Connect with us

Banking

A RISK NOT WORTH TAKING: HOW BANKS CAN AVOID MILLIONS IN REGULATORY FINES

Published

on

By Barry Cashman, Regional Vice President UK&I, Veritas Technologies

 

Banks are increasingly under the regulatory microscope. The criminal case brought against NatWest for allegedly failing to comply with money laundering rules is case in point of this. If found guilty, the high street bank could face ‘unlimited’ fines.

Another area where banks can expect to continue facing severe scrutiny is in the area of data management and protection. The rise of online and mobile banking services has seen banks being entrusted with an increasing amount of highly sensitive personal customer data and, with the more recent accelerated shift to remote working during the height of the COVID-19 pandemic, this data has become more dispersed than ever before. As a result, banks have had to rapidly extend their IT infrastructures with complex combinations of cloud, virtual and on-premises infrastructures that can become increasingly fragmented and harder to manage. Veritas research found that most banks are currently struggling with this – 63% are suffering from a transformation gap where their security measures lag behind their complex IT infrastructures, meaning they have less visibility and control of their data than ever before.

If banks continue on this trajectory, they risk leaving themselves exposed to a triple-threat of becoming victim to cybercrime, facing hefty fines for regulatory non-compliance and eroding consumer trust. The truth is, cybercriminals have already been taking advantage of this ‘gap’ – in the first half of 2020 alone, SonicWall reported a 20% hike in ransomware attacks.

 

A game of trust

When customers choose a bank to do business with, they hand over vast amounts highly sensitive personal information which they expect to be treated with the utmost care and protection. If this data falls into the wrong hands, it could damage livelihoods beyond repair. Ultimately, this whittles down to one word: trust. It’s a concept that the industry relies upon to attract and retain customers.

But building an industry on collecting and using highly sensitive customer data is a double-edged sword – while banks can take advantage of a vast pool of valuable customer data to offer personalised services and explore new revenue streams, it also makes them a very attractive target for cybercriminals. In fact, research conducted by the Ponemon Institute reported that an incredible 70% of financial services companies in the UK suffered cyberattacks in 2020 alone. In addition, the Financial Conduct Authority’s requirement for more transparency into operational and security incidents revealed that major banks have suffered at least one out a month in recent years.  With a recent history plagued by cyber threats and outages, trust between customers and banks is fragile at the best of times. Just one more data breach or outage could bring the proverbial stack of cards tumbling to the ground.

 

Confronting some harsh truths

The honest truth is that many banks are not managing their data as well as they could be and are at huge risk of failing compliance checks.

Given the rising threat of ransomware, now is the most crucial time to be testing and perfecting recovery plans. Yet, Veritas research found that an enormous 46% of banks have either never tested their disaster recovery plans in the event of a ransomware attack or have not tested it in over 90 days. And despite nearly two-thirds (63%) of banks admitting to falling victim to a ransomware attack at some point in their history, more than one in 10 (14%) banks believe it would take them over a month to recover, if they are able to recover at all.

These figures demonstrate that banks are failing to prepare for when the inevitable ransomware attack strikes and could be doing much more to protect their most valuable digital assets. In fact, half (50%) of the banks surveyed have admitted to paying a ransom to recover customer data.

 

Taking away the risk factor

In a world where banks have had to rapidly accelerate their digital transformation plans and fundamentally shift the way in which they operate in the height of a global pandemic, how can they ensure their data protection strategies measure up?

The answer cannot be to just simplify their IT infrastructure: as the volume of data banks store continues to rise, banks have to accept that there is always going to be complexity in the IT environment. But there is a way to use tools to abstract much of the complexity away. By standardising the systems that manage data across their enterprise, banks can to start extracting value from their data.

Before simply jumping into any course of action though, it’s essential to understand what data they have, its value, where it needs to sit, who should access it and how long it needs to be held for. This data visibility doesn’t need to just be a defence measure though; gaining a better understanding of the data they hold can help banks identify trends and insights that can enable them to offer better customer experiences or open doors to new revenue streams. Without a full view this data, businesses are blind to their own potential.

