Strategically Speaking

Subscribe via E-mail

Your email:

Strategically Speaking

Current Articles | RSS Feed RSS Feed

NIST Cybersecurity Framework Standards


Karen Crumbley Author: Karen Crumbley,

The Latin phrase E Pluribus Unum or “Out of many, one” printed on coins could summarize the National Institute of Standards and Technology (NIST) document released last month titled, Cybersecurity Framework Standards.  The message is easy to understand; businesses must take an active role in protecting their assets through cybersecurity awareness thereby “increasing the cybersecurity posture of the Nation’s critical infrastructure as a whole.”  The document further explains, “This approach is necessary regardless of an organization’s size, threat exposure, or cybersecurity sophistication today.”

There is little guessing as to why NIST was compelled to publish these standards.  Major retail store breaches involving card security fraud have brought this topic to the forefront.  Financial Institutions (FIs) want federal legislation in place to protect them from costly incidents due to retailer insufficient security standards.  Card brands are also under heavy scrutiny regarding their security controls and technology.  Retail customers have had their financial informationcybersecurity compromised.  There are clearly multiple stakeholders when it comes to cybersecurity breaches.  The FI cannot mitigate all of the risks on their own.  Everybody must get involved to defend against cybersecurity.

Another positive aspect for FIs is that the NIST Standards genuinely complement business customer educational efforts FIs are providing to raise awareness regarding cybersecurity and online banking transactions.  For example, the framework enables organizations of all “size, degree of cybersecurity risk, or cybersecurity sophistication- to apply the principles and best practices of risk management to improving the security and resilience of critical infrastructure.” 

The document breaks down five Framework Core Functions

  1. Identify cybersecurity risks to systems, data, and capabilities. 
  2. Protect by developing the appropriate safeguards to ensure delivery of critical infrastructure services. 
  3. Detect by implementing appropriate activities to identify the occurrence of a cybersecurity event. 
  4. Respond by taking action regarding a cybersecurity event. 
  5. Recover by maintaining plans for resilience and moving back to normal operations as promptly as possible. 

In line with the previous list of five core functions, there have been continual efforts by Congress and the Senate regarding federal breach notification laws in recent years.  If passed, the federal legislation would provide uniform procedures for all businesses that experience significant data breaches.  However, the question that continues to resurface for this initiative is, “Do we need security regulation as well?”  Interestingly, FIs are no stranger to standards in security when it comes to their own network environment.  They have had regulatory requirements and guidance in place to advance this initiative for eons.  Now, FI business customers may begin to experience some of those same regulatory realizations.  Although the NIST document provides a “framework for improving critical infrastructure cybersecurity”, ultimately there is no push to require businesses to implement any of these standards.  However, the publication signifies something important - cybersecurity as a standard business function.  Regardless of the outcome of this voluntary NIST framework, FIs, government, consumers, and businesses all need to put forth the effort to improve the existing security gaps and work as one, not in opposition.

E pluribus Unum…

Learn More About ProfitStarsInformation Security \u0026amp\u003B Risk Mgmt Solutions


The “Art” of the Partnership


Danny Payne Author: Danny Payne,

I thought I would keep this post simple and stick to something closely related to my world.  Webster’s dictionary defines a partnership as “a legal relationship existing between two or more persons contractually associated as joint principals in a business.”  That’s surely a clear cut way to define a partnership, but it might not define the kind of partner your business is looking for.  A true partnership finds a balance in all the ups and downs that each day bringsPartnership us and works for the betterment for both sides.  Like a personal partnership, a corporate partnership also seeks out the right partner to create a mutually beneficial arrangement that addresses the needs of both parties while avoiding setbacks or obstacles to the other.

