Source: Finance Derivative
By Tom Kellermann, Head of Cybersecurity Strategy at VMware
The last couple of years has not only seen an increase in the number of cyber-crime cartels in Europe, but a significant increase in the sophistication of their operations too. According to research by the UK cabinet office, the UK experiences the highest number of cyber-crimes in Europe every year, followed by France. Powerful cybercriminal groups now operate like multinational corporations and are relied upon by traditional crime syndicates to carry out illegal activities such as extortion and money laundering. These cartels are more organised than ever before and enjoy greater protection and resources from the nation-states that view them as national assets.
With this ground truth serving as the backdrop for the threats facing financial institutions, I interviewed 130 financial security leaders and CISOs from around the world for VMware’s fifth edition of the Modern Bank Heists report. This year’s findings should serve as a warning to the financial sector that attackers are moving from dwell to destruction:
Geopolitical Tension Is Metastasizing in Cyberspace
Cybercriminals targeting the financial sector often escalate their destructive attacks in order to burn evidence as part of their counter incident response. Our report found that 63% of financial institutions experienced an increase in destructive attacks, a 17% increase from last year. Destructive attacks are launched punitively to destroy, disrupt, or degrade victim systems by taking actions such as encrypting files, deleting data, destroying hard drives, terminating connections, or executing malicious code. In fact, we’ve recently witnessed destructive malware like HermeticWiper being launched following Russia’s invasion of Ukraine. Notably, the majority of financial leaders I spoke to for this report stated that Russia posed the greatest concern to their institution.
The Year of the RAT
Financial institutions were certainly not immune to the recent resurgence of ransomware. 74% of financial security leaders experienced one or more ransomware attacks in the past year, and 63% of those victims paid the ransom. This is a staggering statistic.
One of the reasons that traditional crime syndicates have become loyal dark web customers is because of the well-funded ecosystem of readymade and available ransomware kits. Cybercrime cartels, such as the Conti ransomware gang, have made it as easy as possible for their associates to launch ransomware attacks on critical industries like the financial sector.
A technical analysis in the VMware Threat Analysis Unit’s latest threat report provides a view into the proliferation of ransomware and how Remote Access Tools (RATs) help adversaries gain control of systems. Ransomware has a sinister relationship with these RATs, given these tools allow bad actors to persist within the environment and establish a staging server that can be used to target additional systems. Once an adversary has gained this limited access, they will typically work to monetise it by relying on the victim’s data for extortion (including double and triple extortion) or through stealing resources from cloud services using cryptojacking attacks.
Manipulation of Financial Markets
Cybercrime cartels have realised that the most significant asset of a financial institution is nonpublic market information. 2 out of 3 (66 percent) of the leaders I interviewed experienced attacks that targeted market strategies, and 1 in 4 (25 percent) stated that market data was the primary target for cyberattacks on their financial institution.
What exactly are these cybercrime cartels looking for? We’re witnessing an evolution from bank heist to economic espionage, where cybercriminals target corporate information or strategies that can affect the share price of a company as soon as it becomes public. This information can then be used to digitise insider trading and front-run the market. Our report also found that 44% of Chronos attacks targeted market positions. A Chronos attack involves the manipulation of time stamps – a concerning development considering how critical of a role the clock plays in the markets.
Defense Is the Best Offense
Security has become a top-of-mind issue for financial sector leaders. According to our report findings, the majority of financial institutions plan to increase their security budget by 20-30% this year and named extended detection and response (XDR) as their top security investment priority.
As security leaders, we know that a strong defence is the best offense. Modern threat hunting on a weekly basis should be adopted as a best practice to help security teams detect behavioural anomalies, as adversaries can maintain clandestine persistence in an organisation’s system. Our report found that currently, only 51% of financial institutions are conducting weekly threat hunts. I am hopeful that this number will jump in next year’s report as threat hunting programs have multiple outputs beyond finding a cybercriminal, such as fuelling threat intelligence.
In today’s evolving threat landscape, cybersecurity has become a brand protection imperative. Trust and confidence in the safety of financial institutions depends on effectively avoiding, mitigating, and responding to modern cyber threats. As governing bodies introduce new regulations and levy hefty fines, it is time for the sector to take control and get one step ahead of the cyber cartels.
Digital Banking – a hedge against uncertainty?
Source: Finance Derivative
Ankit Shah, Head of Digital Banking, Apex Group
The story of the 2020’s thus far is one of crisis. First the world was plunged into a global pandemic which saw the locking down of people and economies across the world. Now we deal with the inevitable economic consequences as currencies devalue and inflation bites. This has been compounded by Russia’s invasion of Ukraine and subsequent energy politics.
