When it comes to technology spending, community bankers are paying less attention to buying the latest products and services and are devoting more resources to keeping customers' information safe, a survey found.
Observers said two factors are driving this shift in priorities: more incidents of identity theft and new regulations requiring banks to beef up security for customers using online banking.
Sixty-nine percent of the roughly 1,000 bankers polled by the Independent Community Bankers of America said they had undergone an external security assessment in the past 12 months, versus 38% in its 2001 survey. Also, 64% of banks said they used an intrusion detection service to stop people from hacking into their systems, up from 38% in last year's survey.
The 2006 Community Bank Technology Survey was mailed to 8,470 banks. Ninety percent of those that responded had less than $400 million of assets. The consulting and accounting firms Plante Moran PLLC in Southfield, Mich., and BKD in Springfield, Mo., helped devise the survey. The report was released Oct. 31.
Raj Patel, an information technology partner at Plante Moran, said banks' concerns have changed since 2001, when the main decisions were about offering Internet banking, using imaging technology, and making equipment purchases.
"Security has really taken over the technology decisions. A lot of that has to do with the number of identity theft cases going on out there, and the regulations also," Mr. Patel said.
In late 2005 the Federal Financial Institutions Examination Council updated its guidance on online banking security by asking banks to add another layer of security for customers that bank online.
Generally, customers have accessed accounts online using a login and a password, but the new guidelines require banks to add a second authentication factor, such as asking an additional security question or even equipping users computers with fingerprint scanners. Regulators have not set a hard-and-fast date for compliance, but they have asked banks to show that they have taken steps toward instituting "two-factor authentication" by year's end.
Forty-one percent of the banks surveyed said they budgeted less than $50,000 for technology spending in 2006; 26% budgeted $50,000 to $100,000; 17% budgeted $100,000 to $250,000; and 5% budgeted more than $500,000.
On protecting customers' information, Mr. Patel said banks need to think creatively, but he stressed that that does not always mean buying expensive computer systems or software.
For example, he said banks could provide free credit report monitoring to their customers. He also suggested banks could provide a sticker on the back of automated teller machine cards that has a grid containing various alphanumeric codes. When a bank wants to verify a customer's identity online, the customer would be asked for the code from a specific spot on the grid.
"Banks are not looking at these other controls. There could be a simpler, more effective solution," Mr. Patel said.
Along with security, 64% of the banks said keeping technology affordable is a concern. Half of the banks said they expected to spend more on technology in the coming year, compared with 48% in last year's survey. Less than 20% said they would spend less.
Dewite North, the ICBA's chief information officer, said community banks prefer to see how different products work at larger banks before installing new systems.
"As a community banker, I am going to look at what efficiencies technologies are going to bring my operations," Mr. North said.
Check imaging is one way banks can reduce costs through technology. The proportion of banks using imaged check clearing more than doubled from the 2005 survey, to 28%. Also, 83% of banks let customers view check images online, compared with 61% last year.
