Banking

The Metaverse and the opportunity for Banking

Published

9 months ago

September 10, 2022

admin

Hitesh Patel is Consulting Partner within the Banking, Financial Services and Insurance practice at TCS in London

The increase in available computing power and combinations of technologies such as virtual reality (VR) and augmented reality (AR), blockchain and Web3 (decentralised internet) are giving rise to the metaverse and the opportunities within it.

Banking today has become emotionally devoid with face-to-face meetings with customers becoming increasingly rare and the much sought-after quality of trust been lost in the digitization of retail banking so far. So, does taking the next step of adding a third dimension to the client experience with added AR and VR potentially give banks the opportunity to partially restore lost customer relationships?

The metaverse brings together people and virtual spaces together offering the opportunity for banks to create collaborative and meaningful relationships with its customers. This space is evolving rapidly and early entrants to the market are likely to gain an early advantage. Some leading US and Asian banks have already set up a presence in the metaverse.

The building blocks of the metaverse are at different stages of maturation but the combination of the respective various underlying technologies like digital identification, distributed ledger technologies, increase in computing bandwidth and computational power promise to make the metaverse a truly immersive and transformative experience for its users.

How should banking executives approach it?

Senior executives in banks should view the metaverse with a long-term perspective – its maturity is still 5-10 years out and senior executives firstly need to appreciate its value and become familiar with it before any top-down strategic sponsorship is made.

A new and emerging opportunity set for Banks

The metaverse offers banks a unique opportunity to explore how they can assist customers with bridging the world of fiat assets in the physical world with their digital assets in the virtual world. It will give incumbent firms the opportunity to help shape how its customers in the metaverse save and transact in virtual assets like virtual real estate.

Enabling 3D experiences will be crucial for the future of banking in the metaverse. Banks potentially could use the metaverse to deepen their relationships with their clients and help partially restore the “in-person” dialogues that are currently missing in digital channels and help create memorable experiences for the next generation of banking customers, many of whom are unlikely to make use of the already reduced footprint of in-person banking services. Banks should not view this opportunity as another transformation project – it’s actually an opportunity to connect with a segment of the customer base by delivering and building relationships with them in a different way – albeit virtually and with augmented reality. It will add a new dimension to the current rather bland digital banking and mobile platforms and has the potential to enhance current virtual banking modalities like mobile banking, internet banking and chat functions which are emotionally devoid.

Banks that are not yet thinking of developing an approach for providing digital asset custody are at risk of failing to meet the needs and expectations of an increasing customer segment that is already transacting in this space. Banks can also issue and operate the money of the metaverse, enabling seamless transaction experiences, while simultaneously generating new and sustainable revenue streams.

The value of its own brand image by appealing to “Gen Z” should not be underestimated. Occupying a specific “location” in the metaverse can provide a competitive advantage.

Product innovations and alternative sources of revenue add to the growing benefits of being part of this evolution – banks are likely to use the metaverse as a medium to deliver new products. Virtual real estate, crypto and NFTs and other tokenised assets are already tradable in the universe. The presence of digital assets, NFTs and crypto are all growing and the demand and value for banks to assist with custody of these assets will also increase materially.

Banks should consider the metaverse as a channel to augment their current service offerings by providing advisory and payment services to clients transacting in the metaverse, third party services, integrating crowdfunding solutions, tailored AI-based financial advisory, portfolio reviews, mortgage recommendations or even money saving tips based on past transaction histories.

Risks & Challenges in Banks’ Metaverse Journey

The launch of banking in the metaverse will no doubt come with its set of risks and challenges. This is unchartered territory for all the participants in this space. Many will question whether it is ethical, safe, and inclusive and do the opportunities outweigh the challenges. It is a matter of time before global regulators extend the regulatory perimeter to include the metaverse. Regulations are likely to encompass key risks like digital identity verification and customer due diligence in a virtual world, conduct risk, AML, sanctions screening of users/addresses/nations, consumer protection and data privacy. Ultimately, the question will arise from the end customer – “Who am I actually dealing with” when transacting with an avatar in the metaverse. Banks will have to devise similar ways to identification like their current digital and mobile channels.

The metaverse will expose FIs to new risks like digital ID theft and creation of fake avatars to commit fraud, NFT thefts and scams, cybercrimes like hacking digital wallets and crypto theft and money laundering by moving fiat money into metaverse and cashing out of crypto exchanges.

