Jane Goodayle, VP Global Marketing, PCI Pal
Awareness of data security has been a hot topic for some time. With every high profile data breach that occurs, the issue is pushed further to the fore of public discourse, and consumers are becoming more and more aware of the steps they need to take to ensure the safety of their personal information, especially their payment details.
While people on both sides of the Atlantic are similarly concerned about data breaches and issues of payment security, a recent survey by PCI Pal, which polled over 4,000 residents in both the UK and US, has highlighted a number of interesting cultural differences between the geographies. In particular, in how they react to data breaches and payment security issues, and some interesting findings emerged for the financial industry.
When asked what industries they thought were most likely to suffer a breach – or those that were most prone to them – the financial sector came out on top in the UK with 41% of respondents pointing to the finance industry. In contrast, only 12.8% of those in the US suggested the same, and instead retail came out with largest proportion of concerns (and was considered the second highest risk in the UK). In all, 41% of UK respondents aired their concerns
The surveys suggest that there is much work to do within those industries if they are to inspire confidence within an increasingly savvy and selective consumer base.
In the current market, it’s imperative that a business should understand the potential damage done by a data breach, and more companies are switching on to the importance of the issue and looking to deepen their understanding. Businesses must however be aware of the possible fallout, which has the potential to cause serious damage to reputation and losses long into the future.
According to the survey, some 79% of people polled agreed that trust in a brand’s data security played a part in how much they opted to spend with them, highlighting the public’s increasing awareness and knowledge of data security issues.
The survey found that 41% of Britons said that they would stop spending with a brand forever, following a data security breach, compared to 21% of Americans, highlighting a much more unforgiving attitude to data loss on this side of the Atlantic.
Interestingly, 44% of Brits and 62% of Americans who didn’t express a want to cease trading with a company forever following security issues indicated that they would stop spending with them “for at least a few months”. This suggests that even a best-case scenario would result in notable reputational damage and loss of earnings.
One of the more surprising findings of the survey was that respondents have more trust in local businesses than they do large national and multinationals. 55% of those polled in the UK said that they felt they could trust local stores more, and 30% elaborated, saying that they felt smaller companies have more consideration for their reputation, despite not having as much money to invest in data security.
The opposite was true in the United States, where only 47% of respondents felt that they could trust local businesses more than a national company, and those polled stated that increased investment in security and adherence to more strict security rules were the reasons for their trust.
Another topic discussed in the survey was that of paying for goods and services over the telephone, and it was found that 55% of respondents were unhappy with some portion of the process. 32% stated that they were generally unhappy reading their credit card details over the phone to complete a transaction but did so because they had no choice, and 23% stated that they flatly refused to give out their payment details over the telephone, opting instead to deal with businesses face-to-face or use online services.
Building consumer confidence in dealing with telephone payments should rank highly among businesses, and the general lack of faith that consumers appear to have should be cause for concern. Adhering strictly to PCI DSS guidelines should be an absolute priority, if companies are to thrive amid the myriad threats that currently exist towards their customers’ personal data.
Simply put, by ignoring these threats companies are opening themselves up to the possibility of immeasurable damage to their brand, loss of earnings and continued loss of business; perhaps even years after the initial data breach has occurred. Not to mention the huge fines that failing to comply with the EU’s GDPR (General Data Protection Regulation) may bring.
By enlisting professional assistance to ensure PCI DSS compliance, businesses are already on a healthy path towards reducing data security risk. , Critically, they will be able to ensure the safety of customer’s payment card data from phone-based transactions, and by advertising PCI DSS compliance, a business can inspire confidence in areas that it appears to be most lacking.
HOW FINANCIAL SERVICES CAN GET TO GRIPS WITH RISING SUPPLY CHAIN RISK
By Alex Saric, smart procurement expert, Ivalua
UK businesses have never been more dependent on their suppliers to help them deliver goods and services to their customers. Be it retail, manufacturing or financial services, suppliers have a vital role to play when it comes to innovation and meeting customer expectations. However, as supply chains become increasingly global, businesses are potentially exposing themselves to more risk than ever before.
