Connect with us

Interviews

HOW PROCUREMENT TRANSFORMATION CAN DRIVE BUSINESS VALUE, CONTINUITY AND RESILIENCE

Published

on

George Booth, Group Chief Procurement Officer, Lloyds Banking Group and Henrik Smedberg, Head of Intelligent Spend Management UKI, SAP

 

As the largest bank and insurer in the United Kingdom, Lloyds Banking Group counts on a vast network of global suppliers for everything from technology to office supplies and services. Managing supply chain risk is a top priority for the group’s procurement team. So is enabling optimum contract outcomes, supply chain sustainability, and simple, transparent buying and selling for employees and suppliers. To unify and standardise procurement processes and gain the deep data insight it needs to ensure stable, secure, and compliant supply chains for the bank and its customers, Lloyds embarked on a digital procurement transformation.

In this Q&A, George Booth, Group Chief Procurement Officer, Lloyds Banking Group and Henrik Smedberg, Head of Intelligent Spend Management UKI, SAP, explore how they embarked on a digital procurement transformation journey and the current challenges and opportunities in the procurement space.

 

  1. What are the complexities and opportunities of having such a broad ecosystem and what has the past year highlighted when it comes to supply chain risk?

George Booth: Lloyds Bank has been serving the households, businesses and communities of Britain since 1765. To serve more than 30 million customers, we rely on a vast network of global suppliers for everything from technology to office supplies and services. The supply chain ecosystem offers huge opportunities, particularly in managing end-to-end supply chain risks, driving value, leveraging innovation and ensuring supply chain sustainability. Managing such a broad ecosystem is a highly complex process, with a clear requirement for standardised procurement processes, transparency and insight to ensure stable, secure, and compliant supply chains for the bank and its customers.

Henrik Smedberg: Our recent research with Oxford Economics revealed that less than half (49%) of executives surveyed regularly refresh risk mitigation plans to address potential supply chain disruption. However, from panic buying loo rolls to the spike in e-commerce, the past year has highlighted the vital need for digitalisation and end-to-end visibility.

Managing supply chain risk has always been a priority for Lloyds, so our work together centred around continuing in this vein – providing the deep data insights needed to mitigate risk and ensure stable, secure and compliant supply chains for the bank and its 30 million customers.

 

  1. Covid has forced a number of companies to transform digitally, and this has increased trust in banks. What has this period been like for Lloyds and what have we learned about the importance of data and analytics?

George Booth: The impact of the pandemic has been felt across the world and even today the news round coronavirus is continuously and rapidly changing. Lloyds Banking Group is committed to providing a swift response to the latest updates to ensure that all our stakeholders are supported and kept well informed. By following a responsive, flexible and collaborative approach we have leveraged our supply chain to ensure extra support has been offered to customers, colleagues and suppliers when needed.

Henrik Smedberg: From our research with Oxford Economics, we have identified a small group of ‘Leaders’ which are organisations that have invested more in digital transformation and are further along in automating end-to-end processes. As such, these Leaders have been able to make better-informed spend decisions across the business, with 70% saying they have been able to gain a clear view of overall spend automatically, in real time. This allows them to achieve better results, compared with other respondents, in operational efficiency, supplier performance, compliance, risk management and cost reduction and tells us a lot about the importance of leveraging data and analytics.

 

  1. What were the core drivers of this partnership and how has the transformation project rolled out?

George Booth: With a need to unify and standardise procurement processes – and gain deep data insight to ensure stable, secure, and compliant supply chains for the bank and its customers – Lloyds embarked on a digital procurement transformation process. We needed solutions to stay agile, flexible and keep our services running by giving us complete visibility into our supply chain, to manage risk and deliver real business value, as well as ensuring colleague experience was vastly improved. The partnership with SAP Ariba provided expert guidance and the technology proposition to make our digital procurement transformation work.

Henrik Smedberg: We worked with Lloyds to help accelerate them into the ‘Leaders’ category. Automatic integration of contract terms, pricing and discount data into POs has increased visibility for sourcing managers; machine learning has helped optimise catalogues so buyers can find what they need quickly; procurement data analytics has increased spend visibility to allow greater buyer autonomy. This has enabled Lloyds to achieve spend management transparency to support supply chain continuity and resilience – something all organisations aspire to achieve.

 

  1. What benefits have you seen as a result of working together and what does this mean for the future?

George Booth: Under the theme simplify, integrate, digitise, the programme motto focused team members on the colleague journey, stating: ‘You can only make a first impression once.’ One statistic captures the colleague journey success: it now takes an average of six clicks to complete a transaction, compared to 30. This user-friendly experience, automatic integration of contract terms, pricing, and discount data, as well as machine learning to optimise catalogues has transformed the requisitioner experience.

