By Immanuel Patzschke, CTO,EQUIIS Technologies
The complex and global nature of organisations operating in the financial services sector means that they are often the target for criminals with a range of motivations.
In fact, according to a recent study, cyber attacks cost financial services organisations more to contain than in any other industry.
For financial services companies, the enormous data security challenge they face daily is made ever-more pressing by the availability of inexpensive mobile interception tools, such as International Mobile Subscriber Identity (IMSI) catchers – cellphone spying tools which facilitate the easy capture of mobile communications.
At the same time, while new technologies – such as machine learning and artificial intelligence – are increasingly used to help enhance and improve the detection of suspicious behaviours or transactions within financial services, organisations will also need to continue to seek ways to improve their mobile security, not only because of people’s increasing personal reliance on mobile, but also due to enterprise’s dependence on mobile. Within this space, securing voice calls and messaging will be crucial.
What’s more, since mobile communications intercept threats are rising globally, it will become increasingly important for firms to secure their voice calls and messaging – especially free‘Over-the-Top’ (OTT) messaging apps, that can inadvertently and accidentally create opportunities for information leakage and cyber-security attacks to occur.
With that in mind -and in light of the current regulatory landscape – what are the threats, and what can financial service firms do to protect their voice calls and messages?
Security breaches in the banking and financial services industry are rife. You only have to consider recent news reports about Monzo’s data breach; or the US Securities and Exchange Commission admittance, last year, to being hacked in 2016, with illegal trading potentially at the root of the breach. Further, as many financial services organisations invest in innovative technologies and business approaches, such as agile software development/DevOps, to enable them to improve their operations and drive digital transformation, new vulnerabilities could inadvertently be introduced.
This means that potential threats to firms can come not just from hacktivists or criminals seeking financial gain, but also directly from within the business. Therefore, IT teams and CISOs in financial services organisations are often battling external threats, as well as those presented from poor employee communication practices and habits.
For instance, freely available mobile messaging apps – such as WhatsApp and Viber – have ensured that encrypted mobile communications are widely used for both personal and business calls. However, what many people don’t realise is that these free messaging apps compromise security and cannot adequately protect large organisations. This is because they are not enterprise grade and not fully under the IT teams control
Information leaks affect not just organisational reputation – which can have serious reputational and financial consequences -but they can also have a damaging effect on compliance. The repercussions of not meeting industry regulatory standards are now so great that financial services companies in particular are under severe pressure to find a form of communications that is both compliant and secure.
Whilst ensuring that communications are encrypted is vital for financial organisations, to comply with regulatory and accountability requirements, control over how communications are saved and what is wiped from the system is also critical in order to comply with regulations such as MiFID II, which addresses the use of communications recording – both in terms of the scope of communications that must be recorded, and the requirement for firms to monitor recordings. MiFiD II also mandates the ability to manage securely archived communications, and the emergence of GDPR further demonstrates the need for secure and compliant communications tools.
The Security Challenge with “Free”
Today, many international callers use open telecommunications networks or ‘free’ consumer-based smartphone apps, such as WhatsApp and Viber. Although these consumer messaging apps do offer end-to-end encryption, these solutions do not provide the required organisational control over communications that these institutions require. This can mean that even though they have a method of encrypted communications, these financial institutions do not have the ability to operate a closed system, manage how their metadata is being stored, and it means they are also unaware of what third-parties may be accessing their communications.
The challenge is made even greater by the increasing use of bring-your-own devices in the workplace. No matter how close the attention paid by companies to regulatory compliance, and to implementing secure technology, individual employee behaviour, and indeed poorly constructed or implemented company procedures, may inadvertently increase risk.
Oversight of who is communicating with whom on the encrypted network is essential. Companies also need to be able to selectively and securely store communications metadata for accountability and for regulatory compliance reasons.
Contrary to popular opinion, free messaging apps cannot do that, and this can leave financial services organisations exposed. Without control, “dark” networks can be created that the business is completely unaware of, allowing confidential information to be shared beyond the predefined users of a secure communications approach.
Secure and Compliant Technology Direction
To deal with these challenges, financial services organisations must ensure that they have both the level of security needed to communicate privately, as well as control over how their communications are being managed, and how their metadata is being stored.