Ultimately, building trust with its users will be paramount and is likely to take time given the evolving risks of operating in this space. Building a stable, inclusive, and immersive experience will be just as important as one that facilitates confidentiality, integrity and protects it users, their data, and their privacy. How data is shared in the virtual world will require critical consideration to ensure data privacy.

What this means for compliance functions

The emergence of a new way of doing business will inevitably necessitate the review of existing policies, procedures and control frameworks as well as the creation of new frameworks and target operating models in this space. Currently, compliance and risk professionals may be focused on how they prevent and detect traditional risks like bribery, corruption and AML. It is likely that these risks manifest themselves in new and different ways in the metaverse. It could range from verifying who the customers are to tracing the origin of virtual assets being exchanged unknown wallet addresses. Whilst the core skills set of these compliance professionals will be same, increasing their knowledge in areas of blockchain, crypto and NFTs will no doubt serve them well in expanding the portfolios they are responsible for managing. As has been discussed above, the creative and evolving ways of doing business in the metaverse will no doubt provide both challenges and opportunities when it comes to running a compliant, profitable, and a well risk-managed segment of the virtual bank of the future.

The Way Forward

Adoption of changing technologies has enabled banks to attract new customers and provide enhanced services to existing ones. A strong example is the digitization of banking services, moving from the traditional branch and contact-based banking to multi-channel digital contactless banking which enhanced customer experiences.

The Metaverse economy is predicted to touch between $5 – $10 tn by 2030 as industry reports suggest. As the Metaverse itself matures in the next 7-10 years, banks can look to tap the digital native population – Gen Y and Z, with innovative products and services that suit the needs of an emerging VR world. The next decade will witness tremendous development of the Metaverse, along with evolution of standards, infrastructure, ecosystems and industry use cases developed collaboratively by market participants for industry-wide mass adoption. A new immersive world of banking is poised to unfold by the end of this decade that will re-define financial services.

About the Authors

Hitesh Patel is Consulting Partner within the Banking, Financial Services and Insurance practice at TCS in London. He has over 17 years of experience spanning capital markets risk management covering market and credit risk and regulatory advisory. Prior to joining TCS, Hitesh managed and led several risk and regulatory transformation engagements for Deloitte’ tier one banking clients. Prior to Deloitte Hitesh worked as a risk manager at Deutsche Bank and Barclays in London.

Sujata Dasgupta heads the Financial Crimes Compliance Advisory, within the Banking, Financial Services, and Insurance practice at TCS. With over two decades of experience across banking and IT services and consulting, Sujata has also specialized in financial crime and regulatory compliance. She is a qualified Cost and Management Accountant (CMA) from The Institute of Cost Accountants of India (ICMAI) and a Certified Associate of the Indian Institute of Bankers.

Up Next

Redefining customer experiences with seamless insurance

Don't Miss

How Digital Banking on Cloud Delivers Value for Financial Institutions

Banking

Digital Acceleration – the next buzzword in banking tech? Or a new era for the industry?

Published

7 days ago

June 2, 2023

admin

Ove Kreison, CTO at Tuum

McKinsey’s latest report on banking found that traditional banks are spending a whopping 85% of their tech budgets on maintaining legacy solutions, with just 15% going towards building anything new for customers.

‘Digital transformation’ has been the buzzword in banking technology for years, but the figures suggest there’s still a lot of ‘transforming’ left to be desired. Now we’re beginning to see the term ‘digital acceleration’ come to the fore, what does that mean for the state of banking technology? What is the difference between acceleration and transformation, and what should banks and other financial services players do to remain competitive?

Digital transformation – the second machine age which has taken an age!

The idea of ‘digital transformation’ didn’t come out of the blue. Banking – like most other industries post-WW2 – has been experiencing the ‘second machine age’ for decades, exploring how technology can digitize processes and services to make cost, operational and organisational efficiencies. All the while, this process has also made it far easier for companies to be more competitive with new digital products that are slicker, quicker and more user-friendly.

Banks have benefited from wherever they have had digital transformation to date – but it is the digital transformation of core technology stacks that is having the most impact and making banks realise operational efficiencies while making them nimbler to adapt to changing customer needs and remain relevant and competitive in a highly disrupted market. Digital transformation to the core gives banks the ability to launch new offerings to market quicker, renovate and modernize business models, leverage and analyse data from multiple systems taking innovation of the more exciting front-end and customer centric offerings to the next level. Faster speed to market, highly personalised offerings, more agile, more scalable.

