Connect with us

Finance

HOW THE FINANCIAL SECTOR CAN PREPARE FOR THE NEW AGE OF RESILIENCE

Published

on

Richard Harmon, VP & Global Head of Financial Services at Red Hat.

 

The EU’s new DORA legislation is ushering in strict rules on technology use. Businesses should embrace it as a new way to unlock innovation.

Ever since the 2008 global financial crisis, governments and regulators have been on a mission to build integrity and resilience back into their banking and financial systems.

In the EU, DORA (Digital Operational Resilience Act) is the latest effort. Due to be passed in March 2022, it will mandate that financial organisations ensure the resilience of all the technologies in their stack. Liability is a key tenet—if you run it, then you have responsibility for it, goes the new rule. That brings third-party systems and applications into the arena of an organisation’s accountability. It’s not just big banks that will be under the spotlight. DORA will apply to all sorts of financial businesses, from credit and payment providers to investment and insurance firms; cryptocurrency exchanges to crowdfunding platforms.

Richard Harmon

Outside the EU regulators are ready to follow suit. In the UK, the Bank of England has requested policy powers to assess, and if necessary intervene, in banks’ migrations to cloud hyperscalers. The Federal Reserve, Congress and other policy leaders in the US have started to explore whether regulators there are properly set up to address cloud concentration risk exposures. In Singapore, Hong Kong and Australia, banks are now required (to varying degrees) to conduct due diligence checks on technology partners to demonstrate that they have satisfactory safeguards and response plans in place in the event of a disruption.

DORA (and whatever may follow) comes at a time when many institutions are adding complexity, and so risk, to their technology supply chain. The undeniable benefits of cloud are likely to prompt more mission-critical workloads to head there. These workloads attract more profound security considerations, and new vendors are sought that can protect these core systems. So too partners that can modernize legacy platforms and applications, and power the digital innovations that leave customers happy and the competition behind.

The result is a hyper-connected finance sector. Organisations now access a vast array of third party data and technology services from the same public cloud servers and data centers. If one organisation is vulnerable, it may impact everyone else. The Federal Reserve estimates that an attack on any one of the five most active banks in the US could spill over to impact 38% of the national financial network. The subsequent liquidity hoarding and forgone payment activity could reach more than 2.5 times daily GDP.

In 2020, the global finance sector reported 1,188 security incidents and data breaches, around 3.4% of the all-industry figure. Victims have included some of the biggest names in finance. The Equifax breach of 2017 saw hackers steal credit card numbers of over 209,000 customers. It cost Equifax up to $700 million in fines, and the jobs of its CEO, CIO, and CSO. A 2019 attack of Capital One resulted in 80,000 bank accounts being compromised in the U.S and one million Canadian social insurance numbers leaked. Most recently, $613 million in crypto tokens was stolen from the Poly Network platform by hackers. Security hacking has become professionalised and nation-states sponsor some of the most effective operations.

This all points to the need for a more community-minded approach. Make resilience and security a team effort rather than a lone pursuit, since financial systems no longer exist in isolation. If institutions pull down their walls of secrecy, there can be a holistic view of how everything is stitched together, benefiting the whole ecosystem. The ‘single pane of glass’ solution that has become the established practice in SecOps must now be the ambition for the sector as a whole. Accept that, and the logical next steps are a sector-wide strategy; collective selection, procurement and deployment of shared solutions; and coordinated attack prevention and remediation teams and processes.

At Red Hat, we are trying to kickstart this collaborative spirit. Working with some proxy data and partner organizations, we are mapping how the global financial sector is connected technologically and then running simulations to show how a system failure or attack in one place could play out. The aim is to understand what types of critical financial infrastructure and applications are most impacted by a bank’s cloud deployment strategy, predict contagion trigger points that might yield systemic risk events, and quantify impacts on the overall economy. Regulators, banks and cloud providers alike can benefit from these insights. These are the same modelling principles that have helped virologists predict the path of COVID-19.

Having spent almost two decades working with financial institutions, I know what a cultural shift this open collaboration can be. So, let’s also consider how organisations can build resilience by looking inwards.

Intuitively perhaps, going all-in with one cloud hyperscaler may seem like the best option. One vendor, one suite of systems, fewer points of vulnerability—right? Not quite. Dedication to one player can leave you exposed to their whims and errors. It should be worrying then that at present the market is highly concentrated, with a 2020 survey by the Bank of England finding that almost three-quarters of banks, and an even greater proportion of insurance firms, are served by the same two cloud infrastructure providers. That feels inconsistent with the 98% of financial firms that are following an open source strategy, as reported by Red Hat in The State of Enterprise Open Source. A driver of that is containerization; the same report found that 75% say they plan to increase their use of containers in the next 12 months. Doing so will help make them more secure and resilient. A container platform can provide the standards and oversight to secure multiple best-in-class cloud vendors, as well as the application portability to keep future options open.

