Federal Regulators issue Frequently Asked Questions regarding CECL

Recently, the Federal regulatory agencies issued updated Frequently Asked Questions on the new accounting standard for credit losses, Current Expected Credit Losses (CECL).  The new standard will take effect in 2020, 2021 or 2022 depending on the institution’s characteristics.  The Frequently Asked Questions is intended to help institutions understand the regulators expectations under the new standard.

The Federal regulators continue to emphasize that:

  • Community institutions are not expected to need to adopt complex modeling techniques to implement the new accounting standard.
  • No one system is preferred over others. The agencies expect an array of credit loss estimation methods will be used under CECL.
  • The agencies expect institutions to make good faith efforts to apply the new credit losses standard in a sound and reasonable manner.
  • Institutions should continue preparing to implement the standard.

For the complete FAQ, please click here.  If you have questions regarding implementation of CECL, where to start or just need a sounding board, ABS is here to help guide you through the transition.

FDIC Warns of Importance of Vendor Contracts

The FDIC has issued a new Financial Institution Letter (FIL) FIL-19-2019 . This FIL discusses examiner observations about gaps in financial institutions’ contracts with technology service providers that may require financial institutions to take additional steps to mitigate risks and manage their own business continuity and incident response.

In recent FDIC examinations, they noted the institution’s contracts with technology service providers lacked detail regarding the rights and responsibilities for business continuity and incident response.  They noted some contracts did not require the provider to maintain business continuity plans or recovery standards or define the remedies if the provider doesn’t meet the recovery standards. Some did not identify the provider’s responsibility to notify the financial institution, regulators, or law enforcement.

The FDIC and other regulators will want to see that you have performed your due diligence, both before signing and during the contract term, to ensure that the provider has business continuity and incident response plans.  Financial institutions should ensure their contracts give them rights to see the plans, and/or see any testing completed on the plans.  If the service provider will not provide them, or they do not meet your standards, then you must mitigate your risk either through looking at different vendors or putting other controls in place to offset their shortcomings.

The FDIC also reminds depository institutions of their responsibility to notify their federal banking regulator of contracts or relationships with technology service providers that provide certain services.  These providers include check and deposit sorting and posting, computation and posting of interest, preparation and mailing of checks or statements, and other clerical, bookkeeping, accounting, statistical, or similar functions such as data processing, Internet banking, or mobile banking services.  This is required by Section 7 of the Bank Service Company Act (12 USC 1867).  You should check with your regulator for help with how they recommend you comply with the notification requirements.

As always, please contact ABS if we can help you identify potential vendors or provide assistance with your vendor due diligence for your current vendors

Phishing

No, I didn’t spell some people’s favorite pastime wrong (fishing) but with summer coming on I thought it pertinent to discuss some hackers’ favorite past time. Phishing is a scam in which a perpetrator sends an official looking e-mail message that attempts to obtain your personal and financial information. Scammers use email or text messages to trick you into giving them your personal information. They may try to steal your passwords, account numbers, or Social Security numbers. If they get that information, they could gain access to your email, bank, or other accounts. Scammers launch thousands of phishing attacks like these every day—and they’re often successful. The FBI’s Internet Crime Complaint Center reported that people lost $30 million to phishing schemes in one year. But there are several things you can do to protect yourself.

  1. Set up recover phone number/email address.
  2. Use unique passwords for your accounts.
  3. Keep software up to date.
  4. Set up two-factor/multi-factor authentication- Multi-factor authentication makes is harder for scammers to log in to your accounts if they do get your username and password.

Older generations appear to have better cybersecurity knowledge and practices than younger tech users according to a report from Google. The report, in partnership with Harris Poll, found that despite negative stereotypes, older generations are more aware about security concerns and concepts than their younger counterparts.

The report surveyed 3,000 US adults between the ages of 16 and 50+ to determine their beliefs and practices regarding online security. Gen Zers aren’t as well-versed in security practices as they think they are, the report found. While 71% said they are too smart to fall for a phishing scam, only 44% said they actually know what “phishing” means.