So, how do you define a “good partner”?  What makes a good partnership work between two companies with two products?  Here are some principles to follow:

  • Role Definition – What does the company bring to the partnership, and how does your company benefit from partnering?  How involved do you want this partner to be with your customers/prospects?  Does this fit the mold of the type of organization you want involved with your customers/prospects?  Who is the face of your organization engaging with those people buying?
  • Goals - The goals of both companies need to align and the results must be beneficial for both groups.  Without a cooperative plan, one side will always be looking for something more from the partnership.  Collaboration, communication, compromise are all critical to establish the best objectives.
  • Synergy - The product, sales, and operational teams must work in cooperation to create as much synergy as possible between both companies to create a solution that shows the partnership to the prospect/customer.  Ineffective sales and delivery partnerships are doomed for failure
  •  Flexibility - A true partnership is flexible and the services delivery channel partner in the same way is serves the partner’s product being sold.  If there is a unique opportunity to service a current VIP customer of the channel partner, the product partner may have to commit to specific pricing or delivery dates to better serve the overall relationship.
  • Longevity - The toughest part of any good partnership is the relationship that happens after the execution of the sales plan.  Being the same strong, loyal, and dedicated partner is the true test of time.  Especially when there aren’t as many sales, but now there is ongoing revenue.  This, in my opinion, is the partnerships you are looking for.

The list could go on and on, but there are a few core values when opening up your company, your bank, your credit union, and even your team to a solutions partner that has their own list of ideas and agendas coming into the partnership.  Every partner is unique and provides another exciting opportunity to another set of customers or another set of products, but it’s complicated and you need to know with whom you are sharing and exposing your customers.

There are partners “born” every day, and press releases to follow.  The very best partnerships do not involve a lot of pomp and circumstance, they involve results.  The partners worth the time, energy and resources involved to make it successful are those that follow some or all of the guidelines above, and at the heart of it have as much invested in your success as their own.  While some partnerships just “happen”, the truly powerful partnership is researched, analyzed, assembled, cultivated and nurtured.


Technology Buzzwords


Author: Eric Wilson,

There’s no debate that technology is drastically impacting the financial services industry and our daily lives.  As new products and technologies emerge, along with them comes new terminology.  Here are a few buzzwords you are likely to hear a lot more of in the future and why they matter.

Responsive Web Design

Applications that become heavily adopted are usually the ones that have a great user interface design.  When everything is the right size and in the right place, using a well-designed application can be a pleasant and seamless experience.  Really good software designers and engineers know this and tend to be highly skilled at making the most logical use of available space. 

Interior designers use a similar approach with a technique called “space planning”.  If you have a floor plan with dimensions, you can design a room before ever actually seeing the place. 

A fine strategy…until the dimensions change!  When you move to a house with a new layout, your design will be different.  

The same problem can occur when trying to use a software application across devices ofResponsive Web Design various screen sizes.  What may work great on a 17” desktop monitor with a keyboard and mouse can be ineffective to use on a 4” smartphone with a touch screen.   

Responsive web design will help move web based products toward a device agnostic culture.  The concept is for the application to “respond” based on the user’s equipment in order to provide a high quality experience on all devices.

It accomplishes this through flexible layouts, images, and grids that intelligently adapt to a user’s environment.  As you view the product on different devices (or flip them on their side!), the screen layout may change in ways that are more appropriate for the device you are using. 

In the future, many web applications are likely to shift towards a responsive design approach.  Since web design is as much of an art as it is science, how well it responds to different devices will be a huge part of a product’s adoption rate.  Consider this when looking at cross-device compatible products for you and your customers.

Internet of Things (IOT)

The number of physical objects connecting to the internet is expanding at an extremely rapid rate.  It is estimated that there will be 26 billion “things” connected to the internet in 2020.  We are talking about much more than PC’s, tablets, and smartphones.  These devices can be anything from thermostats, appliances, health monitors, or anything else that has an on/off switch. 

When you add the internet into the equation, the physical objects around us can transmit data related to their function and even work collaboratively with other devices.  Here are some examples of how internet connected objects are already being put into action in an attempt to improve the overall quality of life. 

  • Sensors are being used to provide information on the source and freshness of food. 
  • Advanced detection systems have been created to alert or notify potential natural disasters of emergencies. 
  • Thermostats and other household devices can be controlled and monitored remotely.

