Source: Finance Derivative
By Mark Brown, Founder Psybersafe
In the world of banking and finance, security is always the number one priority. But however secure your work systems are, you can never be completely sure that your employees are following the rules, particularly if you have implemented remote working or you have a workforce that travels and uses mobile devices. It doesn’t matter if you are a global bank or a family-owned accountancy firm you are still at risk. In fact 90% of cyber security breaches are caused as a result of human error, so education and training are as important as firewall and cyber security technology.
You spend a lot of money safeguarding your and your clients’ data. Most of that spend goes on technical defences. Business Insurance, Risk and Management consultancy Gallagher suggests organisations should be spending 4% of their revenue on IT, including cyber security. Specifically, it says:
“It is worth mentioning … that the majority of breaches are caused by failures on the part of people and processes. So it is just as much about training and awareness, as it is about the latest technical solutions. Cybersecurity is not simply an ‘add-on’ for your business, it needs to run through your operations, and be embedded in your processes and culture.”
This training often tends to be neglected in the banking and finance sector. For smaller firms, it’s often an afterthought, and for large firms, it’s seen as a box-ticking exercise rather than an important cog in the cyber security wheel.
A seminar a couple of times a year, where your people are required to sit through a few hours of presentation slides, however amusing, will unfortunately have little long term effect on how individuals behave on a day to day basis.
This is because our memories are not as reliable as we would like them to be. German psychologist Hermann Ebbinghaus researched this phenomenon and produced the ‘Forgetting Curve’. There are five important elements to his work on memory:
1. Memories weaken over time
2. The biggest drop in retention happens soon after learning
3. It’s easier to remember things that have meaning
4. The way something is presented affects learning
5. How you feel affects how well you remember
Knowing this, it’s easy to see that unengaging and infrequent cyber training is never going to impact human behaviour. What we need to do is change people’s routines and habits around managing security and data – and ultimately their attitudes towards cyber security. When people are busy, overworked and have a lot on their plate, your cyber training needs to be regular, easy to access, have a purpose and achieve the aim – improving the human line of defence. It needs to be:
• Little and often
Measurement is also key, both for the individual and the organisation to know where it might need to adjust. And not just measuring clicks in a phishing campaign. Phishing campaigns, whilst addressing awareness, often don’t address the root cause of why people keep clicking. Whilst recognising a phishing mail because of error features, or strange links is useful, contextually well-crafted email are still likely to trick any employee, so a phishing campaign alone will not solve the issue.
The focus should be on overall cyber hygiene – all related aspects of cyber security behaviour need to be addressed the change people’s behaviour. This requires a programme of training that tackles aspects of behaviour beyond just phishing mails.
And whilst training is key, it is not the only thing for influencing how your staff act. Many subtle signals can support more secure behaviours, but also detract. Management needs to be seen to walk the talk, and back cyber security training and campaigns visibly. And ideally the company uses the environment to its advantage – visual cues to remind people to be careful with data, with who is in the office, and providing easy ways to dispose of confidential data, for example. A clean desk policy can also support a security culture.
Further, certain areas of a financial institution are more at risk – operations areas that can make or authorise payments, privileged account holders who can access systems holding sensitive data, or have access to core processing systems require additional training. And this is where training has to be adaptable to suit the audience.
Keeping cybersecurity front of mind
Make sure you have regular communication with your team about cybersecurity and regular training updates. Have a message that pops up every time someone logs into your system, for example. Use communications to reinforce the message – everything from daily team meetings to weekly all-business emails. Make sure people get into the habit of checking everything and assuming nothing.
Even in their personal lives, your employees need to be careful about oversharing data that might compromise them.
Interacting online is part of day-to-day life for a majority of the population. As a responsible employer, it is your duty to remind them to practice good digital citizenship and that includes:
• Making sure that they remember to create strong passwords for every account they have on social media or elsewhere. A good password is at least 15 characters, with a mix of letters, numbers and special characters. Get them to use a password vault app to keep their passwords secure.
