Today’s modern arsenal of bank and credit union security devices offers a dizzying array of options. From hi-tech eye scan equipment and personalized biometrics to Internet of Things (IoT) activated systems, the offerings can be overwhelming. Where do banks start when building a comprehensive security system? How do credit unions know if they’re spending security budgets on the right equipment?

Although each financial institution has its own unique requirements, industry experts agree on the basic security equipment that every bank and credit union must have in place to defend against the most common breaches.


The most comprehensive, and therefore, the most important single piece of security equipment is an integrated central alarm system. Such a system is the first step to satisfying the FDIC’s minimum security device regulation.

An advanced access system should ensure that all external entry points to the bank are equipped with tamper-proof locking mechanisms. Most banks focus their efforts primarily on securing traditional door access, but attention should also be given to any possible entry point an unauthorized entrant may attempt. All windows should be equipped with glass break sensors, and ductwork should have pressure and motion alarms. Every internal location with access to cash, like teller workstations and cash desks, should also be secured with alarm activators.


Whereas access and alarm systems protect banks and credit unions against unauthorized access, video surveillance systems continue to be the primary tool in identifying and apprehending robbers, intruders, and any unauthorized entrants. Video cameras should be positioned at all critical locations including external access points, cash access locations, teller desks, drive-throughs, and ATMs.

Advanced digital video systems can provide remote viewing and advanced analytics that go beyond intruder identification to offer customer studies that enhance efficiency and profitability metrics.


Knowing who gains access to a secure facility is critical. That’s why banks and credit unions are implementing personalized access systems. Unlike generic entry keys which can be shared by employees or fall into the wrong hands, custom access systems ensure that only those individuals authorized for entrance can gain access.

The two most popular types of such access devices are card swipe machines and entry keypads. With both approaches, employees are assigned a card or a password that is unique to themselves. Custom codes keep track of what employees are in the building at any given time, and if a card is lost, it can be immediately deactivated to eliminate unauthorized access.


The final must-have piece of security equipment guards against the most frequent form of ATM attacks. ATM card skimming now accounts for nearly 95% of all bank losses, and as customers continue to favor such automated services, ATM crime is expected to increase. ATM Skimming refers to the stealing of a customer’s ATM card information, as well as their PIN.

Would-be thieves use a combination of keypad covers and internal devices to duplicate account access codes and drain customer accounts without ever having entered a branch location. In the past, banks and credit unions had to wait until the first ATM breach was reported. Today, however, there are highly effective security devices that can detect skimming activity and provide alert monitoring.

Remaining vigilant against the ever-changing security threats is a daunting task. The attention that is given to growing cyber threats often pulls time and attention away from the equally important commitment to ensure physical safety for bank employees, customers, and their assets. Every financial institution, regardless of its size, must allot sufficient resources for the four pillars of basic bank security: alarm systems, video surveillance, employee access and ATM security.

For more resources on how to make sure your company has the necessary security systems installed, contact SPC Companies – committed to helping bank and credit union professionals sleep better at night.





Since the advent of video cameras in the 1970’s, banks and credit unions have relied upon surveillance cameras as a central part of their security system. From identifying perpetrators to deterring malicious activity, no one would argue the efficacy of security cameras.

However, every year, banks and credit unions spend valuable security budget on surveillance devices, only to come up short when reviewing captured video. The experience is repeated across the nation and at banks of all sizes. The frustration results, not from the quality of the video camera, but from the positioning of the camera itself.

When it comes to security cameras, it’s helpful to think like a realtor – it’s all about location. With that in mind, evaluate your financial institution against the following key locations for surveillance cameras.


Security cameras should be positioned to record the flow of foot traffic at all entry points. Entry and exit doors are prime locations to record facial features. For that reason it’s recommended that such cameras be set to a three-foot capture frame, the width of an average door. It’s also important to consider the light source when aiming a camera at an external door. It’s not unusual for a camera to record a silhouetted image when the door opens against a sunny exterior.

Special attention, therefore, should be given to assessing the camera position to limit the over-exposed video resulting from harsh backlight. The inherent lighting challenges associated with cameras facing an entrance door make it all the more important to have properly positioned cameras monitoring all door exits.


A transaction point is any place where money is deposited or distributed. This includes teller counters, drive-up windows and ATMs. Second only to access points, these areas provide the best opportunity to capture visuals useful for investigative purposes.

