Connect with us

Business

How will regulations effect the open banking sector?

Source: Finance Derivative

Martin Hartley – Group CCO of emagine Consulting 

Comments on the future of the open banking sector and how it will affect the UK market. 

“The UK Open Banking Sector is still primarily driven by regulation. In my view, two of the major current regulations will remain at the forefront moving forward, namely the CMA (Competition and Markets Authority), which mandated the major banks to provide open banking access to authorised third-party providers, and PSD2 (Second Payment Services Directive), which set the standards for secure data sharing. Cybersecurity regulations will only increase in importance, as will Brexit-related changes as any divergence between UK and EU standards could impact open banking.

“Over the upcoming months, increased data sharing through open banking will add crucial pressures to cybersecurity, likely creating a surge in the sector once again.

“I expect ongoing scrutiny and efforts to enhance data protection measures, potentially leading to more stringent cybersecurity regulations being adopted by businesses. I expect to see more partnerships between traditional banks and FinTechs or consultancy firms as they collaborate to enhance cybersecurity or offer innovative services to plug the gap. Conversely, there could be consolidation within the FinTech industry as companies merge to gain market share.

“When it comes to the size of the business and how it is affected, history has shown us that there are certainly positives and negatives of being an SMB when responding to new regulations. On the positive side, they can leverage their agility and they will have a more personal relationship with their customers, potentially leading to a higher level of trust. However, SMBs may face challenges due to their limited budgets and resources. The larger firms will have much larger budgets, allowing them to have more advanced IT systems and IT security, making it easier for them to integrate APIs and develop the necessary infrastructure.

“The benefits of open banking are endless, and the UK Government is showing their forward-thinking mentality in exploring the idea of implementing the technology to streamline wider services. But, much like anything, there are always pros and cons.

“Open banking would simplify payments for public services, making transactions quicker and more convenient for everyone. As it relies on APIs and authentication protocols, open banking would make payments more secure for the public and it would allow access to digital payments for members of the public who have smartphones but possibly no bank accounts. For any digital implementation, it goes without saying that we need to be aware of the risk of cyber attacks and data breaches. These, combined with the exclusion of non-tech savvy individuals, could mean that certain members of the public may not embrace the change, which poses a risk. There is also the additional cost of providing the infrastructure and this will have to be managed carefully to avoid burdening the taxpayer.

“We have already seen digital transformations in areas such as the GOV.UK Pay System and  there are two main indicators of the success of any digital implementation; adoption rates and incidents. There haven’t been any high profile incidents that have hit the headlines in recent times so that to me is a huge positive and provides a level of confidence. It would be interesting to see how many government departments and agencies have adopted GOV.UK Pay for their payment processing needs to understand the system’s usefulness and acceptance within the government. The government must be committed to continuous improvement and to ensure that the system continues to comply with regulations and consciously drives the adoption rate to hit at least 90% of government departments and agencies.

“A favourable regulatory environment will encourage more banks and third-party providers to participate in open banking initiatives, leading to growth in the UK market and positioning the nation as industry leaders.”

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Business

The need for speed: Why fintechs must supercharge background checks to stay competitive

Source: Finance Derivative

By Luke Shipley, Chief Executive Officer and co-founder at Zinc

In the fast-paced world of finance, and particularly where finance and technology intersect, hiring candidates with the right skills is crucial for staying ahead of the competition. For fintech firms, conducting fast yet thorough background checks is key to balancing regulatory compliance with the need for speed.

However, financial regulations in the UK demand rigorous oversight to safeguard consumer data, prevent fraud, and maintain financial stability. As part of these regulations, fintech companies must conduct thorough background checks to ensure new hires align with compliance standards, mitigating risks to both the company and its customers. These checks involve verifying critical information such as financial history, credit reports, criminal records and employment history, which are essential for determining the suitability of candidates handling sensitive financial data. These checks are both time-consuming and resource-intensive, slowing down the hiring process.

Fintech firms can sustain rapid growth and meet regulatory obligations without sacrificing operational efficiency by streamlining this crucial part of the hiring process with the right tools. This also enables HR teams to focus on creating a positive experience for new hires, rather than burdening them with additional administrative tasks. Implementing efficient systems that reduce these checks from weeks to days allows companies to swiftly onboard talent, maintain customer trust, and stay competitive.

