By Peter Bradley, CEO at Torsion Information Security (www.torsionis.com)
Info security, data governance, data access…name it what you will but for the finance industry there are hoops galore that you must jump through if you want to remain compliant.
As well as regular scheduled compliance checks from internal auditors, there can also be spot checks without warning from the external regulators.
What do you need to show them? Well you need to demonstrate that: you know exactly who has access to what information,why and when; that you have the right processes in place to keep access to this information correct and appropriate; and that you are asking the right questions internally and externally. You must prove that you are in complete control when it comes to owning and sharing data.
Financial organisations typically manage high volumes of sensitive data that needs controlling. There’s financial data, commercial data, customer data, and if you’re publicly listed the level of control required is even higher.
As well as the compliance checks there are various standards that you may operate under such as PCI DSS for customer payment data and ISO 27001 for info security.
And while SharePoint and other collaboration tools such as Office 365 and Microsoft Teams are great for sharing files, folders and sites with colleagues (and those outside your business)access can quickly get out of control. ‘SharePoint Sprawl’ is therefore one of the major drawbacks of collaboration platforms, particularly as it affects crucial business practices such as data governance, cyber security and data management.
Add all of this together and firms simply have too much data, too many people, and too much constant business change for sprawling data access to be effectively managed by manual processes or tools. Access to data, for instance, is shared on average, up to forty-four times more than it is revoked, presenting a situation where ‘who has access to what’ tends to accumulate and sprawl at a rapid rate.
So how can you ensure you are data governance compliant 24/7?
Know who has access to what information
There are plenty of processes you can put in place to monitor who has access to which documents and folders such as creating a thorough catalogue of sites, restricting permissions and providing clear site descriptions. However, these processes are highly manual, the extent of which is far beyond the resources of most data rich firms.
The good news is that, thanks to the latest machine learning technology, there are automated solutions designed to engage business users without being a burden on their day to day activities.
The new tools apply machine learning, data science, the mass of resources of cloud-based computing and AI to integrate with existing collaboration systems such as SharePoint and Office 365 to constantly monitor and control who has access to what. The sprawl, and data governance, can be controlled.
Prove that you are in control
When it comes to data, it often comes down to the firm being able to prove they are in control of access.So, you need to go that extra mile and prove to the auditor that you knownot only who has access to what documents but also the reasons why somebody has access to a specific piece of information. The business process which leads to the list of who has access to something must be proven to be appropriate and working well – just presenting a list of names is no longer sufficient.
Put another way, only when you know the reason why someone has access, can you prove to an auditor whether they should have access, by demonstrating that the reason is actually true.
So, if someone shares a file or site, you need to capture the reason why.This could be part of their job role or department, the account they’re working on, or that they’re temporarily covering for someone else.Then you need to monitor those reasons, detect whenever they are no longer true, and proactively revoke access which is no longer appropriate.
For example, if Jane is covering Mary’s maternity leave she should only have access to Mary’s documents for the period she is off, and any permissions should state both the reason Jane has access i.e. maternity leave and how long for. If an auditor sees this rule, they can easily cross check to see if Mary is still on maternity leave or if she has returned. You have therefore proven that you are in control of why each person has access to specific information.
Of course, this is too onerous to manage manually and there are now automation tools that can record access permissions, set rules and automatically revoke access when it’s no longer valid or required. At any point, the auditor can see who has access to what information, why they have it, and most importantly have proof that access is correct and appropriate.
Carry out regular security certifications
Another tactic you can employ is to carry out periodic security certifications, by asking business users to certify that access to the information they are responsible for is correct. This further demonstrates that a firm is in control of their sensitive information.
It’s not viable for a central IT department to know who should have access to what, particularly in a large financial institution. Info security needs to engage all business users and become everybody’s problem and responsibility. All staff need to be made aware of how to handle information safely and securely, how to spot incidents and what to do in the event of a breach. Therefore it should fall to the business users to certify access to their own data.
But business users are busy carrying out their day to day jobs so once again it makes sense to introduce software that can carry out the security certifications automatically, making the onus on the business user as minimal as possible.
