Even before hackers stole 40 million credit- and debit-card numbers from Target Corp. stores last year, Wal-Mart directors received frequent rundowns from outside consultants on cyberthreats, including gangs of Russian-speaking hackers who target payment-card data, a person familiar with the meetings said.
A Wal-Mart spokesman didn’t dispute that account.
So far this year, 1,517 companies traded on the New York Stock Exchange or Nasdaq Stock Market listed some version of the words cybersecurity, hacking, hackers, cyberattacks or data breach as a business risk in securities filings, according to a Wall Street Journal analysis. That is up from 1,288 in all of 2013 and 879 in 2012.
Still, federal officials and others say many companies remain ignorant of, and unprepared for, Internet intruders.
“There may be a gap that exists between the magnitude of the exposure presented by cyber-risks and the steps, or lack thereof, that many corporate boards have taken to address these risks,” Securities and Exchange Commissioner Luis Aguilar told directors earlier this month at a cybersecurity conference at the New York Stock Exchange.
WASHINGTON—Credit unions in search of higher returns are loosening lending standards and piling into longer-term assets, exposing the firms to potentially significant losses if interest rates rise and worrying regulators in the process.
Such moves are raising concerns at the National Credit Union Administration, the sector’s regulator, which said a rise in interest rates could make loans and investments unprofitable. Some analysts also said credit unions likely are unaware of the risk they are taking on because they largely avoided the housing downturn. That has raised worries that lax underwriting standards could fuel another bubble.
“I am concerned that the message [about rates] is either not getting through, or it’s getting through and they are just choosing not to do anything about it,” said Debbie Matz, chairman of the NCUA, who has long sounded the alarm about the industry’s exposure to interest-rate risk.
Credit unions, which have been expanding steadily for years and now serve more than 97 million members nationwide, collectively held $1.098 trillion in assets at the end of the first quarter of 2014.
For the lenders, taking on more risk can help boost returns in a low-rate environment. A firm that offers a low-rate, long-term loan might win business over a competitor, and a credit union that invests in a mortgage bond with a relatively longer term can often demand a higher return.
But if interest rates rise, the money in those loans or investments will be locked in, generating relatively less revenue than a new loan or investment made in the higher-rate environment. Meanwhile, those banks and credit unions will have to pay depositors higher interest rates, otherwise those customers could move elsewhere.
“It’s a double-edged sword,” said Federal Deposit Insurance Corp. Chairman Martin Gruenberg at a news conference last week.
Credit unions’ net holdings of long-term assets, a measure of exposure to rising interest rates, rose to an all-time high at the end of 2013 to 35.85% of total assets, according to the NCUA. The increase comes as some credit unions are adopting lax standards for mortgage and home-equity loans and lines of credit reminiscent of those leading up to the financial crisis, according to interviews. Credit unions also are extending the duration on investments like mortgage bonds, regulatory data show.
“In periods of declining mortgage volume, people start loosening underwriting to boost business,” said Guy Cecala, chief executive at Inside Mortgage Finance, an industry newsletter. “They seem to be taking on a lot more risk than in the past.”
Wal-Mart Stores Inc. is taking another step deeper into banking, rolling out a new money-transfer service that undercuts rivals including Western Union Inc. and MoneyGram International Inc. with lower and simplified fees.
The giant retailer on Thursday unveiled the new service, Walmart-2-Walmart, which will allow customers to send and receive up to $900 at a time at more than 4,000 stores. The new service applies only to payments that are sent and received in the U.S.
It aims to take a bite of the roughly $900 billion in so-called person-to-person payments made each year in the U.S., often in the form of cash or checks.
“This is a relatively easy service for Wal-Mart to develop, because it fits with the customer base that they already have, and they don’t have to spend a lot of money to create, implement or market the service,” said Ron Shevlin, a senior analyst at Aite Group, a consulting firm that specializes in the payments industry.
The service launches April 24. Wal-Mart said the service fees – $4.50 for transfers up to $50 and $9.50 for transfers up to $900 – are 50% or more below the cost of existing offerings. For its new service, Wal-Mart is partnering with Euronet Worldwide Inc.’s Ria Money Transfer subsidiary.
The money-transfer business carries substantial regulatory burdens aimed at preventing money laundering. Wal-Mart has been registered with the Treasury Department’s Financial Crimes Enforcement Network as a money-services business since 2011, according to FinCen’s public database. The move also could place Wal-Mart under the scrutiny of the U.S. Consumer Financial Protection Bureau, which was set up after the financial crisis to police the lending industry for abusive practices involving consumers. The CFPB already has proposed supervising nonbank providers of international money transfers. The vast majority of U.S. money transfers involve sending money overseas, according to payments experts. The U.S. is the largest sender of such payments, accounting for nearly one-quarter of the $529 billion in remittances that international migrants sent to their home countries in 2012, according to the World Bank.