Some 65% of respondents ages 25 to 49 said they are confident they won’t fall for phishing attacks, and 53% said they know what phishing means. As for Baby Boomers, only 55% were confident, but 71% said they understand what phishing is, the report found.

Password reuse was the highest among Generation Z, with 78% saying they used the same password for multiple accounts online.

While Gen Z may think they know more about cybersecurity risks and procedures than their older counterparts, the data says differently. Baby Boomers proved to have a better understanding of the importance in software updates than younger generations: 84% said they believed updating security software is absolutely essential, while 61% of Gen Z said the same.  Baby Boomers also demonstrated a greater overall understanding of phishing schemes, according to the report, leaving younger generations vulnerable to attack.

While many people’s hobby may not include fishing, you should avail yourself to what Phishing is and how to protect yourself. Who knows, you may find that fishing is something you like!

ABS is always ready to help you audit your phishing security and help you ensure your organization is protected. Let us know how we can help.

Top Concerns

I had the pleasure of attending OCC training for board members this past week.  Good training and great time to hear what bankers are challenged by.

The top operational risk management concerns cited by exam area in 2018:

  • Commercial Credit
  • Information Technology
  • Enterprise Governance and Operations
  • Consumer Compliance
  • BSA/AML
  • Capital Markets
  • Retail Credit
  • Asset Management
  • Capital
  • Earnings

In visiting with the regulators a few other items came up:

  • Weak strategic plans
  • Board involvement

In visiting with board members and bank executives some common themes came up:

  • Finding and keeping quality staff was a challenge for some institutions but many stated that once they were clear on their focus and strategic plan and shared that with staff and partners (vendors), the staff were reengaged and quality candidates were brought to them.
  • Efficient and effective strategic planning. The financial institutions that didn’t struggle with this utilized a third party to facilitate, guide and follow up.

Hope this information helps in some way and remember ABS is your partner for all of these areas.  Our goal is to make your life easier!  Don’t hesitate to reach out and let’s see how we can help make your life better!

Sandy

Legislation is advancing in the BSA world

There are several bills in congress, and some still in committee, that could impact the Bank Secrecy Act (BSA) world.  Keep an eye open for H.R. 2514, a bill introduced by Representative Emanuel Cleaver (D-Mo.) that would modernize the Bank Secrecy Act/anti-money laundering framework.  There is legislation being worked on that would seek to combat the use of shell corporations and create a secure beneficial ownership registry of legal entities to be overseen by FinCEN.  There is also a bill that would help resolve the conflict between state and federal laws on marijuana.

At this time none of these are laws, but as always, compliance is always changing.  Keep your eyes open and participate in the discussion.  If you need help navigating any of the changes, give us a call.

SBA Lending

Are you afraid of SBA lending? Too much paperwork? Not worth the time? Too much risk?? Don’t feel you need to offer then to help your community??

Let’s look at ten $100,000 SBA loans in a loan portfolio that are 75% guaranteed by the SBA. Now assume the guaranteed portion of these loans have been sold. In today’s market you can get at least a 10% premium on the sale (actually it could be more, but let’s use 10%). Selling the guaranteed portion of the loans at a 10% premium would result in a $7,500 gain on each loan, for a total of $75,000.

Of the $250,000 in SBA loans remaining on the books, after the guaranteed portion has been sold ($100,000 less the $75,000 sale in the secondary market times 10 loans), let us now assume you lose 5% on the remaining loan SBA loan balances – or $12,500. This would leave the institution with a net gain of $62,500 on the original underwritten $1 million-dollar portfolio. If the secondary market for the guaranteed portion is higher than 10%, which it is now, the gain could be even higher. Since these loans typically make your financial institution a hero within your community, generally are accompanied with deposits, are “gold” with the regulators when it comes to your Community Reinvestment Act (CRA) program and result in a potential gain for the financial institution, aren’t these loans worth it? In addition, the regulators give the financial institution CRA credit for the original amount of the $100,000 loan underwritten not just the $25,000 remaining after the guaranteed portion has been sold.