Clear policies need to specify precisely what employees can do with data. Businesses need to provide training and guidance so that each and every employee understands the reason for the policies and the consequences of non-compliance.
Only an enterprise-grade encrypted mobile communications approach provides the control and accountability that is essential to businesses to achieve security and compliance. This should be based on open-source encryption, which is tried, tested and validated. This is because there is not enough user experience to validate proprietary security technology, and those developing them create systems that become a challenge to hackers to conquer, which they accept with glee.
Such open-source encryption enterprise options enable the management of users from a central point, as well as detailed visibility into how the system is being used. They ensure that only authorised users are able to communicate on the encrypted network and they can be provisioned and de- provisioned instantly. This means that the risk of unauthorised users on the network is much reduced, unlike with the free messaging apps which offer no central control and no visibility. Enterprise communications systems require contacts to be closed, which means access is restricted only to authorised users. This has the advantage that no communication can be made with the device’s contacts, and a user can’t use the communications app to link to their own personal contacts.
In addition, an enterprise-grade approach gives full control over which metadata is saved and which metadata is wiped, which is critical for accountability and compliance in the financial services industry. By partnering with technology providers where encryption and control is integral to their communication offerings, financial services firms can improve their communications systems and also reduce risk.
In conclusion,t he security of client and internal data should be core to every strategic technology decision made by financial services companies. The IT strategy must be built on robust security foundations and a flexible architecture, that can evolve to support the most up-to-date open source encryption algorithms, and not based on proprietary encryption technologies. By taking this approach, financial service organisations will go a long way to minimising risk and to addressing their data security and compliance challenges.
Digital collaboration: Shaping the Future of Finance
By Ryan Lester, Senior Director of Customer Experience Technologies at LogMeIn
With heightened economic uncertainty and increased customer expectation becoming the norm in the banking industry, it is understandable that the sector is struggling to keep afloat. Due to its precarious nature, banking institutions are trying their best to ensure they remain relevant in the competitive landscape and guarantee that their customers continue to be a priority.
When it comes to the first half of this year, the pandemic has shown how easy it is for industries to fail. Customers and companies alike had to get used to the new normal, as physical locations started to close. The banking industry felt this first hand, as banks were made to restructure how their business ran, with restricted opening hours and a wider push to motivate people to use online banking.
While some had already embraced digital options prior to the pandemic, this proved to be a stark contrast to the elderly population, who frequently visited branches to access their finances. Moving forward, banks have to adopt new methods to ensure customers get the most out of our their accounts, without their experience suffering.
Heightened Customer Expectations
When the pandemic reached its peak, people were encouraged to use online banking, as telephone contact was under strain with long waiting times and pressure mounting on contact centre agents. According to Fidelity National Information Services (FIS), which works with 50 of the world’s largest banks, there was a 200% jump in new mobile banking registrations in early April, while mobile banking traffic rose 85%.
With branches remaining closed, customers were continuously being urged to limit the amount of calls they made to the most urgent cases and consider whether they could solve their answers through mobile online banking or checking the company website. Although already being adopted in pockets of the industry, this was a real catalyst that spurred banks to up their game on digital channels and with self-service tools.
Banks are challenged with precariously balancing customer needs with the cost of personalised support. With the demographic of customers changing over the last few years, customers are becoming increasingly younger and more comfortable with technology. Influenced by the “Amazon Effect”, their expectations have raised to an all-time high, placing record strain on the sector
Customer experience isn’t just about support anymore, it’s about serving your customer at every point in the journey. Companies have an opportunity to elevate the experience they provide by moving beyond one-and-done interactions to create continuous engagements with their customers. It is starting to become a primary competitive differentiator in the market and one that doesn’t have a lot of variation. Deploying AI chatbot technology will be able to strategically help banks improve customer experience and raise the level of support that agents provide.
Digital collaboration: Working around the Clock
The benefits of adopting digital channels and self-service tools are second to none. By implementing chatbots, fuelled by conversational AI, banks will be able to help serve a wide range of customer queries and ensure they are protected from fraud and scams.