• Ensuring that they are clear that they can’t share any personal details – in posts or in images. That includes names, address, postcode, school, workplace, date of birth, phone number or contact details.
• Not clicking on links in a text, message or email even if it looks like it is from a friend or colleague – this is how phishing campaigns steal information. Instead, go through your browser or app directly to check if the link is real.
• Keeping your devices locked – even when you’re carrying your phone round with you, make sure it’s locked. If you leave it open, it can take just seconds to steal your information.
Hacking is here to stay
Hackers make lots of money from their scams, and that means that they are unlikely to stop any time soon. It is therefore up to your organisation to make sure that you give your people the correct training and environment they need to recognise the signs of a scam, and have the tools and behaviours that can protect their data and the data in your organisation.
At the top of this article, we said that 90% of successful cyberattacks are the result of human error. Now is the time to make sure your people are trained to be aware of the risks, know how to mitigate them and engage in the positive behaviours that protect themselves and your organisation in the long term.
Embedded Finance: The Opportunity Ahead
By Eduardo Martinez Garcia, CEO & Co-founder of Toqio
The current financial landscape is undergoing a significant transformation, disrupting the long-established dominion of major banks and other large financial institutions. Embedded finance, a concept that has thrived in the realm of digital consumer products, is now steadily infiltrating the corporate domain, poised to revolutionize the financial sector further.
This paradigm shift is manifesting in a multitude of ways, with digital embedded finance increasingly becoming an integral part of corporate digital offerings. Distributor payment processing, lending services for suppliers, and supply chain financing are all becoming commonplace – the versatility of corporate embedded finance knows no bounds. Despite the diverse applications the core objectives remain consistent, including enhancing B2B processes, mitigating risks, and fortifying business relationships.
Corporate embedded finance promises to deliver substantial value over the course of the next decade. A burgeoning opportunity beckons, estimated to be worth an astonishing USD 3.7 trillion over the next five years alone. Remarkably, more than 50% of businesses have expressed a preference for cash flow financing through platforms rather than traditional banks, as per a report by McKinsey. The shift observed in consumer embedded finance adoption is creeping into the B2B landscape, and moving more quickly all the time. Consequently, if the high level of adoption of consumer embedded finance carries over into the B2B space, and it’s certainly expected to, we’re genuinely looking at the next big thing.
Customers are no longer passive passengers in their financial journeys; they have emerged as the navigators, steering the industry’s course while financial institutions focus on risk management. Banks and non-banking financial institutions (NBFIs) remain pivotal, but their control of products is waning. Companies, intimately acquainted with their customers and partners, possess a deeper understanding of their collaborative ecosystem. Consequently, they are better equipped to tailor their financial offerings to meet the needs of their business relationships.
Take Amazon, for instance, which has been offering loans to small businesses operating on its platform for years. Amazon evaluates risk based on a merchant’s payment history, sales volume, projected revenue, and other critical data points. This approach enables Amazon to provide additional value to its sellers while securing a foothold in the financing market. The close rapport Amazon shares with its small business partners positions it with substantially less risk compared to conventional banks.
Shopify has also ingeniously woven embedded finance into the very fabric of its offering. While its core service revolves around delivering an efficient, subscription-based e-commerce platform, it also provides payment processing and lending services, among a myriad of other financial solutions. Shopify boasts an extensive reservoir of data, allowing it to make informed decisions about the financial products it can offer to merchants, all while keeping risk to a minimum.
Historically, financial products have fallen within the purview of major corporations either through partnerships with third parties or in-house service creation. Nevertheless, the rise of digital channels has expedited the decentralization of financial services, and it’s snowballing. Companies spanning various industries, from automakers to retail giants, are recognizing the immense untapped potential in taking control of many functions traditionally handled by financial institutions. While financial institutions will endure, their role is evolving. Their strengths are assessment, management, and specialized services. They must pivot towards analyzing data from a multitude of sources, diving into data lakes to provide genuinely useful risk assessments.
