But as with any emerging technology standard, progress is littered with both milestones and speed bumps. Below I will outline some of my key observations from working with leading players in this space.
It is no longer a question of if Open Banking will continue to evolve, but a question of how quickly it will accelerate. As Open Banking’s remit continues to expand, it will fundamentally change how we use financial products.
Open Banking can be used to assess a consumer’s creditworthiness, for example, by opening the doors to novel products aimed at supporting financial health and inclusion.
The complex world of credit scores will be simplified through the transparency Open Banking provides. Authorised Open Banking fintechs can securely access a customer’s bank account to see incoming and outgoing transactions, providing a foundation from which to accurately assess users’ credit scores and personalise services accordingly.
Personal Financial Management platforms (PFMs) like Money Dashboard are leveraging Open Banking technology to provide their clients with insights into transaction behaviour. Its retailer clients, such as supermarket chains, benefit from a better understanding of what their customers spend their money on when they are shopping at other stores. Its investor clients, meanwhile, use the data to predict how companies are operating in order to decide whether to invest in a stock.
Another example of a company paving the way forward is Bud – which is demonstrating what is possible through Open Banking-powered personalisation and AI automation. Banks use Bud’s products to automate lending decisions and perform more accurate affordability checks – improving risk assessment while delivering more tailored services to their customers.
In the future, Open Banking will evolve into Open Finance, meaning that data-sharing will not be limited to transactional bank account data only. Other types of (financial) information will become accessible to authorised third parties, creating a more interconnected financial ecosystem.
Crypto wallets, pensions, insurances, mortgages, stock trading and other wealth management accounts – will all become accessible to facilitate easier exchanges of data, helping providers to establish a comprehensive digital overview of a customer’s financial position and encourage continued innovation.
These benefits will not be limited to retail customers. Another important area of expansion will be to use Open Banking solutions in the B2B space. Highlighting the potential use-cases, McKinsey estimates that merchants collectively spend $100 billion annually on transaction fees. Through account-to-account (A2A) payments, Open Banking players are already enabling the direct transfer of money between accounts without relying on third-party intermediaries or payment cards – offering a real-time and cost-effective solution to the problem.
There are three main obstacles on the road to Open Finance:
1. Access to data
How do we make it easy for providers to access data from a broad range of financial institutions? Technological integrations (APIs) must be built to support the efficient flow of data, but building integrations that work with each financial institution is a tedious and fragmented process. To facilitate this, data and API standardisation needs to be implemented in order to make the task of providing access to data across the whole ecosystem simpler.
On the other hand, the reluctance of institutions to share highly valuable customer data will restrict access. This means regulators will need to step in – as they did for Open Banking – to create a legal environment that opens financial data for third parties to access through standardised APIs.
2. Analysing the data
Making sense of huge volumes of data is already a gargantuan task, even when it “only” covers Open Banking data. This becomes even harder if data from a wider set of financial products is considered. Fintechs will need advanced categorisation engines and other analytical tools to structure and analyse the information they receive.
Fintechs and companies can have access to all the Open Banking data in the world, but if they cannot create a way to analyse it, they will struggle to draw out any valuable insights. Leading providers like Money Dashboard have already done the legwork when it comes to data analysis – its Open Banking categorisation engine has been trained on over 10 years of data, which allows it to accurately classify consumer transactions. Other providers must follow suit if they haven’t already.
3. Compliance
Whenever personal information is shared, it is crucial to have a stringent compliance framework in place, to prevent any breaches or misuses of data. This, however, is not the challenge – the real challenge is ensuring that regulation protects the consumer, without stifling innovation.
In order to achieve this delicate balance, regulators will need to have open and constructive dialogues with Open Finance providers, and together create an environment that nurtures innovation without threatening data privacy.
Open Banking is still a relatively early-stage technology, so we will continue to see a lot of investor activity in this space, with the market expected to grow to $43 billion by 2026.
Companies with an innovative product and state-of-the-art tech will have no problems raising funds. For instance, UK-based Bud raised $80m in June to continue to scale its AI-based Open Banking platform and expand internationally.
In the M&A space, we expect to see an increase in activity as small, unprofitable companies (who have developed good technology) might decide to look for a buyer as Venture Capital funding becomes harder to access. Some of the industry’s largest players could also merge in order to consolidate the market, create synergies and expand their reach.
Notably, Apple’s recent acquisition of Credit Kudos, which develops software that uses consumers’ banking data to make more informed credit checks on loan applications and is a challenger to the big credit reporting agencies (Equifax, Experian and TransUnion)., signals interest from further afield. With more and more businesses making inroads into financial services, M&A activity in this space is heating up.
Having advised on a number of M&A and fundraising transactions in the Open Banking space, Royal Park Partners have seen first-hand the impressive leaps companies are making to transform Open Banking and increasingly Open Finance into a positive and productive tool for customers and businesses. In the future, Open Finance will provide the infrastructure to connect all financial products that consumers and businesses use, while also providing access to innovative new solutions.
The digital imperative for financial services firms cannot be understated. In order to ensure their (and their products’) relevance in the future, they will have to embrace Open Banking and Open Finance technology.
About the author: Ricardo Falter is Fintech M&A Associate at Royal Park Partners.
The advent of HMRC’s Making Tax Digital (MTD) initiative has changed the way in which we process and arrange our tax affairs irrevocably. Whilst previously only businesses with a taxable turnover above £85,000 had to comply, since April of this year, all VAT-registered businesses have been subject to mandatory online MTD submissions. Soon, similar regulations will apply to Corporation Tax (CT). But what does this mean for how we submit our returns and are most companies ready?
Disconnected data
Traditionally, VAT and CT, with their widely varied deadlines, have not been connected for reporting purposes. However, this is set to change when MTD for CT arrives, as the new quarterly CT submissions will have to be sent to HMRC within days of their equivalent VAT filings. This means that it makes sense for organisations to align their VAT and CT processes more closely.
The reality remains, though, that currently most companies are simply not prepared to leverage data across multiple MTD streams. Today’s typical accounting landscape has siloes with specialists dedicated to one specific area – be it VAT or CT – with separate data and separate timescales. Unsurprisingly, this means that tax advisors can be skilled in either CT or VAT but rarely in both. As processes continue to align, this presents a challenge.
