Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.


Optimism levels in the banking sector have fallen to a low of -17 percent compared to the last three months, according to the latest PwC/CBI Financial Services Survey. This survey is the first to track optimism levels since major new regulations including MIFID and PSD2 came into force. It partly attributes this decline to a predicted spike in operating costs as a result of new regulations.

Firms typically spend 4% of their total revenue on compliance, but that could rise to 10% by 2022, according to a survey by Duff and Phelps. In addition, 70% of firms expect the focus on managing regulatory risk to increase over the coming year.[1]

PwC attribute an increase in operating costs to increasing IT investment.[2] A large portion is driven by the shifting cyber security mandate under new regulations. They move the mandate from annual compliance exercises to continued assurance of critical applications. Financial services institutions need to show that their systems are able to withstand attack and remain operative at all times.

In response, cyber security budgets are increasing. This often entails large sums of money being channelled towards products which automate security around legacy IT infrastructures. World Wide Technology’s Financial Services advisers are warning that this product-centric approach to assurance can’t work.

Nick Hammond, Lead Adviser for Financial Services at World Wide Technology, comments: “To meet new assurance mandates, policy has to be abstracted from the current legacy security infrastructure model and instead wrapped around individual applications, such as the payments system or credit card database.

“However, over the years, IT architectures have become a patchwork of updates, and responsibility for making changes to different business applications is spread out amongst different teams. Trying to isolate one application to secure it can result in the direct breakdown of others. For example, e-commerce systems may rely on credit card databases in order to function, and would cease to work if the communication was cut off. Essentially, one step forward could actually be two steps back”.

Nick continues: “Needless to say, the process can also result in banks incurring intensive costs, with any errors adding to the expense exponentially. To ensure smooth implementation, financial firms need to first map out a real-time picture of the entire system, tracing every communication and interdependency. It is only after this that a security plan can be devised and implemented.

“Additionally, banks need to have the correct processes in place, and the right people to oversee them. To adapt to the current regulatory climate in an agile, future-proof way, business application owners and compliance officers need to talk to infrastructure teams, and get a clear sense of what is going on in their systems, before putting the most appropriate solution in place”.