Taming the ‘new wild west’: how biometrics can help the ECB deliver a secure digital euro
Source: Finance Derivative
By Vince Graziani, CEO, IDEX Biometrics
Interest and acceptance of crypto and digital currencies are increasing, with national media, institutional finance, and even government circles discussing how to adopt cryptocurrency technology. China launched the e-CNY in 2021, and the UK parliament has recently launched an All Party Parliamentary Group (APPG) to discuss what role digital assets will play in the UK, where already three million adults are known to own cryptocurrency. The European Central Bank (ECB) has also begun to explore the future of crypto, commissioning a project to investigate the potential of a digital euro.
A two-year investigation, concluding in October 2023, is taking place to determine the feasibility of a central bank digital currency (CBDC) for Europe. It is carrying out a detailed exploration into what a digital euro might look like, how it could be designed and distributed to markets, retailers and the public, and what legislation is required.
Focus groups for the ECB investigation show that consumers want the digital euro to be as flexible as the fiat euro, and to be functional anywhere within the euro zone, as well as online. Instant, easy and contactless payments are also very high on the wish list of functionalities, which follows the decrease in cash purchases observed during the pandemic. Research participants envisage a ‘one-stop solution’: they have a vision for a single device that will reduce the need for multiple cards, mobile phones, and computers, and will also provide access to a range of payment options.
How can a digital euro ensure security?
While there is demand for a convenient digital currency, the commission, and the public also have security concerns surrounding cryptocurrencies. Cyber hacks have impacted the sector since its start. Regulation is also minimal, unlike conventional financial institutions and there is little recourse if something goes wrong.
The second biggest crypto hack in history, with more than $600 million worth of Ethereum currency recently hit the gaming-focused blockchain platform Ronin Network. Initial investigations show that the hack went unnoticed for a week, and it is believed that the hacker accessed the funds through hacked private keys.
This 2022 hack is even bigger than the legendary Mt. Gox cryptocurrency exchange hack which led to the company’s bankruptcy and serious requests to regulate the industry. Whilst regulation is underway, it is still in its infancy. Just this month, Fabio Panetta, a member of the executive board at the ECB, referred to the digital currency rush as the ‘new wild west’.
Although CBDCs are different from cryptocurrencies, governments will have to ensure funds are secure and regulated as they develop a national digital currency. It’s also important that the public has access to digital currency education to ensure that a new national CBDC will be universally welcomed by the public. The security issue must be addressed to give people confidence to use this purely digital money alongside their conventional fiat funds.
In addition, virtually all European countries have aging populations. Elderly as well as other less financially savvy demographics sometimes struggle to adopt new technology. The digital euro, along with any other central bank digital currencies must be inclusive, easy-to-use and secure.
Biometrics are inclusive and easy-to-use
Biometric technology can be leveraged in support of these pre-requisites. Used in conjunction with ‘cold wallet’ crypto storage (in simple terms, this is external currency storage, not connected to the internet), biometric sensor technology can provide high levels of privacy and security by linking the card to the owner through their fingerprint. Biometric fingerprint sensors have long been used on smartphones and are now being used in payment cards by banks – including BNP Paribas and Sweden’s Rocker, as well as for crypto firms. Hence the technology is in place to provide the same levels of security for a digital currency.
A CBDC wallet, through a biometric smart card could act as a bank account with in-built security, which would give millions of previously unbanked, or underbanked people instant access to digital finance and services
The need for privacy
Notably, the ECB consultation highlighted that privacy was considered the most important feature of a digital euro by both citizens and professionals. Given the previous data leaks in the cryptocurrency space, this is understandable. But it could also hold the public back from the full potential of a digital payment solution.
The commission found that when confronted with a specific choice between an offline digital euro focused on privacy or an online one with innovative features and additional services, respondents will generally opt for an offline solution focused on privacy. This indicates a clear need for a stronger, privacy-focused CBDC solution and education to support consumers to make the most of a digital euro.
On enrolment to a biometric wallet, the owner’s fingerprint image is immediately transformed into an abstract biometric template. This is then matched and stored in the secure element of the EMV chip. The owner’s biometric data never leaves the wallet and cannot be subject to a data breach.
A digital currency future
There is little doubt that digital currencies will feature in our future. In this fast-moving environment, where regulation is finally beginning to catch up, the introduction of a digital CBDC euro may be sooner than we think.
Fortunately, tried and tested biometric technology is now available to transform this major transition to digital currency into a secure, inclusive, and user-friendly process. The public’s vision of a ‘one stop payment solution’ could soon be realised by the ECB. The 2023 investigation findings could help tame the ‘wild west’ of payments for good.
