Podcast: Is the “Underbanked” Concept Ripe for a Rethink?

Financial Health Network

Glen speaks with Andrew Warren about the Financial Health Network’s new report which makes the case for modernizing the definition of underbanked consumers. Also- X Money makes its long-promised debut, and the OCC potentially rides to the rescue of interchange (and workable payment processes).

Links related to this episode:

If CU Unplugged’s style of hands-on problem solving sounds like your cup of collaborative tea, check out our Innovation Club. This group of forward thinkers meets virtually each month, and our twice-annual in-person session is coming up in May. Reach out about a guest pass: https://www.big-fintech.com/innovation-club/

By PMNTS.com
Click here to read the entire article.

Subprime consumers are often viewed through a narrow credit-risk lens. PYMNTS Intelligence’s “Who Is the Subprime Consumer? A Behavioral Profile” shows a different picture: a large, steady and measurable part of the U.S. consumer economy that is changing how it uses credit, installment products and one-time cash events to manage daily financial pressure.

The report finds that 17% of U.S. consumers, or roughly 44 million adults, fall into the subprime credit range. That share has held within a narrow band across 47 monthly survey waves from March 2022 through January 2026. In other words, this is a durable segment with distinct behaviors, needs and product opportunities.

The data also shows that subprime consumers aren’t just heavy credit card revolvers. In fact, the share of subprime consumers who always or usually revolve their balances has fallen from about 50% in mid-2023 to 38% in January 2026. At the same time, 35% of subprime consumers have no credit or store cards at all, creating a gap for issuers, merchants and installment providers that can serve this group with products built around cash flow rather than traditional prime-card assumptions.

That shift is especially visible in BNPL and healthcare. Subprime consumers use BNPL at higher rates than the overall population, but they concentrate this usage among specific providers. Younger subprime consumers also report delaying care, skipping prescriptions and borrowing from family or friends to manage healthcare costs. Tax refunds and one-time government payments play a similar role: Subprime consumers often use these to cover bills, repay debt or stabilize household finances.

For banks, card issuers, merchants, BNPL providers and healthcare finance firms, the message is clear. Subprime consumers are not outside the credit economy. They are navigating it differently, and the companies that understand those behaviors may put themselves in a better position to build lasting relationships with this 44 million-consumer market.

In “Who Is the Subprime Consumer? A Behavioral Profile,” learn how:

  • Subprime consumers are moving across credit products. Always-or-usually revolving has declined, while BNPL and installment products are taking on a larger role in how these consumers manage purchases.
  • Healthcare costs are creating new financing needs. Young subprime consumers are delaying care, negotiating bills and using installment options at rates that point to unmet demand at the provider office, pharmacy and telehealth checkout.
  • Cash flow timing can shape product strategy. These consumers often use refunds and one-time payments to cover bills or repay debt, giving issuers and lenders clearer moments to reach them with relevant offers.

Click here to continue reading.

By Celonis, published in Banking Dive
Click here to read the entire article.

The notion that the best way for banks to modernize their core systems is to rip them out and replace them with new ones is not only outdated—it’s also inefficient.

Consider a study by IBM that found 94% of banking overhauls exceed their deadlines, resulting in delays that negatively affect the project’s ROI.

Fortunately, the rise of AI means that there are other paths to transformation. In this new era, leading financial institutions are focusing less on decommissioning outdated software and more on how new technology can help them extract data and create value from existing systems. It’s a savvy move that enables organizations to leverage what they have, while still modernizing for the future.

“We’ve been so focused on moving from legacy systems to newer systems, when the real opportunity is in how we use the data and improve the process,” says Jaymini Hirani, Financial Services Lead at Celonis.

Data is everywhere, but where’s the intelligence?
Modern banks rely on hundreds of systems and applications. For example, a single payment may come in contact with 200 different systems as it traverses from initiation and authorization to clearing and settlement.

Some of those systems represent the latest technology. But others are likely legacy software, core banking systems, or even Excel spreadsheets managed by specific employees. As a result, the related data is siloed within systems and applications, making it difficult to access.

In this environment, interactions and handoffs between teams become increasingly complex, and the risk of errors increases, resulting in delays and manual workarounds. The fragmented nature of the data also limits transparency, which can impede productivity and, more importantly, lead to regulatory concerns.

Click here to continue reading.

By Emily Cisek, The Financial Brand
Click here to read the entire article.

Here is a bank customer I think about all the time: someone sitting at the kitchen table a week after the funeral of a loved one, surrounded by the pieces of a life they’re now responsible for untangling.

