- Education & Events
- Advocacy
- Products & Services
- Membership
- Resources
- SDBANKER Magazine
- SDBA eNews
- SDBA eNews Archives
- Legislative Update/Bill Watch
- South Dakota Bank Directory
- Women in Banking
- Scenes of South Dakota Calendar*
- Holiday Signs
- Regulatory Report
- South Dakota Banking Code
- Record Retention Manual
- Advertising & Sponsorship Guide
- COVID-19 Resources
- Mental Health and Crisis Prevention
- About
|
News
SDBA EventsOnline EducationCompliance AllianceABA Banking Journal: Trump administration says it won’t close CFPBFebruary 25, 2025
In a court filing this week, the Trump administration said it does not plan to eliminate the Consumer Financial Protection Bureau but instead transform it into a more streamlined agency. Earlier this month, Acting CFPB Director Russ Vought ordered bureau staff to cease all activities, closed the agency’s headquarters in Washington, D.C, and directed the Federal Reserve not to appropriate the bureau’s next round of funding. In addition, President Trump said during a press briefing that his goal is to close the CFPB. The federal employee union representing CFPB staff — the National Treasury Employees Union — filed a lawsuit in federal court challenging the administration’s authority to close down the CFPB without congressional action. In a motion responding to the lawsuit, the administration denied that it intends to shutter the bureau. Rather, the bureau’s headquarters was closed due to staff protests outside the building, according to the filing. Administration attorneys also pointed to the nomination of former FDIC Director Jonathan McKernan as CFPB director as evidence there is no plan to close the bureau. “Similarly, as Acting Director Vought noted in a letter to the Federal Reserve, the ‘bureau’s new leadership will run a substantially more streamlined and efficient bureau,’” they said. “The predicate to running a ‘more streamlined and efficient bureau’ is that there will continue to be a CFPB.” Back to TopABA Banking Journal: FinCEN urges financial institutions to ‘remain vigilant’ about relationship scamsFebruary 26, 2025 
The Financial Crimes Enforcement Network today issued a statement calling on financial institutions to remain vigilant regarding suspicious activity that may be indicative of relationship investment scams. Earlier this month, the Commodity Futures Trading Commission launched the #DatingOrDefrauding national awareness effort to alert the public to relationship investment scams targeting U.S. residents. As part of that effort, FinCEN released a statement with links to existing alerts and advisories it previously issued for financial institutions on several types of relationship scams, including those involving elderly financial exploitation and check fraud. FinCEN said financial institutions should use the specific Suspicious Activity Report filing instructions and key terms listed in the alerts and advisories. “SAR filings, along with effective [Bank Secrecy Act] compliance, are crucial to helping law enforcement detect, investigate and prosecute cases involving relationship investment scams,” the agency said. Back to TopCISA News: What is SIEM? Improving security posture through event log data
Security information and event management software collects information to help identify and track cyber breaches. Here’s how to understand their features and how they can help defend your enterprise infrastructure. Introduction to SIEMSecurity information and event management software (SIEM) products have been an enduring part of enterprise software ever since the category was created back in 2005 by a couple of Gartner analysts. It is an umbrella term that defines a way to manage the deluge of event log data to help monitor an enterprise’s security posture and be an early warning of compromised or misbehaving applications. SIEM grew out of a culture of log management tools that have been around for decades, reworked to focus on security situations. Modern SIEM products combine both on-premises and cloud log and access data along with using various API queries to help investigate security events and drive automated mitigation and incident response. “Cloud and on-premises are complementary directions here, because the cloud provides for effective scaling as data needs increase, and having an on-premises offering is useful, particular for those enterprises who want to save money by managing the operational aspects of their deployments,” Allie Mellen, an analyst with Forrester, tells CSO. The focus of SIEM products is to distill this vast quantity of telemetry to provide actionable and hopefully timely security insights. As the number of alerts increases, these products need to weed out the more important events for SOC analysts to focus on. This means careful and meaningful use of automation, orchestration, and various security response techniques. This latter point is why you now find SIEM features being integrated into other security tools. “Given more interdependencies, IT buyers must be aware of how deploying a SIEM solution will impact their existing ecosystem of security products, the costs involved, and the analysts’ experience,” writes Gigaom’s Andrew Green in a 2024 report. Over the years since SIEM was first recognized as a product category, its purpose and features have expanded in scope. The key components can cover several of the following technologies:
How SIEM worksA typical SIEM product follows three broad stages. First, it collects and aggregates data across a variety of network and applications’ infrastructure and security sources. Over the years, SIEM software has widened their focus to collect data from both on-premises and cloud-based systems. Their distinguishing feature is how much data they can ingest and categorize at any given time. “With more and more digital infrastructure and services becoming mission-critical to every enterprise, SIEM tools must handle ever-higher volumes of data,” writes Gigaom’s Green. As an example of their increasing complexity, Kubernetes logs can come in various forms, including general audit logs, controller process logs, API requests and responses, and scheduling events – all of which can contain critical security intelligence. This means potential buyers of a SIEM should understand the depth of coverage of a potential product. Next, they analyze and report in near-real-time on what is happening across your enterprise on any threats or detected anomalies. This drives the third stage to guide any responses, mitigations and recommend any compliance activities. Green and other analysts point out that as regulations proliferate, SIEM becomes essential and indispensable and in some cases its use is mandated by the legal regulatory compliance processes. Key benefits and components of SIEMSIEM products have several key benefits, matching their major component technologies. First, they enhance typical threat detection capabilities by having a broader view of what is going on across your enterprise. This could be supplied by combining their own threat intelligence and integrating with several public or private threat feeds. Since they collect these disparate event sources and combine with analyzing logs, they can provide a more comprehensive picture of the threat from initial compromise to eventual deployment. Typically, this is done with data dashboards and various visualization tools to be able to view and act on the various alerts. Many SIEM products began to offer additional user and entity behavior analytics (UEBA) as part of their toolkit. This looks at patterns of operations by both users and endpoints to establish predictable baselines. For example, one baseline could be if a user periodically visits a particular website or downloads a certain file collection at a certain time of day. A change in these patterns could generate an alert for the SIEM to analyze and evaluate as a potential security threat. In addition, SIEMs help to improve compliance and reporting functions, providing better audit trails and assessments of these events. Finally, they can centralize security management by integrating with a variety of existing security systems, such as SOAR, EDR, and other automation tools. Some of the SIEM vendors are moving towards combining the SIEM and SOAR functions into a single offering, such as with Microsoft’s Sentinel and Netwitness’ Orchestrator. One alternative is when two vendors combine forces, such as Recorded Future’s SOAR integrated into Google’s Security Operations SOAR. Other vendors such as Fortinet and Palo Alto Networks’ Cortex are keeping the two tool collections as separate products. “SOAR tools can start running independently of SIEM tools to strengthen an organization’s security posture and automate non-security processes as well,” says Gigaom’s Green in his October 2024 report linked above. The trend towards better security integration is another big benefit of SIEM, because it can reduce tool sprawl. “With so many tools in play, maintaining comprehensive visibility across the network becomes challenging. This fragmented visibility can result in blind spots, where security incidents may go unnoticed or unaddressed,” wrote Kim Larsen, the CISO of Keepit. Challenges and limitations of SIEMOne of the biggest challenges of implementing a SIEM is connecting it up to your existing security tool collection. “Many of the clients we talk to want a tool that is built into the workflows they use,” Mellen says. This seems common sense, but still isn’t universal because for a SIEM to be useful means it should integrate into many different places. The challenge is also for the vendors to offer as many integrations as possible to suit particular circumstances. Several analysts cited another obstacle, in having to find skilled personnel that can operate a SIEM product and use its many features. Another challenge is that there is a huge cost factor in data collection, because the best SIEM should be able to examine historical data patterns to draw their conclusions. Mellen mentions this in her blog about data pipeline management, where she says costs are directly the result of better and more indexing of this data. Plus, she tells CSO that “pipeline management is a natural fit into the SIEM, as it is the key to collecting, formatting, and routing of security data. Expect to see more of these integrations into future SIEM offerings.” Finally, finding accurate pricing is always a challenge. One bright spot is Logpoint’s transparent pricing page, where it will calculate the cost based on the quantity and features selected. Most vendors are more circumspect, or opaque until you move further down the sales process before they quote a price. Future of SIEMEven though SIEM products have been around for close to two decades, the category continues to embrace and extend its original purpose, thanks to adding UEBA support and other behavioral analytic methods, along with being able to tailor risks to improve correlation use cases and analysis. Most tools have beefed up their out-of-the-box correlation and alert rules, making them both more productive and easier to onboard and deploy. And as the world evolved to embrace more remote and mobile user access, SIEM products have improved their support of these situations to provide better reporting and more in-depth intelligence geared towards these circumstances. SIEM tools have also kept pace with the move towards machine learning and artificial intelligence. Many have added models such as OpenAI’s GPT4 so that they can work with typed natural language commands or be used to generate queries to help search for threat modalities. But this raises concerns for their accuracy and how the models are trained