Incumbent banks have demonstrated their staying power and adaptability time and time again, mostly due to being able to leverage their size and relative dependability. They’ve capitalized on their vast customer bases, regulatory compliance expertise, and extensive branch networks to maintain a competitive edge. Additionally, incumbent banks have finally begun to recognize the need to adapt to changing customer expectations and digital transformation.
The future of core banking is likely to strike a balance between fintech disruptors and established incumbents. Collaboration and partnerships between incumbents and fintech startups tend to drive innovation, offering customers cutting-edge digital experiences. Big banks are probably going to find their place in the market modified, and not necessarily in a bad way.
Incumbents and financial behemoths have long been oriented toward long-term financial products, such as 30-year mortgages. But what about short-term business loans? Consider the restaurateur seeking a swift three-month loan to renovate a kitchen or the farmer unable to repay a loan until the crops are harvested and sold, a process spanning six months or more. For traditional banks, these scenarios represent short-term debts, a situation they tend to avoid. This presents a prime opportunity for companies to tailor products that cater to these specific needs, allowing them to define the space.
The evolution of embedded finance is commencing with payments, as it represents one of the least regulated segments in finance, offering ample room for innovation. Credit, closely trailing payments in significance, holds paramount importance. What’s really exciting is that as corporate giants blaze the trail, they pave the way for others to follow suit. This means that small and medium-sized enterprises will also be able to get involved, making embedded finance more inclusive within a given business ecosystem.
Eduardo Martinez Garcia is the CEO & Co-Founder of Toqio. He is an avid entrepreneur who has set up and run successful global ventures in the UK, Spain, and South Africa over the course of the last 20 years.
Hype, Hysteria & Hope: AI’s Evolutionary Journey and What it Means for Financial Services
Source: Finance Derivative
Written by Gabriel Hopkins, Chief Product Officer at Ripjar
Almost a year to the day since ChatGPT launched, the hype, hysteria, and hope around the technology shows little signs of abating. In recent weeks OpenAI chief Sam Altman was removed from his position, only to return some days later. Rishi Sunak hosted world leaders at the UK’s AI Safety Summit, interviewing the likes of Elon Musk in front of an assembly of world leaders and tech entrepreneurs. While behind the scenes, AI researchers are rumoured to be close to even more breakthroughs within weeks.
What does it all mean for those industries that want to benefit from AI but are unsure of the risks?
It’s possible that some forms of machine learning – what we used to call AI – have been around for a century. Since the early 1990s, those tools have been a key operational element of some banking, government, and corporate processes, while being notably absent from others.
So why the uneven adoption? Generally, that has been related to risk. For instance, AI tools are great for tasks like fraud detection. It’s a well-established that an algorithm can do things that analysts simply can’t by reviewing vast swathes of data in milliseconds. And that has become the norm, particularly because it is not essential to understand each and every decision in detail.
Other processes have been more resistant to change. Usually, that’s not because an algorithm couldn’t do better, but rather because – in areas such as credit scoring or money laundering detection – the potential for unexpected biases to creep in is unacceptable. That is particularly acute in credit scoring when a loan or mortgage can be declined due to non-financial characteristics.
While the adoption of older AI techniques has been progressing year after year, the arrival of Generative AI, characterised by ChatGPT, has changed everything. The potential for the new models – both good and bad – is huge, and commentary has divided accordingly. What is clear is that no organisation wants to miss out on the upside. Despite the talk about Generative and Frontier models, 2023 has been brimming with excitement about the revolution ahead.
A primary use case for AI in the financial crime space is to detect and prevent fraudulent and criminal activity. Efforts are generally concentrated around two similar but different objectives. These are thwarting fraudulent activity – stopping you or your relative from getting defrauded – and adhering to existing regulatory guidelines to support anti-money laundering (AML), and combatting the financing of terrorism (CFT).
