By Jacob Ghanty, Head of Financial Regulation at Kemp Little LLP
Banks and businesses are under increasing scrutiny to ensure they have the right security measures in place, especially in wake of the numerous high-profile data breaches that took place in 2017. In recent news, NatWest came under fire for failing to use an encrypted https (Hypertext Transfer Protocol Secure) connection for a customer-facing section of their website.
Internet banking has grown in popularity in the UK for its convenience and timesaving benefits.For many consumers it has overtaken the use of physical branches. However, security is still a main concern for consumers when it comes to moving from ‘offline’ to online banking and banks must ensure they are meeting both customer expectation in terms of convenience but also tough regulation restrictions in order to keep their customers safe online.
Not an isolated case
In the case of NatWest, the absence of an encrypted https was spotted by an external security expert and made public knowledge through Twitter. This security flaw meant hackers had the potential to redirect customers to a falseNatWest site which looked identical to the legitimate site. Although this issue was resolved within 48 hours by the team, this vulnerability could have left NatWest liable to numerous security and legal consequences.
Clearly, banks and financial institutions are legally obliged to protect customer data in order to maintain the security, integrity and confidentiality of information. Yet, since 2007, 11 banks to date have been named and shamed by the Information Commissioner’s Office (ICO) for unacceptable data security practice.
According to the Data Protection Act 1998 (DPA), organisations must have appropriate organisational and technical measures in place to protect data against unauthorised or unlawful processing, and accidental loss or destruction of or damage to personal data (data security breach). This is known as the seventh data protection principle.While the DPA does not specify how “appropriate organisational and technical measures” should be developed according to this principle, data controllers must ensure they prevent the possibility of data being compromised in any way.
Financial and legal obligations
From a financial perspective, banks must ensure they have reliable security mechanisms in place to protect the transfer of sensitive information, prevent the possibility of data corruption and leakagewhilemaintaining data confidentiality at all times. These requirements fall under the Prudential Regulation Authority Rulebook, and failure to meet the conditions leaves banks liable to disciplinary action.
From a data privacy law perspective, data controllers are at risk of huge fines should crucial customer information be compromised. For example, the ICO could impose penalties of up to £500,000, particularly in the case of a serious breach. In October 2016, TalkTalk was fined £400,000 for a breach which compromised the seventh data protection principle, in failing to have appropriate organisational nor technical measures in place.
Banks and financial institutions must also keep in mind the upcoming EU General Data Protection Regulation (GDPR), taking effect from 25 May 2018. This regulation will impose stricter obligations on data controllers than ever before and increase maximum fines under a two-tier system if they suffer a breach. Such fines, under GDPR, could look like the following:
- Up to 2% of a bank’s annual worldwide turnover of the preceding financial year or 10 million euros (whichever is the greater) for violations relating to internal record keeping, data processor contracts, data security and breach notification, data protection officers, and data protection by design and default
- Up to 4% of annual worldwide turnover of the preceding financial year or 20 million euros (whichever is the greater) for violations relating to breaches of the data protection principles, conditions for consent, data subjects’ rights and international data transfers
The importance of comprehensive security measures
The above fines highlight the scale of the initial financial impact that the lack of HTTPS connection could have had on NatWest from their customer website.However, what cannot be calculated is the financial loss following the depreciation of trust and reputation from current and prospect customers. In order for financial institutions to safeguard such losses they must use a HTTPS connection to ensure that any data sent between a customer’s device and a website is encrypted and therefore, rendered inaccessible to anyone trying to intercept their data.
Hackers often create phishing sites which look similar to users to a bank’s website, in order to lure customers to share their personal data. They can look more similar than perhaps users realise – even using fake log-in mechanisms to simulate the real website. This underlines why banks and financial institutions must be thorough with their security processes: the sheer scale of customers processing data and transactions through online services entail undeniable security and financial risks to both the customer and the banks.