This is especially true in financial services. Whether it’s the impact of geopolitical events like Brexit or global tariff wars, supply shortages, security or the businesses impact on the environment, an organisation’s failure to identify and mitigate risk could see millions wiped off its share price, and its corporate reputation left in tatters. Risk can present itself anywhere and at any time, so financial services firms must be ready to address it. However, many simply don’t have the ability to evaluate suppliers for risk factors, leaving them wide open to business operations being hindered, or being slapped with financial penalties.
More suppliers, increasing risk
One reason why financial services firms aren’t able to evaluate suppliers is the breadth and scale of today’s supply chains. For example, French oil company Total said in in a recent human rights briefing paper that they work with over 150,000 direct suppliers worldwide. This is just one example of how large and varied the roster of partners has become. Research from Ivalua has found that financial services businesses on average are working with around 3,600 suppliers annually, which is evenly split between UK-based and international partners. That number is expected to rise, with 60% expecting the number of suppliers they work with to rise.
The expanding nature of suppliers is only going to expose financial services firms to more potential risk than ever before, yet 78% say they face challenges gaining complete visibility into suppliers and their activities.
A lack of supplier visibility leaves businesses unable to identify and mitigate against supply chain risk. In fact, almost three-quarters (73%) of financial services firms have experienced some type of risk during the last 12 months. These include; supplier failure (43%), environmental impact, such as pollution or waste (35%) and supply shortages (45%). Supply shortages can be among the most damaging to a business, as seen by both the KFC chicken shortage which closed stores, and the summer 2018 CO2 shortage which caused companies such as Heineken and Coca-Cola to pause production, impacting supply across Europe during the World Cup.
Businesses unprepared for the worst
One way financial services firms can better prepare for risk is to ensure they know what to plan for to reduce the impact. However, whilst some say they have a contingency plan in place to deal with risk, many of them are unprepared. Financial services firms admitted to not having comprehensive and deployed contingency plans in place to prepare the supply chain for risk such as; natural disasters (68%), supply shortages (67%), geopolitical changes (65%), environmental impact (63%), supplier failure (62%) and modern slavery (50%).
In order to effectively prepare for these types of risks, it’s vital that financial services businesses fully understand their suppliers, their business environment, global variations in regulations, geopolitics, and a host of other factors. But for many, there are multiple challenges when it comes to gaining this understanding. A prevailing factor is an inability to gain visibility into all suppliers and activity because supplier management data is stored in multiple locations and formats, making insights difficult to access. This leaves teams unable to review supplier activity and assess compliance.
Making supplier management smarter
It’s imperative that financial services businesses are able to respond or prepare for supply chain risk. Clearly, much more needs to be done to ensure they have complete visibility of suppliers, especially in an era where regulators can levy heavy fines for GDPR breaches and scandals spread in minutes over social media. These types of risks can be reduced in the future if procurement teams have a 360-degree view of suppliers which will help with contingency planning and risk management.
For example, in the instance of supply shortages, plans could be put in place that identify alternative suppliers to ensure any shortages do not impact end users. This type of supplier collaboration is paramount when it comes to managing and mitigating against supplier shortages. When it comes to regulations, financial services firms can’t allow a lack of visibility to limit their ability to ensure all suppliers are compliant.
To do this, teams must take a smarter approach to procurement that gives complete visibility into suppliers throughout the supply chain. This will allow financial services firms to identify and plan for risk, reducing the potential damage, and ensuring they are working with and awarding business to low-risk suppliers. Supply chain risk is rapidly becoming an overarching concern for financial services firms, but by providing the ability to assess suppliers, they will have all the insights they need to mitigate the impact on business operations.
ISO 20022 – THE BEDROCK FOR PAYMENTS TRANSFORMATION
Lauren Jones, Global Payments Ambassador, Icon Solutions
The financial services industry has seen ISO 20022 grow firmly over the last 15 years. What was then a small pocket of countries tackling migration has now become widespread adoption for domestic and international payments.
And with momentum building, it is clear that IS0 20022 is playing a foundational role for banks in the transformation of their infrastructures, with the rich messaging format delivering business benefits and enabling enhanced customer propositions.
