Connect with us


Value drivers in fund technology



By Nandakishore Divakarla, Head of Innovation at Intertrust Group


Not everyone has given in to the onward march of technology and automation, as our recent research with private capital fund managers found. A third (34%) of those we questioned said that most or all of their key fund administration processes are still handled manually. With the benefits of automation widely established, what is preventing its widespread adoption?

In private capital fund administration, repetitive processes lend themselves to automation. The larger the fund, the more reliant it will be on automation due to the greater volumes of data and higher numbers of investors.

The clear argument for automation in private equity funds is that it reduces costs, speeds up processes, and makes it easier to manage increasingly complex operations. Almost two-thirds of funds we questioned last year said automation had had a significant effect on fund administration over the last five years.  Moreover, 68% agreed that over the next five years, increased automation and other new technologies would be vital to giving their fund a competitive edge.

There is clear evidence of the impact of innovation, with two technologies – robotic process automation (RPA) and machine learning (ML) – contributing significantly to making fund administration much more efficient.

If, for example, a fund has a capital call of a certain amount, the use of RPA means a calculation is done and allocated to all investors and an email is initiated with the information and sent to those investors. ML or AI works in the background to analyse human interactions and identify trends. Reconciliation, for instance, stores all the actions to be carried out by the human and then automatically prioritises elements to speed the process up. At Intertrust Group, we have seen AI reduce reconciliation times from over five hours, to under 30 minutes.

Technology barriers

Given the clear evidence of real-world success, who wouldn’t want to automate? Whilst limiting factors including market conditions and regulatory issues do pose challenges, the biggest barrier, for nearly one in four funds we surveyed, is cost.

There is clearly work to be done in understanding and quantifying the benefits of new technology, because the ability to automate some of the more time-consuming tasks frees staff up for more rewarding and profitable work. Enhancing data management capabilities helps funds run their operations more effectively and make smarter decisions.

Adopting new technology is an important strategic decision. Investing too early means incurring costs before the true benefits are attainable. However, investing too late risks being left behind the competition. Timing is important, which is perhaps why many funds seek third-party expertise to help with their technology decisions.

Fund managers and administrators are not experts in innovative technology, nor would they expect to be. Lab 52 is Intertrust Group’s innovation lab, which tests out how new tech concepts can drive efficiency and reduce costs for clients. Technology is at the core of our overall business and strategy and its areas of focus include big data, machine learning, blockchain and RPA. They are all key technologies for the industry.

Most funds, regardless of size or location, use third-party administrators (TPAs) to run at least part of their business. Technology has sped up the entire deal-making process and the onward march of automation is unstoppable which is driving business for TPAs.

Technological innovation is a challenge, but it is one that, when met, can make it easier to tackle issues affecting other parts of the business; solving troublesome problems and making everyday business smoother.

The real advantage will come from transformative change of the kind that makes possible new products and services and new ways of working. The funds that can seize that opportunity, will be able to position themselves as leaders in their sector.


Preventing fraud and detecting money laundering in real-time




Mathew Hobbis – Chief Architect FSI, Solace


The number of payment channels has grown exponentially. The time it takes to settle a transaction has gone down from days to minutes. Traditional banks have had to move from a couple of channels to potentially 10-15 within their organisation. The more channels, the more vulnerable the system becomes to fraudsters and criminals. The two big challenges for financial institutions right now are payments fraud at the consumer end of the spectrum, and the growing threat of organisational money laundering.

Here’s the conundrum. Modern financial organisations have to mitigate against such criminal activity for the safety of their users and its own reputation. But they must do this without adding any friction into the payments process that would put off or dissuade users of their services.

They need a solution that can not only keep pace but can carry out the additional checks in real-time across systems that often encompass legacy, on-premises deployments, as well as modern container deployments, and public cloud for AI and ML capabilities. In the real-time world of today, this can only mean using the new generation of event-driven architecture (EDA).