Unlocking the Power of Data: Revolutionising Business Success in the Financial Services Sector
Source: Finance Derivative
Suki Dhuphar, Head of EMEA, Tamr
The financial services (FS) sector operates within an immensely data-abundant landscape. But it’s well-known that many organisations in the sector struggle to make data-driven decisions because they lack access to the right data to make decisions at the right time.
As the sector strives for a data-driven approach, companies focus on democratising data, granting non-technical users the ability to work with and leverage data for informed decision-making. However, dirty data, riddled with errors and inconsistencies, can lead to flawed analytics and decision-making. Siloed data across departments like Marketing, Sales, Operations, or R&D exacerbates this issue. Breaking down these barriers is essential for effective data democratisation and achieving accurate insights for decision-making.
An antidote to dirty, disconnected data
Overcoming the challenges presented by dirty, disconnected data is not a new problem. But, there are new solutions – such as shifting strategies to focus on data products – which are proven to deliver great results. But, what is a data product?
Data products are high-quality, accessible datasets that organisations use to solve business challenges. Data products are comprehensive, clean, and continuously updated. They make data tangible to serve specific purposes defined by consumers and provide value because they are easy to find and use. For example, an investment firm can benefit from data products to gain insights into market trends and attract more capital. These offer a scalable solution for connecting alternative data sources, providing accurate and continuously updated views of portfolio companies. Using machine learning (ML) based technology enables the data product to adapt to new data sources, giving a firm’s partners confidence in their investment decisions.
But, before companies can reap the benefits of data products, the development of a robust data product strategy is a must.
Where to begin?
Prior to embarking on a data product strategy, it is imperative to establish clear-cut objectives that align with your organisation’s overarching business goals. Taking an incremental approach enables you to make a real impact against a specific objective – such as streamlining operations to enhance cost efficiency or reshaping business portfolios to drive growth – by starting with a more manageable goal and then building upon it as the use case is proved. For companies that find themselves uncertain about where to begin their move to data products, tackling your customer data is a good place to start for some quick wins to increase the success of the customer experience programmes.
Getting a good grasp on data
Once an objective is in place, it’s time for an organisation to assess its capabilities for executing the data product strategy. To do this, you need to dig into the nitty-gritty details like where the data is, how accurate and complete it is, how often it gets updated, and how well it’s integrated across different departments. This will give a solid grasp of the actual quality of the data and help allocate resources more efficiently. At this stage, you should also think about which stakeholders from across the business from leadership to IT will need to be involved in the process and how.
Once that’s covered, you can start putting together a skilled team and assigning responsibilities to kick-off the creation and management of a comprehensive data platform that spans all relevant departments. This process also helps spot any gaps early on, so you can focus on targeted initiatives.
Identifying the problem you will solve
Now let’s move on to the next step in our data product strategy. Here we need to identify a specific problem or challenge that is commonly faced in your organisation. It’s likely that leaders in different departments, like R&D or procurement, encounter obstacles that hinder their objectives that could be overcome with better insight and information. By defining a clear use case, you will build a real solution to a challenge they are facing rather than a data product for the sake of having data. This will be an impactful case study for your entire organisation to understand the potential benefits of data products and increase appetite for future projects.
Getting buy-in from the business
Once you have identified the problem you want to solve, you need to secure the funding, support, and resources to move the project ahead. To do that, you must present a practical roadmap that shows how you will quickly deliver value. You should also showcase how to improve it over time once the initial use case is proven.
The plan should map how you will measure success effectively with specific indicators (such as KPIs) that are closely tied to business goals. These indicators will give you a benchmark of what success looks like so you can clearly show when you’ve delivered it.
Getting the most out of your data product
Once you’ve got the green light – and the funds – it’s time to put your plan into action by creating a basic version of your data product, also known as a minimum viable data product (MVDP). By starting small and gradually enhancing with each new release you are putting yourself in the best stead to encourage adoption and also (coming back to our iterative approach) help you secure more resources and funding down the line.
To make the most of your data product, it’s essential to tap into the knowledge and experience of business partners as they know how to make the most of the data product and integrate it into existing workflows. Additionally, collecting feedback and using it to improve future releases will bring even more value to end users in the business and, in turn, your customers.
Unlocking the power of data (products)
It’s crucial for companies in FS to make the most of the huge amount of data they have at their disposal. It simply doesn’t make sense to leave this data tapped and not use it to solve real challenges for end users in the business and, in turn, improve the customer experience! By adopting effective strategies for data products, FS organisations can start to maximise the incredible value of their data.