on private data or whether they will store privileged information in public clouds. The latest SIEMs also must keep pace with the latest complex multi-mode threats, just like other modern defensive tools. “When evaluating solutions, it’s important to decide whether you need just a SIEM or a unified tool for automating your security operations center,” writes Howard Holton, the COO of Gigaom. He suggests that analysts need to be able to differentiate SIEM from products that can be used to automate the daily SOC operations, and potential buyers should look at ways SIEM optimizes and integrates various data feeds and how it integrates with existing security tooling. Who are the leading SIEM vendors?There is more than two dozen different SIEM vendors. Gartner’s latest report lists Exabeam LogRhythm, IBM QRadar, Splunk, Microsoft Sentinel and Securonix Unified Defense as leaders. Our buyers’ guide includes several other vendors including Datadog Cloud, Fortinet FortiSIEM, Logpoint and OpenText ArcSight Enterprise Security Manager among others. Here are some questions to help evaluate and compare SIEM solutions:
Back to TopABA Banking Journal: The checking account wake-up callFebruary 24, 2025 | Mark Gibson
Understanding the changing reality of just what is a checking account anymore, and that different customers are trying to solve different problems.Common wisdom states that a banking relationship begins with a checking account. If that wisdom is true, a seismic shift is occurring in the banking industry. The vast majority of checking accounts are being opened by very large institutions. This has potentially large implications for future market share and revenue streams in the industry. Bank leaders benefit when they understand the checking account landscape and put proactive plans in place to reverse this trend. The most recent data from Cornerstone Advisors indicates that digital banks/fintech firms, megabanks and large regional banks (over $100 billion in assets) collectively opened 87 percent of all checking accounts in 2024. Banks under $100 billion accounted for only 4 percent of total accounts opened. There are several important drivers of this performance. Larger institutions have higher brand awareness, which puts them in the “consideration set” for many consumers. After all, if they haven’t heard of you, they are not going to buy from you. Second, large institutions and fintech firms have much larger marketing budgets to fund advertising and attractive cash incentives. For instance, Chase spent $4.59 billion on marketing in 2023, up 17 percent over the previous year. Finally, fintech firms have invested in innovative products. As a result, brand such as Chime and Sofi have garnered millions of new accounts in the past few years. Is it ‘the product’?This raises an important strategic question: Is the checking account still the basis for creating new consumer banking relationships? The short answer is – yes. Consumers overwhelmingly define their primary institution as the one where they have their primary checking account. The longer answer is that the checking account is really no longer a checking account. For many consumers, the checking account is a storage vehicle, while payment tools such as Venmo, Apple Pay, PayPal and others are their daily go-to for routine transactions. In fact, paper checks now account for less than 4 percent of all transactions, and many consumers do not even know how to write one. Some banks have addressed this new reality with categories of accounts such as “spend,” “save” and “invest.” Others have incorporated tools such as Apple Pay and Zelle into their checking products. This is a positive way to remain relevant to changing consumer needs and expectations. Nearly one-third of banks use cash incentives instead of, or in addition to, offering products with unique, attractive benefits. However, only 27 percent of consumers who recently switched cited the cash incentive as the reason for selecting their new institution, according to ProSight (formerly BAI Banking Outlook, 2025). Cash incentives may work, but by themselves they are not sufficient, and they can be very expensive. You might be thinking that these new approaches to product design sound wonderful, but the lack of flexibility of your core system prevents you from doing anything innovative. While it is true that core systems that don’t easily allow the addition of APIs do restrict your choices, the fact is that many ‘innovations’ that uniquely meet consumer needs can be accommodated by existing core capabilities. The key is doing the research to understand what those unmet consumer needs are and then working with your operations team and core provider to identify what you can do. “We re-branded a core checking product to highlight features that addressed customer’s hot buttons, and then led with that feature in our advertising,” said Larissa Murphy, advertising and content Manager at First Commonwealth Bank. “We saw new account volume more than double within less than a year.” However, more competitive products alone will not win this battle. For instance, any institution that has invested in a new, enhanced online account opening system is likely to have experienced a similar situation. Better products or systems are not like “Field of Dreams,” where Kevin Costner attracts thousands just by building a baseball field. The reality is that no one will know about your new product unless you effectively communicate it. Telling the world about itAn important critical success factor is putting marketing dollars behind your product so that people know about it. While banking is moving rapidly toward digital advertising, the most successful checking account banks often use television and direct mail to get their message across. It’s true that those traditional vehicles may be more expensive and more