Banking Under Siege: Building Resilience Against Rising Fraud

Hello and welcome to Banking Transformed, the top podcast in retail banking. I'm your host, Jim Roos, founder and CEO of the Digital Bank Report and co-publisher of the Financial Brand. Since 2020, financial institutions have faced a perfect storm. Rising funding costs increased delinquencies, and now a dramatic surge in sophisticated fraud attacks. We're joined by two experts from TransUnion who are at the forefront of understanding combating these threats.

Joshua Turnbull, the VP of Card and Banking Strategy, and Craig LaChapelle, We'll share insights on why fraud losses are becoming more painful in today's high-cost environment. how fraudsters have adapted their strategies in a post-pandemic world, and more importantly, how financial institutions can build resilience against these evolving threats.

Whether you're concerned about the 37% increase in synthetic identities, the fact that 30% of online applications now come from bots, or the alarming spike in early default rates. This conversation will equip you with the knowledge and strategies needed to protect your institution and your customer. For financial institutions navigating a very complex threat landscape,

The message is clear. Integrated approaches, advanced data analytics, and adaptive strategies are essential to stay ahead of an increasingly sophisticated fraud attack landscape. So Josh and Craig, before we start, and I know you've been on the show before, could you introduce yourselves to our audience and share a little bit about your background? Josh?

sure thanks jim so josh turnbull i am with uh transunion obviously lead our consumer lending business i've been with tu for gosh 11 years but spent my whole career in financial services most of that thinking about strategies for managing consumer risk and fraud Thanks, Josh. I guess it's my turn. So Craig Glass-Chapelle, I lead.

U.S. Strategy for Financial Services. I've been at TransUnion over 15 years. Let's leave it at that. Long experience, though, in banking, technology, as well as management consulting.

So, Craig, you know, TransUnion really approaches fraud categorization differently than most other organizations. Can you walk us through a little bit about the main types of fraud that you're seeing? organizations to contend with today and how you frame these challenges, you know, between new account fraud, credit abuse, you know, account takeover, whatever it may be. Because I know this just coming at us from all angles right now.

Sure. Yeah, it's a great question. In many ways, it's a fundamental question. You know, we like to simplify the descriptions of fraud abuse for our sales teams, but also when we're having conversations, because we do a lot when we're serving customers. We have conversations, we offer insight. And I think whether it's us or others in the industry, we tend to get caught up.

in descriptions that, well, they could be a little arcane and maybe not that descriptive. We get caught up in trying to define who the fraudster is instead of what the fraudster does. So we like to really frame it as to how our customers both tend to organize, but how they think conceptually, how they have to.

defend against different types of attacks. And there's, you touched on some of them, but we like to think of it in four ways. I'll list those out and then I'll go in more detail on each. New account fraud, credit abuse. account takeover, and data harvesting. And actually, I'm going to go reverse order in describing a little more detail. Data harvesting a lot of times is the root and underpins the attacks in the other areas.

And that is essentially gathering consumer data or gathering access to consumers' accounts. doing things like inbound call center phishing, consumer impersonation, accessing data through breach. That's data harvesting and then essentially storage and warehousing of it. And that enables these other three, which is new account fraud.

which is, as it sounds, new accounts that are open either with stolen, manufactured, or synthetic IDs that are used to commit fraud, either gain access to credit. They shouldn't be there. or to commit transactional. The next category is credit abuse. And it's really the same thing as what we've often heard in the industry called this first party fraud. And that is real consumers. but knowingly gain access to credit or misuse the existing account.

for their own financial gain, essentially borrowing with no intention of paying back. The last major area, account takeover. And this is a big one. particularly recently with things like call spoofing, but that is gaining access to an existing account, pretending you're an account holder to get access either to those funds. or to the ability to borrow funds. And it's enabled by call spoofing, text spoofing, or social engineering.

So those are really the big categories that we like to think about and we advise our customers on. Well, it certainly helps manage the process. And as you said. When you take it in the category of where it occurs, I guess, better than anything else, it really makes it so you can get your arms around a little bit better, which is, you know, fraud is not fraud. As you mentioned, it comes in different categories.