Important next steps for banks
An effective way to spot and resolve any vulnerabilities in online systems is through carrying out a cyber-security audit. Financial services and banks can maintain a high level of protection by using appropriate detection capabilities, and putting in place fast-acting recovery and response systems. This will provide websites and online banking systems with the right tools to react to any issues quickly, and to prevent service outages in the case of unexpected interruptions.
There are number of useful sources of information in this area including: the FCA’s speech in September 2016 on its supervisory approach to cyber security in financial services firms; various ICO guides on information security; the FCA’s Financial Crime Guide; and the FSA’s Thematic Review Report on data security in the financial services sector of April 2008.
It’s all relative: Older generations feel helping out the family financially is more important since the Covid-19 outbreak
Before Covid, 23% of people prioritised helping younger generations out financially, that increased to a third as a result of the pandemic
A recent survey* conducted by Hodge has revealed that the Covid pandemic has led to more people wanting to help younger family members financially.
A third (31%)** of those questioned said that since the Covid outbreak giving a financial gift to children or grandchildren is more important to them, compared to 23% who said it was a priority before the pandemic.
The traditional “Bank of Mum and Dad” is still very much open for financial help, with parents being responsible for 72% of the gifts, but the study also revealed that financial gifts can come from all corners of the family – including children (14%) and siblings (14%).
The survey also found that a third of people have received a financial gift from family, with those aged between 25-34 as the most likely to receive
The most popular reason for gifting money to family is for special occasions such as a quarter of gifts were given for weddings and birthdays but 11% of people have received money to help with big purchases such as cars and houses. In addition, 19% of people have received help with day to day finances, with around 14% of those receiving a gift have done so to pay off debt.
Emma Graham, Business Development Director at Hodge, said of the research: “Our study showed that, as a nation, we all want to help our family out when it comes to money. And whilst we all think of the Bank of Mum and Dad or Gran and Grandad as a traditional source, we were surprised to see that 14% of brothers and sisters are also helping out.”
The findings come from a recent intergenerational study conducted by Hodge, who interviewed over 3000 people about their attitudes towards finances and their aspirations for the future. The full research findings can be found at https://hodgebank.co.uk/2020/05/19/money-its-all-relative/.
As part of the study, people were also asked about paying back the gift, with 40% of beneficiaries expecting to pay their parents back, but this dropped to 28% if the gift came from grandparents.
From the gift donor’s perspective, 26% expect the gift to be paid back, however just 15% of grandparents expected the money back.
Hodge has produced a set of guides on how families can navigate the tricky subject of giving financial gifts within a family, as well as the considerations and steps that be families should think about taking before a gift is given, such as is it a loan or a gift and thinking about contingencies if the family member’s circumstances change. The guides can be found here: https://hodgebank.co.uk/news/
Emma continued: “It’s clear that families feel strongly about offering financial support to each other if they are able and this has increased since the Covid pandemic. Before Covid, 23% of people prioritised helping their families out financially in the next five years. Since the Covid-19 outbreak that has increased to a third of people saying helping a family member financially had become more important.
“So, it is clear that the Covid-19 lockdown and subsequent predicted economic downturn, has led to more families looking to share wealth to help younger children or grandchildren during this difficult time. Many people may look to Later Life mortgages, where many products have reduced their rates and have flexible lending criteria, to help out a loved during these difficult times.”
New report identifies the factors which will determine SMEs’ chances of a successful COVID recovery
· Analysis of the performance of over 1,000 UK small and medium-sized businesses by Allica Bank provides roadmap for SMEs
· Regular training, an openness to innovation, and a clear vision all contribute heavily to an SMEs’ chances of success
· Allica Bank has launched a programme of free workshops to expand on the findings and support business owners
Business bank, Allica Bank has combined data and insight from over 1,000 UK SMEs with a multiple regression analysis to determine what factors most closely aligned with an SMEs’ chances of success and separated the highest-performing businesses from their peers. These ‘rules for success’ have been compiled from the research data to support British businesses as they look to chart a course to post-Covid recovery.
