Financial institutions today, 2021 August

Inside this issue:

Third Quarter 2021 2 CBSI

Guide to Help with 2 Banking Relationships with Fintech Companies

Top Routinely

3

Exploited

Vulnerabilities by

Malicious Cyber

Actors

Internet Crime

3

Complaint Center

Applications

4

News and topics of interest to financial institutions regulated by the Department of Banking and Finance
August 2021
Annual Assessment Notices--Banks and Credit Unions
The bank and credit union annual assessments are due no later than September 30, 2021. The assessment was emailed to each institution's primary contact for assessments from GADBF@micropact.com on September 2, 2021 with the appropriate invoice. Please be on the look out for this email. The Department will initiate an ACH debit for the assessment fee for regulated banks and credit unions unless otherwise stated in the body of the assessment notice. If you did not receive the annual assessment email, please contact your Supervisory Manager.
Annual Assessment Notices--Holding Companies
The holding company assessments are due no later than September 30, 2021. The assessment notice was emailed to each institution's primary contact for assessments from GADBF@micropact.com on September 2, 2021 with the appropriate invoice. Unlike the bank and credit union annual assessment, holding company fees will need to be paid independently through the Department's online portal. If you have not received the annual assessment email, please contact your Supervisory Manager.
Implementation of "Information Technology" Rating for Credit Unions

The Department's implementation of the Information Technology (IT) composite rating in credit union examinations becomes effective January 1, 2022. The banking agencies originally adopted the Uniform Rating System for Information Technology (URSIT) in 1978 on the recommendation of the Federal Financial Institutions Examination Council (FFIEC), and in 1999 the URSIT was revised. In implementing the IT rating for credit unions, the Department will use the FFIEC ratings definitions and guidance, as outlined below.
URSIT is used to uniformly assess and rate financial institutions' IT-related risks. The primary purpose of this rating system is to evaluate the examined institution's overall risk exposure and risk management performance and determine the degree of supervisory attention necessary to ensure that weaknesses are addressed and risks are properly managed. The assigned rating determines the degree of supervisory attention necessary and is used to quantify the overall effectiveness of the institution's IT risk management practices and condition. Examiners evaluate the IT function to assess the institution's ability to identify, measure, monitor, and control IT-related risks.
The URSIT IT Composite ratings are defined as follows:
Composite 1--Strong: performance that is significantly higher than average Composite 2--Satisfactory: performance that is average or slightly above and that
provides adequately for safe and sound operations

Page 2

August 2021

Composite 3--Less than satisfactory: performance that exhibits some degree of supervisory concern due to a combination of weaknesses that may range from moderate to severe
Composite 4--Deficient: performance that is in an unsafe and unsound environment that may impair the future viability of the institution
Composite 5--Critically deficient: performance that is critically deficient and in need of immediate remedial attention
This bulletin article is the last in a three-part series detailing the Department's implementation of the IT rating. The June 2021 and July 2021 bulletins should be used as additional reference sources. Any further questions can be submitted to Supervisory Manager Kevin Vaughn at 770-986-1645 or KVaughn@dbf.state.ga.us.
Third Quarter 2021 Community Bank Sentiment Index
The Conference of State Bank Supervisors (CSBS) data collection for the third quarter 2021 Community Bank Sentiment Index (CBSI) survey began on August 30, 2021. The CBSI quarterly results provide essential local level perspective of the nation's economic outlook. The second quarter 2021 CBSI results, released in July, showed that community bankers had a positive assessment of the health of their local economies; however, some concerns were shared about regulatory burden and monetary policy. The results showed a sentiment index of 115 points, the same as the first quarter of 2021.
The CBSI captures on a quarterly basis what community bankers nationwide think about the future. Participant answers are analyzed and compiled into a single number; an index reading of 100 indicates a neutral sentiment. Anything above 100 indicates a positive sentiment, and anything below 100 indicates a negative sentiment.
The third quarter 2021 data collection will continue through the month of September. The full survey takes less than five minutes. Results will be released on October 6, 2021. Your response to the nine survey questions will provide critical insight into the economic outlook of community bankers across the nation.
No preparation is necessary for this survey. Just open the link and answer the questions about your thoughts on the economy. For more information about the CBSI, visit the website: csbs.org/cbindex. The Department values your perspective on what is happening at the local level. Collectively, the input of community banks helps show the expectations for the future of the economy overall.
Guide to Help with Banking Relationships with Financial Technology Companies
On August 27, 2021, the federal bank regulatory agencies released a guide intended to help community banks assess risks when considering relationships with financial technology (fintech) companies.
Many financial institutions are entering into business arrangements with fintech companies to offer enhanced products and services to their customers, increase efficiency, and reduce internal costs. The guide is intended to serve as a resource for community banks when performing due diligence on prospective relationships with fintech companies.
Due diligence is an important component of an effective third-party risk management process. The guide covers six key areas of due diligence that community banks can consider when exploring arrangements with fintech companies: business experience and qualifications, financial condition, legal and regulatory compliance, risk management and control processes, information security, and operational resilience. The guide highlights practical sources of information that may be useful when evaluating fintech companies. The press release and guide are located here.

