Financial Institution Crises Could Mean Massive Loss When It Comes ToMember Retention
For any organization, experiencing a crisis is inevitable. It will happen. But for a financial institution, the consequences may be extreme – even detrimental.
According to a recent consumer survey, an overwhelming majority of Americans (84%) say that they would leave a financial institution if it experienced certain crises, with the number one deterrent being FDIC/government violations.
Data breaches or cybersecurity fraud are also a top crisis, ranking as the second biggest organizational emergency that could cause credit unions to lose members. In fact, more than 2 in 5 Americans say they would leave a bank if it experienced this.
Other crises that would impact member retention, but perhaps less so, include:
- FI was part of a discrimination lawsuit – 27%
- FI employee was involved in an organizational misdeed – 22%
- Bank did layoffs/closed branches – 21%
- FI received negative reviews/comments on social media – 17%
- Local branch experienced a robbery – 11%
- Other – 5%
The survey was conducted online in October 2020 by The Harris Poll on behalf of York Public Relations, garnering responses from 2,053 U.S. adults age 18 and older.
Over Half Of U.S. Consumers Would Leave Credit Union After A Compliance Violation Cited By Government
As the number one deterrent, over half of U.S. consumers (56%) would end a relationship with a credit unionif itwas cited by a government regulatory agency for non-compliance.
Older generations seem to be turned off more by FI’s committing government violations more so than younger generations, who are more likely to be concerned with social violations. Baby Boomers (ages 56-74) are more likely than Gen Z (ages 18-23), Millennials (ages 24-39) and Gen X (ages 40-55) to say they would leave a financial institution if it hadgovernment violations (66% vs. 44%, 46% and 58%, respectively).
Conversely, younger generations are more likely than Boomers to say they’d leave a financial institution if an employee was involved in an organizational misdeed (26% each of Gen Z & Millennials, 23% of Gen X vs. 16% of Boomers) or if the FI received negative reviews/comments on social media (25% of Gen Z, 23% of Millennials, 17% of Gen X vs. 9% of Boomers).
Additionally, Gen Z and Millennials are more likely than Boomers to say they would drop their credit union if it was part of a discrimination lawsuit (39% & 30% vs. 21%).
Government Violations & Fines Continue to Surge
How likely is it for FIs to be cited for violations? Well, it’s increasing.
Since 2008, regulators have imposed more than $253 billion in fines, creating severe strain for many institutions. In the 15-month period through 2019, regulators fined financial institutions a record $10 billion from anti-money laundering violations alone, according to a report from Fenergo, a European startup that makes software to help financial institutions detect illegal transactions. Compare this to the total of $26 billion from 2008 to 2018 – an entire decade. Fenergo expects these numbers to be higher for 2020.
In extreme cases, regulators will shut down financial institutions completely. During the Great Recession, this was the fate of more than 500 banks and 100 credit unions. Since 2010, 213 banks have closed, however, most were through acquisitions. For credit unions, 113 have closed or merged over the last ten years.
In addition to 56% of U.S. consumers citing they would end a banking relationship following non-compliance citations from regulators, credit unions also risk losing members following a merger, regardless of it being a “business as usual” acquisition or sold with government assistance.
According to a Gallup poll, FIaccountholders leave at a much higher rate following an acquisition at 8% compared to other non-banking organizations at 5%. However, that rate is higher (10%) if the acquiring institution has lower member engagement – twice the industry average. If the acquiring FI has higher engagement, the rate falls closer to the overall industry average at 6%.
Regardless, a 6% drop in members following a merger means fewer deposits. Add to this a potential 56% loss due to regulatory citations that may have prompted the merger, institutions can find themselves facing a serious crisis.
Nearly Half of Americans Would End Relationship with Credit Union Following a Data Breach or Cyberattack
According to the study, nearly half (42%) of U.S. consumers would end a relationship with their financial institution after experiencing a data breach or cybersecurity attack, making it the second most dangerous crisis for a financial institution in terms of member retention.
The concern was shared nearly evenly among most age groups, however, Millennials did show a slightly greater concern at 48% compared to other generations, with Gen Z showing the least concern at 38%, followed by Gen X and Baby Boomers tying at 40%.
Additionally, those with greater household incomes (between $75k-$99.9k) were more likely to end a relationship with a credit union following a data breach or cybersecurity attack at nearly 50% compared to those with lower household incomes (less than $50k) at 40%.
Data Breaches & Cyberattacks Hit Record Highs
But again, how likely is it for an FI to experience a data breach or cyberattack?
The likeliness of a data breach is increasing across all industries – even for financial institutions. In fact, a 2020 study from Reposify found that 23% of leading financial institutions had an exposed database with potential data leakage. Reposify measured the prevalence of exposed sensitive assets including exposed databases, remote login services, development tools and additional assets for 25 multinational FIs and their 350+ subsidiaries.
Additionally,research from Risk Based Security found that last year alone saw the highest number of databreaches ever. Increasing by 33% from the previous year, more than 15 billion consumer records were exposed. While the number of breaches themselves increased only slightly over 2018, the number of exposed records jumped 284% over the exposed records reported in 2018.
Unfortunately, 2020 has been worse. In just the first quarter of the year, there were over 445 million cyberattacks, according to Arkose Labs’ Q2 2020 Fraud and Abuse report. Additionally, large-scale data breaches increased 273% in just the first quarter of 2020 compared to the first quarter of last year, according to a study from cloud computing company Iomart.
Moreover, the COVID-19 pandemic has led to additional breaches and cyberattacks. As more organizations adopted work from home policies, Zoom became the most used application for video conferencing while also gaining attention from fraudsters. In the first week of April, news broke that 500,000 Zoom passwords had been stolen and were now for sale in dark web crime forums. Additionally, victims’ personal meeting URLs and HostKeys were also available. Even more shocking, many of the leaked accounts’ details belonged to financial institutions, along with colleges and various organizations.
COVID and the subsequent lockdowns also led to a surge in digital adoption, which also led to greater security risks like cyberattacks. Even FinCEN issued an advisory in July 2020, warning financial institutions of COVID-19 related cyberattacks.
Crisis Planning More Critical Today for CUs Than Ever Before
Whether it’s receiving regulatory memos, citations and fines for compliance violations, or experiencing a data breach or cyberattack (however mild or severe), a crisis can be extraordinarily damaging for financial institutions, as we’ve seen in years past. Not only can they create financial challenges, but the reputational damage can often be far worse, with 84% of Americans saying they would part ways with their financial institution after a crisis.
It is crucial that credit unions prepare for worst case scenarios. What should they communicate to members – and how? How will they handle calls from local news stations asking questions or from employees? What is their plan moving forward to correct any infractions?
These are not rhetorical questions. They must be answered and a plan needs to exist. Otherwise, credit unions risk losing both their reputation and their members.
Mary York is CEO of Atlanta-based York Public Relations and is a recognized fintech expert. With more than 15 years of experience and a 100% success rate, she has mitigated numerous fintech and financial institution crises, ranging from high-profile investigations and lawsuits, as well as regulatory disputes. For more information, contact firstname.lastname@example.org or 1-800-683-7685.