The Banking Buzz: Dodd-Frank Section 1071: What You Need to Know and How to Stay Ahead with Innovative Software Solutions

Welcome, welcome everybody, to our Dodd Frank webinar. We appreciate everyone taking the time out of their busy days to, attend the webinar. Again, we do really, really appreciate it. I am Justin Cook. As you can see there, the sales manager at AccuAccount. Online with me, during the second half of this webinar will be Jen Mitchell, the VP of sales and director of product management here at AccuAccount. Today, we're gonna cover a couple things. First thing we're gonna do here is you know, some of you might be familiar, some of you might not be familiar with Alligent, but, just a high level overview of Alligent, who we are and and and what we do. Then we'll go over the Dodd Frank regulation, looking at the compliance deadlines, and the last half will be, you know, how do we use safe, software to actually safeguard sensitive data, you know, give you some information to review, making sure your software can do it, or if you're looking to shop for software, on the document management side or data management, you know, the things to look for. During this, if you guys have any questions, you know, there'll be a q and a session there at the end. Please, put some of your questions there in the chat. If we don't get to your specific question, we will make sure we reach out to you after this webinar, and make sure we answer that question and touch base with you. But, again, thanks for your time, and let's get the ball rolling. So Allergan and, who is Alligent, and and, you know, what do we do? Our focus here is at Alligent is to really offer end to end software solutions for FIs. You know, as you can see from the slide here, our experience is vast, in in our company, from individuals that have worked with banks, credit unions, software, software, financial software, really over six six decades of combined experience. Our focus really is, you know, we like to listen to the needs of our customers, our prospects, to add additional value to our offerings. So if you're an Allegiant customer or you're thinking about being one or a company that really likes to listen, you guys are out there in the world and and and know how to offer what's best for your members and account holders, and we listen. We continue to grow our products as changes are needed, in the industry, and we're always looking from a security point of view, compliance requirements, new technology, always trying to stay ahead of the curve and and anticipate what's coming next. So when we talk about automating the entire transact transaction ecosystem, you can really see three points here, the payment deposit solutions, digital banking solutions, that's mobile and online, and then process automate automation solutions. We offer payment and deposit solutions to manage to manage check processing. We do this with APIs to third party products. That gives us the ability to do real time check fraud on checks that we that are presented either at the teller line, mobile deposit, or ATMs and ITMs. Process automation solutions we offer. Our solutions are there to manage documents and process workflows. ECMs allow for FIs to become completely paperless throughout all your departments. That's a challenge that that typically a lot of us face, and Allergan is here with solutions to help with that. And then the digital banking is the place where, you know, we're actually able to really speak and reach, and engage with your members or account holders. That's where they interface with you, most days. So, again, that whole transaction ecosystem, anywhere your member or account holders are, Alligent has a product that works with them. You know, innovation is a huge part of what we do. We currently service all types of FIs, as you can see here, from banks to credit unions, from all asset sizes. Alligent currently offers over a hundred and twenty five integrations between all of our products. So, again, that deep well of knowledge of who the players are in the market and and and being able to build software that works, hand in hand with those other players. Several partnerships, which is obviously very important, twenty five plus of those. We have around two hundred and twenty five employees. We have dedicated development and support teams for each of our product lines, allowing for expertise in each of those solutions. Most of our current customers, you can see here, are around that five hundred million asset size. But you can see here we also have several other FIs that range from five hundred million to two billion, with those percentages increasing. And then you can even see we have some in the ten billion plus range as well. So, again, a knowledge from all asset sizes and all institution types. So we're gonna get into here today. We're actually gonna start jumping into Dodd Frank and and really at the beginning here, I'm let's talk about what Dodd Frank is, make sure we understand that, and then look at, you know, the tier levels and some examples of how you make sure you can, know what your tier is gonna be so you are you do remain compliant. So the amended regulation, section ten seventy one, it was amended the equal opportunity act, to require financial institutions to compile data regarding certain business credit applications and report that data to the Consumer Financial Protection Bureau. Now section ten seventy one specifies several data points that require financial institutions to report on. The purpose of section ten seventy one is to enforce fair lending laws and to identify business and community development needs and opportunities for women owned, minority owned, and small businesses. Section sorry about that. Section ten seventy one also contains several requirements regarding the information that is compiled. So this is this is really the heart of ten seventy one, including the requirement financial institutions to restrict certain access to certain information, requirement of maintaining certain information, and requirements for reporting and the publication of that data. So, obviously, that's a lot of changes, a lot of data management, and Jen will walk you through making sure, hey. You know, having software that's gonna walk you through this process and help you through help you actually manage this, instead of, you know, it becoming a regulation that can challenge. As long as you have the right software, it should be able to be, well managed and and maintained. So what are the changes for two thousand twenty four and twenty five? Requiring to limit certain access to certain data. As we see here, you know, the final rule implements the following. Employees and officers are prohibited from accessing