By Ryan Sheldrake, Field CTO, EMEA, Lacework
To stay ahead of the competition in a landscape that is constantly being disrupted, the majority of financial services (FS) organisations have cloud computing.
While this move is essential for improving customer services, boosting innovation and delivering agility, security in the cloud is more complex than in on-premises environments. It cannot be thought of as an extension of existing on-premises security protocols; it requires a different mindset altogether.
The challenge is exacerbated by the high stakes setting FS organisations operate in. The fact they hold sensitive financial data makes them a prime target for cybercriminals. In the last year, for example, 74% of security leaders in the sector have experienced one or more ransomware attacks. It also means that the consequences of being breached are more significant – the cost of even one data breach is approximately $5.72 million.
On top of making sure their environments are bulletproof, they have the double challenge of navigating a complicated regulatory environment to prevent being handed hefty non-compliance fines. Not surprisingly, a study found that compliance monitoring and security governance was the top concern for banking respondents.
Although cybersecurity has long been a priority for the FS sector, organisations cannot afford to become complacent when it comes to adopting cloud technologies. So, how can they guard against malicious actors and remain compliant, while continuing to transform their infrastructure?
Building strong cloud security protocols
Preparation is the best form of defence, which means putting in place strong cloud protocols from the outset is vital – in other words, security must not be an afterthought.
Organisations need to manage the logistical and physical security of multi and hybrid cloud infrastructure. This requires implementing comprehensive security protocols that account for the full lifecycle of personally identifiable information, both on and off premises.
These protocols must also enable teams to build security throughout the development lifecycle, from when they are creating new tools and applications to when the products are running in production.
For security teams which are often strapped for talent, this can mean implementing automated cloud security tools. These help reduce the burden on security, engineering and DevOps teams by giving them a holistic picture of their environment, identifying potentially malicious activity or even misconfigurations that can be taken advantage of by attackers.
Boosting compliance in a complex regulatory landscape
By building strong security protocols and implementing the right cloud security technology, organisations can also improve compliance in a highly regulated environment.
As FS companies increasingly implement cloud technology from different vendors, more financial regulators are establishing standards and guidance. Security teams therefore need to be mindful of how these are evolving, alongside ensuring compliance with regulation such as PCI-DSS, CCPA, GDPR, SOX.
A big part of this involves continuous monitoring and reporting. With the help of cloud security tools, organisations can streamline the compliance process, helping teams to track configuration changes and provide automated audits, as well as setting up alerts to pinpoint exactly when an item becomes non-compliant, lessening the load on teams and reducing the risk of anything flying under the radar.
A secure future
With Deloitte stating that the cloud is “redefining the art of the possible” in banking, the transition to cloud computing holds a great deal of promise for the FS sector. But it needs to be done in a considered way, embedding security into the process from the beginning.
Taking this approach, FS organisations can strengthen their security posture while simultaneously reaping the rewards of cloud adoption.
How FS organisations can utilise data to boost customer experience
Charles Southwood, Regional VP and GM – Northern Europe and Africa at Denodo
We’ve all heard the age-old adage “the customer is always right”. It insinuates that, in any sector, the needs and desires of those buying a brand’s product or services should be paramount. However, today’s customer has new standards and it is becoming harder than ever for businesses to meet and exceed them.
This is certainly the case in the financial services (FS) sector where getting customer experience right used to be relatively simple. The human touch was traditionally delivered as a bi-product of in-store, transactional interactions. Perhaps, as a result of this, few people ever considered changing their provider and the traditional, established banks ruled the space.
However, with the dawn of online banking and the introduction of new, exciting challenger banks as well as the UK’s unique Current Account Switching Service, the balance of power between the consumer and the bank is changing. Consumers no longer feel locked in. If their needs aren’t being met, they aren’t afraid to look elsewhere and switch their allegiance to other companies. In other words, loyalty is far from guaranteed and customer acquisition is only half the battle.
Retention relies upon delivering strong, unique customer experiences that beat down the competition. In order to achieve this, FS organisations will need to be able to leverage data. Its insights could be the differentiator that enables them to stand out. The positive news is that, in our online world, there is a constant stream of data being produced. However, having access to all this data doesn’t necessarily mean that a brand knows how to effectively analyse and utilise it.
Ensuring data provides insight
The rapid growth in digital technologies and services across the sector has left many FS organisations juggling an unimaginable amount of data. This data is both complex and much of it is lacking in quality. Structured, semi-structured and unstructured, it is stored in many different places – whether that’s in data lakes, on premise or in multi-cloud environments. Before FS organisations can even think about using it to inform customer experience strategies, they need to be able to find it and understand it.
This is where modern technologies – such as data virtualization – can help. Through a single, logical view data virtualization boosts visibility and real-time availability of all data across an organisation. Unlike traditional extract, transform and load (ETL) solutions, it does not move and copy data. Instead it leaves it in the source systems. In other words, instead of just replicating data, data virtualization reveals an integrated view to those trying to find it.
