The next “new hire” for Community Banks who offer RDC and ACH?
UP-FRONT CAVEAT:
I can hear it now. “We can’t afford to hire this person!” Well, before you say “can’t,” try saying, “here’s how we can make it work.” Think about this: it only takes one six digit loss to make a bank security calling officer look like one heckuva good deal.
If you have more than 10 commercial RDC customers whose average balance exceeds $400,000, you’d be smart to start thinking about proactively intervening in your customers’ security procedures. It is no longer possible for a bank to say, “Hey, the customer’s security procedures are not my problem.” That’s dangerous.
When trouble strikes, the litigators are going to look for the deepest pockets. That means the bank will be high on the list of bad guys.
The only way out of this I can see is for a bank to have a security calling officer who visits, every quarter, every cash management customer. At each visit, that officer is looking to see if the bank’s and the regulators’ security guidelines are being followed. There will be an after visit writeup with findings and recommendations.
If the bank’s customer ignores the findings, or isn’t willing for the bank to visit, that’s fine. At least the bank can demonstrate that it tried to help the customer with security.
If the customer is happy to have the bank visit, that’s fine, too. The bank gets a chance to actually fix problems before they blow up. And, the calling officer may actually be able to sell some additional bank services — after all, after a couple of security visits, the calling officer ought to have some great insight into the customer’s banking needs.
NEXT TO LAST COMMENT: If you are thinking you’ll take on more liability if you launch this kind of program, maybe you should think again. You’re not assuming liability. You’re helping the customer help himself to stave off disaster. (Of course, you’ll have to have the proper disclaimers and all the other legalese. But, this kind of pro-activity may be the only thing that saves you in this uber-litigious world we live in.)
FINAL COMMENT: Think about UDAAP. More and more frequently, the regulators (and the courts) are taking the position that if your disclosures were unreadable, then they don’t exist. Just today a judge said, “The bank apparently thought it could only make money by hiding the true nature of account fees and charges in the fine print. This obfuscation rises to the level of abusive and deceptive.”
As always, we’re happy to talk over ideas. It never costs anything to touch base and do some brainstorming. Call me at 828-252-4036. Or, email me with SECURITY in the subject line. (If you decide to spend some time and money on this, I’d be happy to provide a RFP.)