A drawer of old statements. A phone they can’t unlock. And (believe it or not) no idea where the will is, or whether one exists at all.

This person is walking into a branch, or calling their bank for guidance, every single day in this country. And in most cases, the bank that was trusted for decades never had a chance to help them prepare for the one transition that was always going to come.

This intersection is precisely where many community banks are looking to as a once-in-a-generation opportunity looms:

Need to Know:

  • 56% of Americans lack an estate plan, and $124 trillion in wealth will change hands by 2048.
  • Community banks are recognizing legacy planning as a strategic opportunity to deepen customer relationships, retain assets across generations, and differentiate in a crowded market.
  • A recent $2.5M investment from 22nd State Banking Company signals growing conviction in the category.
  • According to the 2025 Caring.com Wills and Estate Planning Study, 56 percent of American adults have no estate planning documents at all. No will. No trust. No power of attorney. Over 50 percent of respondents reported not having even thought about starting the process.

The report shows that will ownership is at roughly one in four adults, and the number has declined since 2022. The top reason people give for not having one is disarmingly honest: they just haven’t gotten around to it.

Meanwhile, Cerulli Associates projects that $124 trillion in U.S. household wealth will change hands by 2048, estimating $105 trillion of that flowing directly to heirs. U.S. states already return nearly $5 billion annually in unclaimed assets from forgotten accounts and abandoned pensions.

Why this matters: As the gap between will ownership and wealth transfer accelerates, more estates will move through probate without clear documentation — creating legal costs, tax inefficiencies, and delays that can quietly erode generational wealth.

For financial institutions, this is where the opportunity sharpens. Every family that gets organized ahead of time is a household whose deposits, lending relationships, and generational loyalty stay connected to the institution that helped them prepare.

What’s at stake? The scale of what is coming is extraordinary. The banks recognizing this are not just solving a customer problem, they are building the kind of multigenerational relevance that defines the next era of community banking.

Click here to continue reading.

By Melissa Koide, Payments Dive
Click here to read the entire article.

“Affordability is not just about the cost of credit,” a former Treasury official writes. “It is about whether credit is available at all.”

A 10% cap on credit card interest rates has drawn some bipartisan support in Congress.

At a moment when families are stretched and costs keep rising, the appeal is easy to understand. But good intentions and good policy are not always the same thing, particularly in credit markets where the consequences of blunt policy tools tend to fall hardest on the borrowers who can least afford it.

Credit is not an abstraction for most American families. It is the tool that makes financial resilience and economic mobility possible in practice. Credit history is crucial to renting an apartment or getting access to a mobile phone, and eventually to opening the door to a mortgage.

Credit cards also play a critical role in covering emergency expenses like an unexpected car repair or a medical bill without wiping out savings or turning to a payday lender. For the millions of Americans living paycheck to paycheck, access to responsible credit is often the difference between a setback and a crisis.

Affordability is not just about the cost of credit. It is about whether credit is available at all. This is where the evidence matters. Over the past decade, lenders have developed a far more sophisticated ability to assess creditworthiness than was possible on a credit score alone.

With a consumer’s permission, bank transaction data can reveal income stability and payment patterns that a score may not capture, especially for younger borrowers, those new to credit, and those rebuilding after a financial setback. When paired with machine-learning, this information can identify lower-risk borrowers whose credit application may have been declined using traditional underwriting.

Click here to continue reading.

By Clara Kim, Greg Baer, and Paige Pidano Paridon; Bank Policy Institute
Click here to read the entire article.

For decades, our government has counted primarily on the nation’s banks to identify suspicious activity and assist law enforcement and national security agencies in fighting criminals and terrorists. Executing that responsibility requires tens of thousands of bank employees and countless man-hours.

But cryptocurrencies and stablecoins are increasingly becoming the coin of the realm for money launderers and terrorist financers. And unlike banks, crypto companies do not have the same obligations under current law to protect the financial system from those abusing it. Congress has an opportunity to fix this disparity via market structure legislation, and it is imperative that it seize this opportunity to protect crucial U.S. national security interests.

According to Chainalysis’s 2026 Annual Report, illicit crypto addresses received $154 billion in 2025, a 162 percent increase year-over-year, primarily driven by a 694 percent increase in the value received by sanctioned entities.

