Skip to main content

Author: admin

Third-Party Relationships: Risk Management

Written by admin on . Posted in Advice, Consultation, Risk Management.

By: Edward Pugh, CAMS, CAMs-Audit, AAP, CFE

Financial Institutions are increasingly relying on third parties for a broad range of products and services. Utilizing third parties can offer organizations significant benefits, including access to new technologies, delivery channels, products and services, and increased operational efficiencies. However, engaging third parties, especially those using new technologies, can expose financial institutions and their customers to increased risks. Operational, compliance, and strategic risks are often impacted by the utilization of third parties. Given the increase in the number and type of third parties engaging with financial institutions, the Office of the Comptroller of the Currency (OCC), the Federal Reserve System, and the Federal Deposit Insurance Corporation (FDIC) released Interagency Guidance on Third-Party Relationships: Risk Management in June of 2023.  

Interagency Guidance on Third-Party Risk

The aforementioned guidance addresses all business arrangements between a financial institution and another entity, whether a formal contract exists or not. Third-party relations can include outsourced services, use of independent consultants, referral arrangements, merchant payment processing services, services provided by affiliates and subsidiaries, and joint ventures. While there are many benefits to using third-party services, their use can reduce an institutions’ direct control over activities and may introduce new or increasing risks. Thus, it is important for an institution to identify, assess, monitor, and control risks related to third-party relationships.  

A critical element of third-party risk management is to develop and maintain a complete inventory of third-party relationships. This also includes periodically conducting risk assessments for each relationship. This process will allow an institution to determine its risk and whether these risks have changed over time. The overall goal is to be able to update risk management practices as circumstances and risks change. Third parties performing more critical activities, such as those that may impact customers, the institution’s financial conditions or operations, warrant more robust oversight. 

Third-Party Risk Management Life Cycle  

The Interagency Guidance identifies planning, due diligence and third-party selection, contract negotiation, ongoing monitoring, and termination of the relationship as the stages of the risk management life cycle.  

Key elements of the planning stage include assessing a potential third party’s impact on customers, including access to or use of those customers’ information, third-party interaction with customers, potential for consumer harm, and handling of customer complaints and inquiries. Attention should also be paid to the information security implications, including access to the institution’s systems and to its confidential information. The planning phase should also determine how the institution will select, assess, and oversee the third-party, including monitoring compliance with applicable laws, regulations, and contractual provisions. Requiring remediation of compliance issues is an important element to consider.  

Due diligence includes assessing the third party’s ability to perform the activity as expected, adhere to the institution’s policies related to the activity, comply with all applicable laws and regulations, and conduct the activity in a safe and sound manner. The Guidance notes that, “Relying solely on experience with or prior knowledge of a third party is not an adequate proxy for performing appropriate due diligence, as due diligence should be tailored to the specific activity performed by the third party.” It is critical to identify and document any limitations of its due diligence, understand the risks from such limitations, and consider alternatives in risk mitigation. Factors to consider in performing due diligence include:

  • strategies and goals
  • legal and regulatory compliance
  • financial condition, business experience
  • qualifications and backgrounds of key personnel
  • risk management
  • information security
  • management of information systems
  • operational resilience
  • incident reporting and management processes
  • physical security, reliance on subcontractors
  • insurance coverage, and
  • contractual arrangements with other parties

Contract negotiations are also an important element of third-party risk management.  Factors to consider include the nature and scope of the arrangement, performance measures or benchmarks (i.e., a service level agreement), responsibilities for providing, receiving, and retaining information, the right to audit and require remediation, responsibility for compliance with applicable laws and regulations, costs and compensation, ownership and licensing, confidentiality and integrity, operational resilience and business continuity, indemnification and limits on liability, insurance, dispute resolution, customer complaints, subcontracting, foreign-based third parties involved, and default and termination arrangements.  It is important to also stipulate that the performance of the activities are subject to regulatory supervision and examination.  

Ongoing monitoring allows a financial institution to confirm the quality and sustainability of the third-party’s controls and the ability to meet contractual obligations, escalate significant issues or concerns, and respond to such issues or concerns when identified.  Depending on the complexity of the activities being performed, ongoing monitoring can include a review of reports regarding the third party’s performance and the effectiveness of its controls, periodic visits and/or meetings to discuss performance and operational issues, regular testing of the financial institution’s controls that manage risks from its third-party relations, especially for more complex relationships.  Some additional factors to consider when performing ongoing monitoring include determining the overall effectiveness of the relationship, changes to the third-party’s business strategy and agreements with other entities, changes in financial conditions, insurance coverage, relevant audits and/or testing results, and the third-party’s ongoing compliance with applicable laws and regulations and its performance as measured against contractual obligations.  Depending on the complexity of the relationship, additional factors may also be considered.   

The final stage, termination, is also an important element of the risk management life cycle.  There are many reasons an institution may wish to terminate a relationship with a third-party.  Some factors to facilitate termination include options for an effective transition of services, costs and fees associated with termination, managing risks associated with data retention and destruction, handling of joint intellectual property, and managing risks to the financial institution, including any impact on customers, if the termination happens as a result of the third-party’s inability to meet expectations.  

Governance in Third-Party Risk Management

There are many ways an institution can structure their third-party risk management processes. The accountability structure may be dispersed across business lines or may be centralized.  Regardless of the structure, the following practices should be considered through the risk management lifecycle: oversight and accountability, independent reviews, and documentation and reporting.  

Upholding Responsibilities in Third-Party Relationships

This summary is not intended to be a comprehensive review of the Agencies’ Interagency Guidance on Third-Party Relationships: Risk Management released on June 6, 2023.  As a reminder, the use of third parties does not diminish or remove financial institutions’ responsibilities to ensure that activities are performed in a safe and sound manner and in compliance with applicable laws and regulations.  The full text of the Guidance may be found here: Interagency Guidance on Third-Party Relationships: Risk Management (occ.gov) 

Optimize Your Risk Strategy with Y&A’s Expertise

Discover our customizable Vendor Risk Management Policy, which provides guidance on managing risks from outsourced relationships. This comprehensive policy covers responsibilities, risk assessment, due diligence, contracts, security, confidentiality, controls, business resumption, and monitoring. Learn more here.

For insights into vendor due diligence or program refinement, please reach out to Michael Gerbick at mgerbick@younginc.com or contact us on our website. Strengthen your risk approach with our expertise – connect with us today.

2024 Rescission Reference Chart

Written by admin on . Posted in Compliance & Regulations.

View and download the Young & Associates 2024 Rescission Reference Chart to assist your lenders in preparing the Notice of Right to Cancel. Please forward this document to someone in your organization who will use this helpful tool.

For over 45 years, Young & Associates has provided consulting, training, and practical tools for the banking industry. Thank you for the opportunity to serve your needs.


Looking for the latest calendar? Click here to access the 2025 Rescission Reference Chart!

 

Navigating Compliance Challenges: Reg Z, Reg E, and Flood Rules

Written by admin on . Posted in Blog, Compliance & Regulations, Consultation.

Expert Regulatory Compliance Services for Financial Institutions

Are you finding the ever-evolving web of financial regulations a challenge to navigate? In the intricate landscape of compliance, regulations like Z, E, and Flood can be complex and overwhelming for financial institutions. Young & Associates offers a comprehensive suite of solutions specifically tailored to alleviate the burden of regulatory compliance for community banks and credit unions.

Regulatory Challenges Made Simple

Regulation Z Compliance: Comprehensive TILA Support

A cornerstone of financial institution compliance, Regulation Z delineates the implementation and execution of the Truth in Lending Act (TILA). Our experts understand the nuances of Reg Z and can guide your institution through its complex requirements. Our Reg Z compliance solutions are meticulously crafted to not only ensure your institution’s compliance but also to ensure transparency and fairness for your valued customers or members.

  • Loan Disclosures.  We review your financial institution’s disclosures – both open-end and closed-end (including TRID) disclosures – to help ensure compliance with these measures to inform customers, and to help your institution avoid potential required reimbursements, regulatory penalties, and civil liability.
  • Right of Rescission.  We help your lending personnel navigate the intricacies of the right of rescission, making sure that the proper consumers are recognized for this right and given required notices and disclosures, and that disbursements and other lender actions are delayed until it is confirmed that the customers have not exercised their cancellation right.  Proper observance of rescission requirements will help your institution avoid significant penalties – extended rescission rights, regulatory penalties, and civil liability.
  • Other Consumer Protections.  We facilitate your financial institution’s efforts to comply with, or avoid, significant requirements related to high-cost mortgages, home equity lines of credit, higher priced mortgage loans, private education loans, and others.

Regulation E Compliance: EFTs and Error Resolution

The Electronic Fund Transfer Act (EFTA) brings its own set of challenges. The EFTA, implemented by Regulation E, governs electronic transactions. As the volume of EFT transactions continues to rise, so does the complexity of associated error claims. Resolving these claims can pose a significant challenge for banks and credit unions. Our team specializes in providing tailored guidance and support for Reg E compliance, including:

  • Error Resolution Procedures: We review your financial institution’s error resolution procedures, ensuring strict adherence to meet regulatory standards.
  • Electronic Payment Systems: We facilitate adherence to Reg E requirements by ensuring your financial institution’s electronic payment systems and procedures are diligently followed.
  • Consumer Protection: We review your Reg E compliance program to confirm that your institution’s procedures and adherence align with regulations aimed at safeguarding your customers’ rights, privacy, and security.

