INTRODUCTION

Each year, most businesses establish top priorities

that will help ensure their ongoing success. As key
participants in our countrys economic stability and
critical nancial infrastructure, nancial institutions (FIs)
are no diferent.
Its prudent for each FI to identify annual priorities that
will secure the success of the lending, depository, and
investment strategies that grow protability, satisfy
customers and shareholders, manage operating costs
and risks, and cost-efectively enable compliance.
CSIs Annual Banking Priorities Study
1
was
commissioned to give FIs timely industry and economic
insight that can be used by each to successfully dene
its annual strategy and accomplish its priorities.
EXECUTIVE REPORT:
2013 BANKING PRIORITIES STUDY
1
This 2013 annual survey of nancial institutions was conducted with the help of cbanc Network and its members.
EXECUTIVE SUMMARY
CSIs 2013 Annual Banking Priorities Study, in addition
to data released by the FDIC, ofers positive signs of
a steady improvement across many important areas.
The information suggests that 2013 is the year that
FIs have a viable opportunity to execute on strategic
plans for getting back to the basics of why most
of them are in businessprotable, risk-based
community lending and investing in prudent assets,
while growing existing customer relationships and
expanding market share to new customers.
It is no surprise, however, to nd that many of the
issues that confronted nancial institutions in 2012
will continue this year, including:
Sustained economic recovery
Countless new regulations being nalized from the
Dodd-Frank Act
Innovative ways to deliver new products to customers
Secure and cost-efective ways to leverage
technology for operating efciencies
These areas of continued concern have caused
many FIs to indicate that they retained the same
top priorities from 2012 into 2013compliance and
loan growth. While these top two priorities have not
changed, the underlying reasons for these priorities
have changed and are discussed in the 2013 Growth
section under Detailed Review.
The survey responses to this years study, along with
other industry data, also suggest that 2013 is the
year FIs focus on executing strategies to address
unprecedented compliance pressures. Respondents
also highlighted a continued, gradual recovery
and positive outlook among banks for lending,
protability, investment in technology, and adoption
of such services as cloud computing and mobile
banking. Expectedly, they also are continuing to
report heightened concerns with:
The foreseeable cost of regulatory changes
scheduled in 2013 and beyond
Information security threats from external
international and domestic attacks and mobile
devices
Continued pressure on protability from low
interest rates and tight net-interest margins
E x e c u t i v e R e p o r t
2
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
3
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
Annual Net Income Is the Highest Since 2006: FDIC Quarterly Banking Prole Data Ofers Signs of Improvement
Commercial banks and savings institutions insured by the Federal Deposit Insurance Corporation (FDIC) reported
aggregate net income of $34.7 billion in the fourth quarter of 2012, a 36.9 percent improvement from the $25.3
billion in prots that the industry reported in the fourth quarter of 2011. This is the 14th consecutive quarter that
earnings have registered a year-over-year increase. Increased noninterest income and lower provisions for loan
losses continued to account for most of the year-over-year improvement in earnings. For the full year, industry
earnings totaled $141.3 billiona 19.3 percent improvement over 2011 and the second-highest improvement ever
reported by the industry after the $145.2 billion earned in 2006.
The improving trend that began more than three years ago gained further ground in the fourth quarter, said
FDIC Chairman Martin J. Gruenberg. Balances of troubled loans declined, earnings rose from a year ago, and
more institutions of all sizes showed improved performance.
Sixty percent of all institutions reported improvement in their quarterly net income from a year ago. Also, the share
of institutions reporting net losses for the quarter fell to 14 percent from 20.2 percent a year earlier. The average
return on assets (ROA)a basic yardstick of protabilityrose to 0.97 percent from 0.73 percent a year ago.
Asset quality indicators continued to improve as insured banks and thrifts charged of $18.6 billion in
uncollectible loans during the quarter, down 27.4 percent from a year earlier. The amount of noncurrent loans
and leases (those 90 days or more past due or in nonaccrual status) fell for the 11th consecutive quarter, and the
percentage of loans and leases that were noncurrent declined to the lowest level in four years.
In short, the following can be determined:
Insured institutions of all sizes increased their loan
balances during the quarter, led by commercial and
industrial loans
The ow of money into deposit accounts increased
sharply. This indicates that many institutions took
advantage of the low-rate environment to improve
core deposits by making the most of the relatively
cheap and stable retail deposit base. These
institutions are now in a better position to ofer
loans, once interest rates increase, and to cross
sell products and services
The number of institutions on the FDICs Problem
Bank List declined for a seventh consecutive
quarter
Full-year net income improved for a third
consecutive year
FI Study of Challenges, Opportunities and Goals
This CSI 2013 Banking Priorities Study provides an executive level view of the challenges, opportunities and
goals facing FIs and the industry in general. C-level professionals, including executive, operations, compliance,
information, and security ofcers, as well as other key personnel, were asked for their strategic insight on a
range of industry-relevant questions.
Several of the same questions from our 2012 survey were repeated this year to help monitor key trends. The
questions that were retained focused on challenges and opportunities associated with the economys efect
on growth, Dodd-Frank compliance and overall compliance readiness, mobile banking, and IT outsourcing in
the cloud. New questions were added to explore emerging topics that may be of interest to FIs in 2013. These
questions explored such topics as security incidents, merchant capture strategies and outsourcing both IT and
document delivery.