Historically, AI deployment in the AML and CFT areas has faced concerns about potentially overlooking critical instances compared to traditional rule-based methods. Within the past decade, and other regulators initiated a shift by encouraging innovation to help with AML and CFT cases. Despite the use of machine learning models in fraud prevention over the past decades, adoption in AML/CFT has been much slower with a prevalence for headlines and predications over actual action. The advent of Generative AI looks likely to change that equation dramatically.
One bright spot for AI in compliance over the last 5 years, has been in customer and counterparty screening, particularly when it comes to the vast quantities of data involved in high-quality Adverse Media (aka Negative News) screening where organisations look for the early signs of risk in the news media to protect themselves from potential issues.
The nature of high-volume screening against billions of unstructured documents has meant that the advantages of machine learning and artificial intelligence far outweigh the risks and enable organisations to undertake checks which would simply not be possible otherwise.
Now banks and other organisations want to go a stage further. As Generation AI models start to approach AGI (Artificial General Intelligence) where they can routinely outperform human analysts, the question is when, and not if, they can use the technology to better support decisions and potentially even make the decisions unilaterally.
AI Safety in Compliance
The 2023 AI Safety Summit was a significant milestone in acknowledging the importance of AI. The Summit resulted in 28 countries signing a declaration to continue meetings to address AI risks. The event led to the inauguration of the AI Safety Institute, which will contribute to future research and collaboration to ensure its safety.
Though there are advantages to having an international focus on the AI conversation, the GPT transformer models were the primary focus areas during the Summit. This poses a risk of oversimplifying or confusing the broader AI spectrum for unaccustomed individuals. There is a broad range of AI technologies with hugely varying characteristics. Regulators and others need to understand that complexity. Banks, government agencies, and global companies must exert a thoughtful approach to AI utilisation. They must emphasise its safe, careful, and explainable use when leveraged inside and outside of compliance frameworks.
The Road Ahead
The compliance landscape demands a review of standards for responsible AI use. It is essential to establish best practices and clear objectives to help steer organisations away from hastily assembled AI solutions that compromise accuracy. Accuracy, reliability, and innovation are equally important to mitigate fabrication or potential misinformation.
Within the banking sector, AI is being used to support compliance analysts already struggling with time constraints and growing regulatory responsibilities. AI can significantly aid teams by automating mundane tasks, augmenting decision-making processes, and enhancing fraud detection.
The UK can benefit from the latest opportunity. We should cultivate an innovation ecosystem with is receptive to AI innovation across fintech, regtech, and beyond. Clarity from government and thought leaders on AI tailored to practical implementations in the industry is key. We must also be open to welcoming new graduates from the growing global talent pool for AI to fortify the country’s position in pioneering AI-driven solutions and integrating them seamlessly. Amid industry change, prioritising and backing responsible AI deployment is crucial for the successful ongoing battle against all aspects of financial crime.
Using AI to support positive outcomes in alternative provision
By Fleur Sexton
Fleur Sexton, Deputy Lieutenant West Midlands and CEO of dynamic training provider, PET-Xi, with a reputation for success with the hardest to reach,
discusses using AI to support excluded pupils in alternative provision (AP)
Exclusion from school is often life-changing for the majority of vulnerable and disadvantaged young people who enter alternative provision (AP). Many face a bleak future, with just 4% of excluded pupils achieving a pass in English and maths GCSEs, and 50% becoming ‘not in education, employment or training’ (NEET) post-16.
Often labelled ‘the pipeline to prison’, statistics gathered from prison inmates are undeniably convincing: 42% of prisoners were expelled or permanently excluded from school; 59% truanted; 47% of those entering prison have no school qualifications. With a prison service already in crisis, providing children with the ‘right support, right place, right time’, is not just an ethical response, it makes sound financial sense. Let’s invest in education, rather than incarceration.
