How this de novo Bank Does IT Right
by: Sean Martin
From 2000 to 2008, nearly 1,100 de novo banks were newly chartered in the U.S. But that number plummeted
following the financial crisis in 2008. When Infinity Bank in Santa Ana, California, opened its doors on Feb. 1, 2018, it became only the ninth new bank in the United States in 10 years.
Maybe it’s because launching a de novo bank is anything but easy. Just ask Victor Guerrero, Infinity Bank’s COO and CFO. Infinity is the second de novo institution Guerrero has launched in 30 years of banking. He says building a bank from the ground up is an arduous process that requires holding dozens of meetings with regulators, completing thousands of pages of paperwork and raising millions of dollars in capital.
Additionally, before a bank opens its doors, executives must also make important technology decisions that will affect their institution for years to come. And choosing the wrong managed IT services partner can cost a bank considerable time and money.
Unfortunately, this is a lesson Guerrero learned with his first de novo bank.
The First Time Around
In 2002, Guerrero opened Orange County Business Bank to serve customers whom he felt were forgotten or overlooked by larger financial institutions in the Southern California community. But the bank was nearly derailed due to managed IT services vendors that, according to Guerrero, did not properly set the institution up for success, even though they were broadly used in the de novo bank space.
“We were a shambles,” Guerrero says. “Systems were not working properly, we were advised to purchase hardware that we did not need, and we paid for things to be installed that never were.”
To help get Orange County Business Bank back on track, Guerrero turned to an IT managed services provider that delivered a more strategic IT approach, customized to the bank’s specific needs. Doing so made all the difference in the world.
“It was transformative for our bank,” he says. “We went from a hodgepodge of IT systems management to something much more sophisticated. We were far more comfortable knowing we were protected and set up for the future.”
So years later, when it came time to establish his second de novo, Guerrero knew that his existing managed services partner should be involved with Infinity Bank right from the start, including the lengthy application process.
Strategic Support from the Beginning
One of the application requirements for a de novo is creating a thorough business plan to guide the institution’s first three years in operation. Among many things, the business plan must address the bank’s IT strategy, including details regarding its core banking system, internal networks, internet and mobile banking applications, etc. Banks must also include strategies for disaster recovery, incident response, cyber threat intelligence, governance, testing and more.
Guerrero says Infinity Bank counted on its managed services partner for strategic support throughout the application process, garnering assistance and knowledge that took pressure off its leadership team during this important pre-launch phase.
“Turning to a reputable managed services provider eased the application process considerably,” Guerrero says, adding that regulators were impressed with what the bank and its provider had accomplished: “… it wasn’t even a conversation with the regulators. They moved on to the next subject.”
Once the application process was complete, the bank’s managed services provider implemented the network infrastructure and IT services that would help Infinity Bank serve as a foundation for local businesses in Orange and Los Angeles counties.
Bankers Should be Bankers
Infinity Bank leverages managed services from a provider that specializes in the fintech industry, and the services they utilize include network and firewall management, intrusion detection and prevention, email services and service desk support. Guerrero says the ability to focus more on banking and less on IT is always appreciated, but especially crucial when opening a new institution.
“From a service standpoint, it’s pretty exceptional when I don’t have to worry about what’s happening behind the scenes,” Guerrero says. “As a CFO, this gives me great confidence.”
The partner also lends the bank a helping hand during audits, making sure Infinity’s IT policies and procedures are updated, and providing the knowledge and assistance that make the audit process less intrusive.
“When we have internal auditors come in, and they do nothing more than confirm what (our provider) is telling us, that’s a comforting feeling,” Guerrero says. “Because if the audit shows something different, then that means we’re going to have to spend more money and time exploring the issue. And that just doesn’t happen.”
To read more about how Infinity Bank does managed services right, read the full case study.
As a product development manager for CSI Managed Services, Sean Martin implemented CSI’s managed security monitoring and management service, and actively maintains this system. In his role, Sean identifies and implements solutions designed to maximize security and profitability for financial institutions. Sean speaks regularly on a variety of financial technology issues, ranging from managed services to IT security best practices.