The Daily Dividend: Industry News

News, notes and insights from around the industry

APRIL 18, 2019
The State of Delinquency
By Hilary Collins, Specialist, Publications and Research, Financial Managers Society

The State of DelinquencyThe numbers from the fourth quarter of 2018 are in, and delinquencies are lower in 6 of 11 categories. With U.S. consumer debt hitting new highs – $4 trillion as of February 21 – financial institutions should be keeping an eye on how their customers are handling record amounts of debt. Here’s what the numbers show:

The composite ratio fell nine basis points to 1.78%, well below the pre-recession average. So while credit may be at record levels, a healthy job market is keeping customers in the black.

Delinquencies were up, however, for bank cards, indirect auto loans and revolving debt, with marine and RV loans also showing heightened delinquency rates.

Delinquencies fell for direct auto loans, personal loans and home equity loans and lines of credit.

ABA’s chief economist James Chessen noted that these delinquency trends are expected for this phase in the economic cycle, and as long as financial institutions maintain high standards for underwriting, their customers should remain financially sound.
 

APRIL 17, 2019
The Next Generation of IA
By Mark Loehrke, Editor, Financial Managers Society

The Next Generation of IAThink the only digital transformation happening in banks and credit unions these days is on the front lines of customer-facing technology? Think again. According to the findings in the 2019 edition of Protiviti’s annual Internal Audit Capabilities and Needs Survey (download required), the evolving business and consumer landscape will demand a next-generation IA function as well. 

While the report notes that most internal audit functions have begun this journey by launching innovation and transformation activities, more substantive progress will be needed if IA hopes to keep pace. This starts, of course, with companies recognizing that true transformation is not just a collection of discrete activities, but rather a new mindset and a commitment to continual evolution. A few of the survey’s key findings: 

Three out of four internal audit groups are already undertaking some form of innovation or transformation effort – those that aren’t may be already falling behind

Overall adoption of next-generation IA capabilities is in its early stages, with implementation of governance, methodologies and enabling technologies so far occurring largely on an ad hoc basis 

Chief audit executives need to take the lead in getting the function’s transformation on the audit committee agenda, since fewer than one in five respondents could claim audit committees that are highly interested in the IA group’s innovation and transformation activities

ERM, cybersecurity risks, vendor/third-party risk management and fraud risk management are the top audit plan priorities for 2019, while COSO, lease accounting and revenue recognition also made the list 
 

APRIL 16, 2019
The Psychology of Ethical Lapses
By Hilary Collins, Specialist, Publications and Research, Financial Managers Society

The Psychology of Ethical LapsesCorporate scandals these days range from mismanaged incentive programs run amok to leaders acting in bad faith to homogenous cultures that target anyone who’s different. But what drives unethical behavior? Understanding the psychology behind ethics lapses can help nip them in the bud. Merete Wedell-Wedellsborg shares three dynamics that drive unethical behavior.

Top of the totem pole
A lot of bad behavior comes from what Wedell-Wedellsborg terms “omnipotence”: the feeling that one is untouchable, mostly affecting leaders and star employees who develop a sense of power as they climb the ladder. While this might result in something as benign as simply entitled behavior, it could also rise to the level of something as damaging as a major ethical breach.

Toxic culture
In a culture where morally questionable or blatantly wrong behavior is the norm, anyone who sticks around long enough may find their moral compass shifting. The move from ethical to unethical behavior is often so gradual that the person who’s doing something wrong might not even detect it.

Turning a blind eye
Called “justified neglect”, this dynamic involves keeping silent about mistakes or ethical breaches in order to gain a more immediate reward. Rationalizing questionable choices in order to maintain one’s standing with leadership or in the service of “just getting things done” can be a slippery slope, leading from relatively minor cover-ups to huge ethical lapses.

Leaders should be on the lookout for these three dynamics within their own organizations. If you find yourself surrounded by yes men, or see your moral goalposts moving slowly over time, or feel pressure to do something against your conscience to stay on solid footing, it’s probably time for a reset.
 

APRIL 11, 2019
Debunking Cybersecurity Myths
By Mark Loehrke, Editor, Financial Managers Society

Debunking Cybersecurity MythsAt this point, it’s hard to believe that any financial institution would consider cybersecurity to be an insignificant issue. But even among those banks and credit unions that truly recognize the potential impact of a breach, there remain some long-held (but mostly false) beliefs about just how serious the problem has become and what needs to be done to more effectively combat it – beliefs that Cornerstone’s Ron Shevlin is not having

Cybersecurity is an IT thing
In a way, of course this one is true – IT is going to be instrumental in setting up an institution’s cyber defenses, and the CIO (if there is one) is going to oversee those IT efforts. But it takes a village to foster a robust cybersecurity program in an organization, from management to the front lines – and well beyond simply the folks in IT.

Cybersecurity is a big bank thing
While it’s true that bigger institutions tend to see more cyber breach attempts, the numbers only skew that way because they are bigger. Truth be told, big banks and credit unions also tend to have the most sophisticated defense systems as well, which means the most attractive target for a would-be hacker is probably the smaller institution down the street that isn’t focusing on cybersecurity as much as it should be.  