If the financial institution is unsure on how to make these loans or think the staff is not big enough to take advantage of this opportunity, ABS can assist. Some of our experts have spent their careers dealing with SBA loans. We can not only help the financial institution with every facet of the SBA loan and its processes, but we can provide training to your staff in identifying potential borrowers and how to deal with the SBA. With the economy booming, you should not pass up these obvious opportunities. We can take all “the scary” out of it.

To see how this process works and costs for our various services, please contact us at 913-599-7471 or info@abs-core.com. We welcome the opportunity to meet with you

Technology

Technology can play a vital role in growing your organization. A well-structured technology plan can and should support the overall strategic plan of the organization. Many organizations find themselves however, in technology overload. They are sold a lot of promises of how this new technology can improve their bottom line only to find out it takes a lot of resources and time to not only install but maintain. How do you keep from getting caught in this dilemma? A good start is to have a Technology Committee formed with members from different areas of the organization. But “nobody has the expertise”, “We don’t even know where to begin” you say? That’s where ABS and its’ many resources can help your organization get started and provide the expertise to help ensure you are matching the right technology with the needs of the organization.

Our ABS team stays current on technology trends, ensuring our customers don’t fall into technology overload. We can provide the assistance you need to guide your organization to growth with technology. We know a lot of organizations can’t justify a full time Technology person, that is why ABS is going to introduce a Technology Committee subscription service to help organizations get answers to their technology questions as well as provide technology oversite for strategic planning. If you would like to be a part of the initial launch or just want more information, please let us know and we will have someone discuss what this means for your organization.

Great Opportunities

ABS is honored to be helping a few of our fast growing clients build a team.  If you are looking for growth opportunity and a great culture to work in, check out these positions!

  • Commercial Lenders in Kansas Area, Larned, KS, Manhattan, KS,  Missouri, Tulsa, OK and Corpus Christi, TX.   
  • Credit Analyst in Greater Kansas City Area
  • Assistant Controller in North Kansas City
  • Mortgage Lender-Selling to banks in Missouri for a Mortgage Company based in Kansas

If interested please send resume to abs@abs-core.com

FASB Proposes Delay in the Implementation Date for CECL for Nonpublic Financial Institutions

The Financial Accounting Standards Board (FASB) recently proposed delaying for one year the implementation date of its accounting standard on Current Expected Credit Losses (CECL).  In the proposal, the implementation date for nonpublic financial institutions would be delayed until years beginning after December 15, 2021, rather than the original date of December 15, 2020.  Additional information on the proposed delay can be viewed at:

https://www.fasb.org/cs/ContentServer?c=FASBContent_C&cid=1176171090132&d=&pagename=FASB%2FFASBContent_C%2FNewsPage

Please contact ABS for any of your needs with the implementation of this accounting standard.

Home Mortgage Disclosure Act Rule Implementation Issued

On August 31, 2018, the Bureau of Consumer Financial Protection (Bureau) issued an interpretive and procedural rule to implement and clarify changes made by section 104(a) of the Economic Growth, Regulatory Relief, and Consumer Protection Act (the Act) to the Home Mortgage Disclosure Act (HMDA). The rule is effective immediately upon publication in the Federal Register.

If you follow this link you can gain access to the Bureau’s executive summary which provides an overview of the 2018 HMDA Interpretive and Procedural Rule (2018 Rule).

The Act provides that an insured depository institution or insured credit union does not need to collect or report certain data with respect to closed-end mortgage loans if it originated fewer than 500 closed-end mortgage loans in each of the two preceding calendar years. Similarly, the Act provides that an insured depository institution or insured credit union does not need to collect or report certain data with respect to open-end lines of credit if it originated fewer than 500 open-end lines of credit in each of the two preceding calendar years. The Act further provides that these partial exemptions are unavailable to an insured depository institution if it received a rating of “needs to improve record of meeting community credit needs” during each of its two most recent Community Reinvestment Act (CRA) examinations or a rating of “substantial noncompliance in meeting community credit needs” on its most recent CRA examination.

Please let ABS know if we can help you comply with the new HMDA requirements.