The more channels, the more opportunities for payments fraud

McKinsey charts a rise in fraud in a recent article series: “Skyrocketing levels of fraud, enabled by the accelerated adoption of digital commerce and the ever-increasing sophistication of fraudsters, have overwhelmed traditional controls in recent years. This surge has led to increased fraud losses and damaged customers’ experience and trust.”

For retail banks, payments fraud impacts both consumers and their bottom line. The Association for Financial Professionals®’ latest Payments Fraud and Control Survey, underwritten by J.P. Morgan, found 71% of financial professionals report their organisations were victims of payments fraud. Not only do fraudulent payments negatively impact banking customer experience and confidence, the cumulative cost is also large – one recent study by Juniper Research warns online payment fraud losses alone will globally reach $343 billion between 2023 and 2027.

Anti-money laundering (AML) spells the danger of more serious crimes

Money laundering is a major threat for banks because it usually goes hand in hand with serious organised crimes – including drug or people trafficking, weapons dealing or even terrorism.

The estimated amount of money laundered globally is between 2 and 5% of global GDP – and the reputational damage of undetected money laundering can be catastrophic. The Bank for International Settlements also explains “spotting different money laundering patterns is complex, requiring different data points and data sources as well as the ability to connect them across different systems in order to better identify suspicious flows and patterns.”

There are three key areas where technology and event-driven architecture (EDA) can help address these growing threats. The first is the tech to help you better detect. Banking and payments organisations must be able to quickly identify and action these fraudulent or criminal transactions, across all channels. Many are turning to data modelling and Artificial Intelligence (AI) and Machine Learning (ML) that can learn to recognise questionable transactions. But this can be further enhanced with EDA to manage fraudulent and money laundering transactions at scale.

The second issue and challenge for organisations is speed, specifically feeding transaction data, in real-time, to the AI / ML processes which often live in the public cloud. This is where EDA provides the real-time integration allowing legacy core-banking/mainframe systems to communicate with modern micro-service payment frameworks and cloud-based AI/ML for fraud and anti-money laundering (AML).

Finally, they must be able to stay one step ahead. EDA and the Event Mesh allows flexibility in how software components are wired together and flexibility in where they are located. This allows the platform to ‘evolve’, to react quickly and effectively to changes in the financial landscape. Flexibility, or ‘re-wiring’, and platform evolution needs to be a ‘business as usual’ activity as fraud and fraud detection is a constantly evolving game where financial institutions are pitted against criminals. Who can act the fastest wins.

Building a model – it all starts with scoring transactional data and setting triggers

The sort of activities that go into building a fraud prevention or anti-money laundering model with setting trigger points would include: type of transaction vs. is this consistent with a customer’s previous transaction history? Is it in an expected geography? If they travel a lot, then is the time and travel distance between their last transaction and this transaction reasonable? All this data must be fed into the model and assigned a score.

The score also depends on authentication requests. So typically, if you can identify a user together with their mobile phone, banks may pass the transaction because they are comfortable they know who the user is. But if a similar scenario occurs where the user has reached the same score, but there is no biometric data or mobile authentication, then this would be highly likely to trigger a different reaction – blocking or flagging the questionable transaction for escalation.

Now add AI and ML – fraud and money laundering detection starts to get powerful

When a bank has built a database of models, new transactions can then be checked against the models, and given an accumulated score, AI and machine learning then step up to the plate. These technologies, aided by EDA, can make rapid decisions and enable companies to flag abnormal transactions in real-time across all channels.

Layering these data models with AI/ML offers an opportunity for banks to get out in front and gain ground on fraudsters and money launderers. McKinsey research sees “Recent enhancements in machine learning are helping banks to improve their anti-money-laundering programs significantly, including, and most immediately, the transaction monitoring element of these programs.”

To be fully effective, AI/ML needs a big data set. They can only make decisions based on access to historic datasets. So, the first thing a bank has to do is to ‘train’ the model by buying data or scraping from its own historical datasets. And then the model runs through several fraudulent transactions, so it is now ‘trained’ on what a fraudulent transaction looks like. The objective is to build an understanding so AI/ML can pick out the right (fraudulent) activities.