So, Josh, since 2020, we've obviously seen significant changes in the economic environment with both rising funding costs as well as higher delinquency levels. How these factors amplify the impact of fraud losses for financial institutions? Yeah, no, thanks, Jim. So I think, I mean, you hit on it and when times are good, fraud can be kind of just seen as a cost of doing business. But with the last few.

quarters, years that we've been through where, you know, there are challenges in the credit environment. All of a sudden, fraud starts being something that you pay more attention to and trying to whittle on Craig. You've spent more time, I think, with the team recently looking at some of the incidence rates and things like that. Do you have a couple?

points on that that you could you could share sure i mean just in the last four or five years a 30 increase in synthetic identities and this is the next one is is Maybe the most shocking to me, although they're all kind of shocking. 30% of all online apps are from bots. So, you know, high volume attacks by malicious entity, so to speak. We've seen early default rates really spiking. Credit abuse, just alone, credit abuse, again, that is real consumers knowingly misusing that account.

estimated to account for 25% of all credit losses. And this has grown over 60% since 2019. I think those are some pretty good or scary high-level stats, Josh. Yeah, no, thanks.

Yeah. So, you know, both of you, rather than trying to categorize who's going to be the best for any of these questions, you know, we've obviously seen fraud risk actually decreased during the pandemic. but it's totally surged afterward. What do you believe has driven this pattern other than the obvious? And what were fraudsters basically doing during this quieter period? Yeah, I mean, I think, Jim, you hit on the trend. I think what the reason that they're back are a couple of things.

The quiet period for us was not the quiet period elsewhere. So you had money that was freely flowing and tending to. stabilize a lot of folks during the course of the pandemic. And that was unfortunately going to easy hunting grounds for a lot of fraudsters. And so that was an easier place to make your living at the moment. That's dried up. They're back at the doorstep of financial services companies. So that's one of the factors. I think the other factor is...

Just changes in technology that have made it easier, unfortunately, for fraudsters to do what they do. Craig, you mentioned that stat on bots. Yeah, that's not something that was around 10 years ago. We're certainly not as easily accessible for folks to have the combination of.

the vast amounts of stolen data and the technology to just ping, you know, application after application after application at financial services companies. Yeah. And I was going to jump in and like, I think you mentioned, you know, what's changed or, you know. starkly increasing, for lack of a better term, is, well, what we saw, at least for consumer fraud, during the pandemic, it was quite muted.

Those fraudsters shifted to where the big dollars were that were easily available with, unfortunately. lower thresholds or low-risk thresholds, lower fraud mitigants. And those were the government subsidy programs, whether it's PPP, unemployment compensation, and relief payments. Those had weaker control.

So the fraudsters were hitting that and gaining access to those funds. All the while, they were gaining access to data through breaches and other things, and they were warehousing that data, keeping it. alive and available for future attacks. And that's what we're seeing now. We're essentially...

reaping the whirlwind because of that. Well, it's interesting. Your data shows that there's been a 37% increase in synthetic identities. And 30% of online applications now come from bots. And you mentioned that earlier. What technologies or organizational shifts have enabled these dramatic increases. And more importantly,

What are you seeing financial institutions do today to prevent these from actually impacting their organizations directly? Josh, you want to handle that one? Yeah, it's, you know, I guess a couple of things, Jim. One. It's alarming to me how often TransUnion will see over the course of a weekend or on a weeknight. an abnormally large number of applications hit a customer's website, and we are the ones to notify a customer. You know, the customer hasn't seen that.

So just still some of the lack of monitoring tools that exist. Fraudsters are very aware of that and are finding those vulnerabilities constantly. I think the other thing that really challenges many operators in this space is that As anyone listening to this podcast knows who works in the fraud space, there is not a lack of really powerful fraud tools from a number of companies.

And so organizations over time have kind of layered on these defenses one after another. Unfortunately, what happens is they don't talk to each other. And so I'm left. you know, with six different signals, and some are giving red lights, some are giving green lights, and I have to sort through that.

That's kind of the environment in which many of the financial services companies today find themselves. And it's tough to have the right level of control if that's the environment that you have to operate in.

You know, it's interesting as we look at finance institutions today that the biggest challenge is changing your old ways and moving to the new ways. What is the biggest gap you're seeing within finance institutions as far as what I would call the performance gap or the alignment gap with what's going on?

Where are the biggest gaps of catching up to what's going on in the marketplace compared to what was done in the past? You know, I'll start with that one. And Craig, if you want to add on, I think that it's.

