Category: Financial Institutions and Banking

Abstract:   Artificial intelligence (AI) is impacting businesses in virtually every industry today, and banking is no exception. This article notes that banks of all sizes increasingly recognize AI’s potential to help them improve efficiency, reduce costs, enhance the customer experience and combat fraud. It offers seven examples of how banks are using AI, including in customer service, fraud prevention and underwriting decisions.

7 ways AI is transforming the banking industry

Artificial intelligence (AI) is impacting businesses in virtually every industry today, and banking is no exception. Banks of all sizes increasingly recognize AI’s potential to help them improve efficiency, reduce costs, enhance the customer experience and combat fraud. Here are seven examples of how banks are using AI:

1. Customer service. Banks are using natural language processing and other AI applications to create conversational interfaces, or “chatbots,” that can improve the customer experience. These applications are available to customers 24/7. Plus, with access to troves of data and the ability to learn about specific customers’ behavior and usage patterns, they can offer highly personalized customer support at a fraction of the cost, and often more effectively, than humans.

Among other things, chatbots can answer account inquiries, reset passwords, assist with fund transfers and automatic payments, and assist with loan applications. Some banks also are using AI to recommend financial services and products, though the Consumer Financial Protection Bureau (CFPB) has been critical of the use of AI and chatbots in underwriting in some instances.

2. Fraud prevention and detection. Traditional approaches to combating fraud are becoming more challenging due to the number of daily transactions and the many customer behaviors that need to be monitored to identify anomalies. AI applications can quickly detect even subtle deviations from customers’ usual account activity and behavior patterns. These trends can alert bank personnel to potentially fraudulent activities that warrant further investigation.

AI also has the ability to monitor bank systems and provide early warnings of cyberthreats, enabling bank personnel to respond quickly and minimize the damage. Examples of cyberattacks include phishing scams, ransomware and other malware, and identity theft.

3. Underwriting decisions. Banks are beginning to use AI to improve their loan and credit decisions. AI-based systems are able to sift through vast amounts of data to analyze customer behavior and activity patterns that evince creditworthiness. They can also help spot, and flag, behaviors or characteristics that might increase the chances an applicant will default.
4. Collections. By analyzing customer data, AI can spot warning signs that indicate potential delinquencies or defaults. It also can communicate with customers and offer personalized solutions for helping them get current on their payments and avoid default.
5. Automation. Strictly speaking, robotic process automation (RPA) isn’t AI, but it has a similar impact on banking processes. RPA refers to software tools that automate time-consuming, repetitive tasks.

Not only does RPA free up bank personnel to focus on higher-value activities, but it also can improve productivity and reduce errors. Examples of the many uses of RPA include inputting data and documents, opening accounts, and processing address changes. In addition, it can be used to automate and standardize many tasks related to customer communications and regulatory compliance.

6. BSA/AML compliance. AI can be invaluable to Bank Secrecy Act/Anti-Money Laundering (BSA/AML) compliance efforts. It can sift through enormous amounts of transaction data and identify suspicious activities that would be difficult, if not impossible, to detect using traditional methods.
7. Marketing. By processing and analyzing huge amounts of data, AI can help banks track and even predict market trends. And by collecting data about a bank’s customers, it can reveal untapped sales and cross-selling opportunities.

Here to stay

For banks interested in taking advantage of AI, significant challenges remain, including implementing and maintaining the systems and the extensive data needed to support it. However, as this technology becomes more commonplace and cheaper, its benefits will be difficult to ignore.

© 2023

 “Postmortems” on failed institutions are instructive for community banks

In the aftermath of three notable bank failures in 2023, federal banking regulators issued comprehensive reports detailing the underlying causes of those failures. These postmortems are must-reads for banks of all sizes because they point out management shortcomings that led to the bank failures — as well as regulators’ plans to become more proactive in addressing bank risks. Here are some highlights of the three reports.

1. Silicon Valley Bank

According to the Federal Reserve (Fed) report, Silicon Valley Bank (SVB) was “a textbook case” of bank mismanagement. Its senior leadership failed to manage basic interest rate and liquidity risk, which led to a run by depositors. The causes of SVB’s failure were tied to 1) its business model, which was highly concentrated in early-stage and start-up technology companies and relied heavily on uninsured deposits, and 2) its failure to sufficiently address interest rate and liquidity risk. These factors left SVB “acutely exposed to the specific combination of rising interest rates and slowing activity in the technology sector that materialized in 2022 and early 2023,” observed the Fed. Also, SVB had accumulated substantial unrealized losses on available-for-sale (AFS) securities.

