Frederik Mennes, Director of Product Security, Security Competence Center, OneSpan
Security is hot on the agenda for banks and financial institutions. Breaches and fraud are becoming commonplace, and cyber-criminals are continuing to look for new and innovative ways to exploit vulnerabilities. Pressure is also coming from customers and regulators, who have increasingly high expectations that companies are keeping data secure, especially financial. Indeed, the banking industry is one of the most heavily regulated across the world, and in the EU, the 14 September deadline for PSD2 is fast approaching.
The Strong Customer Authentication (SCA) rules, as part of PSD2, are intended to enhance the security of e-commerce payments and limit fraud. Once SCA comes into effect, customers purchasing more than €30 worth of items will be required to be authenticated by two out of three elements: something the customer knows (PIN, password, security question), something the customer has (a device), and/or something the customer is (biometric data such as fingerprints, or facial recognition).
With some banks choosing to opt for mobile phone verification as one of the options, concerns were raised that almost a third of online purchases could fail, and thousands of UK customers could be frozen out of online shopping if they don’t own a mobile phone or can’t access signal. Subsequently, the FCA recently delayed the introduction of SCA for e-commerce payments by up to 18 months.
Banks are now faced with the challenge of meeting the SCA regulations surrounding authentication, while also providing a seamless user experience, and meeting customer expectations.
Here are three ways to overcome challenges with SCA regulations.
Adopt intelligent adaptive technologies
One way they can achieve this is by adopting intelligent authentication technology. These are powered by AI and machine learning, and assess the risk level of a transaction based on vast and disparate data, including transaction details, customer behavior, the integrity of the device and mobile apps, and other contextual data points. This information is then used to determine what level of authentication is required. Crucially for SCA, intelligent authentication isn’t limited to one or two methods, such as a PIN and mobile phone text. A range of authentication methods can be employed depending on the situation.
For example, if a customer tries to make a large clothes purchase online, but doesn’t have mobile phone signal, instead of being required to enter a PIN and a one time PIN via push notification or mobile appthey could use a fingerprint instead. Or, if the customer doesn’t have access to a mobile phone at all, the bank could phone the customer on their landline, providing an automated code for them to enter.
Crucially, by adopting intelligent authentication banks will be able to comply with the SCA rules of authentication by two different elements, without limiting customers to certain authentication methods that might not be convenient, such as a mobile phone text verification.
Fight fraud with risk-based security
As well as ensuring banks are compliant with SCA regulations, intelligent authentication is also a key solution for helping banks drive down fraud. Fraud cost banks £1.2 billion in 2018, and new incidents of financial fraud were being reported every 15 seconds during the year, making it a top priority. With money, customers, and reputation on the line, banks need to ensure they’re making necessary changes to combat fraud.
However, it’s increasingly difficult to identify fraud across multiple digital channels. To stay ahead banks need to take a risk-based, context aware approach to security, including authentication. With intelligent authentication, the risk of a situation is determined and authentication levels adjusted accordingly.
For example, if a customer tries to make a larger than usual payment, from an untrusted device, in an uncommon location, it is more likely to be an attempt at fraud. However, people don’t live in boxes, or behave the same way all the time, and it’s entirely possible that the payment attempt is genuine.
Therefore, instead of denying the transaction, resulting in potentially unnecessary frustration, intelligent authentication challenges the customer accordingly. Instead of only asking the customer to present a passcode as authentication, because the transaction is unusual, additional authentication is required, such as a fingerprint.
Intelligent authentication is a great example of banks being able to take advantage of emerging technologies to identify and prevent fraud, without compromising the user experience.
Balance security and the experience
The banking landscape is shifting rapidly, with advances in technology and the rise of challenger banks. Customers are demanding more from their banks, and expect a fully digital and seamless experience at all touch points, whether that’s purchasing an item online, or taking out a loan.
At the same time, regulations are placing far more importance on security than ever before, and with the relentless threat of fraud and cyber-attacks hanging over banks, ensuring their customers are secure needs to be a top priority.
Consumers don’t want to see or pay for security anymore; it’s just expected. Intelligent authentication is one way banks and financial institutions can deliver the dream of a secure and seamless banking experience while also remaining compliant with regulations such as SCA.
