SDBA eNews

May 23, 2024

ABA Newsbytes: ABA, Associations: Fighting Fraud is a Multi-Industry, Government Effort

While banks have technology and infrastructure in place to help defend themselves and their customers, fighting fraud is a multipronged effort that includes consumer education, dedicated law enforcement and regulatory resources, and cooperation from telecommunications and social media companies, ABA and three banking associations said in joint comments to the Senate’s Permanent Subcommittee on Investigations.

The subcommittee yesterday held a hearing on Zelle and fraud. In their comments, the associations said that banks cannot win the fight against scammers and fraud on their own. “The activities of these criminals touch more than just the banking industry, and the efforts to counter frauds and scams must similarly be cross-industry,” they said. “Each step in the scam ecosystem—from how a scammer identifies consumer targets to how the money is processed—offers an opportunity to stop the flow of funds to the criminal. Focusing on only one aspect or one step in the process will not stop this surge of scams. Rather, a holistic approach to address all the entities and elements of a scam has the best chance of being successful.”

The associations pointed to ABA’s #BanksNeverAskThat anti-phishing consumer education campaign and banks’ substantial technology investments as examples of how the industry is fighting fraud. Still, they noted that banks can only provide the leads necessary for law enforcement to track down perpetrators. They also said that federal telecommunications regulators must take steps to prevent criminals from “spoofing” legitimate names and phone numbers to impersonate banks; that telecommunications companies must pursue meaningful initiatives to fight fraud; and that social media companies must proactively root out accounts impersonating bank employees or financial advisers who convince people to send them money for supposedly legitimate reasons.

Read the letter

ABA Banking Journal: CFPB to Define Buy Now, Pay Later Providers as Credit Card Providers

ABA banking journal

The Consumer Financial Protection Bureau today issued an interpretive rule to define lenders who provide buy now, pay later products as credit card providers under the Truth in Lending Act. As a result, BNPL lenders will be required to provide consumers with options currently available to credit card holders, such as the ability to dispute merchant charges through the creditor.

In a statement, CFPB said the BNPL industry has expanded rapidly in recent years. (A Federal Reserve survey released Tuesday found that 14% of U.S. adults last year said they had used a BNPL product in the past 12 months.) Like conventional credit cards, BNPL combines payment processing and credit services, while charging transaction fees to merchants, the bureau said. “Because BNPL lenders will typically meet criteria under existing law and regulation as traditional credit card providers, they need to extend many of the same rights and protections as classic credit card providers.”

As a result of the interpretive rule, BNPL lenders must investigate disputes that consumers initiate, refund returned products or canceled services, and provide billing statements, according to the CFPB. The bureau added that it is accepting public comments on the rule through Aug. 1.

CISA News: Always Keep Backups

An 'unprecedented' Google Cloud debacle saw a $135 billion pension fund's entire account deleted and services knocked out for nearly two weeks

cisa

What's the worst thing you've accidentally deleted without meaning to? I can assure you that it wasn't anywhere near as bad as Google Cloud deleting the entire customer account (including all backups) of $135 billion Australian pension fund, UniSuper, putting services for its over 615,000 members on the fritz for nearly two weeks.

As reported by Ars Technica, UniSuper picking Google Cloud for its digital services was a big enough deal to get its own press release, with the fund outsourcing crucial infrastructure to the internet giant—many companies do the same with Amazon Web Services⁠⁠.

While UniSuper said that pension payments were not disrupted by the outage, customers were unable to log into their accounts on mobile or desktop, and the fund's outage update timeline implies that transactions were unable to be processed during the blackout, with a data rollback to the end of April required once everything was said and done. Thankfully, UniSuper had kept a backup of its cloud data through another service, which helped in the full resumption of its operations.

But it's still not clear just how this occurred: The deletion of a multi-billion dollar client's account and every backup therein, bypassing all safeguards, knocking out financial services to hundreds of thousands of pensioners for two weeks is, in the words of Brass Eye, the one thing we didn't want to happen.

A joint statement from Google Cloud and UniSuper describes the deletion as resulting "from an unprecedented sequence of events whereby an inadvertent misconfiguration during the provisioning of UniSuper's Private Cloud services ultimately resulted in the deletion of UniSuper's Private Cloud subscription." What, that wasn't crystal clear to you? Basically, "it was a freak accident."