You can rely on our Reg E compliance guidance to navigate the complexities of regulatory requirements, effectively mitigating the risks of violations and penalties in the dynamic landscape of electronic transactions.

Flood Insurance Compliance: Ensuring Flood Disaster Protection

Navigating the intricacies of federal flood regulations is crucial for financial institutions, given the increased scrutiny by regulators and the potential risks and penalties associated with noncompliance. Monetary penalties for such violations underscore the importance of a robust compliance program. Young & Associates is committed to providing comprehensive compliance solutions to guide your institution through the complex requirements of the Flood Disaster Protection Act encapsulated in the flood insurance rules.

At Y&A, our commitment to comprehensive compliance solutions extends to helping your institution navigate the nuances of federal flood-related requirements. Our seasoned experts specialize in helping your institution navigate federal flood-related requirements, offering tailored solutions to minimize exposure to potential risks. We can review your financial institution’s Flood Act compliance program to ensure compliance with variables such as flood zone determinations, borrower notifications, lender placement, and more.

Key components of our flood compliance reviews dial in on common areas of violations, including:

  • Compliance with Flood Regulations for Lenders: Our experts understand the intricacies of flood regulations, addressing common areas of violations such as proper loan file documentation, justified waivers, insurance coverage requirements, notice to borrower requirements, forced placement of flood insurance requirements, and more. We ensure your institution adheres to the most stringent regulatory standards, mitigating risks associated with non-compliant loans.
  • Flood Insurance Notice to Borrower Requirements: Timely and accurate notices to borrowers are critical. Our comprehensive reviews focus on your institution’s process for delivering and receiving acknowledgement of flood insurance-related notices, ensuring compliance with regulatory timelines and requirements.
  • SFHA Flood Insurance Requirements: Staying abreast of FEMA’s special flood hazard areas and implementing appropriate flood insurance requirements is essential. Our compliance reviews are designed to assist your institution in adhering to evolving SFHA standards.

As your trusted partner, we streamline the compliance process, allowing your institution to focus on core functions while remaining resilient in the face of regulatory challenges. Let us guide you through the intricate web of flood-related regulations, ensuring your institution stays protected from compliance violations in the ever-evolving financial landscape.

Expert Guidance on Regulation Z, Regulation E, and Flood Compliance

Regulations such as Z, E, and Flood are just the tip of the iceberg. Our consultants are well-versed in all aspects of federal banking consumer regulations, ensuring you’re not just compliant but also in the best possible position to thrive in a highly regulated environment. Whether you’re looking for assistance in understanding the intricacies of Truth in Lending, Electronic Fund Transfers, or Flood Compliance Requirements, we have you covered.

Why Partner With Young & Associates?

At Y&A, we’ve been a trusted partner in regulatory compliance for over four decades, and here’s why:

  • Stay Ahead of Regulatory Changes: We keep you informed and prepared in a constantly evolving regulatory landscape. We help you navigate the intricate landscape of financial regulations, so you can focus on your core mission.
  • Comprehensive Solutions Tailored to Your Institution: We understand that a one-size-fits-all approach doesn’t work in regulatory compliance. Our solutions are customized to address your institution’s unique needs.
  • Real Solutions for Real Challenges: We provide practical, real-world recommendations, enabling your bank or credit union to not only meet regulatory requirements but also implement best practices for a robust compliance framework.
  • Experienced Team: Our seasoned consultants bring decades of experience in banking and financial regulation to the table, ensuring you receive expert guidance.
  • Unmatched Quality: With over 45 years exclusively dedicated to financial institutions, excellence is our trademark. We maintain meticulous standards, offering precision, thoroughness, and a steadfast commitment to delivering actionable results.
  • Comprehensive Support: We offer end-to-end support, and our full-service approach covers all aspects of financial institution consulting. When you partner with Y&A, you gain access to a comprehensive team of industry experts.

Let’s Navigate Compliance Together

Don’t let regulatory challenges hinder your institution’s growth. Reach out to Young & Associates today to ensure your institution not only meets compliance standards but is also prepared for success. We’re here to help you navigate the intricate world of Regulations Z, E, H, and beyond. With our expertise, your institution can thrive in a highly regulated environment.

In addition to our full suite of compliance consulting services, we offer:

  • Virtual Compliance Consultant (VCC) Program: Receive access to all the invaluable compliance tools and services that we have to offer including compliance coaching, compliance products and policies, regulatory manuals, access to an online forum with experts from Y&A, and more.
  • Compliance Policies, Tools, and Workbooks: We offer customizable resources designed to simplify complex compliance tasks. From policies to interactive workbooks, our tools facilitate smoother compliance operations.
  • Compliance Update Newsletter: This monthly newsletter provides a thorough compliance review and covers developments that affect the banking industry. Each month our compliance experts scour the regulatory issuances, final rules, and amendments to provide you with the compliance information you need. The newsletter includes hot topics, action items, a compliance calendar, and more relevant information and resources.
  • Education Services: In addition to timely, easily accessible webinars, we offer customizable training solutions.

Contact us to explore how our tailored solutions can address your regulatory challenges.

Young & Associates Celebrates 45th Anniversary Milestone

Written by admin on . Posted in Announcements, Blog, News.

Celebrating 45 Years of Dedication: Young & Associates’ Journey

In a world where companies come and go, few can boast of standing the test of time and evolving with the changing landscape. Young & Associates, Inc. is proud to mark its 45th anniversary on November 13th, a significant milestone in its journey of serving financial institutions with expertise and dedication since 1978. This achievement allows us to take a pragmatic look at our growth, transformation, and unwavering commitment to our clients and partners over the years.

Young & Associates’ Humble Beginnings

Young & Associates, Inc. began its journey under the name “Young Marketing Services.” We didn’t just focus on marketing, advertising, branch feasibilities, and product development; we thrived on them. But as time passed, the financial industry evolved, and it became evident that the needs of financial institutions were changing, demanding a more comprehensive suite of services. In response to this, Y&A expanded its offerings to encompass management and lending services, regulatory compliance, and more, effectively transforming into a one-stop consultancy for community financial institutions across the United States.

A Change in Leadership

In 2018, Jerry Sutherin, a seasoned financial expert and long-time consultant with the company, assumed ownership of Young & Associates. Under Sutherin’s leadership, the company has continued to flourish, positioning itself for further growth and success.

As President and CEO, Sutherin remarked, “Our 45th anniversary is a testament to our commitment to helping community financial institutions thrive. We are grateful for the trust our clients have placed in us, and we look forward to continuing to provide innovative solutions that enhance their success.”

Young & Associates' Leadership Team
Young & Associates’ Leadership Team (Pictured: Michael Gerbick, COO; Joanne Sutherin, Co-Owner; Ollie Sutherin, Principal of Y&A Credit Services; Jerry Sutherin, Co-Owner and President & CEO)

Diverse Expertise, Nationwide Reach

Today, Young & Associates boasts a dedicated team of nearly 50 highly skilled consultants. These experts offer a wide range of services, including regulatory compliance, risk management, strategic planning, mergers and acquisitions, branching and expansion, lending, loan review, information technology, quality control, appraisal reviews, human resources, and internal audit. With consultants located across the nation, Young & Associates is renowned for delivering top-notch services.

A People-Centric Approach

Despite its impressive growth, Young & Associates maintains its commitment to its clients, partners, and associates. The company still holds consulting relationships with some of its original clients from 1978, embodying a people-centric approach and a familial culture. The dedication to its staff, many of whom have over 30 years of service, remains a cornerstone of its success.

Sutherin explains, “A major factor in the decision to purchase Young & Associates was the depth of knowledge and experience of its employee base within each functional discipline. This has enabled us not only to maintain long-standing relationships with legacy clients but also to forge new client relationships throughout the United States.”

With Sincere Gratitude

Young & Associates extends heartfelt gratitude to its valued customers, clients, and friends for their unwavering support over the past 45 years. The company eagerly anticipates the future, continuing to build upon its legacy of excellence by empowering community financial institutions to make informed decisions that enhance their success.

Young & Associates has come a long way since our inception in 1978. With a rich history of serving community financial institutions, we remain dedicated to simplifying the management of banks and credit unions, reducing regulatory burdens, improving financial performance, and increasing shareholder value. As we celebrate our 45th anniversary, we look forward to the journey ahead, knowing that our commitment to our clients will continue to drive us towards greater success. Thank you for being a part of our journey.

Ready to elevate your financial institution’s success? Reach out to us today to learn more about our top-notch consultancy services.

Credit Union Cybersecurity: Actionable Cyber Threat Defense

Written by admin on . Posted in Advice, Blog, Consultation, Cybersecurity & Information Security, Information Technology, IT Audit, IT Program Design & Implementation, Network Penetration Testing, Social Engineering, Vulnerability Assessment.

In an era dominated by technology, the financial sector faces a growing menace in the form of cyberattacks. Credit unions, along with their members’ sensitive data, have become prime targets for cybercriminals. To safeguard against these evolving threats, credit unions must proactively fortify their cybersecurity defenses.

