By Justin Hamilton-Martin, CEO, Ultra Comms
The new, tighter rules around the Payment Card Industry Data Security Standard (PCI DSS) impacting any company taking payments over the phone came into effect on January 1st 2015. Under these enhanced international standards, non-compliance costs will be applied sooner and escalated more quickly: for a small-to-medium sized organisation, this could easily reach $250,000 (£166,000). In a larger financial services company, those costs could be a lot more.
Plus, as Ben Densham, CTO of Nettitude, adds: “Firms that fail to keep up can expect to incur costly fines, but the financial implications of failing to remain compliant can be far higher, with data breaches often costing victims a small fortune. With reputational damage also a major factor, businesses must ensure that security is at the top of the agenda and that they are keeping in-line with all regulatory changes.”
These tighter measures mean that financial services companies – who have perhaps focused less on ensuring PCI DSS compliance in the past – are now having to make compliance a priority. Until now, many organisations have found PCI DSS compliance (particularly in contact centre environments where agents are talking to customers) a challenge, due to the volume of measures that need to be taken to protect customer data.
It is hardly surprising that a study from Verizon in 2014 found that less than a third of companies were still PCI DSS compliant a year after accreditation. There are multiple aspects to achieving PCI DSS compliance, including firewall and security checks, plus controls around the telephony infrastructure to enable contact centres to achieve compliance much more quickly and easily.
What is PCI DSS
Before we look at those steps in more detail, let’s quickly remind ourselves exactly what PCI DSS is, and why it exists. The PCI DSS standards were developed by the PCI Security Standards Council (SSC), whose founder members include American Express, Mastercard and Visa. These payment brands and their partners are the governing bodies that enforce any penalties businesses receive for non-compliance.
The PCI DSS standards exist to protect consumers from fraud or data breaches caused as a result of contact centre agents having access to payment details. I’d also argue that PCI DSS standards – when complied with – also protect an organisation, because it gives a company the evidence to prove that it was not the source of a confidential information breach.
The PCI DSS standards specify that customer credit card information must not be stored in any form, encrypted or not, and that companies are advised to implement technologies that require ‘no manual intervention by staff’. This means that the practicalities of PCI DSS compliance are considerable for any contact centre taking payments over the phone.
Steps towards simpler PCI DSS compliance when taking over-the-phone payments
There are various options for organisations looking to achieve PCI compliance when taking payments over the phone. These range from manual processes through to implementing the latest generation of technology solutions, which minimise the need for staff intervention. The processes undertaken depend on the number of transactions processed annually.
For instance, merchants that qualify for Level 1 are those that process over six million transactions per year, while those that fall into Levels 2-4 process up to 6 million transactions incrementally. The latter organisations can use the PCI Self-Assessment Questionnaire (SAQ) to self-certify, using a Self-Assessment Questionnaire (SAQ), within which there are four categories (A-D) and further sub-categories within those. Each organisation must decide which SAQ Level its’ business comes under.
In practice, the Level and the type of SAQ determine how many self-assessment questions an organisation has to answer to achieve compliance. The difference can be huge, ranging from a few dozen question up to in excess of 400 since January of this year (compared to around 300 last year), depending on a variety of factors (for instance, whether customers’ payment details are entered in to a contact centre’s computer network or not).
The volume and complexity usually determines just how much external assistance a company will want to achieve compliance, but clearly, the less time and effort involved, the less the cost to the company. So it is in an organisation’s interest to fall into one of the less demanding categories if possible. Of course, this cannot be at the expense of achieving robust compliance, which is where technology solutions have a role to play.
Technology has a role to play
Some PCI solutions are placed in front of the client’s phone system and stop the customers’ sensitive card details from even entering the contact centre environment (whilst retaining the agent safely in the loop) during the payment process, thus reducing the number of applicable compliance questions that need to be completed and ensuring that the company sits in the most basic level, namely SAQ-A certification. This approach generally uses technology known as DTMF (dual-tone multi-frequency) clamping, which completely mask the customer’s payment information from entering the contact centre and makes screen and call recording safe for organisations.
Another option which with readers may be familiar is ‘Pause/Resume’ PCI solutions. These are well established in the marketplace and allow contact centre agents to manually stop and start call recordings from their desktops. This method theoretically stops customers’ sensitive payment data from being recorded, but as the agents can still hear and potentially store customers’ details, these solutions do not guarantee safety. Therefore, organisations are still obligated to fulfil the more demanding requirements of SAQ forms C and D, compared to SAQ A and B.
This creates quite a heavy workload that negates some of the financial benefits of technology-versus-manual techniques. For instance, companies have to implement of a ‘white room’ policy prohibiting pens, paper, mobile phones, USBs or other storage devices from being taken into the contact centre environment.
