As the conflict between Russia and Ukraine continues and no sign of resolution in near sight, the broader secondary implications are being felt far beyond the region’s borders. Amongst them are serious cyber implications that could have devastating and far-reaching consequences – not just for countries directly involved in or close to the conflict, but the global financial system.
In particular, institutions critical to the infrastructure and running of their country are probably the most vulnerable. And when it comes to these criteria, financial institutions are at the top of the list. As such, it is critical for banks and other financial institutions to assess, thoroughly and quickly, their vulnerability to such attacks.
A global problem
Guy Warren, CEO, ITRS Group
Though some in the west might believe that the Russia-Ukraine crisis isn’t their problem, recent history indicates otherwise. NotPetya – a Russian-organised cyberattack targeting Ukrainian power, transportation, and financial systems – was less than five years ago. And while its intention was to destabilise Ukraine, NotPetya spread rapidly.
The consequences of the attack included massive operational disruption to countries across the globe – including the US, UK, France, Germany and India, with ripple effects hitting almost every corner of the global economy. The consequences were disastrous – with the White House estimating that the total worldwide cost of the attack exceeded $10 billion.
Now, both the threat and potential impact of a cyberattack are even higher. The US Cybersecurity and Infrastructure Security Agency (CISA) recently issued a warning of the risk of Russian cyberattacks spilling over onto US networks, which follows previous CISA warnings on the risks posed by Russian cyberattacks on US critical infrastructure. And the European Central Bank (ECB) has warned European financial institutions of the risk of retaliatory Russian cyber-attacks in the event of sanctions and related market disruptions.
Clearly, countries across the globe are anticipating the possibility of their critical financial infrastructures getting caught in the cyber-crossfire of the conflict. But what can they do to protect themselves?
Ultimately, this requires a two-phased approach: understanding the risk, and then putting measures in place to mitigate and minimise the impact, should they experience a cyberattack.
Understanding the risk
Firms have no hope of protecting themselves against cyberattacks unless they have a comprehensive understanding of the range of attacks that they can be subjected to.
And there are many forms of cyberattacks that banks are vulnerable to. There are attempts to crash a website (DDOS); hacking to penetrate the network; Trojan horse with software running inside the firewalls reaching out to the criminals; spam and attempts to fool someone to let them in; virus payloads that can encrypt the computers; and these are just a few.
When it comes to the impact, this can vary – from bringing down a critical service to stealing data, to ransom to de-encrypt, etc. However, because of the intertwined nature of the financial services industry, if one part is hacked, it can have ripple effects on other parts. For example, if payment processors were victims of a cyberattack, stock exchange transactions would be impacted.
Damage mitigation and control
While these techniques are known and understood, it is significantly harder to ensure that all means of access are not vulnerable – particularly as banks’ infrastructures are more complex than ever, and, for many traditional players, suffer from significant siloes.
Fortunately, there are techniques to prevent each form of cyberattack – but preparation is key. Firms must consider not only their ability but the ability of their third-party providers, to withstand cyberattacks.
Another effective tactic is raising staff awareness – including re-running staff ethical phishing campaigns and holding drills to ensure your firm is prepared. For example, in November 2021, the Securities Industry and Financial Markets Association, a trade association, led a global ransomware drill to practice fighting against such attacks, which over 240 public and private sector institutions, including financial firms and central banks. And banks often allocate significant budgets towards cybersecurity – Bank of America, for example, spends $1 billion annually on its cybersecurity efforts.
However, in a large, complex IT estate with many staff, as is the case for many banks, it is very difficult to prevent all techniques all the time. Teams looking at cybersecurity, geopolitical risk, and physical security should be working closely together, not in silos – and it’s far better to build communication and cooperation before disaster strikes, rather than in the face of a crisis.
Regulators around the world have increased focus on this of late – such as by introducing new Operational Resilience regulations (DORA in the EU for example). And the FCA recommends that firms report material operational incidents to them in a timely way in order to ensure that they can provide specialist expertise and work to minimise harm to consumers, markets and the wider UK financial sector.
Ultimately, totally escaping such consequences of the crisis is impossible. Cyberattacks remain a key risk, and a cyber or IT problem quickly becomes a business problem – so ensuring that you have measures in place to mitigate and protect against a worst-case scenario is crucial – not just for the firm itself, but when it comes to financial services, the stability of the entire country.
In an era of fintech innovation, banking outside of a bank branch is now the widespread norm, as we have all become accustomed to accessing and managing our finances with the press of a few buttons. Through embedded finance, we’ve seen fintech influence our lives even further in recent years, enabling non-financial providers to seamlessly embed financial products into their customer journeys.
However, the success of embedded finance is now highlighting an untapped opportunity – embedded wealth. Just as embedded finance has enabled customers to access payment, lending and insurance products from non-traditional providers, embedded wealth will see businesses integrating wealth and investment services for their customers. With the technology for embedded wealth now readily available, it might not be long before you can buy stocks and shares alongside your meal deal of crisps, a sandwich and a drink.
The rise of embedded finance
If you are reading this article on a smartphone, there is a good chance that the next app you open uses embedded finance. Everything from the ride-hailing app Uber to the food delivery service Deliveroo, is now integrating financial solutions to give customers more convenient payment options. This opportunity offered by embedded finance has seen widespread adoption, with research from Juniper projecting a value of $138 billion in 2026, a dramatic increase of $95 billion from 2021 (Juniper, 2021).
What makes embedded finance so appealing for businesses are the low costs and easy integration compared to traditional bank offerings. All processes relating to money management from digital wallets like Apple Pay to the over $4.07 billion BNPL industry (Grandview Research, 2021) fall under this remit of financial products offered under embedded finance. There are other benefits beyond cost to integrating financial products into a business’ offering – allowing for monetisation based on their established brand. By integrating these third party financial services, businesses can gain increased insight into customer spending and allow for a data-driven approach to further improve customer experience. Due to the relatively low costs, companies can also experiment with a broader offering without compromising heavily on revenue or reputation; for instance, Uber was able to quickly de-prioritise its financial service Uber money, a digital wallet allowing drivers instant payments.
By embedding finance, customers can also pay or access a financial product instantly without searching for their physical credit or debit cards. Popular coffee brands such as Costa and Starbucks now even offer embedded payments through their apps, letting customers pick up reward points or pay through the company app. Customers can also top up this card using Apple and GooglePay.
The market opportunity for embedded wealth
Embedded wealth is essentially an extension of embedded finance – offering regulated wealth and investment products from a non-wealth body, typically via API. This could see customers invest, trade, and access various wealth products beyond payment and lending services.