Positioning cameras in these transaction areas can be particularly tricky, however. Industry experts recommend a mounting height of about seven feet and aimed directly at the secure location. However, if the camera is too high, it will only record tops of heads. Since many would-be assailants wear caps or hats of some kind, the goal should always be to mount the cameras as low as possible to capture facial images, but as high as to record the desired space.


Think of “hot spots” as any area which could pose an opportunity for theft. Cash drawers, jewelry cabinets, filing cabinets and safes all fall under this category. The goal of cameras in these areas is not so much to identify detailed facial recognition, but rather to record if a crime has taken place.

Security cameras in these areas, therefore, should be set to the widest capture field possible and mounted to provide for a large viewing area. In specific hot spot locations, cameras can be mounted directly above cabinets and file drawers to capture unwarranted access.


Ensuring adequate camera positioning outside of the bank facility can be as important an internal security coverage. Many reports indicate that the mere presence of external cameras can be a powerful crime deterrent. Position cameras in these locations to record potential vandalism or violence in parking lots and alleyways. Many financial institutions are using hi-resolution cameras for effective identification of license plates in external locations.

While the value of surveillance cameras cannot be overstated, it’s not just the positioning of the cameras that can enhance overall security. Placing a TV monitor in the lobby, for instance, draws the eyes of entrants allowing for full facial identification and serves as a reminder of the bank’s active video security. Whereas, training tellers to conduct exchanges in the middle of their counter helps ensure video capture of all monetary transactions.

For more ways to make sure your cameras and your bank are well-positioned for a secure future, connect with SPC Companies – providing the resources to help bank and credit union professionals sleep better at night.





Video surveillance is one of the most important components of a financial institution’s security infrastructure. So much so, that the National Institute for Occupational Safety and Health (NIOSH) identifies the use of CCTV and video monitoring as a primary means to deter theft and ensure employee safety.

The concern is real and so are the threats:

  • #1 The American Bankers Association reports banks and credit unions lost almost $2 billion to fraud and related crime last year. (2015 ABA Deposit Account Fraud Survey).
  • #2 According to the FBI, every year approximately 5000 U.S. banks are the victim of onsite robberies.
  • A recent FICO report indicates that ATM skimming has jumped a whopping 546%.
  • Industry estimates suggest an additional $2 billion a year is lost to ATM fraud alone.

That’s just the financial loss. Every time an unauthorized person enters a secured area of a bank, it puts bank employees at unnecessary risk.

The good news? All of these security breaches can be reduced or eliminated with the addition of high-quality video surveillance as part of an integrated alarm system.


No asset is more valuable than the employees that maintain the day-to-day relationships with bank and credit union customers. Strategically placed external video cameras allow bank employees to view and control entrance into the building. Internal cameras provide law enforcement with visual identification of intruders.


Incorporating video into a banking alarm system allows for visual inspection of the bank facility whenever an alarm is triggered. This ability eliminates the need for a security guard to respond to false alarms after hours, saving banks time, money and preserving security confidence.


Around the world, the use of closed-circuit cameras are being credited with reducing crime and apprehending perpetrators. It’s commonplace to see security video aired on news stations in an effort to apprehend the guilty. Video surveillance, as part of a banking alarm system, is seen as the number one way to ensure accurate identification of suspects.


Despite the growing emphasis on cyber scams, physical check fraud is still prevalent in the U.S. According to the most recent AFP Payment Fraud and Control Survey, although fewer people are using paper checks, physical checks are still the most susceptible to fraudulent attacks. Many banks and credit unions are using video surveillance systems with advanced facial recognition that record transaction data and capture images of offenders. This information is used to identify criminals and help protect customer accounts.


ATMs are not just popular among banking customers, but they’re increasingly becoming a favorite of criminals, as well. According to the Association of Chartered Certified Accountants (ACCA) the sheer number of ATMs in the U.S. make them extremely vulnerable to skimming and cash harvesting schemes. Many industry leaders identify video surveillance as a primary tool to deter such activity. Security systems equipped with video technology not only provide visual recognition of the criminal after the theft, but also allows for real-time monitoring of suspicious ATM activity for proactive theft prevention.


By integrating video into their alarm system, banks are not only reducing loss, but also increasing productivity. Many banks are studying daily video captures to monitor customer traffic, staffing levels and merchandising. Designing operational processes around such daily activity is shown to enhance marketing efforts and customer service.

