The need for financial institutions to be prepared against cyberattacks is doubly pressing this year, following a raft of new regulations. These have shifted the mandate from one of annual compliance exercises to an ongoing assurance that IT systems are prepared and secure.
Hiscox recently published its Cyber Readiness Report, surveying how prepared major institutions are to face cyber-attacks. Last year the report found many businesses underprepared for cybersecurity threats.
A variety of products offer security for financial services companies’ critical applications. But the growing complexity of banks’ systems means that the approach to cyber security products is not fit for purpose, warns systems integrator World Wide Technology.
Nick Hammond, lead advisor for financial services at World Wide Technology, comments: “The Hiscox report will serve as an important reminder to financial services firms about the importance (and difficulty) of securing against the cyber threats.
“This kind of protection is all the more necessary this year, in the wake of new regulations such as MiFID II, PSD2 and GDPR. Unlike older rules that only required yearly tick-box compliance exercises, these new regulations require continued assurance of critical applications.
“But with the complexity of existing IT systems, which have been built with different and sometimes opposing metrics over the years, this is easier said than done. Legacy infrastructures are often formed from an extremely complex patchwork of applications, which communicate with each other in convoluted ways.
“This web of opaque interdependencies is creating problems for cyber security. Without a clear view of how the system is plumbed together, there can be knock-on effects downstream when one application is prevented from sharing data with another system or user.
“To meet changing regulatory requirements, companies in the financial space need to access infrastructural expertise, to generate a working, real-time picture of the entire framework. Only after gaining this level of visibility can the right security policies be fitted to each application in a way that fits within the functioning of the existing system, allowing components to communicate as they need to whilst closing them off from external threats.”
(Source: World Wide Technology)
The UK’s Banking and Financial sector has ended the year on a positive note, with the growth of new companies up 18.56% to 5,775 and failures down by 37.89% to 59 compared to Q3, according to figures released in the quarterly Creditsafe Watchdog Report. The report tracks economic developments across the Banking and Financial sector and 11 other sectors (Farming & Agriculture, Construction, Hospitality, IT, Manufacturing, Professional Services, Retail, Sports & Entertainment, Transport, Utilities and Wholesale).
In addition, sales were up marginally by 1.24% from Q3, and the number of active companies rose by 6.86% over the same period. Total employment fell by 4.39 in Q4.
The research shows a significant improvement in the financial health of the sector, with the volume of bad debt owed to the sector decreasing by 89.31% in Q4, and down by 81.35% since the same period a year ago. The average amount of debt owed to companies in the sector in Q4 came in at £28,686, which was an 88.35% drop on the previous quarter. There was a mixed picture for supplier bad debt, the volume owed by the sector, which saw a big decrease of 60.71% against Q3, but was up by 51.16% compared to Q4 2016.
Rachel Mainwaring, Operations Director at Creditsafe, commented: “Creditsafe's Watchdog Report shows a much-improved outlook for the UK’s Banking and Financial sector moving into 2018. Last quarter’s levels of bad debt were a serious cause for concern, so it’s extremely positive to see a huge drop in these figures in the final quarter of the year.
“It’s also exciting to see such an increase in the growth of new companies, pointing to an encouraging year ahead for the sector. It will be interesting to see how these new companies fare, and whether these positive figures continue throughout the next few quarters.”
(Source: Creditsafe)
From democratising data to driving value, blockchain has a lot of potential to improve on some of the credit industry’s greatest challenges. Here Alexander Dunaev, Co-Founder and COO at ID Finance, delves into how blockchain could disrupt credit agencies all over the world by providing a solution to address the broken and archaic data practices at the credit bureaus.
Blockchain is driving a paradigm shift in how we deal with data, rewriting the rulebook around approaches to data management, transparency and ownership. While digital finance is cutting the cost of serving the underbanked to drive financial inclusion, blockchain could offer a way of widening access to even greater numbers of consumers excluded from mainstream financial services.
Within lending, where we see blockchain having the biggest impact is on transforming the credit bureaus. The technology offers a much-needed solution to address the inefficiencies associated with data security, ID verification and data ownership.
Although a number of new ways are emerging to determine loan eligibility, the largest banks and financial services providers still rely heavily on an individual’s credit history, sourced from credit agencies such as Equifax, Experian and TransUnion and its corresponding FICO score. Indeed 90 per cent of the largest US lending institutions use FICO scores.
The way in which credit histories are stored and accessed by corporates has historically made a great deal of sense and offered a multitude of benefits. It regulates how the data is stored, audited and accessed, and bestowing a government seal of approval provides the necessary level of trust among and consumers and contributors (i.e. the banks).