Conversational AI is exactly what it sounds like: a computer programme that engages in a conversation with a human. When it comes to service delivery, conversational AI can be deployed across multiple channels to engage with customers in ways that effectively address evolving customer needs. At a time defined by COVID-19, self-service tools such a conversational chatbots can work around the clock to solve customer queries in a concise and timely way. Of course, self-service tools won’t completely replace human agents in the banking industry, but they will help companies re-distribute customer traffic and workflows in ways that enhance customer experience. Self-service tools fuelled by conversational AI can also improve employee experience because service employees can handle fewer, but higher-level service tasks that chatbots might escalate to them.
Adopting new tools to help facilitate consistent and concise answers and help maintain customer experience is on the forefront of many industry minds. Banks such as the Natwest Group have seen this first-hand and are testament to the benefits that a good digital experience can provide. Simon Johnson, Capability Consultant, Digital at NatWest Group highlights NatWest’s use of digital tools during lockdown, “Over the last few months, we’ve learnt how to use digital tools to help our employees remotely. From a banking perspective, there have been a lot of changes including base rates, waive fees and the best ways of contacting our vulnerable customers, ensuring we keep them protected from frauds and scams.
“By introducing our Bold360 chatbot interface, Ella, we’ve been able to get relevant information out quickly, apply the best practice and ensure that our customer journeys are being developed correctly. Due to the volume of questions, some of our customers were finding themselves waiting longer than usual. So digital channels become essential to helping reduce the wait time. Using Bold360, we were able to mitigate issues and answer questions in a more timely way through our chatbot.
“Moving forward, as we open more digital services, we are analysing our data to see if customer will return back to their usual way of banking, now that they’ve seen what a good digital experience can provide. Either way, with Ella, we are ready.”
Chatbots and Humans: The Best Option for Customer Service
Over the last year, banking institutions have recognised the power that digital collaboration can have to their success. Delivering exceptional customer service and support is key for any business wanting to stay competitive in today’s market and banks are especially challenged with precariously balancing customer needs with the cost of personalised support. Leveraging the right technology, such as AI-powered chatbots, will enable the banking industry to provide better support and a more robust customer experience in the long term. Other institutions must follow suit, or risk becoming obsolete.
A sleeping digital giant wakes? 4 key trends accelerating payments transformation in the US
By Lauren Jones, International Payments Ambassador, Icon Solutions
The US payments industry is undoubtedly ripe for change. Before the unprecedented shock of COVID-19, digitization and payments transformation initiatives had been organic, piecemeal and predominately the preserve of the largest banks.
Now, increasing pressure means that financial institutions of all sizes are working to define a digital strategy to unlock new opportunities, drive business value, and stay competitive. But beyond the immediate impact of COVID, what underlying trends are accelerating digitization in the US?
- Real-time payments – the stimulus for change
Real-time payments have been met with a degree of caution by US financial institutions. Risking traditional profit generators in return for potential revenues down the line is a gamble many have not been willing to take. But immediate payments are coming to the US whether banks like it or not.
Major payments infrastructure providers, including NACHA and The Clearing House (TCH), have moved to encourage immediate payment adoption in recent years. But the Fed, frustrated with a slow rate of progress, has announced that it is pressing ahead with the implementation of its FedNow system (despite significant industry objection). Although the Fed’s true intentions are open to interpretation and this may just be a play to accelerate private initiatives, it is a clear signal that they mean business.
This means holdouts risk their own ‘Kodak’ moment if they miss the huge opportunities in front of them by fixating on traditional revenue streams. Banks are in a position to support innovation across entire industries such as healthcare, which could be released from the constraints of paper-based bureaucracy and slow, expensive transactions.
Another opportunity that can be unlocked via instant payments is ISO 20022 (used in the TCH RTP system). It is the future of payments messaging standards and can greatly enhance various payments processes through increased data-carrying capabilities. More importantly given the current climate, citizens reliant on federal or state support can benefit from RTPs combined with additional data to immediately access emergency funds.
- The kids are growing up
The US is getting older. Consumers who were 10 when the iPhone first launched are now 23. This means we are seeing a ramp-up of digitally native Gen Z consumers (roughly those born between 1995 and 2010) accessing banking services.
