By Tom Kellermann, Head of Cybersecurity Strategy at VMware
The last couple of years has not only seen an increase in the number of cyber-crime cartels in Europe, but a significant increase in the sophistication of their operations too. According to research by the UK cabinet office, the UK experiences the highest number of cyber-crimes in Europe every year, followed by France. Powerful cybercriminal groups now operate like multinational corporations and are relied upon by traditional crime syndicates to carry out illegal activities such as extortion and money laundering. These cartels are more organised than ever before and enjoy greater protection and resources from the nation-states that view them as national assets.
With this ground truth serving as the backdrop for the threats facing financial institutions, I interviewed 130 financial security leaders and CISOs from around the world for VMware’s fifth edition of the Modern Bank Heists report. This year’s findings should serve as a warning to the financial sector that attackers are moving from dwell to destruction:
Geopolitical Tension Is Metastasizing in Cyberspace
Cybercriminals targeting the financial sector often escalate their destructive attacks in order to burn evidence as part of their counter incident response. Our report found that 63% of financial institutions experienced an increase in destructive attacks, a 17% increase from last year. Destructive attacks are launched punitively to destroy, disrupt, or degrade victim systems by taking actions such as encrypting files, deleting data, destroying hard drives, terminating connections, or executing malicious code. In fact, we’ve recently witnessed destructive malware like HermeticWiper being launched following Russia’s invasion of Ukraine. Notably, the majority of financial leaders I spoke to for this report stated that Russia posed the greatest concern to their institution.
The Year of the RAT
Financial institutions were certainly not immune to the recent resurgence of ransomware. 74% of financial security leaders experienced one or more ransomware attacks in the past year, and 63% of those victims paid the ransom. This is a staggering statistic.
One of the reasons that traditional crime syndicates have become loyal dark web customers is because of the well-funded ecosystem of readymade and available ransomware kits. Cybercrime cartels, such as the Conti ransomware gang, have made it as easy as possible for their associates to launch ransomware attacks on critical industries like the financial sector.
A technical analysis in the VMware Threat Analysis Unit’s latest threat report provides a view into the proliferation of ransomware and how Remote Access Tools (RATs) help adversaries gain control of systems. Ransomware has a sinister relationship with these RATs, given these tools allow bad actors to persist within the environment and establish a staging server that can be used to target additional systems. Once an adversary has gained this limited access, they will typically work to monetise it by relying on the victim’s data for extortion (including double and triple extortion) or through stealing resources from cloud services using cryptojacking attacks.
Manipulation of Financial Markets
Cybercrime cartels have realised that the most significant asset of a financial institution is nonpublic market information. 2 out of 3 (66 percent) of the leaders I interviewed experienced attacks that targeted market strategies, and 1 in 4 (25 percent) stated that market data was the primary target for cyberattacks on their financial institution.
What exactly are these cybercrime cartels looking for? We’re witnessing an evolution from bank heist to economic espionage, where cybercriminals target corporate information or strategies that can affect the share price of a company as soon as it becomes public. This information can then be used to digitise insider trading and front-run the market. Our report also found that 44% of Chronos attacks targeted market positions. A Chronos attack involves the manipulation of time stamps – a concerning development considering how critical of a role the clock plays in the markets.
Defense Is the Best Offense
Security has become a top-of-mind issue for financial sector leaders. According to our report findings, the majority of financial institutions plan to increase their security budget by 20-30% this year and named extended detection and response (XDR) as their top security investment priority.
As security leaders, we know that a strong defence is the best offense. Modern threat hunting on a weekly basis should be adopted as a best practice to help security teams detect behavioural anomalies, as adversaries can maintain clandestine persistence in an organisation’s system. Our report found that currently, only 51% of financial institutions are conducting weekly threat hunts. I am hopeful that this number will jump in next year’s report as threat hunting programs have multiple outputs beyond finding a cybercriminal, such as fuelling threat intelligence.