And the outlook remains uncertain. Tensions continue to build between China and Taiwan and inflationary conditions are forecast to continue well into 2023. This uncertainty is impacting everyone, and every sector. And finance is no exception with effects being felt everywhere from commodity and FX markets to global supply chains.
But it’s not all doom and gloom. Rollercoaster markets and an ever-evolving geopolitical situation have made 2022 a tricky year far, but, despite the challenges, digital banking has proven resilient. In fact, the adoption of digital banking services has continued to grow over the last few years, and is predicted to continue.
So, what are the forces driving this resilience?
In an increasingly digital world and economy, digital banking comes with some advantages baked in, which have seen the sector continue to succeed despite the tumult in the wider world. In fact, the crises which have shaped the decade so far may even have been to the advantage of digital banking. Just as during the pandemic, technologies which could facilitate remote working saw a huge uptick in users, so to digital banking is well suited to a world where both people, and institutions demand the convenience that online banking services offer.
And while uptake of digital banking services is widespread amongst retail consumers, a trend likely to continue as digital first generations like Gen Z become an ever-greater proportion of the consumer market, uptake amongst corporate and institutional customers has been slower. This is largely down to a lack of fintech businesses serving the more complex needs of the institutional market, but, in a post-Covid world of hybrid working business, corporate clients are looking for the same ease of use and geographic freedom in their banking that is enjoyed by retail consumers.
This is not just a pipe dream – with the recent roll out of Apex Group’s Digital Banking services, institutions can enjoy the kind of multi-currency, cloud-based banking solutions, with 24/7 account access that many of us take for granted when it comes to our personal banking.
One significant difference between retail and business accounts however, for banking service providers, is the relative levels of compliance which are needed. While compliance is crucial in the delivery of all financial services, running compliance on multi-million pound transactions between international businesses brings with it a level of complexity that an individual buying goods and services online doesn’t.
For digital banking services providers, this situation is further compounded by guidance earlier this year from HM Treasury – against the backdrop of the Russia-Ukraine conflict- requiring enhanced levels of compliance and due diligence when it comes to doing business with “a high-risk third country or in relation to any relevant transaction where either of the parties to the transaction is established in a high-risk third country or with a sanctioned individual.”
So, can digital banks meet these standards while also providing institutions with the kind of easily accessible, mobile service which retail customers enjoy?
The answer is yes and again, once initial hurdles are overcome, digital banking brings with it features which give it the edge over traditional banking services. Paperless processes, for example, mean greater transparency and allow for better and more efficient use of data. This means AI can be employed to search documents, as well as provide verification. It also means compliance processes, often notoriously complicated, become easier to track. Indeed, digitising time intensive manual process means the risk of human error in the compliance process is reduced.
Digital banking can also better integrate transaction monitoring tools, helping businesses identify fraud and irregularity more quickly. This can be hugely important, especially in the times of heightened risk we find ourselves in, where falling foul of a sanctions regime could have significant legal, financial and reputational consequences.
Our world is increasingly globalised, and so is business. For corporate and institutional banking customers, being able to operate seamlessly across borders is key to the operation of their business.
This brings with it challenges, which are again compounded by difficult geopolitical and economic circumstances. In recent weeks for example, we’ve seen significant flux on FX markets which can have real consequences for businesses or institutional investors who are buying and selling assets in multiple currencies and jurisdictions. The ability to move quickly then, and transact in a currency of choice, is vital. Advanced digital banking platforms can help – offering automated money market fund sweeps in multiple core currencies to help their clients optimise their investment returns and effectively manage liquidity.
Control admin uncertainty
In times of uncertainty, digital banking can provide additional comfort via customisable multi-level payment approvals to enhance control of what is being paid out of business accounts, with custom limits available for different users or members of a team. Transparency and accountability are also essential, with corporate clients requiring fully integrated digital reporting and statements and instant visibility with transaction cost and balances updated in real-time.
For some, the perception remains that digital banking is the upstart industry trying to offer the services that the traditional banking industry has built itself upon. Increasingly however, the reality is that the pressure is on traditional banks to try and stake a claim to some of the territory being taken by digital first financial services.
With a whole range of features built in which make them well suited to business in a digital world, digital banking is on a growth trajectory. Until now, much of the focus has been upon the roll-out of services to retail consumers, but with features such as automated compliance, effortless international transactions and powerful AI coming as standard for many digital banks, the digital offering to the corporate world looks increasingly attractive.
