Ashley Friedlein, founder and CEO, Guild
Accelerated by the coronavirus pandemic, the use of messaging apps for professional communications has skyrocketed in recent months. Messaging apps have provided a lifeline to organisations, enabling them to support a remote workforce. However, consumer messaging apps have also seen an increase in adoption, and many will be using them for business, as well as personal use.
When using messaging apps in highly-regulated environments, organisations need to be aware of compliance issues in a financial regulatory capacity, while also adhering to laws relating to security, transparency, and data privacy, such as the General Data Protection Regulation (GDPR).
Not doing so puts banks and other regulated entities within financial services at risk of non-compliance, which can result in serious penalties.
In 2017, the UK’s Financial Conduct Authority (FCA) highlighted the risks of using WhatsApp. Guidance from the Securities and Exchange Commission (SEC) followed in December 2018 outlining its responsibility for monitoring electronic messaging, which included messaging apps.
Although regulators have been clear about the risks associated with using instant messaging apps, some financial firms seemingly failed to develop and implement robust guidelines around the use of these services for professional purposes.
Earlier this year, a senior credit trader at JP Morgan was suspended for communicating with colleagues via WhatsApp, with Jefferies, KPMG, and VTB Capital also finding themselves subject to investigations after employees were found to be using messaging apps as unofficial channels for communication.
Deutsche Bank took steps to ban all text messaging and communication apps to improve its compliance standards, with many others, including HSBC, Citi, and Wells Fargo following suit to move to a secure communications platform. However, while the financial industry is taking steps to prevent the usage of consumer messaging apps, some firms are failing despite the implications of not having a robust policy around the tools used to communicate within a bank or other regulated entity.
Data privacy and security
Data privacy laws such as the GDPR and CCPA make the use of consumer messaging apps in the workplace challenging for IT, HR, corporate governance and compliance teams. The financial and reputational cost of misuse in these ‘shadow communications’ channels can be significant.
WhatsApp, one of the most widely used consumer messaging apps, can result in organisations using the platform being non-compliant with the GDPR privacy regulation due to:
- Lack of explicit consent – anyone can be added to a WhatsApp group without explicit consent. WhatsApp has added functionality to prevent specific users from doing this, but this is not enabled by default. Contacts can also upload data to WhatsApp/Facebook if they give access to their contacts/address book, even though those contacts have not given consent.
- Lack of ability to delete information – after a certain time, content posted to WhatsApp cannot be removed.
- Lack of ability to get your own data back (SAR – Subject Access Request) – WhatsApp cannot provide an individual with messages they have posted, only profile info.
- Data being transferred outside the EU – it is not very clear where exactly WhatsApp/Facebook moves the data it collects.
The use of WhatsApp for business purposes potentially breaches GDPR in several ways.
Companies do not even know what groups exist in consumer messaging apps, let alone who is in them, or whether former employees or contractors may still have access, increasing the risk of data breaches and leakage of confidential information.
A lack of oversight and transparency
Consumer messaging apps like WhatsApp, Signal and Telegram have provided unofficial communication channels that are difficult to monitor, resulting in a total lack of visibility for employers and regulators alike.
Access to these unofficial communication channels presents a serious risk by creating opportunities for employees to take advantage of situations This includes conducting business under the radar in a way that benefits them, or their clients in a manner that is immoral, or even illegal. In some cases, sharing information about clients without intending to cause harm can still result in serious consequences.
Firms have a legal obligation to keep a record of conversations between themselves and their employees, clients, or stakeholders. If legal challenges arise, it may be necessary to provide a record of these conversations. Many consumer messaging apps store data locally rather than centrally in the cloud, making it more difficult to provide a complete record of conversations.
In addition, there are also legal obligations and a duty of care to protect employees and ensure adequate levels of oversight, governance and control. This includes protecting them from bullying, harassment, or inappropriate behaviours in the workplace. The lack of visibility and transparency around consumer messaging apps, including the ability to delete messages, makes it more difficult for HR departments and legal teams to address issues promptly, while inhibiting their ability to collect evidence.
Terms of service
WhatsApp’s terms state:
“WhatsApp is committed to using the resources at its disposal–including legal action–to prevent abuse that violates our Terms of Service, such as automated or bulk messaging, or non-personal use.
“We make no representations or warranties that our Business Services meet the needs of entities regulated by laws and regulations with heightened confidentiality requirements for personal data, such as healthcare, financial, or legal services entities.”
How can the financial service industry minimise risk when using messaging services?
The financial services industry requires a tailored approach to messaging in order to effectively minimise risk. Messaging apps are becoming increasingly ubiquitous, and do provide many benefits, such as increased productivity and collaboration. Excluding them from communications completely can close off channels that improve operational efficiency and build rapport between teams – something that has become even more important now that many employees are working from home.
