Posted on Wed, Oct 26, 2011 @ 08:26 AM
Author: Pat True, RTrue@profitstars.com
Here is the scenario. You have a revolving credit line in place to a small business. You periodically fund draws on that line as requested, and may monitor borrowing base values to assure that your collateral is sufficient to secure the outstanding facility. In such a scenario, where you have perfected a security interest in business assets, how does your organization become aware of any new IRS tax liens that are filed against your client’s assets?
In the scenario above, most banks interpret IRS Code 6323 to state that the bank would maintain its priority interest in the business assets for any draws up to the 46th day after the IRS had perfected its lien by filing where appropriate for that state. The 45 day period could be shorter if the financing institution had notice of the lien. Since tax liens and unpaid taxes would be a condition of default, you would stop funding new draws on the line upon notice or discovery.
It is one thing to assure the presence of a lien when a new credit facility is created, but another to monitor ongoing exposure with revolving credit facilities. Many banks we speak with utilize third parties to monitor their commercial accounts and to catch any new filings. Others have begun to utilize tax form 8821 (Tax Information Authorization), which allows the financing institution to become an appointee authorized to receive copies of tax information sent to their client. Since this form can later be revoked by your client, the practice is not foolproof – but it does show your client that you are diligent in searching. Some third party monitoring services even file these on behalf of the bank, and continue to monitor their status.
Let us know your strategy. Do you utilize form 8821 with your commercial revolving credit lines? Do you contract with a third party to help monitor any tax delinquencies of your clients, or do you have an internal procedure to reach out and check lien filing updates internally on a regular monthly schedule?
Posted on Wed, Oct 19, 2011 @ 08:51 AM
Author: Ryan Spanier, ryans@gladtech.net
Malware infections seem to be everywhere today, and they come in all kinds of flavors: rootkits, backdoors, data stealing Trojans, worms, spam bots, etc. The variants and combinations seem overwhelming. But in a way, they all have something in common: how they get on your system. For infections originating from the Internet, it’s usually through an exploit pack. If you can reduce the effectiveness of exploit packs you are well on your way to preventing all types of malware infections.
Exploit packs are designed to silently and efficiently install malware – any kind of malware – on an unsuspecting system visiting a webpage. They take advantage of vulnerabilities present in commonly installed applications, such as Adobe Flash and Java, to force the execution of malware installations. Exploit packs can be found lurking all over the Web, from personal blogs to web forums to local news websites. To spread exploit packs, malicious groups use web vulnerability scanners to find and exploit websites to put a link to their malicious code in the background, unseen by the visitor and website administrator.
So what software do exploit packs actually target? Although it varies from pack to pack, here are the typical applications and vulnerabilities targeted:
- Java
- Adobe Flash
- Adobe Acrobat/Reader
- Browser exploits
- Operating systems
According to Microsoft’s Security Intelligence Report Volume 11, covering the first half of 2011, the following chart shows the distribution of exploit targets by application.
Microsoft Security Intelligence Report – v11
As you can see, Java is easily the most prevalent application targeted. In general, this is because the vulnerabilities for Java are both highly reliable and widely found on target systems. However, don’t read too much into this chart. Be aware that many exploit packs try and exploit applications one at a time until they are successful. If Java is patched on your system, the exploit pack will just move on to another application vulnerability.
So how can we use this knowledge to prevent future malware infections? First, users should be aware of where they are on the Internet. Browsing some sites is akin to walking around in a rough neighborhood: you’re just more likely to get infected. These include legitimate sites like blogs, social networking, and web forums. In addition, users should be able to identify suspicious activity. If a java application is running, a java icon will appear on the taskbar similar to the one shown below.
If the site has no obvious java modules, this should alert the user that something suspicious is going on. If the computer system starts processing at a high rate (the hard drive starts spinning and the system gets slower), this may mean that code is loading in the background. Finally, if a new application pops up (such as a fake antivirus application) that the user has never seen, they should ask an administrator about it.
