They say progress always comes at a cost.
Today, as the financial services industry continues to hurtle towards a digital future defined by mobile apps, 24/7 online services, and experimental technology, that cost is likely to be very high in the area of cyber security.
Earlier this year, Finextra published a white paper in association with IBM highlighting the sheer volume of investment being poured into combatting cyber-attacks globally. By next year, the global cyber security market is expected to be worth over $120 billion – almost double the amount spent combatting cyber-attacks in 2011. The reason? Cyber-crime is rife, with 18 cyber-attacks occurring every second and affecting as many as 556 million victims each year. And the numbers are trending upwards: The annual cost of global cyber-crime is expected to reach $2.1 billion by 2019.
As you’d expect, banks are high on the list of potential targets, with Finextra pointing out the simple fact that “criminals follow the money.” Just ask the Bank of Bangladesh, which lost $81 million in January this year when hackers breached its security systems.
Finextra’s report elaborates on the challenges financial institutions are facing: “It almost goes without saying that cyber-threats and the pressure to maintain data and system security are a major reason for the current preoccupation of the financial industry and its regulators with operational resilience. Regulation, technology, customer requirements, the occasional curve-ball like Brexit, all contribute to creating a potentially highly destabilising environment for firms without the right operational resilience mentality.”
The notion of a bank’s “mentality” towards cyber security is an interesting one where FinTech is concerned. As calls for collaboration between banks and FinTechs grow by the day, a recent report compiled by PwC suggests that financial incumbents’ number one concern in forming such partnerships is – you guessed it – security.
In the report, respondents from 163 banks around the world listed IT Security right at the top of the pile when asked what challenges they face in dealing with FinTech companies – singling it out above differences in company culture, IT compatibility and regulatory uncertainty.
Banks say IT security is their biggest concern in partnering with FinTechs.
So do they have a point? Does partnering with a FinTech leave banks open to a whole new raft of security threats even as they struggle to equip themselves against those they already face?
Ironically, the opposite may be true. The appetite among FinTechs to bring innovation to financial services doesn’t stop at security, and is often built specifically around it. FinTech start-ups are leading the way in developing new technologies such as biometric authentication (face and voice recognition tech) and big data encryption. For these FinTechs, the freedom to focus on improving security technology alone has enabled them to make progress that may have been hampered by the typically siloed approach banks take to IT.
Founder of market data FinTech xignite, Stephane Dubois, recently took to Twitter to verbalise this notion, suggesting tech firms were leaders rather than followers on the security front, and saying “The cloud is now safer than what the banks can do.”
Of course, it would be flippant to suggest all FinTechs do security better than banks. Just as the Bank of Bangladesh was accused of having lax security in the wake of being hacked, FinTechs will inevitably bring varying levels of built-in security to the table as they look to connect with new customers and collaborators.
FinTechs have a responsibility to prove they are secure too, and can look to earn accreditation that backs up their claims around data protection. The value of doing so hasn’t been lost on us here at Traxpay, and was a key driver in us initiating an external audit to earn ISAE 3402 certification. Now, potential partners can immediately have peace of mind that we’re operating in line with the highest global security standards.
In a week that has seen Yahoo falling foul of the “worst hack ever,” it’s clear that cyber-attacks aren’t going to go away. For banks and FinTechs moving forward, it seems the key could lie in embracing new technological advances and choosing their friends carefully if they want to ensure they don’t end up making headlines for all the wrong reasons.