Banks who have taken steps to ban all text messages and communication apps on work-issued devices in order to improve its compliance standards have sought alternatives, such as Symphony – a messaging service aimed at highly regulated financial firms. This enables banks to continue to communicate with clients in real time, while also maintaining thorough and rigorous standards of data security and privacy protection.
Security, transparency, and compliance are paramount in the financial services industry, yet it is easy for unregulated consumer messaging apps to go completely unnoticed. The sector must do more to acknowledge and address their use in order to adhere to these three fundamental principles.
Workplaces, working practises, and channels of communications have needed to change rapidly as a result of the COVID-19 pandemic. It’s critical that organisations address the issues and risks associated with messaging apps by implementing robust policies around workplace communication and seek out viable, compliant alternatives not only now, but as part of a long-term solution.
TOUCH-FREE AUTHENTICATION FOR ALL: WHY WE NEED A SAFER PAYMENT METHOD IN THE ‘NEW NORMAL’
David Orme, SVP, Sales & Marketing, IDEX Biometrics ASA
Ever since March, when the World Health Organization encouraged people to not use cash, coronavirus has made touch-free shopping a necessity for all consumers. However, as economies across the world begin to reopen, we are seeing in-person shopping and payment via touch-pads return. So, with payments beginning to return to ‘normal’, the global payments industry must now consider an important question: how can we protect consumers from the pandemic and potential future health crisis’ during the transaction process?
During the pandemic, touch-free payments began to gain international traction across the world, changing behaviour during the payment process. While previously, consumers were happy to key in a PIN, or even provide a signature for a purchase, they are now familiar with more convenient and safer touch-free methods, and they’re not likely to let them go.
In Europe, high street chains have rapidly shifted to contactless payments, often refusing to accept cash. Meanwhile in the USA, levels of contactless payments have rocketed since the pandemic, after a slow initial adoption of the service – US banks only adopted contactless cards in 2019 compared to 2007 in the UK. According to Visa, overall contactless usage in the USA has grown 150% year-on-year as of May 2020.
Even mega-retailer, Walmart, has recently introduced contactless options for in-store shopping and delivery to protect its customers during the pandemic – showing there is growing demand for a touch-free and convenient way to pay across the world. This has raised awareness of touch-free payments among consumers looking to reduce contact-based interactions and time spent at the checkout during the pandemic.
Mobile payments are growing
Mobile payments are growing, again showing the desire for touch-free authentication among consumers. According to Forbes, the US mobile payment market – currently only sixth in the world – has increased 41% and is worth more than $98 billion.
To respond to the growth of touch-free payments among small vendors, PayPal has launched a new QR code-based payment app that allows market stall holders or businesses without a PoS machine to accept payment through a code. This means even the smallest of merchants, from small stores and farmer’s markets to craft sales, can now go cash-free and use touch-free payments for everything.
Meanwhile, China has long been using QR code-based apps, such as WeChat Pay from tech giant TenCent and AliPay from Alibaba. The apps are so widely used that street vendors display QR codes for payments and together the two fintech giants control about 90% of China’s digital payments market.
But card is still king
At the same time, payment cards are still consumers preferred way to pay. Of course, we only need to look to Apple and Google, who recently have launched physical payment cards despite running mobile payment apps for further proof that payment cards are far from dead.
So why aren’t cards on their way out, given the growth of mobile payments?
We know that consumers still look to payment cards for security and a sense of familiarity while shopping. According to IDEX Biometrics’ research carried out in the UK, only 3% of consumers choose to use mobile payments, while nearly two-thirds (65%) state that carrying their debit card provides a sense of security. And when it comes to touch-free payments, only biometric payment cards can provide the most secure level of validation with an easy digital experience for shoppers.
Despite the popularity of WeChat as a payment app, China’s biggest card provider China UnionPay has recognised that its customers aren’t ready to give up on physical payment cards either. China UnionPay has recently certified the first biometric fingerprint card technology in the country as they look to the use of biometric technology in cards to provide an extra layer of security, with added convenience and hygiene during a payment transaction.
Secure touch-free card payments
Biometric fingerprint payment cards provide end-to-end encryption – securing the user’s card and data. A fingerprint biometric card allows the user to authenticate their ID by touching their finger to the card’s sensor while holding it over the contactless card machine. Therefore the shopper only has to hold their own card over the PoS system and the entire transaction process is free of public PIN pads or checkout counters – making it no different to how consumers currently use contactless payments cards. This touch-free payment technology provides the consumer with the convenience of contactless or a mobile payment but with far greater security, as the card is personally tied to the owner.
