Bank M&A: Fraud Concerns with Legacy Systems
- Michael Hsu backs FDIC's proposal for increased scrutiny of bank mergers surpassing $100 billion
- Legacy systems in banking pose vulnerabilities that can be exploited by hackers during mergers
- Larger financial institutions are more reluctant to adopt open banking
Mergers & acquisitions are commonplace in the banking. Whether it's two financial institutions looking to strengthen their positions and boost assets, or expand their footprint across the US or even globally. These financial institutions will go through rigorous due diligence to ensure that both parties are healthy -- however, there are times when one side is struggling and looking for a way to ensure that their business will survive.
In a recent post at PYMNTS, acting Comptroller of the Currency at the OCC Michael Hsu supports the FDIC's proposal for increased scrutiny on bank mergers exceeding $100 billion in combined assets.
His statement was as follows:
“Healthy bank mergers — i.e., those that benefit communities, support bank resilience and financial stability, and enhance competition – should be approved. Merger applications that would diminish competition, hurt communities, or present systemic risks should be withdrawn or rejected.”
Coming off 2023 where we saw three major bank collapses, it's understandable that Mr. Hsu is taking this stance. However, there are underlying challenges that occur when two financial institutions choose to merge or when one financial institution chooses to acquire another.
The Danger of Outdated Tech
While he emphasizes the approval of beneficial mergers and rejection of those harming competition or communities, Mr. Hsu overlooks the vulnerability of outdated banking legacy systems that can lead to fraud during mergers. FIs' concerns about fraud are indeed hindering their adoption of faster payment solutions enabled by open banking, with larger institutions perceiving higher risks compared to smaller ones.
“Banking legacy systems are plagued with vulnerabilities that hackers can easily exploit,” said Ron Huber, CEO of Achieve Internet, an API solution provider, in an article. “Banking legacy systems are … an easily exploitable weakness in the financial sector. Banks need to upgrade their legacy systems with modern security controls to stay competitive, protect customer data, and ensure overall bank security.”
When a merger or acquisition happens, it's expected that both parties are utilizing different technologies. For banks, this can range from their core systems to their fraud detection systems. The major concern, according to PYMNTS.com, is "when bank mergers integrate legacy systems, it can open the door to bank fraud."
Quelling Fraud Concerns of Open Banking and Faster Payments
Open banking and faster payments are not new to the industry. However, PYMNTS.com notes that, though there is strong demand by consumers, banks are hesitant to adopt this technology because of the risks and fraud potential.
Despite this demand for faster payments, “How Fraud Fears Impact FIs’ Adoption of Faster Payment Solutions,” a collaboration with Hawk AI, found 46% of FIs believe the risk of fraud outweighs any benefits open banking can offer. The percentage of naysayers increases to 57% among FIs that have experienced increased fraud. Only 35% overall believe the benefits outweigh the risks.
The research goes on to note that smaller FI's are more open to adopting these technologies than their larger counterparts.
Only 20% of those FIs managing between $5 billion and $25 billion believe the benefits of open banking outweigh the risks; while 18% of FIs managing between $25 billion and $100 billion share that viewpoint. When the largest FIs — those managing more than $100 billion in assets — were asked, nearly 57% said the risks of providing open banking outweigh any benefits.
Updating Legacy Fraud Systems
There are many opinions when it comes the direction banks need to move, but one thing is certain: banks need to update their legacy fraud systems. By adopting these systems, banks are able to take on the challenges of combatting fraud -- including check fraud. This encompasses deploying behavioral analytics, image forensic AI, consortium data, and dark web monitoring.
When it comes to M&A, the newer systems utilize APIs to integrate with bank systems, making them ideal when it comes to flexibility for deployment. The new banking entity can continue to leverage these fraud systems by working with the vendor(s) to deploy the technology into the new workflow.
For banks looking to protect themselves from fraud, it's critical that their fraud detections are upgraded to the latest technologies to thwart fraudsters.