The Financial Brand Insights - Spring 2022

Innovation, employee experience and evolving consumer preferences are changing the financial services landscape. This includes the way financial products and services are delivered. Many banks and credit unions are exploring ways in which third-party relationships may help address the changing landscape, while others are looking to new or innovative technologies that can increase efficiencies, grow their reach and improve competitiveness. No matter what your organization’s approach is, there’s a new level of scrutiny that you need to apply. Clearly, you must be sure that you’re not doing something that introduces too much risk that could put your long-term viability in jeopardy. However, it doesn’t mean you shouldn’t pursue opportunities. Risk management shouldn’t be the department that says no, but rather the function that enables successful execution with the emerging risk universe in mind. It’s not unlike what mothers tell their kids: “Just be good.” That simple instruction can be applied to pretty much everything you do, including managing risk: • Be good at identifying and monitoring emerging risks whether brand new, evolving or even well-known. • Be good at making sure your

So, where should you begin? What are those emerging risks that you should have your eye on? While each financial institution has its own unique risk footprint, here are five risk categories and loss trends that most likely should be on your radar in 2022. Risk 1: Ransomware To begin, cyber risk and ransomware has to be top of mind. The growing frequency and severity of ransomware attacks is concerning — as six and seven-figure demands have become routine. The fact that ransomware attackers have been telling victims that they must pay the ransom, and that the attackers can steal as well as encrypt data, isn’t a new phenomenon. But the possibility that sensitive data might be revealed is potentially more damaging to your reputation than any disruption caused by the malware.

Ways Banks and Credit Unions Must Mitigate Risks and Losses in 2022

Keep an eye out: Having employees work from home is a great option, but remote work can add many unforeseen security risks.

In addition, threat actors are indifferent to who pays them as long as they are getting paid. Their focus appears to be a disproportionate problem for smaller and mid-market organizations. 72.1% of ransomware attacks occurred on companies with less than 1,000 employees according to Coveware’s Quarterly Ransomware Report (February 2021). This fits the organizational make- up of many community financial institutions, so it is wise to be on the lookout. Further, remote work has opened the door for additional cyber risk. Remote work has highlighted

leadership team understands the risk impact, likelihood, velocity and time horizon of each risk. • Be good at developing and implementing actionable controls to mitigate the risk.

By Brad Neumann Senior Risk Consultant, Risk Management Services at CUNA Mutual Group

• In other words, just be good and things typically go right.

7

8

THE FINANCIAL BRAND INSIGHTS SPRING 2022

THE FINANCIAL BRAND INSIGHTS SPRING 2022

Powered by