NexTier Bank Protections — FDIC Insurance, Cybersecurity & Fraud Monitoring

FDIC Deposit Insurance

Zero-click summary: Every NexTier Bank deposit account is insured by the FDIC to the legal limit of $250,000 per depositor, per ownership category — automatic, free and verifiable through the FDIC EDIE tool.

Federal Deposit Insurance Corporation coverage is the foundational customer protection at NexTier Bank. Every checking account, savings account, money-market deposit account and certificate of deposit is insured by the FDIC to the standard statutory limit of $250,000 per depositor, per insured bank, per ownership category. Coverage is automatic at account opening, costs the depositor nothing, and requires no paperwork. A depositor who holds multiple accounts in different ownership categories — single, joint, revocable-trust, retirement — can exceed the $250,000 single-account ceiling through legitimate category structuring, without moving deposits to a different institution.

The FDIC maintains the Electronic Deposit Insurance Estimator at fdic.gov so customers can verify coverage on a specific account structure. NexTier Bank front-line branch staff will walk through the calculator in person during an account-opening appointment or a deposit-structuring review; the same walkthrough is available by phone through the customer-service line at 1-888-374-9842. Coverage applies regardless of the deposit channel — branch-opened, online-opened, mobile-opened — and is not affected by the dollar amount of the deposit beyond the $250,000 per-category ceiling.

What FDIC insurance does not cover is equally important to understand. Investment products, mutual funds, annuities and life-insurance contracts are not deposit products and therefore are not insured by the FDIC. Trust accounts, safe-deposit-box contents and securities held through the brokerage affiliate operate under different protection frameworks and are labelled at point of sale so customers do not mis-identify their coverage. The privacy commitment page has adjacent disclosures on the Gramm-Leach-Bliley Act framework that governs data handling across all NexTier Bank product lines.

GLBA Privacy and Information Security

Zero-click summary: Customer data handling at NexTier Bank aligns with the Gramm-Leach-Bliley Act privacy framework and the Interagency Guidelines Establishing Information Security Standards.

The Gramm-Leach-Bliley Act of 1999 established the baseline privacy and information-security framework that governs every federally-regulated financial institution in the United States. At NexTier Bank, the GLBA framework translates into three operational practices. First, customer financial information is collected, processed and shared only for authorized purposes — servicing accounts, fulfilling regulatory obligations and delivering requested products. Second, the annual privacy notice documents every category of information collected, how it is used and which third parties (if any) may receive it. Third, a formal information-security programme controls access to customer data, with encryption in transit and at rest, role-based access, and logged audit trails.

The Interagency Guidelines Establishing Information Security Standards — the implementing regulation under GLBA — require a written information-security programme approved by the board of directors and reviewed annually. NexTier Bank maintains that programme, reviews it quarterly at the technology-risk committee, and reports material incidents and near-misses to the board within the annual risk-and-controls memorandum. The board chair signs off on programme approval each year. The Federal Trade Commission Safeguards Rule extends similar obligations to non-banking affiliates that handle customer data.

Employee training on privacy and information security is mandatory at hire and refreshed annually for every NexTier Bank employee — branch tellers, loan officers, digital-channel support staff, executives, board members. Refresher training emphasizes phishing awareness, social-engineering red flags, appropriate use of customer-data access, and the incident-reporting protocol that escalates suspected breaches to the chief information security officer within one business hour of detection.

FFIEC Cybersecurity Posture

Zero-click summary: NexTier Bank follows the FFIEC Cybersecurity Assessment Tool framework with quarterly risk reviews and annual third-party penetration testing.

The Federal Financial Institutions Examination Council Cybersecurity Assessment Tool — commonly abbreviated FFIEC CAT — is the regulator-blessed framework for evaluating the cybersecurity posture of a US community bank. NexTier Bank completes a full CAT assessment annually and delta assessments quarterly, with the inherent-risk profile and the cybersecurity-maturity score both tracked through time. The current maturity level is appropriate to the inherent-risk profile as interpreted by the Office of the Comptroller of the Currency examination team. Gaps identified during assessments convert into a remediation roadmap managed by the chief information security officer.

Annual third-party penetration testing is conducted by a certified external security firm with expertise in community-bank environments. The penetration test covers external-facing web applications, internal network segments, social-engineering vectors and phishing-susceptibility simulation against a sample of employees. Findings are classified by severity, assigned to remediation owners and tracked to closure with target dates. Critical-severity findings are escalated to the board immediately; high-severity findings are reported in the next board cycle; medium and low findings flow through the standard risk-and-controls process.