Coordinated devices working together (often without human input) can impact everything we do. The opportunities for innovation are endless. 

Regardless of how you feel about it, the Internet of Things seems headed to our front door, and it’s likely to have a big impact on everything.

Data Science (especially with Big Data)

The amount of data being stored in the world today is so large we will need more words added to the English language just to quantify it!  Stored data is now into the zettabytes. (In case you are interested, the order goes gigabyte, terabyte, petabyte, exabyte and zettabyte.)  There’s only one numbering value left (yottabyte) before we will need new words to describe the size of all that information.

Almost all industries are realizing that there is huge potential in data.  According to the McKinsey & Company:

“Big Data is the biggest game changing opportunity for marketing and sales since the internet was invented almost 20 years ago”. 

If you work in the financial services industry, you probably already see data analytics in action assisting executives and risk management professionals with risk mitigation and regulatory compliance. 

Data science incorporates mathematics, models, and other techniques to extract knowledge from data (especially “Big Data”).  As data pools continue to grow and sources of data are combined, good tools to help people analyze all that data will become increasingly essential.

Maybe you’re already using one or all of the technologies I described, or these buzzwords were common knowledge to you.  If so, please share your experience – we’d love to hear from you. 

Data, Data, Everywhere


Author: Paul Miniutti,

The new National Security Agency’s Data Warehouse Center outside of Salt Lake City, Utah spans 1.5 million square feet.  That’s enough space to fit over ten average sized Costco’s.  Some unconfirmed estimates put the data storage capacity at 500 million terabytes.  And that’s, well, a lot.

According to IBM, every day we create 2.5 quintillion bytes of data.  When you consider that this blog post accounts for about one thousand bytes, do the math on that daily number, I dare you.

We are in a new era of data creation and consumption.  You may have heard of the term, “big data”, which refers to a collection of data from traditional and digital sources inside and outside your company that represents a source for ongoing discovery and analysis.  Or put another way - a “ginormous” amount of data.

There’s obviously a lot of data and a lot of things businesses can do with that data.  But data itself does not equate to intelligence.  The challenging part with big data is being able to produce useful analytics from it that provide real business value.  It is critical to constantly assess the value of the analytics produced.  There have been numerous reports that cite the difficulties businesses are having in producing a healthy ROI for the data warehouses they have built.  Some of the challenges include:

  • Infrastructure costs
  • Data security
  • Finding adequately skilled staff
  • And producing analytics that drift from providing useful information to helping drive the business. 

With big data the trick is to start small.  Understand the growth potential and infrastructure costs to securely support data growth. Prove that the technology you will use can be supported with your staff.  Analyze small subsets of the data to confirm the value it holds for your business.  And, put motivated, inquisitive, dedicated folks on the development team as the technology and analytics needed will surely change.

Compliance, the Missing Piece to a Managed IT Service Puzzle

Author: Jenny Roland-Vlach,

As IT environments are becoming increasingly complex, more community financial institutions are looking to outsource monitoring and management of some of their entire IT infrastructure. As anyone who has ever been part of a new product or service implementation knows, there are times when certain items seem to fall off the radar. Of course, this does not always happen intentionally. Given the complexity of implementing new products and services, especially a managed IT service, it is likely that steps to address risk/compliance will either be overlooked or postponed to be dealt with at a more convenient time.

This is concerning to me because compliance should be considered and addressed during each step of a managed IT service roll out; before, during and after the process. Initially, incorporating a managed IT service into your network will impact your IT Strategic Plan and Vendor Management service level standards. Specifying and clarifying performance expectations for vendor relationships and measuring to these standards are important risk/compliance objectives as well as examiner expectations. Consider, for example, how a managed IT service will impact your infrastructure needs (current and future), IT and business innovation objectives, and risk/regulatory requirements. These items should be documented in your IT Strategic Plan. Appropriate due diligence must also be completed for managed IT services, especially given the criticality of the service to your institution.

