Finance

Why the finance sector needs to focus more on threat detection

Published

3 weeks ago

November 11, 2023

admin

Tim Wallen, Regional Director for the UK, US and Emerging Markets, Logpoint

The financial sector is one of the most highly regulated industries in the world yet confidence in its resilience to withstand attacks remains low. According to the Bank of England’s Systemic Risk Survey Results – 2023 H2[1], 80% said the top threat facing the sector was the risk of a cyber attack which was rated above geopolitical risk (66%) and inflation (57%). The report, conducted twice a year, found that the cyber risk is at its highest ever level and 70% of respondents said it would be the most challenging to manage.

Despite being a forerunner in digital transformation, the sector is still struggling to make headway. According to an Ernst and Young survey[2], 38% said transformations were underperforming with the move to customer-centric cloud-native processes slow and the stakes high. Top threats within the vertical are the creation of backdoors and ransomware states IBM’s 2023 X-Force Threat Intelligence Index report[3]. The most common method of compromise is a phishing attack, while the second is exploitation of public-facing applications.

Application and network traffic monitoring are therefore essential to protect customer data and to ensure regulatory compliance. It’s necessary to collect and analyse data from applications, network devices, servers, and the rest of the infrastructure in order to create a single view of what is going on. At the same time, monitoring needs to check for compliance violations, data leakage or misuse of personal sensitive data.

Tim Wallen

Building on the SIEM

Collating and analysing logs in a Security and Incident Event Management (SIEM) solution can provide this level of visibility. But in order to detect early signs of malicious activity, additional technologies are needed that work in concert with the SIEM and make use of user and entity analytics to look for anomalies.

File integrity monitoring (FIM), for instance, can be used to spot indicators associated with malware. It creates a clear baseline on how that file system is used which means that any spike in file creation, renaming or deletions by a user or process can be quickly identified. When the security analyst detects any changes made to files and directories, such as the creation of new files or changes in the file’s extension typically associated with the execution of a malware payload, they can perform an automated investigation, compare the hash value with those in the Virus Total database and then remediate the threat using Security Orchestration Automation and Response (SOAR).

It’s also possible to put controls in place to monitor user access. User activity monitoring that utilises User Entity and Behaviour Analysis (UEBA) can provide an overview of the access to critical transactions, disclosed corporate information and personalised data etc. In terms of the network itself, attempts to connect to closed ports or blocked internal connections can also be detected and tracked, as can connections being made to known-bad destinations, requests from untrusted zone or suspicious systems access.

These technologies can even be used to provide an early warning system, like a network of sensors. For example, there may be a lot of low-level activity and while each incident in itself may not qualify as an indicator of compromise (IoC), once the dots (or logs and alarms) are connected it paints a very different picture and one that warrants further investigation. A case management tool can perform this role by considering all the indicators, artifacts, and other contexts to build a security case.

Compliance as a driver

Going forward, compliance demands are likely to increase. The Digital Operational Resilience Act (DORA) sets out to strengthen digital resilience in the financial sector through uniform requirements for security of network and information systems with significant financial penalties for non-compliance from January 2025. Many financial organisations will also be tightening up their payment handling processes under the new Payment Card Industry Data Security Standard (PCI DSS) v4.0 which becomes mandatory from March 2024.

These regulations have been revised to make them more fit for purpose in today’s distributed environments and to counter the growing threat to our financial systems from malicious attackers. They will require financial organisations to up their game when it comes to threat detection and defence but it’s also important to minimise complexity to ensure visibility and rapid response. Combining technologies such as SOAR and UEBA with the SIEM can provide the security team with that single pane of glass to both ensure compliance and monitor the attack surface.

[1] Bank of England’s Systemic Risk Survey Results – 2023 H2

[2] Ernst and Young survey

[3] IBM’s 2023 X-Force Threat Intelligence Index report

Finance

How technology can help win the war on financial crime

Published

1 day ago

December 2, 2023

admin

By Andrew Doyle, CEO of AML compliance software, NorthRow

Financial crime is on the rise and the stats are alarming. In the UK alone, 64 percent of businesses (according to data from the Global Economic Crime Survey) have experienced fraud, corruption or other incidents of financial crime within the last 24 months, while ONS stats show there were 3.7 million incidents of fraud in England and Wales in the year ending December 2022.

So it’s no surprise that financial institutions and other regulated firms are under increasing pressure from regulators (and the ever-evolving legislation they must adhere to) in the battle against dirty money. Regulators are imposing crippling fines for any compliance breaches, not to mention the significant reputational damage that comes with non-compliance.

Historically, financial firms have employed large numbers of staff to combat money laundering, but regulators are now expecting to see digital solutions in place to counter the risk of financial fraud, and with good reason. Technology can be the deciding factor in the war on financial crime and here’s why:

Better risk detection

Technology platforms can analyse historical data to predict potential incidents of money laundering, enabling organisations to take preventive measures, while also identifying unusual patterns or changes in customer risk profiles, which may also indicate suspicious activity.

Advanced analytics can help companies identify complex patterns across large datasets, making it easier to detect networks of fraud. It is also possible to assign risk scores to transactions or entities based on their likelihood of being associated with money laundering. This helps in prioritising high-risk cases for investigation.