I don't know if it's necessarily a gap today versus what's done in the past, but one of the things that's really tricky if you were a fraud executive or any kind of P&L owner at an institution is to... you know think about where craig started out and the variety of types of fraud that we're seeing and the fact that craig i forget the number you shared but the

percentage of charge-offs that are happening due to fraud, people aren't always good at parsing those out. And it's really tough. You know, if you're not digging in and looking at every single instance of fraud and kind of a post-mortem analysis. Do I even know and can I quantify the problem that I'm dealing with? And so I think that's one is just.

understanding the magnitude of the problem. You have to do that in order to justify investment or change in the process. And so that's part of it. And then two is, it... culturally in an organization, making sure that that's something that people want to do and want to tackle and feel good about the outcome. Yeah, there's a couple of things I could add. I'm trying to think about which one to hit first. Maybe I'll just do the last one you mentioned.

culturally, are they willing to acknowledge? Sometimes we see... Our customers, like knowing there might be fraud, but since the account is performing okay. and they're not 100% sure, it takes them a while to act on it, right? So it's like, do they have confidence to act? Do they have confidence to take a potentially performing? account offline and reported. And it takes some doing. So some of that's data, some of it's cultural. And it's just having the confidence, I think, to act quickly.

The other thing culturally on this is, and Josh kind of touched on it, there isn't a silver bullet. We've talked about this. I can't remember if this is the last time we were here or elsewhere. There isn't a silver bullet in this area. You do need to layer. on different solutions and point solutions. You need that orchestration to really bring it together and integrate the signals. But ultimately, our belief is...

fraudsters get in because there's a gap or there's insufficient signal data. And you really think about what you need to know to stop fraud. You need to be able to verify who that person is. You need to be able to assess, but when I say that person, literally that identity, you know, from a... you know, a PPI standpoint, and then be able to link that to and assess their behavior. Are they risky? And then really the third tier, the third leg, I should say, is...

device. And device is a lot of things. How risky is that device? What's the typical behavior on the device? Is that behavior signaling? that somebody might be a fraudster given how they're behaving, how they're entering information. Are they cutting and pasting? Are they slowly? you know, redoing an email and checking out, are they taking too long? Is it not natural? So when you think about, you know. Who are you? What is your history and your behavior?

What's your recent behavior? What's your behavior on your device traditionally on that device itself? And what's your behavior while doing the transaction? Those are all different types of... insights that really need that companies and lenders need to be able to bring together to be confident in making these fraud decisions. And Jim, let me, if I could, just an example. of why the change can be hard. So this is a regional bank with whom we were working fairly recently.

They have a credit card program. They give a lot of credit cards to people that have deposit accounts with them. They also do a good amount of prospecting or open up cards. People are welcome to apply for cards who don't have a retail deposit account with them. They are taking a disproportionate share of fraud losses on cards that originate to people who've had a checking account for quite some time.

They also have relaxed rules for opening up a credit card for an existing deposit account holder. So they're stuck in this situation where they've talked to their peers on the deposit side, their peers on the deposit side say, we don't really have a fraud problem here. even in a, you know.

Most cases, the fraud loss is not so big. So we're not willing to make the investment. We're not willing to introduce all that friction to the application process for consumers coming in for a deposit account on the credit.

you wind up with these situations unfortunately in some of these not even huge but but decent sized institutions where Just a lack of kind of collaboration and people coming together kind of across organizational divides on this common goal makes it really tricky to adapt systems and to make progress on this front.

No, it's interesting because you really get into a dynamic where you're trying to give credit to what you consider to be your best customers on the other side of the balance sheet, but on the same time. And you want to make it as frictionless as possible, but you're opening up yourselves to a fraud situation. It's those dynamics, you know, between ease and safety that really creates a dynamic.

You know, this is like playing whack-a-mole. I mean, it's just wherever you're not looking is where it's going to pop up. Wherever it pops up, you solve it for a moment and something else happens.

You've also talked about indirectly the involvement of the consumer. What should financial institutions do? to improve the education of their consumers, to help them participate in the identification and prevention of fraud. That's a really good question. I'm going to jump in, Josh. Go for it. Yeah. So, you know, there's a lot of things that can be done. I mean, there's a lot of and a lot of institutions are doing this. It's, you know, things like.