What about on an enterprise level, what can we do to prevent exploit packs from working? Patch! Patch! Patch! According to Microsoft’s Security Intelligence Report volume 11, of the malware infections resulting from an exploitation of software, over half of them had an update published over a year before the infection. And as for the rest, an update was still available; it just hadn’t been out for a year. Almost no infections were caused by exploits without a patch. We need to do a better job at patching systems, especially for non-Microsoft products. As an example, look at the number of exploit attempts against Java and what year the vulnerability was reported.
Microsoft Security Intelligence Report – v11
The top vulnerability is from 2010, but vulnerability from 2008 was still being successfully exploited. If an organization has a good patch infrastructure for both Microsoft AND non-Microsoft applications, then they will greatly reduce their risk to all kinds of malware.
Reference Links
Microsoft Security Intelligence Report (http://www.microsoft.com/security/sir/default.aspx)
Posted on Thu, Oct 13, 2011 @ 08:40 AM
Author: Lee Wetherington, lwetherington@profitstars.com
I love irony. I have to. I’m an English major. It’s required. So, whenever a new regulation produces the opposite of its intention, I relish the absurdity.
Even more satisfying, however, is what accompanies the absurdity. Every unintended consequence comes with an even less predictable opportunity, and these opportunities are where savvy financial institutions should focus attention and resources.
But first, the ironies…
Irony in Banking
Let’s start with last year’s revision to Reg E. After a long look at Overdraft Protection Programs, regulators required financial institutions to obtain explicit opt-ins from their customers to participate. The intent was laudable: make overdraft fees more transparent for consumers and less onerous for those who can least afford them.
The only hitch was that overdraft fee income was also underwriting free checking, free online banking, and free online bill payment services for the masses. So, when opt-ins began squeezing overdraft revenue, financial institutions had to recalibrate their business models for demand deposits.
The result? According to Moeb’s Services, since the overdraft opt-in mandate:
- 20.5% of banks and credit unions no longer provide overdraft services at all or will always bounce the check if funds are not available.
- Fewer financial institutions are providing checking-account overdraft services from savings (70.4% vs. 80.8% in 2009) or from a line of credit (49.2% vs. 63.4% in 2009).
- More financial institutions are allowing overdrafts by debit card—97.7% vs. 45.4% prior to the revision of Reg E.
- Payday lenders are more cost-efficient providers of funds for overdrafts of $100 or less.
In short, the consumers who most need overdraft protection in a bad economy now have even fewer and less attractive options from banks and credit unions.
The Durbin Inversion
Irony number two: the Durbin Amendment. Again, the intention was honorable: break up the bank card network’s de facto monopoly on debit interchange pricing so that consumers no longer have to shoulder a hidden inflationary premium introduced by invisible “swipe fees” that merchants pay and bake into the price of everything.
However, instead of making transaction costs transparent at the point of sale so that consumers could vote with their payment method of choice, the Durbin Amendment swung the pendulum to the opposite pole by migrating price-fixing powers from the bank card networks to the Federal Reserve.
The result? Again, according to Moeb’s Services,
- Too-big-to-fail banks (> $50B in assets) exited the free checking market with 38.5% offering the service today vs. 92.6% of banks in 2009.
- This year, 1.0% fewer community banks offer free checking than in 2010.
In sum, Reg II, the Fed’s final rule implementing the Durbin Amendment, has forced big banks to put a new price tag on checking accounts, and fewer consumers will now be able to afford a basic banking relationship, creating unprecedented upheaval and opportunity for financial service providers.
Unintended Opportunities
Recently, in response to Reg II, Bank of America created a firestorm with its announcement of a $5/month fee for customers who use their debit cards. Seven of the country’s ten biggest banks have also moved to fee-based checking accounts.
Surveys suggest that up to 60% of consumers will abandon debit cards (and perhaps the banks that offer them) if new fees are assessed on their transactions or transaction accounts, and credit unions are already reporting 6-7% bumps in new memberships.