For many banks and credit unions the integration or upgrading of video technology is a daunting undertaking. How many cameras are really necessary? Where is the best placement of surveillance equipment?

These are just some of the issues making banking security an ever-evolving challenge. For help navigating these issues and to find out the best security options for your needs, visit SPC (

SPC – helping bank and credit union professionals sleep better at night.





The 2017 banking trend reports are out in abundance. It comes as little surprise that increased emphasis will be placed on all things digital. From more sophisticated firewalls to enhanced mobile interaction, investment in technology and digital solutions will continue to rise.


In the light of such expectations, however, some industry experts are sounding an alarm. They are warning banks and credit unions not to overlook the physical security risks that, as a recent FBI report, continues to rise. As financial institutions look forward to new potential revenue streams and relaxed regulations, they should also be looking at proactive ways to secure their branch locations and assets in the future.


Proactive Security Measures

Security experts and law enforcement professionals say the same thing. Most banks and credit unions do not consider a thorough review of their security systems until something goes wrong. In many instances, it takes a robbery, an ATM fraud or other security breach to make bank officials aware there is a hole in their vanguard.


An initiative-driven approach to planning bank security, before a crime occurs, will protect the bank’s assets as well as reputation.


Three Ways to Start Planning against Future Security Threats


It’s been said that being forewarned is forearmed. Nowhere is this more accurate than in regard to security planning. As security threats become more sophisticated and ubiquitous, banks and credit unions are benefitting from the industry best practice of creating proactive security measures. As financial institutions plan for improved security systems, there are three key areas that should be examined to help determine potential weaknesses and areas of future emphasis.


#1. External Data Clues

Banks and credit unions, regardless of size, can anticipate and plan for potential risks by studying often-overlooked, but readily-available external data. Information from local and regional police reports can provide insight into whether certain branch locations could be more vulnerable to threat than others. An examination of additional demographic and geographic information can provide a macro view of trends that could have an adverse impact on physical financial institutions.


Data gathered from national and industry crime reports can also be used to predict areas of security weakness. Are there certain days of the week or times of the day your bank is more susceptible to robbery than others? Does the placement of your ATM put it at greater risk for skimming? Is the latest social engineering trend prevalent in your region? Building preventative security measures to combat the likelihood of such data-driven threats can pay off in peace of mind and enhanced precautions.


#2. Internal Evaluations

The next place that can provide valuable clues as to what should be prioritized in a bank’s security plan is within the physical facility itself. A financial institution’s physical structure is often one of the most overlooked areas, simply because it is seen everyday. Employees may get used to rigging a faulty lock or overlooking an inoperative camera. Security experts agree, conducting a thorough evaluation of on-site security systems is one of the best ways to ensure facility,  employee and asset protection. Such  evaluations are generally categorized as security assessments and threat assessments.


A security assessment evaluates the functionality of all security systems and devices. Items that should be in full working order include:

  • Security lighting
  • Alarms
  • Access controls
  • Cameras
  • Vault safes
  • Perimeter & gates
  • Fire detectors and deterrents


A threat assessment, on the other hand, looks for potential weaknesses in the bank’s overall system and surroundings, not just the security equipment. A threat assessment asks questions like:

  • Are all entrances monitored?
  • Are employee IDs easily visible?
  • Do all windows provide unobstructed views of the bank’s interior?
  • Does the bank’s typography provide hidden entry points?
  • Can the ceiling’s ductwork be accessed from neighboring tenants?
  • Can customers easily view employee’s computer screens and keyboards?


A professional evaluation of a financial institution’s physical equipment, security devices and potential threats is foundational to building a solid security program for the future.


#3. The Human Element

It’s not unusual for bank managers and employees to be so close to their facility that they literally stop “seeing” potential security threats, especially when it comes to behavioral practices. Over time, strident security practices become relaxed or ignored. Old employees leave the company and fail to turn in their security cards. New employees are hired and not informed about document destruction protocol. Employees make a habit of leaving back doors propped open for a quick smoke break. Individually, each offense appear innocuous. But together, over time, these security lapses can create huge safety gaps.


A proactive approach to security must include a genuine evaluation of the “human factor.”



  • Do employees share their access credentials with coworkers?
  • Do employees regularly download software to company computers?


  • Do visitors have access to secured locations?
  • Are visitors required to have supervision while on premises?


