pay that item (at least from a federal standpoint). Of course, most banks contractually agree to pay duly presented and properly payable items, so refusing an on-us check may incur legal risk from the drawer. That’s not to say the bank is prohibited from dishonoring this type of check for a valid reason, such as insufficient funds in the drawer’s account or failure of the payee to provide reasonable identification; but wrongful dishonor may occur in the absence of a valid reason (UCC 3-501, 3-502 and UCC 4-402). Wrongful dishonor occurs when a bank lacks a valid reason for refusing its obligation to pay an item according to its terms. A bank may be held liable for damages proximately caused by its refusal (UCC 4-402). Further, some states require banks to pay “on-us” checks without regard to whether the payee is a customer (provided the check is properly payable and the payee provides reasonable identification). That is, if the bank would otherwise cash an on-us check for a customer, some states require banks to do the same for non-customers. Further, a bank’s agreement with its customer may not disclaim responsibility for lack of good faith or to limit potential damages. Improper intervention between a customer’s promised payment to another party may evidence a lack of good faith or, worse, increased liability for proximate damages if bad faith can be proved (UCC 4-103). If what has been previously stated isn’t enough to initiate a conversation with bank counsel, my compliance colleagues may want to consider the UDAAP ramifications associated with disparate treatment. Let’s say your bank has a policy of cashing an on-us check for non-customers for $5.00. Simultaneously, the bank requires customers to deposit on-us checks and will only make those funds available according to its Funds Availability Policy. Refusing to pay an on-us check to a customer according to the same terms as a non-customer would likely incur UDAAP risks. For instance, if a customer’s account is overdrawn, but they merely want to cash the on-us check to prevent an offset of those funds, is it “fair” to not provide the same service to customers as the bank does to non-customers? Probably not. A customer could easily endorse the check to a third-party non-customer or deposit it at another financial institution to avoid the bank’s offset of funds. I certainly don’t want to be the person trying to explain the “countervailing benefits to consumers or competition” that somehow outweigh the injurious effects of this type of policy. Of course, these analyses are dependent on your bank’s specific policies, agreements and the relevant federal and state authorities — it’s uncertain whether the practices previously described will result in administrative or civil liability. Determination of whether a violation even exists is left to the factfinder (i.e., auditor/examiner or judge/jury). That said, banks should consider implementing policy changes and other controls to bring any identified By THEODORE KELLY, Associate General Counsel, Compliance Alliance OF “ON US” CHECKS 18 NEBRASKA INDEPENDENT BANKER
risks within the limits of their risk appetite (along with safety and soundness considerations). We always recommend consulting with bank counsel for guidance relating to legal risks. So, we’ve discussed cashing on-us checks. Well, what if a customer deposits an on-us check? There is a question of the appropriate “funds availability” timeline for a deposit versus cashing an on-us check. Regulation CC generally requires a bank to make funds available to their customers as soon as the material risks associated with the type and amount of the check subside. The timelines act as a balance of safety and soundness and consumer protection risks. When a customer deposits an on-us check, the risk is relatively low because the bank can almost immediately determine that the check is authentic and that funds are available in the drawer’s account. When a customer deposits a transit check, the risk is much greater because the check could be altered, fraudulent, stolen, there may be insufficient funds, the clearinghouse or payor bank may have a system issue that delays settlement, etc. Because the risk is much lower, funds from on-us checks must generally be made available no later than the next business day following the banking day of deposit. A final word on funds availability – remember that banks are not permitted to invoke the “holds on other funds” rule when cashing on-us checks for customers. The handling of on-us checks presents unique challenges for banks, particularly regarding wrongful dishonor and funds availability. While federal regulations may not explicitly mandate the payment of on-us checks to non-customers, banks often have contractual obligations to do so. Additionally, state laws and UDAAP considerations may necessitate equitable treatment of customers and non-customers in on-us check cashing policies. Banks should carefully navigate these complexities by establishing clear procedures for on-us check handling and consulting bank counsel and your friendly neighborhood compliance advisors for guidance. Theodore “Theo” Kelly, JD, MBA, CCEP, associate general counsel, supports the Compliance Hub division. He holds a bachelor’s degree in political science from Ohio State University, a Master of Business Administration from Franklin University and a Juris Doctorate from Capital University Law School. 