Digital acceleration is impacting how we work, live, and consume services. In addition, the digital evolution of Financial Services Organizations (FSOs) raises essential questions about the future of banking. One looming concern is how FSOs will compete against fintechs, including addressing the need for innovation to improve customer experience.
The top three strategic areas outlined in the IDC Infobrief, sponsored by Fortinet, Accelerating Transformation Through Cybersecurity in Financial Services,* highlight the core priorities for financial institutions: Trust, Security, and Resilience. So, the question is, how can FSOs lead and win through innovation while ensuring that risks do not overwhelm a traditionally risk-averse industry?
Many FSOs have begun adopting new digital business models to help them thrive in a digital-first economy. These include prioritizing investments in key areas such as data-driven security, legacy modernization, and personalized and contextual customer experiences. But for these business models to work, they will need to rely on data, analytics, and cloud platforms.
So, when we ask, “what does success look like for the future-ready bank?” we see three major themes:
Who is not irked when reminded of their first troubled mobile banking experience, with terrible UX and lack of integration? It’s why, when some fintechs launched their online mobile banking, it was a beacon of light in a dark room. A real-world security example that everyone might remember was the usage of biometrics for accessing online mobile banking. Big brands took a long time to adopt it, and while it might seem trivial from a UX perspective, it’s leaps and bounds towards progress.
Today, traditional brands regularly launch products that emulate offerings from nimbler fintech organizations. The lesson is clear: to gain a competitive advantage, banks must focus on creating a fast, intuitive, and seamless customer experience.
These business models require the accelerated consumption of new platforms, such as cloud computing. Financial organizations must understand they can create differentiated value and increase competitiveness by using the cloud to increase their speed of innovation and accelerate the go-to-market of new services and products.
Cloud platforms also serve as a bridge to modernize financial organization workloads. CIOs want to migrate workloads cohesively while ensuring the capabilities from their on-prem solutions are still available. Major Cloud Service Providers (CSPs) have jumped at the opportunity to integrate their environments into the same control plane.
Regulators have flagged the concentration risk. For example, the Bank of England has highlighted it in their stability reports. The latest Financial Conduct Authority (FCA) PS21/3 rules address third-party risk and operational resilience. And the European Union has gone a big step beyond with their Digital Operational Resilience Act (DORA).
All these activities and proposals are designed to address these concerns. The European Systemic Risk Board has flagged cyber as a systemic risk to the European financial system due to the increase in cyberattacks—especially in the financial industry, which is 300 times more likely to be the target of cyberattacks. The International Monetary Fund (IMF) emphasizes that cyber events propagate risk through the entire financial system via three broad transmission channels: risk concentration, risk contagion, and erosion of confidence.
That is why cybersecurity is a priority as part of the EU’s "Europe fit for the digital decade" policy program. Programs such as EU-HYBNET, ACCORDION, and DORA for financial services ensure Europe works as a single entity by harmonizing requirements to increase resilience and protect citizens.
To start, security needs to be woven into transformation efforts to ensure that innovation and transformation are conducted securely. For this to work, security must be included from a project's inception, not as a bolt-on after a project and its services are launched.
55% of European financial organizations already use some form of zero-trust strategy for their authorization and authentication. Zero-trust shifts the traditional paradigm from implicit trust for users and resources inside a static, network-based perimeter to an authentication model that focuses on users, assets, and resources. Zero-trust requires authentication and authorization to be performed every time access is granted to a specific resource.
While people are an organization’s most critical asset, they are also the primary source for data breaches and network compromise. Organizations must be prepared for a loss of control if their workforce is not educated on cyber awareness. Some large financial organizations have created partnerships with e-learning portals and vendors to provide tailored courses using nudges and financial instruments to reskill the workforce into new technologies. Similarly, financial organizations must plan to mitigate the rampant cybersecurity skills shortage, which will impact 90% of organizations by 2025, resulting in delays to the transformational journey.
Digital acceleration is essential for competing in today’s financial marketplace. However, it doesn’t come without risk. First, ensure employees are trained and reskilled in the organization's technologies. Second, share data with industry peers to learn best practices and identify potential issues. Transaction Monitoring Netherlands (TMNL) is an excellent example of transaction data sharing to mitigate Anti-Money Laundering (AML).
Finally, work with vendors and partners committed to cross-vendor openness and integration. When vendors work together across the threat landscape, the sum of their products is greater than the individual parts, deepening your level of cyber protection.
Learn more about how cybersecurity accelerates transformation and innovation for FSOs by downloading the IDC InfoBrief - Accelerating Transformation Through Cybersecurity in Financial Services.
*Doc #EUR148403921, December 2021