Embedded finance has already added tremendous value to the customer journey. The blueprints of this, applied to wealth and investment, could make investing and saving more attainable for a wide array of consumers. For a business already offering its customers payments and lending services, wealth and investment could be a natural progression to improve experiences. Typically ‘wealth management’ brings to mind a service offered to individuals with significant amounts of cash or assets to invest. However, embedded wealth could see investment products offered to customers with even smaller amounts to invest or grow or to those who may have not even considered investing previously. There is a real opportunity to broaden access to investing through embedded wealth as customers become more accustomed to utilising financial products offered by familiar brands. With API-enabled wealth technology now readily available, it can be offered at a lower, more-accessible cost for many.
For consumers experiencing significant life changes- whether purchasing a home or planning retirement – a familiar brand integrating wealth management offerings could help provide security and confidence. This has become particularly relevant since the pandemic, where trust in financial services has shifted drastically, with fintechs surpassing banks in levels of trust, according to Mckinsey (2021).
We should also consider customer loyalty to everyday brands like supermarkets or retailers where embedded wealth could provide value. A recent study conducted by Solarisbank revealed that 61 per cent of respondents indicated a willingness to use financial products from trusted brands such as Amazon, Lidl and IKEA (Solarisbank, 2021).
Embedded wealth could help onboard customers who may not have previously considered investing with a financial institution, but are open to the idea of it with a business they are loyal to. A well-placed wealth offering could allow for longer-term customer relationships, as customers would see this business as not only a provider of their favourite products but also as a place to grow and invest their money.
Adding embedded wealth to your shopping list
So with the potential of embedded wealth on the horizon, could our new supermarket list of milk, eggs, bread… include stocks and shares? With technology now making the possibilities for embedded wealth potentially endless, it wouldn’t be surprising if we soon see this scenario become a reality.
Retailers are already recognising the potential of integrating financial products into their platforms, so wealth products could be a logical next step. Walmart, for example, recently announced its transition into the fintech space by partnering with fintech investment firm Ribbit Capital to provide its customers with tech-driven financial solutions (Business Wire, 2021).
For supermarkets already providing banking and savings products, or even credit cards, an investment portfolio may even already be on the to-do list – helping customers with money already saved with them to grow their finances even further. Additionally, most supermarkets today also offer loyalty or point schemes, allowing customers to save up points and spend them in-store. Could a potential entry-level embedded investment product see customers invest these points to grow their money in-store?
And so, as the appetite for wealth, investment and trading services has seen widespread growth across fintech in recent years – investment portfolios developed by retailers and supermarket chains could be on the horizon. With a recent OpenPayd study revealing that 70 per cent of brands are expected to launch embedded finance offerings (OpenPayd, 2021), it might not be long before we see a level of usage of embedded wealth by notable brands.
With so much data locked in unstructured formats, such as PDFs, invoices and emails, discovering information to either prove compliance or non-compliance at scale is becoming increasingly difficult. Remaining compliant is a mission critical consideration for organisations operating within regulated industries. For regulators, it’s also vital that processes are strictly followed, and that non-compliance is identified as soon as possible. On both sides of the regulatory fence, having access to the right information as and when it is needed is key.
by Ryan Moore, Head of Data and Analytics at Aiimi
To overcome the challenges of managing information across systems, organisations are increasingly adopting insight engines to intelligently identify and surface all relevant information. By leveraging this capability, both the regulated and the regulators are able to streamline regulatory compliance processes.
Ryan Moore, Head of Data and Analytics at Aiimi
Organisations operating within heavily regulated industries, such as financial services, will typically hold vast amounts of historical data and information that will fall within the scope of regulatory audits. The key challenge here is that much of this information is contained within unstructured and semi-structured documents that are hidden within multiple systems, presenting significant challenges when it comes to discoverability and disclosure.
Organisations should, of course, be fully aware of the regulatory compliance frameworks that govern their usage and management of data. These frameworks are usually transferred into business rules that dictate the processes by which documents and data are shared, stored and managed—for example data classification and security and access controls. This is best practice, but it’s often only when audits are conducted that organisations discover how stringently business rules have been followed. Add to this problem the likelihood that data regulations will have been updated or superseded by new regulations over a number of years, and that the personnel responsible for creating business rules may have left the organisation, and the compliance challenge becomes clear.
With essential pieces of information missing, producing compliance reports requires a significant amount of manual intervention, which is both costly and time-consuming; the average cost of compiling a DSAR (data subject access request) response, for example, is £6,000. In short, business rules can only take the organisation so far when it lacks the capability to intelligently search, discover and classify structured and unstructured data.
This is where insight engines can deliver significant benefits and move organisations towards an advanced compliance model that allows regulatory reports to be compiled and delivered with confidence.
Enriching and evolving with deeper insights
By crawling through systems and identifying relevant information that lies within unstructured documents, insight engines eliminate compliance risks by interconnecting and enriching all data across the enterprise. This allows the organisation to quickly determine the information assets that conform to business rules—i.e. regulatory frameworks—and those that do not. The latter can then be audited and classified through further enrichment steps, such as named-entity recognition, which identifies terms or phrases within unstructured documents, and assigning labels to them.
Not only does this build in an advanced level of intelligence and automation when it comes to compliance, it also brings agility to governance and compliance, as organisations can adapt to regulatory changes with ease by adapting or implementing new business rules. Without an insight engine to surface the information that relates to new regulations, this would not be possible.
Predictive compliance
Another benefit of adopting insight engines is that they prepare organisations for more advanced information management capabilities. For example, organisations can take advantage of the classification and labelling function of insight engines and enable new documents and data to be automatically assessed for compliance. Machine learning can also be used to predict potential risks, providing advanced alerting capabilities taking us one step closer to automating compliance.
This is useful for both the regulators and the regulated. For regulators, alerts can be created when organisations exhibit risk. An example might be an alert that flags the creation of a new company that has the same postcode or founder as an organisation that has previously been closed down for serious regulatory breaches.
For regulated organisations, advanced alerting and risk scoring can provide a fast route to remediation when non-compliant documentation and data is introduced to systems. Further to this advanced redaction technology can also be used to eliminate risks associated with sharing larger data sets, allowing only the relevant information to be disclosed.
The right information at the right time
Key to automating the regulatory process for both the regulated and regulators is the ability to discover and order data. Insight engines bring more information to a visible state, meaning the landscape of information is richer and more detailed. This means reports are more accurate and organisations more compliant. The potential for advanced analytics is also unlocked once all information is made discoverable.
With regulators increasingly able to identify compliance risk with insight engines, it is incumbent upon the regulated to stay ahead by adopting similar technology. Insight engines make information readily discoverable at the right time, allowing both sides to ensure regulatory processes are more efficient, accurate and cost effective.
There’s little denying we’ve entered the age of crypto. Last year, practically every crypto wallet saw its user figures increase, with Blockchain.com wallets – the site that makes it possible to buy bitcoin – boasting more than 81 million wallet users as of February 2022. And considering the array of multi-million-dollar adverts for crypto apps/currencies shown at this year’s Superbowl, it’s fair to say that cryptocurrency has well and truly entered the mainstream.