As the financial industry changes, cybercriminals adapt, so credit unions must prioritize cybersecurity planning. This article discusses steps and measures credit unions can take to protect their operations and member data from cyber threats.

Understanding the Cyber Threat Landscape

The increase in cyberattacks on credit unions, as well as their affiliated CUSOs and vendors, has brought cybersecurity vulnerabilities into sharp focus. It’s essential to recognize that cyber threats are no longer a distant possibility, but a tangible reality that demands immediate attention. Cybercriminals employ a range of tactics, including ransomware, phishing, and Distributed Denial-of-Service (DDoS) attacks, all with the potential to disrupt operations, compromise data, and tarnish the reputation of credit unions.

Taking Action: Security Controls for Credit Unions

In a realm where financial innovation and digital transformation reign, protecting sensitive data and ensuring uninterrupted services takes precedence. However, this progress is accompanied by the challenge of cyber threats, demanding a proactive approach to security.

To counter the evolving threat landscape, credit unions must adopt specific actions and security controls that reinforce their defenses. These measures not only safeguard their operations but also uphold the confidence and trust of their members. Let’s explore the steps credit unions can take to strengthen their cybersecurity and defend against cyber threats.

1. Implement Strong Access Controls

Effective access controls form the first line of defense against unauthorized access. Credit unions should enforce stringent access policies, ensuring that only authorized personnel have access to critical systems and sensitive data. Implement role-based access controls (RBAC) to limit privileges based on job roles, and regularly review and update permissions to maintain a least-privilege approach.

2. Fortify with Multi-Factor Authentication (MFA)

Incorporate MFA for all critical systems, applications, and accounts in your credit union. This extra layer of security forms a significant hurdle for unauthorized access attempts and provides protection against phishing attacks. MFA necessitates users to offer additional confirmation apart from a password, thereby boosting security.

3. Prioritize Patching and Updating Systems

Addressing vulnerabilities promptly is critical to preventing potential breaches. Outdated software and unpatched systems are prime targets for cyber attackers. Regularly update and patch operating systems, software applications, and security solutions to address known vulnerabilities and reduce the risk of exploitation. Stay informed about security advisories and updates from the software provider and relevant cybersecurity agencies.

4. Enhance Member and Employee Cybersecurity Awareness

Cyber threats evolve continuously, and so should employee knowledge. Educating your employees about cyber threats is one of the most effective ways to mitigate risks. Provide ongoing training to employees to help them recognize and respond to social engineering, the latest cyber threats, other common attack techniques, and best practices to keep them vigilant and informed. Awareness empowers your team to become a crucial line of defense. Equally important is educating members about safe online practices to prevent them from falling victim to scams or attacks.

5. Reinforce Email Security and Anti-Phishing Measures

Email remains a primary vector for cyberattacks. Implement sophisticated email security systems that inherently possess phishing identification and prevention features. Use SPF, DKIM, and DMARC to stop email spoofing and make emails more authentic, lowering the chance of successful phishing.

6. Conduct Regular Penetration Testing and Vulnerability Assessments

Proactively identify vulnerabilities by conducting regular penetration testing and vulnerability assessments. This allows credit unions to uncover weaknesses in their systems, applications, and infrastructure before cybercriminals can exploit them.

7. Craft a Robust Incident Response Plan

Prepare for the worst by developing a comprehensive incident response plan. Regularly test this plan to ensure your credit union is ready to respond swiftly and efficiently to a cyberattack. This plan should outline steps to take in case of a cyber incident, clearly define roles, responsibilities, communication protocols, and procedures, and rehearse different attack scenarios to minimize downtime and mitigate damages.

8. Manage Vendor Risk Strategically

Your credit union’s security isn’t solely dependent on your internal measures—it extends to third-party vendors as well. Review and assess the cybersecurity practices of vendors providing services to your credit union. Ensure they adhere to robust security standards and regularly evaluate their security posture to safeguard your ecosystem. Learn more about effective vendor due diligence evaluations in this blog.

9. Network Segmentation and DDoS Protection

Network segmentation involves dividing the network into smaller segments to limit lateral movement in the event of a breach. Execute network partitioning to confine possible security breaches and reduce their effects. This approach restricts attackers’ ability to move freely within the network, containing the impact and reducing the potential damage. Protect against DDoS attacks by filtering and limiting traffic to prevent disruptions to your services.

10. Safeguard through Regular Data Backups, Testing, and Recovery Planning

Ransomware attacks can paralyze credit unions by encrypting critical data. Regularly back up your data and test the recovery process to ensure quick and effective restoration in case of an attack. Backups reduce the likelihood of data loss and minimize the temptation to pay ransoms.

11. Encourage Sharing of Threat Intelligence

Get involved in communities that share threat intelligence in order to keep updated on new cyber threats and trends. Collaborating with industry peers enhances your understanding of evolving attack tactics, enabling you to adapt and protect your credit union effectively.

12. Sustain Vigilance with Continuous Monitoring and Updates

Cyber threats are ever-evolving, making continuous monitoring and prompt patch application essential. Monitor network traffic, logs, and systems for any unusual activities that could indicate a breach. Timely identification of suspicious activities enables credit unions to respond promptly and mitigate potential damage. Stay up to date with the latest security updates and promptly implement patches to close potential vulnerabilities.

13. Engage with Cybersecurity Experts

Consider seeking guidance from cybersecurity experts or firms specializing in the financial sector, like Young & Associates. Our industry-specific insights can provide credit unions with tailored solutions to address the unique challenges posed by cyber and information security threats.

Credit unions can strengthen their security and protect their operations, member data, and reputation by taking proactive cybersecurity measures. To protect against cyberattacks, credit unions must stay alert and take necessary actions as threats change and become more advanced. Remember, protecting against cyber threats is not just a responsibility—it’s a necessity for the digital age.

Partnering with Young & Associates: Expert Cybersecurity Solutions

In the face of escalating cyber threats, credit unions are seeking expert guidance and support to bolster their security measures. At Young & Associates, we understand the dynamic challenges that credit unions face in the realm of cybersecurity. We offer IT consulting, audit, and technical testing services to help strengthen your credit union’s defenses.

Our experienced experts provide valuable knowledge to help protect your institution from cyber threats with effective strategies and solutions. Y&A offers cybersecurity solutions ranging from comprehensive security audits to technical testing that uncovers vulnerabilities. We tailor our services to suit the unique needs of credit unions in this digital age. We will help your credit union understand and navigate cybersecurity. Contact us to learn more. 

Managing CRE Credit Risk Amid Market Shifts

Written by admin on . Posted in Advice, Consultation, CRE & AG Stress Testing, Lending & Loan Review, Liquidity Review, Management & Planning, Regulatory Enforcement.

By: Jerry Sutherin, President & CEO of Young & Associates

The landscape of commercial real estate (CRE) lending is shifting due to current economic events, presenting both challenges and opportunities for community financial institutions deeply entrenched in this sector. The challenges range from the profound impact of remote work trends and the uncertain future of office spaces to growing concerns about inflation and higher interest rates bringing CRE risk into the spotlight. This volatility has garnered increased attention from internal and external stakeholders, as well as regulatory authorities. Consequently, identifying the most pressing threats among these challenges and proactively mitigating risk has become a top priority for financial institutions with CRE exposure.

In the face of rising interest rates and delinquencies, many financial institutions are preparing to confront these economic stressors. In fact, some were already scaling back lending before the recent collapses of Silicon Valley Bank and Signature Bank. We have all witnessed the tightening of lending standards resulting from that event, and many analysts anticipate further tightening among all community financial institutions. This constriction is also impacted by limited deposits and liquidity forcing financial institutions to be selective in how they deploy their capital. These facts leave many analysts predicting when credit problems will emerge in the CRE sector.

The evidence speaks for itself. According to S&P Global Market Intelligence, the delinquency rate for all CRE loans held in U.S. banks has increased by five basis points year over year. Moreover, within a single quarter earlier this year, the delinquency rate for nonowner-occupied nonresidential property loans spiked by a significant 24 basis points. This has led to tighter lending standards at origination, reflecting the concerns of institutions. Further, financial institutions are taking proactive measures to mitigate CRE risk after origination. Some have set aside high-single-digit percentage allowances for office loans. Others have reduced exposure through portfolio sales. Overall, loan originations have fallen, CRE sales have slumped, and forecasts indicate a drop in CRE prices.

The tightening of lending standards, the slowdown in the growth of CRE loans, and the impact on loan originations have emerged as central concerns in the financial sector. What unifies these factors is their inherent risk and whether they act as warning signals or responses. Managing CRE credit risk is undeniably intricate, but leveraging available strategies and tools empowers community banks, credit unions, and financial institutions to effectively navigate the ever-changing CRE lending sector. This enables them to proactively assess and plan for risk mitigation, rather than merely react to these changes.

Understanding Commercial Real Estate Risk

As CRE loans represent a substantial part of many banks’ loan portfolios and higher yielding assets, especially within community financial institutions, understanding the significance of CRE credit risk is paramount. Community banks and credit unions often operate in areas experiencing job and population growth, leading to a high demand for CRE lending and, in turn, a high concentration of CRE loans. This growth and its corresponding effects on loan portfolio concentration pose new challenges for banks in terms of risk monitoring and control.

