3 Questions for Your Mobile Banking Partner (Part 2)

By: Will Furrer, Senior Vice President – Product Group, Q2  

We pick up this blog series, addressing the last two questions your credit union should be asking a digital strategy company when developing a mobile banking plan.

Check out Part 1 of the blog series here to learn about the importance of providing a consistent experience on mobile.

Question 2: How does security work for the mobile channel?

Mobile security is a becoming more and more critical every day.  Due in large part to the fact that today’s mobile devices are essentially hand-held computers. As such, the risk of device compromise is something every member, and you as a credit union, should be keenly sensitive too.

Because of this, the security of your mobile banking solution can’t simply be the ‘latest and greatest’ protection available; it must be ahead of the times – using advanced techniques only behavioral modeling and machine learning can support.

Interconnectivity & Behavioral

Mobile banking is not the only type of digital banking your members will do, therefore, it is critical that your mobile security be part of a holistic view of each member’s behavior within your entire digital banking ecosystem.

A comprehensive picture of members’ behaviors across all your virtual channels, which answers questions such as: What operating system are they using for their banking? What time of day do they usually do their banking? What do their typical movements through the application look like?

The power of interconnected solutions – or better yet – of a single platform solution, are very much aligned with credit unions seeking to be the most trusted, secure brand their members engage with. 

Click for Q2 Case Study — Efficiency

Question 3: Does your mobile banking application provide support for commercial banking members?

As the majority of forward leaning credit unions seek to meet their members where they are, the need for small business features and functions available via the mobile channel is becoming increasingly important. Small businesses—a.k.a. SoHos— are making their way into the households of millions of Americans every year, who prefer to bank with a credit union due to the service, support, rates, and connection to the community where they live and work. However, neglecting their mobile business banking needs will in fact put the business of these profitable households in jeopardy over the coming years.

Feature / Function

Small and medium businesses (SMBs) require access to ACH for payments and payroll. Sometimes it’s only a few people, but more and more frequently SMB owners are using their personal accounts; meaning they are moving larger and larger amounts of money to more and more employees or contractors.

The great news is: your credit union can work with the SMB’s relationships to provide accounts for these potential members. It’s a win/win.  A win for the owner of the SMB—who is now able to manage their payroll via their mobile device, as well as approve wires and draft payments, which is what they expect from a progressive credit union like yours. And a win for your credit union in the form of new members.

Conclusion

Above all else, offering a business banking solution via mobile devices will provide your members the same freedom they have come to appreciate with your retail banking products—expanded to where they make their living, not just where they check their balances. Mobile commercial banking access is a clear separator for innovative credit unions, one that will benefit you and your members.

 

Q2 is the NAFCU Preferred Partner for Single Platform Virtual Banking Solutions—Including Online and Mobile—for Community and Regional Financial Institutions. Learn more about Q2 by visiting www.nafcu.org/q2.

Card Data Breach Loss Prevention Checklist

By Ann Davidson, VP of Risk Consulting at Allied Solutions

Many of the large-scale card data breaches in 2015 involved the compromise of magnetic stripe data on both credit and debit cards. The data compromised in most of these card breaches involved either track 1 or track 2 magnetic stripe fraud (POS 90), as determined by the merchant during the transaction authorization. Because the track information can be duplicated, there will likely be a high risk for future fraud exposure if you opt not to block and reissue these cards.

For an in-depth look into payment card fraud risks that many credit unions are being hit hard with right now, watch Allied’s webinar “Card Fraud on the Rise: How Financial Institutions Can Help Prevent It.”

Card Data Breach Loss Prevention Checklist:

  • Evaluate the compromised card number to help determine if the risk is high
    • A high risk involves the full unaltered magnetic stripe data from track 1 and/or track 2 – track 1 carries the cardholder name; track 2 does not
  • Confirm you’re utilizing “name matching” if track 1 data was part of the breach
  • Review card associations’ alerts and act immediately on at risk card data outlined in alert
  • Analyze at risk open card accounts to determine which cards are/are not still active
  • Review other card accounts to find out which cards are non-active and have already been closed due to fraud
  • Identify the fraud pattern to uncover the common point of compromise (CPP)
    • This is where the breach took place, not where the fraud occurred
    • Once discovered, report the CPP immediately
  • Block and reissue impacted, open card numbers when magnetic stripe has been compromised
  • Accelerate the reissuance of active cards prior to their expiration date
  • Consider reissuing the card 30 to 180 days before the date of expiration
  • Ask the card association(s) to take recovery action related to any expenses
  • Report the fraud to the Visa Fraud Reporting System and/or MasterCard’s Safe System, as this is a requirement under the card association(s) rules

Watch Allied’s webinar “Card Fraud on the Rise: How Financial Institutions Can Help Prevent It” to learn more about payment card fraud risks.

Allied Solutions is the NAFCU Services Preferred Partner for Insurance- Bond, Creditor Placed (CPI), Guaranteed Asset Protection (GAP), and Mechanical Breakdown Protection (MBP). More educational resources and partner contact information are available at www.nafcu.org/allied.