EFFECTIVE ACCOUNTS PAYABLE AUTOMATION: 3 PILLARS TO SUCCESS
By Kyle McNabb, SVP of product marketing
Ineffective accounts payable (A/P) processes are costing UK—and global—businesses considerably. According to the US’ Institute of Finance & Management (IOFM) each payment costs an organisation twice as much to process in an organisation with less effective A/P functions than it does in best-in-class companies.
With a dogged focus on cutting wasteful spend in many organisations, A/P should not be overlooked. Automation is one way leading organisations are finding points of savings in A/P, as doing so can significantly improve effectiveness and efficiency, reduce human errors and missed payments and ultimately boosts satisfaction ratings thanks to faster payment processing.
When done right, automation is also embraced by A/P staff, as it allows them to cut down the time spent on manual processing and instead gives them more bandwidth to focus on managing exceptions, developing relationships with suppliers and taking on new tasks.
Deploying the right software solution is a first step in a successful A/P automation project, but that effort must also take into account best practices in order to realise the greatest results.
Centralisation and organisation are key to any effective accounting process. But in many organisations, the data leveraged by A/P comes from disparate sources. The company’s enterprise resource planning (ERP) system usually serves as the main source, but there are countless others. Consider, for example, the systems that reside with sales staff, external vendors, customers or other points along the supply chain, such as transportation carriers and manufacturing and warehouse facilities.
If the information needed to streamline the management of exceptions is not centralised—with data from different source systems connected via unique identifiers such as vendor ID, account code and customer name—then it cannot be leveraged seamlessly to automate payment processing.
Furthermore, a lot of content is available only as paper, PDF, image, etc. That content must be scanned to have critical data elements—such as the date, account number or amount—electronically captured and metadata created. Then, and only then, the content can be indexed and stored in a repository and database. From there, the invoice and associated supporting content can be linked and processed via workflow.
Some automated A/P solutions can integrate myriad information and content formats with their data repository. It’s important to confirm the solution you select can, in fact, cover formats such as Microsoft Word and Excel, PDF, email, video, scanned capture documents—and uses a variety of standardised methods to exchange information in electronic formats (e.g., XML, JSON and EDI). They should also intelligently index, archive and organise this content so that users can easily find and access necessary information. An effective automated A/P platform also includes auditing and reconciliation capabilities, which alert users to errors such as duplicate, short or delayed payments.
Centralisation entails storing all critical accounting documents related to A/P in a single place. However, in even the most streamlined enterprises, these documents still touch several different systems. Some documents are stored in an ERP system or a content-collaboration platform, but other crucial information often resides on paper, in sales contracts, on inspection certificates or elsewhere. Disparate systems that function independently and without effective integration only prolong accounting processes.
To be most effective, the payables software solution must be able to communicate with all core systems that house relevant documents. If it can’t, records can become “lost in the loop” and put the organisation at risk. To prevent this, any A/P automation solution should integrate with the company’s content services platform (CSP) and ERP systems. Integrating systems and federating content across them leads to substantially reduced processing times.
A/P-related systems aren’t the only software in the company that contains information relevant to A/P processes. Marketing, customer service, operations, manufacturing and legal, among other major departments, have some bottom-line impact on business operations.
Because A/P staff spend most of their time dealing with transactions that are not PO-based or with PO exceptions like mistakes in amount, quantity, price, payment terms, etc., having this information is critical to their effectiveness. And although this information exists in other departments, it is rarely made readily available to A/P to use when resolving exceptions.
Automated A/P solutions can centralise enterprise content beyond the documentation that is typically considered central to payables processes. When evaluating solutions, assess if the system uses standards-based REST APIs, low-code web-hook enabled content-centric workflows and content federation to access content stored in repositories used in other parts of the organisation. This approach will improve transparency and yield improved cost savings within A/P and the broader supply chain.
Reaping the Rewards
When a company is able to tighten its A/P processes, the entire business reaps the rewards. It eliminates the processing delays that result in inaccurate reporting, poor financial visibility, delayed business decisions, costly reruns and wasted money. It also allows money to flow into and out of an organisation faster. According to IOFM, organisations that apply A/P automation best practices can pay their non-PO invoices on time 96% of the time, compared to only 13% of those that are less automated.