Those numbers reflect a worrying trend. As the report explains, “The on-chain money laundering ecosystem — a portion of the overall illicit crypto ecosystem that reflects the laundering of funds rather than the underlying inflows associated with illicit activity — has grown dramatically in recent years, increasing from $10 billion in 2020 to over $82 billion in 2025.” Crypto is funding the worst crimes: “The intersection of cryptocurrency and suspected human trafficking intensified in 2025, with total transaction volume reaching hundreds of millions of dollars across identified services, an 85% year-over-year increase.” Crypto also continues to fund fraud and exploitation schemes. The FBI’s 2025 Internet Crime Report notes that the agency’s Internet Crime Complaint Center received 181,565 complaints last year with a nexus to crypto, an increase of 21 percent from 2024, totaling $11.366 billion in losses, an increase of 22 percent.

Not only does the use of crypto and stablecoins by criminals continue to rise, but hostile nation-states are embracing these “currencies.” China is front and center in every aspect of this ugly business – from illicit sales of fentanyl to scams against ordinary Americans. Chinese-language money laundering networks now account for 20 percent of known on-chain illicit money laundering activity.

Ari Redbord, the Global Head of Policy at TRM Labs, reaffirmed these unfortunate trends in a recent House Homeland Security Hearing (Online Scams, Crypto Fraud, and Digital Extortion: An Examination of How Transnational Criminal Networks Target Americans), warning:

The numbers underscore the urgency. TRM’s 2026 crypto crime report documented $158 billion in illicit crypto flows in 2025 — that’s a 145 percent increase over 2024. Fraud and scams alone drove $35 billion, and with only about 15 percent of victims reporting, true global losses exceed $200 billion. These flows run through one interconnected ecosystem. Pig butchering compounds in Southeast Asia, many staffed by trafficked workers, generate fraud proceeds. Mexican cartels buy fentanyl precursors from Chinese suppliers with cryptocurrency. North Korea stole about $2 billion in cryptocurrency last year to fund weapons proliferation and destabilizing activity. Every one of those streams moves through the same plumbing — Chinese underground banking networks that processed over $103 billion last year alone.

China is far from alone in leveraging crypto. The Islamic Republican Guard Corps’ on-chain activity has been growing steadily, and represented approximately 50 percent of Iran’s total crypto ecosystem by Q4 2025. The volume of funds received by IRGC-associated addresses reached over $2 billion in 2024 and spiked to more than $3 billion in 2025 – and even this estimate likely understates the actual figure, as it excludes volumes from entities such as the UK-registered exchanges Zedcex and Zedxion, which were not designated as U.S.-sanctioned firms until January 2026. The U.S. Treasury revealed that those exchanges had processed tens of billions of dollars’ worth of transactions tied to Iran-aligned actors. This is also the payment method of choice for Iran, which has been demanding payment in Bitcoin or stablecoins for transit through the Strait of Hormuz. In short, crypto significantly diminishes the power of economic sanctions, thwarting the geopolitical goals motivating their imposition in the first place.

Click here to continue reading.

By Sarah Milovich, Credit Union Times
Click here to read the entire article.

For decades, the credit union movement was defined by its localism. Success was measured by how deeply an institution could serve a specific factory, municipality or county. But as we move through 2026, the strategic imperative has shifted. To remain competitive against fintech disruptors and national banking giants, credit unions areexpanding beyond traditional footprints at a record pace, often through mergers, acquisitions and digital-first lending models that extend well beyond their historical footprints.

We are seeing this play out in real time. The Massachusetts-based Hanscom Federal Credit Union recently signaled its intent to expand into Maryland through the acquisition of The Peoples Bank, and Michigan’s Zeal Credit Union is pushing its footprint into Wisconsin. Regardless of the approach, the goal is scale.

This movement reflects a broader industry shift: Geographic localism is no longer a competitive strategy. In an environment where fintech leaders operate nationally from day one, credit unions that remain constrained to narrow geographic footprints risk falling behind institutions built to scale digitally.

The Shift in Credit Union Strategy
Historically, expansion required a physical presence, including new branches, local staffing and incremental operational build-out. Today, digital lending models allow credit unions to enter new markets far more quickly, reaching members wherever they live rather than where the institution historically operated.

This strategic shift is not just about growth for its own sake. It is about remaining relevant in a financial services landscape where competition increasingly comes from institutions without geographic boundaries.

As digital-first competitors continue to capture market share, scale has become essential for credit unions seeking to remain competitive in lending, payments and member acquisition.

Click here to continue reading.

By Kevin Townsend, Security Week
Click here to read the entire article.

You can no longer recognize a phishing email by simply counting the typos. And you will get caught if you simply respond to a genuine-looking email without thinking.

Analysis of almost 800,000 email attacks across more than 4,600 organizations shows attackers moving away from exploiting technical vulnerabilities in favor of targeting behavioral and organizational weaknesses. In short, email attackers are now targeting their victims with tailored tactics that exploit trusted relationships and routine workflows.