The full report identifies six behaviours for small and medium businesses to follow, to maximise their chances of a successful COVID recovery. The six top-line rules emphasised by the data were:
Rule 1: SMEs should regularly train staff
Of the top-performing businesses analysed, 47% provided training for employees at least on a quarterly basis, compared to just 32% of other businesses. Regular employee training was linked closely to success by the model.
Despite this, many small businesses have neglected training and nearly half (46%) of the small businesses analysed only provide training for employees about once a year or less often. This included 15% that never provide employer-funded training. This discrepancy could represent a significant opportunity for small businesses to unlock the potential of their employees and thrive in the post-Covid economy.
Rule 2: SMEs need to focus on innovation and technology
Looking again to the best performing businesses, 76% were found to either continually (39%) or often (37%) be considering new opportunities for technology in their business. This is compared to only 51% for businesses considered to be outside of the top ranks, out of which only 27% admitted to continually looking for new technology opportunities.
Rule 3: Small business must have a formal, long-term vision
Nearly two thirds (66%) of the most successful businesses in the survey had a formal, long-term vision, compared to just 50% of businesses outside the top 100. Looking to the businesses that scored the lowest on the SME Performance index, only 37% claimed to have a formal, long-term vision.
Rule 4: SMEs should broaden their customer reach and find new markets
Of the top-performing businesses, 65% of these have overseas customers compared to just 40% of the worst performing businesses. Among the best performing SMEs, over a third (34%) identified international expansion as one of the top three drivers for their success.
Rule 5: SMEs need to develop reinvestment plans
22% of the best performing SMEs reinvested some of their profits into the business in the past three years with an average 9% of profits being redeployed. Tellingly, this is nearly double what other businesses admit to reinvesting in their business (5%).
Rule 6: SMEs should engage with local business organisations and networks
Of the top 100 SMEs, 30% had obtained external credit to expand over the past three years (compared to 24% of other businesses). Meanwhile, only 16% of all other SMEs had engaged with local enterprise partnerships or growth hubs in the past three years (compared to 23% of the top 100 SMEs).
Chris Weller, Chief Commercial Officer, Allica Bank, said:
“All small businesses are different, as are all small business owners, but one trait they share is an innovative resilience. Whilst the coming months and years will undoubtedly continue to present extreme challenges, there is no doubt that small and medium sized businesses across the UK will rise to meet them head on.
“To give them the best chance to succeed, though, they need to be equipped with the right tools. There is certainly no silver bullet or panacea for every small business, but as this study has found, there are a number of common factors found in the most successful businesses that allow small enterprises to thrive and that they can consider individually for their business.
“This research has identified common ‘rules for success’ that speak to every aspect of running a business, not just the financials. Once we saw these results, we wanted to use them to help small businesses begin to re-build and prosper, by outlining common factors and then examining how best they can be practically applied to businesses in all sectors of the economy.
“Small business owners and their employees have been hit hard by the crisis, but they have the drive and resourcefulness to breathe new life into the economy and bring energy to post-Covid Britain. Our commitment at Allica Bank is to give them the support they need to do so, every step of the way.”
The full report contains a wealth of additional data and insight into each of these topics. As part of its mission to empower small businesses, Allica Bank is making the findings freely available and running a series of free online workshops with relevant partner organisations for businesses to attend.
New research finds that financial wellbeing should be at the heart of banks digital experiences as the UK enters recession
MullenLowe Profero have today launched a new report focusing on two communities who will be hardest hit by the recession: 18-25 year olds and small businesses. These communities need financial wellbeing support at the core of an increasingly digital relationship. MullenLowe Profero partnered with Censuswide to survey 1,004 18-25-year-olds and 504 small businesses.
Concern around financial shocks is harming individual’s wellbeing
The survey finds the ability to absorb financial shocks being the critical worry affecting wellbeing and 40% of 18-25-year-olds are sometimes afraid to look at their bank account.