The time is now for ISO 20022
European initiatives, such as SEPA, were the first to drive usage, but have since catalysed a network effect in other countries. Recent examples driving adoption include the New Payments Platform in Australia and the Bank of England’s Real-Time Gross Settlement (RTGS) service doing the same in the UK.
Despite the timeline delay, the SWIFT migration to ISO 20022 for cross-border payments will drive further adoption and it is clear to see why. As the world becomes more connected, having a globally interoperable standard is attractive. ISO 20022 allows banks to have a consistent experience across geographies and provides a low-risk approach to modernisation.
In the US things are moving as well. With the country’s most important payments market infrastructures, the Fedwire and The Clearing House Interbank RTP system, migrating their High Value Payment (HVP) systems almost concurrently, widespread ISO 20022 has reached a tipping point.
For US banks this means it is important to understand that ISO 2022 is no longer happening “somewhere else”. Banks dealing with the modernisation of infrastructure need to decide what will become the bedrock of their transformation efforts. ISO 20022 seems to be the only sensible choice.
ISO 20022 in practice
While banks in the US and across the world grapple with ISO 20022, it is crucial that they engage internal and external stakeholders early on in their journey to define their strategy. Resources should also be pulled from all areas of a bank, including technology, operations, AML, product and sales.
Implementation is not just a technical issue. Governance, sequencing and coordinating activities are all vital for success. Banks need to lay a foundation where legacy systems are ringfenced, but it is equally important for them to understand how to move rich data through or around legacy infrastructure as early as possible.
Deciding what to do with legacy systems is a challenge for many financial institutions. Therefore it can be useful to deploy mapping or translation services in the early stages of adoption. In fact, many market infrastructure ISO 20022 programs include a phased approach where there is a like-for-like phase (where no new functionality is used), allowing adopters to become familiar with the new standard.
This is often followed by multi-year adoption of new functionality and gradual decommissioning of legacy formats. However, mapping should not be viewed as a longer-term solution. To harness the full value of ISO 20022, supporting the standardisation natively allows banks to build from the ground up. This creates a modern data model where both internal efficiency and external value can be realised.
ISO 20022 is the way to deliver added value
One of the major drivers for ISO 20022 adoption is to remain competitive. By implementing a common standard banks can have a platform to innovate at pace and with lower costs.
Many banks now see ISO 20022 as a critical foundational element to deliver value to their corporate clients. But the benefits of ISO 20022 are not solely external. Increasingly, APIs are being used to support both deep integration within the bank and with a broad spectrum of fintech partners. ISO 20022 allows the capability of having a single data model across various computer languages and therefore across multiple use cases.
With a shift towards data-driven architecture, ISO 20022 allows banks to generate greater amounts of standardised data to provide targeted insight. The move to ISO 20022 will therefore be of paramount importance for banks to take advantage of richer, standardised data sets. With more payment volumes set to adopt ISO 20022 by 2025, the discussion is moving on from the standard simply serving transactional needs to the data that can be extracted from these transactions.
Prioritising payments transformation
In other words, over the next few years we will see payments being refocused from a commoditised proposition to a strategic, value-adding one. Yet being “data-aware” is not good enough. Banks need to be powered by that data. As cutting costs is no longer enough to sustain banks, they must use payments data to deliver more appealing propositions and revenue-boosting, value-added services.
As the adoption of ISO 20022 remains fragmented in the US for the time being, many banks will continue to question how best to take advantage of the standard. However, it should be evident that ISO 20022 is coming and the time to prepare is now.
FOUR WAYS OPEN BANKING AND AI WILL REVOLUTIONISE ACCOUNTANCY
Ed Molyneux, CEO and co-founder of cloud accounting software company, FreeAgent It’s been just over two years since the...
HOW FINANCIAL SERVICES CAN GET TO GRIPS WITH RISING SUPPLY CHAIN RISK
By Alex Saric, smart procurement expert, Ivalua UK businesses have never been more dependent on their suppliers to help...
