ABA survey finds cybersecurity top risk priority for community banks

Cybersecurity will be the top risk priority for most community banks over the next 18 months, with operational risk and compliance risk also high priorities, according to the ABA Banking Risk and Compliance Management 2023 Outlook survey released today. The survey—conducted in partnership with ABA Endorsed Solutions provider 360factors—also polled banks on their compliance priorities. Most banks rank fair lending as a high compliance priority over the next 12 months, followed by cybersecurity and Bank Secrecy Act/anti-money laundering compliance.

Seventy-four percent of respondents identified cybersecurity as their top risk priority, compared to 64% for operational risk, the second highest-ranked priority. Cybersecurity has become so complex and dynamic that some banks now treat it as separate and distinct from operational risk. ABA SVP Ryan Rasske noted it is no longer enough for banks to educate employees on cybersecurity and fraud protection—they must educate customers as well. “The bad guys have gotten so persistent at constantly figuring out new ways to get in,” he said.

Bank executives were also asked about their top three strategic growth priorities over the next two to three years. Seventy-one percent cited organic growth through regional expansion/branching, followed by organic growth through new product development (68%), profitability improvement and/or expense reduction (59%) and growth through merger or acquisition of a bank (47%). However, when asked to identify the technologies used to provide data for decision-making regarding strategic growth initiatives, the answers skewed low-tech, with spreadsheets and Microsoft Word documents being the most common.