Member Login
Search

SDBA eNews

May 21, 2026

News

SDBA Events

Online Education

ABA Banking Journal: Warsh to be sworn in as Fed chair on Friday

May 18, 2026

Kevin Warsh speaking on CNBC during 2025 interview. Photo: CNBC

President Trump will host a swearing-in ceremony at the White House on Friday for incoming Federal Reserve Chairman Kevin Warsh, the news site MarketWatch reported.

The Senate voted last week to confirm Warsh as the next chairman. Jerome Powell was chairman but his term as chair expired last Friday. The Feb board named Powell chair pro tempore until Warsh is sworn in.

 Original Article

 
  
Back to Top

ABA Banking Journal: Largest Bitcoin kiosk operator files for bankruptcy 

May 19, 2026 

Bitcoin logo

The largest operator of Bitcoin kiosks in the U.S. is shutting down amid increased regulatory scrutiny of the role of “crypto ATMs” in facilitating scams, according to news reports.

The Atlanta-based Bitcoin Depot announced it had filed for Chapter 11 bankruptcy protection and has shut down its network of kiosks, the crypto industry news site CoinDesk reported. Bitcoin Depot had more than 9,000 kiosks in operation last year in the U.S., Canada and Australia.

The company blamed state regulation for the decline in its business model. At least 29 states have imposed restrictions on convertible virtual currency kiosks like those operated by Bitcoin Depot, with Indiana and Tennessee recently banning the machines entirely.

The FBI’s Internet Crime Complaint Center received more than 10,956 complaints involving CVC kiosks in 2024, with reported victim losses of approximately $246.7 million.

Original Article

Back to Top

ABA Banking Journal: Clarity Act needs further refinement

May 19, 2026
Brooke Ybarra

As Congress considers legislation to create a regulatory framework for digital assets, there remain areas of the bill that could be strengthened, particularly when it comes to closing the payment of interest loophole for payment stablecoins, the American Bankers Association’s Brooke Ybarra told Bloomberg TV today.

The Senate Banking Committee last week advanced the Clarity Act by a bipartisan vote. ABA and others have urged lawmakers to use the bill to close a loophole that allows digital asset service providers to bypass the Genius Act’s ban on paying interest or yield on payment stablecoins.

Ybarra – who is SVP for innovation and strategy at ABA – told Bloomberg there remains too much ambiguity in the current text of the Clarity Act on whether it closes the loophole.

“You have a prohibition with two prongs ‘solely’ in connection with holding a payment stablecoin,” she said. “The use of the word ‘solely’ there is extremely constricting, and it is pretty easy to imagine how one would design a program with some other de minimis requirement that, all of a sudden, this (interest or yield) payment is no longer made in connection with holding a payment stablecoin.”

The bill also would establish an economic or functional equivalence test for making that determination, but different people have looked at the bill and come away with different conclusions on the types of payments that would be allowed, Ybarra said.

“It’s just a handful of words that we are seeking to have changed to just try to make that a little more clear,” she said.

Original Article

Back to Top 

FCC votes to issue ABA-supported 'know your upstream provider' proposal

May 20, 2026

Cellphone Network

The Federal Communications Commission today voted 3-0 to issue an American Bankers Association-backed proposal that would impose stronger “know your upstream provider” requirements on voice service providers that allow calls to pass through their network.

The proposal would require all voice service providers in the call’s pathway to collect certain information about the caller from the “upstream” provider — that is, the provider that originated the call — to better ensure each provider is transmitting only lawful calls.

Significantly, the proposal also seeks to strengthen the requirements for “A-level” or “B-level” attestations. Under the “STIR-SHAKEN” call authentication framework, calls are “signed” at origination with different levels of “attestation.” A call that receives an “A-level” attestation – the highest form of attestation – means the originating provider knows the caller and knows the caller has the legal right to the number that will be displayed in the recipient’s caller ID. If a call receives A-level attestation, it is eligible for vendors’ call branding designed to signal that the call is from a legitimate source, such as a green “checkmark.”

In a prior comment, ABA provided an analysis, cited by the FCC in its proposal, that found that more than half of a sample of 12,900 illegally spoofed calls received an A-level or B-level attestation. ABA called on the FCC to require originating providers to verify that the caller has the legal right to use the number that will be displayed in the recipient’s caller ID display when the caller seeks to place an A-level attested call.

In a statement, ABA President and CEO Rob Nichols applauded the FCC vote. “Bank impersonation scams and other illegally spoofed calls continue to reach consumers because of gaps that exist not only at call origination, but also throughout the call pathway,” he said. “Requiring diligence from every provider in the call path helps stop fraud before it starts.”

The proposal will be published in the Federal Register, which will begin a 30-day initial comment period.

Original Article

Back to Top 

CISA News: Hackers Using Teams

May 14, 2026 | 
cisa

Initial access broker KongTuke has moved to Microsoft Teams for social engineering attacks, taking as little as five minutes to gain persistent access to corporate networks.

The threat actor tricks users into pasting a PowerShell command that ultimately delivers the ModeloRAT, which has been previously seen in ClickFix attacks [1, 2].

Initial access brokers (IAB) like KongTuke typically sell company network access to ransomware operators, who use it to deploy file-theft and data-encrypting malware.