In summarizing the results, the information we can surmise includes that:
Compliance and loan growth remain the greatest
challenges
Loan growth displaces customer acquisition as the
greatest area of opportunity in 2013
The economy is increasingly having a positive efect
on protability
More than 60 percent expect lending growth to
improve in 2013
Mobile banking, wire and ACH origination, and
remote deposit capture technologies continue to be
new investment priorities in 2013
Mobile applications, text message alerts and
mobile check capture are popular for 2013
Fifty-one percent of FIs plan to increase technology
spending
In regard to compliance challenges that require
solutions, Dodd-Frank regulatory planning and
self-assessment top the list again in 2013 with 57
percent
Almost all FIs have or are working on a strategy to
prepare for DFA regulatory changes
IT risk assessments should be performed more
frequently
External threats and attacks remain the top
security concern for the second consecutive year
Consistent with last year, more than 65 percent of
FIs will still have less than a fourth of employees
accessing data from the network from mobile
devices
Overall, there is a steady rise in FIs outsourcing IT
services to the cloud
Disaster recovery was listed as the biggest benet
to leveraging cloud-based solutions
Concerns regarding cloud solutions diminished
across the board, indicating that FIs have a better
understanding of IT outsourcing
More awareness of the GLBA security requirements
and information security risk with document
processing are still needed
Paper statements and notices are decreasing
Merchant Capture is a high-risk transaction and
must be secure
4
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
DETAILED REVIEW
The following summarizes the detailed responses of each survey question.
2013 GROWTH
What are your greatest challenges heading into 2013?
Compliance and loan growth continue to be the greatest challenges.
While these top two priorities have not changed since 2012, the underlying reasons have. In an efort to help
clarify the reasons, we will review the compliance and loan growth challenges of 2012 in retrospect and then
ofer insight on how they may change in 2013.
Compliance in Retrospect
In 2012, key reasons behind the compliance
challenges were the uncertainty of mandates from
rule changes that were not scheduled to be nalized
until 2013, identifying a prudent plan for proactively
assessing the efect of the compliance changes on
the FI and its customers, and strategies to fund these
unprecedented compliance eforts with the necessary
expertise and tools.
Many FIs were taking a wait-and-see position, until
the new rules were actually published.
In 2013, the primary reasons behind the compliance
challenges changed to focus on executing regulations
that are on the horizon. Specically, several nal
mortgage reform rules were published and are
scheduled to take efect in January 2014.
FIs must now act to:
Dene a 2013 compliance strategy as part of an
overall strategic plan
Hire sufcient expertise to understand the efect of
the rules on the FI
Self-assess compliance with the new rules taking
efect in January 2014
Implement changes, as needed
5
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
Greatest Challenges
6
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
2
A qualied mortgage cannot have a debt-to-income ratio (DTI) greater than 43 percent, unless it qualies for a GSE or FHA loan DTI. The DTI requirement is in addition to
other documentation and loan-to-value requirements to support a borrowers nancial position and ability to repay the loan. Therefore, even if the borrower meets all
other requirements that satisfy his or her ability to repay the loan, the loan would not meet the denition of a qualied mortgage, unless it also meets the DTI bright-line
requirement.
Loan Growth in Retrospect
In 2012, the following key reasons were behind the
loan growth challenge:
Examiner pressure on increasing regulatory capital
levels and avoiding riskier loans
Getting rid of toxic assets on the balance sheet
Low interest rates and downward pressure on net-
interest yields
Excessive competition in a limited market of viable
lending prospects
The uncertainty of the elections and their efect on
the industry as a whole
Impending Dodd-Frank Act Mortgage Reform rules
In 2013, many institutions are looking at loan
growth as a means of getting back to basics with
an improving economy and market opportunities to
cross-sell products and services, and putting core
deposits to use. FIs eforts over the last few years to
clean up the balance sheet have yielded:
Stronger core capital positions that enable FIs to
pursue loan portfolio growth
Improved Allowance for Loan and Lease Losses
(ALLL) and lower nonaccrual amounts
Unfortunately, FIs will continue to struggle against:
Low interest rates and downward pressure on net-
interest yields
Excessive competition in a limited market of viable
lending prospects
A smaller pipeline of qualied mortgages with
the new qualied mortgage rule that requires a
minimum 43 percent debt-to-income (DTI) ratio.
2

Many jumbo loan borrowers and rst-time home
buyers with excessive credit card or student
loan debt are expected to fail these DTI qualied
mortgage requirements
While the banking industry is not back to pre-2008
levels, such recent data as the FDIC Quarterly
Banking Prole Report suggests that 2013 will
continue to show steady improvement as the banking
industry continues to recover from the nancial
market turmoil that started in 2008. The Beige Book,
released on March 6, 2013, by the Federal Reserve,
also reported that economic activity generally
expanded at a modest to moderate pace in all 12
Federal Reserve Districts. FIs should take advantage
of the improving environment to get back to basics
putting core deposits to use for:
Lending under a prudent risk-based lending policy
Diversied lending into residential, commercial and
small-business loans
Investing wisely in low-risk investments, while
maintaining adequate capital
FIs also can implement basic strategies and
automated tools to help improve net-interest margins
and prot. Examples include:
Loan pricing
Funds transfer pricing
Analyzing the level and trend of long-term asset
concentrations and non-maturity deposits
Getting back to basics is not always exciting and does
not guarantee the highest rates of return or a quick
short-term prot. Executing a traditional risk-based
lending and investment strategy with prudent loan
and funds pricing tools, however, will support a
sustainable return to long-term protability.
