Managing Internet Risks
Technological advancements will continue to change the way credit unions do business on into the future, but one expert says future credibility depends on addressing security concerns today.
Steve Williams, principal of Scottsdale, Ariz.-based technology consultancy Cornerstone Advisors, pulled double duty at the Credit Union Executives Society's annual convention here. After delivering a general session address on the current state of information technology (IT), he led an educational session on IT topics credit union board members should take back to their CUs.
"Managing risk is at the top of the priority list right now, because the downside outweighs the upside," he said. "Wireless security with members' home computers is a key concern credit unions should proactively address today."
Numerous security breaches at Choice Point, Citigroup, Bank of America and, most recently, Card Systems, have made consumers painfully aware their personal and financial information is not fully protected. Because of these problems, notification laws soon will be enacted, Williams predicted.
Fraud, phishing and identity theft are causing financial institutions to spend increasing amounts on IT. "Think of it as a tax on delivery," he quipped.
Consumer demand for more security could soon lead to a "tipping point" for biometrics and smart cards, Williams continued. Even small CUs are using fingerprints and other biometric techniques for employee identification and log in. Smart cards, though not yet widely used, also are growing for ID purposes.
Striking a balance between security and function in the financial IT environment can be difficult, he explained. Williams has seen "holy wars" between IT departments and business departments over security versus openness.
"The more credit unions can get their IT staffs trained and certified, the better."
Why CRM Hasn't Worked
"Big Bang" CRM, or customer relationship management, is a "failure," Williams declared. He advised CUs not to spend money on big CRM systems and instead direct their attention towards focused CRM projects, which he said are succeeding.
"Credit unions are doing a good job of member relationship management. It is becoming more 'real.' Credit unions are tracking sales and referrals, while improving contact management."
Williams detailed four steps to MRM "Best Practices." First, CUs should develop automated sales tracking so an account opening triggers a recorded sale. A matrix should be used for sales credit rules and allocations, and incentive calculations and tracking also should be automated.
The second step to quality MRM is to create a consolidated member view that links all household and relationship accounts and ties in third-party systems, such as credit cards, investments and mortgage loans.
Third, contact management should be deployed to give any department access to a member's full contact history. When the contact management is fully integrated with origination systems, employees can avoid "toggling," or switching from screen to screen to transfer member information.
"Staff members hate toggling," said Williams.
Fourth, member analytics should be strengthened to allow the CU to calculate member profitability and append each member record with a profitability "tier" and "segment." Credit unions then would be able to matrix marketing and servicing programs based on each member's profile, segment and profitability.
On the payment side, Williams said directors need to know about electronic payment trends. In 2003, the number of electronic payments in the U.S. exceeded check payments for the first time. The Federal Reserve estimates check volume will drop 15% in 2005 versus 2004. Point-of-sale transactions are expected to continue to grow rapidly.
"After hearing about the 'checkless society' coming over the hill like Sam Houston for the last 30 years, surprisingly, it's really happening," he said. "People are using debit cards and asking for cash back, therefore, they are making fewer ATM trips."
Stored-value cards also are proliferating. Williams said Starbucks is sitting on more than $1 billion of value in its cards.
"Loyalty programs will dominate the next wave of point-of-sale competition," he predicted.
CUs should ensure they are taking advantage of new technology on the lending side, especially web-based technologies, said Williams. He recommends moving lending platforms to web-based architectures and increasing the use of business-to-business automation, such as credit, title, appraisal and secondary vendors.
If credit unions incorporate technology into their loan systems, they will improve the integration of their front-office and back-office processes. This, in turn, will lead to a faster and more customized lending process, he said.
New technologies that may help speed up integration of business processes are "Web services." Williams said Web services buzzwords such as Java, .NET, XML, API and OFX are beginning to become familiar. Whatever the name, they are modular, reusable applications that communicate using Internet technology either internally or across organizations.
"It might take three to five years, but web services offer new opportunities for integration and process improvement. Web services are the first indication of systems talking to each other, but credit union systems are quite complicated, so they are not ready for plug-and-play. It will take several years to move the battleship."
In the next year or two, Williams expects vendors to begin introducing Web-based applications.
The State of Online Banking
One area that is going very well is online banking. Williams said Internet banking has reached "a bit of maturity" because so many people have it. On the other hand, many credit unions offer electronic statements, and implementation is relatively easy, yet e-statements have achieved only a 5% to 20% penetration rate.
"I expect the number of e-statements to rise with broadband penetration," he said.
Most CUs are setting goals to increase the number of transactions members can do themselves online, he continued. One area that caused concern was account-to-account transfers (A2A), which means consumers perform wire transfers not inside an institution, but between institutions. While many feared allowing members to do so would cause an outflow of capital, CUs have discovered an inflow trend.
Wireless financial services generated a lot of buzz a few years ago, but didn't make a major impact. Williams said this was due to an introduction of technology that was too far ahead of the "tech curve."
"Consumers weren't as familiar with wireless devices then. But, 'smart phones' will replace cell phones over the next three to five years, allowing people to exchange e-mail and access the Internet."
One of the biggest uses of wireless services Williams sees is alerts and notices sent from CUs to members. He said these will build trust, as well as the credit union's brand.
A Checklist For Directors
Williams closed by giving the directors a list of questions they should take back to their boards and CUs:
Do we have a formal IT strategic plan?
* When was the plan last updated?
* How will our IT environment change in the next three to five years?
* How much are we spending on technology?
* How does our technology spending compare to our peers?
* Have we formalized our project approval and management processes?
* Are there clearly defined joint responsibilities between IT and business areas?
* Where do we stand in our risk management efforts?
* Does our IT staff's skills and experience align with our future IT plan?
* How well are we positioned with our current core vendor?
* What is the vendor's technology vision for the future?