HOW SMALL BUSINESSES CAN FIGHT BACK AGAINST POOR PAYMENT PRACTICES
Source: Finance Derivative
SMEs across the UK are facing a challenging economic environment and late payments pose a severe challenge to maintaining cash flow. Here, Andrea Dunlop, managing director at Access PaySuite, explores the challenges facing small and medium sized businesses, the risks that late payments carry, and what can be done to secure timely payments, in full.
It’s estimated that UK businesses are currently owed more than £23.4bn in outstanding invoices. For all businesses, managing the outward flow of products and services with a steady incoming cash flow is a fine balance – with unexpected disruptions and complications capable of causing catastrophic problems.
Late and delayed payments have been identified as a significant challenge for SMEs – an issue that has scaled over recent years. In fact, in its latest report, the Federation for Small Businesses (FSB) stated that the UK is “almost unique in being a place where it is acceptable to pay small businesses late”.
The FSB also states that this “will remain the case without further action” and, as such, has called for government action to put a stop to these damaging trends.
Small businesses form a vital part of the economic ecosystem – in 2022, it was estimated that 99% of UK businesses were SMEs – so poor payment systems not only present a very real threat for individual businesses, but for the UK economy as a whole.
Despite this strong case for urgent action to be taken, changes to legislation can be a slow process and, in the face of ongoing economic pressure, small businesses need more immediate solutions.
Although businesses are at the liberty of their customers and clients, there are a number of actionable steps SMEs can take to increase the rate of prompt and complete payments.
The impact of late payments for SMEs
Published in Q4 2022, research published by the ICAEW demonstrates that around half of invoices issued by small businesses are paid late.
More often than not, small businesses operate within a chain of regular suppliers and customers. These chains can include multiple business links, stretching across sectors and regions. As a heavily interwoven ecosystem, if one ‘link’ in the chain is damaged by late payments and unreliable cash flow, the delays can quickly escalate and create a domino effect of complications across the whole system.
With a lack of consistent income, SMEs are more likely to be prevented from paying their overheads and suppliers on time.
As late payments add up and push multiple businesses into a negative cash flow, the problem can continue to snowball.
Simply put, extended periods of unreliable and heavily reduced payments put whole supply chains of companies in very dangerous financial positions – especially as running costs remain high.
Combined, the complexities arising from late payments and the vast scale of the issue, demonstrates a clear need for systemic change.
Current government action
At the end of January, the government published a review of the reporting of payment practices first introduced in 2017 .
This review stated that the government is committed to “stamp[ing] out the worst kind of poor payment practices within the business community”.
The 2017 Payment Practices and Performance Regulations require all large UK companies to report publicly on their payment policies, practices and performance, to ensure accountability.
Following its review, a new consultation has been launched, seeking the opinion of business owners on current regulations – asking whether this existing policy should extend beyond its current expiry date, 6 April 2024. This consultation is part of a wider examination of payments in the UK.
Delving into issues including the emotional and psychological impact of late payments on small business owners – as well as analysing how banks and technology can help – the government’s review is a welcome development, but SMEs need to take more immediate action to strengthen their payment processes.
What can SMEs do?
With the government consultation finalising at the end of April, the future of the payment landscape in the UK will soon be made clearer – but what actions can SMEs take to immediately strengthen their payment processes?
For many SMEs, payment systems are low down the list of priorities, and the fear of disruption or additional costs can lead many to turning a blind eye to problems with their existing systems. But, with challenges around cash flow increasing, investing in a flexible and comprehensive payment system could be an incredibly worthwhile investment.
Issuing regular invoices takes a lot of time, and when working across different clients with different payment frequencies invoicing can lead to unnecessary complexities.
Instead, systems that enable customers to set up direct debits ensure payments are completed on a set date, reduce additional paperwork and still allow bespoke schedules for each client or customer to be arranged.
In many SMEs, missed payments can easily get lost in piles of paperwork and human-error can result in problems down the line. When using digital payment systems, should a missed payment occur, automated capabilities ensure the issue is flagged, and any outstanding challenges can be resolved in a timely manner.
With payments and invoicing automatically managed in a centralised database, countless hours that would otherwise be spent on repetitive and laborious administrative work are saved.
As well as reducing the amount of staff time spent managing processes and tracking financial activity, a reliable payment system delivers benefits for customers too, and contributes towards greater service and boosting brand loyalty.
In the coming weeks and months, new government guidance should clarify legislative expectations for businesses regarding payments. But, with smart investment in specialist software solutions, our country’s vital SMEs can take the necessary safeguarding steps to boost payment security and thrive through this tough financial time.
Less than a year until EMIR Refit: how can firms prepare?
Source: Finance Derivative
Leo Labeis, CEO at REGnosys, discusses everything that financial institutions need to know about EMIR Refit and how they can prepare with Digital Regulatory Reporting (DRR).