Data access compliance in action
CPS is the industry’s only independent global provider of data-driven cash management solutions. They provide cash centre consultancy, data & software solutions and sorting machines, supported by a global service team, to central banks, commercial processors and retailers as well as single note inspection systems to banknote printworks.
They use an automated platform from Torsion Information Security to ensure they are compliant at all times and minimising the chances of any security breaches.
The software they use monitors and detects any inappropriate access, out of date folders and permissions, duplication or the movement of files. If anything doesn’t look quite right it will promptly alert a business user associated with the file and shut down any potential breaches. Other than that, it runs in the background until it is required. It carries out periodic security certifications by briefly prompting a user to check any access is still current. At any time they can produce a record of who has access to what information, when and why and prove they are in control of it.
Why financial brands need to understand consumer vitality
By Carolyn Corda, CMO at data consortium ADARA
Our day to day lives have been turned upside down. Office workers have been forced to work remotely, masks have become an essential accessory for anyone looking to go outside and parts of the economy such as nightclubs and international travel have been shut for months.
For financial brands, an important change since the onset of COVID-19 in March has been the paradigm shift in customer habits. With government restrictions forcing people around the world to stay indoors and limit their daily routines, purchase behaviours, as a result, have been completely upended. People are no longer making the same weekly and monthly purchases such as buying lunch while at work, going for a pint with friends at the weekend, or booking a holiday abroad. In fact, the changes to shopping habits have been so severe that in America, Mckinsey has reported that 75% of consumers have changed brands during the pandemic.
While the changes in purchases may seem minor, the overall effect of these transactions means that historical customer data has become far less useful as an indicator of customer preference. Financial brands can no longer predict future customer transactions based on previous behaviours as those behaviours have changed radically. For example, credit card companies can no longer rely on the understanding that customers are regular travellers and therefore interested in perks and offers around air miles.
Financial brands may not be able to differentiate between a potential customer who is likely to buy a product and someone simply browsing items with no intention of making a final purchase. This lack of understanding in customers represents a major challenge for financial organisations as offers and marketing messages may become less effective and out of touch with a person’s individual wants and interests. With reports finding that personalisation is key to long term success, it is crucial that financial brands need to find a way to better understand their customers sooner, rather than later.
The case for consumer vitality
Financial brands can close the gap in their understanding of customers by looking beyond transactional data to create a score that accounts for a customer’s ability to spend and financial confidence, alongside their health safety confidence and willingness to venture out. We call this the ‘consumer vitality’ score. Consumer vitality data analyses an individual’s spending habits across multiple different sectors in order to gain a holistic understanding of consumers. Financial brands can use this information to see how people’s habits have changed since the pandemic and how likely they are to react to certain offers and promotions. If someone has been spending money on entertainment and streaming services during lockdown, for example, then they might be interested in a bank that gives them discounts or perks on Netflix or Disney+ when they sign up for a new credit card.
At ADARA, we’ve used our data to create the ADARA Consumer Vitality Index. The index accounts for both the financial resources individuals have at their disposal as well as their willingness to participate in group settings – to be physically close to others – whether that is at restaurants, shops or on planes. Financial brands can use this information to clearly understand how their customers’ habits are changing in real-time and to send relevant and compelling messages that are based on how people are spending their time.
Until we are at an ‘end point’ of this pandemic and its impact on our activities, however that comes about, understanding the customer must go beyond knowing what they prefer to buy. Habits will evolve along with personal circumstances such as job changes, while confidence in venturing out varies by both individual and region. Those in Wales are under full lockdown. England is under three levels of restrictions – but there are huge differences even locally: people in Southend are enjoying much more freedom than the rest of their neighbours in Essex. Each person may have different opinions on how many trips to the shops is ‘too many’. To understand how to react to this, financial marketers must ensure that their data accounts for these variables and can help them to respond in real-time. Not only will it drive better results, but the customer will appreciate their financial providers understanding what they need at a given moment.
Why and how a modern marketing strategy should put customer experience first
By Jim Preston, VP EMEA, Showpad
In 2004, the Leading Edge Forum coined the term ‘consumerisation of IT’, defining a trend in usability and customer experience that would be confirmed by the launch of the iPhone three years later. Long gone are the days of trawling through esoteric and poorly-written manuals, the trend said – if technology isn’t usable off the bat, it’s out of the question.