Henrik Smedberg: Our work with Lloyds shows us that organisations need to take a three-pronged approach to mitigate supply chain risk and advance their procurement digital transformation: embrace data and analytics, unlock the power of AI and drive adoption. As our research demonstrated, those that have done all three have been able to strategically up-level their procurement function for better business impact, and Lloyds is a shining example of best practice.

Interviews

How MFA can protect the financial sector from the unprotectable

Published

on

By

The financial sector has long been a primary target for threat actors. However, the unique infrastructure of core financial systems means these critical resources often fall outside the scope of standard security solutions.

Multifactor authentication (MFA) is one such solution. We ask Yiftach Keshet, Director of Product Marketing at Silverfort, what are the limitations of traditional MFA to the finance industry, and what can be done to start protecting these unprotectable core systems.

 

Q: What are the security challenges with traditional MFA?

Multifactor authentication (MFA) has become something of a default secondary line of defence against credential theft. Requiring users to input two or more verification factors in addition to their username/password combination makes it much more difficult for threat actors to simply access the network with credentials stolen through phishing or a previous breach.

However, the system is far from perfect and presents several challenges. One issue is that MFA is rarely fully supported by legacy banking infrastructure or command-line access to servers and workstations.

Kerberos and NTLM, two of the most common authentication protocols in on-premises environments, don’t support MFA. As such, an attacker that has infiltrated the network and managed to obtain user credantials will be able to access critical servers without going through the MFA process.

Yiftach Keshet

Alongside this, traditional MFA is usually deployed at the resource level. In a high-scale environment it practically means that full coverage of all resources with agents or proxies will never take place. Additionally,  as businesses continue to grow their digital footprints, the resources required to deploy, configure and maintain MFA quickly increases. This can quickly become unmanageable, particularly in the financial sector where digital transformation has been a leading priority for the last few years.

As a result of these issues, core banking resources are often excluded from MFA protection. This greatly increases the organisation’s risk exposure, as threat actors that make it inside the network may potentially gain full access to critical systems with few effective checks or barriers.

Financial organisations need to change their approach to MFA if they are to close this critical gap in their defences.

 

Q: How can these challenges be overcome?  

The shortcomings of traditional MFA can be overcome with a new model known as Unified Threat Protection. Rather than being applied individually at a resource level, this is an agentless, proxyless approach that natively integrates with the organisation’s Active Directory and Identity and Access Management (IAM) solutions. This means it can be uniformly applied to continuously monitor, analyse and enforce MFA policies across the entire environment.

Because all authentication requests are handled through the organisation’s IAM solution, directly integrating MFA at this point solves the coverage problem. Not only is it far easier to scale MFA as the organisation’s IT footprint expands, but an MFA layer can now also be applied to core banking infrastructure that was previously unprotected.

 

Q: What are the use cases for using MFA to improve safety practices for banking?

There are multiple financial use cases that stand to benefit from the Unified Threat Protection approach to MFA.

The first and foremost of these, is the access to the banking applications that don’t natively support MFA today. This new approach enables them for the first time to obtain the same level of secure access that modern SaaS applications have.

Remote access tools, for example, have become extremely important in the new world of remote and hybrid workforces. However, because standard MFA typically needs to be deployed individually to each endpoint, it is common to find many machines in the environment are not protected, creating a critical attack path for threat actors. The new agentless MFA model can be directly integrated with Active Directory, ensuring that all machines are equally protected, regardless of location.

In another example, admins at financial institutions typically use command-line tools such as PsExec, Remote PowerShell, and WMI for configuring, managing and troubleshooting machines in their environments. However, these same toolsets are exploited by threat actors to spread ransomware and achieve lateral movement. If the authentication protocol of command-line tools is not protected by MFA, attackers can use these tools to access and manipulate the system.

Again, the agentless and proxyless nature of the Unified Threat Protection model closes this gap as all core systems will require MFA, significantly slowing or even completely stopping any threat actor within the network.

 

 

Q: How a bank can bolster their cyber resiliency against ransomware with MFA?

Ransomware has begun to dominate the threat landscape in recent years. Financial organisations have a lot to lose, because a ransomware outbreak rampaging through their core systems could cripple the enterprise and cost millions in lost business and recovery efforts – even before factoring in legal and regulatory impact if customer data is compromised. File shares are a common method for accessing systems and propagating ransomware to increase its impact.