Make resilience and innovation partners, rather than opposing forces. Take an approach that is genuinely holistic, with security baked-in to the DNA of the ecosystem, rather than added as an afterthought, and you have innovation with resilience.

 

Finance

AIRBANK SELECTS YAPILY TO BUILD A FINANCIAL MANAGEMENT SOLUTION FOR SMBS

Published

on

By

Airbank, a financial management solution for European startups and SMBs, has selected open banking infrastructure provider Yapily to help its users manage their finances with ease.

Airbank provides a simple financial management solution that aggregates all bank accounts in one place and delivers more control, visibility, and automation to modern finance teams. Startups & SMBs use Airbank to access bank accounts, monitor cash flow in real-time, create reliable forecasts, and make business payments.

Airbank matches bank transactions with merchant and category data to give finance teams complete visibility into revenues and expenses, thus helping make their lives easier with cash flow budgeting, forecasting, and reporting.

Yapily’s API infrastructure provides Airbank users with a smooth, simple way to connect to more than 1,500 banks across the UK and Europe including Deutsche Bank, Commerzbank, Sparkassen, Volksbanken and neobanks. Airbank selected Yapily for its strong coverage in Europe, with a specific focus on Germany, France, Spain, and the UK. Yapily’s European bank connectivity enables Airbank’s customers to scale and grow across Europe, delivering forecast visibility anywhere they go.

The partnership with Yapily alleviates Airbank’s customers from spending time and resources managing their finances – giving them direct access to all the financial and contextual data they need in one tool. Historically, most businesses created budgets and cash flow forecasts in manual spreadsheets which is time-consuming and error-prone. With Airbank, customers save time and costs to focus on value-adding business tasks.

The partnership also enables Airbank’s customers to use its data enrichment platform and transaction categorisation engine to turn the raw data from bank accounts into meaningful and actionable insights. Airbank reconciles account balances, forecasts financials and helps business owners make smarter business decisions every day. Harnessing Yapily’s leading open banking infrastructure, Airbank can accelerate its adoption of digital banking services.

Airbank’s vision is to simplify financial management for SMBs and to create a unified platform that helps its users with the full cycle of financial management from cash flow analysis and forecasting, to accounts receivables and payables management, and more. Airbank has raised $3m seed funding from leading VCs, and counts hundreds of users in Germany, Austria, France, Spain and the UK.

Open Banking has enabled smooth integrations with banks, which we utilize to offer richer banking and payments experiences for our users. We’re building a business banking solution that connects all your financial accounts in one place. Our partnership with Yapily gives users a smooth and simple way to connect to thousands of banks in Europe, unlocking real-time insights into their cash flow. We eliminate the pains of finance admin so business owners can focus on what’s really important — growing their business.

Christopher Zemina, Co-founder and CEO of Airbank

Airbank helps simplify the daily routine of banking and finance management for small and medium sized businesses. By leveraging Yapily’s open banking infrastructure, Airbank can provide actionable insights to businesses – at a time where it’s needed. As a small yet fast growing company, Yapily is committed to supporting the SMB community and we are excited to see how Airbank delivers the benefits of open banking to many businesses across Europe.

Comment by Chris Scheuermann, Commercial Lead DACH at Yapily

 

Continue Reading

Finance

AI AND HOW IT’S LEADING THE FIGHT AGAINST FRAUD IN THE FINANCIAL SECTOR

Published

on

Geoff Clark, Managing Director, Aerospike EMEA

Much like many other sectors financial institutions have accelerated their digital transformation projects since the beginning of the pandemic. Lockdown meant that customers could no longer visit local branches or meet in person with their financial advisor. Financial institutions have no choice but to find alternative ways to serve their customers.

We saw banks quickly adapt and improve their automation tools to interact with their customers online.  Technologies that enable chatbots, credit card brokerage, contactless payment cards, digital verification for onboarding, online insurance applications, mobile apps, recommendation engines, robo-investing and robotic process automation (RPA) were just some of the many solutions deployed. Here in Europe, Ernst and Young (E&Y) reported an increase of 72% increase in the use of FinTech apps since the start of COVID-19.

Geoff Clark

Cybercriminals typically opt for the lowest hanging fruit and as financial institutions clambered to expand their digital services the cybercriminals looked to identify and exploit any weakness in the infrastructure providing the backbone for these technologies. Exploiting the vulnerabilities of financial institutions is not new as they have long been a coveted target for fraudsters. In the main, that’s due to the wealth of sensitive personal and financial information they hold. Throw into the mix pandemic relief funds, increased unemployment benefits, and stimulus payments, and you have the perfect playground for fraudsters.