difficult to measure success, but it’s telling that even fintech firms rely heavily on them. Do they know something the rest of us do not? Large companies would not be using marketing channels that do not work. So the relevant question for community and regional banks is, “What is the right dollar amount and media mix for your institution?” While many people think that marketing and marketing budgets are some sort of voodoo, they are not – they are actually math-based, just like the rest of banking. The challenge is that it is less familiar math to most bankers. For instance, what is a new checking customer worth? If you cannot answer that, you cannot determine how much you can afford to spend to attract one. And if you cannot answer that, you cannot come up with a marketing budget to attract 100 or 1,000 new customers. It’s an enigma that financially driven bankers who calculate most other investments to the penny are willing to leave so much of the marketing equation to chance. Do we really think that Chase increased its marketing budget by 17 percent without facts and data indicating what the bank would get for it? So, basing the checking acquisition marketing budget on facts and data is a necessary step. But it’s not enough. Getting the message rightMost consumers don’t buy ‘banking products.’ Consumers are looking for solutions to problems. While the difference may be subtle, how you speak about your new product will make the difference between success and failure. A critical element of this is: Who are you trying to attract? The reason for this is that different types of customers have very different needs and are trying to solve different problems. For instance, while a young person just starting out is trying to stretch their paycheck, an older empty nester is trying to move money to their children and grandchildren. In order for a campaign to be successful, determine who you are speaking to and ensure you are hitting their ‘hot buttons.’ Another common problem in checking advertising is focusing on a need to communicate ‘all six benefits or features.’ This violates the immutable advertising law of keeping things simple. For instance, have you ever driven down the road and seen a billboard with 30 words? You are lucky to know who the sponsor was, let alone what the message was. The same principle applies to all other media channels. Determine what your primary message is and focus on it. If you are successful in doing that, you will have other places like a website landing page or a flyer in the branch to more fully explain the product and its full range of benefits. The medium is the messageThis phrase was coined by the communication theorist Marshall McLuhan to explain that the way information is delivered (the medium) is just as important as the content of the message itself. It is relevant here because the choice of media affects both the ROI of the marketing program and its ability to reach the right people. Marketing ROI is driven essentially by two things: the response rate and the profitability of the new customer or account. The medium impacts both of those. Let’s focus on the response rate first. If your marketing team takes the time to understand the media habits of the customer group you are trying to reach, they will be able to put marketing dollars into the media your prospects are using and not in media that other people are viewing. This drives up response rate and reduces overall media expense, both of which significantly increase ROI. The second component is related – reaching the audience you intended to at the profitability level you projected. Remember, you’ve created a message that is tailored to the needs and hot buttons of a specific group of people. Now, you need to get that message in front of them with as little waste as possible (other people see it because you pay for that with little return). By selecting the right mix of media and measuring and adjusting the mix based on results, you increase the chances of attracting customers with product balance levels and the profitability you intended. Beating ‘the 4 percent’“We can’t go head to head with the giant banks and fintech firms,” some community bankers may think. However, there are many successful community banks competing in the consumer checking space. Sun Tzu, the ancient military strategist, had sound advice for battling with much larger foes. “Fight the enemy where they are not.” In other words, do not compete head to head. Leverage your strengths and their weaknesses to meet the customer’s needs better than your larger competitors are able to. Effectively answering the questions of, “Who is our target customer?,” “What unique value can we offer them?” and “How are we going to efficiently reach them?” will go a long way toward banks implementing successful checking acquisition programs that handily beat the 4 percent benchmark. Back to Top SB 81 Signed by South Dakota Governor Larry Rhoden
SB 81 was signed on February 24 by South Dakota Governor Larry Rhoden. We proudly protect our financial freedom and information and are pleased to have found common ground with representatives from the NRA and NSSF on this legislation. South Dakota is #openforbusiness Optimize your Quad States Convention Benefits by
|
February 20, 2025 | David Strom
The 2025 ‘BIG BANK THEORY’ Quad States Convention is coming up June 8-10, in Rapid City, South Dakota at The Monument. We are still accepting partner agreements for advertising, exhibiting and sponsoring. This is your opportunity to reserve your exhibitor space, claim sponsorship opportunities and reserve ad space in our onsite program.
The school’s 
Participating in learning opportunities outside the bank can be challenging. Take advantage of the SDBA's extensive selection of webinars and on-demand training to enhance your banking expertise directly from your computer.