To capture big-bank fee defectors while still enjoying short-term exemption from debit interchange caps, smaller financial institutions should leverage solutions that attract all segments: the affluent, the exploding population of unbanked and under-banked consumers, and small-to-medium size businesses (SMBs). To this end, consider the following:
- High-Interest Reward Checking
- Merchant-Funded Statement Rewards
- General Purpose Reloadable (GPR) Prepaid Cards
- Micro Cash Management
While many variables make the future of debit fee income uncertain for smaller financial institutions, we know, according to Aite Group, that big banks will lose approximately $8.3B in debit interchange next year.
Interestingly enough, Javelin Strategy and Research recently calculated the total dollar amount of cost savings U.S. financial institutions could reap if successful in migrating offline customers to online and mobile self-service channels. That cost savings? $8.3B.
The solutions that compel self-service and deliver the cost savings? Merchant-funded statement rewards (on which financial institutions also share revenue) and simplified micro cash management for SMBs (for which financial institutions can easily command a fee).
Ladies and gentlemen, the $8.3B big-bank interchange hit is also an $8.3B opportunity for community financial institutions. Welcome to the new era.
Posted on Wed, Oct 05, 2011 @ 11:49 AM
Author: Brandon Kunz, bkunz@profitstars.com
Last week was a highlight in my career in the financial services technology space. I’ve always wanted to attend Sibos, the annual banking and financial conference held by SWIFT. The conference rotates around the world and has previously been held in Amsterdam, Hong Kong, Vienna, Sydney, and Copenhagen, so you can see why it might have piqued my interest. This year the conference was held in nearby Toronto, which made it much easier to justify the travel expense.
Walking into the expo center felt much like walking into
the downtown area of a large city, with a huge showing by over 200 of the world’s largest financial institutions and technology providers. It was especially exciting to be part of the ProfitStars debut at the event as a partner in the Microsoft “stand.” Our focus was on helping financial institutions learn how to automate and streamline payment processes in a way that improves the customer experience and strengthens their brands; you can click here for details.
While at Sibos I spent quite a bit of time speaking with and listening to bankers and other leaders from around the world in a variety of conference sessions. I was especially pleased at what appears to be a turning point in the industry; financial institutions are changing from a defensive posture, which has predominated over the past several years, to a growth agenda.
Conference optimism was tempered by clear expressions of ongoing concern over general market uncertainties and the regulatory “burden” being felt in most areas of the world to one degree or another; however, I still felt a more overarching theme of positivity and new opportunity. The blend of cost pressures, increasing competition, the evolution of mobile banking and social media, and the general expansion of customer driven needs and expectations all seem to have combined to create the beginnings of a uniquely exciting time in financial services.
Some of the topics addressed at the conference that I found most interesting were:
1) Globalization of commerce – International banking needs aren’t just for big businesses anymore. I expect the full gamut of small and middle market businesses to clamor for a wide variety of transaction banking services as the world becomes ever smaller and more integrated. Services required will include advanced money movement capabilities, trade finance applications and so forth. And don’t forget, financial institutions in the United States are not only competing with each other, but with financial institutions around the world to provide these services to clients.
2) Big data – The topic of “big data” was covered extensively. In sum, financial institutions have vast amounts of data available to them including internal sources of information, such as transaction histories and customer information files, as well as external sources (such as social media and financial markets data). Data storage is more affordable now than ever before, however, not all data is conducive to storage in relational databases. Also, financial institutions are only now beginning to exploit the value of this information. Advanced analytic technologies that span data, image, and even video across both structured and unstructured sources will become more and more relevant to financial institutions as we move forward. I foresee much more advanced risk analytics, the evolution of marketing and business intelligence solutions that provide more actionable insights to the financial institution and facilitate the provision of more relevant information and offers to the user, as well as shorten the time elapsed between market sensing activities and business responses.
3) Innovation – Despite the economic downturn it was noted that payment volumes continue to increase. Payments, “context aware” mobile applications, and social media were all hot topics on the innovation front and I expect expanded investment in all of these areas as we move forward.
So, how do you think these trends will affect your financial institution over the next several years? Oh yeah, and if you agree that I should get to go to Sibos 2012 in Osaka next year, please make sure to comment on that as well!