Also notable is the fact that CT filing happens twelve months after the end of the CT financial year whereas VAT fillings happen quarterly or monthly, with reporting occurring 30 working days after. Such distinct deadlines don’t have data overlap because CT uses data that has long since been checked and finalised, while VAT-related data can be subject to change during the reporting cycle. Currently, this is no major problem but the arrival of MTD for CT with its new reporting cycles will disrupt the landscape.
Changing reporting cycles
When MTD for CT arrives, there will be additional data to submit on a quarterly basis, bringing VAT and CT tax data closer than ever – with greater interaction between the two. If your company follows calendar quarter, it currently files its VAT returns on May 5th. Going forward, you will also be submitting CT returns on 30th April, making the time between submissions much shorter. Naturally, this means that data must be aligned across both processes and that the CT team will need visibility of the VAT team’s reporting and vice versa.
So how do we connect these disparate teams more closely? Firstly, we need to revamp the legacy, siloed approach to CT and VAT and instead introduce fully integrated tax teams. This will encourage a holistic, transparent view of both disciplines underpinned by a single source of truth, enabling clarity and seamless processes throughout the tax department.
Secondly, we can look to technology to provide new ways of doing business. Too many companies still depend on Excel and similar software to enable their MTD calculations even though this puts severe constraints on processes. This old-fashioned approach needs continual manual updates, with great potential for human error, risks regulatory compliance and lacks smooth integration with other financial systems. With HMRC recently issuing updated guidance on penalties relating to MTD for VAT non-compliance, the incentive to not make mistakes continues to grow.
New opportunities and added value
The time is right, therefore, for companies to evaluate the new generation of UK-specific VAT and CT applications. These are less time-consuming, integrate seamlessly with other core IT platforms such as ERP, and automatically update according to the latest regulations. Specialist software also has the potential to minimise risk, improve precision and increase control while boosting efficiency. This can help companies of all sizes to eliminate common problems, such as laborious data formatting.
Modern, best-of-breed financial systems and VAT calculation tools can also generate value beyond meeting MTD compliance requirements. They provide more precise, timely and transparent data, which enables smarter decision-making and improved business intelligence.
This consistent access to large volumes of accurate data provides clearer insight into the profit margins in different areas of your business, helping companies identify disparities. This data can also be extracted beyond the tax department to the broader business where additional value can be leveraged.
At the same time, they enable more complex calculations, such as partial exemption, helping companies potentially recover more in VAT, for example. Not only does this ensure faster results, but it also takes the monotonous number crunching out of the hands of skilled professionals who can be redeployed to more high-value tasks.
Introducing the cloud
The traditional approach to on-premise computer platforms was to get tied into lengthy, expensive partnerships with big legacy vendors, requiring significant upfront investment in both hardware and software as well as costly ongoing maintenance. This might well provide access to an extensive solutions portfolio but is not always the best tool for the job at hand.
Today, companies are increasingly turning to the cloud instead, where best-of-breed solutions can be built from an ecosystem of existing components, connected via APIs. This means you can build the specific solution you need in less time and with fewer upfront costs, paying only for what you need when you need it.
A vision for the future
By integrating tax departments across VAT and CT and migrating to new, flexible, constantly updating cloud technologies, companies can futureproof themselves for whatever comes next on the MTD journey. Furthermore, outside of HMRC regulations, many anticipate that wider EU standards will be introduced to address similar issues. With the right solution already in place, companies will be able to comply quickly and with minimal effort.
MTD for CT is set to be introduced in 2026, which may seem like the distant future, however re-evaluating your tax reporting processes, integrating data across tax teams and implementing versatile solutions today will ensure you are well ahead of the competition. Starting to make the necessary changes now means that your team will be fully integrated and efficient – having already ironed out any preliminary issues – ahead of the compliance deadline. Using all the available data in the most connected, transparent and accessible way, will ensure VAT and CT are synchronised for success.
For more information visit https://www.taxsystems.com/.
Fintech companies are on the rise, with more and more people using them to manage their finances. The international fintech market is projected to grow rapidly, reaching a value of about $324 billion by 2026. It will develop with compound annual growth of approximately 25.18 percent between 2022 and 2027.
This skyrocketing growth prediction shows the relevance of fintech companies in the current world. These companies are also under constant pressure to develop new tech and services. And while creating these services, they need to safeguard customers' data.
This article will help you comprehend the reasons behind the increasing need to prioritize privacy in the fintech industry.
Data privacy is the degree to which individuals should be allowed to access, possess, use, and share information. For example, you wouldn't mind sharing your name with a stranger while making an introduction, but you would not want to do so until you've gotten to know one another better.
Furthermore, when sensitive data enters the wrong hands, things can go wrong. A data breach at a government office, for example, might result in sensitive information being released publicly. A data security incident at a school might jeopardize students' personal information, which could be used to commit identity theft.
Therefore, the risk of losing data is everywhere, and each sector must take action to eliminate this. If privacy is breached, the company will suffer financially and reputationally. But the good thing is that consumers are more aware of their data privacy rights than ever before and are vocal about when their privacy is violated.
This is the digital age, and one cannot forget that the number of hacking cases is increasing every year. The attacks on big companies like Equifax have made it clear that no company is safe from cybercrime.
Besides the risk of cybercrime, fintech companies also need to prioritize privacy to protect their users from other dangers. For example, if a customer's data falls into the wrong hands, it can be used for blackmailing or identity theft.
Users themselves show incredible interest in security and privacy-focused options online. They might drop certain services if their operation or track records seem invasive.
For one, more privacy-conscious people choose to download VPN apps to minimize their digital footprints. A Virtual Private Network protects data exchanges online by encrypting internet traffic. Thus, users connect to VPNs when making financial transactions online. It gives users peace of mind and more confidence to conduct business online.
One of the main reasons fintech needs to prioritize privacy is to comply with regulations. Financial institutions have always been subject to stringent regulation, and fintech companies are no exception. They need to ensure that all customer data is protected and secure. It is particularly crucial considering recent data breaches suffered by Capital One.
Another reason why fintech needs to prioritize privacy is to protect customer data. As mentioned above, financial institutions are subject to stringent regulations to protect customer data. Fintech companies need to ensure that all customer data is protected from unauthorized access, use, and disclosure.
If a fintech company doesn't take the necessary precautions to protect user data, it could be held liable for the damages or losses suffered as a result. It could include financial losses, loss of business, and damage to reputation.
One of the main reasons fintech companies exist is to build trust with their customers. If customers don't trust a company to protect their data, they are unlikely to do business with it. Trust is essential for any company that wants to succeed in the fintech industry.