Event-driven architecture helps police fraud and money laundering faster than ever before

Ideally, banks should build one model set for fraud and one model set for money laundering – then implement both models across all transactions and payment channels. And this is where event-driven architecture (EDA) enables them to leverage their fraud and money laundering data models and use AI/ML technology in real-time across an ever-expanding number of payment channels.

EDA allows banks to build an enterprise IT architecture that lets information flow between applications, microservices, and connected devices in a real-time manner as events occur throughout the business.

Meet the event broker who understands it all

EDA works with a middleman known as an event broker, which enables what’s called loose coupling of applications. This is essential because it means applications and devices don’t need to know where they are sending information, or where the information they’re consuming comes from. But the event broker does.

So, in the event-driven world, a bank just has to make sure a payments channel just sends the right event to communicate with the fraud detection or the anti-money laundering system and receive the same events to get the “yes or no” back.

The alternative is not really an option

It’s a much easier integration than trying to do this via standard REST APIs – which becomes a lot more challenging and will need to be built differently for every different channel a bank has now, plus any new channels. This means banks may have to change models based on not only changes in user behaviour, but changes driven by new products and services or to counter new types of fraud or money laundering.

With standard REST APIs – every time a bank adds a new channel, it has to change the way anti-money laundering and fraud systems work, because they have to know about this other channel. In the event-driven world they don’t know, don’t need to know – and they don’t care!

Banks can accurately support a high volume of transactions in the quickest response time, balance transaction authentication and authorisation with fraud detection without decreasing customer satisfaction, and route events securely across the whole payments ecosystem with efficiency.

A platform for the future – EDA opens the door to manage technical debt and quickly introduce new channels

EDA also provides a platform for the future – allowing banks to innovate outside of just countering fraud and money laundering. EDA will help traditional banks compete in the new world as they need to deliver products and services faster in order to compete. A large bank, with its legacy systems, can now compete against an online mortgage lender—and deliver a broader portfolio of products to customers with more speed.”

Yes, newer fintech market entrants have significantly less technical debt than traditional financial institutions. Imagine a new FX rate provider that can provide payments to every country and give customers the best FX rates. Everything is built on a modern infrastructure anyway – there is no legacy core banking app, and everything is microservice, as everything is in the cloud.

But EDA as an approach to enterprise IT architecture can help traditional banks introduce new services and link applications quickly and at scale, ensuring they can match these agile competitors and provide customers with the instant kind of feedback they seek from their banking services, while not being held back by large volumes of existing technical debt.

EDA – keeping financial institutions one step ahead

The challenge for larger banks is to move more towards real-time – even with a large amount of technical debt. EDA not only provides the springboard to payment modernisation; it also ensures a proliferation of payment channels does not come at the cost of increased fraud and money laundering.

Continue Reading


Enhancing cybersecurity in investment firms as new regulations come into force



Christian Scott, COO/CISO at Gotham Security, an Abacus Group Company


The alternative investment industry is a prime target for cyber breaches. February’s ransomware attack on global financial software firm ION Group was a warning to the wider sector. Russia-linked LockBit Ransomware-as-a-Service (RaaS) affiliate hackers disrupted trading activities in international markets, with firms forced to fall back on expensive, inefficient, and potentially non-compliant manual reporting methods. Not only do attacks like these put critical business operations under threat, but firms also risk falling foul of regulations if they lack a sufficient incident response plan. 

 To ensure that firms protect client assets and keep pace with evolving challenges, the Securities and Exchange Commission (SEC) has proposed new cybersecurity requirements for registered advisors and funds. Codifying previous guidance into non-negotiable rules, these requirements will cover every aspect of the security lifecycle and the specific processes a firm implements, encompassing written policies and procedures, transparent governance records, and the timely disclosure of all material cybersecurity incidents to regulators and investors. Failure to comply with the rules could carry significant financial, legal, and national security implications.

 The proposed SEC rules are expected to come into force in the coming months, following a notice and comment period. However, businesses should not drag their feet in making the necessary adjustments – the SEC has also introduced an extensive lookback period preceding the implementation of the rules, meaning that organisations should already be proving they are meeting these heightened demands.