TWO TO TANGO? MARKET DATA AND OPINIONS IN INVESTMENT MANAGEMENT
Sebastien Lleo is Associate Professor of Finance and Head of the MSc in Risk and Financial Technologies at NEOMA Business...
AN ULTIMATE GUIDE TO TURNING YOUR EARLY RETIREMENT DREAM INTO A REALITY
Rick Pendykoski is the owner of Self Directed Retirement Plans LLC, a retirement planning firm based in Goodyear, AZ. ...
WHAT EVOLUTIONARY AI MEANS FOR FINANCIAL SERVICES
by Babak Hodjat, VP of Evolutionary AI at Cognizant Many banks and other financial services institutions (FIs) are beginning...
HARNESSING ANALYTICS IN THE FIGHT AGAINST FRAUD
By Anna Lykourina, EMEA Fraud Analytics Expert at SAS In the past, the fight against fraud has been a...
ERSTE BANK HUNGARY IMPROVES AND SECURES THE REMOTE BANKING EXPERIENCE WITH ONESPAN MOBILE SECURITY
Leading Hungarian bank deploys OneSpan’s Mobile Security Suite to one million customers to make mobile banking convenient while fighting fraud...
HOW WILL LENDERS TREAT THE FINANCIAL SYMPTOMS OF COVID19?
COULD the coronavirus pandemic spark a financial crisis similar to that which was seen in 2008? Tim Kirby, Group Commercial...
ISO 20022 – THE BEDROCK FOR PAYMENTS TRANSFORMATION
Lauren Jones, Global Payments Ambassador, Icon Solutions The financial services industry has seen ISO 20022 grow firmly over the...
2020 VISION: TRANSFORMING THE LEGAL DOCUMENTATION LANDSCAPE THROUGH STRUCTURED DATA
Jason Pugh, Managing Director, D2 Legal Technology The derivatives industry has been transformed by the proactive engagement of its...
WHY LANDLORDS SHOULD MAKE THE MOVE TO THE ALTERNATIVE PROPERTY INVESTMENT SECTOR IN 2020
Reece Mennie, CEO of leading UK investment introducing firm, Hunter Jones The new decade is expected to bring with...
PROTECTING YOURSELF AGAINST LOSS OF FUTURE INCOME IN A RECESSION
By Gerard Visser, Financial Planning Consultant at Alexander Forbes Financial Planning Consultants. With low GDP growth, credit ratings downgrades and the COVID-19 pandemic,...
MOBEY FORUM TO ADDRESS DATA PRIVACY AND INNOVATION IN THE AGE OF AI WITH NEW EXPERT GROUP
Mobey Forum, the global industry association empowering banks and financial institutions (FIs) to shape the future of digital financial services, today announces...
HOW TO MANAGE YOUR SMALL BUSINESS’S FINANCES
There are a lot of fantastic business ideas that end up failing during the early years. Why? A lack of...
THE EVOLUTION OF THE TECH CFO
Gavin Fallon,General Manager, UK, Nordics & South Africa Board International Chief Financial Officers (CFOs) have traditionally been seen as...
IS FRAUD PREVENTION CONVERGING WITH REGULATORY COMPLIANCE?
By Manuel Rodriguez, Fraud Solutions Manager at SAS Several relevant reports show how the world of fraud and financial crimes is mutable...
WHY SECURE APIS ARE THE KEY TO FINANCIAL CONTROL
Stefano Vaccino, Founder of Yapily Consumers never owned their financial data. Banks controlled everything from how much money came...
GOLDBELL FINANCIAL SERVICES SELECTS MAMBU TO POWER GEN INVESTMENT PLATFORM
Goldbell Financial Services, one of Singapore’s leading business finance providers, has confirmed it will partner with Mambu, the market-leading pure...
UK FINANCE WORKERS DISPEL MYTH OVER TECH JOB LOSS FEARS
– Research shows finance workers welcome the “rise of the machines” – The majority of UK finance workers have widely rejected the...
LOW-CODE TECHNOLOGY BOOSTS THE GROWTH OF SPECIALIST BANK
Hampshire Trust Bank (HTB) is a digitally-focussed specialist bank staffed by experts that enable UK businesses to realise their ambitions. Primary...