  • Do guards randomly check briefcases, boxes or portable PCs to prevent unauthorized items from coming in or leaving?
  • Do guards allow visitors to bring laptop computers into the institution without proper signoff or authorization?


  • Have vendors been trained in proper security techniques?
  • Do after-hour cleaning staff maintain the same level of facility security as required during daily office hours?


The examples above are just a sampling of behavioral habits that should be evaluated as banks and credit unions consider security enhancement measures. Any planning for the future would be inadequate, however, if it didn’t also include an examination of a bank’s social engineering training.


As banks and credit unions across the nation gear up for the unknown security threats of the future, many are turning to experts like SPC Companies to help them chart the most efficient path. SPC Companies makes it their business to equip bank and credit union professionals with the resources they need to sleep better tonight, and into the future.





Your business manager receives an email request from their boss to wire funds to a specific vendor. The message contains a link to the account into which the funds are to be deposited. On the surface, the email appears normal. It’s not unusual for the boss to make transactional requests via email. Nor is it unusual for an employee to accommodate a request from a supervisor, especially when the email looks just like every other other email the employee receives from work associates.


The problem is, it’s not a normal email. Instead, it’s an example of CEO fraud. The unassuming link is likely connected to a bank in China or Hong Kong and your employee has just opened your company’s entire bank account to a nefarious hacker. With one click of their mouse.


What is CEO Fraud?

The above-mentioned scenario repeats itself with startling regularity and devastating results. It’s called CEO fraud, because the illicit email appears to come from a CEO, a boss or other upper-level manager. The request is always the same: transfer money to a specific account. The FBI recently released this example of such a request:


FBI Sounds Security Warning

The U.S. Federal Bureau of Investigation estimates these email scams have cost organizations more than $2.3 billion in losses over the past three years. In an alert posted to its site, the FBI said that since January 2015, the agency has seen a 270% increase in exposed losses from CEO scams. The alert noted that law enforcement globally has received complaints from victims in every U.S. state, and in at least 79 countries. Unless the fraud is spotted within 24 hours, the chances of recovery are small. That’s why only 4% of the funds are ever retrieved.


Why This Scam is So Successful

According to Ken Bagnall, CEO of The Email Laundry, although CEO scam attempts are niche, they are extremely successful. Bagnall’s research indicates that CEO scams have a 90% rate of success, compared to a 30% success rate for other types of phishing attacks.


Experts agree that social engineering is to blame for the staggeringly high success rates of such email scams. There is often an unspoken company rule to not question a request from a superior. Most employees want to be seen as a team player. Quickly responding to a boss’s request is seen as a normal response to keeping the wheels of efficiency moving. Keeping both the boss and the client happy is perceived as an admirable quality, one which could be taken into consideration in an annual employee review or for future promotional considerations.


The Cost of Untrained Employees

Everything about responding to the CEO’s request makes sense. That’s why it is so potentially devastating. And, although over 22,000 companies have reported CEO fraud, non-reporting remains very high. Industry analysts point to the fact that there is a “shame factor” associated with being duped into literally giving money away. The concern about a perceived data breach and a tarnished reputation only adds to the reluctance to report such activity.


Of those companies that have reported CEO fraud, the financial losses have been monumental. Ubiquiti Networks, a Silicon Valley computer networking company had employee emails impersonated and transferred over $46 million to overseas accounts. Xoom, an Internet money-transfer service, lost $30.8 million via fraudulent requests to their finance department. The cable manufacturer, Leoni AG, lost $44 million to emails crafted to look like legitimate payment requests from their head office in German. And, Pomeroy Investment Corp. in Troy, Michigan, transferred almost $500,000 to a Hong Kong bank. The error was noticed eight days after it took place, but by then, the money was gone.


Why Technology Safeguards Are Not Enough

Most cyber security risk management focuses on technical mitigation, such as anti-malware, email filters and two-factor authentication. These measures are important, but as the Verizon 2016 Data Breach Investigations Report (DBIR) indicated, it’s not enough. The report that studied 100,000 security incidents found that human error was to blame in the majority of cases.


The bottom line? Banks and credit unions can have the most sophisticated physical security protocol in place, but if their employees are not properly trained, they remain susceptible to fraudulent attacks.


Establishing a Secure Human Firewall

Security experts are recommending what they call a human firewall. In the same way that a technical firewall protects against malicious digital attacks, a human firewall protects against socially engineered threats.