This trend gradually permeated all of IT, before making its way through customer and buyer experiences, regardless of sector. In fact, research has shown that a staggering 81% of B2B buyers purchase based on the buying experience alone, well ahead of either price or product. Of course, price and product are important, but with markets becoming increasingly commoditised, buyer experience, including the trust and relationships that are built, is fast becoming central to the equation.
However, this experience begins long before a customer meets with a salesperson, hits send on an enquiry email, or calls the sales team. According to studies, B2B buyers will spend an average of 20 hours doing research before they contact someone in sales – and if they’re not finding your content online, you can be sure that they’re finding your competitor’s content.
In short, this means that your marketing strategy needs to be much broader than just a Gantt chart of campaigns – a real marketing strategy encompasses all aspects of the customer experience, before, during and after a sale. It doesn’t matter if you’re in Regtech, payment processing or retail banking, it must be easy (and even pleasant) to find, understand and engage with your content and brand.
Where to begin
Sun Tzu wisely said, ‘know yourself and know the enemy’, and the same is absolutely true for your marketing strategy. Providing a good customer experience and consequently, good marketing, is impossible if you don’t know the market that you’re serving.
For example, if you’re in Regtech, make sure you know the exact ins and outs of the compliance headaches that you’re solving. Regulation is highly nuanced and will vary from country to country and sector to sector – so make sure you understand what problem your company solves and for whom! Regtech often relies on algorithms and big data to make life easier, which isn’t always easy to communicate clearly. Consequently, it’s worth spending time immersing yourself from the outset and fighting through the jargon until you’ve got it clear, so that you can brief teams and create marketing content that will really resonate rather than repel.
Similarly, if you’re working for a business bank, know the particular kind of businesses that you’re targeting – do they work in one country or multiple countries? Are they in particular vertical markets, or are they a generalist? What pressures are they facing at the moment?
Once you have a good understanding of your prospects, how they’re segmented, their challenges and how they work, as well as the respective strengths and focus areas of your own brand, you need a few more things – content, the means of communicating that content, and the means of measuring the success or failure of that content.
Clearly, if we were talking about historic marketing, we’d limit this discussion to just direct mail or events, but today, it needs to encompass all of that, as well as ongoing content that goes to existing customers – and even former customers! This means communicating better with teams like sales, customer success and product development. In fact, there is anecdotal evidence of companies pausing outbound campaigns to focus purely on marketing to current customers, in an effort to delight and retain during the pandemic.
This article won’t go into detail about how to draw up content at a tactical level – this is different for every single organisation – but there are a few very pertinent elements that apply to all companies.
The components of a great connected marketing strategy
First and foremost, don’t do less well, do less, well. Every buyer is almost drowning in content today. Producing infrequent but regular content that is excellent – whether that means being surprising, informative, thought-provoking or just plain useful – is much more appreciated than weekly drivel. In fact, research suggests that buyers often feel overwhelmed when presented with more than five pieces of content, so less is definitely more. Quality content is good for your brand equity, and it keeps you engaged with prospects.
Closely aligned to quality is specificity. In many financial areas, products are strictly controlled and how they are sold and advertised can differ or be limited by regulation. Consequently, it’s important to have a way of segmenting which marketing content goes to which audience – and ensure that this is consistent across your organisation!
Secondly, have analytics in place that can show what content is being consumed. As John Wanamaker said, “half the money I spend on advertising is wasted; the trouble is I don’t know which half” – and the same is true for marketing. You wouldn’t run an event and not solicit feedback, so don’t create content where you can’t measure its success once it’s been distributed. Being able to tell other teams which content is working really well also helps them – and not just by bringing in new customers. If you can tell the sales team that prospects were really engaged with a webinar on the ePrivacy directive, for example, then that also gives them a conversation starter for their next interaction with a prospect.
Similarly, getting feedback from broader teams is important, either to reinforce that you’re taking the right marketing approach, or to use their insights to fuel your next marketing campaign. Most large organisations will store and generate a large amount of data every single day, so mining this data to create meaningful insights and translating that into content and approaches that are impactful is extremely important.