Amir Nooriala, CCO, Callsign
by Amir Nooriala, Chief Commercial Officer, Callsign
And with more people interested in digital assets, many financial institutions are rushing to create their own decentralized platforms (DeFi) to cash in on the hype.
However, this growing popularity is also fueling another boom – a boom in fraud. In 2021 alone, crypto scammers stole a record $14 billion, a staggering rise of almost 80% over 2020. And while scamming was the most popular form of crypto-related crime, theft via hacking was a close second – and not just from individuals.
The lucrative nature of digital assets has made them one of the most desirable targets for modern criminals. Yet, despite the enormous sums of money at stake, without fundamental changes to how these crypto exchanges operate – and more specifically, authenticate users – this situation is only going to get worse.
Understanding the crypto ‘Wild West’
The nature of cryptocurrency has always been antithetical to how most financial services institutions work. Blockchain technology is a dynamic, decentralized innovation, so developing the controls and frameworks to better manage it has always been a daunting task for financial services businesses, governments, and regulators (which is why many banks are still resistant to it).
And despite the public’s growing interest in crypto, many still struggle to understand the basics of how a blockchain works – they simply know it may make them rich. That confluence of poor understanding and high desirability is also why crimes – such as the One Coin cryptocurrency scam – can happen.
Detailed in the book (and podcast) The Missing Cryptoqueen, millions of people paid billion dollars for a cryptocurrency called One Coin – even though it was never really a cryptocurrency or even on a blockchain.
The leader of the company/scam, Dr Ruja Ignatova, used the confidence and excitement in cryptocurrency – along with the general lack of true understanding as to how the technology works – to prey on people all around the world looking for their own crypto success story.
However, when it comes to crypto crime, there are much simpler ways of pilfering incredible wealth without the hassle of leading a fake financial revolution. That’s because there are mechanisms enabling most of these crimes to happen, and the fault very much lies with most exchanges themselves – not individuals.
Fighting modern threats with archaic weapons
Despite the futuristic nature of crypto, criminals haven’t had to reinvent the wheel to gain access to wallets and exchanges. Because many methods of attack being leveraged by most criminals are scams that traditional financial institutions have long been aware of, such as Remote Access Trojans (RATs) and Account Takeover Fraud (ATO).
However, the problem is that crypto exchanges haven’t learnt from these techniques that fraudsters have been deploying for many years. Instead, they are deploying controls banks stopped using 10 years ago. While these controls would be fine to protect social media accounts, they are no longer enough to protect your cryptocurrencies which are now incredibly valuable.
In addition, crypto exchanges aren’t bound by the same stringent rules and regulations other financial institutions – such as banks – are. For instance, in comparison to the billions mentioned above that have been scammed from exchanges in recent months, the £1.3 billion lost by banking customers to fraudsters in 2020 is but a drop in the bucket. And that’s despite the uptick in fraud due to Covid-19.
One way crypto exchanges are particularly letting their users down is in how they conduct authentication. When these businesses want to authenticate a user’s ID, the tendency is still to use passwords and usernames, reinforced by “possession factors” – such as an OTP (one-time-password) sent via SMS message to users’ phone.
On the surface, OTPs seem like a reasonably secure method of authentication, but SIM cards were never designed for security which is why many banks have moved away from authenticating customers with them. So, credit stuffing, SIM swapping and SS7 attacks, passwords, usernames and OTPs all present fraudsters with very convenient workarounds for all the subsequent layers of security these platforms have.
But even though these are old vulnerabilities being exploited, that doesn’t mean cybercriminals are resting on their laurels – scams are getting larger and more devastating every year.
RATs for instance – whereby scammers use malware to remotely control infected computers and send/receive data from the system – are increasingly being substituted with its mobile equivalent, MRATS, to gain access to devices.
Used in tandem with other forms of attack such as credit stuffing, has proven to be incredibly effective for criminals. For instance, an ATO attack is when fraudsters use stolen credentials to try and gain access to genuine accounts, often leveraging automated tools to “credit stuff” at an astounding rate. One fraud prevention platform estimated that incidences of ATO grew a staggering 307% over just the last two years.
Simply put, it’s time for this new wave of financial institutions to stop the fraudulent activity taking place in the crypto sector under their watch. And the only way to achieve that is to uproot the broken foundation of authentication that’s currently letting its users down, in lieu of a modern solution better fitted to our digital world.
The age of biometrics
Despite the many makeovers usernames and passwords may have undergone, they’re still analogue solutions that are merely being used in a digitized context. As such, the entire notion of digital identity is built on a fundamentally broken system not built for a truly digital world.
Biometrics, on the other hand, presents a truly digital solution capable of keeping up with our dynamic world. Unlike a username or password which can be intercepted or compromised, behavioural biometrics, such as Callsign’s platform can be finetuned to individuals. It can consider everything from how a device is being held, the speed and style of keystrokes, and numerous other idiosyncrasies that are impossible to mimic.
Behavioural biometrics give businesses a method of authentication that requires no additional hardware on the part of the user (device agnostic) and doesn’t impact the user experience in any way. All while learning and adapting over time as that user’s relationship with the business evolves.
So, as crypto fraud shows no sign of slowing down, it’s now incumbent on these exchanges to interrogate the ways they authenticate users and ask themselves if their security policies are in fact putting their customers at risk. Because the sooner they can start fixing digital identities in a meaningful way, the better.
Over the course of time, supply chains have evolved and become ever more complex and multifaceted. Where once they were local, or domestic, supply chains are now global. Whilst this drives down per unit costing through comparative advantage, it does mean that businesses need entire departments to source high-quality components for onward processing and distribution. They must also work to maintain positive relationships with suppliers during the procurement and supply chain process.
by Alistair Baxter, Head of Accounts Receivables Finance, Taulia
The changing dynamics of the world around us, whether that be economic or political, mean that we often see a play-off between market protectionism and free trade economics. Events of the last few years combined with various trade measures have significantly disrupted, and ultimately changed forever, global supply chains.
Alistair Baxter, Head of Accounts Receivables Finance, Taulia
We have observed an increase in global disruptions to supply chains in recent years, particularly during the Covid-19 pandemic – and the impact of that disruption cannot be overstated. Increased shipping costs are now the norm and supply chains are being remapped by companies to try and gain an advantage over competing supply chains. This was brought to the mainstream attention when one of the world’s largest container ships, the Ever Given, whose onboard goods totalled $775 million, blocked the Suez Canal for 6 days in 2021. This form of trade friction has created disruption which negatively impacted businesses and economies and while Ever Given was a first, it may seem obvious to say that it might not be the last and businesses need to be prepared.
Resilience is now a key challenge for those responsible for sourcing and securing strong supply chains. Technology has a massive role to play in supporting this and alleviating some of the current complex challenges. Technology can paint a clear picture of where the disruptions are, or even better, predict where they might happen further down the line, beyond the current field of vision. Continued adoption of technology will dynamically allow information to flow down to suppliers – otherwise known as ‘purchase order cascades’ – to increase transparency for even the smallest suppliers.