FIs will continue to be smart in their planning
and execution. Most FIs want to explore new and
innovative products and services to establish higher
revenues, maintain existing customers and gain
new customers. Therefore, 2013 also is the year
of execution for mobile banking, remote deposit
capture, and compliance program updates and risk
assessments.
7
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
What are your greatest opportunities heading into 2013?
Loan growth moves into the top spot for the greatest opportunity in 2013.
Expectedly, respondents indicated several opportunities of interest for 2013. Twenty-four percent cited loan
growth as their greatest opportunitya 10 percent increase over last year. As one respondent stated:
If it is true that we are sitting at the headwaters of an economic recoveryhowever slow it may
comethen the opportunities are tremendous. As consumers return to the marketplace with a new
appreciation for scal responsibility, banks will be at the forefront. Consumer awareness programs,
convenience-based products and realistic (e.g., short-term and well-qualied) loan products should
be tools for consumerism of the 21st Century.
Until the residential lending market gains additional strength, it is anticipated that the primary focus for this loan
growth among many FIs will be commercial real estate, small-business and agricultural loans. Commercial real
estate and agricultural loans will provide higher yields than traditional family residential mortgages, which will
improve the FIs net-interest margin.
The respondents anticipated growth in non-residential loans also is consistent with the fourth quarter of 2012
FDIC data that showed insured institutions of all sizes increased their loan balances during the quarter, led by
commercial and industrial loans.
New technology retains the second slot for supporting customers and enhancing such virtual channels as
online and mobile banking oferings. Additionally, mobile banking moved up to tie in the second slot as a new
opportunity or expansion in the use of existing mobile platforms that have already been launched.
Expanding market share also rose to tie in the second slot, as several respondents were optimistic about
opportunities to put core deposits to good use with anticipated increased lending activities and their ability to
beat out competition that may still struggle with limited capital. Ten percent of respondents continue to see
opportunities for acquiring customers from big banks.
8
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
9
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
Reports from the 12 Federal Reserve Districts
indicated that economic activity generally expanded
at a modest to moderate pace since the previous
Beige Book. Five districts reported that economic
growth was moderate in January and early February,
and ve districts reported that activity expanded at a
modest pace. The Boston District stated the economy
continued to expand slowly, and the Chicago District
reported that economic activity grew at a slow pace.
3

How do you expect the economy to afect your FIs
protability in 2013?
The economy is having an increasingly positive efect on
protability.
Overall, 32.7 percent of respondents feel the economy
is having an increasingly positive efect on the FIs
protability. Conversely, fewer respondents feel the
economy is having a negative efect or any change
on protability. While these changes are small, they
are trending in a positive direction to suggest the
economy is continuing to stabilize and ofer more
opportunity for protability than in the last few years.
3
March 6, 2013 Federal Reserve Beige Book
10
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
FIs also can expect a continued residential lending
struggle in 2013 due to:
Prepayment risk with interest rates at record lows
Tight net-interest margins and interest rate risk
concerns
A large concentration of lenders now marketing to
residential borrowers
A decreased percentage of real estate construction
and development loans
New borrower requirements for a qualied
mortgage under the Consumer Financial Protection
Bureau (CFPB)s qualied mortgage denition
4

Added disparate impact violation risks on lenders
5
What is your outlook on your FIs lending growth in 2013?
More than 60 percent expect lending growth to improve
in 2013.
Nearly 62 percent of respondents agree lending
growth is in the forecast for 2013. This is the second
year in a row that the majority of respondents indicated
a positive outlook. Another positive sign is that only
6.7 percent of respondents expect lending to decrease.
The year-end 2012 lending data from the FDIC shows
much of the growth is still originating in seasonally
adjusted credit card balances and commercial,
industrial and business loans. The FDIC reported that
loan balances posted the sixth quarterly increase
in the last seven quarters. Insured institutions of all
sizes increased loan balances during the last quarter
of 2012. These are positive indicators for growth.
4
Based on the CFPBs qualied mortgage denition, lenders should expect a smaller pipeline of qualied mortgages that meet the requirements for a minimum 43 percent
debt-to-income ratio. Many jumbo loan borrowers and rst-time home buyers with excessive credit card or student loan debt are expected to fail these DTI qualied mortgage
requirements.
5
The U.S. Department of Housing and Urban Development (HUD) issued a nal rule on Feb. 8, 2013, stating that a Fair Housing Act violation may be found when a lending
practice has a disparate impact on diferent demographic groups. Violations may be cited even if a policy or practice is neutral on its face. HUD requires institutions to prove
that any challenged practices are justied by a business necessity.