The key to enabling that is to capture, manage, federate and audit content across the entire organisation and ensure systems work in concert across different departments and applications. Only with that centralisation, integration and unification can a company make more-informed business decisions and improve cash flow for the near and long term.
WHAT DOES 2020 LOOK LIKE FOR P2P LENDING?
By Roberts Lasovskis, Investment Platform Lead, TWINO
It’s a new year; time for resolutions and forward planning, positivity and drive. But the peer-to-peer industry would do well to engage in a bit of introspection as well; a look back to the year gone by, which serves as a more than useful reminder of what can happen in less propitious times, even for the well-intentioned.
2019 saw two major failures in the European peer-to-peer market, with both Lendy’s collapse in May and FundingSecure in October putting investor capital at risk. Between the two, a combined £240m of savers’ money was put at risk, leading to the inevitable questions of regulators. On top of the two lenders failing, the well-established Funding Circle came into difficulties with its new withdrawal processes raising investor concern. But in all three stories from last year is a sign of how peer-to-peer can succeed in 2020, providing last year’s lessons are learnt.
There is one aspect of the two peer-to-peer collapses last year that stood out for much of the criticism from both media and investors. Both Lendy and FundingSecure came advertised as ‘approved by the FCA’, yet in collapse, both displayed structural faults and warning signs that should perhaps have been noticed earlier. Managing credit risk is an expensive learning process, but should be taken very seriously, and using as many data sources and as much testing as possible. Inevitably, these high-profile failures will cause a tightening of regulation across the industry, which should be welcomed.
The industry should embrace the ongoing development of its regulation – it is not something to just be tolerated and survived. Higher levels of scrutiny from administrators lead to better industry structures and more robust business models that generate greater trust from consumers. This is an inevitable step for a maturing industry, and now is the time for peer-to-peer to ensure its regulations are fit for purpose, and that investor money is not put at unnecessary risk.
But regulation is about more than just stopping the high-profile failures and helping to build consumer trust in the sector. When implemented properly, regulation encourages the development of better products; companies are forced to innovate and adapt to meet the new challenges, eliminating the number of shortcuts or ‘easy options’ that are taken when developing a product for consumers. Ultimately, this creates safer and more sustainable returns for investors.
Transparency is key
One of the major lessons the past year has taught us is the importance of transparency, particularly when communicating with investors. But whether it’s investors, borrowers or other industry partners, transparency and clear communication are key to rebuilding trust in the P2P sector, and even as specifically as in individual products or companies. Take Funding Circle as an example. It is undoubtedly one of the most successful businesses in the sector, and yet has been suffering a recent crisis in trust, which has been largely caused by customers not fully understanding what procedural changes are going to mean for their money.
The changes in question are not necessarily the full problem. The model is no less safe, and the business is no less high-profile. Nor do investors automatically object to the idea of a delay before they can access their money (look at fixed-term savings accounts for example). As with all peer to peer lending platforms, it is simply a question of understanding risk – customers misinterpreted the changes as a sign that their money was under threat and understandably rushed to protect it.
The customer is king
Fintech exploded as a sector in the wake of the 2008 financial crash, as a reaction to bad practices in the financial services industry. The industry was created with a promise of ‘customer-first’ products; solutions to fix the shortcomings in finance and financial services, and to pivot them back to a consumer-focus. From product development to marketing and communications, peer-to-peer must remember where it came from and ensure that the customer always comes first.
This is particularly important should another economic downturn materialise, as many are predicting within the next couple of years. Fintech businesses emerged as the success stories from the last downturn by creating solutions that focused on their customers. They should do so again.
For all the perceived problems in the P2P sector, the fundamental market for the products have not changed; investors who want to generate good returns still need to be connected with those seeking convenient loans. By remembering where it came from, and the problems it set out to solve, the sector can still thrive in 2020, even if the predicted economic downturn does transpire. To avoid the pitfalls other providers have fallen into, peer-to-peer must embrace regulation, communicate with transparency and focus on leveraging their expertise to provide trustworthy customer-centric solutions.