Success and progress to date, however, has been slow. Traditional banks especially are lumbered with highly complex and costly core technology stacks. Digital transformation and upgrading these core stacks still remains a priority, but the next wave of digital acceleration is now an urgent priority on the c-suite agenda to ensure banks compete and survive in a rapidly evolving industry.

Digital Acceleration vs Digital Transformation

Digital transformation at its core takes the existing ways companies have run their business and applies new technologies to digitize them – for example, taking a paper-based application process and making it online.

Digital acceleration is different. Here, digital becomes the very core of the business model, creating further new digital processes. It gives the power to not just make existing processes digital but to reimagine how those processes impact and improve the business. Some of the most forward-thinking banks are already doing this. BBVA, the second biggest bank in Spain, is actively and openly seeking to become a software company in the future and has digital at the heart of its offering. It embraced open innovation and new technologies to better serve its customers – for example, it launched an app-based money transfer offering, Tuyyo, in 2017. It’s also exploring how technologies like blockchain can be used to transform fundamental banking services such as loan origination, with the aim of improving the way it runs its businesses.

Co-Value Creation – Going it Alone isn’t an Option

A core facet of digital acceleration – especially in a highly mature and saturated market like banking – will be how banks, fintechs, enterprises and others collaborate to mobilise these more diverse capabilities and expertise, bringing mutual benefits to all parties.

The pace of technological change is so hypercompetitive to the point now where organisations cannot always sustain their competitive advantage or ‘do it all’. Constantly updating your offering to maintain market share and react to new demands has become a necessity for banks, but it is exhausting. More and more banks and FS providers are realising that the strategic resources and capabilities needed to deliver these innovative services lie outside of their business, and given the fast pace of change, developing everything in-house is unrealistic given the skills gap, time and cost constraints. Moreover, tech advances around integration and APIs mean collaborating with third-party experts has never been easier or more effective to bring capabilities that, combined with their own core offerings and customer data, provide an important competitive advantage and valuable proposition for customers.

One brilliant example of this is ING. Recognising the struggles associated with traditionally manual and paper-intensive trade finance processes, it launched a blockchain-based commodities financing platfrom Komgo in 2018 with a consortium of other banks and corporates like Société Général, Citi, and Mercuria. In an age of hypercompetition – mutually beneficial collaboration is the answer.

Transform, accelerate, create

Ultimately, banks can continue to digitally transform while also looking to digitally accelerate. In fact, the two go hand in hand; in order to reap the benefits and be able to consider platform co-creation and digital acceleration, banks need to transform their tech stacks from the core to have the capability and agility to think beyond the realms of their own core business and their own technology. Those that get it right by driving innovation from the core, are reimagining their business models for the digital age, tapping into new revenue streams and becoming more customer-centric are not only more relevant now but future proofed for digital acceleration of the future.

Banking

Banking on legacy – The risks posed by ‘stone age’ banking infrastructure

Published

1 week ago

May 31, 2023

editorial

By Andreas Wuchner, Angel Investor of Venari Security

Introduction

If you consider the most significant motivating factors behind cyber-attacks – the promise of large financial reward and the opportunity to cause maximum business and social disruption – it’s little wonder that banks and financial institutions are amongst the most inviting targets for would-be cyber criminals. In fact, according to IBM’s recent report, ‘banking and finance’ was the most attacked industry for the five years between 2015 and 2020 – surpassed only by threats to critical infrastructure in recent years. Successful attacks can provide aggressors with a mass of sensitive personal and financial information, and even access to people’s money itself. Furthermore, a suspension of withdrawals and deposits can cause huge social disruption and reputational damage.

As banks have reacted to years of new regulation and emerging technologies, they often operate with a hugely complicated and disparate technology estates. This provides malicious actors with a wealth of potential attack vectors. A small breach from anywhere in this network can have enormous consequences, and lead to entire systems being overrun. As such, it’s crucial that security teams operate with the highest-grade security possible, including ensuring the strongest level of encryption standards. Banks need to look beyond regulatory tick-box commitments and ensure they are taking proactive and preventative steps to monitor and combat malicious attacks across their entire network.

Andreas Wuchner

However, the ability to react to cyber-threats across a vast estate requires speed and flexibility to quickly react and update security protocols. The sheer volume of legacy infrastructure slows this process down considerably leaving many security teams in a vicious cycle.