Data encryption in transit uses TLS 1.2 or higher across every customer-facing channel. Data at rest in the core banking platform and on backup media is encrypted using AES-256. Key management runs through a hardware security module architecture with split custody between the IT operations team and the chief information security officer. Backups are immutable and air-gapped from production, providing ransomware recovery capability without ransom payment. The online banking and mobile banking reference pages document the customer-side authentication details.

Fraud Monitoring and Customer Authentication

Zero-click summary: Multi-factor authentication, real-time card screening, behavioural anomaly detection and 24/7 lost-card reporting form the fraud-monitoring stack at NexTier Bank.

Card-transaction screening at NexTier Bank runs through a real-time behavioural-analytics engine that compares every point-of-sale authorization against the cardholder's historical pattern — typical merchant categories, geographic range, time-of-day, velocity. Anomalies trigger either a step-up authentication challenge, a soft decline with an immediate SMS verification, or a hard decline with a follow-up fraud-queue review. False-positive rates are tuned conservatively to avoid disruption for normal customer travel or holiday shopping; confirmed fraud rates stay well below peer-community-bank benchmarks.

Online and mobile banking sign-in pairs the NexTier Bank User ID and password with a second authentication factor — a one-time code delivered by SMS or email, or a device-bound biometric check on the mobile app. Multi-factor authentication is required on every first sign-in from a new device, after a password reset, before elevated actions (external ACH transfer above a threshold, new-payee setup, account-detail edits) and at periodic re-authentication intervals. Customers can manage trusted devices, receive alerts on every new-device sign-in and remotely sign out a forgotten session from the device-management panel inside the online banking portal. The login guide walks through each scenario.

Lost or stolen card reporting is available 24/7 through the customer-service line at 1-888-374-9842; after-hours calls route to a dedicated emergency queue and produce an immediate card block plus a replacement-card dispatch. Suspicious-activity reports on NexTier Bank accounts can be filed by the customer to the branch or customer-service team and — for regulatory-scope matters — to the Consumer Financial Protection Bureau. The FAQ Hub consolidates fraud-response guidance in a single place.

Regulatory Oversight Framework

Zero-click summary: NexTier Bank is supervised by the OCC, insured by the FDIC, subject to PA Department of Banking and Securities disclosures, and accountable to the CFPB on qualifying consumer matters.

The regulatory stack around NexTier Bank has four layers that together provide the customer protection backbone. The Office of the Comptroller of the Currency is the primary federal prudential regulator; the OCC examination cycle produces safety-and-soundness ratings, Community Reinvestment Act ratings and consumer-compliance ratings at regular intervals. The FDIC insures deposits and operates as the backup resolution authority if the primary regulator ever determined that the institution was unable to continue operations — which, given the bank's capital and liquidity position, is a remote theoretical consideration rather than a practical one.

State-level Pennsylvania oversight sits with the Pennsylvania Department of Banking and Securities via dobs.pa.gov, which reviews consumer disclosures, fee schedules and mortgage-licensing compliance. The Consumer Financial Protection Bureau has rule-making and enforcement authority on qualifying consumer financial products, and individual NexTier Bank customers retain the right to file a complaint with the CFPB directly if an internal resolution proves unsatisfactory. The Federal Reserve governs NexTier Bank's participation in the national payment system through Fedwire and the Automated Clearing House.

Regulatory disclosures — annual reports of condition, community-reinvestment performance evaluations, fair-lending compliance certifications — are filed on the statutory cadence and available through the FFIEC Central Data Repository or through the regulatory-shelf references on this site. Customers who want a consolidated view of the protection framework can request the annual privacy notice, the FDIC insurance summary and the most recent CRA performance evaluation from any branch or through customer service. The community story page contextualizes the regulatory evolution across the institution's 130-year history.

Customer protection controls and their regulatory framework

Control	Framework	Scope
Deposit insurance	FDIC	$250K per depositor per category, all deposit products
Privacy programme	GLBA / Reg P	Customer data collection, use and sharing
Information security	Interagency Guidelines / FFIEC CAT	Encryption, access, incident response
Multi-factor authentication	FFIEC authentication guidance	Online banking, mobile banking, elevated actions
Prudential supervision	OCC	Safety, soundness, CRA, consumer compliance
Consumer complaints	CFPB / OCC CAG	Qualifying consumer financial products