In today’s evolving threat landscape, cybersecurity has become a brand protection imperative. Trust and confidence in the safety of financial institutions depends on effectively avoiding, mitigating, and responding to modern cyber threats. As governing bodies introduce new regulations and levy hefty fines, it is time for the sector to take control and get one step ahead of the cyber cartels.
Wealth Managers and the Future of Trust: Insights from CFA Institute’s 2022 Investor Trust Study
Author: Rhodri Preece, CFA, Senior Head of Research, CFA Institute
Corporate responsibility is more important than ever. Today, many investors expect more than just profit from their financial decisions; they want easy access to financial products and to be able to express personal values through their investments. Crucial to meeting these new investor expectations is trust in the financial services providers that enable investors to build wealth and realise personal goals. Trust is the bedrock of client relationships and investor confidence.
The 2022 CFA Institute Investor Trust Study – the fifth in a biennial series – found that trust levels in financial services among retail and institutional investors have reached an all-time high. Reflecting the views of 3,588 retail investors and 976 institutional investors across 15 markets globally, the report is a barometer of sentiment and an encouraging indicator of the trust gains in financial services.
Wealth managers may want to know how this trust can be cultivated, and how they can enhance it within their own organisations. I outline three key trends that will shape the future of client trust.
THE RISE OF ESG
ESG metrics have risen to prominence in recent years, as investors increasingly look at environmental, social and governance factors when assessing risks and opportunities. These metrics have an impact on investor confidence and their propensity to invest; we find that among retail investors, 31% expect ESG investing to result in higher risk-adjusted returns, while 44% are primarily motivated to invest in ESG strategies because they want to express personal values or invest in companies that have a positive impact on society or the environment.
The Trust Study shows us that ESG is stimulating confidence more broadly. Of those surveyed, 78% of institutional investors said the growth of ESG strategies had improved their trust in financial services. 100% of this group expressed an interest in ESG investing strategies, as did 77% of retail investors.
There are also different priorities within ESG strategies, and our study found a clear divide between which issues were top of mind for retail investors compared to institutional investors. Retail investors were more focused on investments that tackled climate change and clean energy use, while institutional investors placed a greater focus on data protection and privacy, and sustainable supply chain management.
What is clear is that the rise of ESG investing is building trust and creating opportunities for new products.
TECHNOLOGY MULTIPLIES TRUST
Technology has the power to democratise finance. In financial services, technological developments have lowered costs and increased access to markets, thereby levelling the playing field. Allowing easy monitoring of investments, digital platforms and apps are empowering more people than ever to engage in investing. For wealth managers, these digital advancements mean an opportunity for improved connection and communication with investors, a strategy that also enhances trust.
The study shows us that the benefits of technology are being felt, with 50% of retail investors and 87% of institutional investors expressing that increased use of technology increases trust in their financial advisers and asset managers, respectively. Technology is also leading to enhanced transparency, with the majority of retail and institutional investors believing that their adviser or investment firms are very transparent.
It’s worth acknowledging here that a taste for technology-based investing varies across age groups. More than 70% of millennials expressed a preference for technology tools to help navigate their investment strategy over a human advisor. Of the over-65s surveyed, however, just 30% expressed the same choice.
THE PULL OF PERSONALISATION
How does an investor’s personal connection to their investments manifest? There are two primary ways. The first is to have an adviser who understands you personally, the second is to have investments that achieve your personal objectives and resonate with what you value.
Among retail investors surveyed for the study, 78% expressed a desire for personalised products or services to help them meet their investing needs. Of these, 68% said they’d pay higher fees for this service.
So, what does personalisation actually look like? The study identifies the top three products of interest among retail investors. They are: direct indexing (investment indexes that are tailored to specific needs); impact funds (those that allow investors to pursue strategies designed to achieve specific real-world outcomes); and personalised research (customised for each investor).
