Severe Weather and Your Contingency Plan

Here in the United States, last week was "Severe Weather Awareness Week" with each day featuring a different type of severe weather that might impact you.  Tornadoes are particularly challenging for us due to their sudden appearance, and erratic behavior.  Forecasting is improving, and many areas are benefiting from more timely warnings than ever before.

As you work to enhance and test your contingency plans, remember to include attention to matters that may arise suddenly, affecting not only your staff, but customers, vendors, or others who are in your facilities when a sudden crisis - like a fire or a tornado warning - arises.

Your planning and testing activities should include attention to non-employees who may be in the building.  Both fire and tornadoes create a sudden need for action.  Fire creates a need for an orderly, safe evacuation, while tornadoes create a need for shelter.  By considering the "non-employee" individuals in your planning and testing activities, you increase the chance of protecting them as well as your employees.  Doing so makes you the best possible corporate citizen, and reduces both reputation risk and legal liability.

Just another insight into the complex world of contingency planning.

Widespread Security Breach of Bank Executive Data

Breaking news overnight about what may be a serious breach of data, including the online identities and passwords of several thousand bankers.  Rather than fretting about whether you are involved, first move to change all of your online passwords, both personal and bank related.  Move away from simple words toward nonsensical phrases that are sprinkled with special characters.  "arctic01penguins#%" for example.


http://www.washingtonpost.com/business/technology/anonymous-posts-file-claiming-to-have-information-from-4000-bank-execs/2013/02/05/8f8b0488-6f9b-11e2-ac36-3d8d9dcaa2e2_story.html


More as this story unfolds.

The current issue of my banking newsletter "Trent's Comments" is now available on my website.  Visit www.trentfleming.com and select the Newsletter tab.  From there, you can download several recent issues, as well as a document that summarizes each issue going back to 2010.  I welcome your feedback and comments.

Planning Ahead: Budgeting vs Strategy

Here's a year end thought for you: budgeting is not strategy. While preparing and managing to a budget is an important part of your "looking forward" activities, don't let your annual budget substitute for a real strategic plan. Budgets lack vision, passion, and can't convey leadership directives.  Strategies need to clearly outline Executive Management's vision of the markets to be served, the types of products and services to be offered, and efforts to establish and enhance your company's brand in the marketplace.  From these strategies, clear tactical guidelines can be developed for executing initiatives and affecting real change.

Most strategic planning efforts fall down on execution.  By establishing clear tactical directives, naming responsible parties, and demanding regular progress updates, you can avoid the "dusty plan on the shelf" trap that so many fall into.

Often, an outside moderator can offer value by preparing for and conducting planning sessions, aiding in the development of tactical initiatives, and mentoring your key players to actually get things done.  Don't be afraid to ask for help - successful strategic planning is worth the investment.

Alert on Recent Hacking Activity

Quite a lot of buzz in the last few days over some of the largest US banks being the target of hacking activity.  While few community banks will be affected, customers who see the media coverage may, nonetheless, express concern.  Here are some talking points that I hope will help you in communicating to your employees how to address customer concerns.

1) These are denial of service (DDOS) attacks on the web sites of the banks in question.  The result of these attacks is to make some or all of the web site unavailable for use.  In some cases, the pages and links customers use to access Internet banking may be targeted.  These are NOT hacks into the customer information, however, merely a denial of access.  To date, no data has been exposed or compromised.

2) While the banks are of course the target of this activity (which appears to be politically motivated) the site hosts for the banks' web sites are actually being hacked, NOT the banks themselves.

3) Customers remain the weakest link relative to security breaches.  Use any opportunity to discuss such matters with customers to remind them that it is crucial that they have, and continue to update, current virus protection on their own computers and other devices.

4) Take this opportunity to be sure that your bank's systems are properly protected, with all security updates and patches applied.  Firewall reports should be monitored for unusual activity, as should all internal systems.  Raising your bank's and your customer's level of awareness goes a long way toward preventing unauthorized access.

As always, contact me if I can be of assistance in these or other matters.

Today's Speaking Engagement

I'm in Kansas this morning, to address the KBA's Young Bankers Conference. We are going to get serious about the challenges of supporting customers in an era where much of our technology is customer-facing. "This Stuff Doesn't Work" is both a funny and serious look at customer expectations and the work banks have to do in order to be successful. Very excited to talk to this group of rising stars!

Telephone Banking - The Forgotten Technology?

By far one of the most popular customer facing technologies banks have introduced is Interactive Voice Response (IVR). Customers flocked to this technology, calling over and over to hear a balance or see if a payment has cleared, many calling multiple times per day even if account balances and other information was not in real-time. The advent of Internet Banking may have slowed the usage, but it did not go away. Convenience might be an issue: a customer checking an account balance may find the touch tone phone faster than logging into your web site. These systems are simple and easy to use.

Internet Banking is well into its second decade, however, and many of you are already investing in the next generation: Mobile Banking. The question is, what to do with our IVR systems? Especially if you are running IVR “in-house,” it is likely that your system is aging, and support may be lacking. If you've priced a new system, you may be taken aback by the cost. If you can keep that old clunker running a bit longer, here's my step by step process for getting a handle on this technology before it causes you a real problem.

1. Do an operational and contractual assessment of your current system. Get the vendor involved (if they are still around) and make sure you have ready access, in the short term, to replacement parts and support in the event of a failure. Get your core vendor involved (if they are not the IVR vendor) and ask them to help you plot a backup strategy, if your IVR vendor is not around. Or call an expert (that would be your humble author) Your goal here is to put together a strategy to keep the technology working for another year or two, while you move these users to other solutions.
   
   
2. Take a hard look at the number of calls you are receiving, and who these folks are. Generally, you will find a significant group of “repeat offenders.” Hopefully, your system produces reports, but if not, go to the phone logs to see what you can learn.
   
   
3. If you have outsourced your IVR, think about aligning the efforts listed below with that contract's expiration date, so that you can retire the technology at that time. A benefit of outsourcing is that you are relieved from worry over the state of your system. A downside, however, are the costs associated with the technology and the calls.
   
   
4. Taking into account (based on available reporting) the frequency and type of activity you see, design an aggressive marketing campaign to move those folks to Internet Banking.
   
   
5. If you currently have mobile banking, even better. Promote that directly to your IVR users, with particular attention to the SMS “text” capability, as it offers the path of least resistance to their using the product.

My hope is that, over time, with some concentrated effort, you can eliminate your IVR system in favor of newer technology that offers customers even more functionality.