The severity of the recent Equifax data breach however – described by US Senator, Richard Blumenthal as ‘a historic data disaster,’ – where personal records for half of the US were compromised, exposed a number of critical flaws and vulnerabilities. Experian also suffered a breach in 2015, which affected more than 15 million customers.
In spite of the supposedly robust data storage safeguards, the hacks highlight that these databases are simply not safe enough and are certainly not immune from intrusion.
With first hand experience of dealing with multiple credit agencies across the seven markets ID Finance operates, I believe there are three key ways blockchain could address the inefficiencies associated with having a centralised credit system:
Achieving a comprehensive view of a borrower’s financial discipline and credit capability requires extensive verification and evaluation throughout the lending process. This is both time consuming and costly particularly when multiple credit bureaus exist in a country.
As data isn’t shared among the credit agencies, each will inevitably hold a varying report of an individual’s credit history meaning we need to engage with all of the providers to gain a consolidated view of a borrower’s financial health.
The combined revenue of Experian, Equifax, TransUnion and FICO in 2016 was c. $15bn. These are the fees paid for mostly by the banks, to access the credit histories needed to carry out their day-to-day lending activities. In the most simplistic sense this is $15bn of fees and interest charges passed on to, and overpaid by the end user – via higher lending APRs – for the privilege of having access to credit.
At the same time the regulatory compliance surrounding the storage and distribution of credit histories creates high barriers to entry making the market oligopolistic and hence less competitive. It is hampering the ways and locations in which businesses can lend.
In short, we have a process whereby consumers are paying the steep price of having a centralised credit history facility, which isn’t immune to data breaches, while frequently creating hurdles for financial services firms to actually access the data. This process is broken and out-dated.
Blockchain – a tamper-proof ledger across multiple computers with data integrity maintained by the technological design rather than on an arbitrary administrative level – has the potential to address the broken and archaic data practices at the credit agencies.
Until recently there was no alternative to having a robust authority managing the credit database. However, it is precisely the lack of a centralised authority, which makes blockchain so suitable for the ledger keeping activity, and is what facilitated the most proliferated application of the technology within cryptocurrencies where reliability is key.
Storing the data across the blockchain network eliminates errors and the risks of the centralised storage. And without a central failure point a data breach is effectively impossible.
Without intermediaries to remunerate for the administration of the database, the cost of data access drops dramatically, meaning lenders can access the data without having to pay the ‘resource rent’ to the credit agencies.
As the data is no longer held in a central repository, ownership is handed back to the ultimate beneficiaries – the individuals whose data is being accessed. Borrowers will have constant and free access to their own financial data, which is rightfully theirs to own, and potentially monetise without the risk of identity theft and data leakages.
Blockchain can address the limitations of the credit system and boost financial inclusion as a result. The technology offers security, transparency, traceability and cost advantages, as well as achieving regulatory compliance and risk analysis.
While it may be too soon to predict the exact impact of blockchain in lending, what is apparent is the centralisation of the credit industry isn’t working. It’s time to rip up the rulebook and start afresh and blockchain offers a compelling solution.
MiFID II came into force at the start of the month/year, but many businesses are still not compliant. Luckily for them, there’s a six month grace period before they’re actually in trouble. With that in mind, here’s 5 top tips for compliance from Joanne Smith, Group CEO of TCC and Recordsure.
MiFID II, hailed as the key to overhauling the financial markets and implementing the lessons learned following the financial crisis, is finally here. The legislation is designed to drive significant changes around transparency, investor protection and effective governance. It also aims to harmonise the various regulatory regimes that exist across the European Union.
With such broad and wide-reaching goals, the legislation, and the changes firms are required to implement in response, are significant and shouldn’t be underestimated. Yes, MiFID II is already in play, but with so much uncertainty in the build-up to implementation, firms may be less prepared than they might have hoped, or uncertain of how to ensure ongoing compliance.
Here are five top tips to help firms set themselves up for ongoing MiFID II compliance and strengthen their business for ongoing commercial success.
There’s no doubt that culture is one of the most important components of effective governance frameworks. Firms that are focussed on treating customers fairly and delivering the right outcomes are more likely to have greater commercial success and a more positive relationship with the regulator than one with a poor culture, or one which isn’t sufficiently embedded throughout all levels of the organisation. Recent FCA thematic output has identified how firms with objective self-challenge built into their processes are able to more effectively demonstrate that good customer outcomes are central to their business.