 

Ins and Outs of Fiduciary Outsourcing for Credit Unions

By: Richard W. Rausser, Senior Vice President of Client Services, Pentegra Retirement Services

With retirement plans seemingly becoming ever more complicated, outsourcing of fiduciary investment responsibilities has steadily become more commonplace. This is especially true in the case of the C-Suite at credit unions, which can find outsourcing very appealing.

Not only is the passing along of fiduciary responsibilities one less burden for credit union managers, allowing them to focus on day-to-day business and obviating the need for them to become qualified plan experts, but the practice can also serve to insulate them and their credit union from a number of risks.

Benefits of Outsourcing

Outsourcing to a sanctioned third-party fiduciary guarantees that a given plan’s documentation is up to date, complies with all laws and regulations, and delivers appropriate disclosures to plan participants and sponsors.

If a plan is large enough (meaning it has roughly 100 to 120 participants) it requires an independent auditor – the selection of which again can be provided by the external fiduciary, saving the credit union time and money. (It should be noted that investment fiduciary outsourcing can be appropriate for defined benefit and defined contribution plans of all sizes.)

In addition, the day-to-day management of a plan involves, among other things, making sure the plan is running as it should be; nuts and bolts record-keeping; and administrative decisions about such issues as a plan participant’s request for a loan or a hardship distribution.

Customizing Responsibilities

Arranging the responsibilities of a third-party fiduciary should be fairly easy to customize; one can outsource all of the above or cherry-pick whichever duties one wishes on an ala carte basis.

A credit union needs to provide a reputable third-party fiduciary with the following:

  • Data on the plan participants;
  • The money involved with the plan; and
  • A commitment to regularly review the plan’s performance (usually once a year).

In that way, any questions or concerns can be addressed efficiently. (Of course, any issues that rise before the review date can also be discussed at any time.)

Fiduciary Responsibility

If there are record-keeping errors made by the outside fiduciary, it is that fiduciary’s responsibility to make amends, including making up any monetary shortfall. In the unlikely case of a participant-filed lawsuit, the outside fiduciary is again front and center, providing the defense in the case and making good on any claims or settlements.

The credit union’s board and senior management are insulated from responsibility; even though the plan ultimately belongs to the credit union, it is the named fiduciary who holds the liability in such instances.

Such an arrangement can also be of value in the case of multiple employer plans (MEPs), an employee benefit plan that can be maintained as a single plan in which two or more unrelated employers participate. As each credit union has its own separate boards of directors, the advantages of having an independent fiduciary to manage and administrate the plan are readily apparent.

Credit Union Responsibilities

All of that said, there will remain some fiduciary responsibilities and liabilities for the fiduciary responsible for selecting and contracting with the outsourced fiduciary. Breach of contract is the most obvious of these, but there is also the matter of monitoring/reviewing with the outside fiduciary that I mentioned previously.

In addition – and this should go without saying – it is incumbent upon the relevant credit union executive to read all communiques from the third-party fiduciary, and to ask and follow through on any questions or concerns.

None of these duties should be particularly onerous, especially if you have chosen a reputable external fiduciary. When considering such a company – as you should with all outside vendors – “test drive the car”: Find out all you can about several different ones, ask lots of questions, and make as informed a final decision as possible.

Learn more from Rich by watching the recorded webinar: “Innovative Retirement Plan Design for Maximum Results.”

About Rich Rausser:
Richard W. Rausser has over 25 years of experience in the retirement benefits field. He is Senior Vice President of Client Services at Pentegra Retirement Services, a leading provider of retirement planning services to financial institutions and organizations nationwide, founded by the Federal Home Loan Bank System in 1943. Rich oversees Pentegra’s consulting, marketing and communications and actuarial service groups at Pentegra. He is a frequent speaker on retirement benefit topics; a Certified Pension Consultant (CPC); a Qualified Pension Administrator (QPA); a Qualified 401(k) Administrator (QKA); and a member of the American Society of Pension Professionals and Actuaries (ASPPA).

Pentegra_Logo_FinalPentegra is the NAFCU Preferred Partner for Qualified Retirement Plans for Credit Union Employees

3 Critical Stages of Third-Party Vendor Management

By Vanessa Stanfield, Insurance Solutions powered by Affinion

Did you know your credit union could be responsible for the performance of your vendors? No credit union wants to encounter regulatory trouble or face reputational risk; especially as a result of vendor activities. It’s because of that fact that vendor management due diligence is a topic of increasing importance.

But what is the right way to go about choosing  third party vendor? The National Credit Union Administration (NCUA) has provided clear direction regarding vendor due diligence. Additionally, the NCUA has deemed the following areas as critical in third-party vendor management: Risk Assessment & Planning, Due Diligence, and Risk Measurement, Monitoring and Control.