Competition is fierce in the fintech industry, and companies need to do whatever they can to stand out from the crowd. Offering superior levels of privacy and security is one way to do this. Moreover, this can be the unique point of their success story.
To grow, fintech companies need to attract new customers. One way to do this is by offering superior levels of privacy and security. This will make customers feel more comfortable doing business with them, and they may be more likely to recommend them to others.
Fintech companies also need to prioritize privacy to retain their current customers. If customer data is mishandled or security breaches, customers can decide to take their business elsewhere.
The fintech industry is constantly evolving, and companies need to prepare for the future. In the same way, cybercriminals are also preparing for the future and speeding up the process to stay ahead of time.
So, one way to deal with this is by ensuring that all customer data is protected and secure. This helps build customer confidence and ensures that the company is well-equipped to deal with future challenges.
The fintech industry is rapidly evolving. Companies are putting efforts to do whatever they can to stay ahead of the curve and protect their customers' data. Privacy is essential for companies in the fintech industry, and the reasons for the same are explained briefly above.
Mark Jenkins, Chief Finance Officer At MHR International, explores how digital transformation has fuelled the need for finance teams to move away from outdated software and embrace a more suitable way of processing data.
A recent MHR survey revealed that over half (51%) of finance leaders depend solely on Excel for their processes – a figure more reflective of the industry’s lack of tech investment than of the usefulness of a software tool now over 30 years old.
Accordingly, many finance leaders are missing out on opportunities to reshape their role due to being weighed down by time-consuming and tedious manual tasks. This is also using up valuable time which could be better spent feeding into bigger-picture business strategy conversations. Should they continue to be left out in the cold, businesses risk missing out on a wealth of expertise, knowledge, and crucial financial data.
If finance professionals want to take their rightful place at the strategic table, they must become drivers of tech implementation.
Excel is still deeply entrenched in the culture of many finance departments. Often seen as a tried-and-tested, ‘safe’ tool, spreadsheets owe their ubiquity to organisations’ traditional reluctance to spend out on innovative software and processes. After all, it is daunting to ditch the only business analytics tool you have ever known in favour of something new, especially when to date your organisation has been completely reliant on it.
But while Excel is great for rudimentary calculations, its shortcomings in today’s interconnected global finance ecosystem are more obvious than ever. In a world that is increasingly driven by collaboration and information sharing, Excel is simply incapable of providing the multi-user support and complex, real-time data analytics needed for successful financial modelling and forecasting.
Furthermore, Excel cannot always be relied on to keep data safe and secure. Recent headlines have made this painfully apparent: in 2020, almost 16,000 positive Covid cases vanished from Public Health England’s contact tracing system in a high-profile IT glitch. The reason? Excel had run out of numbers. With almost a third (31%) of finance leaders rating unsaved spreadsheets and lost documents as the greatest risks of their role, such costly and embarrassing errors should spur businesses to prioritise data integrity and move away from outdated spreadsheet tools.
Reliance on legacy processes is also hindering the strategic growth of finance leaders and their teams. MHR’s survey found that almost half (44%) of leaders are left out of business strategy conversations, as they find themselves overburdened with cumbersome manual processes. Wasting time copying and pasting data from one spreadsheet to another, talented finance professionals are currently robbed of the chance to participate in long-term scenario planning, leaving them vulnerable to future market changes and missed growth opportunities.
As a result, technical debt and legacy mindsets are holding finance teams back from flexing in their role and using their expertise to shape important strategic initiatives. This seems thoroughly at odds with the digital transformation happening across all industries. If finance leaders want to be the drivers of the data analytics revolution, they must leave Excel in the past and embrace smarter tools.
Accelerated digitisation has fuelled the need for finance teams to ditch outdated Excel software and adopt more suitable ways of processing data. By implementing agile and collaborative scenario-planning solutions, finance departments can seamlessly plan and model for the future, enabling them to use their insights to shape long-term business-wide strategy.
Automation is the key to future-proofing finance teams. It removes the need for professionals to reach down and perform tedious, time-consuming manual tasks, thereby freeing them to undertake more high-value endeavours and provide forward-thinking strategic advice at board level. Furthermore, automated processes support teams in boosting their compliance, accuracy, and data security, considerably lightening the load.
The right integrated corporate performance management solution goes beyond basic financial planning: new market entrants can incorporate extended planning and analysis (xP&A) to put finance leaders back in the driving seat to make more efficient strategic decisions. This enables teams to make considerable time and cost savings, setting themselves and the wider business up for a more productive and profitable future.
In today’s increasingly challenging and competitive commercial environment, financial data cannot sit siloed with individuals, nor be held in obsolete IT systems. The right tools and solutions will ensure greater data visibility across the wider business to help support long-term decision making. In addition, tech implementation can free finance leaders and their teams from low-value, repetitive manual tasks, securing much higher levels of efficiency, responsiveness, and agility.
However, there’s a lot that you can do with dedicated proxies. This is especially with more sensitive tasks like banking. With fraud on the rise, internet banking can be risky without using a security tool such as a dedicated private proxy. It’s an intermediary mechanism that prevents data theft on banking systems.
If you do private baking, understanding why you need a proxy server is vital. This article looks at some of the reasons to buy dedicated proxies for private banking purposes. This article will help you know whether dedicated proxies are worth buying for banking privacy and security.
Server overload problems are common in banking systems worldwide. This is because everyone wants to transact conveniently through the internet. With many requests coming, it is easy for a server to break down. Thankfully, this is preventable with the use of the right load balancing tools.
Most web admins use dedicated proxies to ensure proper load balancing. This load balancer works by distributing workloads across various servers to ensure that no server gets overwhelmed. Some servers may go down if you do not use such tools because they cannot handle a high number of requests.
A dedicated proxy server makes dynamically generated content available to users. It ensures smooth delivery of requests to the server and responses too. In general, most of the work gets delegated to the proxy server. This frees the application server so that it receives new requests efficiently.
This then means better customer experiences in the end. Improved server performance is also great for banking institutions. It also means more transactions and a higher customer retention rate. Thus, financial institutions and their customers must buy dedicated proxies for their banking needs.
Financial institutions can establish their online services on websites, applications, or both. For website banking, a customer needs to click on the URL every time they want to transact. The good news is that the website doesn’t need to load from scratch if you are using a dedicated private proxy.