Firms should have gained a thorough understanding of their culture prior to making any changes to their business in response to MiFID II. However, culture isn’t static, it evolves over time and so firms will need to continually measure and evidence their culture and the impact it has on consumer outcomes. When assessing this, firms should keep MiFID II’s core aims of transparency and investor protection in mind and assess the extent to which internal practices are aligned.
Now that MiFID II is here, firms should keep the requirements front of mind when considering any strategic business changes, as the requirements do impact, whether directly or indirectly, on a significant number of business areas.
In the near future, the industry is likely to see changes in the distribution landscape, with firms exploring direct to client offerings and increased use of digital services to serve clients and offset the increased costs the legislation will bring.
The reporting requirements of MiFID II gives firms and regulators greater insight into the market, enabling them to monitor and identify emerging threats and potential instances of market abuse. Given the FCA’s more proactive regulatory approach in recent years, firms should expect to see the regulator pay close attention to how firms are utilising the information collected as part of their MiFID II compliance programmes and its own work to increase the effectiveness of its supervisory approach.
Firms should review their reporting systems and data infrastructure regularly to ensure that they are meeting regulatory expectations. Making full use of the insights available can also be used to inform strategy and ensure appropriate outcomes are being achieved.
Many employees are facing large scale changes to the way they perform their duties in the wake of MiFID II. It’s important that firms think beyond any initial training requirements and have plans in place to monitor compliance, reinforce expectations and deliver refresher training when issues or knowledge gaps are identified.
It’s also important that employees have a clear understanding of the standards and rules that apply to them and are held accountable for their conduct, particularly as the FCA turns its attention to rolling out the Senior Managers & Certification Regime (SM&CR) to the wider industry in the coming months.
In the face of such wide-ranging changes, it can be very easy to focus on the changes needed to comply with the regulations and forget to explore the wider benefits those changes could bring to the business and its bottom line.
Take MiFID II’s conversation recording requirements as an example. Having records in a secure and accessible format is key to demonstrating compliance, providing evidence in the event of a complaint and ensuring appropriate oversight of business activity, but the benefits don’t end there.
The data provided by recorded conversations can highlight areas where process efficiencies can be made, provide greater customer insight and can drive staff training and performance management programmes. The management information (MI) from conversation recording can also help firms identify where future risks lie across the business, not just those areas MiFID II impacts.
MiFID II is now in force, but firms shouldn’t relax just yet. In order to maintain compliance and meet regulatory expectations, firms need to be regularly reviewing their arrangements to ensure they continue to meet the appropriate standards and deliver consistent outcomes.
Below Felicia Meyerowitz Singh, Co-founder & CEO at Akoni Hub, talks Finance Monthly through the implementation of PSD2 legislation this weekend, with an overview of open banking, what it means for financial services, and what opportunities are in store for banking customers.
It’s been a long time coming but we are entering an era of greater access and better financial services that will finally put the needs of customers first.
The catalyst of achieving this much needed and long overdue result is the culmination of big debate, endless lobbying and necessary government legislation.
For years banks have sat on the most valuable asset to any business: the infinite transactional and financial data of customers that essentially define individual’s tastes, preferences, budgets and - crucially - their requirements for building and planning their lives.
High street banks - reluctant to share their oligarchy of power, held on tightly to this data - unwilling to share it with others - or use it to enrich their consumer experience and put them at the heart of their business model.
With open banking, this power will be wrestled from the big incumbents and data will be available to third parties, SMEs and new digital players. This will lead to a better future for financial services, one that increases competition and creates a greater consumer experience. More businesses will finally have a shot at delivering services that are tailored and relevant to individual customers.
Open Banking will also strengthen the role and influence of FinTech companies that have the agility and open APIs to make data sharing possible and to disrupt the status quo. We have already seen new banks like Starling Bank taking the lead, by creating partnerships with other FinTechs to create a customer rich ‘Amazon of Banking’ experience.
Together with multiple significant other sources of data being made available with consent and through API format, this will finally deliver financial products in a simple and meaningful manner, with automated prompts as companies or market products change, resulting in data innovation and improved financial outcomes, as well as removing the hassle for enterprises, saving time and money.
Key to this is delivering analytics in an easily understandable form without overwhelming businesses - leveraging the rapidly advancing data science technologies, machine learning and AI, as well as outstanding design and user experience is part of the market change we are moving towards. While the UK and EU lead the way, there are early sprigs of global growth for international solutions.
Incumbents are not resting on their laurels. Many banks and financial institutions that make up the global sector are making impressive strides to capitalise on open banking, while also exploring valuable collaborations with new innovators that can help them harness the immense value of their data.