Don't click on links. Go to our website. You know, we'll never ask you for... things of that nature. But one of the things that we see, some of the leading institutions, I want to say some, a lot of them are doing it now, are really getting into what I'll call advanced call technology, whether it's you know, branding their call with their name or logo to give confidence to the consumer that they can answer it and maybe even who that...

you know, what the call might be about. Things like that, particularly because we're dealing with a lot of... spoof calls as well. So if they can, the institutions, financial institutions can get access to solutions that prevent. They're fraudsters from making their call look like it's coming from a particular institution. That, I think, helps consumers help themselves.

Yeah, I mean, it's interesting because there's something new every day. You hear about it. You talk to a friend or something like that that's been impacted by a fraud situation.

And they're all new and inventive and innovative in their own way. Speaking of innovation, obviously, AI has been in the fraud and risk area forever. I mean, more than any other part of the financial institution. What are you seeing as far as the advancement of AI that's going to be helping prevent fraud? I know it's helping create fraud, but how do we do it to prevent it?

Yeah, well, let me, I guess let me start to... address the question you didn't ask, but your last point about how it's advancing fraud, Craig, to your point. on the call center, that's one where customers that we've been talking to are particularly concerned in. This isn't just about bots and things like that on hitting websites anymore, but the ability to generate voice, conversations, those types of things. It's very easy for me sitting now, relatively easy.

thousands of miles away with compromised data to not just use that to do online applications, but to now all of a sudden use some of the voice generators and things that are available to you know, hit up call centers and have involved conversations with agents trying to harvest data, do some of the things that Craig was talking about. Our customers are spending a lot of time thinking about some of those threats in addition to the applications of AI and fraud prevention technology.

Yeah, and look, AI is already being used in, you know, fraud prevention solutions have been using AI, been early adopters, and particularly when... Signals on behaviors in particular, identifying, oh, this one highly likely to be predictive of fraud or something's not right here. but also a lot of folks are, the vendors are taking a look at not only inbound calls, but other behaviors to try to suss out and identify what risky behaviors are. use that as a signal or an alert during an interaction.

And just a really very simple example of some of the promise where we're seeing just advances in different ways you look at data. So historically. Craig would apply for an account. He would provide a phone number. And a lot of the fraud prevention tools that are out there would do something like look at that phone number and say, is this associated with Craig historically? Yes or no.

okay, what's the velocity with which Craig has been applying for an account or this phone number has been applying for an account? But that's kind of the linear ability of some traditional kind of data models and fraud prevention models to look at those data. Now, things that we can do are look at that phone number that Craig provided in the application and look across kind of.

you know a broad set of data and understand okay well how many other people is that phone number tied to what other things do those people have in common what's the velocity on those things and so all of a sudden You know, it's the ability to tie all these pieces of data together and Craig, to your point, come back with a much more meaningful signal than just.

kind of this, you know, let me look at Craig and Craig's data in isolation, which is what some of the legacy models have done for a long time. Yeah. And just give you a real, very specific point, a type of behavior. is not risky at all until you couple it with the fact that that phone is new within the last couple of weeks. That tips it over. Oh, that's a problem. Well, speaking of that, how important...

is phone data. What other data sources have become more critical recently in the prevention of fraud? Because I know when I went to China at the very beginning of COVID, You know, WeBank, the biggest digital bank in the world, basically builds their entire financial institution on... phone data. Now, there's different things you can use, but they're giving credit justification based on how the phone's being used. It's a person in the same place, the phone, all these other things.

What other data has become more critical recently in the prevention of fraud? I guess instead of rank ordering the value of the data, I think we've seen so many applications or so many examples rather, Jim, where you can have... more, you know, better data. But it's really about how you deploy it and how you deploy it in the context of everything else. Going back, Craig, to your point. So phone data, incredibly powerful. Some of the signals that Craig mentioned, things about how I use it.

That in isolation, you know, not as powerful as maybe coupling that with other things. So at least for me, the way I think about it is, yes, powerful data, phone data is incredibly powerful. But it's how do you use that in context with everything else? And again, not just wind up with a series of 10 signals that I somehow have to make sense of, but bring that together in an intelligent rendering. Yeah, and look, there are a lot of signals out there, almost more than...

folks can handle without AI. So the application of AI is important. But some of the other things that we're seeing are... I can't speak to the details on this, but people are looking at social media behaviors, being able to link to social media activity. How active are they on particular sites? What's the size of their... I'll call it network or whatever the right word is, you know, depending on your friend set. So things of that nature.

are being used as well. I know definitely from an investigation standpoint, I can't speak to how that's being used sort of in model builds or real-time analysis. Yeah, I think it's interesting because The whole game is trying to stay ahead of how good the fraudsters are doing their job. And I know that's a key element of what your organization does in working with financial institutions.