Anyone Can Become an R&D Tax Expert with the Right Foundations
Source: Finance Derivative
Ian Cashin is a Customer Success Manager at Fintech company and R&D tax software provider WhisperClaims
For accounting firms, R&D tax credits offer a substantial opportunity to boost revenue and strengthen client relationships. According to Ian Cashin, Customer Success Manager at WhisperClaims, perceived complexities can be overcome with the right approach and support. Indeed, by embracing a few simple practices, any company can become an expert in R&D tax.
Growing revenue through new business is far more challenging than unlocking revenue from an existing client base. However, a significant number of accounting firms are losing out on value-added opportunities as a result of their lack of confidence or knowledge in R&D tax relief.
Yet, advisors who follow best practice are now in an ideal position to use their extensive client knowledge to mitigate their clients’ risk of and potential exposure to interrogation over fraudulent claims, ahead of HMRC’s introduction of more stringent R&D tax processes in April 2023.
So why are firms reluctant? There is no doubt that the R&D tax credit procedure is different. Compared to other areas of tax regulation, it leaves greater room for interpretation. But it is readily understandable by a qualified accountant – even an unqualified trainee. Understanding what HMRC considers to fall under the scope of research and development is key. Astrophysicists and Formula 1 manufacturers are not the only people who employ science and technology to overcome business challenges. Every day, UK firms of all sizes engage in R&D activities, from civil engineers to food manufacturers, yet far too many have not yet filed claims, losing out on critical cash.
The most important thing to keep in mind is that, as an accountant, you already have a far deeper relationship with your client compared to any other service provider. Once you have raised your level of understanding, you are in the perfect position to optimise this.
Accountants already have a unique understanding of their clients’ operations – insight which, as professional advisors, will help to highlight companies most likely to qualify for an R&D tax rebate. Furthermore, with access to tools like R&D tax claim preparation technology, developed by R&D tax professionals, they are able to significantly speed up the process. This technology enables accountants to easily determine the top targets within their client base, indicating where to focus the efforts of their emerging R&D tax service.
Using this priority list in conjunction with their understanding of the criteria HMRC stipulates, an accountant can leverage their client knowledge and relationship to engage in a conversation regarding daily R&D activities and unlock potential tax relief opportunities.
Moreover, facilitated by a specialist R&D tax claims preparation platform, accountants can be assured of a structured process that prompts the right questions to ask clients during these conversations, and highlights answers that are either in sync with, or fall outside of, the HMRC parameters. For instance, ca restaurant owner adding vegan alternatives to the menu is not on the same level as a food producer starting the development and manufacturing of a fully plant-based product line. The latter will undoubtedly be eligible for R&D tax assistance, but not the former. Accountants should use their position as “professional advisors” in this situation to push back against clients, especially those who may have previously been unwittingly misled.
For the last twenty years, since the introduction of R&D tax rebates in 2001, best practice has been the provision of a detailed report, complementary to the CT600 form, to mitigate the chance of HMRC asking supplementary questions. The technical purpose of the claim as well as the business context must be covered in this report, e.g. the challenges faced; how science and technology were used to overcome these; and the professionals employed who overcame them. Simply put, if the challenges weren’t difficult to solve, it wasn’t R&D.
It’s also critical to keep in mind that R&D claims cannot simply be copied and pasted from year to year. R&D is not necessarily a constant; demand for it changes in line with the evolution of the business’ activity or stage of development. as businesses change and go to the next stage of development.
The accountant’s already solid client relationship and interpersonal abilities come into their own in such situations. Particularly if the appropriate course of action is to suggest that the client should not submit an R&D claim, an accountant must feel comfortable advising the client accordingly. The claim belongs to the client; if it is contested, the client will be the one facing an HMRC investigation. An advisor must be self-assured enough to refuse to input erroneous claims without endangering the client relationship.
Recent years have seen accountancy firms strengthen their position as dependable, trusted business advisors. Discussions regarding a business owner’s long-term objectives, succession and exit plans, as well as pensions and investments, have become commonplace. It should be natural to include R&D tax into these conversations . Asking a customer about their investment in R&D should be a common practice – business as usual – just as it is to inquire about investment in infrastructure or buildings.
The only thing preventing accountants from successfully adding R&D tax to their suite of services is a lack of confidence. Yet, any reservations can be addressed with a straightforward ‘back to basics’ R&D training course, as well as using technology to gain access to a completely new revenue stream with their current clientele. Now that HMRC is openly calling for a much more rigorous, trusted, and evidence-based approach to R&D tax from 2023, accountants hold all the cards they need to gain confidence and give clients the trusted service they desire.