Traditional MFA has proven to be ineffective against the threat of ransomware, as it cannot be applied to file shares managed by a CIFS (Common Internet File System) authentication protocol. However, a Unified Identity Protection MFA can cover this gap as it can apply coverage through Active Directory, regardless of which protocols are being used.

Continue Reading

Interviews

Finance Derivative Interview with James Burton senior director of product management at LexisNexis Risk Solution, Insurance, U.K. and Ireland

Published

on

By

  • What led you to move from the financial services sector to insurance?

I worked as a market analyst and global derivatives trader for three years then moved into banking for close to five years before a brief stint at a data and technology company. The switch to insurance came about for several reasons.

Firstly, the banking sector is relatively mature in its use of data and I could see how transformative data and technology could be for the insurance sector – I wanted to play a part in that.

Secondly, LexisNexis Risk Solutions was still a relatively new brand in the UK insurance market when I joined, although the business had a 40 year plus history in the U.S. The position of head of data analytics was a fantastic chance to work for a business with a clear vision to deliver innovative data and technology solutions to help insurance providers better understand risk.

Thirdly, I could see the massive potential of contributory data solutions in insurance so that the whole market has an opportunity to benefit. Obviously the more contributors you have on board, the more powerful the database becomes. Close to 100% of the motor insurance market is now contributing to our Motor Policy History Database and benefiting from digitised No Claims Discount proof.  We intend to repeat this success with our claims database for home, motor and commercial.

 

  • Are there parallels to be drawn between customer verification processes in banking and those now being used in Insurance?

James Burton

Yes, while insurance providers aren’t subject to all the same Anti Money Laundering and Know Your Customer regulations as lenders, the sector is experiencing high levels of fraud and this has driven innovations in data solutions to validate the applicant, customer or claimant is who they say they are, at speed, at each part of the customer journey.  Solutions such as email address-based fraud risk scores and our unique customer identifier stem from identity solutions that have been used with success in the banking sector.

 

  • How much have the new pricing rules in insurance changed the way insurance providers use data enrichment services?

Insurance providers must now ensure the consumer’s risk is assessed as accurately as possible and in-turn priced fairly, using the same processes and data the insurance provider would use at new business.  As a consequence we are now seeing an increased demand for data enrichment at renewal.  Crucially, insurance providers can now use one point of access to data enrichment rather than calling out to multiple data sources, to allow risk assessment at individual, asset, household and postcode level with intelligence delivered on all individuals associated with the quote in a single transaction.

 

  • What do you believe have been the most exciting innovations in the insurance market in the past year?

The insurance market is constantly innovating in response to the changing needs of customers. The emergence of short-term insurance solutions is a good example and an area we are watching closely.

Clearly the more accurate and actionable data at your fingertips the better you can price a quote – whether for a day’s cover or a year – help customers mitigate risk or settle a claim.

The availability of Advanced Driver Assistance Systems data at quote has also been a big change for the motor insurance market.  Having this data at a Vehicle Identification Number level gives insurance providers a much clearer indication of the risks associated with a specific vehicle.  The availability of this data at the VIN level is a true industry first and one that only grows in importance and value as more cars come fitted with ADAS as standard.

 

  • Fraud is being highlighted as a rising challenge for all parts of the financial services market – how do you think this will play out in insurance specifically and what are the possible solutions?

The pressure on household finances this year has been well documented and insurance providers are all too keenly aware of the environment this can create for fraud at application and claim. Aviva confirmed recently that it had identified fraud on more than 20,000 motor policy applications. Of these, ghost broking accounted for 15% of all the application fraud detected[i]. One of the tactics used by ghost brokers is to buy a cheap policy using fake details with the victim buying the policy listed as a ‘named driver’.

This scheme underlines the importance of validating the identity of named drivers to the same level as main proposers, exploiting the latest advances in swift, front-end fraud detection to flag any links to past fraud and highlight if the information provided for a quote may have been manipulated for a cheaper premium.

At claim, soon insurance providers will have access to a whole raft of data enrichment solutions to better understand risk, including highly granular claim history data gathered from across the market.  This is set to provide a real step-change in understanding the risk of fraud at first notification of loss (FNOL).

 

  • Affordability of insurance is going to be a key concern for the insurance market given the cost-of-living crisis – how can data help insurance providers in this regard?

The insurance sector will be looking at how it can offer greater flexibility and convenience to customers where payment options are concerned, particularly in the case of mandatory insurance. By bringing in insight on premium affordability based on credit data, as part of the quote process, insurance providers can help ensure customers get the correct insurance protection with the option to pay the premium in a way they can afford.