What do you see as you look forward, just a very small, small space of time, because it's hard to look too far forward. What do you see as the most important elements that financial institutions really have to be looking at and taking care of as the landscape is evolving over the next six to 12 months?

So two things that come to mind for me. One, making sure your people are working together and have aligned incentives so that's that's one has nothing to do with fraud necessarily as yeah but just to some of the the nuances that we spoke to earlier in in medium-sized or in complex organizations uh aligning folks around a common goal is one and then you know

We don't have a crystal ball. We don't know what's happening, what the economy is going to look like six months from now, 12 months from now. But Craig, you touched on this with some of the credit abuse. We've already seen a big tick up there. That's something where, you know, as time gets tough, as times get tougher, if they do.

That kind of moral hazard creeps in and you start to get a blurring of the lines more so than you do probably in really easy times in terms of what's fraud versus what someone who just. wasn't able to fully handle their credit obligations. you know, sharpening your tools so that you are able to parse, hey, here comes an applicant who historically seemed good, but there are signals here that this is someone that.

uh you know may not have the best intentions um and and you know we may wind up in a credit abuse situation Yeah. Another thing I would say is, and this is not new, but it's something that every institution needs to focus on is like, all right. Overall, what's your tolerance for losses, credit or fraud? overall losses hit that threshold or you're looking for enhanced profitability, really makes sense to be able to identify which of those are frauds and what can be mitigated.

without putting too much friction in the system to hamper growth, right? It's a trite. sort of phrase, but I can absolutely guarantee you zero fraud. You know how I do that? I don't create any accounts. So you got to figure out where your threshold is or where you're tipping. You know, very interesting dynamic, Craig, because I talk about it quite a bit on the road where I mentioned that one of the biggest challenges in the marketplace today is the...

trying to eliminate fraud as opposed to manage fraud. And you just hit upon it because I think we sometimes get so worried, not that we shouldn't be worried. I don't want to make it look like I'm on the market and I think about the dynamics of risk. But if you get to a risk and tolerance phase,

then you really run up against a growth phase. And there's a balancing act there that says, at what point am I optimizing the revenue against risk at a point where... I have some risk tolerance because the benefits on the other side are so much greater. It's, again, looking at a WeBank in a degree, looking at a chime and saying whether or not it's going to work out or not. You know, they're evaluating risk in a different way than many traditional financial institutions.

What's the next phase of what can be done so that you can grow at the same time that you're assuming?

some elements of risk. I'm going to put this out to both of you as our final question. You know, if I was to put you into a traditional financial institution, that can be framed any way you want, but let's say an organization that's more or less typical. What would you do first from the standpoint of risk management? I'm not going to say risk avoidance, but just risk management. Josh?

Yeah, I think my first move, Jim, would really be to understand, again, organizationally, how do we address this? Who's incented with what? Are objectives aligned? Decent sized. credit card issuer, retail bank that has a large credit card portfolio that we were talking with recently that there's a person who owns the P&L. And she basically said,

Fraud is not a goal of mine. I'm not other than the P&L, but the fraud responsibility falls well outside of my remit. That said, I'm not interested in growing until we can tackle this fraud problem over here because I know that it. It hits my P&L, right? So I'm going to take some of my budget, help my colleague in fraud, make some investment, make some change. Like that's the kind of behavior that I think I would look for in alignment of incentives or at least cooperation within an organization.

versus other organizations that Craig, you and I see every day where they don't have that luxury and you have people with very different agendas.

It's maybe an unsatisfying answer in terms of systems or processes or tools, but really the first place I would look if that were my role all of a sudden would be to say, you know, how are we tackling this and are people... kind of all rowing in the same direction or not that's a great case study yeah i'll say this josh is more strategic than i am i think a little more tactically you know Easiest way to stop fraud, I think, is to prevent them from getting in. So I would...