1 TRILLION REASONS WHY E-COMMERCE PROVIDERS SHOULD LOVE CHINESE NEW YEAR
In 2019, retailers in China took in a staggering 1 trillion yuan ($148.3 billion) during the Chinese New Year ....
SHARJAH NATIONAL OIL CORPORATION ANNOUNCES 1ST GAS DISCOVERY IN 3 DECADES
The Sharjah National Oil Corporation (SNOC) and its partner Eni, have announced a successful new discovery of natural gas and condensate onshore in Sharjah. The discovery, named...
EFFECTIVE ACCOUNTS PAYABLE AUTOMATION: 3 PILLARS TO SUCCESS
By Kyle McNabb, SVP of product marketing Ineffective accounts payable (A/P) processes are costing UK—and global—businesses considerably. According to...
HOW TO PREPARE FOR A CASHLESS SOCIETY
THE UK ranks as the world’s third most cashless country behind Canada and Sweden. Will Hurst, Head of Commercial Development...
HOW MACHINE LEARNING IS CHANGING THE FACE OF FINANCIAL SERVICES
By Grainne McKeever, Marketing and Communications Consultant at Imperva Artificial intelligence (AI) has become integrated into our everyday lives. It powers what...
COMPLIANCE IS ONLY AS GOOD AS THE WEAKEST DEVICE
Nick Taylor, Key Account Manager – UK & IE Finance, Jamf Trust in the banking sector took a nosedive...
IS THIS THE FUTURE OF TRADING?
Have you ever wondered what the future might hold for trading? IG has explored how platforms, technical analysis, client management and...
THREE WAYS TO WIN SHOPPERS DURING CHINESE NEW YEAR (AND BEYOND)
By Myles Dawson, Managing Director, Adyen UK For us in the West, New Year feels like a distant memory. But,...
MANUAL PAPERWORK AND INEFFICIENT PROCESSES ARE HINDERING FINANCIAL SERVICES
Author: Matt Tuson, SVP & MD EMEA, Conga In the finance industry, it is all about the customer. However,...
TOP 5 WAYS YOUR BUSINESS COULD BENEFIT FROM A TEAM BREAKFAST
It’s long been said that breakfast is the most important meal of the day, but what place does it have...
BNP PARIBAS AND OPEN BANKING PLATFORM TINK ANNOUNCE STRATEGIC PARTNERSHIP IN EUROPE
BNP Paribas and Tink announce today a strategic partnership. The open banking platform Tink becomes BNP Paribas’preferred partner in Europe for account...
DATA PROTECTION DAY 2020: DE-RISKING IN THE ERA OF TRANSPARENCY
By Daniel Fried, General Manager (GM) and Senior Vice President (SVP), EMEA and Worldwide Channels, Veeam The issue of...
FINANCE AS A CATALYST FOR POSITIVE CHANGE
The fundamental role the financial sector plays in helping secure the objectives set out in the UN Sustainable Development Goals...
SARB HISTORY OF BANKNOTES
WHAT IS AI?
INNOVATIVE FUND MAKES INVESTING IN SMALLHOLDER FARMERS ATTRACTIVE, DELIVERING ESG IMPACT
IDH the Sustainable Trade Initiative – in coalition with Unilever, Jacobs DE, Mondelez and Rabobank – launched the world’s biggest...
LEADING FINANCIAL SERVICES INFLUENCERS JOIN FORCES TO EDUCATE ON M&A
Two of the UK’s leading independent financial advice firms, along with a prominent business transformation consultancy, have partnered with M&A...
FIRST MINORITY-LED TIER-ONE INSURANCE AND REINSURANCE BROKER LAUNCHES IN THE U.S.
Protecdiv, the first tier-one minority-led insurance and reinsurance broker in the U.S., has launched. The Philadelphia-based company is led...
REGULATION AND COMPLIANCE TO BECOME BUSINESS CRITICAL IN 2020
In 2020, businesses can expect a range of regulations to be enforced, including the delayed Strong Customer Authentication (SCA) requirement...
HOW THE E-COMMERCE AND FINTECH MARKETS WILL SHAPE UP IN 2020
James Booth, VP, Head of Payment Partnerships EMEA at PPRO 2019 has certainly been a memorable year for the FinTech...