This year I celebrated my 15th anniversary at Safe Systems. While in some ways this milestone snuck up on me, it’s given me a chance to reflect on the many changes our industry has experienced over the last decade and a half. At Safe Systems we work exclusively with financial institutions. Throughout my career, I have had the luxury of working with some great clients at banks and credit unions. Working with these great people, supporting the role community institutions fill in their local economy and seeing the level of customer service these bankers provide their neighbors has fueled my own passion for the industry.
As time has gone by, we’ve seen pressure mount on these small institutions: pressure to compete with the services offered by big banks, pressure from regulators, pressure to survive dramatic economic change. Still, community banks are expected to provide the same level of personal service to their customers. I’d like to spend some time highlighting the challenges I’ve seen institutions face and share my thoughts on how to address them.
The Changing Face of Technology and Staffing
Fifteen years ago, institutions were just starting to access the Internet. Some still used DOS software. Only a handful of banks had real-time processing, and Novell was a common server platform. Just six years ago, Apple updated the iPhone, allowing access to Microsoft Exchange and connecting a new generation to their professional email accounts. Today, virtualization, mobile devices, electronic banking and cloud services have connected us as users and service providers in ways that were impossible just a decade ago. As we’ve added these enhancements, our expectation for turnkey solutions with limited downtime has grown. Gone are the days when you could reboot a server in the middle of the day without causing issues for your staff and customers. We continue to leverage technology more and more to help serve our customers and employees, and the dependency on IT continues to expand.
I was able to sit in on a CEO panel at a recent conference. During the session, one question that came up was, “what is biggest challenge (or challenges) facing your institution.” One of the recurring themes was the difficulty in finding and keeping talent on staff. It’s something we all face as businesses. I’d add that, along with finding and retaining great employees, most institutions struggle with what role the technology team should have internally. In most cases, the IT manager plays a critical role, as the reliance on technology has continued to expand, and there is also a trend to add the position of CIO or CTO. The goal of these leadership positions is to allow for the institution to have technology and strategy intertwined.
Security is Front and Center
Looking back to the beginning of my career, information security was just starting to be on the forefront. It is hard to imagine today, but I remember dealing with banks that didn’t even have passwords for their network. Now financial institutions face an ever-expanding array of security threats, and they spend more resources to protect against these countless threats. It seems that just about every week we’re reading headlines about another high-profile breach, a new FFIEC update or some new malicious software targeting financial institutions’ valuable data.
Protecting your institution’s digital assets can feel like a full-time job. Not only are hackers constantly searching for undiscovered exploits, but new virus definitions and security updates are released every day, and it’s your responsibility to keep the institution’s machines up to date. Regulators expect financial institutions to be prepared should an incident occur at the bank or one of its many vendors.
Keeping Up with Compliance
At Safe Systems, we regularly help our more-than 300 clients with pre-exam and post exam support. This assistance gives us unique insight to examiner expectations and regulatory trends, and it has become clear that documentation and verification are focus areas for examiners. It is not uncommon for the examiners to take your IT policies and ask whether you can provide proof that your practices line up. This level of documentation is sometimes problematic for technology and operations teams. Particularly when you factor in the multiple hats they wear at the institution, the lack of time and the complexity of systems.
You can’t just tell an examiner you’re following the rules. You’ve got to be able to show your work.
Keeping the Institution Running
Today, financial institutions increasingly rely on technology. Resources are limited, the top talent is hard to find and keep on staff, and at the same time, security risks and examiner expectations continue to grow. These many challenges can seem daunting, but no financial institution has to do it all alone.
You can’t outsource responsibility. However, you can partner with companies that can provide the tools and resources necessary to help manage technology and reduce these burdens, as long as the bank can manage and verify the processes in place.
At Safe Systems, we often hear from clients who have experienced several advantages by implementing these network management solutions. The first of which is the benefit of automating tasks the IT team would otherwise have to perform manually, such as patch management, antivirus management, server hardening and security monitoring. We help supplement existing staff through our knowledge of the industry and by making available our own experts to help with technical configurations and product setups. Finally, these solutions provide greater visibility by having the documentation needed to verify the institution is adhering to its policies and procedures. Ultimately, network management solutions that are designed exclusively for community banks can assist in taking the pressure off of increased examiner expectations and the increase in technology complexity.
Technology, security and compliance don’t have to be a burden to your institution. With the right tools and an advocate on your side, your community bank or credit union can thrive in today’s complex world of banking, and continue to be able to provide the hands-on attention to customers that set small institutions apart from the competition.