At a minimum, in my marketing programs, I would filter out synthetics, spend money to prevent synthetics. I would say from an account takeover. That's a big one. And both from an origination and account management perspective, I would be checking device IDs in addition to the human element that I talked about, device ID and behaviors all day long. And then I would get into some of those call technologies as well.

help the consumers, help themselves, help them, you know, avoid giving up data that gives them the keys to their accounts at your institution. You know, it seems we take for granted some of the things that... Obviously, you both and in some cases myself. look and say, geez, I'm not going to click that on no matter what it looks like.

Or you look at email IDs and you go, this doesn't even have anything to do with who sent me something. And you go, this is just written all over it. If I don't take advantage of something. I'm better off not taking advantage of it than making a mistake taking advantage of it. And, you know, the dynamics continually evolve. There's a lot of – just a ton of money being –

put into the whole risk and fraud prevention area. It's a matter of saying, can I keep ahead of the technologies there for both sides of the game? you know, how can I get smarter with the technologies as opposed to, or maybe it's, you know, that saying about the bear in the woods, you know, I don't have to. I run the bear. I just have to outrun the person that's running also with me.

I wonder what bear in the woods story you were going with. Yeah. Good point. Yes. But it's one of these dynamics that it's an ongoing challenge. It impacts, as Josh mentioned, all points of the financial institution, the people that are... product managers that are being asked to generate more accounts than they possibly can based on the risk tolerance of the financial institution. And those parts of the organization are in charge of risk management. They're saying,

I'm strangling the growth of this organization because of our parameters and risk. And so, as you said, was having the organization figure out what their North Star is, what they're trying to achieve, how you can make these ends work together. And I think the key element you brought up, both of you brought up today is... Looking at new data sources. that provide insights because you now have, you're able to tap into things that you weren't able to tap into before.

The beauty of digital is also the bane of digital in that. You have access to better data. That helps and hurts. It doesn't matter which side of the equation you're on. There's elements to that. So, you know, I always enjoy getting together with both of you. You're used to this. You're used to working with each other. Dialogue is great. I'll stop putting names to my questions because I'm going to always guess wrong because you guys overlap so much.

interesting, unique perspectives on the way you look at the business. You know, it's been a great conversation. And obviously you shared a lot of insights that are important for my audience.

I know you both are also hosts of the TransUnion Extra Credit Podcast. Can you tell me a little bit more in our audience, a little bit more about what that is and where people can listen? Sure. Josh, your way to run with that one? Go for it. So, Jim, initially we, gosh, I don't remember, three, four years ago, Josh and I realized that we were spending time with our sales teams advising and consulting with our customers, but there's only a few of us, right?

So we were a bit of a bottleneck. We thought, hey, we get more scale and sort of advance conversations more if we use a different form. So that's where we came up with the podcast. you know, initially targeted to card and banking perspectives, and it is, but we've since broadened it to address issues that extend beyond that to other sorts of lenders, consumer lending, auto, you get the point.

So, you know, we continue to do that. We continue to get great engagement. If folks are interested, you just need to search for extra credit TransUnion, wherever you get your podcasts. and it'll pop up. We are particularly excited in the next month or so. You know, we're going to do a couple of...

recordings at our financial services summit. And we're going to have a leading macroeconomic economist on our podcast, which we're excited about, particularly in this environment. You know, how do we navigate the chaos? Thank you both again for being on the show. I really appreciate your insights.

You know, the good news is even when we're talking about fraud, there's light at the end of the tunnel for those that go toward that light. It's just a matter of... staying intelligent about it but also it's not a my son says this often about so many different things because it's not an on and off switch it's a dimmer and and we've got to find that perfect element of light to

to go towards and make sure that we don't shut off the light because then growth shuts off and we don't open up the doors and take in everybody. I'm going to steal that analogy. Yeah, it's kind of interesting. So thank you again, both of you. Thank you, Jim. Thanks for listening to Banking Transformed, the winner of three international awards for podcast excellence. If you enjoyed today's interview, please take some time to give our show a five-star rating.

Also, be sure to catch my recent articles on the financial brand and check out our recent research we're doing for the Digital Bank Report. This has been a production of Evergreen Podcast. Special thank you to our producer, Collins Blakely, audio engineer, Chris Sothalius, and video producer, Will Pritz. Until next time, remember, now more than ever, finance institutions must understand the risk and opportunities. marketplace and take immediate action to meet market needs.