The world of supply chains has an opportunity to lead the way in ESG by increasing communication and transparency. Technology is again the enabler, allowing for the tracking and rewarding of supplier ESG performance. It is imperative that those at the very top of the supply chain set the ESG tone and support the raising of standards throughout their supply chains. Working together will improve the supply chain ecosystem for the long-term.
Supply chain managers have a significant role to play in the reshaping of industry. In response to the purchasing habits of consumers in developed markets, it’s the best value chain that wins, as opposed to the best product or retailer, as customers come to expect prompt delivery of goods, or ESG credentials to be made clear at point of purchase. Amazon, as an example, has one of the best value chains: logistics, ease of access, and customer touch points are all carefully considered and planned. Amazon has been acquiring its own shipping containers since 2018 and chartering its own ships to avoid major bottlenecks in its supply chains and to get products onto e-shelves.
Technology has been developed to respond to this shift in behaviour and as hyper-personalisation and emotion-led experiences begin to dominate how we work and live, supply chain managers will have to find different ways to respond.
With change being the only constant, those enabling the building and continuity of supply chains are playing a vital role in reshaping industry and to best position themselves for what is coming down the tracks. Harnessing the technology at their disposal to predict and prevent the obstacles that may materialise will help them to drive success.
Globally in 2020, more than 70 billion real-time payment transactions were processed – an increase of 41% compared to the previous year.
by Charles Sutton, Financial Services and FinTech Lead EMEA, Nvidia
This massive rise in transactions has presented an opportunity for criminals to conduct more fraudulent activities like account takeovers, chargeback fraud, or identity theft, resulting in more than $1 trillion stolen in cybercrime activities in 2020 alone.
NVIDIA’s 2022 State of AI in Financial Services survey found that implementing artificial intelligence (AI) is one way financial institutions protect their customers, data, and bottom line.
Top trends for AI in financial services
Given the vast increase in fraudulent activity, it’s unsurprising that the top AI use case identified by financial services professionals is for fraud detection. 31 percent of respondents use it to protect customer payments and transactions, up from just 10 percent in 2021.
Conversational AI, a type of AI where humans can interact naturally with machines by simply conversing with them, entered the top three use cases this year with 28 percent of respondents using it, followed by 27 percent using AI for algorithmic trading.
Compared to 2021’s survey results, 2022 shows a significant increase in the percentage of financial institutions investing in AI. Conversational AI increased by 8 to 28 percent, know your customer (KYC) and anti-money laundering (AML) fraud detection rose from 7 to 23 percent, and recommender systems increased from 10 to 23 percent.
What AI use case is your company investing in?
There are many uses for AI across the financial services landscape.
The report shows that fraud detection of transactions and payments is key for fintech, investment banking, and retail banking institutions. Conversational AI is a priority for capital markets and retail banking, and recommender systems are important for capital markets and investment banking.
Conversational AI for fraud detection and more
Increased fraud attempts have a significant impact on operations, so naturally, it falls high on the priority list for most financial institutions.
Natural Language Processing (NLP) is a form of conversational AI that can be leveraged across KYC and AML. An NLP algorithm can be trained to know everything about a customer – their spending habits, financial histories, unique risk factors, and even voice and behavioral biometrics – to reduce the risk of money laundering and other types of fraudulent activities.
It’s not all about fraud, though. NLP can also be used to optimize and transform the customer experience. Customer experience is incredibly important. In fact, just a one-point decline in a business’ customer experience score can equal $124 million in lost revenue for multi-channel banks, according to Forbes.
In an increasingly 24/7 world, and with a growing volume of customer calls, virtual assistants can be on call day and night to assist with simple inquiries such as account-related questions or product applications. UK-based NatWest’s digital assistant, Cora, is handling 58% more inquiries year on year, completing 40% of those interactions without human intervention. According to Jupiter Research, virtual assistants and chatbots are expected to result in savings of $2.3 billion by 2023.
NLP can also be used for recommender systems. It can generate personalized, recommended offers and next-best actions for each customer based on their individual data.
What does the C-Suite think?
The State of AI in Financial Services survey includes financial professionals across various roles, from c-suite to developers, IT leaders, and managers. This perspective allows for a broader understanding of how groups within an organization perceive their AI capabilities. The survey found that 37 percent of the c-suite view their AI capabilities as industry-leading, whereas only 20 percent of developers have the same perception.
When looking at the challenges organizations face when trying to achieve their AI goals, the c-suite, developers, and IT are unanimous on their concern for lack of data, lack of budget, too few data scientists, poor technology infrastructure, and explainability.
Creating Exponential Value with AI
Knowing a challenge means it’s possible to find a solution. There are several steps companies can take to improve the impact AI can have on customer satisfaction, operational efficiency, and revenue growth.
Successfully moving AI into production is an area of opportunity for organizations, which the survey found that only 23 percent of organizations currently think they can carry out. Knowing the target business outcome, identifying key performance indicators for measuring success, and building the research project as a pilot so that workflows are in place are best practices organizations can implement to improve their ability to scale AI applications into production.
Just 46 percent of organizations use explainability in their AI and machine learning operations. Supporting explainability is critical to integrate into a firm’s overall AI governance practice and doesn’t always need to be done in-house for teams that don’t necessarily have the right expertise.
Pursuing ethical AI is the third opportunity highlighted in the report. Only 26 percent agreed that their organization understands the ethical issues associated with AI and proper governance. Bias, data management, model maintenance, and explainability are crucial aspects of an AI governance framework. Environmental, Social and Corporate Governance (ESG), a way of measuring an organization’s ethical properties, is also growing in popularity within financial services and is a crucial element of ethical AI.
What’s next for AI in financial services?
The future is looking bright for AI. Hiring more AI experts, providing AI training to staff, engaging with third-party partners to accelerate AI adoption, investing more in AI infrastructure, and identifying additional AI use cases are in the works for at least 30 percent of respondents. And the expected outcome is clear, with 37 percent believing that AI will become a source of competitive advantage for their organization.
According to the survey findings, there are many use cases, all of which are growing tremendously year on year. Organizations are aligned on their challenges and committed to investing in their AI strategy to achieve greater customer satisfaction, lower operating costs, higher revenues, and an overall competitive advantage.
Like most criminals, cyber hackers want an easy life. Just as burglars prefer forgotten open windows over picking front door locks as a way in, so their digital counterparts are looking for targets that offer maximum return for minimum effort.
As such, while major corporations wise up to the threat of sophisticated attackers and invest in the sort of defences that limit the impact of bad actors, criminals are now turning their attention to potentially easier targets. And that includes businesses that are raising capital or those that recently announced funding – particularly when those businesses not only hold significant financial data but also potentially offer gateways, or open windows, to other companies.
It’s thus no surprise that ransomware attacks are increasingly targeting Private Equity (PE) firms and their portfolio companies (PortCos). As attacks increase, it’s imperative that investors become more aware of the risks they face and take swift action to protect themselves – and their portfolio companies.
