Financial institutions today, Sept. 2012

Inside this issue:

Revised

2

Authorization

Form to Retain

Real Estate (Form

19-24)

Federal Banking

2

Regulatory

Agencies Release

a Regulatory

Capital Estimation

Tool

Cyber Threat to

3

the Financial

Industry

DBF Outreach

4

and Upcoming

Speaking

Engagements

Action on

5

Applications for

the Month of

September

Contact

7

Information

News and topics of interest to financial institutions regulated by the Department of Banking and Finance

Monthly Bulletin #9

September 2012

Georgia Department of Banking and Finance Adopts Final Rules
On September 18, 2012, the Department adopted Final Rules. They were filed with the Secretary of State on September 18, 2012 and will be effective 20 days following or October 8, 2012. These rules were proposed and distributed on August 14, 2012.
We received one written comment letter. There were no changes to the Proposed Rules. The Department believes these Final Rules encourage safety and soundness, safe and fair mortgage lending, and conform to the law.
View or download the Final Rules from our website at: http://dbf.georgia.gov/documents/2012-dbf-final-rulemaking-9-18-2012
The rule changes noted below may be of particular interest to depository financial institutions:
Changes were made to the following rules to eliminate references to the Report of Publisher (Form 8040/36) requirement which is outdated and no longer needed:
80-1-6-.01 Reports to Department; 80-1-6-.02(2)(a)(i) Reports to Shareholders. Amended; and, 80-1-11-.01(a) Public Access to Records.
The following rule was considered unnecessary and potentially inconsistent with Generally Accepted Accounting Principles (GAAP) and was deleted in its entirety:
80-1-10-.06 Depreciation and Amortization of Fixed Asset Investments. Amended.
Conflicting language was deleted from the following rule to clarify that "per loan" fees are due on residential property only, as defined by statute:
80-5-1-.04(a) Levy, Collection, Remittance and Refunds of Georgia Residential Mortgage Act Per Loan Fee.
Clarification was made to the following rule regarding loan note retention requirements. Specifically, credit files are to be retained for 5 years after payout on loans of $5,000 or more and on all loans secured by real estate. All others for the life of the loan:
80-10-1-.01(5)(j) Minimum Records Retention Periods.

"Safeguarding Georgia's Financial Services"

Page 2

September 2012

Revised Authorization Form to Retain Real Estate (Form 19-24)
The year 2007 was a defining year for Other Real Estate in the Georgia banking industry. The economy took its toll on many borrowers, and financial institutions began to foreclose on properties with greater frequency than in years past. Now it is 2012, and the Department has received an increase in the requests for holding Other Real Estate beyond five years to remain in compliance with the requirements of the State of Georgia. While many of our financial institutions have had assets move to Other Real Estate in the past, most have not experienced those properties remaining on the books beyond even one year, much less five years. Additionally, institutions that have converted from a national charter may not be aware of the laws and regulations governing these properties.
The Board and management should review Section 7-1-263 of the Official Code of Georgia Annotated (for banks) and Section 7-1-650(9) of the Official Code of Georgia Annotated (for credit unions) that define Other Real Estate and also, in part, outline requirements for valuation, periodic Board review and approval, and prior regulatory approval by the five year mark. This law is further interpreted by Department of Banking and Finance Rule 80-1-10.-09, which should also be reviewed. Additionally, accounting guidance for these transactions is generally provided by FAS-15 "Accounting for Debtors and Creditors for Troubled Debt Restructurings" and FAS-66 "Accounting for Sales of Real Estate." Management and the Board are reminded that there are differences between reporting Other Real Estate in accordance with Generally Accepted Accounting Principles and the quarterly Call Reports, each of which must be adhered to as appropriate. Additionally, management is attesting to the accuracy of the Call Reports with each quarterly submission, so the balances in the Other Real Estate account should reflect appropriate values as required by FDIC Rule 304.3.
The Department's website provides Form 19-24, which is designed to assist institutions in their requests to hold Other Real Estate. This form has been recently revised to streamline the process and should be used for such requests.

Federal Banking Regulatory Agencies Release a Regulatory Capital Estimation Tool to Assist in Assessing the Potential Effects of Recently Proposed Regulatory Capital Rules
On September 24, 2012, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency announced the availability of a regulatory capital estimation tool to help community banking organizations and other interested parties evaluate recently published regulatory capital proposals.
According to the joint press release issued by the federal banking regulatory agencies, the tool is intended to help institutions estimate the potential effects on their capital ratios of the agencies' Basel III Notice of Proposed Rulemaking (NPR) and Standardized Approach NPR. The joint press release further clarified that the tool should not be relied on as an indicator of an institution's actual regulatory capital ratios and is not part of the NPRs nor of any final rule(s) that the agencies may adopt.
The joint press release can be viewed in its entirety at: http://www.fdic.gov/news/news/press/2012/pr12109.html The estimation tools are available for banks, savings associations and their holding companies at:
http://www.fdic.gov/regulations/capital/calculator.html
The proposals are available in the Federal Register at: Basel III NPR: http://www.gpo.gov/fdsys/pkg/FR-2012-08-30/pdf/2012-16757.pdf Standardized Approach NPR: http://www.gpo.gov/fdsys/pkg/FR-2012-08-30/pdf/2012-17010.pdf

