An interview with Derek Schwartz, Senior Vice President Financial Services, SEEBURGER a market leader in business to business integration.
With the rapid expansion of technology and the need to keep up with compliance requirements what steps can financial institutions take to ensure the greatest success?
By definition, most financial institutions have a lot of complexity which has been extended by the internet. Most banks have over complicated systems and the ability for them to monitor and secure the traffic of data that moves within the bank amongst its own internal divisions, applications and to their constituents on the outside. They have under invested, over complex systems (sometimes a result of merger) and so the real question is how do we deal with it? The reality is banks have an opportunity to reduce complexity, to decommission old legacy systems, to take their community and migrate them into a single platform.
FTP server connected to the outside world where any employee on the internal network could go to the command network and send a file out without the knowledge of others.
Even though everyone is experiencing cyber-attacks on some level the effect of these sustained attacks to key assets together with regulation is what most institutions are looking at. There are a major percentage of incidences that are occurring from the inside.
Which is the reason why both the inside and outside of the bank have to be secured.
When you consider the area that organizations like SEEBURGER play in, which have been under invested in until recently, businesses are now realizing that this is a tier one core requirement. It is firstly a key business components secondly a key business tool for working with customers.
This adds security and peace of mind to corporate clients
Finally, and this is where things are a bit complicated for financial institutions, how do you collect a number of applications and processes that are grouped together to enable you to comply with the multi-jurisdictional requirements? What I believe banks are missing is that more than 80% of data is in the form of files of various sizes and are needing to be transferred across the secure data transmissions system. That data is moving back and forth. As part of any regulatory compliance and engage ability, that data needs to be tracked and traced and understood in terms of data and have the compliance department alerted.
In order to halt the fines that banks are receiving from the regulators, you need to have a process that is consistently trying to figure out what kind of transactions are moving through the system. You should have an algorithm database in place and business rules that are embraced inside the data transmissions because payments happen via these systems. The back drop of all these transactions whether it is ach or settlement. When you are able to track them, provide an audit trail to the regulators, it is a clear and directional strategy of the bank. You can show these trails and show the patterns that exist demonstrating to the regulators that you are doing everything to root out fraudulent transactions.
There is one other thing in my opinion that is driving the behavior of the banks and the technology of the banks. The almost end of proprietary trading forcing banks to replace revenue by going back to doing business as usual, which means they are thinking about their customer, which means they are interacting with the customer and providing new products and capabilities, to allow them to engage with you. This is driving the security requirements to a new level.
SEEBURGER provides a Business Integration Suite for financial customers, how easy is this to deploy?
This modern technology is built from the ground up to embrace this. Rather than spending years migrating tens to thousands of customers, the innovation allows you to deploy, migrate and test to ensure security in a matter of months versus years.
The ROI for financial institutions today is a no brainer because the cost of deployment has come down, and the ability to win customers has gone up and therefore the need to provide an audit trail for regulators.
Customers on the other side today are requiring a much tougher service level. They want the bank to deal with their transactions in real time or near real time. The result of missing the SLAs cost the bank real money. When you consider the benefits, this is the Tier 1 solution that banks are looking for a refresh in their technology.
What types of ongoing support do you provide customers with?
Generally speaking, the old days of a software companies being addicted to license fees is starting to come to an end. The typical solution that most financial institutions are looking for is a long term partner. An annual fee that embraces both license and maintenance support for the system. They even become a development partner as we look at trends and innovate on that. This is more of an annual relationship versus a onetime deal.
Are there any new products or services you plan on launching this year that you can share with us?
There is a new service we just launched. Human to Human Integration: Up till now we have been discussing system to system which is mostly automated. The human to human integration focusses on the way people within the bank communicate with others. They attach spreadsheets and documents and send them. DLP: data loss prevention. The human to human integration senses when the data going out should not be sent, for example account number, social security numbers. You are able to look for specific items, alert it, quarantine it. The system will automate attachments that need securing and sends an email message to the recipients that states they have a document that requires them to log on to system to retrieve it. This will secure the item and also stop employ theft of essential data. This all part of the data loss prevention tool that has a work flow which requires specific people to approve documents or reject the transfer.
The system also allows for approval to occur without paper. The paper trails in each and all of the solutions; instead of printing we have deployed all of the human alerting and authorizations onto appliances.
If you then integrate this with system to system you can now relate emails and trades. You can start relating and correlating information being sent. Helping to reduce insider trading and libel.