Biometric identification is already firmly incorporated into our everyday lives. Thanks to unlocking our phones and authenticating payment apps, we are increasingly using our fingerprint to verify our identity. Now that consumers are familiar with the technology, biometric identification in payment cards will become essential to help consumers navigate the shopping and transaction process safely, speedily and securely.
As our economy gradually reopens, financial services providers must protect consumers during the transaction process. In stores, on transport systems – even in stadiums – a fingerprint biometric payment card will provide touch-free payment authentication for all.
THE BASICS OF BUSINESS FINANCE
When you’re starting your business, you’ve got a lot to be thinking about. You need to find affordable suppliers, market your business effectively, bring in paying customers, and perhaps even hire staff to get your fabulous idea off the ground.
Although they’re not the most exciting of these topics to think about, your business finances and how to best manage them should be at the top of your list. Get them right from day one and you can worry less about those smaller details and focus on making your business a success. Get them wrong, and you could be creating unnecessary stress and worry that could potentially harm your business.
With this in mind, here’s a useful introductory guide to business finance that can help you navigate the basics.
Find the right business bank account
Choosing a business bank account is a key decision that could either save or cost your business money. It will help you keep your personal and business finances separate, budget effectively, manage your accounts and complete your tax returns more easily, even if you’re just a sole trader. You may also be able to access financial support that has been specially tailored to your business needs.
However, business banks offer different services and charge different fees compared to your personal bank account. That’s why it’s worth finding out which account would be best for your business needs.
According to leading small business advisors Informi, “The high street banks (Barclays, HSBC, Lloyds, NatWest) have all upped their game in order to keep up with the digital-only offering of the so-called challenger banks (Monzo, Starling, Tide Business).”
Keep track of everything
Whenever your business spends money or earns money, you should make sure you’re making a note of it and keeping the information somewhere safe.
Getting organised early will simplify your bookkeeping and accounting process, form great business habits and help you stay financially in the black. Depending on your business structure, this may also be a legal requirement.
This should include, but not be limited to:
- Incoming and outgoings
- Invoices sent (including invoice dates, numbers and full client information)
- Inventory details including dates purchased, stock numbers, purchase prices, dates sold, and sale prices.
Understand your tax obligations
Starting a brand-new business is an exciting time and the last thing you want to think about is taxes. However, you also don’t want to be hit with a large, unexpected tax bill at the end of the year. That’s why you should always be clear what your obligations will be and budget for it accordingly.
What you need to pay depends on whether you’ve registered as a sole trader or as a limited business:
Sole traders (self-employed): You’re liable to pay tax on all your income after your personal allowance is deducted. You’ll also need to pay your own national insurance contributions.
Limited companies: You’ll need to pay corporation tax and make employers’ national insurance contributions. Any employees must pay tax and national insurance on their income via a PAYE scheme. If you’re hiring freelancers, they may need to take care of their own tax.
This needn’t be confusing if you’ve kept financial records from the beginning and you’re clear on what you need to pay. For more information on UK government business taxes, visit their website.
Consider whether you need finance
Paying for your new equipment, premises, advertising, wages and other overheads can soon add up when you’re in the initial stages of starting your business.
If you don’t already have enough funding, you could get extra support from the government or bank. This may be in the form of a loan or grant such as the UK government StartUp loan.
However, be careful about taking on too much debt, especially during these unpredictable times of the coronavirus. Consider how much you can repay and make your decision accordingly.
Take care of your business finance basics and it will be much easier to start and sustain your new business during these challenging times.
Make sure that you choose the best bank for your needs, keep detailed records, understand your tax obligations and consider whether you need extra finance to help get your business off the ground.
But most of all, have fun! This is the start of an exciting new era in your life.
‘Choosing the best business bank account’ – https://informi.co.uk/business-administration/choosing-best-business-bank-account
‘6 Small Business Finance Basics You Must Understand’ – https://smallbiztrends.com/ – https://smallbiztrends.com/2016/01/small-business-finance-basics.html
‘Business finance and support’ – https://www.gov.uk/ – https://www.gov.uk/browse/business/finance-support·
‘Apply for a Start Up Loan for your business’ – https://www.gov.uk/ – https://www.gov.uk/apply-start-up-loan
‘Business tax’ – https://www.gov.uk/ – https://www.gov.uk/browse/business/business-tax
‘Finance Your Startup Business’ – https://www.startupdonut.co.uk/ –https://www.startupdonut.co.uk/financing-a-business/start-up-funding/finance-your-start-up-business
DON’T RISK IT ALL WITH NON-COMPLIANCE
By Paul Sleath, CEO at PEO Worldwide Did you know non-compliance costs more than twice the cost of maintaining or...