September 2012

Page 3

Cyber Threat to the Financial Industry
In recent days there have been news reports regarding disruption to the banking operations at several of the nation's largest banking institutions, resulting in customers being unable to access the bank's website. Recent FBI reporting also indicates a new trend in which cyber criminals are using spam and phishing e-mails, keystroke loggers, and Remote Access Trojans to compromise financial institution networks and obtain employee login credentials.
These recent events draw attention to the broader threat posed by electronic crimes and the susceptibility of financial targets. Financial institutions should maintain a heightened level of awareness and ensure constant diligence in monitoring and quickly responding to any malicious events.
Recommendations to Financial Institutions:
Educate employees on the dangers associated with opening attachments or clicking on links in unsolicited e-mails
Do not allow employees to access personal or work e-mails on the same computers used to initiate payments
Do not allow employees to access the Internet freely on the same computers used to initiate payments
Do not allow employees to access administrative accounts from home computers or laptops connected to home networks
Ensure employees do not leave USB tokens in computers used to connect to payment systems
Review anti-malware defenses and ensure the use of reputation based content and website access filters
Ensure that workstations utilize host-based Intrusion Prevention System (IPS) technology and/or application whitelisting to prevent the execution of unauthorized programs
Monitor employee logins that occur outside of normal business hours
Consider implementing time-of-day login restrictions for the employee accounts with access to payment systems
Restrict access to wire transfer limit settings
Reduce employee wire limits in automated wire systems to require a second employee to approve larger wire transfers.
(Continued on page 4)

HOLIDAY CLOSING
This is a reminder that the Department will be closed on Monday, October 8th for Columbus Day.

Page 4

September 2012

Cyber Threat to the Financial Industry
(Continued from page 3)
If wire transfer anomaly detection systems are used, consider changing "rules" to detect this type of attack and, if possible, create alerts to notify bank administrators if wire transfer limits are modified
Secure and/or store manuals offline or restrict access to the training system manuals with further security, such as enhanced access controls and/or segregation from the payment systems themselves
Monitor for spikes in website traffic that may indicate the beginning of a distributed denial of service (DDoS) attack and implement a plan to ensure that when potential DDoS activity is detected, the appropriate authorities handling wire transfers are notified so wire transfer requests will be more closely scrutinized
Strongly consider implementing an "out-of-band"1 authentication prior to allowing wire transfers to execute
Limit systems from which credentials used for wire authorization can be utilized
Review intrusion detection and incident response procedures and consider conducting a mock scenario testing exercise to ensure familiarity with the plan
The FBI encourages victims of cybercrime to contact their local FBI field office, http://www.fbi.gov/contact/fo/fo.htm, or file a complaint online at www.IC3.gov.
Financial institutions' compliance or anti-money laundering team(s) should submit a Suspicious Activity Report (SAR) utilizing the Account Takeover guidance issued by the Financial Crimes Enforcement Network (FinCEN).

1 Out-of-band authentication means that a transaction that is initiated via one delivery channel (e.g., Internet) must be reauthenticated or verified via an independent delivery channel (e.g., telephone) in order for the transaction to be completed. The use of out-of-band authentication or verification, for administrative changes to online business accounts, can be an effective control to reduce fraudulent funds transfers.

OTHER REFERENCES:
FFIEC IT Handbooks http://ithandbook.ffiec.gov Supplement to Authentication in an Internet Banking Environment http://www.ffiec.gov/pdf/Auth-ITS-Final 6-22-11
(FFIEC Formated).pdf

DBF Outreach AND UPCOMING SPEAKING ENGAGEMENTS
Commissioner Braswell spoke at the Georgia Bankers Association's Bank Counsel Conference on October 2nd at the Ritz Carlton,
Greensboro, GA.

September 2012

Page 5

Action on Applications for the Month of September:
The following is a summary of official action taken on applications by State Financial Institutions under Chapter 7-1 of the Code of Georgia and petitions for Certificate of Incorporation of Financial Institutions and other matters of interest during the month of September 2012.