800.228.2581 MHM.INC Now more than ever people want self-service options. With our core integrated ITMs we can make this a reality both in the lobby and in the drive-up of your branch. SELF-SERVICE BANKING NEBRASKA INDEPENDENT BANKER 19
WHAT WILL HAPPEN TO FINCEN’S PRIORITIES? How Financial Institutions Should Prepare Under the New Administration By TERRI LUTTRELL, CAMS-Audit, CFCS, Abrigo Just as financial institutions have worked to integrate FinCEN’s National AML/CFT Priorities into their compliance programs, a new administration could bring significant policy shifts. Banks and credit unions should closely monitor these potential changes to proactively manage risk. Potential Regulatory Shifts: What Financial Institutions Need to Know The new administration has already signaled key regulatory changes that could reshape how financial institutions approach AML/CFT compliance. The following are the areas that compliance teams should be prepared to monitor and adapt to in 2025. Policy Re-Evaluation and Regulatory Freeze On Jan. 20, 2025, a Presidential Action directed federal agencies to: • Pause all new rulemaking until a Trump-appointed official reviews and approves it. • Withdraw unpublished rules from the Federal Register for further review. • Delay the effective date of recent regulations for at least 60 days, including AML/CFT-related rules. This broad review could slow down or revise pending financial crime regulations, impacting how institutions approach transaction monitoring, reporting requirements and enforcement actions. Implementation of the AML Act and Rollback of Beneficial Ownership Rules The Anti-Money Laundering Act of 2020 (AML Act) mandates FinCEN to update AML/CFT priorities every four years, with the next update expected in mid-2025. The administration may introduce new priorities or refine existing ones, requiring financial institutions to remain agile and adjust their compliance programs accordingly. One key area of change is the Corporate Transparency Act (CTA), which requires businesses to disclose their beneficial owners to FinCEN. The new administration has suspended CTA enforcement, and it’s possible that the rule could be modified or repealed entirely. Financial institutions should assess the impact of a rollback in beneficial ownership transparency, as it could increase the risk of illicit funds flowing through shell companies. Shifting FinCEN Priorities: What Could Change? While FinCEN’s current AML/CFT priorities remain in effect, the administration may redefine key areas of focus. This could include heightened attention to cybercrime, 20 NEBRASKA INDEPENDENT BANKER
transnational crime or financial fraud. Additionally, recent presidential action has paused enforcement of the Foreign Corrupt Practices Act, which could signal changes to the priority of corruption, especially domestically. Compliance teams must stay ahead of these developments to ensure ongoing alignment with regulatory expectations. Other Regulatory Areas to Watch Law Enforcement and National Security The new administration is expected to maintain a strong emphasis on AML/CFT compliance as a tool for safeguarding national security. One way we’ve already seen this is with a recent FinCEN Geographic Targeting Order (GTO) requiring money services businesses (MSBs) to file currency transaction reports on any cash transaction over $200 in specific southwestern border zip codes. Financial institutions that provide financial services to these MSBs should ensure that their customers are adhering to these new requirements and support law enforcement efforts by ensuring timely and accurate reporting of suspicious activity when necessary. Drug Trafficking and Trade-Based Money Laundering (TBML) Drug trafficking remains a top concern for the new administration, as evidenced by the Department of Justice’s noteworthy cases against TD Bank and Brinks. FinCEN issued an alert in June 2024 highlighting the risks associated with the illicit fentanyl supply chain and the deceptive financial practices used to obscure these transactions. More recently, the administration issued a Presidential Action designating certain cartels as Foreign Terrorist Organizations, followed by the State Department’s formal designations on Feb. 19, 2025. These actions signal increased regulatory scrutiny on financial flows linked to drug trafficking