The three primary email attack methods are phishing, business email compromise (BEC) and vendor email compromise (VEC). Phishing remains predominant, accounting for 58% of all attacks. BEC comprises 11% of attacks, while VEC (a subtype of BEC) accounts for more than 60% of all BEC attacks. Details are provided in Abnormal AI’s 2026 Attack Landscape Report.

Phishing varies by target.

File-sharing lures are concentrated on industries and roles where document exchange is common and expected. Brand impersonation aligns with the complexity of the target’s software footprint. In both cases, the lure is designed to blend into the workflows and tools that employees use. “The same structures, workflows, and relationships that define how an organization operates also define where an attack can blend in undetected,” says the report.

More than 20% of phishing attacks use redirect chains to obscure the final malicious page from both users and their security tools. Just over 10% of these use link shorteners, with tinyurl (31.6%) and t.co (26.6%) dominating. Tinyurl is a free service, while t.co is automatically and freely applied by X/Twitter to outbound links. In both cases the URL can appear legitimate and security teams are reluctant to impose automatic blocks.

BEC is less frequent, involves more attacker craftsmanship, and is more impactful.

BEC and VEC are less frequent but potentially more impactful than phishing. (BEC targets employees within an organization, while VEC relies on a compromised vendor account to then target the vendor’s customers or suppliers.)

In BEC, VIP impersonation is used in 43% of attacks at small enterprises, but only 7% at large enterprises. Lateral attacks within an organization, where one compromised account targets another account, is the reverse: less than 1% at small organizations rising to more than 23% in large organizations. Noticeably, higher education is especially susceptible to such lateral attacks, where 33% of the BEC attacks are lateral, “Highlighting,” writes Abnormal, “how open, high-turnover environments create ideal conditions for internal spread.”

Click here to continue reading.

By Nicole Volpe, Contributor at The Financial Brand
Click here to read the entire article.

For banks and credit unions, cash incentives are a powerful way to lower the effective price of a checking account to gain market share — provided of course that the lifetime value of the customer or member exceeds the total cost of acquisition. But with other acquisition channels drying up, more institutions are reaching for the same lever — and many are doing so without a clear strategy.

Institutions seeking growth recognize the market forces that are driving the action. Account balances grew strongly in the pandemic but have since fallen as inflation and spending rose. Meanwhile, as Fed hikes level off and head down, CD and savings rates are less effective for new account acquisition. And competition from fintechs, neobanks, and money market funds is only intensifying. Over the past three years, campaign volume has grown 24%, checking-account incentives 57%, and average spend per campaign 75%, according to a Vericast analysis of Mintel/Comperemedia data.

“An institution that is willing to offer a competitive cash incentive will always outperform, all things equal, an identical institution that does not offer a cash incentive,” said Fred Cadena, Head of Client Strategy at Vericast. “The cash is so prevalent in the market that you are going to hinder your competitiveness by not offering one.”

But many institutions choose not to, Cadena said — whether because they don’t believe in paying to acquire, or because they haven’t been able to make a good business case, or because they’ve been burned in the past. For institutions reconsidering their position, what follows is a framework for getting it right.

Misconception 1: Chase is Driving the Arms Race
Perhaps because Chase offers show up in so many of our mailboxes, many institutions might assume it’s the incentive pacesetter. But the biggest spender isn’t the country’s biggest bank.

It’s the tier just below: large nationals in the $250 billion to $1 trillion asset range, which offer average incentives of $484, according to Vericast, versus the $410 that Chase and other trillion asset-plus mega banks field on average.

Another mega bank specter haunting small-institution strategists is Wells Fargo, which was freed last year from the regulatory growth cap it had operated under since 2018.

Misconception 2: Credit Unions Don’t Need to Offer Big Incentives
The conventional wisdom is that credit unions don’t need to out-bid banks for new accounts — their inherent cost advantages make up the dollar difference, and they tend to be more conservative about acquisition in general.

That may still be true.

Click here to continue reading.

Gabrielle Saulsbery, Banking Dive
Click here to read the entire article.

OpenAI has acquired personal finance fintech Hiro, further entrenching itself in the financial realm.

The deal, announced on Hiro’s website, will shut down the Hiro application for users April 20. Users can export their data through settings until May 13, Hiro said. Hiro, launched by Digit founder Ethan Bloch, billed itself as an “AI personal CFO” and said it helped clients manage more than $1 billion in assets.