A great example is BBVA, which has embraced the digital movement and has set itself apart from other global offerings and is putting the client front and centre. The Spanish bank has nurtured the development of impressive FinTech firms – such as the digital ID startup Covault- while also making some canny acquisitions to keep it at the forefront of innovation that resonates with a new generation of consumers and keeps them agile and technology focused. This includes the purchase of digital bank Simple.
Open banking also presents some challenges. Exposing large quantities of personal consumer data could increase the risk of cyber-attacks, hacking and identify-theft. The possible reluctance of customers to share their personal data could also derail the initiative. Educating consumers and gaining their trust around data sharing will therefore be crucial to the success of this initiative. So too the need for businesses to share information within a secure platform and for online payment providers to be scrutinised by the rigorous laws in place.
If all goes well, the developments of open banking – and the opportunities they bring to consumers– cannot be overstated. Banks will get another chance at creating better value-added services, while SMEs will finally have the access they need to deliver what their customers truly want and ultimately transform their consumer experience. Additionally, corporates are also now included in the scope of Open banking, increasing pressure on banks to deliver improved services to the neglected business market.
We only hope that customers will see the value of it all to willingly share their data and banks will leverage their relationships of trust to deliver solutions of value to their commercial client base. With their consent, the blueprint for a better future of finance can be mapped out for generations to come.
Alarming new research from bed manufacturer Sealy UK, has revealed the nation’s bankers and finance professionals are turning up for work sleep deprived - impacting not only on their productivity and mood, but even their safety. It is now spearheading a major initiative, appealing to bosses to take this often-overlooked issue more seriously.
The awareness campaign is based on data from Sealy’s recent Worldwide Sleep Census, which questioned 5,000 people of a working age from across the UK, revealing a staggering 79% of bankers and finance professionals admitted they could function better at work if they slept better.
This places the sector as the second most sleep-deprived profession in the UK, coming below hospitality (86%), but above construction, retail and transport.
It appears this ongoing sleep deprivation is causing some serious issues in the working week; 65% of bankers regularly lose their temper or have been irritable to a colleague, 30% claim they suffer a lack of productivity, while 19% say they’re often late into work or have time off as a result.
A shocking 1-in-25 even admitted falling asleep whilst at work.
However, perhaps most worrying is the 11% of bankers who have had a recent accident at work – such as a trip or a slip, due to feeling tired.
A call for bosses to put sleep at the top of their agenda
Despite the popularity of ‘wellness’ perks at companies across the UK, from gym memberships to medical insurance and even free healthy snacks, sleep remains something that is often overlooked by employers, and not treated as an important issue. This happens despite the potentially serious impact of staff not achieving adequate rest, as demonstrated in the study.
Neil Robinson, an expert on sleep at Sealy, comments: "Lack of sleep – and the subsequent fallout the next day – can be caused by a wide range of legitimate medical conditions, from stress, to mental health problems or respiratory disease. Even at the less severe end of the spectrum, there’s usually an underlying health issue causing sleeplessness. However, it’s often treated as an incidental issue by bosses, with a ‘pull yourself together’ attitude. This is not helpful for employees, especially when there are some potentially severe consequences of turning up exhausted.
“There are of course occasions when staff are tired as a result of staying up too late or burning the candle at both ends. However, this campaign is about helping bosses make that distinction, as well as encouraging a common-sense approach to effectively managing sleep in the workplace”.
To address this important issue, Sealy is working with a leading HR expert, Kate Russell, of Russell HR Consulting – a firm advising companies of all sizes across the UK when it comes to best-practice HR policy – to produce a ‘common sense’ guide for bosses to better manage sleep deprivation of staff.
(Source: Sealy)
More than nine in ten finance and accounting professionals (92%) are optimistic about increased automation in the profession, according to new research from Renaix.
The study, which questioned over 200 finance and accounting professionals, reveals that 81% are seeing their role impacted by emerging technologies, such as advanced data analytics (63%), cloud computing (42%), robotics (17%) and artificial intelligence (15%). This increases to more than nine in ten (94%) who believe these technologies will impact their role in the next five years.
Yet, despite the increasing role of technology, only 12% of those questioned believe their job will be completely automated within the next five years, with most seeing new tools as an opportunity rather than threat. Two thirds (69%) say automation will enable them to be more efficient, over half (59%) say it will allow them to add greater value to clients and 40% say it will reduce the amount of transactional work they’re involved in.
But that doesn’t mean there aren’t challenges, with more than half (59%) of respondents having to learn new skills to keep up with technological developments, with data analytics (54%), soft skills (54%) and working with new technologies (51%) coming top of the list.