Risk Assessment & Planning

Risk Assessment

Prior to engaging a third-party relationship, assess the current risks and document how the vendor will relate to your credit union’s strategic plan. When conducting a comprehensive risk assessment, the key areas of focus are: credit, interest rate, liquidity, transaction, compliance, strategy, and reputational risk. In this discovery phase, your credit union can identify the current risks and establish expectations of the new relationship.

Due Diligence

There are four fundamental due diligence elements to consider when choosing a vendor: organizational, business model, financial health, and program risks. In these areas, your credit union can assess what degree of due diligence is required.

But remember- not all vendors are created equal. More complex vendor relationships with more risk will typically require increased due diligence; less complexity and risk means less rigorous due diligence. For a comprehensive report and the five key due diligence questions you need to ask your vendors, read the full whitepaper here.

Risk Measurement, Monitoring and Control

Credit unions must be able to continually measure performance and risk throughout the relationship with the vendor. To do this, your credit union should clearly outline the vendor’s responsibilities and policies before taking on the vendor. In the end, this will allow for proper vendor performance management so that you can ensure expectations are being met.

Credit unions should not think of vendors as a third party, but as an extension of their organization. Because of this, it is important to consider the three critical areas above when deciding on a vendor. As the NCUA has conveyed, the utilization of vendors does not in any way diminish the credit union’s level of responsibility and for that reason, credit unions should carefully select their vendors.

What Should We Ask Our Vendors?

To be confident that the vendor’s management programs are the right fit, credit unions must discuss the vendor in great detail and ask the hard questions. Failure to conduct thorough due diligence and effectively monitor these vendors place the credit union at risk. Again, not all vendor relationships call for the same level of due diligence and ongoing monitoring, but in order to determine what level is necessary there are key questions that your credit union must contemplate.

For an in-depth look at the five key due diligence questions that credit unions must ask when selecting a third-party vendor, read the full whitepaper here.

_______________________________________________________________________
InsuranceSolution_4CAffinion is the NAFCU Services Preferred Partner for AD&D Insurance

Adding LIFE To Your Credit Union

By Bryan Clagett, Chief Marketing Officer, Geezeo

Your members’ expectations evolve as they become more acclimated to technology, more financially stressed, and overburdened with life’s pace and demands. In case you have not noticed, the world is changing. Newly emerging competition is developing new bank-like products, and the definition of banking is evolving right before our eyes.

It’s time we step back and reevaluate how credit unions can provide more value.

Declaring you’re the financial partner for life is just not compelling, unless you have strong actions to back it up. Too often we forget that credit unions are enablers, and in fact have the ability to enable members to get the things they want and do the things they want to do.

With all the advances in technology, some things have not changed—like the basic needs of a household to address fundamental financial requirements, milestones, challenges and obligations. Life and money are inextricably linked whether we like it or not (or are willing to admit).

Importance of an Emotional Connection

The key for the credit union is to remain remarkably relevant throughout the “member” journey and to be there with logical products and services when members (or their households) could use them the most. Credit unions are missing very logical point-of-purchase opportunities, while not associating their products with the specific needs of a member at a specific, relevant time.

Don’t lose sight of the fact that people have an emotional connection to money and, perhaps more importantly, things and events. Emotion is a primary differentiator between transactions and a true relational connection, which (in my opinion) is the foundation of an engagement banking strategy.

How can you help a family prepare for a child’s education? How can you help a young couple get their first home? Can we help a couple plan a wedding? What’s the best way for me to get a car for my son? How do we help a family with a medical emergency? Can a bank resolve a small business’s cash crunch? In all of these examples, there are financial considerations and ramifications—and all present opportunities to credit unions.

Engagement Opportunities for Credit Unions

We need to put some LIFE into banking. LIFE is my acronym for “life infused financial experiences.” Milestones, like the examples above, represent obvious opportunities for credit unions to engage members and offer very relevant solutions while building deeper relationships and new levels of trust.

Life_weddingapp_geezeoWe have the data, the systems, the channels, and the people; we simply need to make sure we have the right solutions and services in place that will build systems and triggers that bring credit unions and their solutions to the forefront at the ideal time of need.

Now let’s try to put some ROI or business rationale around this. Bain and Company reports that members who are “emotionally connected” purchase 47% more than those who are simply “satisfied.” Members with a strong, committed relationship are 49% more likely to remain a member and twice as likely to recommend a retailer to friends and family. Bain also found companies that are loyalty leaders, grow revenue twice as fast as their competition and at a lower cost.

We should not fear disruption in the banking industry. However, we should recognize that life is disruptive, so we should find ways to reduce members’ financial pains. Credit unions have the chance to reduce friction while forming deeper emotional connections with members through recognizing and cultivating life infused financial experiences. This is a real opportunity for financial institutions and one that most industry disruptors don’t have the infrastructure or understanding to leverage.

Geezeo-A-Z-LogoGeezeo is the NAFCU Services Preferred Partner for Personal Financial Management (PFM). For more More educational resources and contact information are available at www.nafcu.org/geezeo