HSA Usage Continues to Evolve as Account Balances Grow

By Dennis Zuehlke, Compliance Manager, Ascensus.

Credit unions experienced double-digit growth in health savings account (HSA) deposits last year, with a 17.6 percent increase in assets from 2015 to 2016. Credit unions now hold $1.38 billion in HSA assets, based on data analyzed by Devenir.

Devenir provides customized investment solutions for HSAs and the consumer-directed health care market. Ascensus partners with Devenir to offer the Devenir myHSAinvestments solution and private-label HSA investment platform to banks and credit unions.

As the number of HSAs and the dollars held in them continue to increase, so does the average account balance. And, as high-deductible health plan enrollees become more familiar with the advantages of an HSA, their usage of the account begins to evolve.

Unlike flexible spending accounts, HSAs do not have a “use-it-or-lose-it” rule that requires the participant to use the money in the account to pay for qualified medical expenses incurred during the plan year or forfeit the unused portion. HSAs are instead designed to provide tax incentives to save for current and future qualified medical expenses.

Many HSA owners still use their HSA primarily as a transactional account to pay for qualified medical expenses. However, not all HSA owners withdraw from their accounts or deplete their HSA balances by year-end.

The Employee Benefits Research Institute (EBRI) analyzed HSA transaction activity in its database of 5.5 million accounts and found that only 63 percent of HSA owners withdrew from their account in 2016. The average amount distributed in 2016 was $1,771. Based on EBRI’s research showing an average total contribution amount of $2,922 in 2016, EBRI surmised that the average amount carried over at year-end was $1,151.

EBRI’s analysis also found that average year-end balances in HSAs increase for each year that the account has been open, as HSA owners withdraw less than they contribute. Accounts opened in 2004 had an average year-end balance of $14,873, compared to an average year-end balance of $1,027 for accounts opened in 2016.

As HSA balances grow, more HSA owners are starting to treat their HSA as an investment account to pay for future medical expenses. These HSA owners increasing look to invest a portion of their HSA assets in stocks, bonds, and mutual funds. More than 15 percent of all HSA assets are now held in investments—rather than traditional deposit products—and with an average total account balance of $14,971 (deposits and investments); an HSA investment holder’s average account balance is seven times larger than a non-investment holder’s average account balance, according to the 2016 Year-End Devenir HSA Market Survey.

This evolving trend presents both opportunities and challenges for credit unions offering HSAs to their members. Credit unions are benefitting from strong HSA deposit growth, but as account balances grow, credit unions need to recognize that offering a transaction account linked to an HSA savings vehicle may not meet the needs of members seeking to invest some or all of their HSA assets.

Learn more about this topic by listening to our recent podcast: “Not Offering HSAs? Your Credit Union is Missing a Chance to Grow

Ascensus Logo NewAscensus is the NAFCU Services Preferred Partner for IRA, Retirement Plan, and Health Savings Account (HSA) Solutions Software, Training, Documents and Consulting. To learn more about our partner, visit www.nafcu.org/Ascensus

5 Reasons Why Credit Unions Should Go Big When It Comes to Cloud Services

By Gregg Early, Strategic Content Director, Geezeo.

Moving to the cloud benefits credit unions. But it’s important to understand the array of options in the cloud space today and why going big is a smarter choice than going small when it comes to cloud services.

Look Before You Leap to the Cloud

  1. Overleveraged. First, smaller cloud providers may be new to the game or are straining to remain price competitive with bigger players in the space. That means they may be running at the limits of their current system, not wanting to spend more on costly upgrades.
  2. Underperformance. It’s not just static data the gets moved to the cloud. It’s also dynamic data that has to move back and forth with as little latency as possible. If your cloud provider isn’t running a world-class system, neither are you.
  3. Data without Action. Another key to having a great cloud partner is being able to have the tools to slice and dice the data you receive from your customers and turn it into actionable strategies. Just having your data available without any context for the marketing power available to your sales team is like paying for an entire hotel and sleep in only one room. The cloud offers more opportunity to enrich data.
  4. Mobility. If your CU is committed to the mobile banking space, then finding a reliable cloud services firm is crucial. And not having a mobile strategy is a risky way to move forward in today’s marketplace.
  5. Set and Forget. Because each cloud service and its partners have different protocols, you don’t want to keep jumping from one provider to another. All that time lost is time your competitors have to catch you.

Take Full Advantage of the Cloud

Geezeo saw the potential of linking with AWS a decade ago and that relationship has allowed us to give our clients all the performance, value and opportunities that they need and deserve. Our SaaS serves as a bridge between CUs and AWS to enhance the value of the digital banking experience for the customers as well as the institutions.