You can take advantage of the caching function of dedicated proxies to ensure that. Proxies cache websites that you frequently visit, making them display quickly in subsequent visits. Banking websites that you may use frequently aren’t an exception, which increases the efficiency of transacting.
Financial institutions can also use proxies to cache competitor websites. This is when they are using scraping proxies to monitor their competitors. Using a proxy for scraping ensures that you can gather data from competitor websites anonymously. This helps you improve your services and be competitive.
Thus, web scraping proxies can also cache these websites. So, you won’t need to load them from scratch when you want to check them for updated information. In the end, the businesses and private users who leverage the power of proxies reduce network costs significantly.
As discussed before, banking fraud is increasing every day. Banking institutions lose business and customer data to cybercriminals using various techniques. Even though they invest in their systems and improve them, the threat landscape is dynamic, and you can never be assured of safety.
Thankfully, security tools such as dedicated proxies can guarantee your online privacy and safety. A dedicated proxy server encrypts data in transfer, keeping it away from prying eyes and bots. This ensures that attackers cannot use the data even if they access it.
Also, private proxies secure data even when it is on your network. Hackers do not have to target your data when it gets transferred to and from your network. They can hack a network then steal or alter your stored data. A dedicated proxy server protects your data 24/7, which mitigates fraud cases.
Speed is a vital thing when it comes to monetary transactions. You want to pay for a service or product quickly and move on to other tasks. This is one of the reasons why you should think about investing in a dedicated proxy server as a banking business or customer.
A proxy brings you closer to the banking server, which makes transactions fast. The closer you are to the banking server; your transactions will be smoother. For a banking business, this enhances transactions making them process payouts faster and meet customer expectations.
You can buy cheap private proxies as a banking user. This is vital even if the banking institution you are transacting with has a proxy server in place. It increases your privacy, security and also increases the transacting speeds, which means a better experience.
Also, the faster you transact, the better. You’ll easily become a target for cybercriminals if you spend a lot of time on a single transaction. If requests don’t go through multiple times and you receive error messages, there are chances you could get exposed. A dedicated proxy server can help prevent this.
There’s no doubt that internet banking has made life easy for many people. Today, everyone prefers sending and receiving money from the comfort of their homes. But then, there’s a need to transact safely, especially today when different techniques of banking fraud are coming up daily.
A dedicated private proxy is one of the best tools you can use for private banking. It can increase your privacy and security by encrypting the data you transfer to and from banking websites. Besides that, it can also help you save on data and increase your banking speeds without compromising your security.
Financial institutions can also benefit greatly from using proxies for transactions. Using super-fast proxies can make banking more efficient. Customers will complete transactions faster and with more safety and privacy. This efficiency of dedicated proxies can help improve customer experiences.
Application programming interfaces (APIs) are a vital innovation able to transform treasury banking – making financial institutions more agile, innovative and highly experiential to support their clients’ needs, writes BNY Mellon’s Sindhu Vadakath, Head of Global Digital Channels and Asia Payments Product Management.
From real-time payments to account authentication and real-time payment exception handling, digital services have become a prominent part of financial institutions’ (FIs) offerings to treasury customers. Clients are increasingly looking for fast and frictionless experiences throughout the transaction life cycle – including pre-processing, during processing and post-processing. Application programming interfaces (APIs) are providing valuable real-time experiences that help address these needs.
APIs enable streamlined, efficient communication and integration between software components. By using APIs, FIs can offer greater speed and efficiency, and, by harnessing process automation, can provide instantaneous transactional data and actionable insights; as well as real-time visibility over payments, statuses and transactional balances for efficient cash management.
The increasing potential of APIs has been fueling industry innovation, disruption and connectivity, and many FIs have already integrated APIs into their operations. Now, with the ecosystem being driven towards greater levels of harmonisation – through initiatives such as the global migration to the ISO 20022 messaging standard – APIs are beginning to shape the future of banking.
APIs can connect the digital ecosystem while bringing numerous back-end and client-facing benefits. A critical advantage of APIs is the ability to integrate real-time balances and transactional data across multiple channels, including Treasury Management Systems (TMS) and Enterprise Resource Planning (ERP). For example, through BNY Mellon’s Treasury Payments API, clients can integrate FIs’ solutions within their own internal systems. Clients can seamlessly perform business operations by automating payment processes, as well as streamline necessary treasury operational tasks such as reconciliation and reporting. Clients can also leverage the technology to securely access global payment capabilities through a single endpoint, enabling them to initiate payments and track the status of transactions end-to-end.
APIs can connect the digital ecosystem while bringing numerous back-end and client-facing benefits.
Through such solutions, clients can enjoy the time and resource saving benefits of real-time data sharing, especially through the pre- and post-transaction processing lifecycles. The automation and streamlining of operational processes allow clients to redirect their resources to more value-generating functions, such as forecasting analysis, customized reporting and transaction capabilities.
After several years of investment in APIs to deliver integration solutions, FIs are already seeing a strong return. Benefits include retaining clients through improved client satisfaction and resiliency, as well as unlocking legacy data and eliminating manual processing.
And APIs now play an important role in business continuity plans (BCPs). The importance of having an established plan to offset against the impact of unexpected events has been confirmed by the COVID-19 pandemic. In the case of a disruption or network outage, FIs are using APIs to seamlessly switch to a digital, active-active alternate channel to process their payments – traditionally, a resource-heavy process between FIs and network providers to ensure timely execution without any financial implications. By integrating APIs into their networks, FIs can smoothly transition to their back-up plans during such exigencies.
For banks such as BNY Mellon, integrating APIs with their clients’ operations is a way of offering value-driven, tailor-made solutions to support business agility and innovation for clients. As opposed to a one-size fits all approach where offering a standard product isn’t the goal, APIs provide a solution-based target where the client can be kept at the center, and their unique needs – whether that be authentication, validation services, exception handling, or real-time access to data and reporting on payments and account activity to take timely actions – can be solved through APIs and other digital capabilities.
While the finance industry is learning to leverage API technology, the size and complexity of the solution required can sometimes impede the success of delivery. For example, an API might need to work for multiple parties across various jurisdictions that are each bound by regulations in their domestic markets. As a result, a number of consortiums, formed by both fintech and financial firms, are working on ways to resolve these issues.