There is now less than a year until the implementation date for the much-anticipated changes to the European Markets Infrastructure Regulation (EMIR). The amendments, which are set to go live on 29 April 2024, represent an important landmark in establishing a more globally harmonised approach to trade reporting.
Despite the fast-approaching deadline, concerns are growing around the industry’s preparedness, with a recent survey from Novatus Advisory finding that 40% of UK firms have no plans in place for the changes, for instance.
Much of the focus in 2022 was on implementation efforts for the rewrite of the Commodity Futures Trading Commission’s swaps reporting requirements (CFTC Rewrite), which went live on 5 December. Both the CFTC Rewrite and EMIR Refit are part of the same drive to standardise trade reporting globally. While EMIR Refit was originally anticipated to roll out first, implementation suffered from repeated delays to its technical specifications, in particular the new ISO 20022 format. The ISO 20022 mandate was eventually excluded from the first phase of the CFTC Rewrite, hence the earlier go-live date.
In parallel, the Digital Regulatory Reporting (DRR) programme has emerged as a key driving force in helping firms adapt to continually evolving reporting requirements. Having participated in the DRR build-up for their CFTC Rewrite preparations, how can firms leverage these efforts to comply with EMIR Refit in 2024?
The drive to standardise post-trade
To understand the new EMIR requirements, it is important to first look at the two main pillars in the global push to greater reporting harmonisation.
The first is the Committee on Payments & Market Infrastructures and International Organization of Securities Commission’s (CPMI-IOSCO) Critical Data Elements (CDE), which were first published in 2018 to work alongside other common standards including the Unique Product Identifier (UPI) and Unique Trade Identifier (UTI). These provide harmonised definitions of data elements for authorities to use when monitoring over the counter (OTC) derivative transactions, allowing for improved transparency on the contents of the transaction and greater scope for the interchange of data across jurisdictions.
The second is the mandating of ISO 20022 as the internationally recognised format for reporting transaction data. Historically, trade repositories required firms to submit data in a specific format that they determined, before applying their own data transformation for consumption by the regulators. The adoption of ISO 20022 under the new EMIR requirements changes that process by shifting the responsibility from trade repositories to the reporting firm, with the aim of enhancing data quality and consistency by reducing the need for data processing.
Preparing for the new requirements with DRR
DRR is an industry-wide initiative to enable firms to interpret and implement reporting rules consistently and cost-effectively. Under the current process, reporting firms create their own reporting solution, inevitably resulting in inconsistencies and duplication of costs. DRR changes this by allowing market participants to work together to develop a standardised interpretation of the regulation and store it in a digital, openly accessible format.
Importantly, firms which are using the rewritten CFTC rules which have been encoded in DRR will not have to build EMIR Refit from scratch. ISDA estimates that 70% of the requirements are identical across both regulations, meaning firms can leverage their work in each area and adopt a truly global strategy. DRR has already developed a library of CDE rules for the CFTC Rewrite, which can be directly re-applied to EMIR Refit. Even when those rules are applied differently between regimes, the jurisdiction-specific requirements can be encoded as variations on top of the existing CDE rule rather than in silo.
Notably the UPI, having been excluded from the first phase of the CFTC Rewrite roll-out, is mandated for the second phase due in January 2024. DRR will integrate this requirement, as well as others such as ISO 20022, and develop a common solution that can be applied across the CFTC Rewrite and EMIR Refit.
As firms begin their own build, the industry should work together in reviewing, testing and implementing the DRR model. Maintaining the commitment of all DRR participants will strengthen the community-driven approach to building this reporting ‘best practice’ and serve as a template for future collaborative efforts.
Planning for the long-term
Although the recent CFTC Rewrite and next year’s EMIR Refit are centre of focus for many firms, several more G20 regulatory reporting reforms are expected over the next few years. These include rewrites to the Australian Securities and Investments Commission (ASIC), Monetary Authority of Singapore (MAS) and Hong Kong Monetary Authority (HKMA) derivatives reporting regimes, amongst others.
Firms should therefore plan for the entire global regulatory reform agenda rather than prepare for each reform separately. Every dollar invested in reporting and data management will go further precisely because it is going to be spread across jurisdictions, easing budget constraints.
Looking ahead, financial institutions should establish a broad and long-term plan is to learn from their CFTC Rewrite preparation and how DRR can be positioned in their implementation. For example, firms should ask themselves which approach to testing and implementing DRR works best: via their own internal systems or through a third-party? Firms should review what worked well in their CFTC Rewrite implementation and apply successful methods to EMIR Refit. Doing so will enable firms to have a strong foundation for future updates in the years to come.