The COVID-19 pandemic has caused widespread disruption to business operations across all industries. In the face of unprecedented uncertainty, financial institutions have a pivotal role in the urgent response to the crisis. There are also specific measures to take that can mitigate the impact of the crisis on financial institutions themselves.
Here are answers to some of the most frequently asked questions for financial institutions and specialty finance organizations, along with relevant resources to help businesses in their response to the pandemic and in planning for the future.
How does this impact CECL adoption?
The effects of COVID-19 could complicate how banks and other financial institutions comply with the current expected credit loss (CECL) accounting standard, given the impact on forecasting credit losses and underlying economic fundamentals, as well as partial relief offered under the CARES Act. For example, unemployment, which has risen significantly, is a driver of credit risk. Management should consider impacting factors just like any other significant estimate, which must be based on reasonable and supportable estimates and not on speculative information.
As a result of the financial reporting uncertainty, the CARES Act allows banks and other financial institutions to suspend applying CECL rules until December 31, 2020, or whenever the deferral is lifted, whichever comes first. The SEC also issued a public statement that applying the provisions of the CARES Act is in accordance with GAAP.
What is the impact to our supply chain?
As an “essential business,” banks and other financial institutions are mandated to stay open, even with a limited worker presence. However, the COVID-19 outbreak has disrupted supply chains due to the forced closure of nonessential businesses and related workforce shortages. For banks and other financial institutions, this has caused a sharp increase in delays for supplies from vendors (including sanitizer, disinfectant and gloves that may be required to continue retail branch operations safely), and it has impacted the array of service providers that support banking operations. Some of these necessary vendors and service providers may also be in danger of financial default themselves due to business interruption and revenue losses.
Banks and other financial institutions should also bear in mind that when business survival is on the line, organizations tend to be less transparent and more focused on finding workarounds, which can result in an uptick of fraudulent activity that impacts the entire supply chain system. In the longer term, it’s prudent to consider diversifying the supply chain where possible, which can help expand options during future periods of scarcity. While product cost is typically a determining factor in choosing a vendor or service provider, availability and stability take on greater importance when the usual supply chain has been disrupted. By optimizing current inventory and developing a more dynamic sourcing footprint, financial institutions can mitigate some key aspects of disruption to supply chains.
Should we be thinking about re-tooling our business strategy to capture new business opportunities?
Financial institutions have seen significant disruption as employees work from home, and even “late-adopter” customers have turned to mobile apps and online channels to conduct routine financial transactions. The COVID-19 pandemic has forced banks and other financial institutions to innovate in a very short period of time, and as a result, the ‘new normal’ may look very different to pre-crisis operations. The development or acquisition of proprietary fintech applications to support customer conversion and servicing will likely accelerate at an even faster rate.
The industry also stands to benefit financially as an administrator of loans under the Paycheck Protection Program (PPP), a forgivable loan program included in the CARES Act, which significantly expands the types of organizations that are eligible for Small Business Administration (SBA) loans. To manage a backlog of applications, banks and other financial institutions are competing with other fintech entities to process these and additional small business loans.
It’s clear that banks and other financial institutions have a lot to consider when it comes to new business opportunities in the long term. They will need to think creatively about value-add to appeal to customers, especially as the fintech industry continues to gain market share at their expense in managing consumers’ financial transactions.
How can I prevent data loss while employees are working from home?
Many banks and other financial institutions have rapidly shifted their employees from an office-based work environment to a remote one. As a result, organizations have been forced to urgently review their security practices. When IT professionals set up a business’ network, they implement numerous controls that are designed to prevent data leakage and loss. However, many popular platforms that enable remote work do not align easily with these controls. For example, while corporate controls might enforce a policy that prohibits the remote sharing of desktop files and USB connections, remote working tools may allow such actions. Moreover, employees who use their own devices for work instead of company-issued devices could unwittingly introduce malware to the network. This endangers the security of all network data, with particular concern regarding proprietary and sensitive information, especially related to revenues, costs, cash flow and new business opportunities.
Increasing the number of entry points to a network raises serious issues for data protection and increases the possibility of data loss. Security teams have also observed an increase in phishing attempts that could expose a network to ransomware. For this reason, employees should receive additional training for cybersecurity while working remotely. Not only could a company lose important data and be unable to retrieve it, but that data could also be shared improperly outside the organization or breached by a malicious third party, thereby exposing the business to potential violations of data privacy laws.
To mitigate data security and privacy risks, financial institutions and specialty finance organizations should use cloud computing for all files and require employees to connect using a cloud VPN. This provides secure access to the organization’s network and shared files, and it encrypts all data. Two-factor authentication further strengthens these controls. Companies should also consider implementing specific data loss prevention (DLP) solutions, which give the network administrator control over the data that employees handle, and they should enforce policies around what data can be transferred and who can receive transfers. Advanced detection tools may also be deployed to prevent improper remote access. These technologies use machine learning to identify and respond to suspicious activities. Overall, network access for remote workers should be protected by numerous robust controls and barriers and actively monitored for any issues in real time.
