Testing Employee Policy Knowledge

How often do you check to see if your employees know what polices or procedures your financial institution has in place? Security and ethics policies should be read from time to time and compliance to those policies should be tracked.

Strunk’s Skills Manager program is one module of our overall Risk Management solution. It gives you the ability to set up templates for course study, take tests to ensure knowledge of a policy or procedure and track the results of the tests to provide a pass/fail result.

Skills Manager is a unique tool that can be used by the human resources department for company-wide deployment or by individual departments of your organization. Power Point slides can be imported and set up to discuss product knowledge and then each employee can be assigned a test to see if they were knowledgeable of certain policies and procedures.

The tracking of the results within Skills Manager is important for audits and certifications. Through Strunk’s Policy Manager solution, reader logs can be tracked to ensure that your employees are reading pertinent policies. Then through Skills Manager you can test to see if your employees understand those policies.

Strunk’s solution to risk management includes Risk Assessor, Policy Manager, Controls Manager, Vendor Manager, Issues Manager and Skills Manager along with our Overdraft Privilege Manager program. Contact us to learn more.

Reviewing your overdraft privilege program during a pandemic

With the Covid-19 pandemic having an enormous effect on a financial institution’s overdraft privilege program, this is a great time to review your existing program to make sure it is running as efficiently as possible.  Financial institutions pointed to government relief efforts, increase in unemployment benefits and the decrease in discretionary purchases that had a negative impact on overdraft privilege programs.  Even with these obstacles in our way there are still ways to make sure financial institutions maximize their fee income from their ODP program.

  1. Clean up accounts to prevent creep-age.  We find that most financial institutions, over time, experience a downward trend in percent utilization, which has a significant negative impact on fee income. By using reports that are produced in Strunk’s ODP Manager software, financial institutions will be able to gain a great understanding on how each account is performing.
  2. Evaluate your institution’s Reg. E opt in rate. The Federal Reserve Payments Study shows that roughly two-third of all transactions are done by debit card. Making sure customers understand what opt-in means for them and what happens if they don’t opt in is essential.
  3. Review how overdraft waives/refunds are being handled inside your financial institution. Waives/refunds are an area with two issues: Reduction in income fee and possible compliance issues.

There is no better time to do a complete review of your overdraft privilege program than during the Covid-19 pandemic.  Strunk can perform a checkup on your program to help with compliance and profitability while also training your employees to ensure consistency within the program.

Clarification on how to handle “Force Pay” items in an ODP program

Financial Institutions encode items with a special transaction code to ensure payments are received before other items clear an account. The codes are used for a variety of reasons. As long as you make a deposit or have enough money in your account to cover the transaction, you don’t have to take further action.  A “force pay” debit is a special transaction code used by the financial institution to insure that a debit purchase clears an account first. An example of a “force pay” debit card transaction is if a consumer is at the gas pump and that consumer has $5 in their checking account.  Once the consumer swipes their debit card at the gas pump the merchant receives an authorization for $1.  The consumer then puts $50 worth of gas in their vehicle.  In this scenario the debit card transaction is paid and the financial institution is not allowed to return items to the merchant that are presented for payment.

How should financial institutions handle these transactions to make sure that they are in compliant with all regulatory requirements.  “Force Pay” debit card or ATM items that overdraw an account cannot be charged an overdraft fee if the account does not have an overdraft limit and the consumer has not “opted in” for Regulation E purposes.  Strunk met with David Stein, co-author of Regulation E, at the CFPB and he clarified for us that institutions should not be charging fees on consumer accounts if the bank would not normally authorize the electronic transaction. These are referred to as “no pay” accounts in CFPB terms. If a new customer checking account is in the waiting period before a limit is assigned, or if an accountholder’s limit has been taken away for some reason, you cannot charge an overdraft fee for these force-pay caused overdrafts, even if that customer has “opted in”. The basis for this position is to address any potential Unfair, Deceptive and Abusive Acts and Practices (UDAAP) application if a customer has no potential to receive benefit from your overdraft program.

Broker Dealers and Broken Controls

Managing a financial advisory or brokerage firm is no small task; from finding clients, to advising the ones you already have, and everything in-between, compliance and governance can be a necessary burden.  While going through the vast regulations that shape the industry, the specific tasks of testing, preserving and repeating, are often asked.  Most firms utilize Excel, Word documents, and PDFs to build out their internal policies and controls in response to these regulations.  Almost all of these controls have a quarterly, bi-annual, or annual requirement to report activities, statements, or other documents to a host of stakeholders.  While utilizing an established Excel or SharePoint solution may seem like a “good enough” practice, the risk of missing one of these control events can be detrimental to your firm.

