Pub. 10 2019 Issue 1

Spring 2019 11 West Virginia Banker 1. Procedures for opening and closing; 2. Procedures to assist in identify- ing persons committing crimes, such as cameras, and the use of identification devices such as pre-recorded serial-numbered bills, or chemical and electronic devices; 3. Provide for initial and periodic train- ing of officers and employees; and 4. Provide for selecting, testing, and operating and maintaining appro- priate security devices. FDIC regulations further identify the minimum requirement for security de- vices which should include, in part: 1. A vault, safe or other secure space; 2. A lighting system to illuminate the area around the vault if the vault is visible from the outside of the bank; 3. An alarm system for prompt notifi- cation of law enforcement; 4. Tamper resistant locks on the exte- rior doors and windows; and 5. Other such devices as the security officer determines appropriate based upon the amount of currency or valuables on site, the distance of the bank from law enforcement, the cost of security measures, other measures utilized in other banking offices, as well as the physical char- acteristics of the bank itself. Finally, regulations for the Bank Pro- tection Act require that the security officer must report at least annually to the bank’s Board of Directors on the “implementation, administration, and effectiveness of the security program.” Thus, the Bank Protection Act of 1968 and its accompanying FDIC regulations provide critical guidance as to the gen- eral matters to be covered by a security plan, but it is important that it only pro- vides a floor for the security measures that must be implemented. Considering this legal landscape, banks should implement the most up-to-date measures and technology as part of an overall global security strategy to assure that their employees and banking cus- tomers have a safe banking workplace and environment: 1. REGULARLY UPDATE WRITTEN SECURITY PROCEDURE – As required by the Bank Protection Act, banks must have a security plan with written policies and proce- dures designed to provide a safe work environment for staff and a secure banking facility for custom- ers. Procedures should outline in detail the security-related training to be conducted with each new and current employee, outline the bank’s security equipment reviews and maintenance, and require routine in- ternal and external security auditing. All security training and assessments should be thoroughly documented by the bank’s security officer. 2. CRIMINAL ACTIVITY ASSESS- MENTS – Banks and their security team members must continually update and document their assess- ment of local criminal activity in their bank locations. The security team should examine if there has been an increase of bank-related crime, including criminal activity targeting customers in bank park- ing lots or while using bank ATM’s. An increase in crime for a particular location may require the bank to identify and implement additional protective measures. 3. ENGAGE LAW ENFORCEMENT – A bank’s security officer should engage in ongoing consultation with law enforcement regard- ing local criminal activity. Bank security should request that the local FBI or other law enforcement agencies conduct regular staff training sessions to ensure bank employees remain current with the most up-to-date measures to reduce the risk. 4. SELF-AUDITS – Security audits and reports should be conducted routinely to determine whether the most current risk protection technology and practices are being incorporated. Security programs should always reflect an evolving strategy that adapts to ever-chang- ing criminal threats. Scott Evans is an attorney with Flaherty Sensabaugh Bonasso. He is a veteran defense attorney with over 20 years of litigation experience. Scott focuses his practice in the areas of employment law and corporate defense. He can be reached at 304.347.4214 or wsevans@ flahertylegal.com. Jim Lane is an at- torney with Flaherty Sensabaugh Bonasso. With more than 20 years of experience in financial services law, Jim’s focus is bankruptcy, creditors’ rights matters, business transactions and business-related disputes. He can be reached at 304.205.6373 or jlane@flahertylegal.com. 5. DOCUMENT ALL SECURITY TRAINING – Should litigation result, a key piece of a bank’s defense will be documentation related to the security program, planning and training, all of which must satisfy at a minimum, the re- quirements of the Bank Protection Act as well as demonstrate that the bank’s security program has incorporated the most appropriate risk management practices. The above suggestions are starting point for banks to consider when addressing security issues. Criminals, like Jesse James and his gang, will always consider banks as a prime target. Therefore, it is important that banks appreciate the public’s high expectation of bank security and need not only aim at satisfying the mini- mum standard set by federal law but strive to exceed those requirements to protect their staff and patrons. If a bank fails in implementing a robust and proactive security program, their Board of Directors run the real risk of twelve jurors judging whether security measures were up-to-date, appropri- ately planned and properly imple- mented – a risk that ultimately may not be favorable to the bank’s reputation or bottom-line. 