Finally, unless you’re working in a startup, you’re probably not going it alone, so you also need mechanisms to make sure that the content is being communicated and followed-up effectively by all members of the team. This means that tracking what’s been distributed, how it’s been received, as well as providing good training, coaching and performance management of staff, is key.
This also ensures that you can not only do more of what’s been working, but that you can improve things that aren’t. In some ways, it doesn’t matter whether you’re dealing with an underperforming marketing asset or a member of staff – either way, you need to change something and then make sure that it’s improved!
Into the Future
With most western economies drawing a large proportion of their revenue from the service sector (in Germany, for example, this figure stands at around 70%, with the UK at 80%) it’s unsurprising that experience, above price and product, has become a central differentiator. It may have been slower to permeate through B2B organisations in the financial services sector, compared to B2C firms and retail banks, but as budgets tighten through the pandemic and recession, it’s crucial that marketers step up to take on the mantle of being experience champions.
Clearly, this will manifest itself in different ways, but whether it’s better enabling the sales team by producing highly specific content for one prospect, helping a CSM promote a product change because of customer feedback, or simply promoting a new service, the central tenet holds: experience has never been more important.
Business first, not compliance only is the future for accountants
By Peter Bracey, MD at Bracey’s Accountants.
The past few months have underlined the need for better business insight to reduce risk, improve decision making and exploit new opportunities. Businesses have needed rapid access to advice, support and information – yet in too many cases the obvious ‘go to’ resource has failed.
Accounting firms with a compliance only approach have been unable to step up and support businesses that need more than the basics of profit & loss; balance sheets; and cash flow. What they require is business support, from using corporate structure to mitigate risk to undertaking robust forecasting to inform investment plans and helping to maximise business value for a company looking to sell.
From providing essential advice to protect business assets – such as property – to R&D tax incentives and VAT consultancy, whether a business requires a fully outsourced FD or support for the existing management team, Peter Bracey, MD, Bracey’s Accountants, outlines the opportunity for progressive accountants to support constantly changing business.
Whether a winner or loser during the Covid-19 crisis, businesses across every industry have had to adapt to extraordinary change. Gyms were shut but companies selling gym equipment, bikes and paddleboards couldn’t keep pace with demand. Garden centres and nurseries were trying to keep alive tonnes of bedding plants – while seeds sold out online and everyone bought a greenhouse.
For some business owners the focus was on managing job retention schemes and accessing the life-line of government finance – but now they are worrying about the repayments of deferred VAT and government loans that will be due early in 2021; about closing premises or making redundancies. For others, the challenge was in responding to customer demand for home delivery; working out new finance models and overcoming supply chain glitches. Now they are looking to build on new customer relationships and embed expansion plans.
At every step, these businesses have needed advice, support and insight. But this was uncharted territory. Forecasting is tough at the best of times. Little if any of the business’ activity pre-Covid appeared to offer any relevance during the past six months. So where could businesses turn for help?
These are decisions that require not only excellent financial and business understanding, but also excellent financial and business data. Which is where many traditional accountancy firms fall down. The majority have, of course, made the shift to cloud based software which provides shared, real-time access to business data. As yet, however, many remain committed to a service model that is predicated solely on meeting compliance requirements, not supporting critical business decisions.
Proactive firms are taking a very different approach, one that takes a business first rather than compliance only approach. Rather than attempting to mitigate risks and reduce tax liabilities after the fact, this model is about constant communication with clients to support change. By encouraging businesses to discuss plans in advance, accountants can provide vital support and insight – either working with the existing CFO or FD or providing an outsourced FD resource to those companies that cannot justify this dedicated role.
These firms are looking beyond annual accounts data to provide business insight and advice based on current, not historic – and now irrelevant, financial data. Whether the business is worrying about repaying its deferred VAT and Bounce Back loans next year, searching to minimise risk or building on new customer awareness to add revenue streams, there is a pressing need to understand the business as well as financial implications of change.