Cyber vigilance as a differentiator
Cyber vigilance is increasingly becoming a differentiator for investors when considering companies to add to their portfolios. Gartner highlighted that “by 2025, 60% of organizations will use cybersecurity risk as a primary determinant in conducting third-party transactions and business engagements,” and in doing so noted that “Investors, especially venture capitalists, are using cybersecurity risk as a key factor in assessing opportunities.”
There’s also regulatory pressure to get houses in order. In February, the Securities and Exchange Commission (SEC) voted to propose a new set of cybersecurity rules to oversee how alternative investments or private capital firms manage risk, requiring clear policies and procedures to be put in place. In addition, advisers would need to report incidents that impact their firms, funds or clients.
Clearly, PEs need to be as rigorous in checking their own windows are closed as they are in running the rule on the security posture of target companies. For most, it means a wholesale change in their approach to cyber security. The question is, how do they begin to implement this new approach? Securing your own operations is hard enough – how do you extend that to other entities in your orbit?
Check your windows
First, it’s worth considering what open windows there could be. One of the most glaring yet overlooked open windows is the employees at PEs and their PortCos. This isn’t to suggest that everyone is maliciously trying to undermine their employer (though insider attacks do happen), more that too often an assumption is made that workers understand the ways in which they can be targeted.
The reality is that many people don’t realize how many cyber threats are designed to exploit people’s ignorance or naivety. From ransomware to phishing attacks, many of the major leaks we read about in the news can be traced back to individuals who didn’t realize they shouldn’t click on a link, open a suspicious attachment or download an app at work.
Like any good burglar- why would a cyber thief spend time trying to crack encrypted corporate networks when they could simply gain access by targeting unsuspecting employees? They wouldn’t. That’s why
the first step in any PE firm’s cyber security approach should be to focus on educating staff, starting with the PE firm itself and then extending out to its PortCos to ensure they are undertaking similar processes.
Similarly, it’s not too difficult for attackers to take advantage of a lax approach to updating software. Technology is constantly evolving, and changes to critical systems can bring immense business benefits and operational efficiencies – but can also create new gaps in defences. PE firms and their PortCos must ensure that they have a rigorous and consistent process to keep systems up to date and fix bugs as solutions are released to prevent attackers from exploiting any holes.
Sophisticated responses for new attacks
Those are just two of the windows that can be closed relatively quickly. But the fact is that attacks are becoming more sophisticated, which means the responses must too.
Only real-time cyber risk monitoring will enable firms to protect their most sensitive data and safeguard against internal and external threats. That means firms must have more than the traditionally adequate technical and logical controls – they need active, continuous risk mitigation solutions and reporting, and cyber programs that are tested using real-world scenarios that provide a clear picture of how the business would defend against and respond to an incident.
A case of when, not if
Ultimately, PE firms and their PortCos need to realize that it is a case of when, not if, they are targeted. Most businesses understand and accept it; what they will not accept is inaction, attempts to hide issues, or a failure to mitigate the impact.
That’s why the new SEC rules are pushing for incidents to be reported, and why the European Union’s General Data Protection Regulation (GDPR) has fines in place for companies that have not done everything they can to reduce the risk of data breaches. Those businesses that do not do everything in their power to respond appropriately to incidents will not only have to deal with the immediate fallout of the attack itself, but subsequent legal, financial and reputational consequences.
Close the windows to protect firms and PortCos
It’s one thing to be undone by a sophisticated attack that may be far ahead of any of your existing defences; it is quite another for an opportune bad actor to sneak in via an open window. Cybersecurity is challenging, and it’s only becoming more complicated as attackers become more sophisticated and geopolitical threats rise. It’s clear that if there was ever a time to pay attention to cyber risk and buttress your defences, it is now.
The best way for PE firms and their PortCos to protect their organizations is to make it as hard as possible for cyber attackers to gain access. Invest in the right real-time cyber risk monitoring, confirm all your systems are patched and up to date and have your comprehensive incident response plan tested and ready to go on a moment’s notice. Put simply: Don’t be an open window.
FinTech is synonymous with innovation and is a key industry in this country. Its influence spans the globe, however, and makes it a primary player in the move towards greater financial and environmental sustainability.
by Keith Tully, Real Business Rescue, a company insolvency and restructuring expert.
Corporate social responsibility has been a pivotal business model for decades, but the 2021 COP26 Climate Change Conference in Glasgow clarified the urgency to act with purpose and laid out in stark detail the consequences for the planet if we don’t.
The FinTech industry is ideally placed to use its prominent standing on the global stage, therefore, and positively influence the crucial issues we face. It can set a ‘green’ example for others to follow, ensuring businesses adopt sustainable practices and leading the way towards a lower-carbon future for industries across the board.
How can Fintech businesses take a stand on sustainability?
Operate a ‘green’ supply chain
Fintech’s inherent use of big data, artificial intelligence, and real-time information, makes the industry a perfect role model when implementing environmentally friendly and sustainable logistical practices.
Transparency and collaboration between supply chain members is a necessity for a ‘green’ supply chain to work, and this ultimately reduces waste and increases cost-effectiveness for all participants.
Develop ‘green’ technologies
The industry continues to provide cutting-edge solutions that streamline and modernise financial procedures and payment systems, and can positively influence corporate behaviours.
Brand reputation strengthens when businesses use innovative financial technologies – they become trustworthy within their industry and in the eyes of the wider community. The investment in ‘green’ solutions consolidates the drive for sustainability and enables ethical conduct and business behaviours to be put in place.
Innovative banking and payment solutions
The banking and payments industries have transitioned, almost beyond recognition, in the last few decades. Although the ‘traditional’ high street banking services are still available, the development of new financial technologies has created a thoroughly modern alternative for businesses and individuals.
The Fintech industry has developed highly sophisticated, cost-effective, and sustainable banking and payment systems that help businesses reduce their carbon footprint. Blockchain is one such example, and this provides a platform that supports other technologies such as new payment and finance solutions.
Data analytics
Big data provides in-depth perspective and insight into various areas of business and offers key decision-makers a solid foundation for making strategic plans. It can also be used to keep a business on track towards financial and environmental sustainability.
Global financial services group, BBVA, uses technology to help organisations calculate their carbon footprint using data analytics, for example. Businesses can calculate their carbon footprint and then register on The Carbon Footprint Registry.
The ‘Climate Registered’ seal placed on their websites and promotional materials demonstrates the business’ commitment to sustainability, and to reducing their carbon footprint.
Make sustainability the USP
Adopting good practices and promoting financial and environmental sustainability enables Fintech companies to differentiate themselves, and to stand out in an increasingly crowded industry.
Making sustainability their unique selling point within a ‘Green Fintech’ umbrella of innovative technologies and working practices reiterates the drive to help tackle climate change whilst promoting a sense of purpose and well-being among staff.