How do I keep my workplace safe?
Banks and other financial institutions are deemed “essential businesses,” meaning that branches are allowed to remain open during the COVID-19 pandemic. To minimize the risk of the virus’ transmission, they have been encouraging customers to use drive-through facilities to conduct routine business transactions, and to make appointments to avoid crowds gathering in common branch areas such as lobbies.
Banks and other financial institutions should also refer to federal, state and local government requirements to inform social distancing and remote working protocols at branches. For example, San Francisco mandates that workers must work from home if they can do so, and only be ‘on-site’ if they are unable to perform their job functions from home.
Furthermore, social distancing best practices include maintaining at least six feet between people, regularly disinfecting high-touch areas and having a stock of hand sanitizer available to promote personal hygiene. Various shelter-in-place orders throughout some states also help to reduce foot traffic as citizens are required to stay indoors unless they have a justifiable reason or extenuating circumstances. For reference, a list of banks’ COVID-19 response plans can be found on the American Bankers Association website.
What does IT need to do to prepare for remote working? What remote working issues should I anticipate?
Even as an “essential business” at the branch level, banks and other financial institutions have been forced to rapidly shift operations so that all non-essential employees work remotely, from HQ office workers to branch employees that can perform job functions independent of the facility. As a result, their IT departments are crucial to maintaining business continuity in the wake of these unexpected disruptions. IT should ensure that employees have the training to use collaboration, communication and conferencing technology—whether this is Microsoft Teams, Slack, Skype, Cisco Webex or another option.
For security, staff also need training on how to identify suspicious activity, such as phishing emails, and promptly report such activity to the IT department. This is especially critical for banks and other financial institutions that conduct transactions of a highly sensitive nature on a regular basis.
Cloud computing is another vital tool that facilitates remote working by providing secure access to the organization’s network and shared files. Decision support systems in the cloud can also help employees be more productive. Using a cloud VPN can ensure that data is encrypted when employees access the cloud, and two-factor authentication strengthens that security. Employees should also be required to use company-issued devices for work purposes whenever possible, because personal devices may have unknown vulnerabilities or more lax privacy settings.
However, the widespread deployment of collaboration tools and cloud computing also increases demands on core network infrastructure. So, it’s important to ensure the network architecture can support these demands and that IT has the necessary resources. The expansion of virtual teams also introduces more potential points of failure between end users and the network, and it creates more user support needs as well. Management can assist the IT department with employee training resources and change management initiatives to encourage the ongoing success of remote teams.
What tax strategies should I consider changing in light of the current environment?
In the short term, banks and other financial institutions should consider leveraging any tax strategies that can help offset costs and increase cash flow. These include provisions in the various stimulus bills like payroll tax credits and delays in payment due dates for both income and payroll taxes, AMT credits, net operating loss carrybacks and tax-deductible charitable contributions.
Outside of the existing stimulus bills and other response measures, financial institutions and specialty finance organizations should also consider measures to reduce their total tax liability that were already available prior to the start of the pandemic, such as state and federal Research and Development (R&D) tax credits that can offset the costs associated with, for example, developing fintech applications to service customers. Companies that operate internationally should also assess the tax relief options being offered in the countries in which they operate.
While there are many tax savings opportunities available, eligibility for some provisions is dependent on company size and other factors, and many benefits are mutually exclusive or have other tax implications that could affect an organization’s total tax liability. Given the level of complexity in tax planning during this time, it is critical that banks and other financial institutions consult with tax professionals in order to maximize their savings and understand the long-term impacts of their tax strategies.
How is COVID-19 impacting deal flow?
Most management teams and investors are hitting the pause button on deal activity. The economic realities are changing fast, and so too are deal threats and opportunities. For banks and other financial institutions, COVID-19 has introduced significant risk and led to fewer lenders willing to facilitate deals. Furthermore, some borrowers are struggling to repay loans due to their own deteriorating financial situation, impacting the bottom line for potential deal targets. Valuations have also dipped as the market downturn has affected EBITDA and financial projections for sellers.
Parties in M&A deals—buyers, sellers and lenders—are currently assessing the situation and will be making decisions to proceed, adjust or discontinue deal processes based on critical factors including crisis management, performance outlook, valuation changes and COVID-19’s lasting impact on the economy. Deal activity in certain in-demand sectors—such as technology, healthcare, and those facilitating essential services like distribution logistics—are likely to rebound sooner than other industries. Ultimately, and hopefully sooner rather than later, the path forward will become clearer and many sellers will resume sale processes. However, some will have to modify their approach or even take longer pauses as the uncertain outlook persists.
How can we help?
Our team is closely monitoring updates regarding the programs and relief efforts surround the COVID-19 pandemic. Please contact our Financial Institutions Group with questions. We are always here to help.