For many years, banks have been enduring symbols of safety and reliability, safeguarding financial resources and sensitive information. With the transition into a digital era, banks have upheld this legacy by pouring billions of dollars into cybersecurity to tackle increasingly advanced online threats. While it is undeniable that banks ought to secure their digital assets and vaults, the physical security measures of traditional bank branches are surprisingly antiquated. In fact, the daily security practices in most U.S. bank branches still rely on protocols that were established over fifty years ago.
Rubber Duckies & Mid-Century Protocols
The current state of security in bank branches can be traced back to the Bank Protection Act of 1968. Enacted as a response to a surge in bank robberies across the nation during that period, this legislation required banks to implement and comply with standardized security measures. One commonly used protocol in banks nationwide is the “all clear” opening procedure, where two staff members show up at the branch—one remains outside while the other enters to conduct a security check. If everything appears safe, a signal—often as simple as a plant or a figurine like a rubber ducky—is placed in a front window to inform the second employee that it is safe to enter. Although this method may have sufficed in the past, it hardly fits within a modern security framework. Yet, remarkably, this remains the standard opening procedure for the majority of bank branches today.
“It’s quite astounding that even in 2024, we are still relying on such outdated practices,” comments Kevin Mullins, CEO of SaferMobility, a firm focused on updating branch security. “It only takes someone to observe this protocol for a couple of days to exploit it with minimal difficulty. Today’s criminals are significantly more clever, and security measures must be enhanced to address contemporary risks to employee and customer safety.”
In fact, the vulnerabilities present in the branch opening protocols have led to numerous instances known as “morning glory robberies,” where criminals strike during opening hours by exploiting the isolation of staff and the predictability of regular security processes.
Employee and Customer Safety at Constant Risk
Even though there has been a decrease in overall bank robberies since a significant increase in the 1990s, physical branches are still notably insecure. According to FBI statistics, there were more than 1,300 incidences of bank robberies, burglaries, and larcenies in the U.S. in 2023, and over 1,700 in 2022. These events often lead to not just financial loss but also trauma, injury, and life-threatening situations for bank staff and clients.
Mullins, who previously served as a bank CEO, recounted his own personal experience with a robbery at one of his branches: “Some of our employees were held at gunpoint and zip-tied for hours, resulting in years of trauma for them. One employee never returned to work and retired early the very next day.”
Despite the persistent threat posed by inadequate physical security measures, banks have focused on enhancing cybersecurity, allocating an average of 13% of their IT budgets to safeguard against digital threats, while the physical safety of individuals inside their branches is left uncertain.
Modern Solutions to a Decades-Old Problem
Innovative technologies are available to fill these gaps, but their adoption has been slow and is not legally mandated. For instance, SaferMobility provides electronic door systems that block unauthorized access until the branch has been completely cleared and mobile applications that enable employees to initiate panic alarms or communicate with headquarters in real time.
“Our goal is to create a security process that is seamless, proactive, and adaptable,” explains Mullins. “By utilizing integrated surveillance and automated systems, we can significantly minimize the risks that employees confront daily.”
These advancements do not solely focus on preventing robberies; they also equip employees with tools that promote confidence and tranquillity. Mullins emphasizes, “We’ve observed significant security improvements in settings like airports and government buildings. We are long overdue for effectively securing our nation’s bank branches, which are arguably among the top targets for violent crimes.”
The Need for Regulatory Reform
Mullins asserts that regulatory changes are crucial for encouraging widespread adoption of contemporary security solutions. “Banks aren’t ignoring the safety of branches out of spite or willful neglect—it often comes down to budgetary priorities,” he points out. Clear regulatory requirements could help modify those priorities, ensuring that physical security gets the focus it rightfully deserves.”
Experts concur that regulatory bodies must take action to facilitate change. Updated regulations from organizations such as the Federal Deposit Insurance Corporation (FDIC) or the Office of the Comptroller of the Currency (OCC) could provide the necessary impetus for banks to elevate branch security to match cybersecurity concerns.
How Banks Move Towards a More Secure Future
Banks have always been relied upon to protect what is most valuable, but that trust encompasses more than financial assets—it includes the security of the people who depend on these institutions every day. As cybersecurity evolves, it’s essential for branch security to advance as well, integrating more sophisticated technologies such as real-time encrypted alerts, advanced surveillance, and mobile connectivity.
“The technology is available, the need is clear, and the tools are in place,” Mullins states. “What’s lacking is the determination to implement them at the regulatory stage.”
The stakes couldn’t be more significant. As banks enhance their digital defenses, they must also prioritize the safety of the personnel and customers who visit their branches regularly. Because in 2024, a rubber duck perched on a windowsill simply won’t suffice.