In addition to the fact that SVB’s directors didn’t receive adequate risk-related information from management, SVB:

• Didn’t hold management accountable for effective risk management,
• Failed its own internal liquidity stress tests and had no workable plan to access liquidity in times of stress, and
• Managed interest rate risk with a focus on short-term profits, rather than on managing long-term risks and the risk of rising rates.

The Fed also took some of the blame, noting that supervisors didn’t fully appreciate the extent of SVB’s vulnerabilities as it grew rapidly in size and complexity. Thus, it failed to take sufficient steps to ensure that SVB addressed those problems quickly.

2. Signature Bank

According to the Federal Deposit Insurance Corporation (FDIC) postmortem, the primary cause of Signature Bank’s failure was “illiquidity precipitated by contagion effects in the wake of” deposit runs that led to the failure of SVB and the self-liquidation of Silvergate Bank. The FDIC noted other causes of Signature Bank’s failure included its:

• Pursuit of “rapid, unrestrained growth” without developing risk management practices and controls appropriate for its size and complexity,
• Failure to prioritize good corporate governance and heed FDIC examiner concerns,
• Overreliance on uninsured deposits to fund its rapid growth, without implementing fundamental liquidity risk management practices and controls, and
• Failure to understand the risks associated with reliance on cryptocurrency deposits.

Like the Fed, the FDIC accepted some responsibility for Signature Bank’s failure, noting that it “could have escalated supervisory actions sooner,” its “examination work products could have been timelier,” and it could have communicated more effectively with the bank’s board and management.

3. First Republic Bank

According to the FDIC, First Republic Bank failed primarily because of “a loss of market and depositor confidence” in the wake of the SVB and Signature Bank failures, resulting in a bank run. Notably, the FDIC found that First Republic Bank was well run, responsive to supervisory feedback, and implemented appropriate infrastructure, controls and risk management processes as it grew. Nevertheless, specific attributes of its business model and management strategies made it vulnerable to interest rate changes and the contagion effects of previous bank failures, including:

• Rapid growth,
• Loan and funding concentrations,
• Overreliance on uninsured deposits and depositor loyalty, and
• Failure to sufficiently mitigate interest rate risk.

Again, the FDIC examined its own possible role in First Republic Bank’s failure. Although it was unclear whether earlier supervisory action would have made a difference, the report noted that “meaningful action to mitigate interest rate risk and address funding concentrations would have made the bank more resilient and less vulnerable.”

Stay tuned

To help avoid future bank failures, regulators are considering several changes, including rethinking stress testing requirements; imposing additional capital or liquidity requirements on banks with inadequate capital planning, liquidity risk management, or governance and controls; incorporating unrealized losses and gains into regulatory capital rules; and encouraging banks to avoid concentrations on both sides of the balance sheet.

The extent to which these changes will trickle down to community banks is uncertain. But expect greater regulatory scrutiny in the future, particularly with respect to capital, liquidity risk and interest rate risk.

Sidebar: Role of social media in liquidity risk

An interesting takeaway from the regulators’ postmortems (see main article) is the role that social media, together with banking technology, plays in liquidity risk. In its postmortem on Silicon Valley Bank (SVB), the Federal Reserve (Fed) commented that “social media enabled depositors to instantly spread concerns about a bank run, and technology enabled immediate withdrawals of funding.”

On March 8, 2023, for example, SVB announced a balance sheet restructuring, including a sale of certain securities and an intention to raise capital. The next day, SVB experienced deposit outflows totaling over $40 billion, as uninsured depositors, interpreting the announcement as a signal of financial distress, began withdrawing their funds “in a coordinated manner with unprecedented speed.” According to the Fed, the run appeared to be fueled by social media and the bank’s concentrated network of venture capital investors and technology firms.

© 2023

FDIC offers guidance on multiple NSF fees

Recently, the FDIC issued guidance to address consumer compliance risks associated with assessing multiple nonsufficient funds (NSF) fees arising from re-presentment of the same unpaid transaction. This issue often comes up when transactions are presented for payment that can’t be covered by a customer’s balance, the bank charges NSF fees and the merchant subsequently resubmits the transaction for payment.

According to the FDIC, if the bank charges additional NSF fees for the same transaction, there’s “an elevated risk of violations of law and harm to consumers.” This risk may arise, for example, because disclosures didn’t fully or clearly describe the bank’s re-presentment policy by explaining that the same unpaid transaction might result in multiple NSF fees. As a result, there may be a heightened risk of violating the Federal Trade Commission Act’s unfair or deceptive acts or practices (UDAP) provisions.

The guidance encourages banks to review their practices and disclosures regarding NSF fees for re-presented transactions and to adjust them if necessary. If violations are noted, the FDIC expects banks to make restitution.