Many are also worried about skills shortages over the coming years, particularly in data analytics (52%), STEM (science, technology, engineering and maths – 42%), and soft skills (31%). Furthermore, a quarter (25%) of those questioned say their employer still isn’t investing in upskilling the finance function to work with new technologies.
Paul Jarrett, Managing Director at Renaix, comments: “Emerging technologies are set to transform the finance and accounting sectors, with many professionals already feeling the impact on their day-to-day responsibilities. And it’s encouraging to see that, far from being intimidated or threatened by these new ways of working, the majority of professionals are excited and optimistic, believing automation will improve and expand their role in the coming years.
“Finance and accounting organisations have a fantastic opportunity to drive forward digital transformation, empowering all employees to play their part in developing and implementing new ways of working. However, to do so effectively, employers need to ensure they are equipping the workforce with the right skills, as well as investing in bringing in the right talent. While there will always be a need for traditional finance and accounting skills, we’re seeing a significant rise in demand for a broader range of backgrounds, particularly those with STEM qualifications. Businesses therefore need to plan their talent needs effectively, to ensure they stay ahead of the game.”
(Source: Renaix)
Without a doubt, 2017 has been a rocky year for financial services; with political upheavals, economic uncertainty and planning for numerous regulatory changes coming into effect in 2018.
In 2017, Brexit was the talk of the town, with “uncertainty” a word bouncing around the finance sector. As such, the key focus was on the financial services industry crafting their post-Brexit strategy, namely how to continue having access to both EU and UK markets and in turn catering to their clients’ needs.
According to Brickendon, while political events will continue impacting financial services, including Brexit negotiations, next year digitalisation and data will dominate alongside Robotic Process Automation and Blockchain, making larger waves in the sector and paving the way for uncapped growth and innovation.
(Source: Brickendon)
Here discussing the increased adoption of connected devices and sensors in banking and how IoT enables banks to respond in real-time to customer needs, is Neil Bramley, B2B Client Solutions Business Unit Director at Toshiba Northern Europe.
Internet of Things (IoT) technology is on the rise both at home and in the workplace, and will soon significantly impact and empower the way we live and work. To date, such solutions have arguably made a bigger splash in the consumer landscape than B2B, with connected fridges, cars and thermostats all resonating with the public. As consumers awareness of IoT grows, so too does their expectation that it will blend into their everyday consumer experience. No business is seeing this effect more than those in the financial industry as more IoT technology incorporates payment capabilities.
The case for financial organisations to introduce IoT into their internal infrastructure and consumer facing technology capabilities is gaining in strength, with solutions providers continuing to innovate and push the boundaries of what such technologies can achieve. The whole concept of IoT is that it can be anything organisations want and need it to be – all it takes is the right app or piece of code to be built around it. At this stage in its adoption, many IT managers in financial organisations don’t necessarily understand the potential of IoT. Given the personal, and often sensitive, nature of the data these organisations manage a fear of data and network security persists, particularly in the wake of recent global cyber-attacks. However, such concerns aren’t projected to hold the market back for long, with IDC research predicting that global spending on IoT technologies is forecast to reach nearly $1.4 trillion by 2021.
The scope of IoT solutions is evolving to fuel this demand. Whereas stationary M2M (machine to machine) solutions, such as sensors, kick-started the connected device market and remain popular, mobile IoT solutions provide vast opportunities across numerous sectors – helping to improve workflows, enhance interactions with staff and customers, and even improve the safety of workers. Key to this development is the introduction of peripherals to the workplace, which can be partnered with mobile gateway solutions to ensure cross-machine collaboration.
One natural example lies within banking. The increased adoption of connected devices and sensors will bring increasingly rich data to banks about their customers, allowing them to provide more personalised products and services, even enabling them to respond in real-time to customer needs. As connected technology becomes imbedded in our environments, and the connected home and smart city market matures, banks could provide real-time spending advice. For example if you have overspent on your budget that month your bank might suggest you avoid your usual Friday lunchtime treat.
Elsewhere, peripherals like smart glasses (wearable display technology) can ensure a hands-free solution to workers across a range of roles. Augmented Reality could give insurance sales teams a in-depth view of customers homes geographical locations and provide them with a better analysis of potential risks in order to give them a better deal, or provide a hands free look at a customers financial history enabling the creation of bespoke products and services.
Beyond devices themselves, operating systems will also play a crucial role in the progression of IoT in the financial services world. Currently the focus is very much on writing software for iOS and Android – a smartphone-onus which again signifies the advanced stage of the consumer market. Yet the natural progression is for solutions providers to expand their focus to incorporate Windows 10 – this will serve as a catalyst in creating a greater number of solutions designed for professional use, which in turn will inspire more financial organisations to turn their attention to developing IoT coding and apps to address different business needs.