In addition to competing with Western Union and MoneyGram, Wal-Mart also is taking on banks that allow their customers to transfer money to other customers. In 2011, J.P. Morgan Chase & Co., Bank of America Corp. and Wells Fargo & Co. formed a joint venture to let people use their checking accounts to send each other money with an email address or cellphone number.
“The banks have failed miserably in capturing the person-to-person payments business,” said Mr. Shevlin, the payments analyst.
WASHINGTON—Small banks may be faring better than their declining numbers suggest, with a new regulatory study finding small U.S. firms are not on the wane despite explosive growth by large banks.
The Federal Deposit Insurance Corp. found there are more banks with assets between $100 million and $1 billion today than there were in 1985, according to a study released Wednesday. That is despite the plummeting total count of U.S. banks, from more than 18,000 in 1985 to less than 7,000 today.
Most of that decline can be attributed to banks under $100 million, suggesting a threshold at which banks have the scale to compete despite their relatively small size.
Smaller institutions still face a raft of challenges, from low interest rates to a less robust mortgage market and new regulatory requirements. But the FDIC offered a more upbeat assessment of those banks’ prospects, finding that community banks are able to cut costs significantly when they pass $100 million in assets—a phenomenon that may explain why institutions of that size haven’t seen a decline in their numbers, the FDIC said.
The decline in overall banking charters suggests “a disaster for small banks, but that’s not what the numbers show if you follow them over time,” said Richard Brown, the FDIC’s chief economist, in an interview.
The study also found that more often than not community lenders giving up their charters have been purchased by other banks with similar business models, suggesting local lenders are growing slightly larger rather than disappearing altogether.
First Oklahoma Bank of Tulsa, Okla., started out when investors acquired the state’s third smallest bank, with about $9 million in assets, in 2009, said Chairman Tom Bennett. Now the bank has $285 million in assets after a strong first quarter of making loans, and Mr. Bennett says he isn’t complaining about regulations. “Somewhere over $100 million you begin to get enough scale that you can absorb the cost,” he said.
The core problems for the smallest firms, he said, are that the slowed-down real-estate market and low interest rates have been squeezing community banks that rely disproportionately on mortgage lending and net interest income for their revenue.
Guilty pleas to criminal charges by BNP Paribas and some other financial firms should put to rest fears that banks are “too big to jail.” Even so, that isn’t necessarily great news for the financial system or investors.
The reason some banks were perceived to be outside the reach of the law’s long arm was that a criminal charge would prove so devastating it could upend a firm and disrupt the functioning of the financial system. BNP Paribas shows why that is no longer the case, but also why that isn’t such a threat to the biggest banks.
True, BNP has had to pay about $9 billion to resolve charges related to violations of U.S. sanctions on doing business with countries such as Iran and Sudan. It also will have to reorganize some of the ways it does business in the U.S. And the bank has suffered a clear hit to its reputation.
Yet prosecutors and regulators worked to cushion the blow a guilty plea would have. Indeed, even a ban on BNP’s dollar-clearing operations was tailored so that it affected only a small part of its business. As well, the bank will have six months to prepare affected clients before the penalty kicks in.
What’s more, while authorities pushed for the bank to remove some staff, no individuals were criminally charged. That echoes other big settlements with U.S. and foreign banks. It also is telling that so far the banks charged are foreign institutions, not U.S. ones, which escaped a comeuppance for behavior that fueled the financial crisis.
The desire to not rock the financial boat, and possibly send markets into debilitating paroxysms, is understandable, especially for regulators. It is easy too to forgive prosecutors, as well, for keeping financial stability in mind.Still, their hesitancy to actually charge individual bankers, force banks to shutter or dispose of units at the heart of wrongdoing or make the buck stop at a CEO’s desk sends the wrong message.
Instead, actions to date let banks, and bankers in particular, think that criminal charges are now like huge financial penalties: a painful and embarrassing, but ultimately manageable, cost of doing business.
In other words, the deterrent effect of such charges is questionable. That already is the case with the seemingly enormous fines being assessed in cases. As big as the numbers involved sound, the banks that are paying out multibillion-dollar penalties are themselves gargantuan. While J.P. Morgan Chase, for example, was forced to cough up $13 billion last fall to resolve issues related to mortgage-backed bonds, it has assets of about $2.4 trillion.
Investors might take short-term relief from this. Indeed, in the wake of settlements, the affected bank’s shares typically rise as there is certainty about the costs involved. The reason: As long as a bank isn’t hit so hard that it is forced to raise new capital and dilute existing shareholders, investors tend to move on pretty quickly from such affairs. In that vein, Credit Suisse shares rose about 1% in the immediate aftermath of that bank pleading guilty in mid-May to a criminal charge of tax evasion.
But investors shouldn’t spend too much time cheering. Without true accountability, a new generation of bankers will be emboldened to take on risks, or engage in behavior, that puts the long-term viability of their firms at risk.The penalty for that will ultimately be borne by shareholders.