Sustainable financial products
Figures published by Statista show how significantly Fintech solutions have changed the way in which we bank and carry out our financial business as a nation.
In 2007, only 30 per cent of banking customers regularly used digital banking services, a figure that has risen to 76 per cent in 2020. Personal finance budgeting and investment apps also help people achieve their own individual goals for sustainability.
Fintech businesses can measure and verify the impact of sustainable financial products, such as ‘green’ bonds, loans, and investment funds, and make adjustments as necessary to improve the products.
The case for taking a stand on financial and environmental sustainability
The positive case for taking a stand on sustainability is clear. It’s what is needed if we are to head off total climate catastrophe. This movement also holds significant benefits for individual businesses in terms of their reputation and place in the community, however.
Sustainability is an issue close to people’s hearts, and staff can rally around such a cause. This increases morale and creates an inclusive working environment that promotes well-being and productivity.
Apart from the key benefit of creating a more sustainable operating environment for businesses within the industry, Fintech’s considerable influence could also affect far-reaching change in other industries.
In fact, Fintech is in the perfect position to lead on financial and environmental sustainability. Introducing new ‘green’ financial products and creative payment systems not only helps other businesses on a practical level, but also sets the high environmental and financial sustainability standards that we need, and that others will follow.
As nations worldwide continue to sanction Russia in condemnation of their invasion of Ukraine, companies have now joined the movement to exclude the Russian government – and sometimes Russians – from their list of clients. Some of these companies have decided to ban them following international sanction provisions from The Office of Foreign Assets Control (OFAC).
Others have taken this decision as a show of solidarity with the Ukrainian people. However, not all FinTech companies are placing blanket boycotts on Russian citizens. The most notable holdouts are Binance and Kraken, citing the argument that banning “innocent Russians” goes against the philosophy behind cryptocurrencies.
So, let’s go through the reactions of fintech companies to the Russian invasion and explore how they affect the socio-economic climate in Russia and the rest of the world.
SWIFT
As pressure mounted on SWIFT to respond to the Russian invasion, the payment network obliged by suspending 7 major Russian banks from performing transactions indefinitely. The ban stops these Russian banks from accessing their global economic resources, but the country has outlined measures to combat the hard-hitting impacts of the SWIFT suspension. In anticipation of incoming economic sanctions, the Russian government developed SPFS (System for Transfer of Financial Messages) — a SWIFT equivalent that works only in Russia and some banks in Switzerland, Kazakhstan, Azerbaijan, Cuba, and Belarus.
Russia now has to rely on China’s more formidable Cross-border Interbank Payment System (CIPS) for international transactions.
VISA
According to Statista, VISA owns 12% of all credit payment cards in the world (335 million credit cards), accounting for about 50% of the overall market shares. The company reacted to the Russian invasion by halting all its operations within Russia and banning Russian VISA cardholders from processing transactions.
According to VISA’s official statement, the company is ‘taking prompt action to ensure compliance with applicable sanctions, and is prepared to comply with additional sanctions that may be implemented’. The VISA Foundation has also donated a $2 million grant to the US Fund for UNICEF to provide the Ukrainian people with humanitarian aid.
Mastercard
Mastercard has maintained the same ironclad stance as VISA on the Russian invasion. The credit card company has reportedly forfeited about 4% of potential revenue by excluding Russians from its services.
Mastercard CEO Michael Miebach released a statement saying that the company has ceased operations in Russia, as well as banned certain Russian banks from the payment network. Miebach also affirms that the company has sent a $2 million humanitarian fund to the Red Cross, Save the Children, and employee assistance.
Amex
American Express has also joined the ranks of Visa and Mastercard in suspending all operations in Russia and Belarus. According to a memo from American Express CEO Stephen J. Squeri, the cards issued in Russian territory will no longer work in Russia or outside the country. As part of Amex’s “Do What is Right” code, the company has pledged $1 million to humanitarian organizations to provide relief to people in Ukraine affected by the war.
Source: Mykhailo Fedorov (Ukraine’s Deputy Prime Minister and Minister of Digital Transformation) on Twitter
PayPal
PayPal has also halted all operations in Russia until further notice. Dan Schulman, PayPal CEO, released a statement saying: “PayPal supports the Ukrainian people and stands with the international community in condemning Russia’s violent military aggression in Ukraine. The tragedy taking place in Ukraine is devastating for all of us, wherever we are in the world.” He goes on to add that despite banning Russians from using PayPal’s services, the company will still provide support for Russian citizens within its workforce.
Payoneer
Payoneer’s reaction was to stop all issuance of cards to customers with postal or residential addresses within the Russian Federation. According to the company’s updated FAQs, Russian citizens with Payoneer cards issued outside Russia can still conduct transactions without restrictions.
Upwork
In an open letter to freelancers, Upwork CEO Hayden Brown reiterated the company’s mission to help improve people’s lives. As a result, with over 4% of registered freelancers from Russia and Belarus, Upwork has suspended operations and has shut down support for new business generation in both countries. To this end, the changes will take full effect on 1 May 2022, leaving freelancers and clients in Russia and Belarus unable to create new accounts, initiate new contracts, and appear in searches. The platform also donated $1 million to Direct Relief International to support Ukrainian citizens caught up in the war.
Revolut
As a company with a Ukrainian co-founder Vlad Yatsenko, Revolut has provided unwavering support for Ukrainians suffering from the war. The current CEO Nikolay Storonsky, born in Russia to a Ukrainian father, released an open letter, categorically condemning the war, saying that ‘this war is wrong and totally abhorrent’ and that ‘…not one more person should die in this needless conflict’.
In a statement titled The War on Ukraine: Our Response, Revolut has affirmed its dedication to uphold and impose sanctions placed on Russia. As part of its support to Ukraine, Revolut has removed transfer fees for every transaction going into the country. The company has also pledged to match every donation made to the Red Cross Ukraine appeal.
Stripe
Although Stripe does not work in Ukraine, Russia, or Belarus, the financial services and SaaS company has pledged to impose sanctions on the Russian government and its citizens. The extent of this ban will cover transactions using the Mir payment system, as well as services linked directly or indirectly with the Crimea and the separatist Luhansk and Donetsk regions.
Paysera
Paysera has released a comprehensive list of financial restrictions on Russia and its allies involved in the Ukrainian invasion:
Russian citizens will no longer be able to use Paysera (this restriction does not apply to Russian citizens with residency or work permits in other supported countries).
All current accounts belonging to Russians will be closed.
Russian and Belarusian companies are banned from using their Paysera accounts.
All current business accounts belonging to Russian and Belarusian entities will be closed.
Transactions to Russian and Belarusian banks between private individuals will continue but must go through rigorous verification procedures.
Paysera will roll back all money transfers from Russian and Belarusian banks received on Monday (23 February and later).
Paysera users can no longer exchange to Russian Roubles (RUB).
This list is only one part of the extensive regulation changes for Russian citizens and banks. For more information, read the entire press release.