For investment firms, regulatory developments such as these will help boost cyber resilience and client confidence in the safety of investments. However, with a clear expectation that firms should be well aligned to the requirements already, many will need to proactively step up their security oversight and strengthen their technologies, policies, end-user education, and incident response procedures. So, how can organisations prepare for enforcement and maintain compliance in a shifting regulatory landscape?


Changing demands

In today’s complex, fast-changing, and interconnected business environment, the alternative investment sector must continually take account of its evolving risk profile. Additionally, as more and more organisations shift towards more distributed and flexible ways of working, traditional protection perimeters are dissolving, rendering firms more vulnerable to cyber-attack.    

As such, the new SEC rules provide firms with additional instruction around very specific prescriptive requirements. Organisations need to implement and maintain robust written policies and procedures that closely align with ground-level security issues and industry best practices, such as the NIST Cybersecurity framework. Firms must also be ready to gather and present evidence that proves they are following these watertight policies and procedures on a day-to-day basis. With much less room for ambiguity or assumption, the SEC will scrutinise security policies for detail on how a firm is dealing with cyber risks. Documentation must therefore include comprehensive coverage for business continuity planning and incident response.

 As cyber risk management comes increasingly under the spotlight, firms need to ensure it is fully incorporated as a ‘business as usual’ process. This involves the continual tracking and categorisation of evolving vulnerabilities – not just from a technology perspective, but also from an administrative and physical standpoint. Regular risk assessments must include real-time threat and vulnerability management to detect, mitigate, and remediate cybersecurity risks.  

Another crucial aspect of the new rules is the need to report any ‘material’ cybersecurity incidents to investors and regulators within a 48-hour timeframe – a small window for busy investment firms. Meeting this tight deadline will require firms to quickly pull data from many different sources, as the SEC will demand to know what happened, how the incident was addressed, and its specific impacts. Teams will need to be assembled well in advance, working together seamlessly to record, process, summarise, and report key information in a squeezed timeframe.

Funds and advisors will also need to provide prospective and current investors with updated disclosures on previously disclosed cybersecurity incidents over the past two fiscal years. With security leaders increasingly being held to account over lack of disclosure, failure to report incidents at board level could even be considered an act of fraud. 


Keeping pace

Organisations must now take proactive steps to prepare and respond effectively to these upcoming regulatory changes. Cybersecurity policies, incident response, and continuity plans need to be written up and closely aligned with business objectives. These policies and procedures should be backed up with robust evidence that shows organisations are actually following the documentation – firms need to prove it, not just say it. Carefully thought-out policies will also provide the foundation for organisations to evolve their posture as cyber threats escalate and regulatory demands change.

 Robust cybersecurity risk assessments and continuous vulnerability management must also be in place. The first stage of mitigating a cyber risk is understanding the threat – and this requires in-depth real-time insights on how the attack surface is changing. Internal and external systems should be regularly scanned, and firms must integrate third-party and vendor risk assessments to identify any potential supply chain weaknesses.

 Network and cloud penetration testing is another key tenet of compliance. By imitating how an attacker would exploit a vantage point, organisations can check for any weak spots in their strategy before malicious actors attempt to gain an advantage. Due to the rise of ransomware, phishing, and other sophisticated cyber threats, social engineering testing should be conducted alongside conventional penetration testing to cover every attack vector.

It must also be remembered that security and compliance is the responsibility of every person in the organisation. End-user education is a necessity as regulations evolve, as is multi-layered training exercises. This means bringing in immersive simulations, tabletop exercises and real-world examples of security incidents to inform employees of the potential risks and the role they play in protecting the company.

 To successfully navigate the SEC cybersecurity rules – and prepare for future regulatory changes – alternative investment firms must ensure that security is woven into every part of the business. They can do this by establishing robust written policies and adhesion, conducting regular penetration testing and vulnerability scanning, and ensuring the ongoing education and training of employees.

