U.S. banks are familiar with Spanish banking giants BBVA and Santander because they're competitors, but there's another Spanish bank with no retail presence in the states that might be worth watching more closely.

Its name is CaixaBank, and when it comes to innovation, it has few peers. It was one of the first banks in Europe to introduce contactless payments, has more mobile customers than any other bank in Spain and was the first bank in the world to launch its own app store. Forrester Research gave it the top worldwide score for mobile banking functionality and Retail Banker International recently named it the world's most innovative bank in the field of mobile payments.

To a much greater degree than its U.S. counterparts, Caixa is seeing its customers use those digital options to eliminate branch visits. During a panel discussion at the World Congress of Savings and Retail Banks in Washington this fall, Caixa's deputy chairman, Antonio Massanell, said that 92% of deposits, withdrawals and other transactions are done digitally or through ATMs. Of the 8% of transactions that are handled in the branch, the vast majority are for commercial clients, Massanell said.

It's a similar story in other parts of Europe. In the Netherlands, it's estimated that only 5% of retail banking customers will set foot in a bank branch this year, Dick Okhuijsen, a director at SNS Reaal Bank, said during the panel discussion. Asked what percentage of everyday banking transactions at his bank are handled digitally or at ATMs, Okhuijsen replied, "100%."

This isn't to suggest that U.S. banks treat mobile banking as an afterthought. A Federal Reserve study conducted at the end of last year found that 39% of U.S. consumers had accessed their bank accounts via a mobile app at least once in the prior 12 months, up from 29% just two years earlier. Those numbers are likely to increase as banks here continue to refine their mobile apps to make it even easier for customers to check balances, transfer money or pay bills.

Nonetheless, one of the key takeaways from the conference was that U.S. and U.K. banks still lag their counterparts in Europe and Asia when it comes to mobile adoption. How to defend against cyber threats also was a hot topic at the two-day event, which attracted about 400 attendees.

Chris Skinner, a popular British blogger who focuses on financial technology, said innovation is happening fastest in countries like Spain, Turkey and Poland, which have radically revamped their banking systems over the last decade.

Many U.S. and U.K. banks have been so preoccupied with meeting new compliance obligations and rebuilding their reputations in the wake of the financial crisis that they have had little bandwidth for anything else. Besides, technology is moving so fast that banks — particularly small and midsize ones — are often unsure how to respond.

"They all know that they have to change, the only thing is they don't know what they have to change into," Skinner, who moderated the panel discussion, said in a follow-up interview. "If you look at the smorgasbord of change — more regulation, the digitization of old services and the renovation of old structures — it's almost too much for many banks to deal with."

John Buhrmaster, the chief executive officer at First National Bank of Scotia in upstate New York, said he thinks U.S. banks are just as innovative as those elsewhere. He contends mobile banking use is more prevalent overseas than it is here mainly because Europe and Asia have fewer banks fragmenting the market. That helps the banks get their products to market more quickly, because fewer of them are vying for attention from their vendors.

"Here we are dealing with vendor backlog," with small institutions getting pushed to the back of the queue, Buhrmaster, one of the conference attendees, said in an interview.

If digital banking was the dominant theme at the conference, cybersecurity was a close second. In a keynote address to the roughly 400 bankers in attendance, Amias Gerety, the acting assistant secretary for financial institutions at the Treasury Department, said that regulators and law enforcement agencies are working to help smaller institutions fend off cyber attacks.

"We recognize that smaller companies often have fewer resources to manage what can be a highly technical and complex challenge," he said.

Treasury is in the midst of developing a set of cybersecurity "exercises in a box" that bankers will be able to download from the Internet to better assess the cyber readiness of their companies.

The Federal Bureau of Investigation also is planning to host open houses at its field offices across the country to help small banks bolster their response capabilities and their ties with law enforcement — an initiative that's being coordinated with the Treasury and the U.S. Secret Service.

Following Gerety's speech, Cynthia Blankenship, the chief operating officer at the $404 million-asset Bank of the West in Grapevine, Texas, said that while keeping pace with new technology like mobile banking is always top of mind for community bankers, it's the threat of a cyber attack that keeps them up at night.

Bankers in attendance said they also worry about how examiners will assess their ability to deal with such threats, particularly since the Federal Financial Institutions Examination Council released a cybersecurity assessment tool last summer to help banks gauge the level of risk they face and their ability to manage threats.

Buhrmaster said the tool is a good first step, "if implemented as promised."

However, the tool is designed to give banks recommendations on how to prepare for a possible cyber attack, and Buhrmaster worries that these recommendations could soon become de facto regulations.

He said examiners have already warned some banks that they could face enforcement actions if they are not deemed to be cyber ready by their next federal examination.

Buhrmaster is not downplaying the threat of a cyber attack; as he sees it, nothing hurts a bank's reputation more than a failure to protect customers' data.

But he also believes regulators should give banks time to test the tool and make tweaks as necessary without the threat of an enforcement action. He said that his $430 million-asset bank plans to bring in a consultant to help it work through the checklist because it doesn't have that kind of expertise on staff.

"Before it's made mandatory, regulators need to be seeking feedback from banks because it's a very complex tool," Buhrmaster said.