The threat of legacy infrastructure

A sizeable proportion of the banking industry still maintains a reliance on systems first developed more than 40 years ago. In fact, many ‘core banking’ systems, like payments, loans, mortgages and the associated technologies, are still coded using COBOL (Common Business-Orientated Language), an otherwise defunct programming language that is older than the internet itself. In the UK and Europe, COBOL remains the ‘backbone of banking services,’ while in the USA, as much as 43% of banking systems are built on COBOL, meaning it underpins much of our financial system.

This presents a huge security risk. While code has been regularly updated over the years, these systems were built when security threats were far less sophisticated, less well-financed and the burden of data was far less pronounced. For several years, governments have pointed towards legacy systems, built using COBOL, as a major cybersecurity threat, incompatible with modern security best practices and solutions, including multi-factor authentication. For example, data from Kaspersky found that businesses with outdated technology are much more likely to have suffered a data breach (65%) than those who keep their technology updated (29%).

A further security consideration is the diminishing number of people who are trained in maintaining COBOL systems. Every year, experienced professionals exit the industry, making it increasingly difficult to service legacy technologies and creating significant delays in patching threats once they’re identified. This lack of supply of sufficiently trained experts, and the demand they face, makes any updates extremely expensive and time consuming.

Furthermore, legacy infrastructure is preventing the secure application of encryption, posing its own distinct cybersecurity and regulatory risks. Encryption is often heralded as a silver bullet solution for data privacy and has been a continuing area of focus for regulatory bodies in recent years. However, banks remain guilty of poor deployment, maintenance and management of encryption – using outdated protocols and inefficient methods of analysing and understanding network traffic. This, coupled with legacy ‘core banking’ systems that are incompatible with modern encryption techniques, equates to a regulatory and security headache for security teams.

Adopting a new mindset

The risks posed by legacy systems and the volume of cybersecurity threats facing banks, mean a concentrated re-think of overall cybersecurity strategy is needed to prevent breaches and ensure data is protected long-term. Traditionally, banks have taken an ‘outside-in’ view – dedicating capacity, finances and knowledge to dealing with threats that are existing, known and well publicised. However, to aid long-term security, this should be superseded by an ‘inside-out’ proactive approach, whereby security teams are cognisant of their own internal systems and where the key vulnerabilities are found. Once banks have a detailed view of the security risks posed by their legacy systems, and specifically what data is threatened, they can address flaws, update these systems and build a stronger overall security posture.

The secure path ahead

Many of our successful high-street banks today have centuries of experience in dealing with social, economic and regulatory upheaval. However, the rapid development and deployment of technology continues to present a unique challenge. Many ‘traditional’ banks have built a complex technology infrastructure through decades of adjustment to new legislation and emerging technologies. While serviceable in the past, fintech start-ups are pushing the long-term viability of these systems to the limit.

Challenger banks have the luxury of being built from the ground-up, prioritising convenient digital services and features, and modern security processes. As the user base of these banks increase, customers are increasingly expecting these features and security from their existing banks, meaning even more complexity added to legacy infrastructures. As outlined by Deloitte, existing firms simply aren’t positioned to support the rising expectation of the market, exposing banks to additional risk and liability.

What’s more, it’s estimated that banks spend as much as 80% of their yearly IT budgets on the maintenance of legacy systems. While an immediate switch away from these systems is unrealistic, there is an opportunity to reduce wasted spend and divert spend towards modernisation efforts. However, while traditional banks may want to adapt quicker to technological advancements, they need to do so while continuing to minimise cyber risk and without jeopardising the security of their data or systems. This means placing cybersecurity at the heart of any modernisation efforts and maintaining a steady rate of change. As more of the technology estate begins to be modernised, the potential risks of regulatory non-compliance will also reduce.

Legacy systems need a considered update

Banking systems have heavily relied on legacy infrastructure for too long now, bringing difficulties in maintaining the highest-grade cybersecurity and in facilitating innovation. The risks presented by novel cybersecurity attack vectors and competition from new and emerging digital services offered by challenger banks are exacerbating these issues. As such, legacy systems need a managed modernisation in the long-term, facilitated in part by a managed redistribution of existing IT spend. However, to ensure long-term security overall, cybersecurity needs to be central to be at the very heart of modernisation efforts.