An Easy Way to Lose Sight of Critical Risks

CHICAGO — Let me ask you a question:

How does the executive team at your biggest competitor think about their future? Are they fixated on asset growth or loan quality? Gathering low-cost deposits? Improving their technology to accelerate the digital delivery of new products? Finding and training new talent?

The answers don’t need to be immediate or precise. But we tend to fixate on the issues in front of us and ignore what’s happening right outside our door, even if the latter issues are just as important.

Yet, any leader worth their weight in stock certificates will say that taking the time to dig into and learn about other businesses, even those in unrelated industries, is time well spent.

Indeed, smart executives and experienced outside directors prize efficiency, prudence and smart capital allocation in their bank’s dealings. But here’s the thing: Your biggest—and most formidable—competitors strive for the same objectives.

So when we talk about trending topics at today and tomorrow’s Bank Audit and Risk Committees Conference in Chicago, we do so with an eye not just to the internal challenges faced by your institution but on the external pressures as well.

As my team at Bank Director prepares to host 317 women and men from banks across the country this morning, let me state the obvious: Risk is no stranger to a bank’s officers or directors. Indeed, the core business of banking revolves around risk management—interest rate risk, credit risk, operational risk. To take things a step further:

Given this, few would dispute the importance of the audit committee to appraise a bank’s business practices, or of the risk committee to identify potential hazards that could imperil an institution. Banks must stay vigilant, even as they struggle to respond to the demands of the digital revolution and heightened customer expectations.

I can’t overstate the importance of audit and risk committees keeping pace with the disruptive technological transformation of the industry. That transformation is creating an emergent banking model, according to Frank Rotman, a founding partner of venture capital firm QED Investors. This new model focuses banks on increasing engagement, collecting data and offering precisely targeted solutions to their customers.

If that’s the case—given the current state of innovation, digital transformation and the re-imagination of business processes—is it any wonder that boards are struggling to focus on risk management and the bank’s internal control environment?

When was the last time the audit committee at your bank revisited the list of items that appeared on the meeting agenda or evaluated how the committee spends its time? From my vantage point, now might be an ideal time for audit committees to sharpen the focus of their institutions on the cultures they prize, the ethics they value and the processes they need to ensure compliance.

And for risk committee members, national economic uncertainty—given the political rhetoric from Washington and trade tensions with U.S. global economic partners, especially China—has to be on your radar. Many economists expect an economic recession by June 2020. Is your bank prepared for that?

Bank leadership teams must monitor technological advances, cybersecurity concerns and an ever-evolving set of customer and investor expectations. But other issues can’t be ignored either.

So as I prepare to take the stage to kick off this year’s Bank Audit and Risk Committees Conference, I encourage everyone to remember that minds are like parachutes. In the immortal words of musician Frank Zappa: “It doesn’t work if it is not open.”

3 Trends (and 3 Issues) Every Bank’s Board Needs To Consider

Quickly:

  • The challenges faced by financial institutions today are as numerous as they are nuanced. Be it data security, emerging technology, fraud, crisis management and/or the effectiveness of internal controls, I opened the 12th annual Bank Audit & Risk Committees Conference by laying out a number of key governance, risk and compliance issues and trends.

CHICAGO — While a sophomore at Washington & Lee University, a professor loudly (and unexpectedly) chastised a close friend of mine for stating the obvious. With a wry laugh, he thanked my classmate “for crashing through an open door.” Snark aside, his criticism became a rallying cry for me to pause and dive deeper into apparently simple questions or issues.

Audit16x9

I shared this anecdote with some 400 attendees earlier today; indeed, I teed up Bank Director’s annual program by reminding everyone from the main stage that:

  1. We’re late in the economic cycle;
  2. Rates are rising; and
  3. Pressure on lending spreads remains intense.

Given the composition of this year’s audience, I acknowledged the obvious nature of these three points. I did so, however, in order to surface three trends we felt all here should have on their radar.  I followed that up with three emerging issues to make note of.

TREND #1:
Big banks continue to roll-out exceptional customer-facing technology.

Wells Fargo has been kicked around a lot in the press this year, but to see how big banks continue to pile up retail banking wins, take a look at Greenhouse by Wells Fargo, their app designed to attract younger customers to banking.

TREND #2:
Traditional core IT providers — Fiserv, Jack Henry & FIS — are under fire.

As traditional players move towards digital businesses, new players continue to emerge to help traditional banks become more nimble, flexible and competitive.  Here, FinXact and Nymbus provide two good examples of legitimate challengers to legacy cores.

