RiskMinds365 polled CROs and asked them, what are the emerging local and global risks that every bank should have on their risk radar? Fintechs and cybersecurity were two of the four issues mentioned along with risk culture and macro trends.
Every CRO surveyed cited cybersecurity as a risk they were keeping front and center over the rest of 2018 and beyond. Cyber threats have been a recurring theme in the CRO polls, consistently ranking in the top three risks, and it isn’t hard to see why. Estimations vary, but banks are now dealing with and responding to hundreds of thousands of security alerts and cyber threats a day, and so far the total cost for cybercrime globally has added up to over 100 billion dollars.
Both money and data are lucrative commodities for cybercriminals, and with the explosion of IoT and connected devices, the potential for attacks will only increase. As demographics shift and more and more of a bank’s client base expects swift and effective digital offerings, banking technology will become ever more critical to remain competitive, however consumers will not want a trade-off between efficiency and increased risk.
With regards to fintech, the big question is: compete or collaborate? It’s an important question facing banks when it comes to their relationship with emerging fintech startups, and remains high on the priority list for CROs globally. While some banks are playing catch up to develop new apps and capability to rival fintechs, almost daily new entrants to the market offer potential partnerships to the larger financial incumbents.
Increased collaboration can go hand-in-hand with increased third-party risk, and pairing legacy systems with new technology can often lead to cybersecurity gaps and vulnerability too. Since the introduction of GDPR (General Data Protection Regulation) this May, data protection when working with fintechs is also giving risk managers a headache, and for some may prove more hassle than it is worth.
However, many will have learned from the recent TSB digital banking fiasco that it is not necessarily easier to bring fintech strategies in-house. As the company attempted to move accounts from one legacy system to their new in-house host server, a catastrophic IT glitch resulted in some serious reputational and financial damage to the bank.
The interest from large tech companies like Amazon and Google into providing financial services is also giving risk managers some food for thought. With large and loyal customer pools and huge amounts of data at their disposal, tech firms could prove a very tough adversary should they make a move into the fintech and banking space.