Connect with us

Business

REGULATING CRYPTO: NATIONAL REGULATIONS FOR INTERNATIONAL CURRENCIES

Published

on

by Jennifer Clarke, CUBE

 

For the early adopters of cryptocurrency, regulation was the enemy. Crypto emerged out of the 2008 financial crisis, with Bitcoin – the most popular digital payment token – created in 2009 as an open source payment method that didn’t require the involvement of central banks. Instead, users could send and receive money peer-to-peer, with the settlement information made public to ensure faith in the system.

Post financial crisis, trust in both regulators and regulators was at an all-time low. As governments moved to improve reputations and ensure a watertight financial system, a deluge of AML, KYC and due diligence laws for the regulated sector were enacted.

Cryptocurrency, a currency created privately, which circumvented norms, and made the identification of both parties to a transaction almost impossible, was born as a libertarian dream. It was the perfect way to circumnavigate big banks and poorly executed regulatory frameworks.

 

Crypto gone mainstream

Crypto couldn’t – and indeed didn’t – stay in the shadows for long. There’s only so long that innovation can evade the regulator’s watchful gaze. Earlier this year, car manufacturer Tesla added Bitcoin to its balance sheet by purchasing $1.5bn of the tokens, prompting chatter as to which other “household names” would open the door for mainstream adoption of cryptocurrency. Other big names – Kim Kardashian being another – have promoted crypto, inspiring a wave of younger (often financially unsavvy) investors.

However, rather than corporations and celebrities giving their endorsement, the Holy Grail for crypto evangelists has long been a decentralized digital token becoming legal tender. Earlier this year those dreams started to come true as El Salvador became the first country to adopt Bitcoin alongside its regular currency. This historic moment also naturally brought about further regulation.

 

Mainstream = regulation

El Salvador aside, most nations have no plans to adopt cryptocurrency as a rival to their own central bank issued money, but instead are considering how best to protect their citizens from financial loss. As the cost of crypto increases, so too have rumours of big-wins (alongside increasing volatility).

With the world’s economy recovering from another market-shaking crisis, depressed interest rates, and ongoing tension over rising inequality, regulators – especially the UK’s FCA – have warned that anyone dabbling in crypto must be prepared to lose all their money.

Traditional stock exchanges keep regular hours, but cryptocurrency can be traded 24-7-365 via online trading houses such as Coinbase and Kraken. In order to offer those services, the exchanges had to submit to existing regulations regarding financial products, and in doing so moved crypto further away from its libertarian roots.

So far, the most favoured approach from global financial regulators has been to expand existing rules to include cryptocurrency – rather than tackling cryptocurrency head on or outright banning it (as China has done multiple times, only to later relent).

As far back as March of 2013, the US Treasury Department’s Financial Crimes Enforcement Network (FinCEN) issued guidance explaining which actors in the digital currency space were covered by existing regulations and how they should comply.

The U.S. Securities and Exchange Commission (SEC) considers cryptocurrencies as securities, and it applies existing securities laws as such. Retail investors are obliged to report gains and losses from crypto investments on their annual tax forms or risk a visit from the Internal Revenue Service.

The Commodities Futures Trading Commission (CFTC), by contrast views Bitcoin and the second most popular digital currency Ethereum as commodities. Cryptocurrency derivatives are legally traded on public exchanges regulated by the CFTC. Institutional investment in cryptocurrency involves buying and selling futures contracts, hedging and speculating.

The trend of further legislating is also likely to continue, and there are signs that cryptocurrency in the US may soon be subject to its own specific set of federal laws.

In the UK, the retail investor protection mandate has handed crypto over to the Financial Conduct Authority (FCA), though tax on crypto profits is levied through HMRC. The FCA has a wide remit of powers, and unlike the US it is the sole regulator and enforcer of cryptocurrency activity in Britain.

 

The irony of it all – national regs for international currency

While crypto is generally international in nature, the regulations that will encapsulate it exist largely at the national or sub-national levels.

Due to the more streamlined regulatory approach, crypto banking in the UK is moving faster than across the pond. Last year the UK issued its first Authorized Payment Institution license to a crypto firm.

And the appetite for innovation and alternative currency projects shows no sign of waning; in July, the European Central Bank announced a multi-year project to create a digital version of the euro, while the Federal Reserve has been conducting research on launching a blockchain-powered version of the US paper greenback dollar.

The Bank of England has also floated a central bank digital currency and is part of a task force to develop the UK’s response to cryptoassets and distributed ledger technology.

There is a certain irony that – as wider adoption grows – central banks, who were never supposed to be involved, may have a pivotal role to play in the future of the crypto economy. Is this the end of the libertarian fantasy?