With a strong policy management software your firm can update processes to help save time, money, and reduce overall risk.  Strunk’s Controls Manager solution is one of the most intuitive products on the market, unwinding the complexity of your policy and compliance book, so you can automate your policy controls process and operation.  Through the use of a strong organizational system to address your regulatory obligation, your firm will have a more logical and considered approach to compliance, such as a Controls Calendar, enabling your company to effortlessly respond to your requirements.

While a patchwork of common Office tools seems like the easy and cheap solution, the downside risk far outweighs the upside risk.  Strunk can help you manage these risks, and put your firm on a better strategic footing.

Opting in for Overdraft Protection

Banks and Credit Unions have been providing Overdraft Protection programs for many years but 10 years ago all debit card and ATM transactions that created an overdraft had to have consumer consent before the financial institution could pay the debit and charge a fee.

Prior to 2010, paper checks were nearly 50% of all debit transactions a bank would process and today less than 8% of all debits are paper. Consumers paying with a debit card or electronic transaction is a common practice and we are nearing the situation many predicted 30 years ago of a paperless society for banking transactions.

If consumers want to take home their prescriptions or groceries when paying with a debit card when there are insufficient funds in their account, a bank or credit union cannot automatically authorize the transaction. Beginning on July 1, 2010 a financial institution had to obtain opt-in for these transactions pursuant to Regulation E.

A financial institution can obtain opt-in via their website, in person, by mail, or over the phone. It is not required that a financial institution obtain a signature on the prescribed Federal Reserve’s A-9 form, nor do the forms have to be kept for any period of time. If a consumer opts-in, a confirmation of the opt-in must be sent to the consumer.

Opting-in is a great service for those customers who want flexibility in managing their account. Others may not see any benefit to opting-in. But it gives consumers complete choice on how they want their account handled when it comes to paying for things they need when they are short on funds.

Focus on Reg E Opt-in Now More Important Than Ever

It has never been more important to ensure that your financial institution has adequate coverage in regards to account holder Reg E opt-in. Reg E opt-in allows you to authorize ATM withdrawals and everyday debit card purchases, which may overdraw an account holder’s checking account, as long as they have provided their consent for you to do so.

Data recently released by a 2019 Federal Reserve Payments study shows that only 9% of all transactions in 2018 were from checks paid and 16% were via ACH. An overwhelming 42% of transactions were made via debit card. This decline in traditional transaction types, in favor of a debit card, means that it is extremely important to focus on the proper opt-in approach.

According to Part 205 of Electronic Fund Transfers (Regulation E), the financial institution must give “Reasonable opportunity to provide affirmative consent.”

A financial institution provides a consumer with a reasonable opportunity to provide affirmative consent when, among other things, it provides reasonable methods by which the consumer may affirmatively consent. A financial institution provides such reasonable methods, if—

  1. By mail. The institution provides a form for the consumer to fill out and mail to affirmatively consent to the service.
  2. By telephone. The institution provides a readily-available telephone line that consumers may call to provide affirmative consent.
  3. By electronic means. The institution provides an electronic means for the consumer to affirmatively consent. For example, the institution could provide a form that can be accessed and processed at its Web site, where the consumer may click on a checkbox to provide consent and confirm that choice by clicking on a button that affirms the consumer’s consent.
  4. In-person. The institution provides a form for the consumer to complete and present at a branch or office to affirmatively consent to the service.

By arming your team with the most effective procedures, you can be certain to achieve optimum opt-in for your organization. Strunk has a proven track record of achieving maximum results with financial institutions across the country. We help to more effectively reach your goals, all while remaining in compliance with applicable laws and regulations.

 

Audits and Exams and ODP, Oh My!

An audit or exam is approaching? Use ODP Manager to help you gather the requested documentation!

Do you need to supply samples of each letter sent using ODP Manager? In Collection Letters and Custom Letters, you can generate a sample PDF of each active letter template.

For the specified review period, do you need to identify accounts with overdraft limits added or removed? Reg E opt ins or opt outs? Letters generated?  In Events, you can search for all events that occur during a specified timeframe. Use filters to narrow your results to a specific event or letter.  Not only can you identify the appropriate accounts, but you can also export the list.

Do you need a convenient summary of all the account’s information contained within ODP Manager? In Account Inquiry, export the Account Profile as a PDF – it’s a convenient way to compile the information for account officers, auditors, or examiners. It includes an overdraft summary, comments, reminders, repayment plans, and an event history. Also, the Events tab allows you to review all the account’s events and regenerate PDFs of any letters mailed to the customer.

For any Overdraft Privilege Program review, ODP Manager makes compiling the requested information easier.