Ultimately, doing the right thing for customers comes down to ensuring you understand their needs as fully as possible at the point of quote and claim.  In this way you can turn what is essentially a mandatory purpose into something individuals really value.  Supporting insurance providers in this regard through data and technology is what we do all day every day.

 

[i] https://www.aviva.com/newsroom/news-releases/2022/05/insurance-claims-fraud-up-by-13percent-in-2021/

Continue Reading

Magazine

Trending

Business18 hours ago

Four ways traders can manage risk

By Dáire Ferguson, CEO at AvaTrade   Understanding the markets in which you are trading is incredibly important to optimising...

Top 101 day ago

Pro Tips To Consider Before You Decide To Refinance Your Vacation

Refinancing debt is when you attempt to apply for a new loan or debt instrument. The goal is to get...

Finance1 day ago

The Rise of the Modern CFO: A Leader for the Information Age

Adam Zoucha, Managing Director, FloQast EMEA   Financial management is one of the oldest professions in the world, and for...

Business1 day ago

Out of office, home and away, moving up, moving on; when security goes AWOL

Steve Bradford, Senior Vice President EMEA, SailPoint    The financial services industry has one of the highest rates of insider...

Top 101 day ago

Looking to the future: How the insurance sector can meet new customer demands

By James Harrison, Head of Insurance at Dun & Bradstreet   It’s been over two years since the pandemic began,...

Business1 day ago

How IT optimisation can reduce costs and increase efficiency for businesses

by Alan Hayward, Sales and Marketing Manager, SEH Technology   In today’s digital world, business success is centred around technology....

The data literacy gap The data literacy gap
Business1 day ago

How Strong Customer Authentication can Prevent Cart Abandonment

Sham Careem, Telecom Solutions Consultant, Infobip   In 2020-21, UK residents and businesses lost over £2.5bn to fraud and cyber-crime....

News1 day ago

OneID® is now a certified Digital Identity Service Provider (ISP) under the UK Digital Identity & Attributes Trust Framework (DIATF)

OneID® is now a certified Digital Identity Service Provider (ISP) under the UK Digital Identity & Attributes Trust Framework (DIATF)...

News1 day ago

Lack of corporate disclosures forces asset managers to cast a wide net for ESG data

Buy-side financial services firms using an average of close to ten ESG sources today   More than seven out of...

Business1 day ago

Why mid-sized businesses are the driving force behind global B2B payment innovation

By Spencer Hanlon, Head of Europe, Nium   Change is coming to global B2B payments, and it is being heavily...

Business2 days ago

Finance brands need a new approach in the Privacy-first era

By Richard Wheaton, UK MD of global data company fifty-five   Trust is a brand value that pertains to every...

Finance2 days ago

Why You Should Work on Your Financial Literacy

Ebo Aneju   A lack of financial understanding plagues our society. Most people have very little understanding of finances, which...

Business3 days ago

A new beginning for financial services B2B marketing

Michael Richards, Managing Director, alan agency   Financial services B2B marketing is dead. A bold statement with B2B ad spend...

Finance3 days ago

Boosting Blockchain Security with Graph Technology

Dan McGary is Senior Sales Executive for Mid-Market Enterprise East at graph database leader Neo4j   As blockchain-backed cryptocurrencies become...

Business3 days ago

Need a business broadband package? Here’s what you need to know

Author: Kerry Fawcett, Digital Director at Radius Payment Solutions   Does your business have a broadband supply that is speedy,...

Finance3 days ago

Double and triple extortion tactics cornering financial services organisations

By Ian Wood, Senior Director and Head of Technology, UK&I at Veritas Technologies   Ransomware continues to keep those in...

Banking3 days ago

How are Variable Recurring Payments set to revolutionise the future of banking?

Sean Devaney, Vice President of Banking and Financial Markets at CGI UK   The adoption of Variable Recurring Payments (VRP)...

Top 103 days ago

Energy Storage Represents Latest Investment Opportunity in the Clean Energy Transition

Alan Greenshields, Director of Europe, ESS Inc.  The ongoing transition to clean energy has spurred new technologies, new markets and...

Business4 days ago

Innovate UK £25 million up for grabs: July deadline approaching

By Emma Lewis, Myriad Associates   The latest instalment of Innovate UK’s SMART grant competition was launched in April and...

Business4 days ago

Is telephone Hot Desking really needed anymore?

By Simon Horton, VP of International Sales at Sangoma   The world of work has totally transformed as we all...

Trending