Challenges of traditional background checks

Traditional background checks in the fintech industry are complex and time-consuming due to the stringent regulatory requirements that financial organisations must follow. Verifying candidates’ financial history, running credit reports, conducting Disclosure and Barring Service (DBS) checks, and confirming employment history for the past several years are all critical tasks. These checks are not only meticulous but also require coordination with external agencies, which often slows down the process.

Manual handling of these background checks can extend the hiring timeline by weeks or even months, creating operational inefficiencies for fintech companies that need to scale quickly in a competitive industry. Prolonged hiring cycles can also lead to delays in onboarding vital talent, putting added pressure on already stretched teams.

For HR departments, managing these extensive checks manually places a heavy administrative burden. The time spent gathering documentation, verifying information, and coordinating with third parties diverts HR professionals from focusing on more strategic initiatives, such as talent acquisition and improving the candidate experience. As a result, the manual process not only hinders recruitment efficiency but also affects the company’s ability to attract top talent in a timely manner.

Role of technology in streamlining background checks

Here, technology plays a crucial role as it revolutionises the background check process in fintech by reducing manual interventions and simplifying time-consuming tasks. Automated platform systems now handle complex steps like identity verification, credit checks, and employment history validations far more efficiently than traditional methods. These technologies not only speed up the process but also provide one centralised place for employee documentation and improve accuracy by reducing the risk of human error in verifying critical information.

Automation also allows fintech companies to complete thorough background checks in a fraction of the time, continuing to ensure global compliance without delaying the hiring process. HR teams are freed from the burden of manual data gathering by automating repetitive tasks and reminder emails so they can focus on higher-value activities, such as candidate engagement and talent strategy.

Moreover, integrating background check platforms with existing HR systems streamlines recruitment workflows. This integration ensures a seamless transfer of data, and provides real-time updates on the status of each candidate’s background check. The result is a faster, more efficient hiring process that allows fintech firms to onboard new employees quickly, creating a positive reflection of their brand at every stage of the onboarding process.

Improved candidate experience

Technology in recruitment not only benefits HR teams but also significantly enhances the candidate experience. Automated systems cut down lengthy waiting periods, helping candidates move through the hiring process more swiftly.

From digital applications to real-time status updates, candidates enjoy a seamless, transparent process, which minimises stress and uncertainty. This streamlined approach improves communication and ensures that candidates are informed at every stage of their check progress, fostering trust and keeping them engaged. Additionally, modern tools like AI-driven assessments or automated interview scheduling save time, allowing candidates to focus on showcasing their skills rather than dealing with logistical hassles. Fintech companies can improve their overall employer branding by providing a more efficient and organised hiring process, attracting top talent who appreciate a modern and tech-forward experience.

It is why speeding up background checks is crucial for fintech companies aiming to stay competitive. By leveraging modern technology, these companies can benefit from greater efficiency, regulatory adherence, and an enhanced candidate experience. Fintech firms should embrace tech-driven solutions to balance speed and regulatory requirements, ensuring a smooth, transparent, and efficient hiring process.

Continue Reading

Business

Three key questions on the road to AI adoption

By Gert-Jan Wijman, VP & GM EMEA, Celigo

In the world of IT, there is rarely a period when some technology trend isn’t promising to deliver greater efficiency, productivity, and competitive advantage.

Few trends, however, have ever been met with the level of attention, expectation, and investment that AI is currently receiving. Usually, we would expect to see diversity in how businesses react to new technologies as they learn and experiment, but in a recent survey of more than 1,200 global enterprise Operations and IT leaders, Celigo found that 97% of respondents already view AI as ‘critical to driving operational improvements in the coming year’. That’s amazing when you consider that less than 10 years ago, there weren’t machines considered reliable enough to provide language or image recognition at a human level.

Gert Jan Wijman

Of those 97%, the vast majority are already well into the swing of actively investing in AI: over three-quarters of businesses indicate that they have dedicated specific resources and budget to AI, while over four-fifths have a formal strategy or roadmap in place for AI implementation. However, usage does not automatically turn into benefits, and the sheer level of interest and effort in AI adoption only raises the stakes for businesses that need to show real ROI from their exploration of this new technology.

The data, and our experience based on working with IT customers, suggest that there are a few key questions which can point the way towards successful strategies that overcome roadblocks on the path to AI adoption.

Who leads the AI charge?

Whether the technology in question is a tailor-made solution or a plug-and-play tool,  the process is usually driven by IT teams. However, there are signs that for AI that isn’t the whole story. Just 26% of businesses, in fact, say that IT is at the forefront of their AI mandate, and over half allow users to implement AI solutions without formal IT oversight.

