All Hail the FDIC!

It's old news by now - IndyMac, a major mortgage lender has failed. Industry insiders believe that before all the economic mess is over, many more banks will follow in IndyMac's footsteps and go belly-up. Amazingly, most people who have money in these failed banks will lose exactly: NOTHING. This is all thanks to a very smart invention of the U.S. government: the FDIC. I know, it pains and amazes me to admit it, but sometimes government can... hrrr... do acceptable work...

So who is the FDIC? Here is how that agency introduces itself:

"The Federal Deposit Insurance Corporation (FDIC) preserves and promotes public confidence in the U.S. financial system by insuring deposits in banks and thrift institutions for at least $100,000; by identifying, monitoring and addressing risks to the deposit insurance funds; and by limiting the effect on the economy and the financial system when a bank or thrift institution fails.

An independent agency of the federal government, the FDIC was created in 1933 in response to the thousands of bank failures that occurred in the 1920s and early 1930s. Since the start of FDIC insurance on January 1, 1934, no depositor has lost a single cent of insured funds as a result of a failure.

The FDIC receives no Congressional appropriations – it is funded by premiums that banks and thrift institutions pay for deposit insurance coverage and from earnings on investments in U.S. Treasury securities. With an insurance fund totaling more than $49 billion, the FDIC insures more than $3 trillion of deposits in U.S. banks and thrifts – deposits in virtually every bank and thrift in the country.

Savings, checking and other deposit accounts, when combined, are generally insured to $100,000 per depositor in each bank or thrift the FDIC insures. Deposits held in different categories of ownership – such as single or joint accounts – may be separately insured. Also, the FDIC generally provides separate coverage for retirement accounts, such as individual retirement accounts (IRAs) and Keoghs, insured up to $250,000. The FDIC's Electronic Deposit Insurance Estimator can help you determine if you have adequate deposit insurance for your accounts.

The FDIC insures deposits only. It does not insure securities, mutual funds or similar types of investments that banks and thrift institutions may offer. (Insured and Uninsured Investments distinguishes between what is and is not protected by FDIC insurance.)"

This is an excellent institution that adds stability and security into the financial system. Can you imagine a situation where if your bank failed you would lose your life savings? Luckily you probably don't have to.

Nevertheless, FDIC has some very clear limits. Most accounts are insured only up to $100,000. This doesn't automatically mean that you would lose every dime above $100K if your bank failed, but it does mean that you would probably not get it all back. This has some important implications for me. I have been very cognizant of these limits and have made sure that our FDIC insurable funds never exceed $100,000 per institution.

Incidentally, note that the FDIC insures bank deposits, not other forms of investment. If you have a brokerage account you may also want to read about another entity that may be insuring you assets against brokerage firm failure (not investment losses), the SiPC.

Online Financial Institutions & Security

Many of us, myself included, manage our financial lives online. I use Quicken as well as financial institutions' websites to conduct much of my financial affairs, from paying bills to managing our portfolio. An ever present trade-off in the world of online finance is the level of security provided to users vs. the hassle that is imposed on users to achieve that security.

Many financial institutions are now moving towards two factor identification of users. Previously, all you needed to log into your account was your trusty user name and password. These days many institutions require another element to ensure that you are who you say you are. Some financial outfits are able to provide this extra layer of security elegantly and gracefully, while others seem on a mission to make life as difficult as possible for their customers.

One institution that does a phenomenal job of increasing security without creating a hassle, is Bank of America. Bank of America uses what it calls a SiteKey to help you verify that the website you are visiting is indeed their corporate website. The idea is as simple as it is elegant. When you sign up for BoA's online account access, you are asked to select a personalized picture from a long list. When you get to the BoA log-in page you are asked to enter your user name. On the next page, there is a copy of the personalized picture you selected, as well as a place to enter your password. Since only BoA knows which picture you originally selected, if that picture is not displayed, you know that something fishy (or physhy... ) is going on. In addition, if you log into your bank account from your regular computer, you are only asked for your password. If you are using a computer that you did not previously designate as authorized, you are also asked a simple security question, to verify your identity.

In this way, security is improved dramatically without sacrificing ease of use. I don't say this often, but Bank of America deserves serious kudos for this approach.

On the flip side, there are those financial institutions that appear intent on annoying their customers. For example, I pulled the vast majority of our money from ING, because of their annoying security features. Log-in required me to provide my account number - a long list of digits - instead of an easy to memorize user name. In addition to my password, they also required me to enter a security code using an on-screen virtual key board. As if that was not enough, they kept shifting the location of letters on this keyboard, seemingly for the sole purpose of confusing me further. Why was all that necessary?

Ironically, I shifted our money from ING into HSBC, which adopted very similar and annoying security measures only a few months after I opened an account with them.

Interestingly most of our financial institutions have not changed their security and log-in procedures. Our credit card companies, online broker, 401k providers etc. all require a simple user name and password for log-in. Quite frankly, this simpler approach is perfectly fine with me. I feel just as secure with those basic measures as I do with those more elaborate and cumbersome ones.

Do you have similar examples? What's you opinion of the trend towards tighter and more cumbersome security measures?