OpenAI confirmed the deal to TechCrunch, which first reported it, but hasn’t made further public statements. Terms of the deal were not disclosed. As the Hiro app is shuttering and the entire Hiro team is joining OpenAI, TechCrunch called it an “acqui-hire.”

“For decades, personalized financial guidance has been too expensive, too generic, or too hard to access. ChatGPT is finally changing that,” Bloch wrote on LinkedIn.

This is OpenAI’s second fintech purchase, following its acquisition of personal finance app Roi in October. Altman told Federal Reserve Vice Chair for Supervision Michelle Bowman last year that financial firms were some of OpenAI’s earliest adopters.

“Morgan Stanley, Bank of New York, these are major partners of ours that we’re doing fantastic work with. And we were kind of like, ‘Are y’all sure?’ and they were like, ‘Yeah, we really want to do this,’” he recalled at the time.

Those institutions and others figured out how to use the technology, and “how to structure it enough that they can rely on it” for critical processes, he said. “Personal finance has been one of the most talked-about use cases for generative AI since the beginning, and this deal reinforces that,” Pitchbook fintech analyst Rudy Yang told American Banker.

But a key difference between AI financial advisers and human advisers is fiduciary duty – or lack thereof.

Click here to continue reading.

ByJoshua Goldfarb, Security Week
Click here to read the entire article.

Beyond monitoring and compliance, visibility acts as a powerful deterrent, shaping user behavior, improving collaboration, and enabling more accurate, data-driven security decisions.

Unfortunately, we have a problematic and unstable neighbor. Without getting into details, he often yells obscenities, threatens physical harm, threatens property damage, and other such undesirable things. Sadly, involving the police from time to time and getting two restraining orders did not discourage this neighbor from his outbursts and threats.

The police and courts explained to us that a healthy person is afraid of the law. This is logical – most of us don’t commit crimes, and this is partly because we are afraid of the consequences. But when a person is unstable and believes that they can talk their way out of anything as long as it is your word against theirs, there is little recourse. In other words, if a person is careful to behave badly only when there is no record of that behavior, it is very difficult for the police and courts to do much about it.

Even given this, we have, thankfully, had several months of quiet. How so? We found something that the troublesome neighbor did fear – being caught on camera.

We installed home security cameras, and nearly instantly, we had complete quiet. We went from constant unpleasantness to total quiet overnight. In fact, one of the first videos we collected on one of our home security cameras was of our problematic neighbor approaching our door, realizing we had installed a home security camera, and then quietly walking away rather than launching into a tirade. Since then, quiet.

Why am I sharing this story? I believe that there is an important security lesson we can learn from this. Namely, the importance of visibility – not merely for compliance, audit, security monitoring, and other reasons that we are likely all familiar with. But beyond that, like in the case of our troublesome neighbor, visibility keeps people and teams honest, and that can bring huge benefits for the security organization.

Before getting into the benefits for the security organization, it is worth clarifying what I am referring to when I mention visibility. When thinking about visibility, it is important to remember the need to see what is happening at all layers. Beyond just the network, endpoints, and access logs, but also the application layer. This includes detailed insight into both traffic traversing the API infrastructure, as well as traffic leveraging AI capabilities.

Click here to continue reading.

Published in CUToday
Click here to read the entire article.

The Trump Administration is moving to block Illinois’ swipe-fee law from applying to national banks, adding a major new federal preemption twist to the industry’s already fast-tracked Seventh Circuit appeal and potentially strengthening the broader fight being waged by banks and credit unions against the state’s Interchange Fee Prohibition Act (IFPA).

Bloomberg Law first reported the move, saying the Office of the Comptroller of the Currency on Tuesday filed an interim final rule with the White House that would preempt Illinois’ law for national banks as the appeal continues.

The development comes just two months after CUToday.info reported that Chief U.S. District Judge Virginia M. Kendall largely upheld the core of the IFPA—allowing Illinois to bar interchange on the tax and gratuity portions of card transactions—while striking down the law’s separate data-usage restriction on preemption grounds. In that Feb. 10 ruling, Kendall declined to extend federal preemption to federal credit unions, leaving CUs exposed to the interchange restrictions absent relief from the appellate court.

In February, America’s Credit Unions, the Illinois Credit Union League, and the other plaintiffs filed an appeal with the U.S Court of Appeals for the Seventh Circuit. The IFPA is scheduled to become effective July 1, and would ban financial institutions, including credit unions, payment networks, and other entities, from charging or receiving interchange fees in Illinois on the portion of a debit or credit card transaction attributable to tax or gratuity.

Click here to continue reading.