[ymal]
In fact, FIs are responding through collaboration and partnerships – with each other, with fintechs, and with industry networks and participants, such as SWIFT. Where FIs focus on upgrading legacy systems and data architecture, they see opportunities to partner with fintechs to accelerate the process. Meanwhile, FIs can offer fintechs with real world client use cases, problem statements and the ability to deliver their innovations across a range of situations and sectors, leveraging each other’s expertise to address industry needs to stay relevant.
One of the biggest challenges for adoption is the difficulty in maintaining multiple variations of the message specifications by channels, currency and markets. However, the way to overcome this challenge is through increased standardisation, and the upcoming migration to ISO 20022 could reduce a lot of these frictions, by improving cross-border interoperability and streamlining the exchange of data for APIs. It is going to be a journey towards harmonisation that requires the industry to come together to chart the path towards the digital future.
As FIs continue to invest in new technologies and further leverage the benefits of APIs, they move closer to not only achieving their strategic business goals, but also enabling their clients’ own digital transformation goals. Banks and other FIs have the responsibility to continue to explore agile, innovative and integrated API solutions, ensuring that clients can benefit from the host of opportunities APIs will bring as they shape the future of the industry.
The views expressed herein are those of the author only and may not reflect the views of BNY Mellon. This does not constitute Treasury Services advice, or any other business or legal advice, and it should not be relied upon as such.
Steve Cox, Head of Accountancy at IRIS Software Group, shares his thoughts on MTD and its implications with Finance Monthly.
HMRC’s prompt decision to delay the next phase of the making tax digital (MTD) rollout in 2020 due to the coronavirus was a welcome move. This now means any businesses who were expected to put digital links in place last year must have this done by the rapidly approaching deadline of April 2021.
Added to this, from April 2022, all VAT-registered businesses will be expected to file their tax returns digitally regardless of their turnover - which was a limitation in the previous phase. For many businesses, this requires a substantial amount of work if the bookkeeping is done manually, on paper records or even not at all, adding to their already full plates as they look to rebuild following the on-going challenges borne from the pandemic last year.
Accountants naturally have a critical role to play in supporting businesses through this next phase of MTD. So, it’s important to have a clear understanding of what needs to be done right now and how to make the transition as simple as possible for clients.
The first port of call is to evaluate all clients who must comply with MTD before the phase 2 deadline, and review the MTD template built for the first phase. This will help establish a clear strategy of what each client needs to do. Accountants should then begin the transition preparation - communicating with clients about their exact financial positioning, workflow, filing and how to approach switching to digital records.
The first port of call is to evaluate all clients who must comply with MTD before the phase 2 deadline, and review the MTD template built for the first phase.
This is where it is important for accountants to think smart as MTD is a volume play - in both clients and data - when it comes rolling out across a large portion of their client base. One tool that is incredibly valuable and available from software providers, including IRIS, is record digitisation which enables anyone who needs to track receipts, capture photos and digitally process receipts, invoices, purchase orders and bank statements. The physical data automatically becomes a digital record and uploaded to a cloud-based platform, ready for accountants to review and compile VAT returns as required in their process. Such automation tools dramatically increases client efficiency and process productivity, while making life less stressful for accountants and business owners.
Through automation, such systems eliminate the time-consuming everyday chores, ensuring accountants can act smart and get more done. The majority of small business owners end up spending their personal time compiling their records from the week (or month) and would love to get this time back thanks to automation tools. In return, time saved chasing and reconciling client data frees up accountants to focus on client relationships and higher-value advisory services. It also rapidly improves communication speeds, transforming how accountants engage and connect with clients and prospects, ultimately helping them to retain and attract new clients.
Once accountants have successfully evaluated and prepared their clients for MTD and established a clear, proactive plan of action, they then need to make sure all clients have registered for an HMRC Agent Services Account, although proactive accountants could do this ahead of client evaluation. Once this is done, certain HMRC online services, including the MTD, VAT and income tax pilots can be accessed so business owners and accountants can work together to manage the transition efficiently; making it as simple as possible for both parties involved.
By using technology to gain instant access to accurate, real-time data well ahead of this year’s MTD deadline, accountants and business owners can be sure they’re in the best position possible to move forward with confidence.
Every client is different and will have their own way of managing their tax - some will have been using paper-based processes for years on end. So, it’s important to frame MTD in a way that isn’t complicated or confusing. Given the rapid digitisation of UK businesses over the last year to survive - and in some cases thrive - during the pandemic, businesses are more likely to be open to a digital records conversation than ever before.
[ymal]
Yes, the practical side of what’s required and expected with regards to MTD is essential to get right. But MTD is about more than mere compliance, it’s about looking to help future-proof businesses. This is a real opportunity to build relationships with clients on a personal level and move into that trusted advisory role.
Working with clients to lay out a clear roadmap of steps they should be taking ahead of the 2021 MTD deadline - as well as the April 2022 VAT rollout - will enable accountants to help their clients on a real-time basis. And ultimately be of more support to business owners looking to recuperate from the impact of the last year.
By digitising now and creating great efficiencies across the client’s business, accountants can take advantage of improved workflows, increasing productivity and working smarter and help their clients future-proof their business for good. Harnessing technology to streamline tax management and create a single view of the data for all financial records, means accountants will put their clients in the best position to move forward with confidence.
Finance Monthly hears from Wayne Parslow, Executive Vice President for EMEA at Validity, as he explores what the financial services sector stands to gain from better handling of its data.
Financial firms face an increasingly complex minefield of regulations when it comes to handling data. The sector has so many acronyms that it’s often difficult for a layperson to wrap their head around them. Unfortunately, finance companies don’t fare that much better, and can be overwhelmed by seemingly infinite customer data management requirements.
Whether it’s ensuring appropriate customer data storage under GDPR or securing payments processes under PSD2 and PCI-DSS, there’s a host of regulatory pressures for managing the financial customer relationship chain.
Regulatory bodies are certainly not toothless when it comes to enforcing punitive measures, either. At the end of 2020, the ICO issued fines to both OSL Financial Consultancy Limited and Pownall Marketing Limited for misusing personal data.
Ensuring data held by finance firms is accurate, up to date and, equally importantly, used appropriately is a shared goal for both the regulator and financial institutions. However, with the pressures put on financial firms by the pandemic, there’s a good chance that data management best practice has taken a back seat in favour of ensuring business continuity.
This is a misstep, as the two key fundamentals of data – data quality and data governance – should be tied into the basic operations of a financial services firm. With strong data foundations, financial services firms will be in a far stronger position to navigate the upcoming uncertainty of a post-pandemic world.