For FS organisations this provides several important benefits. For example, it helps when data sovereignty issues arise and the movement and replication of data outside certain countries is illegal. Data virtualization solutions can also assist in terms of financial reporting by fetching data in real time from underlying source systems – applying the necessary security and obfuscation whilst delivering the performance, the agility and the accuracy needed through the seamless connection of data.
FS organisations that adopt data virtualization, are likely to see an improvement in the overall performance and efficiencies of their business operations. Overheads will be reduced, as will the length of project times. Above all, data virtualization will rapidly strengthen the customer experience by supporting business leaders to think strategically and make decisions based on real-time insights. But don’t just take my word for it.
The proof is in the pudding: How Landsbankinn is delivering on the CX promise
Landsbankinn is just one of the many financial services institutions that has already successfully embraced data virtualization and its benefits. Despite being the largest financial institution in Iceland – with around 40% of the retail and 33% of the corporate banking market share – Landsbankinn used to face several issues when it came to data sharing and analytics.
Over 45 siloed data sources – including Oracle databases, data warehouses and APIs from internal and external sources – made finding and accessing the right data at the right time extremely difficult. Without real-time data to fuel informed decision making, customer experience and operational efficiency were suffering. As a result, Landsbankinn was in need of a data overhaul to streamline and integrate its infrastructure.
To bring together its complex data landscape and collect data in real-time, Landsbankinn implemented the Denodo Platform – a data integration and data management solution built on data virtualization – to build a logical data warehouse. As a result, the team can now aggregate data from multiple data sources, transform that data based on the applied business rules, and then make it available to consuming applications. Ultimately, this means that, throughout the organisation, the data can be utilised by a wealth of employees, even those who are not particularly IT savvy. It also means that the business leaders can use data insights to make well-versed decisions and provide a plethora of services to Landsbankinn customers both quickly and efficiently.
In recent years, customer retention has become the key to successfully growing a business. This cannot happen without an effective customer experience strategy. The ability to convert data into insight is priceless in an economic landscape where the line between a business thriving, surviving and failing is so thin. Those operating in financial services must harness modern technologies – like data virtualization – to stay at the top of their game and ahead of the competition.
The Importance of Digital Trust in Banking and Finance
By Maeson Maherry, COO at Ascertia
With the rising adoption of eSignatures and the acceleration of digital transformation, trust in digital systems is more important than ever before. As a recession looms, the ability to trust digital systems is critical to the stability and security of the banking and finance industry.
So, what should businesses prioritise in an increasingly online world? Information security, data integrity, and digital trust are crucial for ensuring regulatory compliance and customer satisfaction.
Digital trust is empowering banking and finance institutions to effectively tackle issues of identity theft and fraud.
What is digital trust?
On the surface, digital trust refers to a digital system or platform that is secure and can be relied upon to protect and properly handle sensitive information.
Building the confidence that people have in digital systems, platforms, and technologies to handle their sensitive information, protect them from fraud, and function as intended is paramount for decision-makers going forward.
Trust online encompasses various aspects, such as data security, privacy, authenticity and reliability. Digital trust also involves assessing the trustworthiness of digital entities such as websites, apps, and online services, as well as the trust in the integrity and reliability of digital communications and transactions.
Digital trust is a key element of digital transformation, the additional step to ensuring the digital systems in place are secure. This can include the following:
- Online banking platform for customers
- Digital document approvals and workflows
- Secure digital signature solutions
- Know your customer (KYC) checks
- Electronic anti-money laundering procedures
Why is digital trust important for banks?
One of the main reasons why digital trust is so important in banking and finance is that it helps to tackle issues of identity theft and fraud. Customers and regulators require reassurance that personal and financial data won’t fall into the wrong hands. This includes customer statements, investment authorisations, legal records and customer personal data.
Online banking is now well established but the technology continues to evolve and so do the potential threats to data security. With phishing and other identity theft a daily concern, establishing digital trust in the industry is key.
Digital trust provides a means to trust in the identity of a person or document online, to the same degree as meeting or signing in person. This requires additional checks and layers of security to verify identities and the security of documents.
The role of eSignatures in banking
Digital trust is vital in the secure implementation of eSignatures.
In the banking and finance industry, eSignatures are becoming increasingly popular as they allow for transactions to be conducted quickly and securely. However, for eSignatures to be effective and to provide digital trust, all parties involved must trust in the transaction. This is done by ensuring eSignatures are valid and that the person signing the document is who they claim to be.
There are global standards to ensure the authenticity of eSignatures for digital signing. This means there is a way to validate the digital trustworthiness of eSignatures if implemented and used in a manner that meets certain criteria for security and authenticity.
For instance, digital signatures that are compliant with internationally recognised standards, such as eIDAS (Electronic Identification and Trust Services) in Europe, can be considered digitally trustworthy. It’s important to understand not all eSignatures provide the same level of security and to ensure the correct eSignature is used for the purpose and security required.
eSignatures that use advanced digital signature technologies such as Public Key Infrastructure (PKI) or biometrics, can be considered more digitally trustworthy as they provide a higher level of security and authentication.
