When COVID-19 first hit the U.S., many lending banking departments were caught off guard as branches and offices quickly shut down and employees processed loan applications while working from home. They also felt pressure to help a large number of small business customers that urgently needed additional financing.
The combination of having employees working remotely on computer systems that had not been properly security-tested and responding to a flood of new loan applications – caused a huge burden for the banks and credit unions. It also raised a number of red flags with regard to compliance and security.
The first concern was the security of information coming via employee computer systems. In an article for Bai.org, our Alma Angotti shared that there was a lot of security risk associated with home computer networks.
While financial institutions have had lending officers working remotely before, they were previously able to plan for such arrangements and thoroughly test remote systems prior to running sensitive information over them. When the pandemic began, the movement of data from corporate systems to questionable home and other remote networks often happened quickly, without the luxury of thorough testing, Angotti says.
Despite these problems, Angotti believes most financial institutions did a pretty good job of meeting the compliance requirements during the pandemic. By mid-summer, the Department of Justice quickly identified a number of fraud cases related to the Paycheck Protection Program.
Angotti suggests that banks need to conduct a thorough review of how they handled the pandemic and how they can prepare for the future.