The bottom line is the bottom line: By working with AWS, Geezeo allows our more than 500 clients to monetize and deepen their individual relationships with their customers much more effectively than we have in the past because the cloud offers an array of tools built to meet the specialized needs of FIs in one spot.

As this next wave of the digital age expands, so will our ability to add even more powerful tools for our clients.

Geezeo is the NAFCU Services Preferred Partner for Personal Financial Management (PFM). More educational resources and contact information are available at www.nafcu.org/Geezeo.

Tax Law Changes Bring New Excise Tax

By Liz Santos, VP Marketing, BFB Gallagher.

Chances are you’re still trying to make sense of the recent tax law changes. The changes affect nearly all taxpayers and touch a wide variety of taxes- including corporate, estate, partnership and “pass through” business entities, and individual. The changes also impact tax-exempt organizations. Known as the Tax Cuts and Jobs Acts (TCJA), the tax law changes amend the Internal Revenue Code (tax code).

The TCJA created Section 4960, which provides for an excise tax on tax-exempt entities like credit unions. The excise tax, paid by the credit union, applies on (1) compensation in excess of $1 million and (2) parachute payments for highly-compensated employees. BFB Gallagher recently explained the ins and outs of the new excise tax during a webinar for the National Association of Federally-Insured Credit Unions. The recording and slides are available online ».

Here’s the good news: using a split dollar plan can help you avoid the excise tax because plan payments do not count as compensation when calculating the excise tax. A split dollar plan also converts the benefit from a liability to a growing asset. And you can restructure an existing 457(f) plan to reduce or eliminate the excise tax.

BFB Gallagher can help you determine if your credit union is subject to the excise tax. Better yet, we can help you develop an executive benefits program that is regulator-friendly and tax-advantaged. Feel free to contact me to schedule a 30-minute discovery call.

And, just in case you’re interested in the full text of the new law, you can find it here ».

Why Your Cloud Partner Matters To Your Members

By Gregg Early, Strategic Content Director, Geezeo.

There is certainly a lot of talk these days about the power of Fintech.

So, it’s understandable to ask whether all this is integral to the mission of credit unions since credit unions are driven by a different set of goals and values than a traditional bank is.

The answer is emphatically, Yes!

The latest Fintech trends are as crucial for credit unions as they are for any other financial institution. And it’s precisely because of CUs’ special role in the financial community that Fintech can become a very powerful tool for your members. The cloud presents lots of opportunities.

For you, a quality cloud means security for member data, faster response times for all your digital banking demands and most important, better tools for you to learn the needs of your individual members. The more you understand their needs, the better you can serve them with your products. The cloud can offer you, your members and member data, plenty of enrichment.

A Quality Cloud Is Key

As a SaaS provider in the digital financial management space, we’ve been preaching the power of the cloud for a long time. We got into the digital financial management business in 2006 and also saw the potential power of the cloud while it was just a blip on other’s radar screen. And it’s why we linked up with Amazon Web Services (AWS) as our primary cloud partner right out of the gate.

Nowadays, AWS is the leader in the cloud computing business ($4.6 billion in revenue in Q3) because it was thinking ahead, anticipating the market demand and building in powerful tools for its clients.

“Fundamentally, the cloud lets you play,” observes James Elwood, Geezeo CTO. “The strength of working in the cloud is, CUs can maximize the flexibility and adaptability in how they manage their systems’ needs. It gives them wider latitude to manage the mix of services and products they consume to find solutions that best serve their members. And a cloud service like AWS provides the greatest opportunities to serve those needs and ultimately their members.”

On the member side, it enables them to merge their accounts in one place and manage their entire financial life in one spot. This is not only incredibly convenient but allows each member to feel like they have a custom-built experience with their CU.

And the more successful you are at serving your members, the more successful your credit union will be in fulfilling its mission.

Geezeo is the NAFCU Services Preferred Partner for Personal Financial Management (PFM). More educational resources and contact information are available at www.nafcu.org/Geezeo.

The 3 Most Effective Methods for Managing the Equifax Breach

By Ann Davidson, VP of Risk Consulting at Allied Solutions.

The enormity of the Equifax® data breach has left a wake of fear and frustration among businesses and consumers alike. Names, social security numbers, birth dates, addresses, driver’s license numbers, and other pieces of private data were stolen from an estimated 143 million American consumers earlier this year.