and reinforce the need for strong AML/CFT measures for financial institutions. With the U.S. imposing new tariffs on Canada and Mexico, experts predict that drug cartels will adapt by incre asing trade-based money laundering (TBML) efforts. Mexico remains a key transit point for fentanyl entering the U.S., with precursor chemicals sourced from China. Investment Advisor Sector and AML/CFT Compliance FinCEN recently issued a final rule aimed at addressing illicit finance risks in the investment advisor sector. This rule is meant to assist in the fight against terrorist financing and corruption. The new administration may refine these regulations further, increasing compliance obligations for financial institutions that interact with investment advisors. As previously mentioned, the administration may delay the effective date, currently scheduled for Jan. 1, 2026, until a review of the rule can be conducted. Virtual Assets and Cryptocurrency Regulation The regulatory landscape for cryptocurrency and virtual assets continues to evolve, with a focus on preventing illicit finance activities. The administration has already issued an Executive Order to support the growth of the cryptocurrency industry with a lighter touch on regulations. Financial institutions involved in this space should review their policies on virtual asset risk management. Cybercrime and Financial Fraud Cybercrime is a growing concern for financial institutions and regulators. Cybercrime continues to be a significant global problem, with costs projected to reach $10.5 trillion annually by 2025. The administration may expand efforts to combat cyber-enabled financial crimes through new reporting requirements and cybersecurity expectations. Financial institutions should assess their cybersecurity controls and fraud detection capabilities to mitigate risks. How Financial Institutions Can Prepare for Changing Compliance Requirements With the potential for significant regulatory changes, financial institutions should take proactive steps to strengthen their AML/CFT programs: • Refresh AML/CFT Risk Assessments: Identify areas that may be affected by shifting priorities. • Enhance Transaction Monitoring: Ensure systems are equipped to detect trade-based money laundering, drug trafficking and cyberfraud. • Monitor Regulatory Updates: Keep up with FinCEN announcements, rule changes and enforcement actions. • Review Compliance Controls: Align AML/CFT programs with the latest FinCEN enforcement trends. • Invest in Compliance Technology: Use robust transaction monitoring and automation to adapt to evolving risks. • Engage With Regulators: Participate in industry discussions and provide feedback on proposed rules. The direction of FinCEN’s priorities in 2025 will depend on the administration’s policy goals and approach to financial crime enforcement. While some regulations may be paused or revised, others, such as those addressing drug trafficking, trade-based money laundering and cybercrime, could remain top priorities. By staying informed and adapting compliance strategies accordingly, financial institutions can proactively manage risk, maintain compliance and support efforts to combat financial crime. NEBRASKA INDEPENDENT BANKER 21
NICB ENDORSED PARTNERS Bankers Compliance Consulting — Dave Dickenson Barret Graduate School of Banking — Memphis, Tennessee Community Bankers Webinar Network — Financial Ed Dell Computers ICBA Securities — Jim Reber ICBA Bancard NICB-CBAK Liquidity Program SHAZAM — presented last year at Area Meetings Spectrum Financial — Fee Income with Credit Insurance Products/ Services, Identity Theft Program, Flood Determinations — Scott Votava Travelers Insurance UNICO Group — Diana Poquette ASSOCIATE MEMBERS 2025 The Advantage Network BancMac Bankers’ Bank of the West Bankers Compliance Consulting Bankers Healthcare Group Barret Graduate School of Banking Bell Banks BKD LLP John E. Cederberg, CPA Central States Health & Life Co. CivITas Bank Solutions Computer Services Inc. (CSI) Cross Financial D.A. Davidson & Co. FIPCO — Compliance Federal Reserve Bank of K.C. (complimentary) FHLBank Topeka FNB Omaha Correspondent Banking FIPCO First National Capital Markets FPS Gold (Core) ICBA Bancard & TCM Bank ICBA ICBA Securities ITPAC Consulting LLC (IT audits) Kirk Gross Company Labenz & Assoc. LLC (CPAs) Maple Street Inc. Midwest Independent BankersBank Modern Banking Systems Money Handling Machines Inc. NFP Executive Benefits Perry, Guthery, Haase & Gessford PC LLO Purple Wave Auction QwickRate RESULTS Technology Scantron Technology Solutions SHAZAM Spectrum Financial Taylor and Martin Appraisal Services Travelers Companies Inc. UMB Bank N.A. UNICO Group United Bankers’ Bank YOU WANT IT! (801) 676-9722 SALES@THENEWSLINKGROUP.COM DON’T ROLL THE DICE ADVERTISE HERE! CONTACT US TODAY 22 NEBRASKA INDEPENDENT BANKER
www.thenewslinkgroup.orgRkJQdWJsaXNoZXIy MTg3NDExNQ==