While larger financial institutions commonly maintain experienced staff and even entire departments to manage these risks, it is generally not cost effective for smaller financial institutions to hire and maintain qualified resources to help mitigate the inherent risks. In the absence of an internal CRE risk management team, it is imperative for financial institutions to rely on independent third-party resources to assist in this crucial process.

Historical Context and Lessons from Past Experiences

A retrospective examination underscores the importance of proactive risk management. Many significant historical banking failures were largely attributed to overinvestment in CRE loans and the lack of an effective risk management process. Weak underwriting standards and poor portfolio management led to an oversupply of CRE properties and borrower defaults. Over time, regulatory improvements, such as stricter underwriting and risk management requirements, have been implemented. Nevertheless, predicting the future remains uncertain. We can only analyze past patterns and the shortcomings to properly assess future risks.

In 2023, community and regional financial institutions comprise approximately 72% of the CRE loan market, taking on an above-average amount of CRE credit exposure. Recognizing such circumstances is vital, as you should be alert to potential red flags. Identifying and managing CRE credit risk is critical.

Identifying Emerging CRE Risk

A comprehensive understanding of CRE credit risk highlights the increasing complexity of its landscape. CRE credit risk is multifaceted, with numerous risk categories affecting CRE lending, including market risk, asset risk, liquidity risk, and credit risk, among others. To construct a robust risk management strategy, all these variables must be explored and considered.

To assess your financial institution’s CRE loan segment’s health, a systematic approach is needed. When determining if your CRE portfolio exceeds your institution’s risk appetite and how to quantify that risk and respond effectively, the answers lie in developing a comprehensive, tailored framework for assessing and analyzing your CRE loan market. The most recent regulatory interagency Statement on Prudent Risk Management for Commercial Real Estate Lending notes that institutions that successfully monitored risk have:

  • Established appropriate loan policies, underwriting standards, and concentration limits.
  • Conducted cash flow analyses based on realistic rates and expenses to ensure repayment ability and assessed borrowers’ ability to repay during interest rate fluctuations and loan structure changes.
  • Analyzed the impact of economic changes on the loan portfolio’s quality, earnings, and capital.
  • Provided boards and management with information to adapt lending strategies in changing market conditions.
  • Maintained information systems to manage concentration risk effectively.
  • Implemented appropriate appraisal review and collateral valuation processes.

With the many challenges faced by community financial institutions, the need to effectively identify, measure, and manage these risks has become paramount. While established best practices exist to address these risks, financial institutions must transition from assessing each risk in isolation to recognizing the interconnectedness and synergy between them. A more holistic approach to risk management is required, allowing institutions to confidently inform their capital planning, risk tolerance, and overarching strategy.

Strengthening CRE Risk Management in Community Financial Institutions

A comprehensive risk management strategy empowers financial institutions to adapt to market dynamics, instilling confidence among stakeholders and regulators. Alongside the factors discussed in the previous section, regulatory guidelines highlight two critical facets of CRE risk management: stress testing and portfolio reviews. While community financial institutions can execute these internally, outsourcing can offer efficiency and effectiveness.

CRE Portfolio Stress Testing

Stress testing and sensitivity analyses are indispensable tools for evaluating CRE risk and gauging the impact of economic fluctuations on asset quality, earnings, and capital. These assessments should align with the portfolio’s size and risk profile. CRE stress tests inform strategic and capital planning, credit concentration limits, policy, and underwriting. Integrating stress testing into risk management and strategic planning is essential to anticipate and mitigate risks, especially given current market uncertainties.

Although loan-level stress testing serves a purpose on a transactional level at origination, financial institutions should also regularly perform portfolio-level stress testing that encompasses a bottoms-up and a top-down approach. The bottom-up approach allows financial institutions to gauge the risks of individual, seasoned loans by stressing each transaction through interest rate changes, collateral values, and other market factors. Implying moderate and high stress scenarios to each transaction allows for early identification of potential losses and their impact on the capital of your organization. The top-down approach takes the remaining portfolio not identified on a loan-level analysis and uses the same stressors to further identify any possible impact to capital.

Independent Loan Reviews for CRE Risk Mitigation

Thorough loan reviews are pivotal for identifying and mitigating potential CRE portfolio risks. They enable banks to assess loan quality, maintain compliance with regulations, and make necessary adjustments on a loan and portfolio level. An effective loan review function is crucial for assessing asset quality, evaluating underwriting and ongoing monitoring, and identifying exceptions to policies. Proactive issue resolution ensures risk mitigation before regulatory scrutiny or asset quality deterioration.

To further safeguard against future losses, it is critical that a loan review be independent. If maintained internally at the organization, it should report directly to the audit committee of the board of directors or the full board of directors. If a third-party firm is contracted to perform this work, it too should report all findings to the board of directors or a committee thereof.

Tactical Approaches to Limit CRE Risk in an Unpredictable Market

To minimize exposure to CRE credit risk, institutions should enhance communication with borrowers, allocate additional resources for portfolio management, understand collateral, and manage interest rate risk. Effective market area monitoring, adaptable to the institution’s unique risk exposure and appetite, is essential. Clear communication of risk tolerance from the board down to lending staff fosters alignment and clarity.

Community financial institutions must not become complacent in their approach to risk management. It is critical to remain agile and continually adapt to changing environments and emerging risks, especially in the currently volatile realm of CRE lending. By staying proactive and employing a comprehensive risk assessment and management approach, banks and credit unions can successfully address CRE credit risk, safeguard their portfolios, and maintain their success.

Optimize Your Risk Management Strategies with Young & Associates

With over four decades of experience, Y&A specializes in helping community financial institutions manage risk. Our enduring presence in the industry reflects our ability to adapt to evolving financial landscapes. Our seasoned consultants, who have backgrounds in banking, bring firsthand experience of market fluctuations.

Outsourcing CRE Stress Testing

Young & Associates offers a CRE portfolio stress testing service that efficiently and insightfully assesses your portfolio. Using data specific to your bank, we stress your CRE portfolio across various factors. Our report quantifies potential impacts on earnings and capital resulting from collateral value decreases, changes in property net operating incomes, or increases in interest rates. What sets us apart is our ability to handle the stress testing process efficiently, allowing your institution’s management to focus on other important initiatives.

Outsourcing Loan Review

For most community financial institutions, outsourced loan review is the best choice due to size and the need for an independent party. Our loan review service, applied to your CRE portfolio, not only uncovers individual credit assessments but also evaluates the alignment of your credit standards, analysis, and continuous credit monitoring with the specific characteristics of your CRE portfolio. Our findings not only inform you about existing portfolio risks but also provide recommendations for effective risk management.

Contact us to explore how we can support your journey in addressing CRE credit risk effectively.

The Art of Safe Lending: How to Mitigate Commercial Loan Underwriting Risks

Written by admin on . Posted in Advice, Commercial Underwriting, Consultation, Lending & Loan Review.

By: Ollie Sutherin, Principal of Y&A Credit Services

Community financial institutions have long been known for their agility and personalized service, excelling at creating unique lending solutions and facilitating distinct transactions. However, the very attributes that have set them apart may now present fresh challenges as they seek to expand. Community banks and credit unions find themselves navigating a delicate equilibrium: effectively managing underwriting risk, diversifying their loan portfolios, and growing to better serve their communities. 

Additionally, the world of commercial loan underwriting presents its own distinctive challenges that further complicate finding this equilibrium. Commercial loan underwriting standards, in particular, are designed to foster relationship banking rather than transactional interactions. Loans are underwritten based on the borrower’s anticipated ability to operate their business profitably and service the debt being requested. However, the actual cash flows of borrowers can often deviate from expectations, and the value of collateral securing these loans may fluctuate. Most commercial loans are secured by the assets they finance, along with other business assets such as accounts receivable or inventory, and sometimes entail personal guarantees. Loans secured by accounts receivable heavily rely on the borrower’s ability to collect due amounts from customers. These complexities create a web of considerations for underwriters. 

Effective management of a community financial institution’s loan portfolio necessitates a strategic approach guided by skilled underwriters who play a pivotal role in mitigating underwriting risks in commercial lending. 

The After Effects of the SVB Collapse 

A little over six months have passed since the financial world experienced a seismic shift when a prominent regional bank collapsed. This event sent shockwaves throughout the banking sector, triggering a chain reaction that affected numerous other financial institutions, both regional and local. These far-reaching consequences have also left their mark on various aspects of community bank and credit union operations. 

Risk management has always held a pivotal role in credit underwriting, and its significance has become more pronounced in today’s ever-volatile environment. As we navigate an era of monetary tightening, global inflationary pressures, and increasing interest rates, underwriters find themselves under increased scrutiny. In the past, cheap funding was abundant, but now, risk-appropriate pricing is paramount for funding new deals. Underwriters must balance a new interest rate environment with the heightened lending and refinancing risks, necessitating increased diligence in risk assessments when extending credit and negotiating terms. 