Your existing policies and procedures will certainly be impacted when outsourcing any level of IT management. Changes to your governance structure or assignment of responsibilities are a prime example of this. To expand on this idea a bit more:

  • You will need to document which members of your internal personnel will be involved in the development, operation, and supervision of the managed IT service.
  • Will there need to be additional training and which individuals will be responsible for reviewing monthly and on demand reports?
  • In addition to enhancing your existing policies, you may find yourself having to incorporate new policies such as a cloud computing and storage policy or a data classification policy, if your institution does not already have such policies in place.
  • Of course, as with any new product or service implementation, you cannot forget about your GLBA risk assessment. It should be updated accordingly to address how the managed IT service helps you to mitigate risks associated with your network infrastructure.

At the end of the day, your ability to document your institution’s risk and compliance efforts will prove essential. You should be able to demonstrate to examiners that you have addressed the additional compliance elements that come with sharing IT management with an outside service provider and that you can prove that the vendor is doing the job they contracted to perform for your financial institution. Remember, implementing and overseeing a managed IT service doesn’t stop with deployment. Managed IT services are incredibly beneficial partnerships for community financial institutions looking to improve not only their IT environment, but also business innovation and productivity. Including risk/compliance initiatives as pieces of the managed IT Services puzzle will help to ensure your IT environment is operating at its most effective state.


To Learn More About Managed IT Services Visit the ProfitStars Website

Navigating Your Way through the Cloud


Author: Jeremy Taylor,

Navigating your way through today’s cloud computing landscape can be a daunting taskNavigating the cloud for even the most experienced IT engineer. Cloud computing offers many advantages over traditional models, but comes at a cost and presents challenges that need to be considered well in advance of taking the plunge. So how do you determine if cloud computing is right for you? Let’s take a look at some of the more important aspects to consider which should help you make an educated decision.


Perhaps the single most important aspect to consider when selecting a cloud provider is the security they offer. If you are going to consider moving any aspect of your computing environment outside the confines of your own walls you’ll want to be certain that the data you relocate is secure. Make sure the cloud provider you choose has a solid solution for securing and encrypting data, both at rest and in transit. It is also important to certify they are compliant with industry governance standards such as SAS70 and SSAE16. It’s important for your cloud provider to meet the same auditing requirements that you are required to meet in-house for your organization. Research and due diligence up front can save a lot of headaches and audit write-ups down the road.


The second most important feature is insuring that you have a reliable connection to your cloud. This will guarantee that you can provide close to the same level of functionality and performance as you would otherwise be able to maintain in-house. Insure that you have adequate bandwidth from your organization into the cloud. Doing so will make certain there is minimal impact to your users who have come to expect a certain desktop experience. Redundant connections should also be considered to safeguard against Telco outages. There will always be trade-offs when moving to the cloud, but the key is to minimize these trade-offs and prioritize them.


We certainly can’t negate the importance of cost when considering moving to the cloud. While there are many ways that cloud services can save you money, it’s not always a slam dunk. Moving to the cloud may require an increase to current bandwidth allotments or the purchase of additional equipment to provide a successful migration. There is the potential to save a great deal of money when moving to the cloud, but make sure you spend time performing a cost analysis first to determine if the financial aspect of cloud services is worth the cost for your organization.

Cloud computing has become a huge part of the IT landscape today and many individuals and companies alike have embraced at least a small slice of the technology. As is true with any emerging technology, however, it is important to adequately measure the cost and risk associated before determining if, and to what level, you will embrace the cloud.

Already embraced the cloud? Share your experience. 

How Does Customer Profitability Increase Our ROE?


Author: Cheryl Wondrasch,

“Cheryl, how does customer profitability increase our ROE?”  I received this question on one of my first customer profitability installation and training sessions from the CEO at the bank.  At that time, I was shocked by the question.  How could you spend money on a system if you didn’t know what to do with it?  I’m not criticizing him; I’ve received the same question in different context for the last nine years.  I’ve done several presentations on how to get the most from customer profitability.  So many, I wonder if anyone is listening!

So how would I answer that question today, nine years later?