APPLICATIONS TO ESTABLISH A BRANCH OFFICE

FINANCIAL INSTITUTION Community & Southern Bank
Atlanta

BRANCH OFFICE Brookhaven Branch Office Town Brookhaven 105 Town Boulevard, Suite A-110 Atlanta, GA 30319 DeKalb County

APPROVAL 05-10-2012

Community & Southern Bank Atlanta

Buford Branch Office 3350 State Road 20 Suite A100 Buford, GA 30519 Gwinnett County

09-19-2012

Community & Southern Bank Atlanta

Sugar Hill In-Store Branch Office 6001 Cumming Highway Sugar Hill, GA 30518 Forsyth County

05-10-2012

Morris Bank Dublin

Gray Branch Office 110 Highway 18 Connector Gray, GA 31032 Jones County

07-23-2012

Ameris Bank Moultrie

Downtown Tallahassee Branch Office 150 South Monroe Street Suites 100 & 200 Tallahassee, FL 32301 Leon County

09-04-2012

BEGIN BUSINESS 09-04-2012
08-01-2012 09-10-2012

FINANCIAL INSTITUTION Fidelity Bank
Norcross

APPLICATIONS TO CHANGE LOCATION

CHANGE LOCATION OF Powers Ferry Branch Office From: 1642 Powers Ferry Road Marietta, GA 30067 Cobb County To: 2401 Windy Ridge Parkway Atlanta, GA 30339 Cobb County

APPROVAL 07-11-2011

EFFECTIVE 09-24-2012

PREVIOUS NAME First Citizens Bank
Glennville

NOTICE OF CHANGE IN NAME

NEW NAME S Bank

APPROVAL 09-19-2012

EFFECTIVE 09-19-2012

Page 6

September 2012

PROPOSED NAME Foothills Community Bank

APPLICATIONS FOR RESERVATION OF A NAME

COUNTY Dawson County

APPLICANT Ms. Jeannie B. Osborne Bryan Cave, LLP 1201 West Peachtree Street, NW Atlanta, GA 30309-3488

APPLICATIONS TO BECOME A BANK HOLDING COMPANY AND/OR TO ACQUIRE VOTING STOCK OF A FINANCIAL INSTITUTION

BANK HOLDING COMPANY SCBT Financial Corporation
Columbia, SC

TO ACQUIRE The Savannah Bancorp, Inc.
Savannah, GA

APPROVAL Pending

FINANCIAL INSTITUTION (SURVIVOR) First Volunteer Bank Chattanooga, TN
SCBT Columbia, SC

FINANCIAL INSTITUTION MERGERS

MERGED INSTITUTION Gateway Bank & Trust Ringgold, GA
Bryan Bank & Trust Richmond Hill, GA

APPROVAL EFFECTIVE 07-30-2012 09-17-2012
Pending

NOTIFICATION OF APPROVAL OF APPLICATION TO SERVE A RESIDENTIAL GROUP COMMON BOND

CREDIT UNION Georgia United Credit Union
Duluth

RESIDENTIAL GROUP COMMON BOND Rockdale County, GA

APPROVAL 09-28-2012

CHECK CASHER LICENSES ISSUED

CITY McDonough Dalton Dalton Atlanta Thomasville Duluth Tunnel Hill Stone Mountain Charleston Brooks College Park

APPLICANT NAME * 42 BP, Inc. * Baltazar, Inc.
Check Into Cash of Georgia, LLC Fulton Bottle Shop, Inc. Hope Financial Services LLC * Manakamana Sai, Inc. National Title Pawn of Tunnel Hill, Inc. PQV, LLC Piggly Wiggly Retail Stores, Inc. RBC-5, Inc. We In Control, Inc.

TRADE NAME
Magana's Liquor Check Into Cash Flag Package Store Kash Check N Title Pawn Chevron Food Mart National Title Pawn C & D Package Piggly Wiggly Huckaby's Check Cashing of Georgia

* =Registered (O.C.G.A. 7-1-700 et al)

September 2012
GEORGIA
DEPARTMENT OF BANKING AND FINANCE
2990 Brandywine Road Suite 200
Atlanta, Georgia 30341-5565
Phone: (770) 986-1633 Fax: (770) 986-1654 or 1655 Email: dbfpress@dbf.state.ga.us

Page 7
The Department is the state agency that regulates and examines banks, credit unions, and trust companies chartered by the State of Georgia. The Department also has regulatory and/or licensing authority over mortgage brokers/processors, lenders and loan originators, money service businesses, international banking organizations, and bank holding companies conducting business in Georgia.
Our Mission is to promote safe, sound, competitive financial services in Georgia through innovative, responsive regulation and supervision.
Our Vision is to be the best financial services industry regulator in the country Progressive. Proactive. Service-Oriented.

We're on the Web!
Visit our website at: dbf.georgia.gov

Sign-up to Receive this Publication:
This publication is delivered to interested parties via e-mail and is also available from the Department's website at: http://dbf.georgia.gov under Publications, Financial Institutions Bulletin.
If you would like to be added to our distribution list, send an e-mail to dbfpress@dbf.state.ga.us stating your name and e-mail address. Please be sure to include "Subscribe to Financial Institutions Bulletin" in the Subject line.