Apple (Apple Pay) and Google (Google Pay)
Apple and Google set rivalries aside to impose a collective ban on the Russian government and its citizens for their actions in Ukraine. According to NPR, Apple will stop shipping products to Russia with immediate effect. This announcement sent shockwaves around the tech world because of the company’s global influence.
In the same vein, Google has also removed media platforms RT and Sputnik from its services, banning their content within EU countries.
But that’s not even half of it. Apple has furthered its crackdown on Russia by deactivating its payment service Apple Pay in the region – 29% of Russians rely on Apple Pay for contactless payments. Similar to Apple, Google Pay (used by 20% of Russians) has also ceased all digital payments by Russian citizens within occupied territories.
Money transfer services
According to Statista, the value of cross-border money transfers made by Russians in 2020 were worth over $40 billion, which is by almost $8 billion less than in 2018. In 2022, however, this sum is likely to be much lower taken the situation with the money transfer services that are leaving the Russian market.
Western Union
On 10 March 2022, Western Union issued a press release announcing that all the company’s operations in Russia and Belarus will be suspended with immediate effect. For the people of Ukraine, Western Union has created a donation portal to address the humanitarian and refugee crisis, according to Elizabeth Executive Director of the Western Union Foundation.
The money transfer company has pledged $500 000 to provide humanitarian aid to the Ukrainian people. To donate to the Western Union Foundation, visit its official website.
Wise
Before the 2022 Russian-Ukrainian war, Wise (formerly TransferWise) had already placed a $200 limit for Russian account owners. With the current swathe of sanctions, the remittance and payments company has doubled down on its restriction for individuals and businesses within the Russian Federation and its (illegally) occupied territories.
Find a detailed breakdown of the restrictions according to the company’s Help Centre below:
You can only send RUB to private bank accounts or cards in Russia.
You cannot send RUB to government agencies in Russia.
You cannot send RUB to Crimea or Sevastopol.
You cannot send USD or EUR to accounts in Russia.
MoneyGram
According to Quartz, MoneyGram still works both in Ukraine and Russia since the sanctioned banks — Sberbank (Russian) and VTB — are not involved in the transactions directly. This same report also shows that, on the first day of the invasion, US-based remittances to Ukraine spiked 120%, while the number rose to 50% in Russia. Nevertheless, MoneyGram has removed all fees on transfers going to Ukraine from the US, Canada, and EU.
Remitly
Remitly is a P2P service that allows immigrants to send money across borders. Since the company’s core demographics (immigrants) are closely aligned to the plight of Ukrainian refugees, it is no surprise that tit has also banned Russia. Remitly, through a spokesperson, has communicated its dedication to upholding this ban according to the EU and US sanctions.
Source: World Remit on Twitter
Zepz (WorldRemit)
Zepz, formerly WorldRemit, has released a list of countries on its banned list, including Russia and Belarus. The company also released an updated list of transaction conditions, showing that Russia is on the blocklist until further notice.
“The Big Four”
Members of the Big Four — Deloitte, Ernst & Young, KPMG, and PwC — have also enforced the sanctions imposed on Russia by the US and EU nations. At the time of compiling this report, the aforementioned companies are not in a hurry to impose blanket sanctions on all Russian citizens since a combined 1.1% (around 13000 people) of their global workforce is in Russia.
Deloitte’s Global CEO Punit Renjen said: “Last week, Deloitte announced it was reviewing its business in Russia. We will separate our practice in Russia and Belarus from the global network of member firms. Deloitte will no longer operate in Russia and Belarus.”
Mark Walters, KPMG’s Global Head of Communications, said: “KPMG has over 4,500 people in Russia and Belarus, and ending our working relationship with them, many of whom have been a part of KPMG for many decades, is incredibly difficult.”
Mike Davies, PwC’s Director of Global Corporate Affairs and Communications, PwC UK, said: “As a result of the Russian government’s invasion of Ukraine, we have decided that, under the circumstances, PwC should not have a member firm in Russia and consequently PwC Russia will leave the network.”
EYreleased a statement that said: “Today, EY global organisation decided that the Russian practice will continue working with clients as an independent group of audit and consulting companies that are not part of the EY global network. The changes will take effect after the required transition period.”
Source: Mykhailo Fedorov on Twitter
The crypto world
Although the major players in FinTech are equivocal in their condemnation and boycott (full or partial) of Russia, the crypto community maintains partial neutrality. The overarching sentiment within the world of crypto is that private citizens should not suffer due to the actions of their governments. After all, some of these individuals might be using cryptocurrencies to oppose tyrannical regimes.
Notwithstanding, the Russian Central Bank has proposed a ban on mining and trading cryptocurrencies. With Russia occupying third place among Bitcoin mining regions globally, the impacts on the value and volatility of the crypto market might be extensive.
On its part, Ukraine has also used crypto assets to fund its defence against Russian aggression. Ukraine’s Deputy Prime Minister Mykhailo Fedorov has also posted wallet addresses for the Ukrainian Army and Civil Defense support.
Source: Jesse Powell on Twitter
Kraken
CEO of Kraken, Jesse Powell released a Twitter thread in response to the Ukrainian Prime Minister’s call on crypto exchanges to block addresses of all Russian users. In the thread, he expresses regret for the appalling conditions Ukraine finds itself in at the hands of its aggressive neighbours. However, he insists that the company cannot blanket-ban citizens ‘without a legal requirement’ to do so.
Binance
Binance CEO, Changpeng Zhao, released a detailed statement refuting claims that ‘Binance doesn’t apply sanctions’. He expressed that Russian individuals banned by US and EU sanction regulations are not allowed to trade on Binance.
KuCoin
KuCoin CEO Johnny Lyu also refuses to freeze the accounts of Russian users, unless there is a legal precedent to do so on a case-by-case basis.In a statement to CNBC, the CEO expressed KuCoin’s stance on the issue: “As a neutral platform, we will not freeze the accounts of any users from any country without a legal requirement. And at this difficult time, actions that increase the tension to impact the rights of innocent people should not be encouraged.”
Source: Brian Armstrong on Twitter
Coinbase
According to Coinbase’s Chief Legal Officer Paul Grewal, the company has blocked over 25000 accounts linked with “illicit activity” with the Russian government and its allies. While the crypto exchange is dedicated to helping the Ukrainians, they refused to freeze the assets of ‘ordinary Russians’.
Nevertheless, Coinbase has implemented measures to monitor attempts by sanctioned individuals to evade the restrictions. The crypto exchange will also follow recommendations that align with government recommendations, provided they don’t interfere with individual rights.
Adyen
Although the Ayden network does not work in either Russia or Ukraine, the company has decided to offer humanitarian help to the victims of the ongoing invasion. Adyen’s policy decisions include:
Blocking sanctioned banks and private entities
Suspending US and EU processing services in Russia, Crimea, and the separatist regions in Donetsk and Luhansk.
Suspending transaction processing in Russian rubles (RUB) regardless of issuing country.