To shed light on this matter, we will explore effective strategies for community financial institutions to limit underwriting risk in commercial lending, ensuring they can thrive while maintaining a prudent approach to lending.  

Comprehensive Credit Analysis 

The cornerstone of any sound underwriting process is conducting a comprehensive credit analysis. This involves digging deep into the current financial health of the borrower, their business, and the industry they operate in. By meticulously assessing factors like cash flow, collateral, and credit history, you can gain a clearer picture of the borrower’s ability to repay the loan. 

Moreover, consider working with an experienced outsourced credit underwriting service like Y&A Credit Services to ensure you have access to the latest data, analytical tools, and expertise in evaluating commercial loans. Our team of experts can assist from reviewing your analysis to completely underwriting the transaction, ensuring you have all the information to help you make informed lending decisions. 

Diversification of Loan Portfolios 

Diversification is a risk management principle that rings true in commercial lending as well. By diversifying your loan portfolios across various industries and business types, you can reduce your exposure to sector-specific risks. A balanced mix of loans in manufacturing, real estate, healthcare, and other sectors can help buffer your institution against economic downturns that may affect a particular industry. 

Loan Covenants and Monitoring 

Establishing clear and enforceable loan covenants is another key step in limiting underwriting risk. These covenants set out the terms and conditions under which the borrower must operate and repay the loan. Regularly monitoring the borrower’s compliance with these covenants and requesting the most current information from your borrower is equally important. It allows you to detect early warning signs of financial distress and take corrective action sooner when you have more options for a successful outcome for both your borrower and your institution. 

Loan Portfolio Stress Testing 

In an ever-changing economic landscape, stress testing is an invaluable tool for gauging how your loan portfolio would perform under adverse conditions. By modeling various scenarios against your portfolio, you can assess your institution’s vulnerability to economic shocks and make proactive adjustments to your lending practices. 

Ongoing Training and Education 

Staying up to date with the latest industry trends, regulations, and best practices is essential. Encourage your staff to engage in ongoing training and education programs related to commercial lending and underwriting. This ensures that your institution’s underwriting processes remain current and effective. 

Regular Commercial Loan Underwriting Reviews 

To maintain the health of your loan portfolio, it’s crucial to conduct regular reviews of your commercial loan underwriting practices. This ensures that your institution’s standards and processes align with the evolving landscape of commercial lending. It also allows you to make necessary adjustments and refinements to minimize underwriting risks continuously. 

Outsourcing Commercial Credit Underwriting 

Third party assistance for commercial credit underwriting can be a strategic move to ensure the accuracy and effectiveness of your underwriting processes and relieve your institution of the need to maintain an up-to-date full-time staff.   Professional outsourced services, like Y&A Credit Services, offer expertise, access to advanced analytical tools, and an impartial perspective, helping your institution make sound lending decisions and maintain high underwriting standards.  These services can be implemented from fully outsourced to fractional, helping assist during peaks in volume.  

Y&A Credit Services’ Guidance in Commercial Underwriting 

Mitigating underwriting risk in commercial lending stands as a pivotal cornerstone for upholding the financial health and stability of community banks and credit unions, especially in the wake of the industry upheaval earlier this year. By implementing comprehensive credit analysis, diversifying loan portfolios, enforcing loan covenants, conducting stress tests, and investing in ongoing training, regular reviews, and outsourcing, you can confidently navigate the complexities of commercial lending while minimizing risks and enhance your institution’s lending capabilities. 

At Y&A Credit Services, we understand the importance of risk management in commercial lending, and we’re here to guide you through the process. Our outsourced credit underwriting services are designed to provide community banks and credit unions with the expertise and resources needed to make sound lending decisions. Together, we can build a more secure lending future for your institution, helping our communities one loan at a time. 

Contact us today to learn how we can help. 

Considerations for AI Adoption at Community Financial Institutions

Written by admin on . Posted in Advice, Consultation, Information Technology.

By: Mike Detrow, CISSP 

You have probably seen the headlines claiming that artificial intelligence (AI) models such as ChatGPT will soon replace many human jobs. Marketing campaigns are also touting the use of AI by vendors to improve the effectiveness of their data analysis tools. If you have not already started to think about the application of AI for banking operations, you will likely be evaluating it soon. Just as with any other risk management practice, it is best to evaluate new technologies proactively rather than waiting until your vendors force you to use them or your employees begin using them without your knowledge. 

The purpose of this article is to identify the risks associated with machine learning and generative AI that you should consider as you are evaluating use cases for AI at your financial institution. Machine learning is the use of training data and algorithms that allow computers to imitate intelligent human behavior more realistically. Generative AI uses machine learning to allow a computer to generate new content such as text, images, video, or sounds based on specific input provided by a user.  

The Role of AI in Financial Institutions: A Look at Practical Applications 

First, let’s explore potential use cases for AI in community financial institutions. Some of the applications that we have seen so far include: 

  • Document development, such as job descriptions, policies, and marketing materials 

Risk Factors for AI Implementation in Community Financial Institutions 

Next, let’s examine some of the potential risks associated with the use of AI in community banks and credit unions. One of the biggest concerns with the use of AI is the security of non-public information. Entering such data into an AI model that is not under the complete control of the financial institution or one of the institution’s vendors introduces the risk of this information being disclosed, resulting in the potential misuse of this sensitive data. 

In addition to security concerns, there are other risks which should be considered. Results provided by AI-driven decision-making models could be biased based on the data that was used to train the model. Also, the information provided by AI models may be inaccurate or misleading, which could inadvertently result in an employee disseminating such incorrect information if not thoroughly vetted.  

Building a Strong Foundation for AI Risk Management within Your Financial Institution 

Now that you are aware of the risks associated with AI, what should you do to evaluate its potential within your bank or credit union? To safeguard your financial institution in the era of rapid AI adoption, it’s imperative to set guidelines early. The first step is to establish a group within your institution that will provide oversight for AI. If you already have an IT Steering Committee, this role will likely be assigned to this committee as it should already include the appropriate employees for this task. If you do not have an IT Steering Committee, you should consider establishing a cross-functional group of employees drawn from various areas of the institution to handle AI oversight. 

The first initiative for your AI oversight group should include a discovery process to identify any existing use of AI at the financial institution. It is possible that employees are already using ChatGPT to help develop marketing materials, for writing scripts or macros, or they may be using web browser plugins to improve productivity. Some of your vendors may also be using AI for various tasks associated with delivering services to your financial institution or customers, such as AML models, loan underwriting, and website virtual assistants or chatbots 

This group should develop a plan to identify any employee use of AI, whether it be through engaging in conversations with employees or potentially through employing the use of web traffic analysis. Keep in mind that your IT staff may not be the only employees that are potentially using AI within your financial institution.  

Additionally, your AI oversight group should review vendor documentation and, if deemed necessary, reach out to vendors to determine how they may be using AI. The purpose of this discovery process is to determine whether any non-public data has been put at risk based on any current or prior use of AI by employees or vendors so that appropriate actions can be taken to address any potential data misuse and prevent any further inappropriate AI usage.  

Once the AI oversight group has identified existing utilization of AI by employees and vendors and addressed any potential security concerns, the next step is to formally establish the institution’s risk appetite related to AI. This is achieved by documenting it within a policy that will be approved by the board and provided to employees for their acknowledgement. You should consider the following criteria within your policy: 

  • Definition of AI and the associated risks 
  • Authorization Process: Clearly defined IT Steering Committee approval requirements for new use cases. 
  • Vendor Risk Management: Due diligence practices for new vendors and ongoing monitoring of existing vendors to understand their AI usage and the potential risks involved. 
  • Acceptable Use: Employee guidelines for the usage of AI models such as ChatGPT and browser plugins, data security, output verification process, etc. 
  • Ethical and Legal Requirements: Guidelines for nondiscrimination, regulatory compliance, and adherence to other institution policies. 
  • Intellectual Property Protection: Measures to safeguard intellectual property rights and copyrighted material. 
  • Incident Response: Procedures to detect and report any suspected security incidents. 

It is important to note that it is likely not feasible to implement an outright ban of AI at the financial institution within your policy, especially as some of your vendors are likely already using AI or will be using it in the near future. 

With the use of AI expected to increase very rapidly over the next few years, it is imperative for management to establish guidelines for its use as early as possible to limit the potential for its misuse at your institution. 

Y&A’s Solution for Secure AI Adoption and Risk Preparedness within Financial Institutions 

In the rapidly evolving landscape of AI integration within the financial sector, striking a balance between reaping the potential benefits of this technology and practicing effective risk management can be challenging. It’s crucial to adopt a risk-ready approach to scaling AI integration in order to safeguard the future of your institution. The proliferation of AI applications shows no signs of slowing, making it wise to proactively address risks before regulatory measures come into effect. 

To streamline the process of addressing AI risk, Young & Associates offers a customizable AI policy that you can tailor to your financial institution’s specific needs. Click here to learn more about this product. 

Should you have any questions about this article, please reach out to Mike Detrow, Director of Information Technology, at mdetrow@younginc.com or contact us on our website. 

Overdraft Programs and Fees: Navigating the Regulatory Maze

Written by admin on . Posted in Advice, Compliance & Regulations, Consultation.