Once they have visibility into their business-critical data, they need to ensure that business continuity and disaster recovery processes are optimised to protect it. In the event of a ransomware attack, an encrypted backup is the only line of defence. But it’s important to remember that there is no backup plan in place until it’s been tried and tested.

Testing disaster recovery plans help reveal cracks and vulnerabilities businesses otherwise would never have discovered. Are backups sufficiently isolated to avoid infection from spreading, are there enough copies of valuable data and are those copies being retained for long enough? Only regular fire drills and tests can answer these questions conclusively. Testing could be something as simple as staff checking to ensure a backup site will go live should the main application fail or performing a single file recovery and checking the recovered copy matches the original. What’s important is that these tests are regular, repeatable and a crucial part of a business’ backup strategy.

Whatever the next year holds, banks are going to need to be ready to adapt again and again to keep pace. This means having the tools in place to abstract complexity from their IT environments, with robust disaster recovery plans in place to protect their most valuable digital assets. Despite their best efforts, most companies will fail to stop at least one cyberattack over the course of their lifetime. What distinguishes one victim from another is their ability to resist and bounce back. Data responsibility is the foundation of any organisation’s ransomware defence, while backups are its secret weapon.

 

Banking

Bringing Automation to Banking

Published

on

By

Ron Benegbi, Founder & CEO, Uplinq Financial Technologies

 

Automation is everywhere you look these days; from supermarkets to warehouses to automobiles. This prominent trend shows no sign of abating anytime soon. However, some sectors remain behind others when it comes to adopting automated technologies. Banking is one such segment, but there’s now evidence to suggest that this could be about to change.

 

What do we mean by automation?

There are a lot of ways to define automation, but broadly the term applies to any technological application where human input is minimized through design. Over the years, automation has evolved from a basic level, which took simple tasks and automated them, all the way to advanced automation powered by Artificial Intelligence (AI). In general, automated solutions work to increase productivity and efficiency within businesses and often result in a reduction in costs associated with human capital.

 

Ron Benegbi

Why has the banking sector been slow to adopt automation?

The banking sector has been built on a number of long-standing, tried and tested processes and protocols, which have been continually fortified and refined over time. This is one explanation as to why the sector has been so slow in adopting new, automated methods within its operations. Additionally, many major financial institutions have spent decades building their own internal legacy computer systems, which are often incompatible with modern automated solutions.

When combined, these two issues have caused a significant lag in the banking sector with regards to the adoption of automated technologies. This lag has created a market opportunity that a number of fintech providers have been able to exploit in recent years. Offering a more responsive and tech-first user experience, many fintech providers are leveraging the power of automation to better meet the banking needs of their customers. However, there is still time for the banking sector to start bridging this gap.

 

Does automation have a place in the banking sector?

The opportunity for automation to play a role within banking can be transformational.

To achieve this, it’s important that legacy organizations begin to learn from their more tech-savvy, smaller counterparts. If used effectively, automated financial solutions can greatly improve the experience of banking customers, both on a personal and business level. So, what exactly does this change look like, and how far away are we from seeing it become a reality?

A good place to start is the small business credit lending process, where not much has changed since the 1980’s. Over that period, the world has greatly transformed, but the methods used to assess credit worthiness have remained somewhat static. For the most part, banks assess data related to businesses’ accounting and banking records and from credit scores. For many businesses, especially the newer and less established ones, this antiquated approach is having a detrimental effect. In fact, it’s often cited as a contributor to the huge funding gap between SMBs and their larger counterparts.

 

How can automation benefit the banking sector?

By adopting more automated technologies, lenders in the banking sector can begin to assess more comprehensive information when making credit decisions. Notably, new methods exist, which enable additional data sets to be evaluated, in order to build a more accurate financial depiction of a business’ overall position. This data can come from sources like external market attributes, economic indicators, demographic data and exogenous shocks.

By leveraging additional data sets through new methods of financial automation, banks are now in a position to respond more effectively to small businesses, including those in emerging and evolving markets where there is a lack of conventional sources of information.

With more ways to access funding, facilitated by alternative data and automated processes, small business owners can improve their operational efficiencies and accelerate their growth efforts. In doing so, legacy oriented financial institutions can now better equip themselves in protecting against new, nimbler tech-based disruptors.

