Take Advantage of ODP Opt-In Opportunities

/in , , , , , /by

How are you communicating with your account holders in your Overdraft Privilege Program? Are you able to not only advise account holders of the benefits of Overdraft Privilege but also remind them that they can authorize Overdraft Privilege service for ATM withdrawals and everyday debit card purchases? Strunk’s overdraft management application, ODP Manager, allows you to do just that!

You should consider sending both Welcome and Reinstatement letters to your account holders when overdraft limits have been assigned or when account holders requalify for Overdraft Privilege. When you send these letters to accounts that have not opted in for Regulation E, you should remind account holders that they have the option to authorize Overdraft Privilege for ATM and debit card transactions. ODP Manager can identify the accounts that have not opted in and generate a letter that includes the Consent Form for Overdraft Services and information about other ways to opt in. You can even set up a form in ODP Manager to allow your account holders to opt in online.

Additionally, ODP Manager allows you to send a letter periodically to account holders in your Overdraft Privilege program who have not opted in to or opted out of the ATM/everyday debit card Overdraft Privilege coverage. This is another opportunity to explain this additional feature to your account holders and to provide a consent form and additional opt-in methods.

Once you start taking advantage of these additional opportunities, the ODP Manager software can help you monitor your progress using daily reports and a dashboard that tracks progress over time.

Tell Your Story … Before the Examiner Does

/in , , , , , , /by

Most bankers understand the importance of explaining their philosophy, strategic direction, successes and challenges to directors, auditors, examiners, analysts, and even their fellow executives and employees. They know it’s always better to tell their story before opinions are formed and judgements made about the condition and direction of their institution. Waiting until questions are asked after financial statements or audit reports reflect any weakness, or worse, when examiners arrive on-site, often means responding defensively to what is typically a very good story about management’s ability to identify, measure, monitor and mitigate risks. Given its undeniable importance, the best bankers excel at presenting the facts first and then reinforcing the message about the quality of their management team. If done efficiently, your comprehensive enterprise risk management report will provide the perfect opportunity to tell your story.

The issue is one of timing. Everybody’s busy and nobody has time to continuously repeat what we may naively assume is a message everybody has already heard and retained. But we aren’t always in front of the audience when issues arise. Examiners, for example, spend a considerable amount of time off-site analyzing the institution before coming through your doors. Their pre-work is critical to ensure an effective, risk-focused examination. In the process, it’s inevitable to have opinions formed and even CAMEL ratings roughed-out before speaking with management. Bankers must ensure their own viewpoint is timed to arrive before being judged by examiners, directors, auditors, and others. In particular, your enterprise risk assessments should clearly communicate management’s perspective on all risks, and especially your highest risks.

Equally important is presenting all the facts in a credible manner. The truth eventually comes out, and if people closest to the work fail to acknowledge high risks and other issues before they are obvious, it means they either can’t be trusted because they hid the facts, or they are deficient because they didn’t know the facts. Bankers conduct comprehensive risk assessments for this exact reason: identify the risks and then measure, monitor and mitigate them. ,Risk assessments are fundamental to the business of banking. Done right, they ensure no stone is left unturned and they validate management credibility. They provide the facts backing the story.

Identifying risks comes naturally to most bankers – we’re in the risk taking business after all – but completing and communicating risk assessment results has often been labor intensive and time consuming. If not done efficiently, individual and enterprise risk assessments can drain resources, incur opportunity costs by diverting resources from other important assignments, and lead to frustration and corner-cutting. The key is ensuring individuals closest to the action conduct or oversee the risk assessment in their functional area, but not require them to spend an inordinate amount of time on the work. About an hour each quarter should prove sufficient at most institutions for executives to complete the task…provided they have the right tools to perform the assessment.

Most bankers appreciate how important it is to tell their story to the right audience before opinions are formed and judgement passed. Comprehensive Enterprise Risk Assessments present a golden opportunity to do just that if they can be done efficiently and without draining resources or busting the budget. Enterprise Risk Assessments are the perfect way to back your story with facts.