Page 3

August 2021

Top Routinely Exploited Vulnerabilities by Malicious Cyber Actors

The Joint Cybersecurity Advisory was coauthored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom's National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI).
The advisory provides details on the top 30 vulnerabilities--primarily Common Vulnerabilities and Exposures (CVEs)--routinely exploited by malicious cyber actors in 2020 and those vulnerabilities being widely exploited thus far in 2021.
Please click here to access the article.

Internet Crime Complaint Center
The FBI has established a resource to report suspected crimes perpetrated on the internet. The mission of the Internet Crime Complaint Center (IC3) is to provide the public with a reliable and convenient reporting mechanism to submit information to the FBI concerning suspected internet-facilitated criminal activity and to develop effective alliances with law enforcement and industry partners. Information is analyzed and disseminated for investigative and intelligence purposes to law enforcement and for public awareness.
Financial institutions should be knowledgeable of resources available to combat the increasing risks of malicious and criminal internet activity. For more information on IC3, please click here.

Page 4
ACTION ON APPLICATIONS FOR THE MONTH

August 2021

The following is a summary of official action taken by the Department on certain applications by Georgia statechartered financial institutions, petitions for certificate of incorporation of financial institutions, and other matters of interest during the month of August 2021:

FINANCIAL INSTITUTION MERGERS

FINANCIAL INSTITUTION
Pinnacle Bank Elberton, GA

MERGED INSTITUTION
Liberty First Bank Monroe, GA

APPROVAL DATE Pending

EFFECTIVE DATE

Colony Bank Fitzgerald, GA

SouthCrest Bank, N.A. Atlanta, GA

06/22/2021

FINANCIAL INSTITUTION
Moultrie Bank & Trust Moultrie, GA

APPLICATIONS FOR DE NOVO INSTITUTIONS
APPROVAL DATE pending

APPLICATIONS TO ESTABLISH A BRANCH OFFICE

08/01/2021
BEGIN BUSINESS DATE

FINANCIAL INSTITUION
Barwick Banking Company Barwick, GA

BRANCH OFFICE
112 N Nova Road Ormond Beach, Florida 32174

APPROVAL DATE
08/16/2021

Piedmont Bank Peachtree Corners, GA

3112 Main Street Suite 100 Duluth, Georgia 30096

06/02/2021

PeoplesSouth Bank Colquitt, GA

917 Forrester Drive Dawson, Georgia 39842

05/19/2021

APPLICATIONS TO ACQUIRE A FINANCIAL INSTITUTION

BANK HOLDING COMPANY
First Volunteer Corporation Chattanooga, TN

TO ACQUIRE
FBD Holding Company Dalton, GA

APPROVAL DATE pending

EFFECTIVE DATE
08/11/2021
08/26/2021
EFFECTIVE DATE

Page 5

August 2021

SUBSCRIBE TO RECEIVE THIS PUBLICATION

Subscribe to Receive this Publication: Notice of this publication is delivered to interested parties via e-mail. To subscribe to this publication as well as other items of interest, please visit our website at https://dbf.georgia.gov/.

Department of Banking and Finance 2990 Brandywine Road, Suite 200 Atlanta, Georgia 30341-5565 Phone: (770) 986-1633

The Department is the state agency that regulates and examines Georgia state-chartered banks, state-chartered credit unions, state-chartered trust companies, international banking organizations, and bank holding companies that own Georgia state-chartered financial institutions. The Department also has responsibility for the supervision, regulation, and examination of Merchant Acquirer Limited Purpose Banks chartered in Georgia.
In addition, the Department has regulatory and/or licensing authority over mortgage brokers, lenders and processors, mortgage loan originators, consumer installment loan companies, check cashers, sellersissuers of payment instruments, and money transmitters.
Our Mission is to promote safe, sound, competitive financial services in Georgia through innovative, responsive regulation and supervision.
Our Vision is to support vibrant economic growth and prosperity in Georgia.