 

Continue Reading

Banking

MYTH BUSTING THE ROLE OF OPEN SOURCE IN FINANCIAL SERVICES

Published

on

Nigel Abbott, Regional Director North EMEA, GitHub

 

There is no denying the financial services (FS) industry is under pressure to innovate. Not only have customer and consumer expectations for digital experiences surged in recent years, but the emergence of nimble and ambitious fintechs have disrupted the market. Yet, despite striving for innovation being table stakes across the industry, FS organisations inevitably face familiar hurdles that slow their progress, including concerns surrounding security, compliance, and the ability to act fast.

Open source is increasingly seen as a route to drive innovation and create new value. The FS sector’s utilisation of open source and the transformative role it can play is accelerating – on paper, at least. According to the recent Fintech Open Source Foundation’s (FINOS) 2021 State of Open Source in Financial Services survey, as many as 80 percent of FS leaders said that innovation, reduced time-to-market and total cost of ownership are factors for FS businesses to consume open source.

Nigel Abbott, Regional Director North EMEA -GitHub

But the reality is these positive adoption figures don’t tell the whole story. The survey also revealed that 75 percent of FS technology leaders said their businesses are either not “open source first”, or that they did not know if they were. Tellingly, less than one in ten (eight per cent) said that their business has put in place policies to encourage open source contribution.

The statistics point towards disparity between uptake of open source and the ability to use it to its full potential. But why?

For me, it comes down to some common myths about the role of open source that need demystifying:

 

Myth #1: There are limits to the innovation that open source can deliver

This could not be further from the truth. All enterprises, including FS companies, rely on open source software to build the best software for their customers, improve infrastructure, and unlock the potential of their engineering teams. Nationwide, for example, has completely redesigned its DevOps processes to respond faster to market changes and keep pace with customer expectations to remain relevant. The impact is transformative when they actively embrace it and participate fully in the open source community, creating a win-win situation for end-users. 

 

Myth #2: Data can be shared without consent 

Quite the opposite. Open source does not require FS businesses to share all their secrets and give away their competitive advantage. Instead, taking an “innersource” approach allows financial institutions to take the skills of developers who are accustomed to using open source tools and brings these inside the company firewall, providing a secure internal platform for working collaboratively on projects.

 

Myth #3: Open source is not secure

The most common misconception is that higher security risks are associated with code being openly available to anyone who uses it. But the open concept is, in fact, one of the biggest security strengths of open source. This is because of the collaborative nature of how code is built. The open source community has a shared responsibility for developing and maintaining secure code, and there is a vast global pool of developers identifying and fixing security issues. Supported by the right tools and processes, open source makes it easier for developers to code securely throughout the entire software development lifecycle, reducing the amount of time and financial investment in delivering secure products. Research from Red Hat found that security is regarded as a top benefit for enterprises using open source.

 

Myth #4: The open source community lacks finance sector contributors

This is untrue. Financial enterprises of all shapes and sizes are prominent participants in the open-source community and lead by example, sharing meaningful code contributions. Challenger banks and institutions such as Goldman Sachs contribute to open source initiatives via FINOS. By opening their code and ideas, FS companies can share lessons and support the whole community – helping them deliver better services and more value to their customers. And crucially, they are advancing a community that they can systematically tap into and benefit from.

Open source is already delivering innovation in the FS sector. But the bottom line is that there is so much extra value it can bring. Unlocking the full potential of open source to effect change does not just require buying DevOps tools. Open source requires organisation-wide understanding and support, a culture of collaboration and a progressive DevOps and governance process to thrive. Only then can it deliver its true value and accelerate innovation.

 

Continue Reading

Magazine

Trending

Banking17 hours ago

Bringing Automation to Banking

Ron Benegbi, Founder & CEO, Uplinq Financial Technologies   Automation is everywhere you look these days; from supermarkets to warehouses...

Finance17 hours ago

Why financial services is stepping into a new era

by James Mingard, Head of Retail & Finance at Maintel   When comparing industries, financial services has arguably fallen behind when...