BANKIA TRANSFORMS THE CUSTOMER AND EMPLOYEE EXPERIENCE WITH BIANKA BY IPSOFT
Developed with cognitive artificial intelligence, IPsoft’s conversational agent can carry out transactional tasks, perform different roles in customer service and...
by Devan Nathwani, FIA and Investment Strategist at Secor Asset Management Defined Benefit pension schemes are one of the most significant institutional...
TOUCH-FREE AUTHENTICATION FOR ALL: WHY WE NEED A SAFER PAYMENT METHOD IN THE ‘NEW NORMAL’
David Orme, SVP, Sales & Marketing, IDEX Biometrics ASA Ever since March, when the World Health Organization encouraged people to...
WHY BANKS NEED TO EMBRACE OPEN SOURCE COMMUNITIES
Nikolai Stankau, Director Business Development, EMEA Financial Services at Red Hat, the world’s largest enterprise open source solutions provider. ...
FOR PE TO SNAP UP “GOOD” COMPANIES, THEY MAY NEED TO WADE INTO “BAD” ECONOMIES
By Martin Soderberg, Partner at SPEAR Capital There’s no shortage of global challenges for investors currently, especially for those...
THE BASICS OF BUSINESS FINANCE
When you’re starting your business, you’ve got a lot to be thinking about. You need to find affordable suppliers, market...
HOW THE IMPORTANCE OF E-COMMERCE PLATFORMS GREW DURING THE PANDEMIC
Never in history has the world relied more on the internet than during this Covid-19 pandemic. With governments imposing lockdowns...
UNBANKED AND UNCONNECTED: SUPPORTING FINANCIAL INCLUSION BEYOND DIGITAL
Darren Capehorn, Director, Icon Solutions Many of us take it for granted, but accessing basic financial services is fundamental...
MORE THAN REGULATION – HOW PSD2 WILL BE A KEY DRIVING FORCE FOR AN OPEN BANKING FUTURE
Ralf Ohlhausen, Executive Advisor, at PPRO Whilst initially seen as simply a regulation exercise, the second Payment Service Directive,...
TIME TO THINK OUTSIDE OF THE BLACK BOX
Mike Brockman, CEO, ThingCo If you have the unbridled joy of parenting a teenager you’ll probably know what telematics...
BANKING’S SECOND WAVE OF TRANSFORMATION: INTEGRATING THE CLOUD-ENABLED FUTURE BANK
Keith Pearson, Head of Financial Services EMEA, ServiceNow The last six months have seen significant changes to the financial services landscape, with operational resilience, economic recovery, cost reduction and an...
RISK AND INVESTMENT SPECIALIST, CARDANO, TAKES TO DOCUMENT AND EMAIL MANAGEMENT IN THE CLOUD WITH ASCERTUS AS IMPLEMENTATION PARTNER
Ascertus also providing document comparison tool, compareDocs Cardano, a privately-owned, purpose-built risk and investment specialist, has chosen Ascertus Limited as its implementation...
HOW SALARY SLIPS HELP YOU UNDERSTAND TAX DEDUCTIONS ON YOUR SALARY
A salary slip is defined as a document that is provided by your employer which contains the breakdown of your...
BRANCHES ARE THE HUMAN FACE OF YOUR BANK?
Sudeepto Mukherjee, Senior Vice President, Financial Services Lead EMEA & APAC Publicis Sapient Branches have always played a pivotal...
RISE IN E-COMMERCE FOR SMALL BUSINESSES IS A BIGGER RISK THAN JUST STOCK CONTROL
With consumer confidence in the high street at an all-time low, many SME shops and businesses have moved to online...
TIME TO FOCUS ON YOUR ‘WEALTHBEING’
Tony Mudd, Divisional Director, Development & Technical Consultancy. St James’s Place FIVE WAYS TO SAFEGUARD YOUR FINANCIAL FUTURE The...
PAYROLL AGILITY IN THE CORONAVIRUS CRISIS – HOW FINANCE FIRMS CAN ACHIEVE IT
by Hannah Grimshaw, BPO Payroll Lead, Symatrix The government has published guidance with regards to the next steps for...
WHY IT’S TIME TO ADAPT TO THE VIRTUAL WORLD: HOW TO MASTER ONLINE NEGOTIATIONS
By Tony Hughes, CEO at Huthwaite International, a leading global provider of sales, negotiation and communication skills development Virtual...
BNP PARIBAS PERSONAL FINANCE COLLABORATES WITH EXPERIAN AND ARYZA TO HELP CUSTOMERS THROUGH THE COVID-19 PANDEMIC
The consumer finance specialist will be using the Open Banking tool to help customers create an affordable payment plan based...