2015 is the year that PCI DSS compliance has really come to the forefront and with the threat of increasingly heavy penalties, this is too important an issue to ignore. The good news is that while compliance can seem onerous, the effort and associated costs can be minimised, giving both financial services companies and their customers’ peace of mind around data privacy.
One third of money management tools face closure by the end of the year if they do not embrace open banking
- New research from Yolt Technology Services shows 35% of Personal Finance Managers aren’t using any open banking technology
- Imminent screen scraping ban set to cause major disruption for consumers and businesses with just two months to go
- 1 in 5 PFMs have never even considered using open banking
- 28% cited data privacy as a reason for not adopting open banking technology
An international study of over 1,000 senior professionals in the banking, lending, PFM, investment, and retail sectors by leading open banking provider Yolt Technology Services has revealed that over a third (35%) of Personal Finance Management (PFM) platforms aren’t using open banking technology. These businesses will face an urgent transition when screen scraping is phased out in Europe at the end of 2020 if they are to avoid major service disruptions.
The final leg of PSD2, Stronger Customer Authentication (SCA), comes into effect in Europe on 31st December 2020 and will add an extra layer of security to log-in processes. This will force many banks to withdraw screen scraping facilities, which are currently used by PFMs to automatically extract on-screen data from the bank’s online banking page or app. This data is then used as raw text in the PFM to generate spending insights for users, but is less secure, less efficient, and creates a more cumbersome log in process.
As a result, many PFMs will have to look for alternative methods to gather customer data efficiently and securely, but despite being early pioneers of open banking, the survey showed that 35% of PFMs are not using open banking products and services such as AIS systems. In fact, nearly 1 in 5 respondents (19%) stated that they have never even considered using open banking.
More surprising still is that among those who were using open banking, only half (55%) were using Account Information Services, while over three quarters (77%) were using Payment Initiation Services (PIS). While PIS can deliver significant value for users, enabling settling between accounts or payment into regular savings accounts, its functionality is not a core part of the PFM offering in the same way as AIS.
Among those who haven’t yet adopted open banking technology, 35% of PFMs said it was too early to invest, and 28% named data privacy as the chief reason for not adopting. Despite this, PFMs do still show an above average adoption rate (68%) after being one of the first sectors to take advantage of the technology, compared with the banking and retail sectors, the next highest, on 63% and 62% respectively.
And the adoption of open banking technology is proving to be lucrative for those PFMs that do make the switch. Over 90% of PFMs who keep track of the monetary gains of open banking said that it is worth between £1m – £5m to their business each year, compared with 70% of respondents across all sectors, so there are financial gains to be had. This may be because open banking is central to service delivery for the majority of PFMs, but in other sectors it is a differentiator and its use is optional.
For all of this promise to be realised, there are clear issues to be addressed, but PFMs stand to benefit if they lead the charge.
Leon Muis, Chief Business Officer at Yolt Technology Services, comments:
“As pioneers of open banking, Personal Finance Managers have incredible potential to propel the technology even further – but only if steps are taken now to address the issues our survey reveals. That starts with more adoption – platforms which rely on manual methods of information gathering like screen scraping are not only less efficient, they deliver a worse service for users. To see a third of all PFM platforms using no open banking technology at all is a concern, and one that they will have to deal with sooner rather than later, with the upcoming ban on screen scraping.
“Data privacy concerns are a key reason behind this adoption rate, but this is built on fundamental misunderstandings not only about the technology, but the rules which govern its use. That over a quarter of PFM platforms don’t understand how open banking legislation works is a signal that we need to do better as an industry to champion the benefits of the technology, but also showcase the core safeguards and secure foundations upon which it is built.
“What is also clear is the power open banking has to differentiate platforms, and those which can most effectively implement it stand to benefit the most, both financially and in service delivery. And, with the phasing out of screen scraping coming into effect at the end of the year, PFMs need to act now to better support their customers and avoid being left behind.”
Accountants have become critical to the survival of businesses and their reputations during Covid-19
The opportunity for fraudulent activity to flourish as finance departments operate remotely with less oversight in these extraordinary Covid-19 times is inevitable. Government loans and financial support have been given out with little or no accountability to businesses that are struggling with the change in their trading environment and as a consequence businesses find themselves in financial need.
There is already evidence of corporations handing back furlough grants as HMRC offers a 90-day amnesty, but without rapid data-driven insight and risk stratification, businesses may not know the extent of their exposure. Indeed many businesses face the daunting prospect of repaying loans at the same time as paying deferred VAT early next year in a far from certain trading environment. Stuart Cobbe, Director of Growth, Europe, MindBridge explains that the role of the accountant has now become critical to businesses and their reputations.