Andrew Doyle

Enhanced customer due diligence

Automated software platforms can analyse customer information, public records, and other data sources to perform thorough due diligence on clients, identifying potential risks or suspicious behaviour before they are signed up.

RegTech automates the process of verifying customer identities and conducting enhanced due diligence on individuals and on companies, ensuring compliance with Know Your Customer (KYC) and Know Your Business (KYB) regulations, both vital components of anti-money laundering efforts.

More accurate identity verification

Biometric verification is a powerful tool in enhancing anti-money laundering and fraud detection. It involves using unique physical or behavioural characteristics of an individual to verify their identity. Traits like fingerprints, facial features, iris patterns, and voiceprints are unique to each individual and are nearly impossible to replicate or forge. This makes them highly reliable for verifying that clients are who they say they are.

Biometric verification can also reduce the number of false positives in fraud detection by providing a highly accurate means of confirming the identity of a customer. This leads to more reliable results and lessens the need for manual intervention.

Continuous and real-time monitoring

Real-time alerts allow for immediate action when suspicious activity is detected. This can prevent or minimise potential financial losses and damage to a company’s reputation. By identifying and acting upon suspicious activities in real-time, financial institutions can reduce the risk of financial losses associated with incidents of economic crime.

Continuous monitoring with real-time alerts can also help refine the accuracy of anti-money laundering systems over time. This reduces the number of false alerts and decreases the need for manual intervention.

To the future

According to data from Capgemini, 68 percent of UK institutions are already looking into real-time anti money laundering monitoring systems to stay ahead of potential threats while 86 percent, says Refinitiv, agree that innovative digital technologies have helped them identify financial crime.

So the data tells us that companies are already heading in the right direction when it comes to fighting fraud, but as the landscape of financial crime continues to evolve, financial firms must ensure they do the same.

By leveraging the right technology, businesses can ensure they not only meet regulatory requirements and safeguard their operations, but also protect their reputations and crucially, maintain that all important customer trust.

Finance

In 2024, payments will evolve to broaden accessibility

Published

2 days ago

December 1, 2023

admin

Attributed to Roy Aston, COO at Paysafe.

As we look to 2024 and beyond, businesses will need to adapt experiences to changing consumer needs and demands, working with payments providers to increase accessibility, offer broader choice, and more.

We break down some the forces driving evolution in payments over the coming years.

Payments need to be available to everyone, everywhere

Regardless of their location or situation, consumers do not want to wait when it comes to payments. The proliferation of smart devices has given users access to everything, all at once, and this is also expected when making transactions.

In 2024, banks and financial institutions will continue to push ahead with this journey to offer smooth, secure payments to everyone, everywhere, delivering services at the lowest possible barrier to entry. This also means ensuring consumers, even those that are unbanked or underbanked, have access to remittances and cross-border payments.

The first step in achieving this goal will be to improve reliability, security and availability, which may see traditional payment methods like debit and credit cards – still the most popular payment methods – become less dominant, while alternative payment methods (APM) like eCash and digital wallets will grow.

This is because, with the right payment provider, merchants can ensure these APMs are available anywhere in the world – eCash, for example, does not require a bank account to use. In addition, digital wallets and online cash can offer swift, secure transactions, helping users overcome security issues by not requiring them to enter their financial details.

Financial companies will embrace collaboration in 2024

While businesses can address consumer payment concerns using APMs, they must also look to bolster their own defences as the threat landscape changes. Increasingly advanced technology, like AI models, are now accessible to far more people, including threat actors.

To combat this escalating threat, it’ll be no surprise to see more financial companies collaborate in 2024 as they seek to improve cyber risk mitigation. This makes perfect sense – and would be a positive step for the industry – though it is easier said than done.

Businesses must share data legally, while aimed toward a positive purpose, rather than for pure profit. For example, if a financial organisation gains intelligence on a cyber group, they could share this with other companies to protect against bad money movement.

Ideally, collaboration could help improve anti-fraud, anti-money laundering, and cyber security measures, and more broadly reduce risk for businesses and consumers alike. But first, thinking around data governance may need to change.

Existing trends will evolve

While exciting new trends will emerge in 2024, we’ll also see the evolution of some that have yet to reach their full potential.

Embedded payments, for example, will continue to develop, with more businesses bringing together financial products with features like loyalty schemes to offer more added value to consumers.

Decentralised finance, too, should continue to build momentum in 2024. While decentralised finance, and specifically NFTs, have faced challenges this past year, it will be no surprise to see companies get to grips with changing regulatory requirements and continue to build in this area.

Open banking could also see a big 2024, with more APIs becoming available, and companies starting to develop new solutions to enhance customer experience and reduce friction in the payment ecosystem.

And while evolution rather than revolution is a necessity in technology, it’s always exciting to look ahead to the big trends that could shape the future – perhaps not in the year ahead, but beyond.

The future is quantum

Quantum computing is a trend that is as exciting as it is potentially frightening. Able to perform computations that are exponentially faster than ever before, quantum computing represents a new frontier and it will be thrilling to see how it is used in the years ahead.

Combined with AI, for example, quantum computing could optimise processes at a speed and scale never seen before – with serious benefits passed onto consumers.

In the nearer term, however, ensuring payments are available and accessible for everyone must remain the focus in 2024.