What will it take for community financial institutions to survive in this post pandemic landscape? Or more importantly, what will it take for them to be successful?
Last Friday I released a letter to community financial institutions on surviving the “new normal”. This post is the first of three outlining 12 technologies that I feel will be vitally important for community banks to survive into the future.
It’s important that community banks and credit unions take the time to think about these things. Why?
- Examiners will expect to see that you’ve taken a hard look at your pandemic capabilities. What you had in place won’t be enough in the future.
- The next time this happens, your customers will have higher expectations of you. This time, it came without warning. This time, everyone had a legitimate excuse. That won’t be the case next time. Your larger competitors already have these things in place and will be more prepared to leverage them the next time around.
- Employees have had their eyes opened to the possibilities of a more flexible work from home environment. You’ll need to be able to compete with that or stand to lose some of your best people.
Some of the 12 might already in place at your bank – if that’s the case, I want you to think about how well your current solution is working and can it be improved.
Some you’ve already considered and you or your board decided it just wasn’t the right time – if that’s the case, I encourage you to refresh those proposals and view the potential project through a new perspective.
Some you’ve never even considered – if that’s the case, I ask that you open your mind to what the needs of your customers, employees, and community will be in the future, where lockdowns are possible and social distancing is the norm.
One last thing: each of these technologies will need to be secured and each have their own nuances (and maybe that’s another post). Before you implement new technology, or make major changes to your existing solutions, you need to perform an adequate risk assessment, vendor due diligence, and apply appropriate controls. If you need help doing that or have any questions, please contact us at support@bedelsecurity.com.
Remote access
In the midst of COVID-19 some financial institutions resisted remote access entirely, while others implemented it for only a few key employees. And while both may have worked as a short-term solution, this isn’t a viable strategy going forward. Simply telling half your workforce to stay at home on a rotation isn’t an efficient solution.
Developing remote access capabilities based on your business impact analysis of key departments and employees is the recommended route. This would likely be in the form of laptops, with secure VPN connections, and maybe utilizing remote desktop connections, so your people have their normal desktop while they’re away. A more advanced form of this is to utilize a Citrix or Virtual Desktop environment.
Some financial institutions got creative for remote work without a direct connection to the network (so no VPN). This solution utilizes cloud applications for employees to continue to do light work remotely without full access. A great solution that can be used for this is the Office365 platform. With it, your users can do email, share files, and collaborate on office documents in real time. While other internal applications will not be accessible, it has some interesting applications for certain members of your team.
Remote access is a must, but it may carry the highest risks of any of the 12 technologies in this series. So, please make sure you implement encryption in transit and MFA on all external facing access points including cloud solutions, among other controls (check out our remote access risk assessment for a complete list).
Video Conferencing
Video conferencing saw the fastest adoption rates of the 12 during the COVID-19 sheltered in place period. Many financial institutions have it in place but may not be utilizing it to the fullest.
Many are using this solution merely for voice or video conferencing, but it can be used for screen sharing and whiteboarding too. You can even record your meetings and, if you’re using Stream on O365, you can upload those recordings, where they’ll be transcribed automatically for you and searchable as a knowledgebase for your team.
Additionally, are you using it to continue to efficiently meet with your staff in remote branches? Can you use it to meet with customers that are unable to or afraid to come into your lobby?
Zoom is one we like for ease of use and numerous features at the base package. It had some bad press during the pandemic, but they seem to be taking this seriously and many of the threats can be addressed by turning on their built-in security features.
E-Banking
Consumers and businesses both had their eyes opened during the lockdown. Many had to familiarize themselves with technology that they were resisting, or they became aware of the limitations of banking in a strictly physical environment. This means that, in our post-pandemic world, those same businesses and consumers will demand the essentials from an e-banking perspective. When that happens, those financial institutions with the best customer experience in all the solutions will be at an advantage. Does your bank or credit union offer the following:
- Mobile Banking - Is your app easy to use? Is it available on all devices?
- BillPay – Is this integrated into your mobile app?
- Mobile Deposit - Are your deposit limits set appropriately so your customers can deposit all their checks via the mobile app?
- A2A - Do you allow customers to seamlessly transfer funds to other financial institutions including paying loans at other financial institutions?
- P2P - Can your customers pay other people via a person to person payment application?
- Cash Management (Wire & ACH) - Can your business customers manage their money and transfer funds securely without coming into the bank?
- Merchant Deposit Capture - Can your business customers deposit all their checks without coming into the bank?
Cross Training
Many banks and credit unions quickly became aware of their cross-training capabilities (or deficiencies) during the lockdown.
This will need to be a focus for financial institutions going forward. The best approach to developing a good cross training structure in your environment is to establish and update internal procedures. While it doesn’t require technology to document your procedures, it can make it easier and more effective.
The first step is to inventory the necessary procedures based on your business impact analysis. From there, we recommend empowering selected employees closest to the process to develop and keep them up to date.
We love using SharePoint for documenting and storing operating procedures. It is a great tool for organizing items by department and, when utilized properly, changes can be easily made and are reflected immediately. This makes it easier to maintain procedures on the fly and ensure that any updates are available to those who need it.
As noted above in Video Conferencing, you can use Zoom to record your screen and audio on how to perform any process on your computer. The advantage here is that it’s much faster to record your screen while you perform the task rather than typing it up AND it’s much clearer for the person watching the video. As a bonus, if you are using O365, these videos can be loaded to Stream and the transcription of the video can be searchable to be easily found.
Those procedures hosted on SharePoint and Stream are all accessible remotely without VPN, so it naturally aligns with the remote access strategy above.
Conclusion
I hope you’ve found this helpful. Please contact us with any questions at support@bedelsecurity.com.
Part 2 of this post will be available tomorrow and will cover a new way to manage telephone traffic, how to leverage vendors, and more.