Redefining the human touch with digital transformation
Source: Finance Derivative
Simon Kearsley, CEO of bluQube
It may not be a new phrase, but digital transformation is still inducing anxiety amongst 80% of employees. Reigniting the conversation around the future role of the human workforce, the COVID-19 pandemic caused 47% of business leaders to implement new technologies, and a further 29% to develop plans to do so in the near future.
Creating increased efficiencies, cost savings, and improved customer service, several new technologies are becoming ingrained within core business operations. For example, the capabilities of cloud computing have enhanced the customer experience, and many companies are also using this to digitise their supply chain. Likewise, the combination of artificial intelligence and big data can also be used to automate nearly 80% of physical work, and 70% of data-processing.
In the digital era with so many new channels for communication, the ability to receive valuable insights from customers has in practice never been greater, which can in turn be used to inform future planning. Leveraged properly, this means that technology can drive benefits and growth for not just businesses, but also their customers and even their workforce. As technology empowers staff to transition their roles from more onerous, repetitive tasks towards impactful decisions within their organisation, this encourages the workforce to better realise the value of their contributions.
A data-driven workforce
When businesses embrace data-driven digital technologies, process optimisation across various sectors of the organisation occurs. For example, digitally-led automation, such as the use of OCR software, has been able to take over many time-consuming manual tasks, including data-entry, re-keying, and core administration roles. Although tasks of this nature may have formed a large part of some employees’ roles, this doesn’t mean that anxieties around the purpose of their job must increase.
Optimisation across the business isn’t limited to processes and costs, it also extends throughout the workforce. Less monotonous roles mean that employees are free to take on strategic roles that form a more rewarding career. In practice, this access to enhanced data empowers employees to expand beyond the limited resources they have for decision-making, instead leveraging the insight collected by analytics to make more informed decisions.
By replacing repetitive tasks, staff are becoming increasingly involved in the ideation process for new products and how to improve the company’s existing services. Besides the clear benefits this has to daily productivity and efficiency, staff are equipped with the tools to more clearly demonstrate their contribution to the business and, in turn, provide greater scope for progression.
As investment in data-led solutions continues and traditional roles are reshaped around its impact, employees’ digital skillsets will act as a key driver within the talent market and generate career progression that staff may have previously felt was unattainable. However, this outcome for staff will only be achieved if managers and senior members of the company are open to change and flexible enough to evolve alongside digital transformation. Technology adaptations are inevitable, and as its organisational applications continue to expand, managers would be wise to support new digital initiatives to remain ahead of the competition.
The business value provided by enhanced insights into customer preferences and behaviours cannot be overstated. With a clear overview of key behaviours, business leaders can accurately determine which areas of their processes need to be streamlined, where to focus their efforts, and how to attain the greatest possible value. On this basis, employees’ contributions will be vital for driving fundamental changes across the business, including roles in strategy development and operational management. Likewise, employees will be free to develop new product ideas and ways to improve the current service offering to benefit the business on a wider scale.
Amidst ongoing economic constraints, it has arguably never been more important for businesses to implement sustainable technologies that support their ability to respond to changing circumstances. Indeed, the insights discerned from employees’ data analysis and increased team collaboration are essential for reducing the risk of costly errors for the business.
In the coming years, AI-backed automation will become a key driver for technological change. As AI systems learn how to fit into the organisation and are programmed to improve over time, this encourages a greater focus on people on the long term. Not only should this reassure employees of their value, but it should also reassure managers that their investment was worthwhile.
Further reinforcing the value of a data-led workforce is the customer preference for real, human customer service – the value of which remains remarkably high. This is recognised by the vast majority (90%) of business leaders, who believe that the human touch of customer service has become even more important amidst advancing technology, with 40% describing the continued human touch in customer service as a ‘100% mission critical focus.’
Experienced across virtually every industry, many companies may have temporarily seen customer service levels slip during the COVID-19 pandemic. However, technology is able to reverse this trend, supporting the human element of customer service with high-value data and insight. This enables teams to make decisions based on what they have learnt from evolving customer data and feedback, which can then be leveraged to improve the customer experience on an ongoing basis.
An additional benefit of digital transformation for customer service teams is that technology streamlining businesses’ operations in turn frees up organisations to provide the other crucial strand of the human touch, with dedicated customer service teams to personally connect with customers.
The bottom line
Simply enough, data-led technology significantly benefits business leaders, employees and customers alike. Achieving just base-level insights increases job satisfaction and security, encourages client retention, and instils confidence in customers that they are receiving a high-value service. For the four out of five workers that remain anxious about the implementation of digital technologies, it must be remembered that these advancements create an exciting opportunity for the human touch to grow alongside them.