Industry consultants recommend some basic tips to effective employee security training.


#1: Make employee testing simple and routine

Many companies use routine security questions that pop-up when employees log onto their computers. Daily questions remind employees of important security protocols and provide management with metrics for evaluation and future training.


#2: Check what they do, not just what they know

Vulnerability assessments look for evidence that employees are adhering to security best practices. The presence of sticky notes with passwords or sensitive information visible on computer screens are a red flag that what employees know may not be translating to what they do.


#3: Put security in personal terms

Some companies are realizing increased employee commitment to organizational security practices after training them how to protect their personal and financial security. The assumption is when employees build a habit of security in their personal life, it extends into their professional environment


#5: Remember the limits of training

Because there is no fool-proof, blanket security plan, experts recommend a layered approach which includes both proactive employee training and automated security solutions.


CEO fraud and other social engineering scams continue to make the list of the top security concerns for 2017. Banks and credit unions can’t eliminate the potential for malicious threats, but they can arm their employees with the security training needed to combat the ever-sophisticated social schemes.


Contact SPC to explore the advanced training options to equip your employees and protect your assets.


SPC – Helping bank and credit union professionals sleep better at night.





Whether it’s your home, your car or your bank business, routine maintenance is part of responsible ownership. It’s generally agreed upon that changing your car’s oil every 3 to 5,000 miles will keep your engine running at optimal performance. Inserting a penny in a worn area of your tire tread helps determine if new tires are needed. And, replacing smoke detector batteries twice a year ensures your home fire detection system remains operational.


But what about your bank or credit union? How do you make sure your equipment and security system is up to par and not outdated? How often should you perform a bank equipment check? And, what are you looking for to determine optimal efficiency?


How Long Should Your Bank Equipment Last?

Before determining if any components are outdated, it’s helpful to view your banking equipment and security system as a life cycle. Most industry experts report that the “life expectancy” for most equipment is around 7 years. That span however is shrinking, largely due to the technology and software used within many of these components. So, although the hardware may be compliant and operational, the internal software may be outdated or compromised. As more and more banking equipment relies upon technology, the more frequently they may need to be updated. Best practices, therefore, call for regular evaluation of not just equipment hardware, but the digital “brains” that allows the hardware to interface and operate properly.


What Equipment Needs to Be Evaluated?

Although each bank and credit union utilizes unique equipment configurations, most institutions employ a standard protocol and facility components to ensure both compliance and customer service. The following are the banking systems that most frequently require evaluation:

  • Alarm and Access Control
  • Video surveillance systems (interior and exterior)
  • Drive-up equipment
  • Night Depository
  • Safe Deposit Boxes
  • Drive-through Equipment
  • Vaults, chests, safes and lockers


Your Bank Equipment May be Outdated If . . .

It would be impossible within the scope of this article to identify every tell-tale sign that a piece of equipment may be outdated. Instead, what follows are the Top 10 questions you should ask in regard to your current banking equipment and security system.



  • Does the graininess of your surveillance make it hard to recognize faces?


If so, it’s time for an upgrade. Today’s high-definition cameras and surveillance systems are designed to provide the clarity necessary to make accurate identification of people, vehicles and even license plate numbers. Newer cameras can adjust position in response to motion and operate in extreme lighting conditions, making blurry or dark images obsolete. Poor surveillance quality can also be affected by the video wiring schema, recording device and other mediated factors.



  • Do you rely upon a DVR for your surveillance video?


Digital video recorders are great for what they were intended; recording devices to store video content for future viewing. DVRs are not not good, however, for watching a delayed recording of a crime after it has taken place. Today’s best practices call for real-time viewing and identification of intruders or unexpected incidents.



  • Do you have to wait on a slow download before reviewing video?


Older analog cameras are slow. They’re slow to capture an image – that’s why the video quality is poor. They’re also slow to process video – meaning that analog cameras require a substantial amount of time to make recorded video available for viewing. Today’s industry standard relies upon digital cameras that provide instant and enhanced surveillance video viewing.



  • Are you regularly having your security cameras serviced?


Like any piece of equipment, the more frequently you find yourself calling a maintenance specialist, the more likely the component is at the end of its life cycle. The principle of diminishing returns becomes operative when you begin paying more for equipment that provides less security.



  • Do you know when your system is down?