Software developer Daniel Compton points out that the vague language in Google and UniSuper's statement does very little to explain how this occurred on a technical level. Compton argues that one likely explanation was some error on UniSuper's part when using a common cloud infrastructure tool, but Google Cloud seemed to admit fault on its end in a statement during the outage, implying it was a bug on Google's end.

My theory? Some hapless Google employee was chasing a chimpanzee through the server room (you know how those permissive tech offices are, ball pits and whatnot), slipped on a roller skate, and accidentally hit the big red "Delete the Australian pensioners' data" button. They really should have installed a flip cover on that thing. Whatever the explanation may be, clearly no tech service is too big to fail, and you should keep redundant backups of any data that matters to you⁠, he says, ignoring his 20 year-old, 308-game strong Steam Library.

Full article

FinCEN: In Boston, Treasury Launches New Public-Private FinCEN Exchange Series to Fight Fentanyl Trafficking

Immediate Release, May 20, 2024

PROTECT FinCEN Exchange sessions set to promote public-private collaboration against illicit financial activity tied to the opioid trade

BOSTON—Today, as part of the Treasury Department’s Counter-Fentanyl Strike Force, the Financial Crimes Enforcement Network (FinCEN), in partnership with IRS Criminal Investigation (CI), announced a new initiative to combat the illicit trafficking of fentanyl into the United States. The “Promoting Regional Outreach to Educate Communities on the Threat of Fentanyl” (or PROTECT) series of FinCEN Exchange sessions will be held through the remainder of 2024 in U.S. cities that are highly impacted by the opioid epidemic. The series is specifically designed to work with regional and local banks who are deeply connected to their communities and offer unique perspectives on the opioid crisis, and will focus on how law enforcement can best support their efforts to monitor activity that may be tied to the illicit trafficking of fentanyl. At these exchanges, federal officials brief on information critical to tracking these illicit financial flows, including typologies and red-flag indicators of fentanyl-related activity, and discuss what types of information are particularly valuable when financial institutions report suspicious activity.

The PROTECT series is being launched in collaboration with other government partners, including the Drug Enforcement Administration, Homeland Security Investigations, Customs and Border Protection, the U.S. Secret Service, the Federal Bureau of Investigation, the Department of Justice Money Laundering and Asset Recovery Section, various U.S. Attorney’s Offices, and local law enforcement agencies.

“Treasury’s Counter-Fentanyl Strike Force continues to go after the millions of dollars that drug trafficking networks earn off their illegal activity, which claims the lives of far too many Americans each year – including thousands in Massachusetts,” said Deputy Secretary of the Treasury Wally Adeyemo. “We are committed to working at both the federal and local levels to marshal all of our collective resources towards cutting off the financial flows powering this deadly trade.”

“The PROTECT series will enhance FinCEN’s collaboration with our law enforcement and financial institution partners to combat the scourge that is our nation’s opioid crisis,” said FinCEN Director Andrea Gacki. “We are excited to begin this new chapter of public-private information sharing to help identify related illicit activity and enable the further disruption of fentanyl trafficking.”

“Last year, IRS Criminal Investigation and the Department of the Treasury launched the Counter-Fentanyl Strike Force to combat fentanyl trafficking, and this series builds on that cooperation by incorporating the financial industry into the fight,” said CI Chief Guy Ficco. “We are excited to build on what took place in Boston today and equip communities across the nation with the tools they need to identify suspicious financial transactions indicative of drug trafficking.”

Today’s event in Boston brought federal agencies and law enforcement authorities from the Boston area together with representatives from the financial industry for a discussion on ways to deepen collaboration and enhance the value of suspicious activity reporting to counter illicit fentanyl trafficking. FinCEN and law enforcement representatives highlighted the significant value that Suspicious Activity Reports contribute to law enforcement efforts to combat fentanyl trafficking, and financial institutions shared their observations on money laundering flows and tactics used by narcotraffickers and their enablers.

Launched in December 2023, Treasury’s Counter-Fentanyl Strike Force is bringing together personnel, expertise, intelligence, and resources across key Treasury offices to combat illicit fentanyl trafficking. FinCEN continues to call on financial institutions to monitor for and report suspicious activity related to the trafficking of fentanyl, fentanyl analogues, and other synthetic opioids, including on the basis of its 2019 advisory on the subject.