  1. USE the information!  Customer profitability provides you with a stacked rank list of your most profitable to least profitable customers.  Because customer profitability has a financial focus, some institutions think of it as a finance only tool.  Customer profitability information becomes more valuable if it is widely distributed.   Consider segmenting your clients into “gold, silver or bronze status”.  Then provide access to these rankings to your front-line employees through a core or CRM feed and instruct them on how to treat these most valuable clients.
  2. Think outside the box, a loyal customer is not always a profitable customer.  The results are not always popular, but customer profitability is only one factor in customer retention. Is it important to retain all your clients or more essential that you retain your most valuable clients?
  3. In most financial institutions, 70% to 80% of their customers are either breakeven or unprofitable.  Bankers do not like negative numbers – be prepared to defend the assumptions.
    1. Have a retention plan for your most profitable customers.
    2. Find customers in the bottom 10% not related to credit issues.  What would you do with the customer that has twenty high-rate $2,000 CD’s?
    3. You can decrease the number of customers you have and INCREASE profit.
  4. Decide on your financial focus; is it ROE, profit, or contribution?  If equity and funding is an issue, focus on ROE, if net income or profit increase is your objective, use that as measurement.
    1. If you’re looking at a pricing opportunity, you may want to focus on ROE, or incremental profit.
    2. If you’re designing a marketing campaign, use profit tier or rank.
  5. Effectively setting pricing to enhance net interest margin is essential for profitability.  Using customer profitability and pricing tools, you can understand the impact of rate, balance and risk rating changes to ensure you are effectively setting prices.  Additionally, knowing how low you can go for your most valuable customers is only available with profitability data.

Putting this information into action has its rewards!  Financial institutions that actively analyze and use customer profitability information generally drive NIM that is six basis points or more above their competition. For a $500 million institution that is $300,000 annually!


To Learn More Register for Our Upcoming Customer Profitability Webinar

What Are Your Keys To Successful Business Development in 2014?


Pat True Author: Pat True,

The world of financial services has changed in countless ways during the past twenty years.  As much as things have changed though, the true benefit of community based financial institutions is still their ability to connect to their local market.  While technology can help, the key to winning new business still lies with your most valuable asset – your employees.  You can have the best client management systems in the world and the best systems for serving those clients; but if your people are not skilled in uncovering new business opportunity, Growing your businessyour organization will not sustain growth.

There are two ways to grow a business other than through acquisition; 1) Sell more services to existing clients, and 2) Develop new clients.  While your organization can grow with either of these, the best solution is to do accomplish both.  So how will you do it?

  1. Hire the right people for business development.  Recently, a banker summed up the changes in the industry like this – “When I began working as a lender in the late 80’s I had to account for every minute I spent away from my desk.  Now, lenders have to account for every minute they spend at their desk.”  The culture has changed.  Today’s lenders must be skilled at developing and nurturing leads.  They must have their finger on the pulse of the local community and take the time to study local industries.
  2. Cross train your staff.  Take steps to assure your branch personnel are familiar with the basics of all the services you offer.  Consider establishing incentive programs to encourage employee referrals.
  3. Spend some time and resources ensuring that your calling officers are effective in their positions.  Use some grassroots techniques to share knowledge.  Lead your staff in book discussions or do something as simple as having your newest calling officers ride along with your sales champions.  Build a culture of sales growth through mentoring and motivation.
  4. Have a plan for uncovering business referrals from existing clients.  Leverage your client satisfaction by asking for referrals, and even offering simple referral incentives.
  5. Establish goodwill – even with your declined loan requests.  When you have to decline a prospect for a loan, develop a process for referring them to an alternative lender who might be able to meet the financing need.

These things may seem simple, but most of us fail to step away from the day-to-day to look at the big picture and see how our overall growth strategy is progressing.  If you spend some time each quarter to review your high level strategy, you will find opportunities to enrich both your balance sheet and your employee’s experience at the same time.

Please take a moment to share your ideas.  How are you nurturing growth in your organization in the New Year?