Technology Service Provider Contracts

/in , , , , /by

Understanding the increasing dependence that financial institutions have on technology service providers, bank regulators have ramped up their efforts to require banks to appropriately handle third-party risk management. The Federal Deposit Insurance Corporation (FDIC) has identified gaps noted by some examiners regarding several technology service provider contracts that were inadequate under existing guidance. These contracts were missing or inadequately addressed key provisions, such as:

  • Requiring the service provider to maintain a business continuity plan,
  • Lacking standards for data recovery along with appropriate remedies when a recovery standard is missed.
  • Defining key terms in the contracts relevant to business continuity and/or incident response.

Contracts lacking these provisions violate the Interagency Guidelines Establishing Information Security Standards, as promulgated under the Gramm-Leach-Bliley Act.

Vendors that provide technology-related services can create special risks for depository institutions that must be properly addressed in their service contracts. The FDIC indicated that it plans to hold boards and senior management of financial institutions accountable for controlling those risks, in accordance with the requirements of the law and its existing regulatory guidance.

Financial Institutions should be willing to hold their service providers accountable and negotiate an appropriate contract. All financial institutions should have provisions that they review for all of their contracts, along with a robust vendor management program that will help uncover any weakness in business continuity and data recovery early in the process.

Latest ODP Manager Enhancements

/in , , , /by

At Strunk, we are committed to providing best-in-class software solutions, and are constantly providing enhancements that we feel will best serve our clients. This month we are pleased to announce the addition of ODP Manager Dashboard within our industry-leading overdraft management application, ODP Manager.

ODP Manager clients will now be able to see their performance over time, as well as in comparison to our entire customer base, for five key indicators: Percent with Limit, Percent Opt In, Overdraft Fee, Consumer Overdraft Limit, and Business Overdraft Limit. The dashboard will graphically display the organization’s performance in purple as compared to the 25th, 50th and 75th percentile statistics for our entire client base. The Dashboard will also display the organization’s monthly trend for Percent with Limit and Percent Opt In.

Each quarter we will email clients a summary of their performance, along with tailored recommendations to address areas that may need attention. We believe the new ODP Dashboard will help clients more effectively monitor overdraft program key indicators and improve performance over time.

Law Firms Seeking Plaintiffs to Sue Credit Unions

/in , , , /by

Law firms have started using social media and web advertising to recruit class action plaintiffs to sue credit unions regarding their overdraft practices and disclosures. Demand letters or complaints filed may make several allegations, including:

  • Violations of EFTA and Reg. E, even where the credit union uses the Model A-9 form.
  • Breach of contract due to unclear or ambiguous terminology in account agreements, such as lack of clarity as to how the credit union will determine that there are insufficient funds in the account.
  • Violations of state consumer laws, such as California’s Unfair Competition Law, New York’s statute addressing deceptive acts and practices, or New Jersey’s Consumer Fraud Act.

Strunk agrees with the risk mitigation recommendations from the CUNA: Credit unions should review their processes for handling reinitiated/resubmitted incoming electronic debits to member accounts that the credit union previously returned unpaid due to insufficient or uncollected funds resulting in an NSF fee. If your credit union charges another NSF fee for reinitiated/resubmitted items that are returned unpaid again, review your account agreement to ensure it discloses that NSF fees may be imposed on the same transaction.

If your credit union assesses overdraft fees based on available balance rather than actual balance/ledger balance, review your account agreement to ensure it contains a description of how certain transactions, such as debit card pre-authorization holds and check holds, impact the available balance, including examples of each. For debit card pre-authorization holds, ensure the account agreement discloses how subsequent debits to the account impact the available balance and that an overdraft fee could be assessed when the debit card transaction posts to the account taking it negative.

It has always been Strunk’s recommendation to precisely disclose the method used to calculate available balance in your account agreement. Because Strunk ODP documents refer to the use of Available Balance, which should be properly disclosed in the member account agreement, there are currently no recommended changes to Strunk’s ODP documentation. We will provide additional information if there are any upcoming changes to our disclosure documentation.

An independent certified public accountant has examined Strunk’s operations and found them to be in compliance with the AICPA’s Trust Service Principles. It was determined that Strunk meets the Security, Availability, Processing Integrity, Confidentiality, and Privacy criteria for SOC 2 established by the AICPA.