 

Business

A lack of training and email security solutions is contributing to a rise in email threats targeting the finance sector.

Published

on

By

Mike Fleck, Senior Director, Sales Engineering at Cyren

 

Email remains the most popular and successful attack vector in the digital landscape, the reason being because it is simply the most commonly used digital communication channel across the globe. On average, over 330 billion emails are sent every day. The sheer volume-and the fact that almost every employee within an organisation uses email- makes this channel a popular target for potential security threats. Finance organisations use email not only for internal communication but also for customer service interactions and marketing. A banking survey in 2021 showed that over 76.8% of users consider email as the primary channel for communicating with banks. That’s why financial institutions are at the frontline of email-driven security risks.

In order to attain more insight into the email threats targeting the financial sector and the potential remedies, we talked to Mike Fleck at Cyren, a leader in enterprise email security solutions.

  1. What do you see as the main reason for the continued increase in successful email threats targeting the financial sector?

Email threats have become much more dynamic over the years.  Although phishing continues to be the most common attack vector in the domain of email threats, the mix of breaches attributed to email attacks has expanded significantly in recent times. In our latest benchmark research, we surveyed 226 organisations that use Microsoft 365 for email. We found that compared to 2019, there was a 71% increase in ransomware-driven email attacks, 44% increase in phishing attacks, and 49% increase in credential compromise attacks. Phishing is no longer the only path for email threats, as attacks are now being driven by multiple sophisticated methods, which evidently leads to more successful threats.

Mike Fleck

The financial sector has always had a red mark on its back to threat actors, mainly because of the highly sensitive information and valuable assets managed by financial organisations. Email serves as the most vulnerable and easily compromised access point for threat actors, which is why the number of email breaches has massively increased over the years. Our research found that the number of email breaches across all organisations has almost doubled each year over the past three years.

Although most organisations are using email client plug-ins for reporting suspicious messages, only 22% of the organisations stated that they analyse all reported messages for malicious content, leaving a major gap in awareness and threat response. Our survey showed that inefficient threat response and a lack of urgency is the most concerning factor for security managers. Threat actors are consciously aware of these shortcomings, which is why they are able to frequently launch successful email attacks targeting the financial sector.

  1. Why is the email channel so appealing for fraudsters, and what are the techniques they use to target financial service organisations in this way?

Historically, email has always been the primary channel for business communication, and as businesses continue to attain cloud-based services, email has become a productive norm for file-sharing and communication. Email channels also integrate easily with any cloud application, facilitating businesses to pursue more productive interactions. There is also the fact that email is accessible to most personnel regardless of their technical ability.

This flexibility and continued dependency on email is also the reason why it is an appealing channel for threat actors. Because email channels are integrated with almost every organisation’s platform, breaching an email allows cybercriminals to backtrack into critical network infrastructure and compromise valuable assets. Most threat actors tend to target the user rather than the system, and email channels are used by almost every employee in a financial organisation regardless of their experience, role, technical awareness, or skills. Therefore, targeting emails allow threat actors to utilize a much wider attack surface.

Another major reason is breaching the email channel is far less complex than breaching secured network endpoints and access firewalls. With techniques like social engineering and phishing, threat actors often don’t have to use significant resources or complex methods to breach employee email accounts. Our research showed that phishing is still the most used technique by attackers; 69% of all email breaches were due to phishing attacks. Other frequent techniques were Microsoft 365 credential compromise (60%), malware (59%), and ransomware (51%).

The means of carrying out these attacks are also easily accessible and available to almost anyone. Threat actors can buy a ransomware kit for as low as $66, and phishing kits are available for as little as $20. So, even the most inexperienced attackers can use such tools to exploit the email accounts of users and gain access to the critical resources of financial organisations.

Simply put, email provides a direct and economical path to the weakest point of every organisation’s cybersecurity program – its people.

  1. How important is proactive security awareness training when it comes to defending against email attacks?

The previous consensus was that email threats thrive on the user’s lack of awareness. Cybersecurity leaders believed that the “last mile” problem of phishing attacks can be solved if employees are able to detect and avoid fraudulent emails. Frequent awareness training is important to help employees stay up to date on evolving email attacks and identify malicious content or messages more easily. Over 99% of organisations offer awareness training, but only one in seven organisations offer training monthly or more frequently.

The dynamics of the attack vectors and techniques change constantly with the emergence of new technologies and vulnerabilities. Without frequent training, employees won’t develop a conscious awareness of email threats. We found that organisations that offer email awareness training every 90 days or more frequently, are less likely to fall victims to phishing, business email compromise (BEC), and ransomware attempts.