an applicant's responses to the following data points. When that employee or officer is involved in the decision making for the application. So we see here minority owned status, women owned status, LGBTQIA plus owned status. Regarding its principal owners, their ethnicity, their race, and their sex. Now this does not apply to an employee or officer if the FI determines that the employee or officer should have access to one or more of the responses if they provide that notice to the other applicants. Now, this rule also prohibits the FI to disclose this demographic information to other parties. So, you know, that's the guideline itself. You know, we also have some compliance deadlines coming up here as you can see on the chart. You know, each FI can determine their tier, or can can determine their own tier, of covered transactions for small businesses. But you see here some of the deadlines that are approaching tier ones, tier twos, and tier three. We actually gathered this information from the Consumer Financial Protection Bureau website. If you need to re review this process for filing, you know, please visit the CFPB's website, and they share all that information that you guys would need for filing. So how do we determine our financial institution's tier? One example of how to determine your tier is with our example that we're sort of showing you here. Right? The example of credit transactions over the years, the financial institution originated a hundred and twenty covered credit transactions for small businesses in each of the calendar year, two thousand twenty two, twenty three, and twenty four, but only ninety in two thousand and twenty five. Now because this financial institution did not originate at least two thousand five hundred or five hundred covered credit transactions for small businesses in each of two thousand twenty two, twenty three, and twenty four. It's not in tier one or tier two. But because the institution originated at least a hundred covered credit transactions for small businesses in each of twenty two, twenty three, and twenty four, It is in the tier three and has the compliance date of October eighteenth two thousand twenty six. Now, however, because the financial institution did not originate at least a hundred covered credit transactions for small businesses in two thousand twenty five, it no longer satisfies the definition of a covered financial institution at that compliance date of tier three, which means this institution is not required to comply with that rule in two thousand and twenty six. So, obviously, as all regulations tend to be, it can be a little confusing. You know, the the focus here is that, hey. We have to be compliant. We have to be up to a certain date, but what can we do to make this easier on our staff, on our teams, to make sure that we are remaining compliant? I'm gonna pass this over to Jen now, and Jen's gonna really show you, hey. It'll be Justin said a lot of words and a and a lot of things about compliance, but how do we make this easy, in using software? But, Jen, pass it to you, and, again, appreciate everyone's time. Thanks, Justin. Good afternoon, everybody. Alright. So I'm gonna walk you through, some of the processes on how to manage this data data. So starting off, we're gonna look at the paper process. And when we talk about the paper process, you really gotta think about what is this gonna look like. You know, if you wanna keep your loan files in paper format, this is absolutely an option, but you have to be able to do something with the specific demographic data. So first, your institution really needs to think about how you're going to build that process and what that process and procedure will look like when it's done. So I actually talked to some of our current customers and and just asked, you know, if this was in a paper format, what would that look like for you? What would you do with that? So what they told me is is they would take that specific information, that document, and they would pull that out of that paper file today. When they removed that information out of that file, they would then place it probably into a separate folder. And once they put it into that folder, they would then file that in a separate cabinet or vault that has, specific access to it. With that access, there's probably some type of logging that has to be done like a check-in, check out process. And then I did ask about what happens, you know, when auditors would come in and they said, well, you know, when when they came in, you'd want to have that information separate, secure, and you'd probably have to share those logs with those examiners, so that they know that you are compliant with this and you are doing what you what you need to do. So next, we're really talking about the electronic process. And so this is what I see a lot of, banks doing today if they don't have an ECM in place. They have some type of place where they are managing these documents. Could be a a shared drive, could be a SharePoint file, somewhere along those lines. And so what would you do with that type of access? And, again, we're just kinda giving you some ideas on what you what you might be able to manage, or how you might be able to manage this this compliance, requirement with your your demographic information. So thinking through the electronic process and procedure, few things that you might be able to do. This might be one set or one step that you can take. You can image and route through a specific person or department that is not part of that decision making process for loans. You can actually route those documents that have the demographic information through them, and they would manage them at that point on some type of shared drive. Or you could, store those images in a separate drive with very limited access on that drive. The option of doing the images, to the customer still, you know, you build out your customer file or you've got your customer documents, your loan documents, and maybe within that file, you, utilize permissions on those specific documents. So only certain users will have documents to all or will have access to all of the documents, and others will have limited access to those and they would have permission. Kind of a a little bit of a nightmare for from a standpoint of managing security on a document, but the but the possibility is there. And then the other option would be to put those documents into the customer file and password protect them. If you did something like that, just a few things you might wanna think about. If you do have it password protected and if today, you might manage password protected documents. But if you do have it in that in that and build it into that process, how are you going