It is only a matter of time until IoT becomes a major enabler for organisations across the finance industry – with such game-changing potential, it’s important for IT managers to get ahead of the curve to understand how these technologies can empower their business.
If everyone is one step ahead of the competition, how is it possible for anyone to be one step ahead? The FinTech sector is currently facing a complex situation where start-ups are one-upping tech giants, and vice versa, on a daily basis. So how is it possible to maintain an edge in the industry? Finance Monthly hears from Frederic Nze, CEO & Founder of Oakam, on this matter.
The financial services industry has entered the Age of the Customer -- in this era, the singular goal is to delight. With offerings that are faster, better and cheaper, new fintech entrants have the edge over traditional institutions who struggle to keep pace with consumers’ rising expectations around service. Yet this is not the first or last stage in the industry’s evolution. Just as telephone banking was once viewed as peak disruption, so too will today’s innovation eventually become the standard in financial services.
What will become of today’s new entrants as they scale and mature? The answer largely depends on why a particular fintech company is winning with customers today -- a hyper focus on problem-solving.
If customer review site Trustpilot is used as the litmus test for customer satisfaction, then clearly banks and other traditional financial firms are falling short of the mark. Looking at the UK’s Trustpilot rankings in the Money category, not a single bank appears in the top 100, and their ratings range from average to poor. Fintech entrants like Transferwise, Funding Circle and Zopa, on the other hand rank highly in their respective categories.
So how is it that such young companies have elicited such positive responses from consumers, beating out institutions with decades of experience and customer insight?
The advantage fintechs have over banks is that their products are more narrowly focused and are supported by modern infrastructure, new delivery mechanisms and powerful data analytics that drive continuous user-centric improvement and refinement. Still, they’ve had to clear the high barriers of onerous regulatory and capital requirements, and win market share from competitors with entrenched customer bases.
The halo effect of innovation and enthusiasm of early adopters, hopeful for the promise of something better, has buoyed the success of new entrants and spurred the proliferation of new apps aimed at addressing any number of unmet financial needs. This of course cannot continue unabated and we’re already approaching a saturation point that will spark the reintegration or rebundling of digital financial services.
In fact, a finding from a World Economic Forum report, Beyond Fintech: A Pragmatic Assessment Of Disruptive Potential In Financial Services, in August this year stated that: “Platforms that offer the ability to engage with different financial institutions from a single channel will become the dominant model for the delivery of financial services.”
Whether a particular app or digital offering will be rolled up into a bank once again or survive as a standalone in this future world of financial services, will depend on the nature of the product or service they provide. This can be shown by separating businesses into two different groups.
Firstly, you have the optimizers. These nice-to-haves like PFM (personal financial management) apps certainly make life easier for consumers, but don’t have competitive moats wide enough to prevent banks from replicating on their own platforms in fairly short-order.
For the second group, a different fate is in store. These are offerings that are winning either on the basis of extreme cost efficiency (the cheaper-better-fasters) or by solving one incredibly difficult problem. Oakam belongs to this second category: we’re making fair credit accessible to a subset of consumers who historically have been almost virtually excluded from formal financial services
The likely outcome for the cheaper-better-fasters, like Transferwise in the remittances world, is acquisition by an established player. They’ve worked out the kinks and inefficiencies of an existing system and presented their customers with a simpler, cheaper method of performing a specific task. However, their single-solution focus and ease of integration with other platforms make them an obvious target for banks, who lack the technology expertise but have the balance sheets to acquire and fold outside offerings into their own.
Integration into banks is harder to pull off with the problem-solvers because of the complexity of the challenges they are solving for. In Oakam’s case we’re using new data sources and methods of credit scoring that the industry’s existing infrastructure isn’t setup to handle. In other words, how could a bank or another established player integrate our technology, which relies on vastly different decision-making inputs and an entirely new mode of interacting with customers, into their system without practically having to overhaul it?
For businesses who succeed at cracking these difficult problems, the reward is to earn the trust of their customers and the credibility among peers to become the integrators for other offerings. Instead of being rebundled into more traditional financial firms, these companies have the potential to become convenient digital money management platforms, enabling access to a range of products and services outside of their own offering.
