By BECKY GILLETTE
The Mississippi Bankers Association plans the second of two Community Bankers and Directors Hot Button Conferences Jan. 26 at the Lake Terrace Convention Center in Hattiesburg to bring together bankers to have discussions about some of the biggest issues facing community banks including third party risk, cyber security and enterprise risk management. The first conference was held Jan. 19 at the Inn at Ole Miss in Oxford.
MBA President Mac Deaver said the conferences are part of the banking industry’s continuing efforts to ensure that institutions employ best practices in addressing management issues and complying with regulations that are altered on a regular basis.
“As the banking industry continues to experience changes at an ever-increasing pace, it is imperative that bank management and directors stay abreast of industry trends, ever-changing regulations and challenges of cybersecurity,” Deaver said. “While a number of the conference topics deal with complex issues in managing bank resources, all of them ultimately relate to keeping banks safe and secure and allowing them to provide full service to in a position to their business and individual customers.”
All banks are subject to extensive regulation at both the state and federal level, and each institution is subject to regular examinations to closely monitor their safety and soundness and their compliance with regulations designed to protect the consumer. Deaver said regulators are becoming more diligent in holding the bank’s senior executives and board members accountable in a growing number of areas.
“These conferences bring national experts on these subjects to Mississippi to provide insight and knowledge to local bankers and directors,” Deaver said. “By staging this conference in both Oxford and Hattiesburg, the MBA aims to make this outstanding conference more accessible to bankers and directors across Mississippi. With potential political changes in the coming years, we see community bankers and community bank boards seeking to understand their role in the big picture. These conferences covers current industry trends and provide insight regarding the appropriate way to navigate today’s more complex banking world.”
One major topic at the conferences is cybersecurity, which is critical to both the institution and its customers — and poses serious concerns regarding privacy, reliability and efficiency for both the industry and consumers. Eric Nelson, president of KPN Consulting, the facilitator\speaker for the conferences, said cybersecurity has become increasingly important in community banking due to the number of new services that banks offer.
“These services require some kind of action by the customer and this opens the door to problems,” Nelson said. “Essentially, these problems occur when a customer is phished by a third party – typically being asked to open some kind of attachment which then opens the door to a bank’s system. Since, a bank tends to have difficulty getting its customers to follow protocols the banks themselves follow, you can imagine how easy it is for a hacker to win access.”
For a bank, it is important to make certain not only that its own employees are careful about what they do, but also that its customers do the same things–which is nearly impossible.
“So, cybersecurity will continue to be an exercise in establishing behaviors that mitigate against accessing our bank’s systems,” Nelson said.’
On the third-party vendor issue, these days a typical community bank of $100 million in assets will have some 100 vendors taking care of everything from cutting the grass to managing their loan accounting system. The issue then is to make sure you have proper controls based on the importance of each vendor’s service.
“This actually means prioritizing your vendors to make sure you do the proper due diligence on each,” Nelson said. “By doing this, you make certain you don’t spend unnecessary time getting financial information, etc., on those vendors that are not essential. Good vendor management not only helps avoid having a vendor do something that could create reputation risk issues, but also makes certain you have properly chosen those vendors.”
Nelson said that he believes that Enterprise Risk Management (ERM) is the next generation of regulation based on forward-looking measuring and monitoring techniques as opposed to what bankers have been doing, i.e. using historic data to measure risk.
“ERM is our regulator asking our industry to look at risk across the organization as opposed to the way we do it today, using the committee process that often leads to ‘silo’ decisions,” Nelson said. “Our regulators are trying to differentiate in terms of size and complexity within the industry. That is to say, they do not expect the same kinds of procedures from a $250-million bank as they do from Citibank. Thus, you are seeing a great deal of flexibility today from regulators as they want each bank to determine its own ERM program.”
Nelson said the key from their perspective today is that every bank should be working on their own ERM program and moving forward on it.
“And, we think the smart bankers are viewing ERM as a way to make more profit by better understanding their risks,” Nelson said. “Unfortunately, some bankers continue to look at ERM as an unnecessary regulator issue and this is, in our view, a mistake.”
BEFORE YOU GO…
… we’d like to ask for your support. More people are reading the Mississippi Business Journal than ever before, but advertising revenues for all conventional media are falling fast. Unlike many, we do not use a pay wall, because we want to continue providing Mississippi’s most comprehensive business news each and every day. But that takes time, money and hard work. We do it because it is important to us … and equally important to you, if you value the flow of trustworthy news and information which have always kept America strong and free for more than 200 years.
If those who read our content will help fund it, we can continue to bring you the very best in news and information. Please consider joining us as a valued member, or if you prefer, make a one-time contribution.Click for more info