regulatory hot topics 2012

Revenue Generating Solutions For The “User”

HOT TOPICS FROM THE EXPERTSScott Sharp

Information Security

Corporate Account Take Over (CATO)• Objective:

1) Breach Customer– ZeuS – Polymorphic/Custom Trojan

2) Coerce Bank Personnel– Our Phones are down?– I really need this now?

3) Take the Money and Run! – Wire– ACH domestic or IAT (w\ History)

Information Security

Corporate Account Take Over (CATO)• Protections

– ACH Schedule & Check Account Numbers

– Voice Authorization for Wire/ACH over pre-set limit

– No foreign RDC– No “Drawn Against Uncollected

Funds”– Education– Reference TDB Guidance

– http://www.ectf.dob.texas.gov/index.htm

Information Security

• http://www.bluekaizen.org/securitykaizen_mag/issue4/Security_Kaizen_41.pdf– Hacking Banks for Fun & Profit– Facebook Awareness– Best Practices for InfoSec Training

• Less Thought of Breaches (part 364)– Mobile Phones– Client List

• Still Using IE7? Is Your Customer?– BEAST – Break SSL/TLS

Use Data & Tools to Your Benefit

• National Credit Tool File– Perform you own analysis– We can provide Header / Format– Put your examiner hat on!

Use Data & Tools to Your Benefit

• HMDA / CIP / PIF Data– Find “Fair Lending” violations before the

examiners do– Prevent UDAAP – Small Business is Next– Dive Deeper:

• Check Loan Amounts for Areas– Only Low Amounts in Low Income Areas?

» Makes Sense Right? No?

• Run for Several Years Prior– “Regression Testing”

• Prevent “Racist Output Without Racist Input”• In Case of Question – Ask for Examiner Data

Dump!

Use Data & Tools to Your Benefit

• PIF / CIP Data for Deposit Accounts– Class Actions for Account Structures

• Check Deposit Account Types by Area• Check Deposit Account Types by

Ethnic Groups

Use Data & Tools to Your Benefit

• CRA Data– Map IT! / Don’t Branch IT!

• Export Data to Excel• Import into MapPoint• Look for holes / concentrations• Compare to Demographics or Income Maps

• iPad for Board– Secure Device/Data and you’re all set

• Presentation Available @ CoNetrix Conference

Use Data & Tools to Your Benefit

• Vendors – What’s Available?– P2P – Advertise IT!– Text Alerts – Payment Reminders– Mobile Banking– Marketing Support– Cash Management

• Let the service outweigh the risk

“As bankers we have a tendency to market the products we buy to support the customer rather than the features of the products that mean the most to the customer.”

Tools to Complete

• OFM/PFM – Personal Financial Management– Spending Analysis– Account Aggregation

• P2P – Person to Person Payments– Available in Bill Pay

• Mobile Merchant Processing– Through Referral

• Mobile/ATM Check Deposit (soon)• Social Media

– On Your Own or BuzzBanking

Regulatory• June 30th 2012 – FinCEN files must be

filed electronically• Reg Z Interpretation

– Watch out for bonuses

• Fair Lending / UDAAP– Small Business

• Vendor Management (FIL-44-2008)• Payday/Predatory Lending

– Look at Georgia

• Reg E – Transfers (Consumer & Foreign)• OCC – No blanket preemption (CFPB)

– Might as well got the way of Frost!

Relax!

Consumer Financial Protection Bureau (CFPB)• Good Web Site Template (Dummy Proof)

– “Know Before You Owe”

• Non-Bank Focus / Rules– 9 months – 1 yr Rule Implementation

(after issuance)

• 120 Hour Estimate for Compliance– Systems (Majority)– Disclosures (8)– Policies (8)

Relax!

Dodd-Frank• Main Issues Already Implemented• Political Influence

– Wait for November or Go to D.C.?

• Too Big – Wait for Guidance• Too Confusing – Wait for Guidance

Durbin Amendment• Competition Limitations

– Delayed by Implementation of Interchange Caps

Questions?