To the Ukrainian people, Adyen has pledged humanitarian support through Adyen Giving and other charities like the UNCHR Disaster Relief Fund, Giro 555, and the Red Cross.
Mintos
The loan management platform Mintos has removed loans from Russian and Ukrainian lending platforms as a ‘cautionary measure’ to protect lenders from the unprecedented repercussions of the invasion. As part of the Mintos Conservative Strategy, the company will uphold these restrictions until the conflict stabilises – or ends.
eToro
When eToro announced that it would be force-liquidating Magnit PJSC stocks (and other related Russian stocks), they probably didn’t expect such a massive amount of pushback from users who had equities in these companies. As a result of the criticism and public outcry, the company refunded all affected parties, except for leverage stakes. Despite the earlier wave of backlash, eToro is still considering what to do with nine other stocks from the country, including Sberbank of Russia, Rosneft (RNFTF), Gazprom, and Lukoil.
Conclusion
The Russo-Ukrainian war has plunged the entire financial sector into a new reality, which follows post-pandemic inflation. We are now witnessing an unprecedented situation – financial institutions and FinTech companies are reacting in real-time to impose sanctions and boycotts on Russia and its citizens. Numerous companies that aren’t obliged by law or sanctions have taken the initiative to leave the Russian market. These decisions cost each of them a significant part of revenue, yet they demonstrate the willingness to pay this price in order to help stop the war.
The banking industry has undergone huge change in recent years, and so too have its players. As such, the time-honoured classifications of ‘incumbent’, ‘challenger’ and ‘neobank’ no longer sufficiently describe a bank’s offering, role or position in the industry; arguably some incumbents are proving to take more ‘challenging’ strategies than some of their comparatively younger challenger or neobanks. So how will banks be defined in the future?
Rivo Uibo, Co-Founder and Chief Business Officer at Tuum
by Rivo Uibo, Co-Founder and Chief Business Officer at Tuum
The evolution of banking is partly in response to an underlying shift in the way that people live and work and the demand across diverse demographics for more tailored banking services. Freelance workers have different banking needs to employees; the needs of Gen Z customers, such as saving money and managing subscriptions (including Spotify, Netflix etc.) are far removed from those of older generations. In essence, to prosper in today’s banking industry, banks must now find a means of being relevant to diverse customer demands and desires and provide these banking services in the most convenient way.
In tandem with this trend, the advent of embedded finance, open banking and APIs together with the rise of new entrants to the market including tech giants and superapps and demand aggregators (brands that provide financial services on top of their core offerings such as Alipay, Uber payments or Gusto wallet), are adding further complexity to the banking landscape and the number and diversity of players.
Banks are therefore under pressure to maintain market share and are looking at different approaches to achieve this. Let’s look at the different business strategies that banks are pursuing today and where these business models are likely to lead to.
High street banks
Even before the pandemic, high street banks were ramping up their digital offerings and reducing their number of branches. But in the wake of the pandemic and soaring demand for digital banking, high street banks face strong competition from online-only banks. As a result, they have radically reduced their number of branches; according to a report by Which? published in December 2021, almost 5000 UK bank branches had closed since 2015 or were set to close in 2022.
That being said, In the UK, high street banks offering personal and business banking (including RBS, Barclays, Lloyds and HSBC) are still regarded as the market leaders and mainstays of the industry. Only time will tell if their (albeit reduced) in-person banking services and industry standing will be enough to survive heightened competition from their more nimble digital counterparts. In the meantime, these mainstream banks will be closely analysing the options open to them to maintain customer share (greater focus on digital/focus on other market segments).
Digital banks
These forward-thinking, online-only banks provide banking services that fully reap the efficiency benefits of modern technological capabilities. Leading digital banks currently include the likes of Monzo, Nubank and N26. These large players, which started out as ambitious neobanks, have succeeded in gaining a sizeable customer base through innovative, digital service offerings. N26 is today one of the most valued banks in Germany and is aiming to be one of the biggest retail banks in Europe (without having a single branch) while Nubank boasts 40 million customers in Brazil.
Aside from these larger successful players, many digital banks tend to be niche players, laser-focused on the banking needs of one specific customer group. These financial service providers are made up of both those who have their own licence and those that depend on other banks or banking platforms for their licence – but both are perceived equally by end-users as ‘digital banks’. Their strategy is to gain maximum traction within their target customer segment and then expand and enhance their service offerings. A great example of a niche digital bank is Jefa, a LATAM bank set up by women for women, offering free accounts, a debit card, and a mobile app to assist money management. With the defaults of banking in LATAM broadly hostile to women customers, Jefa is making headway in a giant untapped market that has been ignored by other banks. Another good example is New York-based Daylight, a digital bank that offers services specifically tailored to meet the needs and assist with the financial challenges of LGBTQ+ people and their families.
Notably, as long as a financial institution is fully regulated and users’ money is protected, customers are beginning to show less loyalty for long-standing banks and are increasingly motivated by innovative services and excellent customer experience from digital banks. The rise of platform players – in the form of next-generation core banking and BaaS platforms are playing a key role in enabling digital banks to quickly roll out new tailored banking services and driving innovation in everyday banking.
Multifaceted banks
These banks succeed in functioning in multiple modes; they successfully provide banking services directly to their own diverse customer base while also opening up their infrastructure to provide the technology and licence to third parties.
Goldman Sachs is a key example of such a bank today. It launched a consumer banking brand, Marcus, in 2016, together with a new transaction banking unit, which amassed $97 billion and $28 billion in deposits by 2020 respectively. Goldman Sachs opens up the underlying infrastructure that powers Marcus and its transaction banking unit to external third parties as well, such as Stripe or Apple. By leveraging both its balance sheet and regulatory expertise as well as a modern platform, it is an attractive embedded banking partner for large sticky brands.
Starling Bank is another (online) bank that together with providing award-winning digital banking services to its own customers (it has been voted Best British Bank in the British Bank Awards for the last four years), it also offers its own infrastructure to other banks and fintechs in order for them to roll out financial services.
As embedded finance and the rollout of financial services by non-banks takes off, banks that can offer their infrastructure and banking licences will become increasingly in demand.
Only time will tell exactly what the banking landscape will look like in the future but what is very clear is that the age-old classifications of banks need reconsidering. And in order to survive and thrive banks themselves need to decide what path to take. We are entering a stage in the evolution of the sector where there is no clear roadmap for a given incumbent or a given challenger bank. Each individual bank needs to assess its strengths and ambitions and re-evaluate its strategy to carve out its own place in the industry.
The growing demand for personalised and relevant services will mean that only a minority of banks will be able to operate on multiple levels because it is hard for a bank to be everything to everybody. In the meantime, advances in banking technology and the growth of platform players supporting digital banks will enable this segment to further expand and diversify while the banks that serve both their own customers and support other third party banks and fintechs will help to drive competition and bring about more choice and more options for customers in the future.