to give that password to certain individuals to allow them access to it? Also, how are you going to log this information on, you know, restrictions, and how are you gonna prove, that you've put this this, implemented this process in place. So next, we're gonna look at ECM. So this is managing the data with software. Again, this could be ours. This could be if you're in the market looking for an ECM today, just some things you might wanna think about. If you're current if you currently have an ECM or you're looking to implement one, here are a few things that you should look for that the ECM to be to be in compliance for the Dodd Frank Act. So first of all, you should probably look for the ability to hide documents from certain users. That's what you see here on this screen. You define in this particular application, you can define that document has demographic data. You check it, and then there is some way when they go to a customer screen that they know it's hidden from them to view. However and if they hover over it in this in this example here, it shows them demographic data access denied. So some way for them to know that they do not have access to this document, but it is you're able to review it and know who can and cannot see it. You could set permissions and role based, role based permissions on those specific documents by, you know, allowing these people can see it, these people cannot see it. And that is all you're you're able to pull reports and, audit information for all of those role based and permission issues or permission setup. Next is the reduction. Now this is great because this actually probably is the best thing that you could do with it. You give access to the document, but not all the data on the document. So when you're looking for for an ECM, you probably wanna look for something that is going to remove this data as or or could remove the data as well. And that's what this is doing here. This redaction is actually hidden that information that is not viewable to to a certain user. Again, all role based, so you can define what users can see certain information and redact that information without the image. Next, we're gonna look at the audit logging of documents. So I talked a little bit about when you have an ECM, you want the ability to be able to export this information to share with with your auditors. And so in this in this particular view here, we're actually, we offer a report that shows who has viewed documents. So this would be a great way to to share this with, an examiner saying, here's the ones who can review it, and, it would have an access denied login here letting you know that somebody tried to review it if if they and they didn't have access to it. Audit logging, also can can, show changes that are done on specific documents. So if you make changes to those documents that have that demographic information, obviously, some some audit logging will also be required, to be, reported on. And so you can absolutely do those out of an ECM. Alright. And then the last piece is really just ECM product, benefits. Again, ours, any ECM you're looking to to, to implement this process with, it really puts everything into one place. All of your images are in one place. You're not you're not scrambling around looking for for certain documents. They don't have to go in a separate folder or a paper folder in the vault. It's one place for everything that you're doing. The nice thing about that too is is you can actually set those rules for those documents and manage it within the software. So you set them on time, and you're not having to continually go back and review those because they're set and done. The document audit logging and view report, huge. Obviously, you wanna be able to see who's making changes to these, why they're making changes to them, and also the viewing of those, who's viewing this information and how often are they doing it. The biggest thing I think about an ECM is the streamlining the process. There are no logs to manage. You set it up one time in the software. It does the work going forward. No one has to maintain that information in paper format or on that shared drive. It's just that streamlined process, and it's there. It's viewable by all, and you can, get all the reporting that you need to out of these systems. Alright. Just so you know, this is this concludes our our presentation, but, we do have, a document that we've put out there. Some of you may have already downloaded it. We are going to make it available right now in the chat. They're gonna drop it into the chat for you so you can download it from here. We're also going to share it when we share this presentation with you. We're gonna share that, that PDF, that industry, white paper for you, and then you can review it if you need to. Alright. We're gonna go ahead and we're gonna move to, q and a now. Yeah. And I've got some questions here. And, again, if you have some questions in the chat, we're not gonna obviously be able to get to all of them. So if we don't get to your question, don't worry. We'll reach out to you and make sure we answer that question. The first one I got here, Jim, is can we set up roles within the software that can be assigned to specific documents? You can. So you can determine which documents can be seen by which roles in in the software. It absolutely does work like that. Awesome. Second question, is there a report for auditors that will show them which users have and do not have access to the demographic information? That's a good question. We actually do have an, report that we share for that's actually specific for auditors, that shows you each person that has access to the system, their role, and if they have access to the demographic information. So, yes, we do. And one last question before closing here. With the redaction, can the user still print the document to review the information? That's a really, really good question. No. If they do not have have access to specific information on a document because it's it's on the redaction, they will not be able to print that document. The print will be locked. So that is a great question. Great. I appreciate that, Jen. Again, if there's some other questions in that chat, we are gonna get to those, and make sure we reach out to you guys directly. Again, don't forget in the chat to download, the document. We do appreciate everyone's time. We hope you guys found this informative and helpful, and a little break there in the middle of our busy days. But, again, we appreciate you so much for spending some time with us. And if you like to speak to us at any time or Allergan, just reach out. We're here to help. But you guys have a great day, and hope to talk to you soon. Thank you. Thank you.