Today, that means supporting companies through a line by line approach to every item on the balance sheet. From cutting costs and chasing debts without jeopardising important business relationships; to identifying and funding new revenue streams – even creating local supply chains to mitigate the potential disruptions caused by Brexit – understanding, analysing and interpreting this data is key to making the right decisions today to support immediate goals.
But what about tomorrow? Covid-19 may have been a once in a century event but the pace of change affecting business in a digitally disrupted global economy demands this continuous level of proactive support. Few business owners or management teams have the time, resources or expertise to unravel the complexities of 21st century operations – and can become exposed to significant risk as a result.
Is it worth developing talent in house or more effective to recruit? Does the government’s latest apprenticeship scheme really work financially? What about tax incentives – such as R&D tax credits or the potential to cut corporation tax for sales of patented goods? How can the business safeguard its intellectual property?
Providing the right answers to these questions is about far more than the mainstays of accountancy: the P&L and balance sheet. It is about leveraging business understanding and knowledge to support clients through every change; about helping companies to take every possible step to build a strong foundation, maximise tax incentives, minimise risk and realise business goals.
Take the retailer that has spent 50 years building up not only a successful customer base but also a valuable property portfolio and cash reserves. At first glance, a robust business. But the company structure revealed a significant risk: the entire operation was held within one limited company. There was no separation of assets. Should the business be accused of copying a product and face a legal claim, the entire company’s assets would be at risk. The simple step of creating a group structure and transferring some of the assets to a holding company draws a line in the sand and limits a creditor’s ability to attack the entire corporate asset holding.
Or consider the business that was investing circa £1million year on year in a new software product – yet had no idea that it could claim R&D tax credits and was due a £500,000 rebate. Or the businesses that have never considered applying for a patent on a product because of the up-front costs – and are, as a result, missing out on the long term financial benefits of patent tax relief. Any company with a patent pending can apply for Patent Box relief which can reduce corporation tax on the profit generated from the part of the product that is patented from 19% to 10%.
This level of proactive support and advice is invaluable but for many companies, and accountancy firms, it has taken a global pandemic to drive a change in expectations. As the firefighting phase draws a close, businesses will continue to face extraordinary, unprecedented change – not only as a result of Covid but also Brexit. Throw in the implications of a post Covid budget, evolving environmental legislation and technology enabled disruption and the ability to adapt and respond is now prerequisite for business success.
Business owners have never had more issues to consider – or more need for rapid, trusted business advice and support.
Why financial brands need to understand consumer vitality
By Carolyn Corda, CMO at data consortium ADARA Our day to day lives have been turned upside down. Office workers have...
Why and how a modern marketing strategy should put customer experience first
By Jim Preston, VP EMEA, Showpad In 2004, the Leading Edge Forum coined the term ‘consumerisation of IT’, defining a...
Leading from the front – why decision makers must embrace automation
By Jeppe Rindom, Co-founder & CEO, Pleo Ask any decision maker at a business about admin and you’re likely to...
Business first, not compliance only is the future for accountants
By Peter Bracey, MD at Bracey’s Accountants. The past few months have underlined the need for better business insight to reduce...
Why Continuity and Succession Planning is Crucial for Businesses Right Now
By Chris Allen, a Chartered Wealth Planner at Arbuthnot Latham explains why it is crucial for businesses to review continuity and...
Reuters Events Launch Global Investment Summit Online Edition Uniting Institutional Investors, Asset Owners & Financial Institutions
Reuters Events – today announced the agenda for their Global Investment Summit (Dec 3rd -4th). The 2-day strategic summit has...
Halliburton & Baker Hughes CEO’s join Reuters Events: Energy Transition 2020
Reuters Events – today announced that CEO’s of two of the world’s leading energy service companies, Halliburton and Baker Hughes,...
To take the nation’s financial pulse, we must go digital
By Pete Bulley, Director of Product, Aire The last six months have brought the precarious financial situation of many millions...
The Future of Software Supply Chain Security: A focus on open source management
By Emile Monette, Director of Value Chain Security at Synopsys Software Supply Chain Security: change is needed Attacks on the...
Overcoming Barriers That Threaten Your Creative Output
By Charlie Worrall, Digital Marketing Executive, Imaginaire Working in a creative field doesn’t happen by chance. Years of study and...