These technologies use cryptographic methods to ensure that the signature is unique to the signer and cannot be replicated or forged. These standards establish a legal framework for the use of electronic signatures and ensure that they are legally binding, enforceable and offer the same level of trust as traditional signatures.
How does digital trust prevent fraud?
If the public loses trust in digital systems, it could lead to a loss of confidence in the financial system. Fraud, in particular, is at the forefront of public concerns.
Digital signatures are well positioned to offset the risk of financial fraud, largely due to three critical factors when assessing the digital trust of an eSignature:
- Authentication: To verify the identity of the signer, eSignatures employ sophisticated technologies such as PKI. This confirms that the person signing the document is who they say they are and aids in preventing fraud through impersonation.
- Tamper-evident: Tamper-evident features are often included in high-trust eSignatures, which identify if a document has been changed after it has been signed. This helps to prevent fraud by identifying manipulated papers and giving an audit trail of the signature.
- Compliance: International standards such as eIDAS ensure that eSignatures are legally binding, enforceable, and provide the same level of trust as traditional signatures.
The banking industry specifically will benefit greatly from investing in digital trust ecosystems that include eSignatures, biometrics and encryption software to provide verification and assurance for customers.
In the future, financial institutions will adopt Know Your Transaction (KYT) as a means of implementing cybersecurity measures at the transaction level in their banking protocols.
By utilizing digital signatures at the transaction level and verifying them upon receipt, the financial industry can achieve KYT, ensuring that the source of information is under the control of the endpoint and that transaction information has not been tampered with.
This level of security will be a crucial aspect of achieving digital trust in the financial industry moving forward.
How FS organisations can utilise data to boost customer experience
Charles Southwood, Regional VP and GM – Northern Europe and Africa at Denodo We’ve all heard the age-old adage “the customer...
The Evolution of SoftPoS in 2023
By Brad Hyett, CEO of phos Contactless payments and digital wallets have surged in popularity in recent years. Part of...
The Importance of Digital Trust in Banking and Finance
By Maeson Maherry, COO at Ascertia With the rising adoption of eSignatures and the acceleration of digital transformation, trust...
Taking Financial Services to the Edge
Authored by Pascal Holt, Director of Marketing, Iceotope Edge computing, cloud, and AI are changing the competitive landscape for...
Accounting Automation in the Future
Accounting automation is the process of streamlining repetitive tasks in financial processes. For example, some processes like invoicing are time-consuming...
How banks can help customers during the cost of living crisis
Lavanya Kaul Head of BFSI, UK & Ireland, LTI Mindtree Surging energy and food prices are significantly driving up...
Weathering the economic storm in 2023
Nikki Dawson, Head of EMEA Marketing at Highspot New year, new business challenges. When it comes to creating and...
Three ways data can help financial organisations thrive in today’s economy
By Rinesh Patel, Global Head of Financial Services, Snowflake Financial organisations are caught in the middle of an ever-evolving...
What is the right strategy for the end of money?
By John Barber, VP & Head of Europe at Infosys Finacle More than five thousand years ago, humans replaced barter...
2023 – what will happen in the payment world?
Tommaso Jacopo Ulissi, Head of Group Strategy, Nexi Group 2022 was a year of transition for consumers, as BNPL (Buy...
2023 crypto trends that businesses need to know about
By Marcus de Maria, Founder and Chairman of Investment Mastery As cryptocurrencies have started to enjoy wider global acceptance...
Defining Fraud in 2023
Scott Buchanan, Chief Marketing Officer at Forter Fraudsters are fluid — they constantly experiment with new tactics to find cracks in...
How accounting software may hold the key to keeping on top of credit control
By Paul Sparkes, Commercial Director of award-winning accounting software developer, iplicit. One of the first rules everyone learns about...
Coreless Banking: How banks can thrive in 2023
Hans Tesselaar, Executive Director of BIAN In recent years, banks have faced immense disruption and struggled to transform with...
Will cyberattacks be uninsurable in 2023? Three steps that financial organisations can follow now
By James Blake, Field CISO of EMEA, Cohesity The growing number of cyber attacks and subsequent damage has led...
Why Financial Services Institutions must de-risk the customer journey in 2023
By Perry Gale, VP EMEA at Cyara From rising interest rates, to the cost-of-living crisis and the ongoing recession,...
Why finance needs a technological leap in fraud prevention
Brett Beranek, VP & General Manager, Security and Biometrics at Nuance Communications Banking fraud is always a punishing experience for...
How Banks Should be Future-Proofing Themselves
By John da Gama-Rose, Head of BFS, Global Growth Markets, Cognizant Businesses across the world are facing a combination of...
The Promise of AI in Financial Services in 2023
By Kevin Levitt, Global Industry Business Development, Financial Services, NVIDIA As we enter the new year, many are left...
What to expect from banking and payments in 2023
Michael Mueller, CEO, Form3 The banking industry went through a number of significant challenges in 2022. The steep increase...