Business1 day ago

FINANCIAL MARKETS IN 2022: INFLATION, ENERGY PRICES, AND THE CONTRASTING PERFORMANCE OF STOCKS

Bob Jenkins, Head of Research, Refinitiv Lipper   Anyone hoping for a reprieve from the chaos and uncertainty of the...

Business3 days ago

FINTECH TRENDS TO LOOK OUT FOR IN 2022 WHICH WILL CHANGE THE WAY WE DEAL WITH FINANCE!

Embedded Finance is estimated to be a $3.6 trillion market opportunity (Matt Harris, Bain Capital Ventures) Embedded Finance means it’s...

Business3 days ago

THE GREEN REVOLUTION IN INVESTING

It can’t be denied how quickly environmental sustainability has become a focus among everyday consumers, whether they’ve become noticeable through...

Business3 days ago

INVESTMENT IN INNOVATION: 2022 TRENDS AND OPPORTUNITIES

Author: Michael Kodari, Founder and CEO of Kodari Securities (KOSEC)   Moving into 2022, while COVID is still front of...

Business3 days ago

HOW TO CONSOLIDATE INVESTMENT REPORTING OPERATIONS AFTER A MERGER OR ACQUISITION

By Andrew Sehulster and Abbey Shasore   The reason why senior management make an acquisition is to compete better or...

Business4 days ago

FUNDING R&D IS STILL A PRIORITY FOR COMPANIES DESPITE THE PANDEMIC

By Emma Lewis, Myriad Associates   HMRC regularly releases statistics that look at the numbers of R&D Tax Credit claims...

Business4 days ago

Mitigating the insurance risks of climate change through geospatial data visualisation

Richard Toomey, Senior Manager, Commercial Insurance at LexisNexis Risk Solutions UK and Ireland   In the lead up to the...

Top 104 days ago

From compliance to the metaverse: Investment trends to look out for during the year ahead

By Rami Cassis, Founder and CEO of Parabellum Investments   In the investment world, the old saying, knowledge is power,...

News4 days ago

NutreeLife triples production with finance from Siemens Financial Services

Plant-based snack manufacturer NutreeLife has massively increased its production capacity with the help of a hire purchase solution from Siemens...

News5 days ago

HYDR DEVELOPS INVOICE FINANCE PLATFORM TO INTEGRATE WITH MAJOR CLOUD ACCOUNTING SOFTWARE PROVIDERS

MANCHESTER – UK – 17th January 2022 – Fintech start-up, Hydr has developed its proprietary invoice finance platform to integrate...

Business5 days ago

What should you be know about PAN data in PCI DSS?

Narendra Sahoo (PCI QSA, PCI QPA, CISSP, CISA, CRISC) is the Founder and Director of VISTA InfoSec   Introduction PAN...

Finance5 days ago

GET READY FOR A LARGER-THAN-EXPECTED INTEREST RATE SPIKE IN 2022

By Nicholas Sargen As investors assess what is in store for 2022, they should not lose sight of what has transpired...

Banking5 days ago

MYTH BUSTING THE ROLE OF OPEN SOURCE IN FINANCIAL SERVICES

Nigel Abbott, Regional Director North EMEA, GitHub   There is no denying the financial services (FS) industry is under pressure to...

Business6 days ago

How Crypto Traders Can Avoid Unexpected Expenses

Have you been dabbling in cryptocurrency in 2021? Are you still relatively new to the world of crypto and feeling...

Finance6 days ago

Looking Ahead: 2022 Fintech Predictions and Reflections

Will Marwick, CEO of IFX Payments   2021 was the year of recovery and opportunity for many, following months of...

Business6 days ago

A systematic approach to stock selection finnCap’s Slide Rule

Raymond Greaves, Head of Research at finnCap   As an engineer by background, I love data and using it to...

News6 days ago

The UK’s Crypto and Digital Assets Group will be welcomed, but it needs to reach out to the industry

by Jennifer Clarke of regtech CUBE   The advent of the Crypto and Digital Assets Group will be welcomed with...

Finance6 days ago

EMBEDDED FINANCE EXPERIENCES, THE BIG MOVE IN 2022

By Louisa Murray, Chief Operating Officer UK & Europe at Railsbank Over the past year, we have seen some fundamental...

Trending