Ensuring data held by finance firms is accurate, up to date and, equally importantly, used appropriately is a shared goal for both the regulator and financial institutions.
Having data quality and governance work in concert to support one another does not simply ensure regulatory compliance, though. The value of data for driving successful business outcomes has already been proven, and businesses which employ a data-driven strategy are growing 30% year-on-year. Higher data quality also delivers stronger customer relationships and greater engagement.
Data quality is not a once and done operation. For financial services in particular, it’s a complex, continuous network of processes and actions that must be continuously maintained as new data is collected, augmented and edited by the organisation.
First and foremost, a finance firm must take stock of the current state of its data. Given the rapid changes that have occurred over the past year, it’s essential to reassess data for accuracy, completeness, duplicates and inconsistencies. Firstly, data needs to be housed correctly so that it can be profiled accurately. Profiling their data enables financial organisations to ensure it is right for the business’s current needs, can be easily analysed and reported on, as well as being able to more easily check whether it is up to date.
A common barrier to data quality are duplicates. Many regulations require data to be up to date, and for customer data to be removed under certain circumstances (i.e. when a contract is terminated). Whilst a firm might believe it has done its due diligence under these circumstances, leaving duplicate data behind poses a significant compliance threat and risks inappropriate or even illegal communication. To have a consistent, complete view of its customer data, a financial firm must be proactive with the management of deduplication. It’s a simple yet effective process that can make a huge impact, but requires an investment in the appropriate tools.
Leaving duplicate data behind poses a significant compliance threat and risks inappropriate or even illegal communication.
The end user is typically identified as the weakest link in the security chain, and many breaches reported to the ICO stem from simple user error, whereby an employee downloads a confidential document to a laptop which is then lost or stolen, for example.
With the move to remote working last year, many businesses wisely took the step to upskill their now remote workforces with additional security best practice training to help mitigate the additional cybersecurity risks.
Organisations can take additional steps to ensure errors that create vulnerabilities, such as the laptop example above. Employees will often adopt methods that help them get their jobs done most efficiently, even if these deviate from security best practice. Standardising data is a crucial step to enabling it to move through the organisation in the correct, and secure, way – regardless of location.
For example, if finance needs to produce reports based on the outgoings of a few different international teams, putting best practice standards in place as basic as how titles and regions are entered means this can be completed more efficiently, easily and securely across the board.
Alongside profiling, deduplication and process standardisation, verification needs to be a top priority, and should take place as data is collected. Using external sources, both prospect and existing client data should be verified (provided, of course, that consent has been given for these external sources to be used in this way). Enriching data in this way ensures finance firms get a better ROI from marketing and sales.
Data is constantly changing, and a continuous monitoring regime is the only way to keep track as it waxes and wanes. A simple way to keep up with the health of your data as it changes is to set up dashboards and alerts that track data quality automatically.
[ymal]
That said, it’s not just about technology. There’s no getting away from it – a comprehensive cross-functional approach is needed to implement a successful data governance programme. For finance firms, team members must be subject matter experts who understand the complex industry standards and regulations and know what to do if they don’t. Many finance organisations will already have an executive level representative responsible for company-wide data management, such as Chief Data Officer (CDO).
A core aspect of a CDO’s responsibilities should be simplifying processes with the help of the right technologies. However, it’s unlikely there’s a single tool that will do everything a financial organisation needs, and every governance strategy should be bespoke for the organisation that will follow it. Companies should be aiming for a “data quality by design” mindset, where the checks and processes that ensure top-quality data is maintained become second nature.
Simon Pamplin, technical director at Silver Peak, explores what public cloud is and what its implications are for financial services firms.
Adoption of cloud by financial institutions has risen dramatically over the past five to ten years. Yet this has largely been private cloud rather than the more flexible and scalable public cloud.
In January, however, European financial institutions formed the European Cloud User Coalition (ECUC) to drive public cloud adoption and ensure consistency and enforcement of security standards of cloud’s use. Allied Irish Bank, BAWAG Group, Belfius Bank, Commerzbank, Deutsche Börse, EFG Bank, Erste Group Bank, Euroclear, ING, KBC Bank, Swedbank and UniCredit have all signed up to the ECUC and are participating in the initiative.
This widespread push displays the desire for public cloud in the finance industry, and there are persuasive arguments for the transition from private to public. Although the desire is clearly there for greater use of public cloud, there are key factors that will determine the speed and success of this transition.
The difference between public and private cloud is that, as the name suggests, private cloud is managed internally by an organisation – all the dedicated infrastructure, including the data centre, is managed by a single, owning organisation. Conversely, public cloud is offered to multiple companies by a public cloud provider that runs and maintains the supporting shared infrastructure.
That the finance industry has been cautious in its uptake of public cloud highlights the essential need for top security for banks and other financial service organisations. The industry in particular is subject to strict compliance legislation across Europe, and organisations may choose private clouds as a means to ensure they are indeed complying.
Adoption of cloud by financial institutions has risen dramatically over the past five to ten years.
Another issue is that of vendor lock-in, as companies may worry of their complex cloud infrastructures being guaranteed by a single cloud provider – this reliance can hurt market competition, as it prevents companies easily switching between vendors.
It is these concerns that the ECUC seeks to address by defining and communicating what requirements have to be met in Europe for public cloud to become a feasible option for financial organisations. There are, after all, some clear benefits.
The first and foremost benefit of transitioning to public cloud is cost. Supporting cloud infrastructure is an expensive and labour-intensive process – smaller, newer organisations in the industry may find the possibility of private cloud beyond their resources, especially given the stringent cybersecurity standards that the financial world requires.
Adding to this, public cloud providers do offer a top rate service uniquely tailored for organisations – they are excellent at what they do, and a multitenancy business model allows them to allocate resources in a distilled and highly efficient manner. By delegating cloud to an expert third party, finance organisations free themselves from the operational headaches of enterprise IT administration.
A key criterion for the use of public cloud is that when implemented, financial organisations can be sure their data is safe. However, the secure use of public cloud services lies in infrastructure and vitally the wide-area network (WAN).
Before the public cloud transformation in the industry can advance, organisations must transform their networking infrastructure. In essence, traditional WAN architectures have been obsoleted by the cloud, and private cloud security can only be guaranteed through advanced WAN solutions, such as an SD-WAN.
[ymal]
The drive towards public cloud will enable the financial industry to enjoy its full benefits – greater accessibility, lower cost, and increased market competition. However, first, coordination with European public cloud providers and transformation of the organisational network must be accomplished to assure success.