Older cameras and security systems, much like a computer, need to occasionally be “rebooted.” If not, they are prone to shutting down until a manual restart is activated. Newer, modern IP based systems and hardware, however, automatically perform reboots and alert users of potential issues, virtually eliminating unexpected down time.



  • Do you rely on a phone call to notify you of a problem?


Or, have the police been notified of an intruder when it’s really just your manager accidentally setting off a back door alarm? Web-based and mobile systems allow users to visually monitor a facility from remote locations, allowing for visual identification and real-time facility observation. Remote monitoring also allows users to analyze traffic flow and customer foot traffic for improved efficiencies.



  • Is your system integrated or comprised of stand-alone components?


A lack of network integration usually indicates outdated equipment. The protocol for today’s security standard calls for all components to be able to communicate with one another via a digital network. Such connectivity facilitates enhanced features such as remote access and automation.



  • Does your system still rely on wired devices that tie them to a physical location?


Newer security systems use wireless devices whenever practical. Wireless components are more convenient and cost-effective. They allow for instant repositioning of equipment, such as motion detectors, without the tedious and costly rewiring associated with older wired.



  • Does your system provide you with visual analytics?


Older systems just record standard video. Newer, “smart” systems, however, perform constant evaluations of recorded data. By analyzing every frame of video, advanced systems can identify traffic patterns and staffing issues helping leaders make smarter marketing and management decisions



  • Can your system be easily expanded as your bank grows?


A trait of older security systems is their inability to be easily expanded to meet growth requirements. If you’ve spent time trying to adjust camera angles to cover additional areas because it’s too difficult to add new devices, you’re probably saddled with outdated equipment. Newer systems can be easily expanded and integrated with additional security devices.


The above questions are just a starting point for determining if your bank security equipment is outdated. And, just like your home or car maintenance, it’s important not to wait until a tire blows or hot water heater floods. The end of the year or beginning of a new year are a perfect times to consider a professional evaluation of all of your existing bank equipment. Contact SPC to see what advanced efficiencies are available through updated security options.





In 2017,  the only thing financial analysts can agree upon, is that this year will hold unprecedented changes. Monumental policy shifts, new operating models, accelerated digitization and emerging technologies are just the tip of the banking iceberg. With so many unknowns looming in the future, many banks and credit unions are taking a fresh look at the internal areas that they can control. By standardizing their security equipment across all branch locations financial institutions are realizing cost savings and enhanced efficiencies.


According to SNL Financial, there are approximately 93,000 bank branches in the U.S. Each of these locations possess complex security systems ranging from basic door access to optimized surveillance cameras. Traditionally, new bank branches have been established in response to market demands and competitive forces. Often, additional facilities install the equipment and security systems most recommended at the time. As more and more branches are added, however, there is less and less equipment uniformity across the company. Such inconsistency can lead to lost productivity, reduced security and employee frustration.


Financial Institutions Invest in Standardized Equipment


Major financial institutions are recognizing this reality and responding by upgrading their branch locations to take advantage of standardized efficiencies. Sallie Mae, one of the nation’s largest financial service providers, recently implemented a company-wide standardization upgrade. The Sallie Mae enterprise conversion involved 20 sites with existing access control systems, video surveillance and alarm panels. Hundreds of doors of access control and thousands of users were tied together through an integrated platform that coordinated all facility components through a central operational center.


Standardized Equipment Saves Money

In addition to streamlining internal processes, standardizing security equipment across all branch locations saves money. As opposed to troubleshooting issues at each unique location, a standardized system allows a single technician to identify an issue once and apply required maintenance cross-system. Standardized practices also allow managers to negotiate equipment contracts based upon bulk parts that work for all branches.

As security equipment becomes increasingly digitized and software-driven, standardized systems additionally provide for instantaneous upgrades, often from a remote location. Maintaining system consistency across all branches result in reduced costs associated with training personnel on different platforms.


Standardized Equipment Saves Time

In large, multi-building facilities, when a failure occurs, prompt action is required to maintain access and security. Even with the most basic security component, such as an entrance door, when facilities are not standardized, maintenance personnel must physically inspect the hardware, determine the component required, return to the stockroom, search for the replacement part, and hope it’s in stock. When all branch doors are standardized, there is no need to store multiple parts or train personnel on varying procedures. On more complex components, such as keypads or surveillance devices, the time savings is even more dramatic.