There are multiple reasons for this. For one, IT teams are often overburdened as it is, leaving them with little breathing room to take charge of something as all-encompassing as AI adoption. But at the same time, part of the promise of AI is the way that it can democratise access to technology, making complex processes more intuitive.

Indeed, 68% of businesses say they approve of a Citizen Developer mindset, in which knowledge workers are empowered to innovate processes in ways that were typically reserved for technology specialists. Such an approach has obvious benefits in terms of sharing the workload, and has the advantage that departments and teams are the experts in what capabilities would best augment their own workflows.

While there are clearly advantages to allowing citizen developers to play a role in implementing AI, it also exacerbates risks, particularly on grounds of security and data governance.To empower Citizen Developers safely, businesses first need a modern approach to integration.

Where does AI happen?

All AI applications start with good data. While any given department will have its key platforms for gathering and managing data – customer relationship management platforms, enterprise resource planning platforms, collaboration and productivity platforms, and so on – the best results will come when those data sources are brought together in a holistic way that can generate deeper insights.

The challenge of integration has been growing for a long time, as businesses lean on ever more cloud services to carry out day-to-day business. Having many specialised tools available can help teams to excel in their work, but it also makes connecting the business’s IT infrastructure together in a unified way exponentially more complex.

The arrival of AI is adding real urgency to this challenge: while employees may be able to find ways of navigating across many data sources, AI needs data to be available in a more frictionless way. Our survey found that businesses are expecting to exploit a huge diversity of data sources and types through their AI adoption, from cloud platforms and APIs to user interaction tracking and user feedback data.

In this context, investing solely in the end-goal of AI implementation risks either outcomes that underperform due to a lack of data or outcomes that create governance issues through inexpert data integrations. Attention should also be paid to technologies like Integration Platforms-as-a-Service (iPaaS), which can significantly simplify and normalise the underlying data integration challenge. Organisations should also place attention on the upskilling of staff through training so as to maximise the benefit of AI to the business.

How are AI benefits shared?

While security was the most common risk identified by respondents to our survey, 46% said that fears around jobs being replaced by AI are a concern in their organisations. As the Citizen Developer mindset suggests, however, AI is no different to any other technology in that it is ultimately by and for people.

Just as the adoption of specialised platforms by different teams can create data silos and integration challenges, permitting unchecked team-level innovation without IT oversight can ironically reinforce the very barriers that data integration aims to dismantle. This paradox highlights the delicate balance between fostering innovation and maintaining a cohesive, interconnected IT ecosystem. While team autonomy can drive rapid advancements and tailored solutions, it may inadvertently perpetuate isolation and fragmentation across the organisation’s data landscape. The challenge lies in cultivating an environment that encourages innovation while simultaneously ensuring new technologies and processes align with broader organisational goals for data accessibility and integration.

In order to maintain security while promoting the freedom to self-implement, it’s imperative that companies have a clear strategy on balancing the two. Establishing a clearly documented AI policy, for instance, can alleviate uncertainty over what is and isn’t allowed as people explore the technology. Creating an open culture of learning and experimentation can be helped with social feedback loops like lunch-and-learns, where non-technical employees share what has worked for them and IT leaders can offer their expert advice.

Over time, almost every business will experience AI as a critical driver of operational improvement. When so many businesses are investing so heavily, though, the real winners will be those who take the smartest path to the destination.

Continue Reading

Business

Is the financial sector ready for DORA?

Source: Finance Derivative

Wayne Scott, Regulatory Compliance Solutions Lead at leading software escrow company, Escode, delves into the Digital Operational Resilience Act (DORA), exploring the key challenges financial organisations are facing and what they can do to prepare themselves for the upcoming legislation.

With just three months to go until the enforcement of the Digital Operational Resilience Act (DORA), the clock is ticking for those financial services organisations operating in the European Union. Businesses that do not comply could face serious consequences, including fines of up to 2% of global daily revenue and potential personal liabilities such as fines or jail time for executives, so thorough preparation is crucial.

So how ready are organisations for DORA, and what challenges might be facing them on the road to compliance?

DORA: A new era in financial regulation

DORA isn’t just regulation; it’s legislation. This distinction underscores the European Union’s intent to enforce it with absolute rigour, addressing growing concerns around third-party risk. DORA advocates for the inclusion of stressed exit plans in all ICT third party license agreements to prevent supplier failure majorly disrupting the financial service sector.