Demographics are an inexact science and not perfect predictors (there are technophobe college students and 100-year-old Instagram influencers), but we can detect noticeable trends.
Younger customers don’t usually choose a bank because there is an ATM in their neighbourhood, a slightly better interest rate or an advert in the newspaper. Rather, a strong digital presence, personalised tools, rewards and experiences, and the trusted recommendations of friends and family, will have a more significant impact on customer acquisition.
Banks must look at the effect this will have on their longer-term digitalization strategy and be able to segment what this emerging customer base might want and how they will interact in years to come.
- Checkmate? Evolving corporate requirements
Corporate treasurers are people and their experience of seamless, immediate payments in their personal lives shapes expectations in the workplace. Although check usage for business-to-business (B2B) transactions is still the norm in the US and barriers remain, corporates are increasingly demanding the ability to transact in a real-time, omnichannel environment, 24×7.
The benefits are clear. Corporate treasurers stand to enjoy enhanced liquidity management and transparency, greater control over payments and enhanced data for reconciliation purposes. And for consumers, alternative digital payment options such as buy now pay later promote choice and flexibility.
- Increasing competition
A significant consequence of emerging consumer and business demand for digital offerings is the increase in competition from fintechs, technology giants and other third-parties. Traditionally, incumbent banks have enjoyed the advantage of consumer trust to offset more limited innovation. But as consumers become more comfortable entrusting their financial transactions to non-banks, banks must differentiate and digitize to remain competitive.
Data is where the technology giants excel, and their ability to personalise experiences and emotionally connect with their users is unprecedented. Banks need to learn from the positive aspects of this model to better understand their users and deliver meaningful, useful products and services.
For data to become the cornerstone of a banks’ customer relationship and take services to the next level, breaking the channel silos and extracting value from a comprehensive dataset will be decisive. But with only 18% of banks reporting that they are in the process of shifting from a transactional revenue model to a data-driven revenue model, this work has some way to go.
Taking customer propositions to the next level
Customers now expect services that work for them, not their banks. All banks, no matter the footprint, need to move quickly to offer a broad digital service platform that adds value to both the customer and the bank.
By defining a robust payments transformation strategy, banks of all sizes can remain fiercely competitive by rapidly lowering costs, unlocking revenues and promoting innovation
Return to Work Doesn’t Mean Business as Usual When it Comes to Travel and Expense
By Rob Harrison, MD UK & Ireland, SAP Concur
The last few months have been an exercise in adaptability for businesses across the UK. With the sudden mandate to work from home, company processes that were ingrained in employees’ day-to-day routines were either put on hold or turned upside down. The new office normal now includes virtual meetings, conversing through instant messaging instead of in the hallway, and the redefining of “business casual” attire.
Many of the processes that have undergone changes fall into the category of travel and expense. With most business travel on hold and the nature of expenses changing, finance managers have had to adjust policies and practices to accommodate the new world of work. Recent SAP Concur research found that 72% of businesses have seen changes in the levels and types of expenses submitted, but only 24% have changed their policies to support this. Examples of travel and expense related changes that were made at the beginning of work from home mandates include:
- A halt to business travel and its associated expenses.
- Temporarily ending expensed meals for business lunches, dinners, or in-office meetings.
- Increase in office expenses like monitors and chairs as employees furnish their home offices.
- New expenses to consider like Internet and cell phone bills for employees who must work from home.
Now, as companies begin thinking about return to work plans, finance managers are discovering it’s not simply business as usual again. SAP Concur research found that many expect finance will return to normal quicker than general workplace practices, but vast majority see the process taking up to 12 months. New policies and processes need to be put in place to accommodate travel restrictions and changes in expenses. While finance managers need to stay flexible as the business environment continues to evolve, spend control and compliance should still be a high priority.
Here are a few questions that can help finance managers prepare for return to work while keeping control and compliance top of mind:
- What will travel look like for the company? Finance managers must work with travel and HR counterparts to determine the need for employee travel, if at all, and how to keep employees safe. At SAP Concur, we surveyed 500 UK business travellers and found that health and safety is now seen as more than twice as important than their business goals being met on trips (34% versus 16%. Clear guidelines should be developed, even if they are temporary or evolving, so it’s clear who can travel, when they can travel, and how they can travel. Duty of care plans should also be re-evaluated and businesses should ensure they know at all times where employees are traveling for business and how they can communicate with them in the event of an emergency.