 

Managing Fee Waivers and Refunds

As the end of the year approaches, we have seen more and more clients loose potential additional fee income by waiving or refunding customer OD/NSF fees.  This is often lost income potential that is unknown to the institution. Generally most systems are set up to charge fees after the pay/return decisions have been made, so if the fees are waived the income never shows up on the general ledger as either income or the subsequent reversal of income.  Besides the reduction of fee income, waiving or refunding OD/NSF fees can also be a compliance issue.  Regulators have become increasingly sensitive to which accounts are not being held accountable for the fees that their activity dictates should be charged. For instance, if a high net worth individual is not charged overdraft (or other) fees that other accounts are routinely charged, this may be viewed as disparate treatment with all the ramifications that allegations of that nature involve.

The best solution to help alleviate both of these issues is to charge the fee “the night before”, or when the overdraft transactions are presented rather than waiting until the resolution of all items to post the fee. This helps accomplish the reduction in fee income simply because it requires more than a “click” to waive a fee, but rather a refund would need to be run for the reversal of the fee. This also allows for easier tracking of what is being given back to your account holders. With the gross fees as well as the individual refunds posting to the general ledger you can see at any given time how much the institution is giving away in fee income. From a compliance standpoint the institution is charging everyone on an equal basis – if an item overdraws the account then the account is charged – but the officer still has the discretion to refund the fee after the fact. This method is much more trackable and provides much more accountability for fee refunds.

Many of our clients cannot tell how much income they are giving back to customers each month. Part of the issue is addressed above regarding how to account for your fees and the associated waives, but the other issue is simply employees refunding fees back to customers when they ask for it, or sometimes even without them asking for it. In addition, very few institutions take the time to build reports, examine those reports, and hold their employees accountable on a consistent basis.

To assist in managing fee refunds, Strunk recommends that you implement the use of a “Refund Request Form” for employees to provide customers when they request a refund. This accomplishes multiple things. First, it allows the employee to avoid the face-to-face confrontation and having to make a snap decision. Second, it puts the emphasis for refunds back on the customer to show why it should be granted. This does not mean that we will no longer grant refunds, but we would like the customer to have to provide a valid reason why the institution should consider granting the request.

Technology Service Provider Contracts

Understanding the increase dependence that financial institutions have on technology service providers, bank regulators have increased their efforts to require banks to appropriately handle third-party risk management.  The Federal Deposit Insurance Corporation (FDIC) has identified gaps noted by some examiners regarding several technology service provider contracts that were inadequate under existing guidance.  These contracts were missing or inadequately addressed key terms, such as:

  • Requiring the service provider to maintain a business continuity plan,
  • Lack standards for data recovery along with appropriate remedies when a recovery standard is missed.
  • Defining key terms in the contracts relevant to business continuity and/or incident response. Contracts lacking these provisions violate the Interagency Guidelines Establishing Information Security Standards, promulgated under the Gramm-Leach-Bliley Act.

Vendors that provide technology related services can create special risks to depository institutions that need to be properly addressed in their service contracts.  The FDIC indicated that it plans to hold the board and senior management of financial institutions accountable for controlling those risks in accordance with the requirements of the law and its existing regulatory guidance.

Financial Institutions should be willing to hold their service providers accountable and negotiate an appropriate contract.  All financial institutions should have provisions that they review for all of their contracts with a robust vendor management program, this will help uncover any weakness in business continuity and data recovery early in the process.

 

Why is Overdraft Protection Important

Financial institutions across the country have to make decisions every day when it comes to accounts that show insufficient funds. Should the institutions pay an overdrawn item and take a chance the customer will pay them back or should they return or deny the transaction?

Most banks and credit unions charge the same fee whether they pay an item into overdraft status or return it to the merchant (in the case of paper checks). The question always comes up…who would want you to return the item to the merchant? Furthermore, what happens when the item is returned and what are the consequences to the customer? There is nothing good that happens when an item is returned and it only causes grief to the consumer. In this particular case, grief in the form of additional fees from the merchant or being redlined for future non-cash purchases.

Formal consumer centric overdraft payment programs started in the early 1990s and consumers have benefited greatly. Since the same fee is levied either way, the grief and embarrassment of returned checks is eliminated. For debit card or ATM transactions, consumers can decide on their own if they want the debit authorized or not. About half of a financial institution’s customers want to take the groceries or prescriptions home rather than being denied when using a debit card. Others never want to overdraw their account regardless of the situation.

This is the reason Overdraft Privilege and other forms of overdraft protection programs work. The daily overdraft decision process is easier for the financial institution and consumers like the program. A rare win-win in banking.

An independent certified public accountant has examined Strunk’s operations and found them to be in compliance with the AICPA’s Trust Service Principles. It was determined that Strunk meets the Security, Availability, Processing Integrity, Confidentiality, and Privacy criteria for SOC 2 established by the AICPA.