The Covid-19 landscape is fluid and ever-changing, and businesses require accurate visibility of all aspects of their business in order to plan effectively for the future and to understand their financial position. As the economy continues to recover to a new ‘normal’, companies need to focus on the next 6 months. How many ‘zombie’ businesses are only operating due to deferred VAT payments? How many companies will fail when they cannot repay loans? The role of the accountant is vital in unlocking this transparency to provide data-driven, actionable insights.
After all, there are many questions around how government financing has been used, from grants to loans, furlough payments to VAT deferments. As of the 20th September, the total cost of furlough claims has reached a staggering almost £40 billion, despite 30,000 applications being rejected, with many likely to have been attempts to defraud the taxpayer. Research by economists from Cambridge, Oxford and Zurich universities found that as many as two thirds of furloughed workers continued to work.
For businesses that do not understand the extent of their exposure, they risk facing a HMRC-imposed tax charge equivalent of up to 100% of the grant to which any recipient was not entitled and was not repaid. It is, therefore, interesting to see the number of large organisations now publicly revealing plans to repay all furlough payments. For many, this is an opportunity to boost corporate reputation and demonstrate a commitment to rediscovering business as usual. However, given the huge pressures businesses have been under in recent months, many CFOs and FDs may not have the full visibility they require to effectively manage this without the power of audit.
This is about far more than reputational damage, the potential misuse of furlough is far from the only financial risk. The extraordinary shift in every business’ modus operandi over the past few months has opened the door for opportunistic fraud. New sources of income; staff working from home with limited oversight; the financial pressures – both business and personal – created by the recession. The misappropriation of assets should be a very real concern for businesses of every size.
For organisations that have relied upon grants and loans to survive, an employee exploiting the lack of oversight to syphon funds for personal use could tip the company into failure. Companies must determine how – or whether – deferred VAT payments and loan repayments can be made. Is the company truly solvent or no more than a ‘zombie’ business operating with a balance sheet propped up by short term government finance?
Business resilience and reputation is a priority in this era, and CFOs or FDs may be struggling to establish trust across businesses now operating under a whole new range of pressures, from slimmer margins to a disjointed, remote workforce. There is an obvious need for complete visualisation of financial risks, and accountants play a crucial role in unlocking this data.
The rapid identification of mistakes in government support applications, potential fraud and the analysis of which deferred payments and loan repayments can be made and when – whilst ensuring other risk factors do not jeopardise business stability – is essential to futureproof the business, and accountants can assess data to provide this information in a complete and actionable format to lead smarter company decisions. This is the data insight CFOs and FDs need today.
Traditional financial risk assessment models will not be adequate. At best, problems will be revealed months after the fact. Companies need rapid identification of areas of unexpected activity today. This is where accountants and finance departments using sophisticated machine learning and artificial intelligence techniques can deliver real business value by rapidly assessing financial data and surfacing unexpected activity. Armed with this information, finance teams will know where to focus activities, the questions to ask and the remedial action to take. This information will drive departments and remedial action to ensure business success and growth as the nation gets back to its feet.
In short, accountants and finance professionals can provide the answers businesses need today, whilst helping managers to plan for the future effectively, despite the changes in policies and protocols as the pandemic continues to throw curveballs. An audit can quickly identify problems including but not limited to, cash flow, fraud, misuse of grants, loan repayment issues – all whilst offering the guidance and steps to safeguard the business to promote resilience and protect the solvency and reputation.
Taking advantage of the UK’s renovation revolution
By Paresh Raja, CEO, Market Financial Solutions
UK property is a popular asset class because of its historical resilience to withstand periods of political and economic volatility and quickly recover its value. Domestic and international investors are aware of this general observation, which no doubt explains why investment into bricks and mortar has been rising during the COVID-19 pandemic.
As a result of tax reliefs introduced by the government to encourage buyers and sellers to return to the property market, house prices have been rising at an impressive rate. According to the UK’s biggest building society – Nationwide – house prices rose in September at the fastest annual rate since the aftermath of the EU referendum vote in 2016. Nationwide recorded annual house price growth of 5% in September.
For homeowners, this is important – house prices are a useful way of measuring the capital growth of a property. If house prices are rising, it means there is strong demand for real estate which is positive news for homeowners. House price growth also allows us to assess the overall health of the property market.
Here at Market Financial Solutions, we are regularly arranging bridging loans to support the property investment intentions of UK and non-resident buyers. From our perspective, COVID-19 has not dampened the overall need for finance to complete on real estate transactions. And importantly, we are also seeing a rise in homeowners undertaking renovation and refurbishment projects amidst the pandemic.