They are seeking financial education to relieve worries
With over two-thirds of respondents demanding financial education in order to find peace of mind and 40% of 18-25-year-olds state that thinking about their money has a negative impact on their wellbeing the report highlights the audience are open to more active support from banks. 60% of the audience feel banks should help them have the capacity to absorb a financial shock.
When our bank is in our pocket reminding us of our anxieties, is there now a duty of care to support our wellbeing?
The survey finds that the digital experience is now the number one reason for choosing a bank for 18-25 year olds.
With this shift in digital preference, people are expecting banks to play a bigger role in wellbeing. 58% of those worried about their money want banks to help them take control.
More than half of 18-25 year olds agree that a bank’s role is now to:
- provide education on money management
- help them keep on top of financial goals
- help them save enough money to cope with the ups and downs of life
People are feeling closer to local communities, but there is a gap in how brands should engage communities in a digital world
Half of 18-25 year olds agree that in the last few months the importance of their local community to them has increased. 40% agree they’ve engaged more with their local community in recent months. There’s a tension between how to engage a community as 60% agree they prefer a bank with better digital tools over a bank that offers more local branches. However, 60% feel banks need a branch presence to support local communities.
The importance of Global Wellbeing rises
Over half of 18-25 year olds agree that the events of the last few months have made them seek out brands that do better for the world. The research findings show that what they want most is to be recognised for their positive behaviours. 56% of the audience highlighted that they would find rewards and benefits for purchasing ethically and sustainably most useful.
Banks digital experience today lack empathy
In this time of reset, the survey found a third of customers and small businesses are considering changing banks in the next year as a result of the impact of the pandemic. The report concludes that brands that will win will champion financial wellbeing in the digital experience through empathy and emotional intelligence.
For the full report, get in touch with MullenLowe Profero at [email protected]
Howard Pull, Head of Digital Transformation Strategy at MullenLowe Profero, said: “Our findings are a wake up call for digital innovation in banking relationships. With digital experience being the number one choice for selecting a bank, there’s a huge opportunity for banks to support individual wellbeing at scale by understanding and responding to our goals and anxieties to build better money habits.”
The research was conducted by Censuswide, with 1,004 18-25-year-old current account holders and 504 small businesses with business bank accounts and annual revenues up to £2m between 23.06.2020 and 29.06.2020. Censuswide abides by and employs members of the Market Research Society which is based on the ESOMAR principles.
How sustainable AI improves the triple bottom line
An investment in green AI enables financial services firms to align people, profit, and planet By Nick Dale, EVP business...
The impact and implications of Covid-19 on financial reporting
By Mark Billington, Regional Director, Greater China & South-East Asia, ICAEW The economic consequences of Covid-19 have been unprecedented, affecting...
Contis enters RBS Capability and Innovation Fund bid seeking £35 million for disruptive SME growth strategy
Leading payments provider, Contis, has applied for two grants from the RBS & BCR Alternative Remedies Package, totalling £35 million. Unlike most applicants who...
Four years of digital transformation in four weeks: UK lockdown puts pressure on brands to digitally deliver
Nearly a third (32%) of consumers would switch providers if a brand’s website is unavailable for more than 24 hours...
Demonstrating the value of collaborative leadership during crises
By Jean Stephens, CEO, RSM International In 2000, a leading expert in behavioural science, Daniel Goleman, outlined the six key...
Empowerment Accelerates Continuous Improvement
By Larry Sternberg, JD, Fellow, Talent Plus, Inc. Empowerment First, let me clarify how I am using the word “empowerment”...
What is loneliness and how can you manage it?
By Iris Schaden Your Business and Personal Coach A mere century ago, almost no one lived alone. Today, many do...
How banks can build digital transformation into business continuity
By Andrew Warren, Head of Banking & Financial Services, UK&I, Cognizant Businesses around the world are falling victim to the...
Akerton Partners S.L. is a Spanish independent mid-market corporate finance advisor founded over a decade ago, in 2008, amid a...
Looking to the future, virtual (or online) businesses will prove more profitable
By Richard Fletcher Magic Sauce Marketing Business owners of all types have had to make some major adjustments this year. With...