Our research also showed a correlation between frequent training and email reporting frequency. Organisations that offer frequent training also experience a high rate of malicious or suspicious email reports – meaning that employees become more conscious and aware of the potential threats. That’s why frequent proactive awareness training is critical for protecting against email attacks. However, organisations need to appreciate that a higher volume of reported emails will result in a higher number of alerts that Security Operations Centre analysts must investigate.

  1. What are the steps you would recommend financial organisations take to implement effective inbox security solutions that bolster their cyber resiliency immediately?

Financial organisations need to act quickly when responding to a potential threat, as even a fractional security breach can cause unprecedented damage to its assets. Organisations are beginning to realise that employees fall victim to these scams because they are busy and distracted – not because they are apathetic or gullible. Also, relying on employees to spot and report suspicious messages is not a complete or efficient solution to the problem. Employees do not consistently report every threat, and what alerts they do generate have a false positive rate of at least 41%. In addition to constant awareness training, organisations must incorporate effective inbox security solutions to increase their cyber resiliency.

When implementing effective inbox security solutions, financial organisations must consider the response and reporting time.  They must choose solutions that can detect threats in real time and automate the response to those threats for quick remediation.

An effective approach for financial leaders is to invest in automated solutions that can detect and remove social engineering threats in real time. Automated inbox security solutions can continuously scan inbound and outbound email folders, including their contents such as URLs and web pages. Such solutions can detect and report anomalies, resulting in real-time detection. Automated threat response solutions can strengthen the built-in security capabilities of the email gateway, such as Microsoft 365 Defender. Combining automated solutions with the existing threat response framework can optimise the response process and significantly reduce the time and cost of threat investigation.

 

Continue Reading

Business

Automation: the future of supply chains?

Published

on

By

By Andrew Scargill, Logistics Operations EMEA at Digital River

 

Caught between the chaos of coronavirus and fallout from Brexit, international supply chains are under serious strain. Add into the mix a global labour shortage that shows no sign of abating, and the cross-border flow of goods is set to get even trickier.

As economies reopen post-pandemic, employers across all sectors are struggling to fill vacancies. The residual consequences of COVID-19 are a big part of this — the public health emergency has fundamentally altered how and where people want to work. Britain’s departure from the European Union is also a factor, with UK companies unable to freely draw on the continent’s vast workforce like before.

Such is the interconnected nature of global commerce, upsets in one market can be felt thousands of miles away. And so, lacking the staff to pick, pack, load, and deliver their products, businesses around the world are facing a festive season that’s far from jolly.

 

Keeping up with demand

As brands navigate these colossal challenges, they are also working to meet customer demand that saw unprecedented growth as the pandemic took hold and continues to rise.

Last year, as lockdowns were called and public life retreated behind closed doors, shoppers took to the internet like never before. A peripheral interest for many people prior to the pandemic, eCommerce was suddenly a necessary part of everyday life.

Shoppers have grown accustomed to rock-bottom prices and next-day delivery. This raises the obvious question: can supply chains continue to meet customer expectations amid an era of unprecedented disruption?

The answer is yes — but it’ll require some serious investment in innovative new technologies, and it could come with a cost shoppers and brands aren’t willing to pay.

 

Robots to the rescue?  

The merits of AI and machine learning are well documented: smart systems can speed up menial tasks, reduce the risk of human error, drive higher levels of productivity, and help businesses bolster their bottom lines.

There is, however, a human cost to the advance of automation, with fewer paying positions for real people. This is particularly pronounced in key supply chain sectors, such as warehousing.

Today, storage and distribution facilities are huge providers of jobs — but tomorrow, that may not be the case. So-called ‘dark warehouses’, great fulfilment centres staffed by semi-autonomous robots, are developing fast.

Whereas human workers require power-hungry lights to operate, machines can pick and pack products perfectly well in the dark, allowing this new breed of warehouse to run twenty-four hours a day, seven days a week.

 

Customers’ call

Such a continuous operation would offer clear commercial benefits. But what of the warehouse’s human workforce?

That, ultimately, is a question that companies must address with guidance from their customers. While shoppers want that last minute late-night order delivered the very next day, they are increasingly concerned about company values, including how an employer treats its staff.

If customers are truly worried about robots taking workers’ jobs, they would have to commit to paying a little more or waiting a little longer for delivery from a brand committed to human employees. That is assuming shoppers are even aware of what level of automation is involved in fulfilling their order.

Customer demands are directing how companies adopt new supply chain technologies, with those that improve service and provide a better buying experience coming out on top.