By: Karen S. Clower, CRCM and William J. Showalter, CRCM, CRP

Fee income practices in overdraft programs have garnered increasing attention from regulatory bodies such as the CFPB, OCC, NCUA, and FDIC. The risks associated with overdraft practices are growing, and overlooking them can pose significant threats to your financial institution.

These regulatory developments are of particular concern for both APSN (Authorize Positive, Settle Negative) and NSF (Non-Sufficient Funds) fee practices. With both federal and state regulators scrutinizing these areas, it’s a critical time for financial institutions to review their overdraft and insufficient funds procedures. Unpacking the intricate world of overdraft programs, understanding fair banking risks, and adopting best practices to mitigate them have never been more crucial.

Multiple Re-Presentment Fees Under the Microscope

The FDIC revised their Supervisory Guidance on Multiple Re-Presentment NSF Fees in June 2023. The core message from this guidance is the importance of transparency in re-presentment practices. The FDIC emphasizes that re-presentment practices may be deceptive when lacking clear disclosure and unfair when they lead to the assessment of multiple NSF fees for a single transaction.

A re-presentment occurs when a transaction is initially declined due to insufficient funds, followed by the merchant resubmitting the transaction, which may incur additional NSF fees. In many instances, customer disclosures do not fully convey the nature of these re-presentment practices, elevating the risk of consumer harm and regulatory violations. It is prudent for financial institutions to review and update disclosures to avoid causing consumer harm and accumulating violations.

Identifying Potential Risks Associated with NSF Fees on Re-Presented Transactions

Examiners have identified several risk factors related to the assessment of NSF fees on re-presented transactions:

  • Consumer Compliance Risk: Charging multiple NSF fees for the same unpaid transaction can breach Section 5 of the FTC Act, which prohibits unfair or deceptive practices. Not adequately informing customers can mislead and potentially harm them.
    • Deceptive Practices: The FDIC finds charging multiple NSF fees without proper disclosure deceptive.
    • Unfair Practices: Inadequate customer advice on fee practices can be unfair, particularly if it causes harm and offers no benefits to the consumer.
  • Third-Party Risk: Third-party involvement in payment processing and tracking re-presented items can lead to risks. Institutions should monitor these arrangements closely.
  • Litigation Risk: Charging multiple NSF fees may lead to litigation. Many institutions have faced class-action lawsuits and substantial settlements for inadequate fee disclosures.

Managing NSF Fee Risks

The FDIC encourages financial institutions to review their practices and disclosures regarding NSF fees for re-presented transactions. Note that a highlight of the most recent update to their supervisory guidance is that their current approach does not involve requesting financial institutions to conduct lookback reviews absent a likelihood of substantial consumer harm. To mitigate the risk of consumer harm and legal violations related to multiple re-presentment NSF fees, financial institutions are encouraged to consider the following:

  • Eliminating NSF fees.
  • Charging only one NSF fee for the same transaction, even if it’s re-presented.
  • Reviewing policies and practices, clarifying re-presentment practices, and providing customers with updated disclosures.
  • Clearly and prominently disclosing NSF fee amounts, when they are imposed, and the conditions under which multiple fees may apply to a single transaction.
  • Reviewing customer notification practices and fee timing to enable customers to avoid multiple fees for re-presented transactions.

These recommendations are based on supervisory observations to date and do not impose any legal obligations to financial institutions. While not mandatory, these steps help in reducing the risk of consumer harm.

FDIC’s Supervision of Re-Presentment NSF Fees: A Closer Look

The FDIC has a specific approach when it comes to overseeing and enforcing regulations regarding multiple re-presentment NSF fee practices. Their main aim is to identify and correct issues related to re-presentment, with a focus on ensuring that customers who have been harmed receive the necessary solutions.

As part of their process for assessing compliance management systems, the FDIC acknowledges institutions that take proactive steps to identify and rectify violations. Importantly, if institutions have already addressed these violations before a consumer compliance examination, examiners generally won’t cite UDAP violations.

When financial institutions proactively identify issues related to re-presentment NSF fees, the FDIC has clear expectations:

  • They should take corrective actions, which include providing restitution to affected customers.
  • There should be a prompt update to NSF fee disclosures and account agreements for all customers, both new and existing.
  • Consideration should be given to implementing additional risk mitigation practices to reduce potential unfairness risks.
  • Monitoring of ongoing activities and customer feedback is essential to ensure that corrective actions are sustained over time.

The FDIC evaluates the need for restitution by considering the potential harm to consumers as a result of the practice, the institution’s record-keeping practices, and any challenges associated with collecting and reviewing transaction data or information related to the frequency and timing of re-presentment fees. In cases where examiners identify law violations related to re-presentment NSF fee practices that have not been self-identified and fully corrected before an examination, the FDIC may contemplate various supervisory or enforcement actions, including the imposition of civil monetary penalties and the requirement for restitution where necessary.

What About APSN Fee Practices?

The regulatory focus extends beyond just re-presentment fees. One noteworthy concern is the practice of charging overdraft fees for transactions that were initially authorized with a positive balance but later settled with a negative balance, referred to as APSN transactions. Here is an overview of the FDIC’s Supervisory Guidance on Charging Overdraft Fees for Authorize Positive, Settle Negative Transactions, which was revised in April 2023 to expand upon the related 2019 Supervisory Highlights article:

Complexity in Overdraft Programs: Overdraft programs, transaction clearing, and settlement processes are intricate. APSN transactions involve consumers being assessed overdraft fees when they had sufficient account balances at the time of transaction initiation but no longer at settlement. This means it is hard for consumers to predict when fees might be assessed and how to avoid them.

Available Balance vs. Ledger Balance: Financial institutions typically use either an available balance method or a ledger balance method for assessing overdraft-related fees. The available balance can be affected by pending debit transactions. Some institutions, especially with the available balance method, assess overdraft fees on transactions authorized when the available balance is positive but posted when the balance is negative.

Unintended Consequences: In some cases, this practice leads to multiple overdraft fees being charged. Unanticipated overdraft fees can cause considerable harm to consumers. The consumer cannot reasonably avoid these fees, and their complexity further compounds the issue. This situation raises the risk of violations of consumer protection laws.

Mitigating Risks: Financial institutions are encouraged to review their practices regarding charging overdraft fees for APSN transactions. This entails ensuring that customers are not charged overdraft fees for transactions they could not anticipate or avoid. This includes monitoring third-party arrangements for compliance, evaluating core processing systems, and improving disclosures to accurately convey fee practices.

With a deep understanding of re-presentment and APSN transactions, financial institutions can effectively navigate the complex landscape of fee income and compliance. A proactive approach can aid in protecting consumers, ensuring regulatory compliance, and maintaining your institution’s reputation.

Balancing Overdraft Fee Income and Compliance

Weighing compliance and reputational risks against the revenue your overdraft program generates is crucial. While fee income is essential, safeguarding your financial institution’s reputation should always be a top priority. Striking the right balance between compliance and revenue is key.

Regulatory Insights and Recent Enforcement Actions

To stay ahead in the realm of overdraft programs, monitoring the insights and actions of regulatory bodies is essential. The CFPB, FRB, OCC, NCUA, and FDIC provide guidance and updates that can directly impact your operations. Recent enforcement actions underscore the consequences of non-compliance. Analyzing these cases can provide insights into areas where institutions have faltered and help you steer clear of similar missteps.

Your Overdraft Compliance Solution: Young & Associates

Managing overdraft programs while staying compliant with fair banking regulations is a complex task. At Young & Associates, we are here to guide you through this maze, ensuring that your financial institution not only thrives financially but also maintains a strong reputation in the industry. By understanding the risks, learning from common pitfalls, and implementing best practices, you can create a robust overdraft program that benefits both your institution and your customers.

For more in-depth guidance tailored to your unique circumstances, reach out to our team of experts. Together, we can navigate the regulatory compliance landscape and keep your financial institution on the path to success. Contact us today.

How Strategic Planning Drives Effective Change Management

Written by admin on . Posted in Advice, Change Management, Consultation, Human Resources, Management & Planning, Strategic Planning.

By: Michael Gerbick, COO 

Change is an undeniable aspect of the modern financial world. To stay competitive, thrive in a dynamic marketplace, and satisfy the demands of both customers and regulators, banks and credit unions must embrace change management as an integral part of their strategic planning process. But how can financial institutions seamlessly integrate change management into their strategies while ensuring their governance processes remain robust enough to meet regulatory requirements? Understanding this symbiotic relationship and how to strategize for achievement is vital.

The Unavoidable Reality: Change in the Financial Sector

The significance of change management in the bank and credit union industry has gained even more prominence in recent times. In the Fiscal Year 2024 Bank Supervision Operating Plan released by the Office of the Comptroller of the Currency Committee on Bank Supervision, change management takes center stage. The plan underscores the importance of banks implementing significant changes in various aspects of their operations, from leadership to risk management frameworks, and even in their use of third-party service providers that support critical activities.

The operating plan emphasizes the role of examiners in identifying these financial institutions and evaluating the suitability of their governance processes. This includes assessing whether the acquisition or retention of qualified staff aligns with the changes undertaken by the board or management. These changes can arise from a variety of factors, including mergers and acquisitions, system conversions, regulatory requirements, and the implementation of new, modified, or expanded products and services, such as cutting-edge technological innovations.