In August, the Renovation Nation Report revealed that the typical UK homeowner had spent over £4,000 on renovation works since the introduction of lockdown measures in March 2020, ranging from garden to living room, bedroom and kitchen upgrades. This has no doubt increased in value since then.
The rise in home improvement projects is important for a number of reasons. First, it is an effective way of increasing the value of a property. Simply updating worn furnishing and fittings, adding an extension or implementing new technologies to make a home more energy efficient can significantly enhance the appeal of a home and increase its market value.
Second, the rise in renovations and refurbishments taking place drives productivity and creates new building opportunities for SME construction firms. For example, a survey that was recently published by the Federation of Master Builders showed a marked increased interest for home improvement projects. It revealed that 42% of SMEs are predicting higher workloads during the Autumn months.
In my opinion, the COVID-19 pandemic is directly responsible for this sudden hike. People are spending more time at home, either working remotely or as part of social distancing measures. Naturally, this has compelled homeowners to consider ways of upgrading their property so that they can better enjoy their office and/or living spaces. What’s more, with the UK on the brink of second lockdown, there is a general acceptance that working from home either fulltime or part-time is something that will remain the case long after the coronavirus outbreak has been contained.
Unlocking the renovation revolution
One of the biggest challenges when undertaking a home improvement project is having the necessary finance in place. The traditional method of engaging with a high street lender for a loan has become complicated. As a consequence of COVID-19, banks are treading carefully – based on reports we’ve been hearing, loans are taking longer to be approved and the range of products available is limited.
Given how important property market activity is in driving economic productivity and growth, there is a clear need to ensure that homebuyers can access finance with minimal delay and fuss. Having witnessed current trends, Market Financial Solutions has responded by offering specialist finance loans that are tailored specifically for renovation and refurbishment projects. These are structured to the specific demands of each application, which means that construction deadlines can be met without the risk of finance being delayed.
Interestingly, the government is also keen to promote home improvements, particularly when it comes to green housing. For instance, in September the government launched the Green Homes Grant to encourage energy efficient housing. Under this scheme, grants can be accessed to pay for green home improvements. This could range from the insulation of walls and floors to the installation of double and triple glazing and the addition of low-carbon heating.
I would not be surprised if the government also considers similar grant programmes to support either types of renovation projects, particularly if more people are facing the prospect of permanent remote working. Of course, a lot of research would need to be undertaken for such a proposal but there are plenty of advantages that could be on offer as part of such a scheme. For now, we will need to wait and see.
My advice for anyone considering a home improvement project is to consider all the finance options available and applying for a loan that best meets their individual circumstances. While this might seem challenging, the fact of the matter is that lenders like Market Financial Solutions are responding to demand and creating products to support such undertakings. Finding the right type of finance will only increase the chances of work being completed on time, which ultimately works in favour of the homeowner.
Online jobs soar by 14% in third quarter 2020, Freelancer.com’s Fast 50 reports
Freelancer.com (ASX: FLN), the world’s largest freelancing and crowdsourcing marketplace by number of users and jobs posted, today released the...
New research from Yolt Technology Services shows 35% of Personal Finance Managers aren’t using any open banking technology Imminent screen...
Pivoting growth strategy to rebuild consumer trust and confidence
By Richard Steggall, the CEO of Urban FT Trust is essential to all relationships, whether personal or professional. And in...
Everything you need to know about APIs for business
By Omar Javaid, president, Vonage API Platform, Vonage If your work brings you into close proximity with technology, chances are...
Accountants have become critical to the survival of businesses and their reputations during Covid-19
The opportunity for fraudulent activity to flourish as finance departments operate remotely with less oversight in these extraordinary Covid-19 times...
Unexplained Wealth Orders: Rightly Celebrated or Over-Rated?
By Nicola Sharp of financial crime specialists Rahman Ravelli considers the attention given to unexplained wealth orders – and emphasises...
Taking advantage of the UK’s renovation revolution
By Paresh Raja, CEO, Market Financial Solutions UK property is a popular asset class because of its historical resilience to...
What is a glocal supply chain?
Thanks to rapid advances in communication and information technology, manufacturers are now able to operate at a truly global level,...
Rise in Digital Banking Activities: Should UK Banks Be Wary Of Cyber Attacks?
By Kunal Sawhney, CEO, Kalkine. Cybersecurity in the age of digital banking and technology has had a significant impact. With...
Grey skies ahead – Malta prepares for a gloomy 2021 if they can’t tackle financial crime
By Dhanum Nursigadoo, ComplyAdvantage With the summer drawing to a close, many countries who rely significantly on warm weather tourism...