Good cybersecurity = competitive advantage
Maybe once upon a time this was true, but in this day and age, being able to fend off breaches and keep customer data safe is just seen as business as usual – institutions that do it well won’t necessarily be rewarded, but those that don’t will be punished severely.

It’s time for a national digital identity system
While the pros and cons of such a system can certainly be debated, one thing is clear – this is not the silver bullet of cybersecurity. And it’s probably a long way off anyway.

We passed our exam, so we’re good
It’s better than not passing an exam, but a thumbs-up from the regulator doesn’t mean an institution’s cybersecurity program is everything it should be. After all, even the regulators can’t always stay up to speed with the rapidly changing threat landscape. In other words, your customers probably aren’t going to be more forgiving of an eventual breach just because you show them a clean exam report.
 

APRIL 10, 2019
The Hottest Trends
By Hilary Collins, Specialist, Publications and Research, Financial Managers Society

The Hottest TrendsWe live in the age of data-driven strategic decisions, with every major move backed up by endless numbers and graphs. So what do the numbers say the rest of 2019 holds? New analysis of recent data shows the developing trends that will likely shape banking over the coming nine months.

UP: Consumer loans 
Credit card balances have hit record levels, topping their previous pre-recession high, while auto loans have also reached new peaks. However, home equity borrowing has yet to bounce back from recession levels.

DOWN: CDs 
Across all federally insured U.S. financial institutions, retail and small business deposits rose 33% over the past year, lagging behind previous years. But consumers now have just 16% of their portfolios in CDs, compared to 42% in 2000.

UP: Competition 
While 2019 holds plenty of potential, competition for deposits will be intense. With deposits growing sluggishly and the 50 largest banks owning over half of all branches in the U.S., success will depend largely on the ability of institutions to build and maintain strong relationships with their most valuable customers.

DOWN: Branches 
Branch count has fallen every year since 2014, with roughly 2,500 branches shuttered over the last year. On the other hand, 800 new branches were also opened in the previous 12 months, so the closings were likely spurred by a reevaluation of branch networks in the wake of mergers or the rise of digital banking.
 

APRIL 9, 2019
Lease Accounting Lessons
By Mark Loehrke, Editor, Financial Managers Society

Lease Accounting LessonsSo where do things stand on lease accounting these days? According to a recent poll by Deloitte, most organizations aren’t quite where they need to be when it comes to the new standard. 

Even as public companies continue to scramble to comply – with 25% of those firms planning to spend just as much time implementing the standard going forward, despite having one quarter under their belts already, and another 24% expecting to spend more time on implementation going forward – private companies continue to prepare for their deadline in 2020. And according to Deloitte, 33% of executives at those private firms feel unprepared.

While this can certainly be seen as cause for concern, the good news is that private firms will likely stand to benefit from the examples (both good and bad) of their public brethren, taking away lessons in areas such as:    

Collecting data
Many companies have run into difficulty trying to locate all of their lease contracts, to identify embedded leases in other contracts and to pull out the data needed to comply with FASB’s rules. For private organizations, now is the time to formulate a robust lease data plan and to identify who will be responsible for gathering the needed data.

The limits of technology
Deloitte’s research indicates that many public companies mistakenly assumed that lease accounting was going to be a “plug-and-play” process thanks to their new lease software. It practice, however, configuration with existing systems and user training turned out to be critical elements to the relative effectiveness of said software.

Processes and controls
In areas such as impairment, lease modifications, management judgment, reconciliation between actual and contractual cash flows and the enhanced disclosure requirements of the new lease accounting standards, strong processes and controls are better considered and established upfront – not as an afterthought.
 

APRIL 5, 2019
Ain't No Party Like a Third Party
By Mark Loehrke, Editor, Financial Managers Society

As institutions continue to outsource many of their critical technology needs to outside service providers, the FDIC has seen fit to share its thoughts on these types of contracts and to remind institutions of the steps they may need to take to further embolden their business continuity and incident response procedures – above and beyond what a third-party firm may be offering.

In particular, FDIC examiners have noted that many third-party contracts do not require the service provider to maintain a business continuity plan, establish recovery standards or define remedies if the technology service provider misses a recovery standard. Other contracts, meanwhile, do not sufficiently detail the technology provider's security incident responsibilities, including steps such as notifying the financial institution, regulators or law enforcement. Some contracts also do not clearly define key terms used in contractual provisions relating to business continuity and incident response, which could lead to ambiguity about rights and responsibilities, and increase the risk of a disruption or security incident.

Given these risks, the bulletin offers several reminders for institutions negotiating and entering into agreements with third-party technology service providers, including:

The responsibility of boards of directors and senior management for managing the risks related to relationships with technology service providers.

The importance of effective contracts – with adequate detail – when it comes to risks associated with business continuity and incident response.

The fact that the institution remains responsible for assessing risks and implementing appropriate mitigating controls, even if its contract does not adequately address such risks.
 



Contributors


Mark Loehrke
Writer/Editor
Email: markl@fmsinc.org 



Danielle Holland
President/CEO
Email: dholland@fmsinc.org 




Hilary Collins
Specialist, Publications and Research
Email: hcollins@FMSinc.org