11
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
What are your plans for ofering the following value-added services in 2013?
Mobile banking, wire and ACH origination, and remote deposit capture technologies continue to be new investment
priorities in 2013.
With the popularity of smart phones and other mobile devices, FIs are realizing the benets of convenience, cost
savings and revenue opportunities that mobile banking technology provides for customers and the institution.
Resoundingly, 80.3 percent of the respondents reported that they have already implemented wire and ACH
origination. Similarly, 64.9 percent already ofer remote deposit capture.
Forty-six percent cite mobile banking with mobile alerts as the top technology investment from 2012 into 2013.
A signicant percentage of the respondents (78.9 percent) have implemented or are exploring investments in
mobile alerts.
Nearly 67 percent of respondents ofer or are considering mobile banking check deposits. This reects a growing
interest among the responding FIs now already ofering or planning to ofer the service. In addition, 52 percent
have made or are exploring investments in mobile banking frameworks that enable them to successfully cross-
sell and up-sell products and services to existing customers.
Person-to-Person (P2P) Payments continues to be an area of investment through 2012 and into 2013. More than
31 percent of the respondents are looking at this technology in 2013. A total of 51.5 percent, ve out of 10 FIs,
already ofer or are now considering the value of P2P as a new service for customers. P2P appears to be a slow
but steadily growing service of interest among FIs.
As FIs continue to search for added sources of non-interest, fee-based income, the following services may ofer
additional income opportunities:
Wire and ACH origination
Remote Deposit Capture
P2P Payments
Micro-cash management to small- and medium-size businesses
Notication of vendor discounts
Technology Investments (208 responses) Already Ofer
Will or
Considering it
for 2013
A Priority
Investment
Not
Considering
it
Wire and ACH Origination 80.3% 1.9% 82.2% 7.7%
Remote Deposit Capture 64.9% 14.9% 79.8% 20.2%
Mobile Banking with Mobile Alerts 32.7% 46.2% 78.9% 21.2%
Mobile Banking Check Deposit 6.7% 59.6% 66.3% 33.7%
Mobile Banking with Framework to Cross-sell
and Up-sell
7.2% 44.7% 51.9% 48.1%
P2P Payments 20.2% 31.3% 51.5% 48.6%
Personal Financial Management 23.1% 28.3% 51.4% 48.6%
Micro-cash Management to Small- and
Medium-size Businesses
23.6% 25.6% 49.2% 52.9%
Opt-in for Notication of Vendor Discounts 3.8% 20.3% 24.1% 76.0%
12
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
What are your plans for technology investments in 2013?
More than half plan to increase technology spending.
Respondents show that plans for technology
investments in 2013 will exceed 2012. Nearly
97 percent cited plans to invest more or the same
amount in technology in 2013. Of that, 51 percent
plan to increase technology spending. This is another
positive metric that shows signs of condence
among FI executives in the growing strength of our
economic recovery and the outlook for the nancial
industry. It also reects the awareness among FI
executives of the value that prudent technology
investments can generate as they continue to
compete for new customers, grow income from
existing customers, manage risk and compliance
costs, and maintain protability.
From the responses to this survey and other industry data recently published
6
, mobile banking and payments
and cloud technology were identied as the most important IT-related projects for FIs in 2013.
2013 COMPLIANCE
Where will you need compliance services and products to help in 2013?
Dodd-Frank Act (DFA) regulatory planning and self-assessment are top of the list again in 2013 with 57 percent.
Fifty-seven percent of respondents continue to identify DFA planning as the top compliance priority, exceeding
last years response of 47 percent. Similarly, DFA self-assessment is again at the top of the list with 45 percent,
which is consistent with last years priorities. Last year, we predicted that as more of the nal DFA rules were
published, DFA compliance help would continue to be an important area of support for FIs. This trend is likely to
continue as many of the new rules begin to take efect in 2014.
Almost half of the respondents, 44.2 percent, selected help with the review and updating of their consumer
compliance programs. This makes sense, since several of the DFA rules that have been published by the CFPB
will require a review and update of each FIs consumer compliance program. It also is consistent with the
increased focus of examiners on consumer compliance programs. Many institutions are reporting that examiners
are performing more stringent consumer compliancerelated exams, e.g., Fair Lending, CRA, HMDA, Fair Credit
Reporting Act, UDAAP, and website compliance.
These compliance exam priorities may be the catalyst for approximately one-third of the respondents indicating
that they will be looking for help with CRA, Fair Lending and Lending compliance reviews; deposit and operations
compliance reviews; consumer compliance risk assessments; UDAAP risk assessments; BSA/AML reviews and
risk assessments; and administering consumer compliance programs.
Enterprise risk management (ERM) products and services also have jumped to the forefront with 40 percent
identifying ERM as an area where they will need compliance help in 2013.
Approximately one quarter of the respondents will be looking for help with information technology and
security risk assessments, Management Quality (the M in CAMELS), website compliance reviews, social media
compliance, stress testing and vendor management programs.