Your Guide to Today\u0026#39\u003Bs Most Promising MarketsLearn More Here

Pharming Attacks: What You Need to Know to Keep Your Website Safe


Author: Damon Xanthopoulos,

Web fraud attacks that target financial institutions and their online banking users continue to skyrocket – primarily because cyber criminals understand that authentic website validation, a prerequisite for secure online transactions, is often misunderstood or unaddressed entirely. The knowledge gap between the attacker and their target continues to fuel increased identity theft and stolen funds activity through the use of clever phishing and pharming techniques that take advantage of the end user’s assumption that transaction conditions are safe when they are not.

The term “pharming” is taken from the words Website Security“farming” and “phishing.” Both phishing and pharming attacks seek to obtain access credentials (such as user names and passwords). But while phishing is a type of social-engineering attack, pharming targets the provider infrastructure and can be detected and prevented.

Pharming attacks are among the most virulent and devastating security breaches a company can suffer because end-users are unaware of the compromise. For this reason, pharming has become a major concern to businesses hosting ecommerce and online banking websites, leading the FDIC to issue guidance on this topic.

In order to protect your customers’ sessions on your website, it is important to be aware of three common pharming techniques:

  • Website Defacement refers to an attack that:
    1.   Alters your website’s content with potentially offensive or erroneous images and text.
    2. Involves a hacker placing imperceptible code on your site which is activated when a user accesses it. This technique can often trigger a download of malicious code onto the user’s hard drive which may be controlled by a hacker remotely.
  • DNS Hijacking technique can take on two forms:
    1. Rerouting - This occurs after a hacker gains access to DNS records on a server and modifies them so that requests for the genuine web page are redirected elsewhere–usually to a page that the attacker has created to acquire confidential information from a user.
    2. Man in the Middle – This is an extremely dangerous–and often undetectable–form of network security breach in which a hacker imperceptibly takes control of the communication between two computers to gain unauthorized information. This is one of the leading causes of online identity theft.
    1. SSL Certificate Compromise: An SSL Certificate is a unique fingerprint that identifies a legitimate website and encrypts sensitive data. In the aforementioned “Man in the Middle” attack, an exchange of the SSL Certificate traffic allows the hacker to watch customer sessions headed towards a legitimate website. It is important to make sure that the public key associated with your SSL Certificate remains unaltered at all times.

    Whether you have internal security measures in place or a third party monitoring company serving as a 24/7 watchdog, it is of the upmost importance to put up a defense against these ever-growing online threats.

    Learn More About ProfitStars Pharming Shield Today!

    Five Trends to Watch in Banking


    Brandon Kunz Author: Brandon Kunz,

    At a local FinTech event this fall I heard the comment from a person representing a leading venture capital firm that right now is an ideal time to compete against banks.  Why?  He noted the inability of many financial institutions to pursue innovation internally, as well as the inability of many financial institutions to source innovation from their primary solution providers; either through difficult procurement policies or lack of innovation from the providers themselves.

    He further indicated that this lack of innovation would lead to openings for startups and other organizations to trump financial institutions and siphon off highly profitable business in what would otherwise be the domain of leading banks and credit unions.  I won’t debate the merits of his arguments here:  I’m sure we’ve all heard or shared similar concerns in the past.  However, I thought I would take the opportunity to outline my personal “top five list” for what is coming in banking, as a starting point in the pursuit of innovation. 