Self-described “digital banking alternative,” Revolut was first launched to help consumers with their very specific needs around managing travel spending, but today has offerings ranging from current accounts to cell phone insurance. While some of their products are proprietary, they’ve embraced partnership in other areas, like insurance which it provides via Simplesurance. This sort of collaboration offers an early look at the shape of things to come in finance’s digital future
One might ask how the digital bundling of products and services differs from a traditional bank, with the expectation that the quality and customer experience will diminish as new offerings are added. A key difference is PSD2 and the rise of open banking, which will enable closer collaboration and the ability to benefit from the rapid innovation of others. What this means is that an integrator can remain focused on its own area of expertise, while offering its customers access to other high quality products and services
At Oakam, this future model of integrated digital consumer finance represents a way to unlock financial inclusion on a wide, global scale. Today, we serve as our customers’ first entry, or re-entry, point into formal financial services. The prospect of catering to their other financial needs in a more connected, holistic way is what motivates us to work towards resolving an immediate, yet complicated challenge of unlocking access to fair credit.
With MiFID II looming, finance businesses across the UK will be reviewing their practices to ensure the way they work complies with the new regulations. Here, Alex Tebbs, Founder at VIA, explains what the regulations mean for the way we communicate as businesses, and how your business can comply come January 2018.
MiFID II is a targeted regulation update that aims to improve transparency and better protect both providers and customers of the finance sector.
In that sense, it exists to make things better for everyone; but with the January deadline looming and uncertainty still rife around the impact of Brexit on the update, many in the finance industry are still considering the best way to achieve compliance in their business.
It’s a regulation update made up of many facets, one being the requirement for businesses to record their communications in any instance where that conversation results in, or intended to result in, a transaction. Those communications must be retained - and be accessible when called upon - for five years after the event.
Creating a post-MiFID communications plan
In many ways, the communication requirements of MiFID II make a lot of sense. By recording our conversations, we can be sure that we are serving our customers in the best way, and that they are protected from any potential misunderstandings or misdemeanors.
But in today’s multi-device, multi-location business landscape, compliance isn’t so simple. While once we would have communicated on one device (likely a landline) and from one office, the reality of business today is that we often use multiple devices (and even encourage colleagues to bring their own devices) and operate across multiple locations, including remote working from home, offices in different countries and communications on the move.
This presents a challenge for finance professionals. How do we achieve compliance in this complex communications landscape?
The best place to start is with a review of your existing communications plan as a business. You’ll need to work out what platforms and devices are used to communicate, and make a record of all of those, as they will need to be included in your recording strategy. Be aware that this mightn’t be as straightforward as it sounds, and it’s likely to take time to uncover all the comms platforms in use.
The next step is then to work out how best to record those communications. On a landline, this would require hardware such as a microphone plugged into the handset. There are various apps that make it possible to record calls on a smartphone or via clients like Skype.
An alternative to this somewhat clunky process is to invest in a unified communications platform. This brings all your communication tools - smartphones, landlines, Skype, instant messaging, text - onto one platform which can be easily controlled from one portal, making recording and keeping those conversations a much easier, quicker process.
However you choose to manage your communications, one thing is clear; you will need to be able to both record, and keep, those conversations from January when MiFID II comes into play.
Security considerations in communications
It certainly won’t have passed by your attention that another sizeable regulation update is taking place in 2018; namely, GDPR, an update to data protection rules.
With GDPR putting renewed emphasis on security - and with MiFID’s requirements for comms recording - security should be placed firmly atop the agenda of financial firms.
There are various options on how we achieve security in communications. The most universally relevant and powerful is that of end-to-end encryption; with the main risk of unsecured comms being that communications could be intercepted en route, end-to-end encryption removes this risk by making the information, even when intercepted, entirely useless.
For those businesses using a unified communications platform, encryption and many other security considerations are included as standard, with large investments being made by those companies into stress testing their platforms and removing any vulnerabilities as soon as they are considered as a potential risk factor. For those using separate communications channels, a strict security testing strategy will need to be in place to ensure all communications are safe and private.
In terms of retaining those recorded conversations, security is a concern once again. Secure servers and storage areas are a must; consider also who has access to these recordings, and ensure they have a signed agreement in place that complies with data protection rules, and that your business’ data protection processes are up to date - especially as GDPR hits in May 2018.
MiFID II and the communications landscape
There is much left unknown about how MiFID II will affect finance businesses in the long run, and it’s likely that the implementation of its regulations will uncover complexities that need to be clarified as we move into the new year.
With that said, the communications element is prescriptive; finance professionals must record and maintain a record of all communications, regardless of device, platform or location. Is your business ready?