Continue Reading



Finance1 hour ago

Taxing times for online marketplaces? Operators must act now to avoid losing sellers

By Niall Kiernan, Senior Director of Product Marketing, Vertex   In today’s digital landscape, online marketplaces are an enabler for...

Top 1017 hours ago

Five Ways to Save Money in Your 20s

Depending on your background, entering your 20s can be a bit of a precarious time. Among the things you’ll need...

Business17 hours ago

Unlocking the Power of Data: Revolutionising Business Success in the Financial Services Sector

Suki Dhuphar, Head of EMEA, Tamr   The financial services (FS) sector operates within an immensely data-abundant landscape. But it’s...

Top 101 day ago

Hidden sources of FX risk: could your business be exposed?

Running a business can come with great rewards, but it’s not without risk – something businesses in the UK have...

Finance1 day ago

Preventing fraud and detecting money laundering in real-time

Mathew Hobbis – Chief Architect FSI, Solace   The number of payment channels has grown exponentially. The time it takes...

Top 101 day ago

Money where your mouth is: on the need to modernize insurance tech stacks

Tim Hood, VP, EMEA and APAC, Hyland   Once upon a time, starting an insurance company was a predominantly physical...

Business1 day ago

Making the Maths Work: Addressing Inflation Challenges through Measuring and Managing Risk

Matt Clementson, Head of Enterprise UK&I Persistent inflation is highly troublesome for every business – with or without a recession....

News1 day ago

BioCatch Strengthens Collaboration with Microsoft Cloud for Financial Services

Collaboration Delivers End-to-End Intelligent Banking Cloud Platform with Online Fraud Detection Powered by Next-Generation Behavioural Biometrics BioCatch, a global leader...

Business3 days ago


SMEs across the UK are facing a challenging economic environment and late payments pose a severe challenge to maintaining cash...

Business3 days ago

Less than a year until EMIR Refit: how can firms prepare? 

Leo Labeis, CEO at REGnosys, discusses everything that financial institutions need to know about EMIR Refit and how they can...

Business7 days ago

Enhancing cybersecurity in investment firms as new regulations come into force

Christian Scott, COO/CISO at Gotham Security, an Abacus Group Company   The alternative investment industry is a prime target for...

Technology7 days ago

How to think like an attacker & why it might be critical to your security strategy

Kam Karaji, Global Head of Information Security for Bibby Financial Services, argues at DTX Manchester that the most successful way...

Business7 days ago

Building a sustainable future – what’s on your agenda for 2023?

The most successful and progressive leaders are embracing ESG or Environmental, Social and Governance principles throughout their businesses, but how...

Banking7 days ago

Digital Acceleration – the next buzzword in banking tech? Or a new era for the industry?

Ove Kreison, CTO at Tuum McKinsey’s latest report on banking found that traditional banks are spending a whopping 85% of their...

Business7 days ago

One year until EMIR Refit: how can firms prepare? 

Leo Labeis, CEO at REGnosys, discusses everything that financial institutions need to know about EMIR Refit and how they can...

Business1 week ago

In the Name of the Family! Firms with CEOs under clan culture influence are much more likely to be internationally focused

In an increasingly globalised world, it is incredibly rare that a firm can expect to grow in the long-term unless...

Finance1 week ago

Regulations, RegTech and CBDCs – Fintech’s Next Chapter 

Teresa Cameron, Finance Director at Clear Junction    Over the last decade, the UK has embraced the fintech revolution with...

Business1 week ago

Gearing up for growth amid economic pressure: 10 top tips for maintaining control of IT costs

  By Dirk Martin, CEO and Founder of Serviceware   Three years on from the pandemic and economic pressure is...

News1 week ago

Find Your Tribe With Content Marketing

Ian is the CMO at Spotler Group   Seth Godin, a writer, speaker, marketing expert, and influencer, describes audiences as tribes,...

Finance1 week ago

The formula for success: delivering total experience in financial services

  Monica Hovsepian, Global Industry Strategist, OpenText   The tumult of the last few years has thrown many challenges at...