Full article

LAST CHANCE! Register for 2024 NDBA/SDBA Annual Convention

Don't miss your chance to be LIMITLESS at the 2024 NDBA/SDBA Annual Convention, held in Fargo, ND, June 3-5! The NDBA is offering an exclusive offer to first-time convention attendees, too! For the low price of just $195, first-time convention attendees can register for the full event! Bankers strive tirelessly to positively impact people and communities despite regulatory challenges, economic uncertainties, and technology shifts. Bankers throughout North and South Dakota know the boundless pursuit of doing good. While rapid change is certain, banking as a people business remains the same. Bankers face headwinds, solve problems, and see hope...always. Click here for full convention details and to register!

Women in Banking Power Hour | May 29 | Zoom

Are you wondering about the 2024 Women in Banking event? Do you miss your other WIB friends and colleagues? Are you ready to cut out early and join us for our second Women in Banking POWER HOUR? Join us virtually at 3:30 CDT/2:30 MDT on 5/29 for a Lead Strong: Women in Banking POWER HOUR (and a half).

Because we are GRATEFUL for all of you. Because we are GRATEFUL for our awesome industry. Because we are GRATEFUL to be done with work an hour and a half early on 5/29, we are offering this FREE, hour-and-a-half session. For these 90 minutes, we’ll be “Banking on GRATITUDE”.

WHAT'S ON TAP:

Melissa Hiatt, MA, CDWF, CDTLF, Strengths Communicator will present Unleashing the Superpower of Gratitude. There’s a difference between toxic positivity and the practice of gratitude. Gratitude does not deny the pain, the hardship, or the struggle, but stands in the midst of it. Gratitude keeps fear from growing and keeps our feet rooted to what is true today. As a result of this session, participants will be able to: define vulnerability as risk, uncertainty, and emotional exposure; identify the three most common methods used to protect oneself from vulnerability (perfectionism, numbing, foreboding joy); learn to counter perfectionism with self-compassion, numbing with mindfulness, and foreboding joy with gratitude.

GRATITUDE is associated with a myriad of benefits, both mental and physical. Feeling thankful can improve sleep, mood and boost your immune system. It can also decrease depression, anxiety, and chronic pain symptoms. Ummmm… YES PLEASE! Engage with colleagues in exploring and expressing gratitude. Just imagine how well you’ll sleep tonight!
We would like to RECOGNIZE our amazing workgroup who have been involved in planning this September’s event. Wondering what’s on tap for WIB this year? We’ll tell you! We think you’re going to like what’s coming.
We are THANKFUL to have this opportunity to network with our friends and colleagues. Say hello to old friends and meet someone new.

Registration is required to help us manage our Zoom numbers; however, there is no cost to attend. Here are the details:

Date: Wednesday, May 29, 2024
Time: 3:30-5:00 p.m. CT | 2:30-4:00 p.m. MT
Fee: Free and open to all bankers! (Registration is required, however.)
Platform: Zoom - Link will be sent out 24 hours prior to event.

Information and Registration

REGISTER TODAY: Understanding Bank Performance | Virtual

July 9, 11, 16, 18, 23, 25, 30, August 1

Participants will learn how to assess and analyze a bank’s financial performance by working with data from real institutions. Using financial statements from one sample financial institution along with statements from their own banks, participants will become familiar with the ins and outs of balance sheets and income statements and learn how to apply key performance metrics to the data presented in these documents.

Having learned how to interpret and analyze a bank’s financial statements, participants will gain deeper insight into the factors affecting bank performance. Later sessions in this course will address ways in which performance may be hindered or improved by funding strategies and risk management. Ultimately, participants will be able to review a bank’s financial statements to identify strengths and weaknesses and be able to recommend changes that will lead to improved performance.

In the final session of this course, participants will put what they have learned into practice. Participants will analyze a new data set, rate the bank’s performance and suggest strategic adjustments that might benefit the bank.

Information and Registration

Compliance Alliance logo

Q: When providing provisional credit during a Regulation E error investigation, are we permitted to withhold any funds in case some liability can be shifted to the customer?  

A: Yes, you are permitted to withhold a maximum of $50 from the amount credited. In general, if your investigation extends beyond 10 days you are required to provide provisional credit in the amount of the alleged error (including interest where applicable). But, if you have a reasonable basis for believing that an unauthorized electronic funds transfer has occurred and you’ve provided EFT disclosures, then you can withhold up to $50 from the provisional credit.

Learn how to put compliance management solutions from Compliance Alliance to work for your bank, by contacting (888) 353-3933 or [email protected] and ask for our Membership Team.

For timely compliance updates, subscribe to Bankers Alliance’s email newsletters.