6
Crosman, Penny. Community Banks Plan to Increase IT Spending in 13: KPMG. Bank Technology News, Nov. 6, 2012.
http://www.americanbanker.com/issues/177_215/community-banks-plan-to-increase-it-spending-2013-kpmg-survey-1054171-1.html
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
13
E x e c u t i v e R e p o r t
Will need compliance products and services to help with: (208 Respondents) Count Percent
Dodd-Frank regulatory planning 119 57.2%
Dodd-Frank self-assessments to identify areas of change, as needed 94 45.2%
Review and update consumer compliance program 92 44.2%
Enterprise Risk Management (ERM) 84 40.4%
CRA, Fair Lending and Lending compliance reviews 80 38.5%
Deposit and operations compliance reviews 67 32.2%
Consumer compliance risk assessments 65 31.3%
UDAAP risk assessments 64 30.8%
BSA/AML reviews and risk assessments 62 29.8%
Administering consumer compliance program 60 28.8%
IT and IS risk assessments 55 26.4%
Management Qualityensuring that management consistently and efectively identies,
measures, monitors and controls risks
54 26.0%
Website compliance reviews 47 22.6%
Social media compliance, e.g., logging and tracking of social media marketing activity
and customer complaints
47 22.6%
Stress testing to quantify the efect of changing economic conditions on asset quality,
earnings and capital
46 22.1%
Vendor management IT and security compliance and risk 46 22.1%
Fraud 41 19.7%
Asset qualityassessing the quantity of existing and potential credit risk 38 18.3%
Red ags and identity theft reviews 37 17.8%
Internal control audit 36 17.3%
Earningsevaluating the quality, strength and source of earnings 30 14.4%
Consumer complaint tracking 30 14.4%
Electronic Funds Transfer, Regulation E 29 13.9%
Business continuity program 28 13.5%
Sensitivityassessing the ability to identify, monitor, manage and control market risk 27 13.0%
Capital adequacymaintaining adequate capital 25 12.0%
eBanking Review 24 11.5%
Expedited Funds Transfer, Regulation CC 23 11.1%
GEOCODING for HMDA and CRA 23 11.1%
Vendor management consumer compliance and risk 23 11.1%
ATM audit 22 10.6%
Customer due diligence 21 10.1%
OFAC screening 19 9.1%
CIPbad check history 19 9.1%
Wireless penetration testing 19 9.1%
Wire processing 18 8.7%
Liquidityassessing ability to fund assets and meet obligations as they become due 13 6.3%
Phishing/pharming audit 13 6.3%
Web application testing 8 3.8%
Other 7 3.4%
14
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
Do you have a strategy established to prepare for the
Dodd-Frank regulatory changes in 2013?
Almost all FIs have or are working on a strategy to
prepare for DFA regulatory changes.
While only 18 percent have actually rolled out a
strategy to start managing the DFAs efect on their
compliance programs, 71.2 percent of respondents
indicated that they are working on a strategy to
prepare for the changes. Since the nal mortgage
reform and other rules have already been published,
all institutions should immediately begin to assess
and administer policies, procedures, practices,
disclosures, webpages and other compliance
program aspects that may need revision to ensure
compliance with the pending efective dates of the
new rules, e.g., January 2014 is the efective date for
the mortgage reform rules.
It is easy to understand why many institutions have
not nalized a strategy to manage the efect of the
DFA on their compliance programs. While many
nal rules are published, the industrys reaction has
caused the CFPB to re-open some of the rules for
industry comment.
For example, as we go to press with this study, the
CFPB published the nal mortgage reform rules
and simultaneously asked for additional industry
comment on a safe harbor provision for the Ability-
to-Repay qualied mortgage requirements. While
most FIs appreciate the intent to dene a safe harbor
that will enable them to make more loans, they will
not be able to nalize their lending program strategy
until the qualied mortgage safe harbor is nal,
which is anticipated in mid-2013. FIs need time to
update their strategic plans for what types, size
and volume of loans they will pursue, e.g., will it be
residential, commercial, auto or other.
While the proposed amendments may help nancial
institutions that are under $2B in assets and issue less
than 500 residential loans per year, they will need time
to plan and adapt. Since the efective date of the rule
is January 2014, this may only leave institutions with a
few months to react and plan accordingly.
E x e c u t i v e R e p o r t
15
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
How many additional compliance staf will you hire in 2013?
Nearly 80 percent of respondents indicated that they do not plan to hire additional compliance staf in 2013.
Many forecasts have suggested that FIs would be forced to hire additional compliance staf to keep pace with the
numerous compliance changes scheduled for 2013. The responses to this question remain consistent with those in
our 2012 annual survey (i.e., 63 percent indicated they had sufcient staf with the necessary expertise).
Who is responsible in your organization for compliance readiness?
Approximately 87 percent of respondents cite the compliance ofcer as the primary position responsible
for ensuring compliance readiness. A comparison of the 2012 to 2013 responses suggests that compliance
committees, risk ofcers and CEOs also are taking on additional compliance-readiness responsibilities. The
4 percent reduction in the business unit leaders as a primary point person for compliance suggests that perhaps
compliance is moving to a more centralized function in some FIs.
E x e c u t i v e R e p o r t
16
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
What types of resources are you considering to assist with compliance activities in 2013?