A recent report found that every dollar lost to fraud costs financial service companies as much as $3.78 — an increase from $3.25 in 2019. But fraud’s impact is much deeper than financial loss. It drains company resources to investigate and prosecute fraud, damages reputations, and puts customer retention at risk. For these reasons alone, it is imperative that the appropriate systems and processes are in place to combat fraud.

 

Analysing Fraud

The majority of financial institutions still rely on dated rule-based systems to mitigate fraud risk. These systems can consist of thousands of predefined rules that store, sort, and manipulate data to find fraud patterns. For example, a rule could say, if there is a credit card transaction in one state and another transaction in a different state within a 30-minute time frame, then this is likely a fraudulent transaction and therefore it declines the transaction.

Rule-based systems are static, hard-coded, and time-consuming to update, and are often one step behind the sophisticated techniques fraudsters use. When fraud occurs, the typical response is to create another rule that prevents another attack, but it’s often too late.

Fraudsters continue to find new ways to commit fraud that rules don’t capture.

The trend we’re seeing from financial institutions is to replace rule-based systems with AI and machine learning-based systems as they’re more effective. These systems are largely self-learning and there is so much more data available and the more information they’re fed the more effective they can be. Rather than using tens of data attributes with rule-based systems, AI and machine learning-based systems can analyse hundreds of data attributes over enormous data sets and longer time frames to automatically detect with higher accuracy unusual behaviours that indicate fraud. For example, Barclays Bank has implemented AI systems to detect and mitigate fraud improving the customer experience in the process through the reduction of false positives and false negatives.

AI and machine learning-based systems are heading toward explainable AI (XAI), an emerging sector in machine learning that addresses how AI systems arrive at their black-box decisions. Financial institutions know the inputs and outputs of these systems, but they lack visibility into how they reached the results.

Building XAI into AI systems enables banks to understand how decisions are made and create better models to improve their systems by removing bias. For example, suppose a fraud system declines a legitimate customer’s credit card transaction. In this situation the financial institution needs to understand why the false positive has occurred so it can further refine its model.

XAI also has data privacy in its favour particularly when it comes to compliance. Under the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA)—and with other data privacy laws coming—financial institutions need to comply with specific mandates. They must be able to explain how they use a customer’s personal information and how they came to decision such as declining a credit card transaction. Overlaying XAI on top of their AI systems, ensures they have far great visibility into how decisions are being made by AI/ML systems.

 

Constructing a Fraud System Architecture

To emulate some of the industry’s more innovative organisations financial institutions must understand and pursue best practices when building their AI-based fraud systems. They should work alongside technology organisations but also work with their line of business managers to understand how fraud is impacting their business, what their greatest weaknesses are, how customer satisfaction can be improved, and how they can incorporate customer fraud/risk metrics into their customer analytics to improve their omnichannel marketing campaigns. Customer data collected and analysed by fraud teams are some of the most robust depositories of customer information making them invaluable to marketers.

When looking to build a world-class system, financial services firms should consider the following steps:

  • The fraud system needs to likely consume hundreds of terabytes of data, perhaps even petabytes for the largest firms.
  • Data must be continuously updated in real time from many sources such as internal customer and transaction data from storefronts, web pages, and mobile devices, as well as third-party demographic, behavioural, geo-location, identity management, credit bureau, and other data types.
  • This data will usually need to be prepared, e.g., cleansed, standardised, and normalised, to convert it into a form that AI/ML models can more easily digest and understand.
  • The data needs to move back to the central data platform to be further enriched.
  • At this point those financial institutions can fine-tune the model parameters, test and select the optimal machine learning algorithms, feed them with data to learn the underlying patterns, and validate the model’s accuracy to make good decisions using data that was not part of the training set.

After the above steps are completed and they are satisfied the model can be deployed to act in the microsecond moments that are necessary to fight fraud.

As technology evolves at such a fast pace all organisations must aim to implement a fraud solution that can combat the increasingly sophisticated fraudsters while implementing the following key elements

  1. Large data sets (TeraBytes, PetaBytes) consisting of both internal company data supplemented with third-party data;
  2. Highly optimised and validated AI/ML algorithms that detect fraud and minimise false positives and false negatives;
  3. A real-time data platform capable of running these AI/ML algorithms across enormous data sets in sub-millisecond response times to provide customers with the fast customer experience that they expect.

 

 

 

Continue Reading

Magazine

Trending

Business1 day ago

OUTSOURCING YOUR IT SOLUTIONS CAN SAVE YOU FROM COSTLY DOWNTIME

Amir Hashmi, CEO and Founder of leading IT and Cloud services provider Zsah, discusses why you need full-time professionals if...

Banking2 days ago

HOW TRADITIONAL INSURERS CAN USE TECHNOLOGY TO IMPROVE THEIR RELATIONSHIP WITH CUSTOMERS

The customer experience with insurance is anomalous, in that one is only required to engage with their insurer if things...