This regulatory focus underscores the critical nature of integrating change management into the strategic planning process for banks and credit unions. It is not just about responding to the evolving landscape; it is about proactively steering the ship towards a brighter, more competitive future. Change is a constant in the financial sector. Market dynamics, technological advancements, shifting customer expectations, and regulatory updates all contribute to the perpetual evolution of this industry.

For banks and credit unions, change should not be a reactive response; it should be a proactive strategy. Strategic planning, often seen as the roadmap for an organization, is the mainstay that can help financial institutions navigate these uncharted waters. However, the true synergy lies in integrating change management into this planning process.

The Power of Change Management

Change management, at its core, is about guiding an organization through the transition from its current state to a desired future state while minimizing disruptions and ensuring that the change is well-received by employees and stakeholders. In the context of banks and credit unions, effective change management can manifest in various forms, such as:

  • Digital Transformation: Embracing new technologies to enhance customer experiences and operational efficiency.
  • Compliance Updates: Adapting to evolving regulatory frameworks to avoid penalties and maintain trust.
  • Cultural Shifts: Fostering a culture of innovation and adaptability among employees.
  • Product and Service Enhancements: Continuously improving offerings to meet customer demands.
  • Proactive Risk Assessment and Management: Identifying, mitigating, and seamlessly integrating risk management to safeguard against potential risks and challenges.

The crucial role of change management in this industry cannot be overstated. It enables financial institutions to execute their strategic visions successfully, transforming conceptual ideas into concrete actions.

Incorporating Change Management into Your Financial Institution’s Strategic Planning

To weave change management seamlessly into your strategic plan, consider the following steps:

  1. Establish a Clear Vision: Clearly define your strategic objectives and the desired outcomes of the change initiatives. Ensure that your team understands and is aligned with this vision.
  2. Identify Key Stakeholders: Recognize the individuals and groups affected by the proposed changes. Engage with them early to gather insights, address concerns, and gain their support.
  3. Create a Robust Governance Framework: Robust governance processes are essential for change management in banking. This includes defining roles and responsibilities, establishing decision-making processes, and setting up regular progress tracking mechanisms.
  4. Develop a Communication Strategy: Effective communication is the backbone of change management. Craft a comprehensive plan to keep stakeholders informed, engaged, and motivated throughout the change journey.
  5. Build Change Champions: Identify and empower individuals within your institution who can serve as change champions. They can help drive the transformation and inspire their colleagues.
  6. Monitor and Adapt: Regularly assess the progress of your change initiatives and be ready to adjust your strategies as needed. Change is iterative, and adaptability is key to success.

Incorporating change management into strategic planning is critical. By establishing a clear vision, engaging key stakeholders, creating a robust governance framework, crafting effective communication strategies, building change champions, and embracing adaptability, your financial institution can navigate change seamlessly and achieve its strategic objectives.

Governance Processes: Meeting Regulatory Requirements

Incorporating change management into your strategic plan does not mean sacrificing regulatory compliance. In fact, it can enhance your ability to meet these requirements effectively. Here is how you can navigate this regulatory landscape while optimizing your change management efforts:

  • Risk Assessment: Conduct comprehensive risk assessments to identify potential compliance gaps and challenges associated with your proposed changes. Address these issues proactively and effectively to minimize regulatory risks.
  • Regulatory Engagement and Collaboration: Establish open and constructive lines of communication with regulators and examiners. Keep them informed of your change initiatives, seek their insights and guidance on change management strategies, and demonstrate your commitment to compliance.
  • Documentation and Reporting: In line with regulatory requirements, maintain meticulous records of your change management efforts, including compliance measures. Thorough and accurate documentation can simplify examinations and audits, making the process smoother and more efficient.
  • Training and Education: Invest in training and educating your staff on regulatory changes and their implications. Knowledgeable employees are your first line of defense against compliance issues.
  • Continuous Improvement: Remember that change is perpetual. Continuously assess and adapt your change management strategies to stay ahead in a rapidly evolving industry.

By following the strategies outlined above, you can navigate the complex regulatory landscape while optimizing your change management efforts and harmonizing change with compliance. Embrace these practices, and your organization will not only thrive in the face of change but also meet regulatory demands with confidence and efficiency.

Embracing Proactive Change Management

Change management is a function of an effective strategic plan. The symbiotic relationship between them is the cornerstone of success in modern financial institutions. Embracing change as an opportunity, rather than a challenge, is crucial. Integrating change management into your strategic planning process, establishing robust governance procedures, and ensuring regulatory compliance are the keys to thriving in an ever-evolving industry.

Remember, change is not a one-time event but a continuous journey toward a brighter future for your institution and stakeholders. Align your strategic planning with regulatory directives and embrace change management as a proactive strategy to not only meet regulatory demands but also position your institution as an industry leader in the dynamic financial landscape. Embrace change, and let it steer your institution toward success.

Young & Associates: Your Partner in Change

Y&A is here to support financial institutions as they navigate the ever-evolving landscape of the financial industry. With our team’s extensive experience in regulatory compliance, risk management, and strategic planning, we stand ready to assist you in successfully embracing, harnessing, and facilitating change. With over 45 years of proven experience as a trusted ally to financial institutions, you can rely on Y&A to guide through the financial sector’s changing terrain. Get in touch with us to learn how we can help.

Succession Planning Strategies for Developing Your Leadership Legacy

Written by admin on . Posted in Advice, Consultation, Management & Planning, Succession Planning.

By: Clarissa Sinchak, PHR, Director of Human Resources

An aging workforce is an increasing concern for many financial institutions, but with thoughtful planning and a solid road map in place, it is possible to leverage the strengths of these invaluable, loyal, and tenured employees while concurrently planning for the future and growth of your organization.

Understanding Workforce Age Trends and the Road Ahead

According to recent studies, the baby boomer generation, comprising individuals aged 57 and older, reflects nearly 20% of the overall U.S. workforce population. However, according to the Bureau of Labor Statistics, this same group of workers represent an even higher percentage in the financial services and banking industries – nearly 24% of the overall workforce. As such, it is important for business leaders to address this demographic shift proactively to ensure continued success of their organizations.

While the expertise of older employees is incredibly vital, there are some key challenges that an ageing workforce presents as it relates to sustaining the future of the company. Naturally, as senior employees retire, financial institutions may inevitably face a skills gap if there are not enough younger employees with the necessary skills and experience to fill these roles. This can have a negative impact on the overall morale and ultimate retention of these younger workers, not to mention an adverse effect on the continued growth and stability of the company. So, what can executive management do to help mitigate this issue?

Proactively Managing the Challenges of an Aging Workforce

To address the challenges of an aging workforce, financial institutions must adopt proactive strategies. First and foremost, focus on upskilling by providing training and development opportunities to help newer employees acquire new skills and adapt to evolving job requirements. Secondly, transfer knowledge! The natural attrition of experienced employees that all financial institutions are facing can result in a loss of institutional expertise, so it is crucial to facilitate knowledge transfer from retiring workers to younger ones.

This can be accomplished through structured training, ensuring that this valuable expertise remains within your institution. Seasoned employees bring decades of wisdom as well as unique perspectives and ideas to the workplace. They can serve as mentors and advisors to their younger counterparts, contributing to their development. Additionally, older workers also have a clearer understanding of the needs and preferences of your valued and loyal long-term clients, which can provide a competitive advantage when training their successors.

Where to Begin: The Foundation of Succession Planning

The question then becomes, “Where do we start, and how?”. Planning for leadership transition via succession planning is the answer to ensure long-term success and stability of an organization. But what exactly is succession planning?  Simply put, it is the process of developing a program to identify and prepare younger employees to take on leadership roles as their more senior counterparts retire.

Effective succession planning in financial and banking institutions reduces the harsh risks associated with leadership turnover, helps maintain overall institutional knowledge, and ensures an ongoing pipeline of qualified leaders who can navigate the ever-changing and highly regulated world of banking. In other words, succession planning ultimately contributes to the long-term stability and success of the industry and is crucial for guaranteeing a smooth transition of leadership while maintaining continuity in key positions.

Most organizations believe in the practice of succession planning, but many lack a standardized process for executing it. Or, if such a process does exist, typically too much time is spent on this traditionally time-consuming process. On the flip side, it’s not as simple as identifying, training, and placing employees.

Therefore, to begin the process of developing your financial institution’s future leaders, we recommend incorporating succession planning into your current performance management process. This strategic approach allows you to identify and develop your potential future leaders and create a talent pipeline that ensures a smooth transition of leadership and key positions. By aligning your company’s core competencies and the outcomes of your employee evaluations with your succession plan, you can ensure that you have a pool of qualified workers to fill key roles when transition time comes. This results in a methodical and proactive approach to leadership development.

Implementing Succession Planning in Your Financial Institution

To help you begin this process, we have outlined ten key steps for developing an effective succession plan for your financial institution:

1. Align the Succession Plan with Your Financial Institution’s Goals

Begin by aligning your succession plan with your institution’s strategic goals. Identify the key positions throughout the entire organization that are critical to achieving those goals and prioritize them for succession planning. Typically, these are C-suite roles (CEO, COO, CFO) and other key executive positions, but remember to consider leadership roles at lower levels that are critical to your bank or credit union’s success.