Consistent with the 2012 responses to this question, 89 percent of respondents plan to use existing staf.
How often do you update your IT risk assessment and control evaluation?
IT risk assessments should be performed more frequently.
IT risk assessments continue to be scheduled as an annual project for approximately 60 percent of the
responding institutions. The FFIEC requires that IT risk assessments be performed as material changes occur,
new information is available, or at least once a year if no new information is available or no material changes
occurred. As institutions implement such products and services to customers as mobile banking, social media,
P2P, PFM and other oferings, and update their compliance programs, they should consider the subsequent
efect on and validity of the IT risk assessment.
E x e c u t i v e R e p o r t
17
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
2013 SECURITY & MOBILE DEVICES
What is your top information security concern for 2013?
Attacks from external sources continue to be the primary security concern.
Respondents indicated that they had the same information security concerns for 2013 as in 2012. The top
concern continues to be from external threats and attacks. Mobile users and mobile devices are second and
internal attacks are third. Moving to the cloud continues to be ranked as the fourth information security concern.
Its no wonder external attacks remain at the forefront. At the beginning of 2013, hacktivists leaked the
condential data of more than 4,600 banking executives from a Federal Reserve website, and distributed denial
of service (DDoS) attacks on banks remain at the top of the news.
A few respondents also identied the following information security concerns:
P2P
DDoS
Skimmers
Data breach
Speed of change
Remote deposit
IT staf turnover
Social networks
Social engineering
Third-party vendor risk
Phishing and malware
Corporate account takeover
Customer security practices
Adequate security monitoring
Fraud:
-ACH and wire fraud
-Mortgage fraud
-Credit and debit card fraud
-Online fraud
-Identity theft
18
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
How many network security incidents has your
institution experienced in the last 12 months?
The majority of respondents answered that there were no
successful security incidents within the last 12 months.
A security incident could be considered anything from a
successful network attack, a conrmed but prevented
attack, or in some cases, even a lost smartphone. The
average FI may have at least one attack attempted on its
network per month. With 24x7 intrusion protection and
prevention monitoring, chances are these are stopped
before they become successful.
Its good news that the majority of respondents
experienced no successful network attacks within the
last 12 months. Also, it is important to note that while
25 institutions claimed no knowledge of the number
of security incidences, understanding and monitoring
the risk your institution is up against each month is of
critical importance, from the CEO to the teller.

What percentage of your staf will access data from your
network via smartphones or mobile devices in 2013?
The majority of respondents plan to limit mobile access to
less than 25 percent of employees.
The percentage of staf expected to access network
data from a smartphone or mobile device stayed
roughly the same; however, some institutions
reported a small percentage shift moving from those
organizations that expect to see 1-50 percent of their
staf using mobile devices to access networks to the
upper tiers, 50-100 percent. It is still surprising that
the majority still lies in the 1-25 percent category,
considering the growing number of smartphones on
the market.
Staf Percent
1 to 24% 66.4%
25 to 49% 9.1%
50 to 74% 3.4%
75-100% 1%
Not Sure 20.2%
19
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
What groups within the institution will use mobile devices for business in 2013?
Data conrms that more and more executives, including board members, are using mobile devices for business.
This year, respondents were asked to report on usage from board members instead of tellers and indicated
that more than a quarter of the institutions board members are using mobile devices for business. Additionally,
respondents indicated a growth in the number of executives using mobile devices for work, while management
and loan ofcers decreased slightly.
Board member usage may be an indication of the popularity of tablet-based board portal solutions for managing
board documents and meetings. The increase in executive usage also is consistent with industry trends, as
executives look to stay connected from the road, home and while in the ofce.

NEW QUESTION: When will you have a mobile device
management solution in place?
Mobile device management solutions help to secure
and monitor mobile devices that access a business
network, with the goal of reducing risk. With so many
employees and board members accessing network
data from mobile devices, its reassuring to see that
nearly 60 percent already have or will have a plan in
place by the end of 2013.
20
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
What is your view of mobile banking security?
Perception regarding the security of mobile banking is
beginning to trend more favorably.
In this years survey, more respondents now believe
that mobile banking is just as secure as Internet
banking, and 7 percent fewer respondents now
feel it is less secure. Perception is reality, and both
FIs and customers are becoming more educated
on technology, so the gap between perception
and facts is closing. With three types of mobile
banking availableSMS, mobile browser, and
appsits important that FIs understand the security
implications of each.
SMS (or text messaging) is very secure in that there
is no identiable customer information shared
through this iteration of mobile banking. This is the
most basic version, which allows for the exchange of
simple balances and transactions, leaving very little
information available to a fraudster. However, users
should be aware of attempts to collect such data
as PINs, account numbers or other information by
spoofed SMS messages.
Browser-based mobile banking is the most
comparable, as far as security, to Internet Banking. In
reality, it is probably somewhat safer at the moment
because creators of password-cracking viruses
and Trojan horses havent yet fully focused on the
mobile market. Of course, mobile web users are as
susceptible as anyone else to the phishing scams and
spoofed websites that try to trick users into disclosing
passwords and other personal data.