Below are a number of things you can do to better protect your business and consumers from potential fraud exposures in the wake of this massive data breach:

1. PlanImplement rigorous security measures to better catch fraud attempts before they occur

  • When authenticating an account user, require personal information (i.e. high school crush, best friend from childhood, pet’s name) along with identifying information for access to the account to help prevent the identity theft of your consumers.
  • Require that the account holders have a password or passcode to access their account
  • Use multi-factor authentication:
    • Who you are: Inherence factors, such as biometric methods
    • What you have: Possession factors, such as ATM card numbers
    • What you know: Knowledge factors, such as password, pin or secret question
  • Don’t just rely on SSNs, birth dates, home addresses or driver’s license numbers for granting account access.
  • Adopt advanced tools, like biometric authentication, for verifying the identity of account holders.
  • Verify you have up-to-date contact information for all of your members’ accounts, including consumer cards and online accounts.
  • Set up a website with information regarding how you plan to communicate with your account holders about updates related to the Equifax cybersecurity breach.
  • Post and share contact resources and information for consumers so they know where to go to have their questions or concerns addressed.
  • Share educational resources and tools with your account holders that aim to help them prevent and manage identity theft and fraud.
  • Train staff on fraud warning signs and job-relevant fraud prevention/response procedures.
  • Proactively build a response plan, so you can swiftly implement the plan should any fraud exposures occur. See our Data Breach Preparedness Checklist for recommendations on building a strong plan.
  • Monitor likely points of entry for fraud, such as:
    • New membership requests
    • New products or services requests
    • Change of account holder information for existing members, such as change of address
  • Purchase institutional coverage that ensures your financial institution should a cyber attack occur.
  • Consider partnering with an identity theft vendor that offers “deeper” fraud monitoring services for consumers, namely:
    • Dark web monitoring
    • Social security monitoring
    • Address change monitoring

2. RespondAct swiftly and efficiently to help protect your business’s finances and brand, should an exposure occur

  • Set-up a designated resource or hotline for handling account holders’ concerns and questions related to the breach, such as:
    • Answering questions about fraud and identity theft
    • Assisting with credit and other monitoring services enrollment
    • Assisting with placement of fraud alerts
  • Offer professional identity fraud investigation and fraud remediation services.
  • Consider providing credit/other monitoring services at no-cost for consumers.
  • Contact Allied Solutions’ risk consultants if you are experiencing an uptick in identity fraud so we can help you to minimize the fraud exposure.
  • Notify law enforcement and regulators about the exposure.
  • Work with internal or external resources to notify your members about the breach:
    • Draft notification letters
    • Distribute employee scripts
    • Create FAQs for website
    • Write and send press releases
  • Contract with external resources to provide printing and mailing services for notification letters.
  • Contract with external resources to provide specialized legal assistance and forensic investigative services, if necessary.
  • Send out educational information to your consumers, about recommended steps they should be taking to protect themselves from identity theft, such as:
    • Monitoring accounts daily
    • Registering for free fraud monitoring services
    • Purchasing comprehensive identity theft protection
  • Use multiple channels to communicate with account holders – email, direct mail, text, etc. – so you are reaching them through their preferred channel and device.

3. Recover: Evaluate fraud damage and response effectiveness so you can modify your breach prevention and response measures accordingly

  • Evaluative questions to ask:
    1. Where did the fraud occur, and what could you have done to better protect that point of compromise
    2. Are there security tools you need to purchase or replace to more effectively prevent breach exposures?
    3. Where were critical errors made in following the plan’s procedures?
    4. Where did the procedures come up short in providing the direction that the team needed?
    5. What steps/issues could have been avoided with proper pre-planning or different procedures?
  • Once you have answered all of these questions:
    1. Prioritize next steps for improving your breach prevention and/or response processes.
    2. Implement prioritized changes immediately.
    3. Train employees on lessons learned and new processes.
    4. Set-up a timeline for adopting all other changes.

As you work to mitigate the impact of the Equifax breach, we strongly urge you to also share breach information and updates with your consumers, while also educating them about how they can prevent and manage the risk of identity theft. Watch Allied’s recent webinar for more best practices for educating and protecting your members in light of the Equifax breach.

Also, for a dive into the root causes of fraud and for advice and tools on how to prevent future attacks listen to our fraud series webinar here.

Sign up for Allied’s Risk Alert newsletter if you are interested in receiving regular fraud and security related insights and education.

Allied Solutions is the NAFCU Preferred Partner for Insurance—Bond, Creditor Placed (CPI), Guaranteed Asset Protection (GAP), and Mechanical Breakdown Protection (MBP); and rateGenius. Learn more at www.nafcu.org/allied.