2. Hold Succession Planning Meetings with Leadership

Hold planning meetings with the key stakeholders of your financial institution as part of your talent review process. During these meetings, discuss the progress of high-potential employees, review their career development plan, and identify potential successors for critical positions.

3. Define Key Positions

Start by identifying critical roles within the organization that require succession planning. These are typically leadership, management, or specialized positions that are essential for the institution’s success. Clearly outline the criteria, competencies, and qualifications required for individuals to step into these leadership roles. Develop contingency plans for unexpected leadership openings. Identify interim leaders or backup candidates who can step in temporarily while a permanent replacement is identified and groomed.

4. Communicate and Ensure Transparency

It is crucial that you ensure employees are aware of the succession planning process and its importance within the institution. Make sure to incorporate this discussion into your performance evaluation meetings with your team. Transparent communication can motivate employees to actively participate in their own development. It also fosters engagement which is critical in retention.

5. Conduct Ongoing Performance Discussions

Conduct regular performance meetings, not just as an annual evaluation tool, but also as a forum for discussing an employee’s progress toward their development goals. Use their reviews to provide feedback and adjust their career development plan as needed. Managers should provide guidance on how employees can prepare for future roles.

6. Identify High-Potential and High-Performing Employees

Within your performance evaluation process, assess and identify high-potential and high-performing employees who have the skill sets, competencies, and interest to fill the previously determined key positions in the future. This can be done through performance reviews, ongoing feedback, and in-depth goals discussions.

7. Create Individual Career Development Plans

Work with the high-potential, high-performing employees you identified to create Individual Career Development Plans. These plans should outline their career goals, areas for development and improvement needed, and the training and experiences needed to prepare them for future roles. Also, set clear performance goals that are directly related to the competencies needed for succession in key positions. These goals should be specific, measurable, achievable, relevant, and time-bound (SMART).

8. Assign Senior Mentors

Assign mentors or coaches to the employees identified as future leaders. Seasoned mentors can provide guidance, share their knowledge, and help employees develop the skills necessary for future roles. This can be done through workshops, seminars, and on-the-job training. Also, encourage cross-training and job rotations to expose high-potential employees to different areas of the organization and broaden their skill sets.

9. Regularly Monitor Progress

Continually monitor the progress of your succession plan and adjust as necessary. Succession planning is an ongoing process that should evolve with changing organizational needs.

10. Ensure Consistency and Ease of Use

Having an uncomplicated, consistent process makes it possible to maintain objectivity across all departments. To develop a comprehensive succession strategy that will benefit your financial institution, executive management must recognize that each institution needs to develop a process that fits its own specific strategic goals and objectives.

Ultimately, it is important to remember that a successful succession plan should be flexible and adaptable to changing circumstances. It’s an ongoing process that should evolve as your community bank or credit union does. By investing in developing your leadership legacy, you can build a strong and capable leadership team that can direct your financial institution into the future.

Partnering with Young & Associates for Succession Planning

At Young & Associates, we understand the unique challenges and opportunities faced by financial institutions in managing an aging workforce and preparing for leadership transitions. Our team of seasoned experts specializes in providing comprehensive consulting services tailored to the specific needs of banks, credit unions, and other financial institutions.

Don’t wait until the challenges of an ageing workforce create disruptions in your institutions. Partner with the Y&A team to develop a robust succession plan that guarantees a smooth transition of leadership, maintains continuity in key positions, and contributes to the long-term stability and success of your institution. Get in touch with us today to discuss your specific needs and challenges.

Elevating Your Financial Institution: Why Young & Associates is Your Trusted Partner for Success

Written by admin on . Posted in Consultation.

The Y&A Advantage

In the fast-paced world of banking and credit unions, the stakes are high, and the landscape is ever-changing. As you gear up for the upcoming year, you need a strategic partner you can trust – one with a proven track record, unmatched expertise, and an unwavering commitment to your success.

45 Years of Trust and Excellence

For nearly half a century, Young & Associates has been at the forefront of the financial industry, helping banks and credit unions thrive in an evolving marketplace with consulting, outsourcing, and education services. Our longevity speaks volumes about our dedication and resilience. Here’s why our 45 years of experience matter:

  • Stability in a Shifting Landscape: In an industry marked by constant change, our steadfast presence provides you with the stability you need to navigate turbulent waters confidently. We have a proven track record as a strategic partner in helping financial institutions navigate complexities and maintain a competitive edge.
  • Time-Tested Strategies: We’ve witnessed industry trends come and go, and our time-tested strategies reinforced with continuing education have consistently delivered results. Trust us to adapt and evolve with the times while maintaining our commitment to excellence.

Over the past 45 years, we have been a trusted partner for numerous institutions, adapting and evolving to meet their changing needs. Our longevity in the industry attests to our unwavering dedication to our clients and our ability to evolve with the changing financial landscape.

Your Success Simplified: Full-Service Provider

Young & Associates offers a comprehensive suite of services designed to streamline your operations and simplify vendor management. We understand that in the fast-paced world of banking and credit unions, efficiency and convenience are paramount.

At Y&A, our offerings are not limited to a single area of expertise. When you partner with us, you gain access to a wide range of services, all under one roof. Whether you require support with regulatory compliance, lending, appraisal reviews, quality control, liquidity management, risk management and strategic planning, internal audit, information technology and cybersecurity, human resources, or training and development, we have you covered. Our clients often find value in our partnership beyond the scope of their initial engagement. They reach out for questions and seek clarifications in areas where they haven’t formally enlisted our services, trusting in our wide breadth of expertise to provide guidance and support their advancement.

By offering this holistic approach, we aim to be your trusted one-stop shop for all your financial institution’s needs. No more juggling multiple vendors – with Young & Associates, you can simplify your operations and enjoy a more efficient process. We aim to be the partner you turn to whenever an opportunity or challenge arises.

Experts with Hundreds of Years of Combined Experience

When you choose Young & Associates, you gain access to a team of consultants with centuries of collective experience in the banking and financial sector. Our consultants have been bankers themselves, giving them a unique perspective and an in-depth understanding of the challenges and opportunities specific to financial institutions. With decades of hands-on, real-world experience, our experts have walked in your shoes, gained invaluable insights, and honed their skills within financial institutions. We acknowledge that each challenge is distinct, and our diverse team possesses the expertise and proficiency required to address intricate details while harmonizing them with broader strategic considerations, ultimately ensuring your success.

High-Quality, Thorough Work That Sets Us Apart

At Young & Associates, we take pride in the quality and thoroughness of our work. In the financial industry, precision can make or break your institution. Our meticulous approach ensures that no detail is overlooked, and your operations run smoothly.

Quality is the cornerstone of our services. We pride ourselves on our comprehensive approach, leaving no stone unturned in ensuring the highest standards of excellence. Our services stand out for their exceptional quality, achieved through our unyielding commitment to precision, thoroughness, and delivering actionable results.

Our Sole Focus is Empowering Financial Institutions

Unlike other consulting firms with diverse portfolios, Y&A has one singular focus – financial institutions. This exclusive focus means:

  • Deep Industry Knowledge: We immerse ourselves in the financial sector, constantly staying ahead of industry trends and challenges to provide you with the most relevant insights and solutions.
  • Tailored Solutions: Your needs are unique, and we understand that. Our exclusive focus allows us to customize our services to suit your institution’s specific requirements.

Our unwavering focus on financial institutions ensures that we possess in-depth insights into your specific challenges and opportunities. We exclusively serve banks, credit unions, and financial institutions. You can trust us to provide insights and solutions tailored to your unique needs.

Building Lasting Partnerships for Mutual Success

At the heart of our approach is a commitment to building lasting partnerships. We firmly believe that your success is intertwined with our own, and, in the end, it resonates as the success of the communities you serve. Here’s why our approach to partnerships matters:

  • Long-Term Vision: We’re not in it for the short haul. We’re here to support your institution’s growth and success over the long term. Our dedication centers on delivering unmatched service and expertise to empower you in generating shareholder value and enhancing the communities you serve.
  • Your Goals, Our Mission: Your strategic objectives become our mission. We’re dedicated to helping you achieve your goals, no matter how ambitious they may be.

At Y&A, we go beyond transactional engagements; our commitment lies in forging enduring partnerships with our clients. We work collaboratively, side by side, to understand your goals and challenges. We’re dedicated to helping you achieve and exceed your financial aspirations, enabling you to better serve your communities.

Whether you’re planning for the upcoming year or envisioning your institution’s future, Young & Associates is here to provide ongoing support and guidance. With our time-tested experience, all-in-one solutions expert consultants, high-quality work, exclusive focus, and commitment to lasting partnerships, we’re your best ally in achieving success in the ever-evolving world of banking and credit unions.

Ready to discuss how Young & Associates can make a difference for your institution? Contact us today to begin a journey toward excellence and growth.

Your Success Simplified. Choose Young & Associates as Your Comprehensive Partner.

Connect with a Consultant

Contact us to learn more about our consulting services and how we can add value to your financial institution

Ask a Question