TREND #3:
Amazon lurks as the game changer.

Community banker’s fear Amazon’s potential entry into this market; according to Promontory Interfinancial Network’s recent business outlook, it is their greatest threat.

In addition to these trends, I surfaced three immediate issues that banks must tackle

ISSUE #1:
Big banks attract new deposits at a much faster pace than banks with less than $1 billion assets.

If small banks can’t easily and efficiently attract deposits, they basically have no future. ‘Nuf said.

ISSUE #2: 
Bank boards need to know if they want to buy, sell or grow independently.

In a recent newsletter, Tom Brown of Second Curve Capital opined that “if you have less than $5 billion in assets, an efficiency ratio north of 65%, deposit costs above 60 basis points, and earn a return on equity in the single digits, this really is time to give some thought to selling.”  As I shared on LinkedIn yesterday, the 3 biggest bank M&A deals of the year took place in May: Fifth Third Bancorp’s $4.6 billion purchase of MB Financial, Cadence Bancorp’s $1.3 billion acquisition of State Bank Financial and Independent Bank Group’s $1 billion agreement to buy Guaranty Bancorp. 
 I don’t see the pace of consolidation slowing any time soon — and know that banks need to ask if they want (and can) be buyers or sellers.

ISSUE #3:
The risk of data breaches across industries continues to increase.

Be it risk management, internal control or third-party security considerations, every aspect of an institution is susceptible to a data breach — and managing these threats and identifying appropriate solutions takes a village that includes the most senior leaders of an organization.

##

Just as banks need to develop their audit and risk capabilities, skills and talents, so too do officers and directors have both an opportunity and the responsibility to stay abreast of various trends and topics.  Bank Director’s event continues tomorrow with some fascinating presentations. To see what’s been shared already, take a look at Twitter, where I’m tweeting using @aldominick and #BDAudit18.

3 Disruptive Forces Confronting Banks – and How Zelle Might Help

By Al Dominick, CEO of DirectorCorps (parent co. to Bank Director & FinXTech) | @aldominick

“The volume and pace of what’s emerging is amazing. I’ve never seen it before in our industry.”

These words, spoken about technology driving an unprecedented pace of change across our financial landscape, came from Greg Carmichael, today’s keynote speaker at Bank Director’s annual Bank Audit & Risk Committees Conference.  Greg serves as president and CEO of Fifth Third Bancorp, a diversified financial services company headquartered in Cincinnati, Ohio.  The company has $142 billion in assets, approximately 18,000 employees, operates 1,191 retail-banking centers in 10 states and has a commercial and consumer lending presence throughout the U.S.

Fifth Third Bancorp’s four main businesses are commercial banking, branch banking, consumer lending and wealth and asset management.  Given this focus, Greg’s remarks addressed how, where and why technology continues to impact the way banks like his operate.  Thinking about his perspective on the digitization of the customer experience, I teed up his presentation with my observations on three risks facing bank leadership today.

Risk #1: Earlier this year, the online lending firm SoFi announced that it had acquired Zenbanx, a startup offering banking, debit, payments and money transfer services to users online and through its mobile app.  As TechCrunch shared, “the combination of the two will allow SoFi to move deeper into the financial lives of its customers. While today it focuses on student-loan refinancing, mortgages and personal loans, integrating Zenbanx will allow it to provide an alternative to the traditional checking and deposit services most of SoFi’s customers today get from banks like Bank of America, Citi or Chase.”  Given that many banks are just beginning their digital transformation, combinations like this create new competition for traditional banks to address.  Cause for further concern?  It came to light that SoFi just applied for an industrial loan bank charter in Utah under the name SoFi Bank.

Risk #2: With so much talk of the need for legacy institutions to pair up fintech companies, I made note of a recent MoneyConf event in Madrid, Spain.  There, BBVA chairman Francisco González said that banks need to shed their past and image as ‘incumbents’ and transform into new digital technology companies if they are to prosper in a banking environment dominated by technologically astute competitors. Transforming the bank “is not just a matter of platforms. The big challenge is changing an incumbent into a new digital company.”  Clearly, transforming one’s underlying business model is not for the faint of heart, and the leadership acumen required is quite substantial.

Risk #3: Finally, when it comes to digital companies doing it right, take a look at TheStreet’s recent post about how “Amazon Has Secretly Become a Giant Bank.”  I had no idea that its Amazon Lending service surpassed $3 billion in loans to small businesses since it was launched in 2011.  Indeed, “the eCommerce giant has loaned over $1 billion to small businesses in the past twelve months… Hiking up the sales for third party merchants is a plus for Amazon, as the company gets a piece of the transaction.” What I found particularly note-worthy is the fact that over 20,000 small businesses have received a loan from Amazon and more than 50% of the businesses Amazon loans to end up taking a second loan.