When it comes to this last product, it’s worth noting that choosing advisors with shared values is also becoming more significant. Three-quarters of respondents to the survey said having an adviser that shares one’s values is at least somewhat important to them. Another way a personal connection with clients can be established is through a strong brand, and the proportion of retail investors favouring a brand they can trust over individuals they can count on continues to grow; it reached 55% in the 2022 survey, up from 51% in 2020 and 33% in 2016.
TRUST IN THE FUTURE
As the pressure on corporations to demonstrate their trustworthiness increases, investors will also look to financial services to bolster trust. Wealth managers that embrace ESG issues and preferences, enhanced technology tools, and personalisation, can demonstrate their value and build durable client relationships over market cycles.
2022 ESG Investment Trends
Jay Mukhey, Senior Director, ESG at Finastra
Environmental, Social and Governance (ESG) themes have been front and center throughout the pandemic. While the framework has been surging in popularity for several years, COVID-19 served as a period of reflection causing many companies, investors and other individuals to take these factors seriously. It’s something that we can no longer afford to ignore.
We are witnessing drought, adverse weather patterns, hotter climates, and wildfires with more regularity, raising the profile of the climate crisis. Efforts were renewed at COP26 in Glasgow last November to help address the challenge, with the signing of the Glasgow Climate Pact and agreement of the Paris Rulebook. As a result, we are now seeing record net new inflows into ESG investing and impact.
Evaluating ESG criteria
Long gone are the days when ESG issues were at the periphery of a company’s operations. In just a few short years, ESG criteria have become a key metric for investors to evaluate businesses they are considering investing in.
Investor money has poured into funds that consider environmental, social and governance issues. Data from the US SIF Forum for Sustainable and Responsible Investment shows that ESG funds under management have now reached more than $16.6 trillion. It’s not just institutional investors who are embracing ESG, with Bloomberg Intelligence predicting that savers across the world will amass £30.2 trillion in ESG funds by the end of the year.
Due to the multitude of divergent factors that contribute to a company’s success on ESG, it can be tricky to pin down exactly what criteria to measure. Depending on the industry a company operates within, environmental criteria could include everything from energy usage, the disposal of waste and even the treatment of animals.
Social criteria are primarily related to how a company conducts itself in business relationships and with stakeholders. For example, does it treat suppliers fairly? Is the local community considered when the business makes decisions that would impact them? Do they have a statement and policy around modern slavery?
While governance criteria have traditionally been an afterthought, this may be changing. Everything from executive pay to shareholder rights and internal controls are relevant to investors within these criteria.
Tracking ESG for competitive advantage
Many experts within the financial services industry point to the power of ESG as a major competitive advantage, if used correctly. It has been noted that increasingly corporations, from big Fortune 500 companies down to small scale-ups, will communicate on their sustainability metrics to grow their business and to attract talent. However, it’s no longer enough to just pay lip service to ESG issues, with abstract commitments increasingly being seen as insufficient. Companies must now quickly progress to concrete objectives that can be measured and tracked.
A wide range of data providers now offer detailed information and tools that can measure ESG performance and effectiveness. Yet major challenges remain around bringing together what is often extremely fragmented data and transforming it into actionable insights.
Focus areas for 2022
The ESG criteria that investors measure is by no means stagnant. Complex societal challenges regularly emerge that require the attention of companies. Contributors recognize several topics that demand a sophisticated approach, including the COVID pandemic, diversity challenges and powerful social movements.
Companies operating within the financial services sector face several specific challenges related to ESG, with contributors believing that fintech will also continue to play a central role in finding answers to them.
For example, industry experts expect customers to be more demanding of firms in SME lending when it comes to understanding exactly what impact they are having on the climate. For many financial services firms, 2022 will be the year that they will try to reduce the time it takes to bring ESG products and services to market, such as green loans and mortgages, as well as checking accounts with sustainability and carbon tracking capabilities.