Standardized Equipment Enhances Security

The longer it takes to correct a security breach, whether it’s an offline camera or a malfunctioning door lock, the higher the risk for the financial institution. When all branch locations use the same equipment, monitoring and repairs are completed faster reducing the vulnerability of the bank or credit union. Many banks are making digital monitoring a part of their branch security standards. Software analysis of such advanced video offers proactive security strategies that helps avoid a breach before it happens.


Standardized Equipment Ensures Efficiency

In many regions, bank employees rotate among various branch locations. Without standardized equipment, employees must be retrained to navigate the security requirements of each facility. Lack of branch consistency creates staff frustration, reduces efficiency and can ultimately lead to lapses in security.


What Equipment Should be Standard Across Branches?

Although each bank and credit union utilizes unique equipment configurations, financial institutions should evaluate the following security components to determine consistency across branch locations:

  • Alarm and Access Control
  • Video surveillance systems (interior and exterior)
  • Drive-up equipment
  • Night Depository
  • Safe Deposit Boxes
  • Drive-through Equipment
  • Vaults, chests, safes and lockers


The year ahead is certain to bring change. One way to limit the effect of such challenges is by employing industry best practices and standardizing security equipment. Contact SPC to explore the efficiencies available through uniform security upgrades.





Earlier this year the FFIEC updated their Information Security Booklet that helps institutions like banks and credit unions develop a risk-based security program. Featured prominently in their best-practice guidelines are risk identification, threat identification and identifying incidents. Clearly, there is an emphasis on identifying potential threats before they happen. That’s exactly what a security audit does and why regular security audits are critical to a financial institution’s well being.


Ensure Compliance

The financial sector is one of the most highly regulated industries in the U.S. Ever-expanding FDIC and NCUA rules governing security measures can pose an overwhelming challenge to many banks. Conducting a regular security audit can help ensure regulatory compliance and avoid potential heavy penalties.


Secure Data

Some banks have given so much attention to minimizing high-tech data breaches that they’ve overlooked many of the low-brow data threats that exist in their physical environments. Consider, for example, the potential data loss that occurs when an intruder pockets a company USB drive, takes pictures of an unattended computer screen, or physically plants a malware-laden drive on a bank officer’s desk. Such scenarios can be avoided when a proactive security audit has been deployed.


Protect Employees

Banking professionals would agree, their most valuable assets are their employees. Keeping them as safe as customer data and deposits is imperative. But just how to go about ensuring their safety can be a confusing proposition. In addition to automated locks and alarms, does your bank require all employees to present identification? Are employees work schedules and phone numbers able to be seen by customers? Does the parking lot have adequate lighting? The list of employee safety threats is long and makes up an important part of a comprehensive security audit.


Ensuring employee safety, securing financial data and avoiding regulatory fines are compelling reasons for conducting a security audit. But what exactly happens with an audit and who is best suited to conduct one?


Why is a Third-party Audit Valuable?

Think of your own home for a minute. Have you ever gone on an extended vacation and returned to “see” things that need attention that you didn’t notice before you left? Perhaps you recognize how badly the front door needs a fresh coat of paint or how much the deck needs to be stained. It’s a common occurrence. We become blind to that which we see everyday. That’s one of the initial reasons why a security audit performed by a third party is so valuable. Fresh, trained eyes can identify potential threats you may have been passing by every day.


Where Should a Security Audit Start?

Although there’s not a specific starting point, a comprehensive review should include both the exterior and the interior of the facility.

Outside audits evaluate:

  • Building and perimeter layout
  • Property typography
  • Rooftop access points
  • Number of building entrances
  • Efficient lighting
  • Physical barriers

Interior audits examine:

  • Monitored entrances
  • Visible employee identification
  • Alarm locations
  • Camera positions
  • Smoke and fire detection

And, that’s just for starters. Every security audit should be tailored to the facility design and employee size of each bank or credit union.


What Is the Invisible Security Audit?

It’s commonplace to consider door alarms and security cameras when investigating a bank’s security preparedness, but what about those unseen threats that lurk inside of ceilings or within equipment? These can be referred to as invisible security threats. A professional security audit will evaluate whether air ducts could be used for access, if facility glass is secure, and how efficiently components would operate in an actual emergency.


Could Employees be an Unintentional Security Threat?