Business3 days ago

THE FUTURE OF CLOUD: HOW TO KEEP YOUR DATA SAFE

By Pete Braithwaite, COO of KIT Online Cloud services are inherently scalable, responsive and flexible. They offer huge flexibility –...

Business4 days ago

ETRADING SOFTWARE AND ARTIS HOLDINGS LOANS ELECTRONIC PLATFORM OPEN FOR BUSINESS

The Bids Wanted in Competition (BWIC) process completes on the WIC trading platform   Etrading Software, the independent, global provider...

Finance4 days ago

AIRBANK SELECTS YAPILY TO BUILD A FINANCIAL MANAGEMENT SOLUTION FOR SMBS

Airbank, a financial management solution for European startups and SMBs, has selected open banking infrastructure provider Yapily to help its...

Interviews4 days ago

COULD YOU PROVIDE US WITH SOME BACKGROUND ON YOUR CURRENT ROLE WITHIN THE FINANCIAL SERVICES SECTOR?

– Shanker Ramamurthy, Global Managing Partner – Banking at IBM, BIAN Executive Board Member   I lead the banking consulting...

Business4 days ago

IT COST MANAGEMENT: 10 STEPS BUSINESSES CAN’T IGNORE

By Matt Dando, Director, Strategic Business Value Consulting at Serviceware   In today’s ever-accelerating digital era, and as we recover...

Banking5 days ago

UNCHARTED TERRITORY: HOW OPEN BANKING CAN HELP BANKS NAVIGATE COVID CHALLENGES

Opinion from Rafa Plantier, Head of UK and Ireland at Tink The last year has propelled banks, businesses and consumers...

Finance5 days ago

AI AND HOW IT’S LEADING THE FIGHT AGAINST FRAUD IN THE FINANCIAL SECTOR

Geoff Clark, Managing Director, Aerospike EMEA Much like many other sectors financial institutions have accelerated their digital transformation projects since...

Banking5 days ago

HOW DIGITAL IS MAKING THE ‘IMPOSSIBLE’ POSSIBLE FOR FINANCIAL FIRMS

  By Lavanya Kaul, Head of Customer Success, BFSI, UK&I, LTI Article synopsis: Focused on the digital transformation of the...

News5 days ago

DANSKE BANK TO BRING DOMESTIC SCHEME, DANKORT, TO APPLE PAY

Danske Bank, Denmark’s leading bank, supported by Nets, will bring Dankort to Apple Pay Dankort is the preferred means of payment...

News5 days ago

TACKLING THE FORGOTTEN PLASTIC PANDEMIC: CLIMATE CHANGE

By Mark Taylor, Group CCO, Waterlogic   Last year the COVID-19 pandemic was, quite rightfully, at the forefront of all...

News5 days ago

CROWN AGENTS BANK ACCELERATES GLOBAL GROWTH AND EXPANDS INTO NEW MARKETS WITH MULESOFT

MuleSoft, provider of the world’s #1 integration and API platform, today announced that Crown Agents Bank (https://www.crownagentsbank.com)  is using MuleSoft to digitally...

Finance5 days ago

THE IMPORTANCE OF ACCURATE AND TRUSTED TIMESTAMPING IN FINANCIAL SERVICES

Richard Hoptroff, CTO, Hoptroff   Recent global financial regulations such as MiFID II require that all stock exchanges, credit institutions,...

Business5 days ago

HOW OPEN DATA CAN HELP FIGHT CLIMATE CHANGE

David Lais, Co-Founder and CPO at Ecolytiq – providing banks and financial institutions with the digital infrastructure for green finance....

Business1 week ago

NOW’S THE TIME FOR THE INFRASTRUCTURE SECTOR TO GET IR35 RIGHT

Matt Fryer, Head of Legal Services at Brookson Legal   The Government’s recently announced £650bn programme of infrastructure works is...

Business1 week ago

MAKING THE MOST OF RPA TO ENHANCE THE CUSTOMER EXPERIENCE

Standfirst: Capturing and analysing business processes should be a prerequisite for any implementation of robotic process automation, argues Dr Gero...

Banking1 week ago

FINTECHS AND BANKING POST-COVID

COVID-19 has forced businesses and society to adapt to new realities. From big-name Wall Street banks to up-and-coming financial technology...

Technology2 weeks ago

WHY AGILE TECHNOLOGY PLATFORMS ARE THE KEY TO EFFECTIVE INNOVATION

Sujit Unni,CTO, Paysafe   A main reason why platform technology can prove to be so effective for a business is...

News2 weeks ago

DIGITAL TOKEN IDENTIFIER REGISTRATION OPENS WITH ETRADING SOFTWARE

Top 100 cryptocurrencies can now be tracked authoritatively using new ISO standard   Etrading Software, through its non-profit division the...

Trending