When selecting a service provider, customers are increasingly interested in the ESG credentials of their bank or financial institution. Research from PwC finds that 80% of consumers are more likely to buy from a company that stands up for environmental and governance issues. Consumers are one of the main drivers of ESG and many are putting their money where their mouth is. It’s a trend that’s not going away; financial institutions need to start implementing their strategy for ESG now.
Rivery Raises $30M B Round of Venture Funding from Tiger Global
With data needs growing and data talent scarcity, there is huge demand for Rivery’s 100% SaaS solution to create an...
Wealth Managers and the Future of Trust: Insights from CFA Institute’s 2022 Investor Trust Study
Author: Rhodri Preece, CFA, Senior Head of Research, CFA Institute Corporate responsibility is more important than ever. Today, many...
Q&A with Andréa Jacquemin, founder and CEO of Beamy
Beamy is a fast-growing scale-up that focuses on pioneering a new approach to SaaS management for large companies. Founded in...
How to reignite your store with streamlined operations and a distinctive customer experience
Colin Neil, MD, Adyen UK Retailers know that prioritising customer experience is vital to success today. This, amongst the...
5 tips to ensure CSR efforts come across as genuine
By Mick Clark, Managing Director, WePack Ltd Corporate social responsibility – or CSR – is playing an increasingly pivotal role...
How to Build Your Credit Up Safely
by Taylor McKnight, Author for Compare Credit What Is Credit? Credit is money owed by a person that allows...
PCI DSS Compliance in the Cloud – Everything you should know
Introduction PCI DSS 4.0 is the latest and updated version of PCI DSS that was introduced on March 31st, 2022....
2022 ESG Investment Trends
Jay Mukhey, Senior Director, ESG at Finastra Environmental, Social and Governance (ESG) themes have been front and center throughout...
PROTECT THE VALUE OF YOUR SAVINGS AND AVOID RISING INFLATION PRESSURE
Planning for the next financial year? Former Bank Manager and successful whisky investor, Roger Parfitt, tells us why cask ownership is...
UK Organisations turn to artificial intelligence to fight sophisticated cyberattacks
New research by cybersecurity expert Mimecast finds that email attacks are becoming more frequent and sophisticated More and more companies...
The power of diversity: The need for female role models in FinTech
By Isavella Frangou, VP of Sales and Marketing, payabl. As our world is constantly evolving, it’s easy to believe...
Securing BNPL Platforms for Merchants
By: James Hunt, Payments SME at Feedzai The buy now, pay later (BNPL) market has boomed because it offers...
Addressing the talent gap within cybersecurity
By Merlin Piscitelli, Chief Revenue Officer, EMEA at Datasite Rising geopolitical tensions and increasingly sophisticated cyberwarfare tactics have meant...
Biometric payment card FAQs with Michel Roig, Fingerprints’ President of Payments & Access
We sat down with Michel Roig to answer your frequently asked questions regarding biometric payment cards – their benefits, current...
Opportunities for UK Challenger Banks to address AML Compliance
Author: Gabriel Hopkins, Chief Product Officer, Ripjar UK challenger banks have revolutionised the banking sector with innovative products and...
HOW GOING DIGITAL COULD HELP CHARITIES OVERCOME THE CHALLENGES OF INFLATION
By Shaf Mansour, not for profit solutions specialist at The Access Group. The topic of inflation and its impact...
How to manage transformational change successfully
Adrian Odds, Marketing and Innovation Director, CDS 2020 accelerated change in the business landscape significantly. Many were already considering –...
Why the pandemic has put the pressure back on fintechs
Ben Walker, Partner & CTO, Airwalk Traditionally, the only genuine threats to the incumbent banking giants were macroeconomic instability and...
Neobank Fi launches new feature ‘Connected Accounts’ allowing users to sync multiple bank accounts on a single app.
Neobanking app Fi launched its ‘Connected Accounts’ feature to become one of the first fintechs to build a product on...
Accounts Payable fraud: Do you know who’s accessing your finances?
Mark Blakemore, CFO at Compleat Software The use of social engineering and phishing attacks on accounts payable (AP) departments...