No bank employee would intentionally be an accomplice to a crime, but they are often unknowing contributors to loss of data and assets. A comprehensive security audit will not just evaluate physical security threats, but human ones as well. Are employees in the habit of leaving doors propped open, ID badges unattended, or computer screens viewable? A security audit can identify lax office procedures and recommend processes that make the facility more secure for employees and customers alike.


When Is the Best Time to Conduct a Security Audit?

In addition to identifying the potential threats mentioned above, security audits create an inventory of all security devices, along with maintenance schedules and operating efficiencies. Conducting a thorough security audit is the first step to ensure a safe banking environment, and as such, should be performed sooner than later.


December is a good time to evaluate the past year and anticipate your bank’s security needs for the next 12 months. Security audits are often one of the most cost-effective measures that banks and credit unions can adopt. To learn more about the benefits of a comprehensive security audit, visit SPC.


SPC – helping bank and credit union professionals sleep better at night.





The demise of brick-and-mortar bank locations has been greatly exaggerated. Although the total number of U.S. banks and credit unions is declining, according to the FDIC, banks are still opening an average of 1,000 new branches every year. And, despite the growing trend of digital banking, approximately 84% of bank customers still want to make occasional visits to their physical bank location.

SIZE: The Shrinking Footprint of Your Next Bank Branch

So while pundits may argue over the viability of traditional bank branches, everyone agrees on one thing: The size of new branch locations is getting smaller, for a number of very good reasons.

The first three of which is location, location, location. Banks and credit unions function best when located in the centers of population most likely to use their services. In heavily congested urban areas this can mean sky-rocketing real estate prices and shrinking available retail space. Unwilling to sacrifice a physical presence in prime market areas, major banks are exploring innovative ways to offer increased services in a shrinking footprint.

In addition to limited retail space, banks are facing growing competition from non-bank start-ups. To trim margins and better compete against these disruptive online services, traditional banks are turning to more cost-effective “micro-bank” branches. Some banks are experimenting with smaller facilities that take up as little as 350 to 600 square feet and are staffed by as few as three people.

Smaller branches and fewer staff would normally translate into reduced services and customer interaction. That’s where banks are turning to digital solutions and sophisticated technology to bridge the gap between size and service.

SOPHISTICATION:  Service with a smile, and perhaps a chatbot.

Instead of large marbled lobbies, banks are attracting customers with sleek, low-profile “digital bars.” A limited number of “digital ambassadors” encourage users to adopt the bank’s online products, freeing up other employees to help customers with more complex financial matters and investment options.

Some banks have recently introduced entirely automated branches which allow customers to conduct virtually all of their daily banking needs without the presences of a physical banker. High-tech ATMs allow customers to deposit checks and cash without deposit envelopes and are capable of cashing checks on the spot – right down to the exact coinage. If a customer encounters a problem, a bank employee is notified via a wireless tablet and interacts remotely with the customer until the service issue is resolved.

Some global banks are in the early stages of introducing automated chatbots, loosely termed “robo-advisors,” which are capable of offering suggestions on everything from how to save for children’s college to the best strategies for investing in the current economic climate.

STYLE: Would you like a latte with your checking account?

But don’t think the bank branch of the future is only offering sterile technology. The trend appears to be a pairing of hi-tech and hi-touch. In fact, many financial institutions are taking a page from the Starbucks’ playbook. Instead of building larger locations, they are designing smaller spaces that feature open-concept layouts and a sense of community. Bankers are no longer hidden behind counters, but rather interact with customers from the seat of a comfy couch.

And the gourmet coffee? That’s available too. Some banks are opening cafe-style branches to promote their online banking services. The sites look and operate like a neighborhood coffee shop, offering free wi-fi, work spaces and discounts on coffee and pastries for bank customers.

Still other banks and credit unions are patterning their new branches after trendy hotels and retailers, offering fresh cookies and chocolate coins. In hopes of being seen as an integral part of the local community, these sites feature free reading libraries and community meeting rooms which host everything from evening yoga classes to family movie nights.

Although no one knows exactly what the future of these blended usage branches will look like, one thing is certain. The need for a comprehensive security strategy will only continue to grow. How do you monitor access in 24-hour virtual branches? What additional measures are required for interactive ATMs? And, who is monitoring all of these off-site locations?

As  technology and consumer demands take the financial industry into uncharted territory, banks and credit unions are relying on trusted security partners like SPC Companies to design systems for the demands of the present and the challenges of the future.