- Who needs to approve travel and expenses? While it may be temporary, businesses may have to implement a more stringent approval policy for travel and other expenses. Due to health concerns related to travel and the need to conserve cash flow, business leaders like CFOs may want to have final approval over all travel and expenses until the situation stabilises. To help ensure new approval processes don’t cause delays and inefficiencies, finance managers should implement an automated solution that streamlines the process and allows business leaders to review and approve travel requests, expenses, and invoices right from their phones. According to SAP Concur research, 11% of UK businesses implemented some automation of financial processes in response to COVID-19. This is definitely set to increase post-pandemic.
What types of expenses are within policy? Prior to social distancing, employees may have been allowed to take clients out to dinner. In-person team meetings held during the lunch hour, may have included expensed lunches. As employees return to work, finance managers need to determine if these activities and expenses will be allowed again. Clear guidelines must be put in place and expense policies need to be updated to reflect any changes.
- What happens to home office items that were purchased? While new office equipment may have been purchased for employees’ home offices, they remain the business’s property and what to do with them as employees return to work needs to be determined. Perhaps employees will continue to work from home a few days a week and need to keep the equipment to ensure productivity. However, if a full return to work is expected, finance managers have options that can maximise their asset investment and possibly save the company money, like replacing old office equipment with the new purchases, reselling to a used office furniture company, or donating to a non-profit.
- How can cost control be ensured? For many businesses, cash flow will be tight for the foreseeable future. Spend needs to be managed to help ensure recovery and stability. An important aspect of controlling costs is having full visibility of expenses throughout the company. Implementing an automated spend management solution that integrates expense and invoice management brings together a business’s spend, giving finance managers an understanding of where they can save, where to renegotiate, and where to redirect budgets based on plans and priorities.
Once finance managers have asked themselves the questions above and determined how they want to approach travel and expense procedures, it’s vital they create guidelines and communicate clearly to employees. Compliance can only be ensured if employees have a clear understanding of what has and has not changed with travel and expense policies and what’s expected as they return to work.
Digital collaboration: Shaping the Future of Finance
By Ryan Lester, Senior Director of Customer Experience Technologies at LogMeIn With heightened economic uncertainty and increased customer expectation becoming...
The 2020 Outbound Email Data Breach Report Finds Growing Email Volumes and Stressed Employees are Causing Rising Breach Risk
Research by Egress reveals organisations suffer outbound email data breaches approximately every 12 working hours Egress, the leading provider of human layer data security solutions, today released their 2020 Outbound Email Data...
Regulating innovation: the biggest challenge in payments
By Fady Abdel-Nour, Global Head of M&A and Investments, PayU Over the course of the last six months, the payments...
Investors remain worried about COVID, but positive towards stamp duty holiday
By Jamie Johnson, CEO of FJP Investment The journey back to economic normality will be strenuous. COVID-19 has imbued many...
Creating a culture of cybersecurity in Financial Services
By Martin Landless, Vice President for Europe at LogRhythm As the financial services sector increasingly moves online and reaps the...
How the financial sector can keep newly acquired customers returning time and time again
By Dicken Doe from Foolproof, a Zensar company Covid-19 has changed the financial lives of millions; what worked for people...
Creating an engaging email marketing campaign that avoids the junk folder
By David Wharram, CEO of Coast Digital With more than 280 billion emails sent every day, email marketing is a...
Cloud in Banking: An Opportunity That Can’t be Ignored
By David Rimmer, Research Associate at Leading Edge Forum Originally offered as a better way to build IT systems, cloud...
Increased contactless spending could be linked to higher fraud and payment disputes, warns global risk expert
The rapid adoption of contactless payments during COVID-19 may be contributing to multiple strands of fraud Monica Eaton-Cardone, COO and...
Pay and Go, why seamless checkout is essential for the customer experience
By Ralf Gladis, CEO, Computop Shopping for many is therapy…until they reach the queue for the checkout. It’s easier online...