The Top 5 Impacts of GDPR on Financial Services
The clock is ticking to the 2018 deadline to comply with the EU General Data Protection Regulation (GDPR). Acting now is critical for firms to avoid risking fines of €20m (or 4% of annual revenue) so advance planning and preparation is essential. Here Nathan Snyder, Partner at Brickendon, lists for Finance Monthly the top five considerations and impacts GDPR will have on financial services.
Amidst growing concerns around the safety of personal data from identity theft, cyberattacks, hacking or unethical usage, the European Union has introduced new legislation to safeguard its citizens. The EU General Data Protection Regulation aims to standardise data privacy laws and mechanisms across industries, regardless of the nature or type of operations. Most importantly, GDPR aims to empower EU citizens by making them aware of the kind of data held by institutions and the rights of the individual to protect their personal information. All organisations must ensure compliance by 25th May 2018.
While banks and other financial firms are no strangers to regulation, adhering to these requires the collection of large amounts of customer data, which is then collated and used for various activities, such as client or customer onboarding, relationship management, trade-booking, and accounting. During these processes, customer data is exposed to a large number of different people at different stages, and this is where GDPR comes in.
So, what does the introduction of GDPR actually mean for financial institutions and which areas should they be focussing on? Here Brickendon’s data experts take a look at five key areas of the GDPR legislation that will impact the sector.
1. Client Consent: Under the terms of GDPR, personal data refers to anything that could be used to identify an individual, such as name, email address, IP address, social media profiles or social security numbers. By explicitly mandating firms to gain consent (no automatic opt-in option) from customers about the personal data that is gathered, individuals know what information organisations are holding. Also, in the consent system, firms must clearly outline the purpose for which the data was collected and seek additional consent if firms want to share the information with third-parties. In short, the aim of GDPR is to ensure customers retain the rights over their own data.
2. Right to data erasure and right to be forgotten: GDPR empowers every EU citizen with the right to data privacy. Under the terms, individuals can request access to, or the removal of, their own personal data from banks without the need for any outside authorisation. This is known as Data Portability. Financial institutions may keep some data to ensure compliance with other regulations, but in all other circumstances where there is no valid justification, the individual’s right to be forgotten applies.
3. Consequences of a breach: Previously, firms were able to adopt their own protocols in the event of a data breach. Now however, GDPR mandates that data protection officers report any data breach to the supervisory authority of personal data within 72 hours. The notification should contain details regarding the nature of the breach, the categories and approximate number of individuals impacted, and contact information of the Data Protection Officer (DPO). Notification of the breach, the likely outcomes, and the remediation must also be sent to the impacted customer ‘without undue delays’.
Liability in the event of any breach is significant. For serious violations, such as failing to gain consent to process data or a breach of privacy by design, companies will be fined up to €20 million, or 4% of their global turnover (whichever is greater), while lesser violations, such as records not being in order or failure to notify the supervisory authorities, will incur fines of 2% of global turnover. These financial penalties are in addition to potential reputational damage and loss of future business.
4. Vendor management: IT systems form the backbone of every financial firm, with client data continually passing through multiple IT applications. Since GDPR is associated with client personal data, firms need to understand all data flows across their various systems. The increased trend towards outsourcing development and support functions means that personal client data is often accessed by external vendors, thus significantly increasing the data’s net exposure. Under GDPR, vendors cannot disassociate themselves from obligations towards data access. Similarly, non-EU organisations working in collaboration with EU banks or serving EU citizens need to ensure vigilance while sharing data across borders. GDPR in effect imposes end-to-end accountability to ensure client data stays well protected by enforcing not only the bank, but all its support functions to embrace compliance.
5. Pseudonymisation: GDPR applies to all potential client data wherever it is found, whether it’s in a live production environment, during the development process or in the middle of a testing programme. It is quite common to mask data across non-production environments to hide sensitive client data. Under GDPR, data must also be pseudonymised into artificial identifiers in the live production environment. These data-masking, or pseudonymisation rules aim to ensure the data access stays within the realms of the ‘need-to-know’ obligations.
Given the wide reach of the GDPR legislation, there is no doubt that financial organisations need to re-model their existing systems or create newer systems with the concept of ‘Privacy by Design’ embedded into their operating ideologies. With the close proximity of the compliance deadline – May 2018 – firms must do this now.
Failing to do at least one of the following now: a) identify client data access and capture points, b) collaborate with clients to gain consent for justified usage of personal data, or c) remediate data access breach issues, will in the long run not only cause financial pain, but also erode client confidence. A study published earlier this year by Close Brothers UK, found that an alarming 82% of the UK’s small and medium businesses were unaware of GDPR. Recognising the importance of GDPR and acting on it is therefore the need of the hour.