It has caused a massive global economic shock that economists describe as three times worse than 2008’s financial crisis. Additionally, workforces are learning how to deliver services from outside their usual working environment. Andy Campbell, global solution evangelist at FinancialForce, shares his insight on the effect this is having and how firms can overcome their new difficulties.
Pre-pandemic, businesses were already facing external pressures to adapt. The transition to a services economy, and an increased expectation for high-quality customer experience moved the goal posts for many firms. This combination of external factors has necessitated companies to make changes on a scale and a rate never seen before. Those that fail to make the necessary changes run the risk of being left behind.
Many companies have started to adopt cloud-based systems to enhance specific business functions and processes, most notably in the front office. However, thus far they have been unable to combine all their activities in the cloud. While it is a step in the right direction to see this increased focus on process optimisation, organisations will keep suffering from inefficiencies until they unite around one overarching cloud strategy.
Broadly speaking, there are five key pain points that businesses must address in order to thrive in the future.
There are many difficulties when it comes to operating a global enterprise. For instance, regional teams may have their own unique local capabilities and requirements. This results in individualised local tactical solutions being developed that run side-by-side with the systems that the company uses on a global scale.
Tensions often arise between the delivery level, where quick fixes take place, and the global level, where greater consistency is required. This disjointed approach to applications development results in inefficient business processes and centralised solutions that are antiquated, difficult to maintain and inflexible.
There are many difficulties when it comes to operating a global enterprise.
The speed of business change continues to increase and out-of-sync processes slow down a firm’s ability to respond. For example, a fragmented systems architecture usually compromises the quality and timeliness of data, causing decisions to be delayed as well as ill-informed. A united strategy is required to oversee the entire opportunity-through-delivery process.
With businesses in all sectors becoming increasingly customer-focused, elevating customer experience should be central to decision making. Using spreadsheets and bolt-on custom-built software to oversee the delivery process is an inadequate approach. Such short-term solutions are limited in their effectiveness, and they also restrict an organisation’s ability to pivot when faced with changes to the needs of both the market and customers.
Nowadays, employees from across the business come together when working on projects, while instantaneous interactions with customers are required for success. By deploying a single system to oversee the whole opportunity-through-delivery process, an organisation can deliver cohesion and unity throughout the whole customer journey.
For many companies, the front and back office have not always seen eye-to-eye and when conflicts arise, it is often because of the different systems and processes they use. In an ideal world, the front and back office would combine their datasets, providing everyone with a consistent 360-degree view of the enterprise that includes customer, operational and financial data. However, the reality of the situation is that the front and back office are often siloed, meaning datasets are often nothing alike in terms of accuracy and detail. This has the potential to compromise decision making, hinder the growth of the business and limit the development of fresh new offerings.
By opening up the pathway for information to be shared between the front and back office, companies can align the data between the two and ensure that they are working in tandem, thus eliminating any obstacles to growth.
In an ideal world, the front and back office would combine their datasets, providing everyone with a consistent 360-degree view of the enterprise that includes customer, operational and financial data.
Many organisations need to manage complex projects, with dispersed teams, and project managers who often have their own idiosyncratic means of monitoring progress. This results in employees completing their tasks ‘side systems’, which are invariably poorly integrated across the enterprise.
There are many problems associated with not having an organisation-wide view of ongoing activities, such as poor visibility of project progress, lack of clarity over resource availability and limited understanding of the true cost of project delivery.
Optimising the delivery of service projects, both internal and external, requires a robust platform for management and automation. The impact in terms of both resource utilisation and the effectiveness of project delivery are considerable and for any services business this can translate into significant competitive advantage.
Revenue leakage is a constant thorn in the side of many organisations and one of the major issues is that it can appear at so many points in the customer lifecycle. Additionally, if you’re not actively looking for revenue leakage it can go overlooked until it’s too late. Hence why it’s often referred to as a silent killer of businesses.
COVID-19 has exposed gaps in both existing systems and processes. Whilst individually these gaps may appear small, the combined effect in terms of lost revenue and reduced customer service can be considerable.
Issues with data entry and disconnected systems are just two of the many causes of revenue leakage and they typically result in process errors, duplications, reworks and delays. For those organisations that do not deploy a single integrated system to oversee business functions such as planning, producing, and selling, they run the risk of leaking revenue.
[ymal]
However, by utilising the right cloud solution, companies can seamlessly tie the front and back office together, balance real-time resource demand against resource capacity, forecast more effectively into the future, and deliver more predictable business growth. The pace of change is quickening, and in this services economy even the largest firms need to start becoming more flexible and agile.
Finance Monthly hears from Nic Sarginson, Principal Solutions Engineer at Yubico, on emerging trends in data security that may soon be coming to financial services.
This past year has prompted a rise in take-up of digital banking services. As people stayed at home they went online to work, shop, stay in touch and manage their money. While this shift to online banking presents an opportunity to service providers with a digital-first approach, it also presents a target for cybercriminals intent on profiting from data breaches and account takeovers. Banks and their customers are adapting to a new, remote, relationship; as they do, the strength of online security protection will become a greater talking point and, for some institutions, even a source of competitive advantage.
According to some reports, as many as six million people in the UK made the switch to digital banking in March/April last year. Customers setting up their accounts will have created a password/PIN to use with a user ID to gain access. This form of authentication will be familiar from other log-in services; what may be less so is the additional strong customer authentication (SCA) check, such as a one-time passcode generated by a card reader or sent as a text to a registered mobile phone.
This second line of defence is incredibly important for financial services, as passwords are notoriously weak at preventing bank account takeovers. Reused passwords render multiple accounts vulnerable should a data breach put this information into the hands of cybercriminals. Passwords can also be guessed with a range of common word and number combinations in use, and bank details are some of the most coveted data breach spoils.
Additional ID checks therefore boost security, but not all forms of stronger authentication are completely resistant to security threats. Mobile-based one-time codes that are so popular with banks, for example, can be vulnerable to SIM-swap and modern man-in-the-middle (MitM) and phishing attacks.
According to some reports, as many as six million people in the UK made the switch to digital banking in March/April last year.
During a MiTM attack the innocent party believes they are communicating with a legitimate organisation, such as their bank, but in reality information is being intercepted and relayed by a malicious third party. It isn’t easy to recognise this type of attack, even for the cyber savvy, as attackers create personalised and convincing communications to trick their targets. Routes in can include unprotected Wi-Fi and manipulated URLs.