Apps developed specically for banks, however,
are proprietary applications and are highly secure
because they can contain unique security algorithms.
And because they dont use web browsers, these
applications are resistant to phishing scams.
As more FIs begin exploring mobile banking options
and rolling out services to customers, the responses
to this question are likely to continue to trend in a
positive direction.

21
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
2013 OUTSOURCING & CLOUD
What information technology services is your FI currently outsourcing?
From 2012 to 2013, respondents indicated that there is steady growth in the trend of outsourcing IT services,
with increases in complete outsourcing of IT, network and security, infrastructure monitoring and maintenance,
and IT projects and consulting. This trend will likely continue as the complexity of technology for nancial
institutions grows beyond internal resources, cloud solutions are embraced, and bankers look to focus on their
core competencies.

What are your plans for outsourcing IT services in 2013?
The trend toward moving additional services to outsourced vendors looks like it will continue, with nearly 5 percent
looking to completely outsource IT and 12.5 percent planning to outsource more than they did in 2012. While at the
same levels as 2012, this still represents the steady increase year after year in the previous chart. Seventy-one
percent will hold fast with the level of outsourcing today, up from 2012. Surprisingly, slightly more respondents also
indicated that they are going to outsource less than they do today.
22
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
What percentage of your IT assets will be in the cloud in 2013?
Respondents indicated a growing comfort level with cloud-based solutions.
While slightly more respondents answered that they would have no assets in the cloud in 2013, the survey also saw
a shift in percentage from the lower end (1-25 percent) to the higher end (26-100 percent). This may indicate that
those institutions that have developed a comfort level with cloud solutions will continue to look for more ways to
reap the benets, while performing the due diligence cited in 2012s FFIEC Outsourced Cloud Computing Guidance.
NEW QUESTION: What types of solutions do
you use in the cloud today?
Of those using cloud solutions today, the
majority are using applications in the
cloud. This makes sense, considering
that cloud-hosted applications or
Software-as-a-Service (SaaS)
usually are the easiest transitions
and quickest wins for organizations
looking to transition to the cloud.
Just behind those using applications
only, more than 13 percent are using
both applications and infrastructure
in the cloud, with infrastructure-only in
third place.
23
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
NEW QUESTION: What types of solutions are you looking to move to the cloud in the future?
Of those planning to move solutions to the cloud in the future, the majority plan to move forward with applications
and infrastructure. Thats understandable, since many of the respondents have applications only at this point and
will be looking to expand into infrastructure as well. This is a logical next step in continuing to achieve the benets
of the cloud.
NEW QUESTION: Rank cloud benets in terms of importance to you.
Surprisingly, disaster recovery ranked above capital cost reduction, the latter being the chief value statement
often associated with cloud services. Also surprising is that the features of enhanced support and relocation
of internal IT resources also trumped speed to market and scalability. However, this makes perfect sense for
organizations that are looking to achieve enterprise-level support and IT resources by outsourcing some or all of
their IT operations in the cloud.

24
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
What is your greatest concern when it comes to cloud-based services?
Concerns with cloud adoption are coming down across the board. There are signicantly large decreases indicated
in the areas of compliance and loss of control, as well as a signicant decrease in the chief concern, security. The
drop in concern from 2012 to 2013 may indicate that nancial institutions are beginning to see cloud services as
another form of outsourcing, with the same vendor management due diligence requirements. This also indicates
that cloud is becoming a more mature ofering within the nancial industry.

NEW QUESTION: Are you currently leveraging virtual desktops within your environment?
Virtual desktops are an expected area of growth.
More than 20 percent of nancial institutions are leveraging virtual desktops today. This is a new question on the
survey in 2013, so it will be interesting to see how this trend changes in the coming years, as Gartner predicts the
worldwide hosted virtual desktop market will exceed $65 billion in 2013
7
.
7
Gartner. Gartner says Worldwide Hosted Virtual Desktop Market to Surpass $65 Billion in 2013. March 26, 2009. http://www.gartner.com/newsroom/id/920814
25
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
2013 DOCUMENT PROCESSING
NEW QUESTION: Are you outsourcing statement printing to a GLBA-
compliant vendor?
More awareness of GLBA requirements and information security risk are
still needed.
Almost 45 percent of respondents do not outsource statement printing to
a GLBA-compliant vendor. GLBA requires all FIs and their vendor partners
to safeguard and to hold all non-public customer information condential.
This requirement must be enforced throughout the statement composition
and preparation process and validated through a series of quality tests and
periodic audits.
FIs must ensure that their outsourced print provider has a GLBA policy that
is part of a larger information security strategy. They should regularly test
this policy through audit review and electronic vulnerability assessments.
These assessments should be conducted by independent third parties to
ensure their validity. It also is a good practice for outsourced print vendors
to be reviewed annually by federal and state bank examiners, according to
FFIEC guidelines.
NEW QUESTION: Are you transitioning from paper to electronic statements and notices?
Paper statements and notices are going away.
Eighty-ve percent of respondents have already transitioned or are in the process of transitioning from paper
to electronic statements and notices. The responses to this question validate a general industry trend that FIs
are gradually selecting electronic statements and notices, since these delivery options allow them to capitalize
on both cost and operational efciencies. This trend is expected to continue as more people acquire electronic
devices that make receiving and viewing this information easier.