A Potential Solution

Jack Milligan, our Editor-in-Chief, recently wrote, “disruptive forces confronting banks today are systemic and in some cases accelerating.” In his words, the greatest risk facing bank leadership today is “the epochal change occurring in retail distribution as consumers and businesses embrace digital commerce in ever increasing numbers, while aggressive financial technology companies muscle into the financial services market to meet that demand.”

Against this backdrop, Fifth Third Bank just announced it will be one of more than 30 major financial institutions to roll out Zelle, a new peer-to-peer (P2P) payments service operated by Early Warning.  As Greg shared during his remarks, this will initially be offered through the banks’ mobile banking apps, and positions the bank to better compete with PayPal’s Venmo.

This is big news.  Indeed, Business Insider noted in today’s morning payments brief that the growing crowd of providers will fight over a mobile P2P market set to increase ninefold over the next five years, reaching $336 billion by 2021.  In addition to working directly with financial institutions, let me also note that Early Warning has established strategic partnerships with some of the leading payment processors –– think FIS, Fiserv, and Jack Henry.  These relationships will allow millions more to experience Zelle through community banks and credit unions.

##

Here in Chicago, we have 298 bank officers and directors with us today and tomorrow — and our Bank Audit and Risk Committees Conference itself totals 366 in attendance.  In terms of bank representation, we are proud to host audit committee members, audit committee chairs, CEOs, presidents, risk committee members, risk committee chairs, corporate secretaries, internal auditors, CFOs, CROs and other senior manager who works closely with the audit and/or risk committee.  Curious to see what’s being shared socially? I encourage you to follow @bankdirector and @fin_x_tech and check out #BDAudit17.

5 Cybersecurity Companies Bank Execs & Board Members Need to Know

When it comes to cybersecurity, the best defense might just be a great offense.  Whereas cybersecurity once focused on how banks could avoid losing money, my team and I are working on a program for 2017 to help officers and directors address potential scenarios (and develop realistic response plans) should a hack, breech or attack occur.  Indeed, protecting the bank against a cyber attack is a core responsibility of every member of a bank’s board and executive team.

In recent posts, I’ve highlighted various fintechs that I find compelling given their relationships with financial institutions.  In terms of cybersecurity, I’ve had the chance to learn more about companies like DefenseStorm (given their support of companies like nCino and LiveOak Bank) that I greatly respect.  Below are five more companies that I think bank leadership teams need to know:

Cognizant

A global cybersecurity solution and service provider, Cognizant supports multiple industry verticals and information security service lines.  I encourage you to take a look at their thoughts on what traditional banks can do to rebuild trust in the digital era.

Centrify

California-based Centrify offers identity & access management solutions to help secure enterprise identities against cyberthreats that target today’s IT environment of cloud computing.  Banking customers include such recognizable names as BB&T, SunTrust, Citi and RBS.

Lookout

Lookout has taken a mobile-first approach to security.  Indeed, one of the world’s largest investment management firms chose Lookout to provide threat and data leakage protection to over 10,000 managed iOS and Android devices.

Feedzai

Founded by data scientists and aerospace engineers, Feedzai’s mission is to “make commerce safe for business customers and create a better experience for their consumers through artificially intelligent machine learning.”

Brighterion

Since the founding of Brighterion, its core technology has been adapted and improved for real-time applications in the fields of payment, healthcare, marketing and homeland security.  For instance, its analysis of payments provides “unprecedented behavioral insights,” from the spending behavior of customers to the constantly evolving techniques of fraudsters.

##

As a complement to these five businesses, let me wrap up by sharing a recent FinXTech article:Emerging Technologies Combat Cybercrime.  As you will read, banks are doing everything they can to reassure customers that their digital information is safe and secure.

3 Key Takeaways from Bank Director’s Audit & Risk Conference

A quick check-in from the Swissotel in Chicago, where we just wrapped up the main day of Bank Director’s 10th annual Bank Audit & Risk Committees Conference.  This is a fascinating event, one focused on key accounting, risk and regulatory issues aligned with the information needs of a bank’s Chairman, CEO, Bank Audit Committee, Bank Risk Committee, CFO, CRO and internal auditor.  Risk + strategy go hand in hand; today, we spent considerable time debating risk in the context of growing the bank.

