December 10, 2013
A communication from First Data
Note: Please contact MaryAnn Elliott Supples (firstname.lastname@example.org), Bankers’ Bank of the West, if you wish to coordinate a call with either Mr. Wagner, author of the following message, or your relationship manager.
First Data is making significant changes to our company this year, as part of a transformation to the new First Data. We’ve taken several steps over the past several weeks as part of our ongoing efforts to put clients first, increase operating efficiency and remain competitive in the fast-paced payments industry. We also are working hard to return the company to profitability.
You may have seen some of these steps covered in the news recently. Some of the coverage has been from a very limited point of view, and I would like to put these changes into perspective for you.
First Data continues to be confident in its business model, well-balanced revenue base and market-leading position. The company continues to be the largest acquirer processor in the United States, operates one of the nation’s largest PIN-debit networks, and is a leading provider of credit and debit processing for financial institutions.
In addition, First Data has strong financial backing, solid revenue growth and substantial available liquidity to fund all its operations. First Data has the ability to meet its debt payments through cash generated by its operations and has made all required debt payments on schedule. The company had $359 million of cash and cash equivalents on its balance sheet at the last reported quarter. First Data has no material long-term maturities due on its debt until March of 2016.
Through 2012, First Data’s EBITDA, a proxy for cash flow, had a 10 percent compounded annual growth rate over the last three years. Since August 2010, the company has successfully refinanced over $21 billion in previous debt maturities for 2014 through 2016, to 2017 through 2022, activities that have been well supported by Wall Street and our current investors.
Our focus is on you — our clients — and finding ways to help you serve your customers and grow your business. Another part of the evolution of First Data will be in how we do that: driving collaboration with you, innovating new solutions, and facilitating incubation of new technologies with start-up companies. Our recent acquisitions of Clover and Perka and our strategic partnership with Oberthur Technologies are good examples of this.
Our clients are our top priority and we expect the changes we make to be seamless for you – and, ultimately, better for you and your business. I encourage you to contact me directly if you have questions or concerns.
General Manager, GSPs & Community FIs
A convenient, compliant solution for facilitating consumer-initiated international money transfers is in place for community banks to use when the pertinent Consumer Financial Protection Bureau rule goes into effect Oct. 28.
The solution will enable Bankers’ Bank of the West’s community bank customers to provide a sender with a single written disclosure that displays all of information required on the receipt. This disclosure is initiated through a connection with a global clearing network that accepts rate requests and receives automatic currency conversions in an easy-to-use template format. Report generation, activity recording, and administrative controls are done in BIDS (the Bankers Internet Data System).
To comply with the CFPB rule requirements, the community bank will need to issue the sender proof of payment once the transfer has been effected—for example, in the form of a stamp on the combined disclosure.
The international payments tool is the brainchild of a partnership between LendingTools.com and Western Union Global Business Payments, Inc. To find out more about this solution, call BBW’s Vice President of Operations Debbie Wendt at 800-873-4722.
A reminder to community banks from the Bankers’ Bank of the West Executive Team
Fourth quarter 2013
You may recall that a crime commonly known as corporate account takeover was committed at banks in the mountain states and Great Plains region earlier this summer.
The fact is, any bank—of any size, in any region—can fall prey to cyber criminals.
The intended victim
The main target of a corporate account takeover is a financial institution’s business customer, not the bank itself. The crook sees the corporate customer as more vulnerable than the (presumably) well-secured financial institution. Using a mix of techniques—generally involving spyware that monitors corporate employees’ keystrokes to steal passwords and other sensitive information—the criminals might take several months to plan their attack. Then they attempt, and often successfully pull off, a quick online heist of hundreds of thousands of dollars. Because many such thefts are perpetrated from far-off corners of the world, most of the crooks are never caught.
Keep in mind that either the corporate customer or its bank, or both, frequently suffer huge losses when a corporate account takeover is committed. This underscores the need for the corporate customer as well as the bank to maintain high security standards; otherwise, both could become susceptible to attack. To borrow a proverb, a chain is only as strong as its weakest link.
We recommend building a tough defense
The value of staying current on developments affecting banks, especially in the area of cyber security, cannot be overstated. Scam artists regularly adapt their tactics to changing conditions, after all. Don’t allow yourself to become complacent.
Following are some commonsense steps to help you control risk to your bank and your corporate customers:
- Educate your customers—especially businesses. Update them on the tactics being used by criminals. Let them know the biggest security risks are human-related. For instance, scammers are constantly tweaking their social engineering tactics (like phishing) in an effort to trick victims into downloading malicious software. Also stress the need to secure any “bring your own” smart devices used by employees in the workplace—including tablets, smart phones, laptops, and e-book readers.
- Make employee vigilance a high priority at all levels of your bank. In addition to knowing the customer, you need to know your customer’s routine banking behavior. Watch for changes in established patterns. Question anomalies. If out-of-the-ordinary activity occurs on a commercial account, shut down access immediately.
- Involve your customers in fraud-prevention efforts. Some banks provide anti-malware software, and regular updates, to customers with online access. If such an expense is out of the question, consider at least providing best-practices guidance and software recommendations for business customers.
- Make certain that verifiers at your bank critically review all ACH files before sending them through. This step is a linchpin in your security scheme.
- Require business customers to follow dual control when originating ACH files. Never release an ACH file before getting a receipt from a second authorized individual at that business.
- Specify in your agreements that customers must maintain balances sufficient to cover any unfunded files—both debits and credits.
- Warn your business customers against originating ACH files from any computer that isn’t properly secured—for instance, a laptop on a public network. Consider including language in your agreements that expressly prohibits the customer from originating ACH files from a non-secured computer. Or advise customers to use a dedicated computer for online access.
- Keep a current ACH Risk Management Handbook (a NACHA publication) nearby. You can order a copy from NACHA or get one through your regional payments association.
- Earmark both funds and staff time for the ongoing education and training of bank employees. Even a modest commitment represents a wise investment in these changing times. Urge key employees to become certified in areas of expertise most crucial to their function. Enroll appropriate staff in courses, webinars and conferences offered by your state banking associations, your payments associations, and other professional groups. Invite employees to share security-related information with their co-workers.
- Even though automated risk management tools are no substitute for following proper risk management rules and procedures, they can significantly reduce the potential for inconsistency and human error. What’s more, they can help ensure regulatory compliance. If your bank is on BIDS, ask about the BIDS ACH Risk Management solution, which is equipped with a full complement of helpful features including real-time notification of limit exceptions. To learn more, contact us at 800-873-4722 or email@example.com.
Another abundant source of current information is the Internet. Among the many worthwhile websites are the Financial Crimes Enforcement Network website and the members-only section of American Bankers Association website.