Cybercriminals have increasingly adopted Microsoft Teams in attacks, reaching out to company employees and pretending to be IT and help-desk staff.

The victims are convinced to run a malicious PowerShell command on their systems, which deploys the “ModeloRAT” malware.

ReliaQuest researchers observed this activity and say that it is a shift in tactics for KongTuke, who previously relied solely on web-based “FileFix” and “CrashFix” lures.

“This Teams activity, which appears to add to, rather than replace, that web-based approach, marks the first time we’ve seen KongTuke use a collaboration platform for initial access,” explains ReliaQuest.

“In the incidents we investigated, a single external Teams chat moved the operator from cold outreach to a persistent foothold in under five minutes.”

The campaign has been active since at least April 2026, with KongTuke rotating through five Microsoft 365 tenants to evade blocking, the researchers say.

To pass as internal IT support staff, the attacker uses Unicode whitespace tricks to make the display name appear legitimate.

The malicious PowerShell command shared via Teams downloads a ZIP archive from Dropbox that contains a portable WinPython environment, which eventually launches the Python-based malware, ModeloRAT (Pmanager.py).

The malware collects system and user information, captures screenshots, and can exfiltrate files from the host filesystem.

ReliaQuest notes that the ModeloRAT version used in this recent campaign has evolved compared to what was seen in previous operations, mostly in three ways:

A more resilient C2 architecture with a five-server pool, automatic failover, randomized URL paths, and self-update capability.

Multiple independent access paths, including a primary RAT, a reverse shell, and a TCP backdoor, running on separate infrastructure to preserve access if one channel is disrupted.

Expanded persistence mechanisms using Run keys, Startup shortcuts, VBScript launchers, and SYSTEM-level scheduled tasks that may survive standard cleanup procedures.

The researchers note that the scheduled task isn’t removed by the implant’s self-destruct routine, which wipes the other persistence mechanisms, and can persist through system reboots.

To defend against Team-initiated attacks, it is recommended to restrict external Microsoft Teams federation using allowlists to block these attempts at their start.

Additionally, administrators can use the indicators of compromise available in ReliaQuest’s report to hunt for attacks, signs of compromise, and persistence artifacts.

Original Article

Back to Top

SDBA Events banner

 

Convention

2026 NDBA/SDBA Annual Convention - EARLY BIRD RATE ENDS ON 5/22

June 15-17, 2026 | Bismarck, ND

Community banking is built on connection — between colleagues, institutions, and the communities we proudly serve. Across North and South Dakota, bankers collaborate, share insight, and lift one another up to make the industry stronger.

As our nation approaches its 250th anniversary, this year’s theme, Stronger Together, celebrates the shared values that unite us — collaboration, trust, and a steadfast commitment to doing what’s right. While the landscape may evolve, the heart of community banking remains constant. Bankers face challenges head-on, solve problems creatively, and move forward with optimism… always.

Join us in Bismarck this summer for the 2026 NDBA/SDBA Annual Convention, where we’ll celebrate our shared strength, honor our impact, and look ahead to what’s next.

Register by Friday, May 22, to access the early bird registration rate. Convention details and registration materials can be found here

farmandranchconservation2026 SDBA Farm & Ranch Profit in Conservation

Wednesday, July 8 | Virtual

Conservation programs are an often misunderstood, underused resource. The focus of conservation agencies and organizations in South Dakota is producer profit. This webinar will explain the conservation structure in South Dakota, where to start, beginning farmer/rancher benefits, what programs are available and how they help increase profit, and actual producer project run-through. 

This is a FREE event; however registration is required so we can adequately manage our Zoom account. Click here for the agenda and to register. 

Back to Top

 

REGISTRATION OPEN: 2026 SDBA IRA SCHOOL

September 22-24 | Sioux Falls, SD

The SDBA will host the 2026 IRA School in Sioux Falls, SD, on September 22-24. The Secure Act impacts two main topics: RMDs and death distributions. During IRA School, instructor, Matt Dickinson, will address these relevant changes. In addition, IRAs are one of the most complicated areas of bank personnel responsibility, and it is not possible to learn and understand everything. Continual education is necessary to ensure confidence. Working with IRAs is a process and must start with a strong foundation. This school can provide this foundation through a comprehensive curriculum.

This school is ideal for new IRA and experienced staff, this program is the quickest, easiest and most comprehensive coverage of IRAs and HSAs. The school will cover new and current IRA material, and previous topics covered at the school will be expanded. 

Registration is open! Click here to review the curriculum and register.

Online Education

online ed

Participating in learning opportunities outside the bank can be challenging. Take advantage of the SDBA's extensive selection of webinars and on-demand training to enhance your banking expertise directly from your computer.

GSB Online Seminars
OnCourse Learning
SBS Institute
ABA Training

Compliance Alliance logo

 

Learn how to put compliance management solutions from Compliance Alliance to work for your bank, by contacting (888) 353-3933 or [email protected] and ask for our Membership Team. For timely compliance updates, subscribe to Bankers Alliance’s email newsletters. 

Back to Top

UBB - sponsor
SDBA eNews Archive
View past issues of the SDBA eNews

Advertising Opportunity
Learn more about sponsoring the SDBA eNews

Questions/Comments
Contact the SDBA at 605.224.1653 or via email