05:02 PM
Connect Directly

Bank of North Carolina's Credit Analysis Tool Will Pave the Way for Risk Dashboard

Central platform for analyzing and approving loans will lead to risk management dashboard for stress testing, identifying loan concentrations.

As Bank of North Carolina, a $2.2 billion-assets bank based in Thomasville, N.C., has grown through acquisition and the types of loans it makes have become more complex, it has outgrown the credit risk management software it formerly used to evaluate loans. "We needed a true financial statement spreading and analysis system," including full common balance sheet, income statement, ratios and cash flows, says Janet R. Helms, senior vice president, credit administration, who spoke to us in a phone interview. This will help the bank eliminate its multiple loan systems, assess the risk of large loans such as commercial real estate deals, gain greater efficiencies and establish uniform commercial lending practices across all of its 24 branches in North and South Carolina. Helms also wanted the system to generate and store associated credit memos. In addition, the bank plans to eventually use the software as a credit risk management dashboard (once all loan information is uploaded into the system).

The bank is still in the designing, training and beta-testing phase of the WebEquity software it purchased for this project and plans to roll it out in the first quarter of 2011. But the credit admin group will start using it next week for spreading and for credit presentation (such as the credit memo and approval information). Bank of North Carolina is also integrating the new software with its core system, Jack Henry's Silverlake. Helms hopes the new software's ability to automatically pull in loan and deposit data will ensure data quality and make it easier for credit approvers to find what they need.

"Before, some officers might give a summary of ten different relationships in a worksheet, others might do it narratively, and you always wonder, is that data from today or could it be older information?" she says. "In this system, the loan and deposit information will be updated nightly, so it will take less time for the loan officer to collect the information, and from an approval standpoint we know the information's current."

The new system will not affect loan decisions per se. But it will make life easier for regional managers who have to approve loans, all reports will be consistent. Lenders will keep all their data on borrowers in this one place.

In the future, Helms hopes to use WebEquity as a risk management dashboard, where managers can perform stress tests and spot concentrations in the loan portfolio. (First, all loan data needs to be entered into the system, which could take two to three years, she notes.) The bank is also building a new risk rating model in WebEquity.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Janice, I think I've got a message from the code father!
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.