    • Branch transformation – In the last month or so I was asked by one of my children (7th grade) “what is a branch?” and by another (4th grade) “what is an ATM?”  This caused me to reflect on the meaning of those terms, and to imagine a world where financial institutions maintain a physical presence in the markets they serve, but branches aren’t branches anymore.  Perhaps they aren’t stores either.  The stratification of roles and responsibilities in the branch will be long gone and some roles, like the teller (including the “universal banker with a transaction processing focus” mentioned at BAI Retail Delivery 2013), will be abandoned.  Instead, a bank customer will have the opportunity to initiate a wide array of transactions and service requests on a host of self-service devices in and out of the “branch”.  Problems and questions would be escalated through the transparent migration of activities from low touch to high touch channels, with sales opportunities quickly identified and fulfilled in real-time regardless of time of day, location of resources, and complexity of need.  Convenience will be defined by the individual and, most importantly, banking capabilities will not be tied to any particular device, but be managed in “the cloud.”  The introduction of kiosk applications and expansion of transaction automation capabilities has already started this transformation.  Done right, financial institutions’ cost structures will dramatically improve while the range of solutions and service capabilities afforded tomorrow’s customer broaden and become more valuable.
    • Small business – Now let's imagine a world where all of the excitement and innovation we have seen in the consumer financial and payments arena over the past several years is redirected or matched in the world of small business.  A world where an entrepreneur will be able to get everything needed to start and manage a business from, and with the support and guidance of, their financial institution.  Valuable and comprehensive fee-based mobile commerce, mobile banking, and payment solutions will be packaged together seamlessly to meet the needs of a wide variety of market segments and individual clients; all offered friction free.  A level playing field will be afforded where a small business can compete effectively online and offline anywhere in the world against much larger competitors.  Mobile centric business solutions will expand the size of the market financial institutions target for the benefit of all stakeholders and allow for economies of scale much earlier in solution lifecycles. 
    • Business financing and work force evolution – Another interesting trend in the financial services arena will be the expansion of very different ways of funding and operating businesses.  Peer-to-peer lending and crowd funding are already realities in today’s environment.  To compete effectively in this environment, financial institutions will need to think through their role in this value chain.  Further, crowd sourcing is likely to play an ever increasing role in how businesses are managed and how individuals find work.  When I completed business school many years ago, predictions were that lifetime employment was a myth and that individuals would be likely to switch jobs every 1½ to 2½ years in an effort to proactively manage their careers.  My personal experience hasn’t entirely followed this path but I know many others who have.  Is it possible that my children might be managing their careers in 3 to 6 month increments?  How will this impact lending, risk mitigation, and other financial services offerings required by consumers and businesses alike?
    • Bank regulation, compliance, and fraud – Regulation and compliance burdens aren’t likely to ever go away.  However, confidence in and respect for the important role financial institutions play in our economy will prevail, as will efforts to apply a rational level of regulatory oversight to all competitors in the financial services arena.  Regardless, I think there are huge innovation opportunities out there to anticipate, automate, and rationalize the infrastructures required to manage risk and reduce fraud; and shouldn’t “compliance” ultimately come as a natural consequence of doing the right things in these areas?  New solutions in these areas are destined to have a dramatic impact on reducing the time and effort required for compliance, and therefore increasing “innovation capacity” that can be applied to many other important areas.
    • Data and analytics – Of utmost importance to executing innovation initiatives will be the ability to leverage data and analytics to drive intelligent decision making across the financial institution enterprise.  Financial institutions and their primary solutions providers need to develop and strengthen core competencies in data and analytics: this is probably the single most important area of focus Chief Innovation Officers need to have today.  Understanding what to offer to whom, when, and in what forum has always been critical to success, but with 90% of the world’s data having been created in the last two years, we are not playing the same game we were just a few years ago.  Data and analytics for marketing and risk management are just the beginning. Data and analytics will become central to the use, improvement, and reinvention of financial products, solutions, and business processes.  Data and analytics competencies will also provide financial institutions with the ability to create long-term competitive advantage by embedding data services as core elements in solutions offered to help their customers compete in an ever-increasing data intensive world.  Imagine a world where data and analytics move from the proprietary domain of leading data scientists to being consumable by the masses for a wide variety of purposes.

    So, that is my personal “top five list” for what is coming in banking.  By working together to anticipate and respond to key trends and transformation opportunities, I believe we can jointly determine how to pursue these opportunities regardless of the challenges we face on a day to day basis. My hope is that financial institutions don’t allow themselves to be relegated to the “plumbing” underlying innovation, but become more aggressive in harnessing their ability to take and manage calculated risks and lead, rather than follow, in the future.  What is your top five list?

    All Posts