To really tap into the needs and wants of their customers, businesses must leverage data in a meaningful way. This means utilising data mining tools that can help predict buying patterns, allowing brands to finesse supply chains so that the right products are in the right place at the right time. Attention to creating more efficiencies in supply chain through data and automation could lead to more jobs in engineering, design, management and repair.

Get this right, and businesses will have their customers on board as they explore new supply chain technologies and the potential of automation.

 

Continue Reading

Magazine

Trending

News2 days ago

Wombat partners with Currencycloud to launch its new, free Instant Investment service to open up investing for a wider market.

UK-based micro-investment platform Wombat has partnered with Currencycloud, the experts in simplifying business in a multi-currency world, to launch its...

Business2 days ago

A lack of training and email security solutions is contributing to a rise in email threats targeting the finance sector.

Mike Fleck, Senior Director, Sales Engineering at Cyren   Email remains the most popular and successful attack vector in the...

Top 102 days ago

Insurance providers must be ready to tackle quote manipulation as potential fraud rises

Sam Marsh, director, product management at LexisNexis Risk Solutions Insurance As road fuel costs reach a record high[i]  and inflation...

News2 days ago

Urban Company rolls out health insurance for service professionals in partnership with ACKO Insurance

Health insurance plan to benefit 40,000+ service partners in India Service partners can avail up to 12 free-of-cost online doctor consultations in a year...

Finance2 days ago

Main Factors Accelerating API Security Risks in Financial Services

By: Yaniv Balmas, VP of research at Salt Security   The API ecosystem is exploding and nowhere has API delivery...

Business2 days ago

Automation: the future of supply chains?

By Andrew Scargill, Logistics Operations EMEA at Digital River   Caught between the chaos of coronavirus and fallout from Brexit,...

News2 days ago

Can intelligent automation ensure the survival of the insurance industry?

Eric Tyree, SVP of AI and Innovation, SS&C Blue Prism   The economic viability of the insurance industry’s current business...

Business2 days ago

Time to make your energy future more predictable

– Alistair Booth, MD, Ortus Energy   UK businesses have a real opportunity to lock-in some energy certainty as a...

Top 102 days ago

Signals: Simplifying Trading Experiences

by LegacyFX Trading signals are a way for investors to indicate that the market is moving in a specific direction....

News4 days ago

Rivery Raises $30M B Round of Venture Funding from Tiger Global

With data needs growing and data talent scarcity, there is huge demand for Rivery’s 100% SaaS solution to create an...

Banking5 days ago

Wealth Managers and the Future of Trust: Insights from CFA Institute’s 2022 Investor Trust Study

Author: Rhodri Preece, CFA, Senior Head of Research, CFA Institute   Corporate responsibility is more important than ever. Today, many...

Interviews6 days ago

Q&A with Andréa Jacquemin, founder and CEO of Beamy

Beamy is a fast-growing scale-up that focuses on pioneering a new approach to SaaS management for large companies. Founded in...

News1 week ago

How to reignite your store with streamlined operations and a distinctive customer experience

Colin Neil, MD, Adyen UK   Retailers know that prioritising customer experience is vital to success today. This, amongst the...

Business1 week ago

5 tips to ensure CSR efforts come across as genuine

By Mick Clark, Managing Director, WePack Ltd   Corporate social responsibility – or CSR – is playing an increasingly pivotal role...

Business1 week ago

How to Build Your Credit Up Safely

by Taylor McKnight, Author for Compare Credit   What Is Credit? Credit is money owed by a person that allows...

News1 week ago

PCI DSS Compliance in the Cloud – Everything you should know

Introduction PCI DSS 4.0 is the latest and updated version of PCI DSS that was introduced on March 31st, 2022....

Banking1 week ago

2022 ESG Investment Trends

Jay Mukhey, Senior Director, ESG at Finastra   Environmental, Social and Governance (ESG) themes have been front and center throughout...

Business1 week ago

PROTECT THE VALUE OF YOUR SAVINGS AND AVOID RISING INFLATION PRESSURE

Planning for the next financial year? Former Bank Manager and successful whisky investor, Roger Parfitt, tells us why cask ownership is...

Technology1 week ago

UK Organisations turn to artificial intelligence to fight sophisticated cyberattacks

New research by cybersecurity expert Mimecast finds that email attacks are becoming more frequent and sophisticated More and more companies...

Finance1 week ago

The power of diversity: The need for female role models in FinTech

By Isavella Frangou, VP of Sales and Marketing, payabl.   As our world is constantly evolving, it’s easy to believe...

Trending