By Al Dominick, President & CEO of Bank Director

Earlier today, while moderating a panel discussion, I referenced a KPMG report that suggests “good risk management and governance can be compared to the brakes of a car. The better the brakes, the faster the car can drive.”  With anecdotes like this ringing in my head, allow me to share three key takeaways:

  1. A company’s culture & code of conduct are critical factors in creating an environment that encourages compliance with laws and regulations.
  2. Risk appetite is a widely accepted concept that remains difficult, in practice, to apply.
  3. As a member of the board, do not lose sight of the need to maintain your skepticism.

This year’s program brings together 150+ financial institutions and more then 300 attendees. The demographics reflect the audience we serve, so I thought to share three additional trends.  Clearly, boards of directors are under pressure to evolve.  Financial institutions need the right expertise and experience and benefit greatly when their directors have diverse backgrounds.

Further, as more regulatory rules are written, board members need to understand what they mean and how they can affect their bank’s business.  Finally, technology strategies and risks are inextricably linked to corporate strategy; as such, the level of board engagement needs to increase.

Given the many issues — both known and unknown — a bank faces as our industry evolves, today made clear how challenging it can be for an audit or risk committee member to get comfortable addressing risk and issues.  Staying compliant requires a solid defense and appreciation for what’s now.  Staying competitive?  This requires a sharper focus given near constant pressures to reduce costs while dealing with increasing competition and regulation.

##

To see what we’re sharing on our social networks, I encourage you to follow @bankdirector @fin_x_tech and @aldominick.  Questions or comment?  Feel free to leave me a note below.

How to Understand a Bank’s Audit and Risk Committees Issues in Three Steps

I’m in Chicago at Bank Director’s annual Bank Audit & Risk Committees Conference along with more than 260 bankers and some 315 total attendees.  At a time when audit and risk committees have an increasing amount of responsibilities, I’m impressed with the commitments made by attendees and speakers alike to tackle real issues as opposed to sugar coating the challenges before banks today.

As we move into a series of afternoon breakout sessions, I am taking a pause to share my observations on the day so far.  Having moderated a session that touched on how banks can enhance risk oversight capabilities and effectively challenge management on risk, let me try to make sense of the issues being faced by senior bankers and board members if you are not with us.

Step 1: Know Where We Are Coming From

Now that the worst of the financial crisis is behind them, you might think bank boards might finally breathe a sigh of relief.  You would be mistaken.  For example, we have been in an exceptionally low-interest rate environment — one that has caused net interest margins to decline significantly since 2000.  Moreover, growing the bank organically remains challenging with slow loan growth and changing consumer expectations.  Finally,  compliance costs and uncertainties continue to escalate.  So yes, for banks here with us in Chicago, the storm was weathered.  Still, significant risks and challenges remain in place.

Step 2: Accept Where We Are Today

Per our first speaker, Steve Hovde, it has become exceedingly more difficult to maintain net interest margins without growing loan balances.  As he made clear, banks with lower loan-to-deposit ratios operate with less overhead, but they have been unable to translate their lower operating costs into higher profitability over the long run.  In his words, loan growth is now paramount to profitability — and banks will need to find ways to generate loans either organically or (more likely) through M&A activity.

I know that many banks are struggling to find new revenue sources.  I also hear how bank boards are considering diversifying into new loan products and service offerings to attract and retain new and existing customers.  So, for banks considering new lending strategies or launching a new product or service, I made note that the audit committee, risk committee and internal auditor must collaborate to safeguard the organization by understanding an organization’s initiatives, limits and controls, all while understanding the risk monitoring that exists at the institution.

Step 3: Understand Where Things Are Heading

As we look ahead, it is quite clear that the largest banks in the U.S. (e.g. those above $50Bn in assets) have greatly benefited from their ability to spread fixed costs over a larger pool of earning assets.  They have lower efficiency ratios, more non-interest income and stronger earnings.  Since there are at most 30 banks that are above that $50Bn threshold out of some 6,500 banks, the risks facing most of the industry may take various forms but share similar origins.  That is, banks — and their boards — will continue to wrestle with technology issues, find fewer opportunities to replace declining fee revenue, deal with non-regulated “shadow” banks, struggle with regulatory cost burdens and expectations, face new cyber threats and have to address third-party vendor risks.

##

Tomorrow, I will have more to share on this afternoon’s breakout sessions and our final point/counterpoint session.  In between, I invite you to follow the conversation via Twitter using #BDAudit15, @bankdirector and/or @aldominck.