In the more widely known phishing attack, people are tricked into parting with personal information such as login details. Phished credentials are then used to gain access to the user’s account and may be tried against other services as part of a multiple account takeover.
For financial services, the strongest possible authentication to protect data and accounts does not always marry with the best customer experience. Each additional check can add time and frustration to the log-in experience, preventing customers from accessing their accounts whenever they want to – if, for example, they are in a mobile-restricted location.
Strong authentication therefore must meet the dual requirement of protecting account details and financial and personal information, while also providing a convenient, preferably frictionless, user experience. Added to that is another consideration - how simple it is to integrate additional authentication into back-end systems for both the existing product portfolio and future innovations. With the rate at which financial services are digitising, and payments moving cashless, this is a challenge most banks will find concerning. The finance industry is also faced with the critical need to ensure compliance with various industry regulations including GDPR, PCI DSS and PSD2 mandates that govern access to sensitive data.
Financial institutions must also protect access to their own systems and applications. Here, the challenge is exacerbated by the fact that most banking infrastructures are a mix of legacy on-premise systems, and private or public cloud-hosted services. They must all be protected against unauthorised access, a challenge that has been heightened by the rapid transition to large-scale homeworking of the past year.
[ymal]
Finance teams and employees working from unfamiliar locations expand the potential attack surface with home networks and personal devices suddenly a part of a bank’s corporate IT estate. Seamless, convenient and high-assurance multi-factor authentication (MFA) must be in place to protect data and corporate assets so that employees can securely access systems remotely without introducing new risks and vulnerabilities.
Financial services are starting to embrace hardware-based tools such as security keys as a route to strong authentication, which protects business and customer data without inconveniencing increasingly impatient financial customers. When it comes to their financial data, users appreciate authentication devices being something they have, as opposed to something they know, to protect against phishing attacks. For customers, they provide protection for accounts, while in the corporate setting they can secure access to systems and applications. Whether tasked with upgrading a bank’s legacy infrastructure, or a new generation of fintech developers operating solely in the cloud, such an approach can offer seamless integration with operating systems, and conformance with global authentication standards.
If the finance industry is to effectively protect customers and customer data while providing the user experience that today’s consumers expect, they must look beyond basic protection methods to provide strong yet frictionless authentication. It’s shocking that social media accounts are often more secure than bank accounts as of today. Since consumers are increasingly exposed to better protection elsewhere, they'll soon be demanding the same security assurances for their bank account.
Philippe Alcoy, Security Technologies for NETSCOUT, describes the cybersecurity threat facing the financial services sector, the damage it has done and how it can best be safeguarded against.
In 2020, for the first time in history, the annual number of Distributed Denial-of-Service (DDoS) attacks exceeded 10 million. These attacks took place at greater frequency, speed, and strength, enabling attackers to knock out their targets faster than ever before. Now, NETSCOUT is seeing threat actors re-targeting companies who were previously able to prevent being attacked, focusing particularly on the finance industry.
Before looking at DDoS attacks in relation to the financial sector, it is important to understand what a DDoS attack is. DDoS attacks can be described as malicious attempts to make online services unavailable, which is achieved by overwhelming the service with traffic from multiple systems. The industries targeted by these attacks are wide-ranging, from telecommunications and eCommerce to finance and healthcare.
In 2020, the financial sector emerged as a prime target for cybercriminals. NETSCOUT observed that there were more DDoS attacks against the finance industry in the month of June than there were from January to May 2020. In fact, from June to August 2020, there were more attacks against the industry in this period than were seen in total between April 2016 and May 2020. There was also an increase in the speed of attacks that were taking place against the financial sector, with the total throughput of attacks increasing by roughly 4.5 times worldwide.
This campaign of DDoS attacks targeting the finance industry was taking place worldwide, with banks, exchanges and other financial services organisations all being hit. But there was something unusual about these DDoS attacks: they were part of an extortion campaign. This involves extortionists demanding a payment via Bitcoin within a specified amount of time prior to or following a demonstration DDoS attack. In most scenarios, when the demands of the attackers aren’t met, the ensuing attack that was threatened does not end up taking place.
In 2020, for the first time in history, the annual number of Distributed Denial-of-Service (DDoS) attacks exceeded 10 million.
More recently however, NETSCOUT has discovered that the same attackers are returning to previous targets. The organisations that were successfully able to mitigate the first DDoS extortion attack are now being retargeted in follow-on attacks, months after the original attacks took place.
The financial sector is a prime focus for this DDoS extortion series and the more recent retargeting campaign because they are perceived to have access to large amounts of money, as well as vast swathes of private data, making them an obvious target for those behind the campaign.
It should be noted that the attackers claim to be part of well-known attack groups, such as ‘Lazarus Group’, ‘Fancy Bear’, and ‘Armada Collective’ to try and boost their credibility and scare their targets into paying up. As such, NETSCOUT has given the attackers the nickname ‘Lazarus Bear Armada’ (LBA).
Unlike other threat actors, these LBA attackers have carried out extensive research into identifying the appropriate email inboxes that are regularly checked and used, to make sure their threats are read by the right people. The increased accuracy of the extortion emails has the potential to cause serious damage to those in the financial sector. It has the capability to disrupt a large number of services used by finance organisations, from online banking platforms and website access to internal systems that help the organisations to operate and fulfil the needs of customers.
A DDoS extortion campaign can lead to institutions losing a large amount of money, even without a ransom being paid, because the initial demonstration DDoS attack results in downtime for part of the company.
An indirect consequence of a DDoS extortion attack is the reputational damage that it can cause. For example, when financial organisations are hit by a DDoS attack, customers may be unable to access their money and financial information, and may feel put off or let down by the organisation not having the appropriate DDoS countermeasures in place.
[ymal]
In order to mitigate the risk posed by DDoS extortion campaigns, financial services organisations must have a solid plan of action in place. It is vital that when organisations are attacked, they know who to contact and notify. This should include key stakeholders, security providers and local regulators. Financial institutions should also learn from previous DDoS extortion campaigns that targeted the industry. For example, there are clear similarities between the DD4BC series of attacks that took place from 2014-2016, and the current extortion campaign, with both targeting the financial sector.
While a DDoS extortion attack can be devastating for those organisations in the financial services sector, providing they have the right protection and plan of action in place, the damage caused by the attack can be kept to a minimum.