Complying with the updated FTC Safeguards Rule

In December 2021, the Federal Trade Commission (FTC) updated its Standards for Safeguarding Customer Information (Safeguards Rule). It’s generally applicable as of January 10, 2022, with some requirements taking effect December 9, 2022. According to the FTC, the amended rule preserves the flexibility of the original while providing more concrete guidance. “It reflects core data security principles that all covered companies need to implement,” the FTC explains. Some institutions are exempt, including those that maintain customer information concerning fewer than 5,000 consumers.

Financial institutions — including mortgage lenders, collection agencies, tax preparation firms, and non-federally insured credit unions — should review their information security programs to ensure that they comply with the latest standards. A good place to start is the FTC’s publication, “FTC Safeguards Rule: What Your Business Needs to Know,” which you can find at https://www.ftc.gov/business-guidance/resources/ftc-safeguards-rule-what-your-business-needs-know.

Failure to safeguard data may violate consumer protection laws

In a recent circular, the Consumer Financial Protection Bureau (CFPB) confirmed that banks and other financial companies that fail to safeguard consumer data may violate federal consumer financial protection laws. The circular warns companies they risk violating the Consumer Financial Protection Act if they fail to have adequate measures to protect against data security incidents. It also provides examples of data security measures that, if not implemented, may trigger liability. These include multifactor authentication, adequate password management, and timely software updates.

© 2022

Businesses need to assess their financial status periodically in light of changing economic or industry conditions. This includes examining their financial statements to ensure the statements continue to be adequate, accurate and complete. Occasionally, business owners or financial officers may determine that the financial statements need to be revised or corrected. When your borrowers provide you with corrected or restated financial statements, be vigilant and double-check the numbers. It may be that the restatements simply correct an honest mistake. Alternatively, there may be fraud involved.

When a mistake becomes intentional

When Tom took over his aunt’s marketing company, the lender quickly discovered that Tom’s accounting skills hadn’t kept pace with his marketing abilities. The company engaged in various types of related-party transactions, including seller financing and a leasing arrangement with the previous owner. Tom also seemed unsure when to capitalize or expense supplies and equipment.

After two years of sloppy, delayed financial reporting, Tom’s lender recommended hiring an accountant for financial reporting and tax expertise. Shortly thereafter, the lender received an unwelcome surprise: The company needed to reissue its financial statements for the past three years.

Ultimately, the restatements revealed that Tom had overstated profits by more than $3 million over the last three years. When confronted with the news, he confessed that he’d been intentionally padding profits, because he didn’t want to disappoint his aunt.

The lender called the company’s $4 million line of credit. Tom was forced to confess his mismanagement to his aunt, who eventually left retirement to turn around the business.

When complex rules invite misinterpretation

Not all restatements result from misleading or unethical management. Often owners and managers just aren’t on top of today’s increasingly complex accounting rules — and honest mistakes or misinterpretations cause a restatement.

Restatements typically occur when the company’s financial statements are subjected to a higher level of scrutiny. For example, restatements may happen when a borrower converts from compiled financial statements to audited financial statements or decides to file for an initial public offering. They also may be needed when the borrower brings in additional internal (or external) accounting expertise, such as a new controller or audit firm.

The restatement process can be time-consuming and costly. Regular communication with interested parties — including lenders and shareholders — can help overcome the negative stigma associated with restatements. Management also needs to reassure employees, customers and suppliers that the company is in sound financial shape to ensure their continued support.

When errors become significant

Errors are a common cause of financial restatements. For example, borrowers sometimes make mistakes when accounting for leases or reporting compensation expense from backdated stock options.

Income statement and balance sheet misclassifications also cause a large number of restatements. For instance, a borrower may need to shift cash flows among investing, financing and operating on the statement of cash flows. Other leading causes of restatements are equity transaction errors, such as improper accounting for business combinations and convertible securities, and valuation errors related to common stock issuances. Preferred stock errors and the complex rules related to acquisitions, investments, revenue recognition and tax accounting also can cause restatements.

You can minimize your dependence on bad numbers by requiring independent audits for private borrowers. You also may request cost-effective internal control testing procedures for prospective and high-risk borrowers, such as those that engage in hedge accounting, issue stock options, use special purpose or variable interest entities, or consolidate financial statements with related parties.

Mistakes happen

Even the most well-managed business may slip up and make financial statement mistakes that need to be corrected. But some restatements are a warning flag — not just of potential fraud but of mismanagement or carelessness. When a borrower presents you with financial restatements, investigate the underlying cause to stay ahead of any potential problems.

© 2022