For those FIs that plan to continue using paper, they can still nd opportunities to reduce costs in this area. The
cost to produce and deliver a paper statement varies widely. Doing the work in-house likely can run as much
as $1.00 to $1.50 per statement when postage is included. However, outsourcing to a GLBA compliant vendor
will likely save $0.30 to $0.80 per statement, but the cost is still a large expense for these accounts. Add to this
expense the delivery challenges that are sure to develop with possible changes to the USPS, and electronic
delivery looks very attractive.
Transitioning to electronic statements and notices provides three key benets:
Transition from paper to electronic
statement and notices?
Percent
Already transitioned 30.3%
In process already 39.9%
Planning to in 2013 14.9%
Staying with paper 14.9%
It ensures the timely delivery of information.
It creates the opportunity to deliver content within the
online banking environment.
It saves money. Electronic delivery is generally less
than 35 percent of the print cost when considering the
price of postage.
26
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
E x e c u t i v e R e p o r t
NEW QUESTION: Have you implemented a successful and secure merchant capture strategy?
Merchant capture is a high-risk transaction and must be secure.
Approximately two-thirds, 62.1 percent, of respondents indicated that they have implemented or are in the
process of implementing a secure merchant capture solution. Merchant capture has revolutionized payment
processing by enabling nancial institutions to receive image payment transactions directly from remote
merchant locations. This convenient and cost-efective capture solution yields great benets for all involved
parties. It is imperative, however, that all merchant capture activities are securely protected.
In 2011, the FFIEC issued supplemental guidance related to authentication in an Internet banking environment.
FIs are now required to identify high-risk transactions and ensure appropriate authentication controls and
security layers are in place. This supplemental guidance reafrms the original denition in the 2005 guidance of
what constitutes a high-risk transaction: electronic transactions involving access to customer information or
the movement of funds to other parties. Clearly, merchant capture qualies as a high-risk transaction.
Depending on your assessment of risk, merchant capture security will be handled diferently. An understanding
of risks and appropriate controls will aid you in completing this required exercise.
Summary
FIs are feeling cautiously optimistic about the future.
The data from this years annual study, along with
other key data points, indicates that FIs are no longer
waiting passively for conditions to improve. As the
survey respondents revealed, the top opportunities
for the coming year include loan growth, new
technology, mobile banking and expanding market
share. These four initiatives are all interrelated, with
each providing the ability to bolster the other. The
determining factor will be developing a solid roadmap
for the future, so that they can maximize protability.
As FIs build a long-term strategy, the survey results
reveal that many will capitalize on the identied
opportunities through increased investment
in technology. These investments will likely be
concentrated in the areas of mobile banking, wire
and ACH origination, and remote deposit capture
technologies. Its likely that more investments will
be made in cloud-based solutions, as FIs continue to
recognize the cost efciencies that can be gained by
outsourced technology.
And underlying this outward activity will be a
constant focus on regulatory compliance and data
security. As the data suggests, FIs feel they are
well-stafed for the upcoming compliance changes
emerging from Dodd-Frank, but they will complement
this readiness by using solutions that simplify the
overall compliance process. Conversely, with external
attacks being respondents greatest security fear, its
likely that they will increase their focus on measures
that strengthen rewalls and perimeter security;
however, FIs shouldnt neglect the fact that social
engineering also leaves the door open for external
attacks. A well-rounded approach to both compliance
and security will be key to enabling success in 2013
and beyond.
Overall, the data from the CSI 2013 Annual
Banking Priorities Study hints at renewed signs of
optimism. As new regulations take efect and with
new technologies constantly changing consumer
behaviors, the health of the banking industry will
come down to responsible, protable lending by
forward-thinking banks that are willing to participate
in a dynamic, ever-changing market place.
About CSI
Computer Services, Inc. (CSI) is a customer service
company that delivers innovative technology
solutions to more than 5,000 nancial institutions and
companies nationwide. A total solutions provider, CSI
ofers core processing, managed services, mobile
and Internet solutions, payments processing, print
and electronic distribution, and regulatory compliance
solutions. With nearly 50 years as an industry leader
in innovation and service, CSI serves its customers as
a trusted technology partner that understands their
needs and delivers solutions that empower them to be
more competitive, compliant and protable.
To learn more about CSI, visit CSIweb.com.
E x e c u t i v e R e p o r t
27
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y
Authors & Contributors
Paul Reymann
Chief Risk Ofcer, CSI Regulatory Compliance
David Culbertson
President & General Manager, CSI Document Services
Bill Kane
Senior Risk Management Consultant, CSI Regulatory Compliance
Chad Whittenberg
Director of Product Management and R&D, CSI Regulatory Compliance
Sean Martin
HIVE Network & Security Manager, CSI Managed Services
Clif Skrdlant
Senior Product Manager, CSI Managed Services
E x e c u t i v e R e p o r t
28
E x e c u t i v e R e p o r t : 2 0 1 3 B a n k i n g P r i o r i t i e s S t u d y KY_041113_001_V1 April 2013