As financial institutions increasingly rely on external tech providers, the threat of a single point of failure has never been more pertinent. Recent high-profile global tech collapses have shown just how vulnerable the system is, making DORA’s focus on digital resilience timelier than ever.

The financial landscape is already turbulent, made fragile by ongoing issues such as rising global borrowing costs. So, the last thing financial services need is more risk exposure from poorly managed third-party relationships.

How does the regulation stack up across the globe?

While DORA is the EU’s latest regulation, it’s not just European companies that need to pay attention. Interest in DORA is rapidly growing in the US and UK, particularly among companies with significant EU operations. Yet, many non-EU firms are still unsure whether they’ll fall under DORA’s rules.

Adding to the pressure is the looming deadline for the UK’s SS221 regulations, coming in March 2025. The overlap between DORA and SS221 has left many organisations frustrated, facing compliance with not one but two significant regulatory frameworks.

Globally, DORA represents a new chapter in digital resilience. While the EU is leading the charge, the rest of the globe is following very closely behind.

Despite the growing urgency for robust third-party risk management, many organisations remain alarmingly underprepared for DORA’s implementation. In fact, a recent report commissioned by Escode in collaboration with international research organisation CeFPro, revealed that only 20.8% of financial professionals report having stressed exit plans in place within most of their third-party agreements, including software suppliers.

These figures indicate that many financial institutions still have considerable work to do in preparation for DORA. With the new legislation set to take effect from January 2025, it’s important to look at the challenges facing businesses when it comes to ensuring compliance.

The risk of overconfidence

A common pitfall for large institutions is assuming they are DORA-ready. Many discover major gaps when they conduct deeper assessments, particularly in areas like third-party escrow agreements, which can take months to finalise. This becomes even more risky when organisations lack clarity on the penalties for non-compliance.

So, in the lead up to DORA, organisations need to build a defensible position. While complete compliance by January 2025 may be a long shot for many, organisations can start to demonstrate progress. A clear roadmap, identifying regulatory gaps and planned actions for improving processes, could make all the difference in helping the financial sector to prepare for the changes.

Navigating ambiguity

There’s currently a lack of clarity around whether critical third-party providers will be directly regulated under DORA. Many tech companies, who are often blindsided by regulatory updates in the financial sector, are also ill-prepared for the many compliance requests about to come their way.

The cost of compliance is another challenge. As reactive compliance kicks in, companies are discovering that ticking all the regulatory boxes isn’t just time-consuming—it’s expensive. Many are scrambling to implement reactive solutions, which only add layers of complexity.

What’s really needed is standardisation – a clear path that helps third-party tech providers understand and meet regulatory expectations. Until that happens, confusion will remain a barrier for both financial businesses and tech providers alike.

What should organisations do now?

With only months left until DORA comes into play, its clear organisations need to act now to ensure a smooth transition.

Here are key steps organisations can take to make the process of becoming DORA-ready as easy as possible:

  • Mobilise cross-functional teams

Effective digital resilience requires collaboration, but in many cases, accountability is lacking. Some companies have assigned DORA compliance to legal departments, others to risk or IT teams. This often results in a fragmented approach to a problem that requires unity. Organisations need to mobilise cross-functional teams to tackle the challenge head-on and ensure a collaborative approach to risk management.

  • Focus on supplier management

Equally important is supplier management. It’s not just about ensuring your direct tech providers are resilient—what about their providers? A key question every organisation should be asking its suppliers is: “What’s your stressed exit plan?” Proactive due diligence is critical, but it’s not happening fast enough. The message for C-suites is clear—get your teams together, assess the financial, contractual, and technical barriers, and act before it’s too late.

  • Conduct gap analysis

Regular gap analysis will be a crucial tool in this process. Continual assessment of your current compliance status will not only identify areas that need attention but will also help shape the defensible position that could save you from regulatory pressures. This is key for taking a proactive approach to managing risks and regulation and can help to avoid challenges in the long run.

The countdown is on

Three months may feel like a lifetime in the corporate world, but when it comes to DORA compliance, it’s the blink of an eye. The message for financial services is simple: if you’re not already well on your way to compliance, you’re behind.

Now is the time to mobilise your teams, collaborate across departments, and prepare for the legislation. For the financial sector, DORA marks the beginning of a new regulatory era—one where digital resilience isn’t just a buzzword, but a non-negotiable imperative. The time to act is now.

Continue Reading

Copyright © 2021 Futures Parity.