Digital banking is unlocking new opportunities for consumers and businesses alike, but at the same time it is also opened up a new front for criminals, fraudsters and the unscrupulous. Effectively tackling this new digitally-savvy crime and safeguarding the public will require a coordinated response at every step of the digital banking journey, from the first click to the last.
With the ongoing digitalization of financial services and the shift to open banking, significant risks, as well as opportunities, must be managed. The vastly increased movement and use of data over the last decade has helped institutions to bring their customers better services and experiences. The Revised Payment Services Directive brought new stimulus to the ecosystem, enabling customers to choose to securely share their data with third party providers in return for personalized services, advice and analysis of their incomings and outgoings.
Yet as more and more data is shared, so too are bad actors increasingly enabled and emboldened. The move to cloud has been a boon for many consumers and organizations, but while cloud brings a number of agility and efficiency benefits, it also creates new vulnerabilities that can be exploited if they are not effectively managed. While cloud providers can ensure the security of cloud services, if an organization doesn’t know who is accessing its network or sharing data, or if endpoints aren’t secure, cyber criminals can strike and move through networks at speed.
Clearly, the challenges around the rise in online fraud and financial cybercrime require a rigorous approach to securing every transaction. However, security controls should be balanced with ensuring usability and accessibility of services for customers. This starts with know-your-customer processes; in the UK, for example, nearly 25 percent of all financial applications are abandoned due to difficulties in the registration process.1
So what can banks do to deliver safe, secure and inclusive banking in the digital world? Firstly, responsibility for security must be shared between banks, their customers and their cloud providers. Regulated use of technology and other cyber security solutions must increase. Cloud providers must understand the specific demands of the financial services sector. Institutions, and their cloud providers, must work in partnership to manage compliance across different geographies and jurisdictions. Cloud computing incorporates a whole range of foundational security services and controls to manage access, and for fast detection and response, with artificial intelligence and machine learning algorithms that pinpoint anomalous activity, trigger automated responses and continue to gather threat intelligence.
Collaboration and regulation
In addition, digital ID will be a critical tool to maintain security and trust. In fact, digital IDs can provide greater assurances to banks than paper-based processes, thanks to technologies such as biometrics. As well as deploying new technologies, a focus on collaboration is crucial, so that each actor in the ecosystem understands their role and responsibilities. In addition, the regulatory environment must evolve so that institutions understand their obligations. This evolution of the regulatory landscape can combine incentives to share best practice with mandatory requirements, such as making cyber security a condition of licensing.
Modernizing with inclusion
Looking ahead, in a recent report the European Central Bank found that the risks the eurozone banking system is expected to face over the next three years are heightened by: the continued digitization of financial services; the obsolescence of certain banking information systems; and the increasing interconnection of these systems with those of third-parties.2
Of the issues identified by the European Central Bank, the thorniest of these is that of legacy systems, many of which are increasingly antiquated. Yet with the imperative to modernize these systems come new opportunities for institutions to ensure that customers are operating in a safe online environment; ensuring that technologies such as cloud are deployed to safeguard consumers (i.e. when carrying out cross-border transactions).
In creating this secure digital finance world, the sector must also ensure that inclusion is a fundamental part of every step of this journey. The pandemic has impacted societies and changed the way many of us work and access services. In the context of the global recovery in the wake of the pandemic, financial inclusion is key to delivering on inclusive growth across regions and nations. Informed by this, advancements around digital ID and accessible online banking will be crucial to bridging the digital divide and ensuring that safe, secure and accessible banking is open to all.
1 Private sector economic impacts from identification systems, World Bank, 2018
2 ECB Banking Supervision: Assessment of risks and vulnerabilities for 2021