‘Persistent disruptive behaviour’ – the most commonly cited reason for temporary or permanent exclusion from mainstream education – often results from unmet or undiagnosed special educational needs (SEN) or social, emotional and mental health (SEMH) needs. These pupils find themselves unable to cope in a mainstream environment, which impacts their mental health and personal wellbeing, and their abilities to engage in a positive way with the curriculum and the challenges of school routine. A multitude of factors all adding to their feelings of frustration and failure.
Between 2021/22 and 2022/23, councils across the country recorded a 61% rise in school exclusions, with overall exclusion figures rising by 50% compared to 2018/19. The latest statistics from the Department for Education (DfE), show pupils with autism in England are nearly three times as likely to be suspended than their neurotypical peers. With 82% of young people in state-funded alternative provision (AP) with identified special educational needs (SEN) and social emotional and mental health (SEMH) needs, for many it is their last chance of gaining an education that is every child’s right.
The Department for Education’s (DfE) SEND and AP Improvement Plan (March 2023).reported, ‘82% of children and young people in state-place funded alternative provision have identified special educational needs (SEN) 2, and it (AP) is increasingly being used to supplement local SEND systems…’
Some pupils on waiting lists for AP placements have access to online lessons or tutors, others are simply at home, and not receiving an education. In oversubscribed AP settings, class sizes have had to be increased to accommodate demand, raising the pupil:teacher ratio, and decreasing the levels of support individuals receive. Other unregulated settings provide questionable educational advantage to attendees.
AI can help redress the balance and help provide effective AP. The first challenge for teachers in AP is to engage these young people back into learning. If the content of the curriculum used holds no relevance for a child already struggling to learn, the task becomes even more difficult. As adults we rarely engage with subjects that do not hold our interest – but often expect children to do so.
Using context that pupils recognise and relate to – making learning integral to the real world and more specifically, to their reality, provides a way in. A persuasive essay about school uniforms, may fire the debate for a successful learner, but it is probably not going to be a hot topic for a child struggling with a chaotic or dysfunctional home life. If that child is dealing with high levels of adversity – being a carer for a relative, keeping the household going, dealing with pressure to join local gangs, being coerced into couriering drugs and weapons around the neighbourhood – school uniform does not hold sway. It has little connection to their life.
Asking the group about the subjects they feel strongly about, or responding to local news stories from their neighbourhoods, and using these to create tasks, will provide a more enticing hook to pique their interest. After all, in many situations, the subject of a task is just the ‘hanger’ for the skills they need to learn – in this case, the elements of creating a persuasive piece, communicating perspectives and points of view.
Using AI, teachers have the capacity to provide this individualised content and personalised instruction and feedback, supporting learners by addressing their needs and ‘scaffolding’ their learning through adaptive teaching.
If the learner is having difficulty grasping a concept – especially an abstract one – AI can quickly produce several relevant analogies to help illustrate and explain. It can also be used to develop interactive learning modules, so the learner has more control and ownership over their learning. When engaged with their learning, pupils begin to build skills, increasing their confidence and commitment.
Identifying and discussing these skills and attitudes towards learning, with the pupil reflecting on how they learn and the ways they learn best, also gives them more agency and autonomy, thinking metacognitively.
Gaps in learning are often the cause of confusion, misunderstandings and misconceptions. If a child has been absent from school they may miss crucial concepts that form the building blocks to more complex ideas later in their school career. Without providing the foundations by filling in these gaps and unravelling the misconceptions, new learning may literally be impossible for them to understand, increasing frustration and feelings of failure. AI can help identify those gaps, scaffold learning and build understanding.
AI is by no means a replacement for teachers or teaching assistants, it is purely additional support. Coupled with approaches that promote engagement with learning, AI can enable these disadvantaged young people to access an education previously denied them.
According to the DfE, ‘All children are entitled to receive a world-class education that allows them to reach their potential and live a fulfilled life, regardless of their background.’ AI can help support the most disadvantaged young people towards gaining the education they deserve, and creating a pathway towards educational and social equity.