Connect with us

Business

WHAT SECURITY LESSONS CAN THE WORLD OF TRADITIONAL FINANCE TEACH CRYPTOCURRENCY FIRMS?

Source: Finance Derivative

By Michael Magrath, VP Global Regulations and Standards

Cryptocurrency has had a whirlwind of a year. The growth in popularity of currencies like Bitcoin and Ethereum saw valuations skyrocket, whilst government crackdowns in countries including China and Turkey – and even Tweets by Elon Musk – caused them to fall just as dramatically.

Meanwhile, financial institutions have bought and sold cryptoassets in vast quantities, mainstream consumer payment providers have started offering digital assets to their customers, and Bitcoin has even become legal tender in El Salvador.

However, these exciting developments have been punctuated by regular reports of significant cyberattacks on crypto exchanges and custodians. Research shows that $1.9 billion worth of cryptocurrency was stolen by hackers in 2020. And just last month, hackers successfully targeted Japanese blockchain-based platform Poly Network and extracted more than $600 million in Ethereum and Binance coins, as well as the stablecoin, USD Coin (USDC) tokens.

The crypto regulation challenge

Since the invention of crypto, regulation has lagged behind technological advancements in the space. Nonetheless, crypto continues to edge its way into the financial mainstream. Unlike cryptocurrency firms, banks and other traditional financial institutions are required to comply with complex and demanding security standards. These ensure that they’re equipped with the necessary resources and skills to continually adapt to the rapidly shifting cyber threat landscape.

Despite huge efforts from global regulators and international monetary organisations to effectively build frameworks for the secure, safe exchange and storage of crypto assets, the crypto space remains very underregulated. This can be attributed in part to the breakneck pace of innovation in the industry, which makes it nearly impossible for policymakers to ensure that consumers are protected.

Recently, Gary Gensler, US Securities and Exchange Commission chief, urged crypto trading platforms to register with his organisation on the grounds that many cryptocurrencies qualify as securities. He warned that, for the crypto market to still be relevant in ten years, firms would have to start operating within a public policy framework.

Today, many central banks are now working on releasing their own digital currency. These public currencies referred as Central Bank Digital Currencies (CBDC) will compete with private currencies like bitcoin and others. While this is an ongoing process, industry bodies and governments alike are seeking to establish regulations and guidance to ensure fair competition.

Lessons must be learned

Any technological innovation inevitably carries with it a degree of cyber security risk. Cryptocurrency is no different in this regard. Every new way to trade, store or monetise digital assets opens a new channel for hackers to exploit. It’s like when Apple releases an updated version of its operating system – a stream of security updates inevitably follows, as developers plug potential exploits and vulnerabilities. The difference is that most crypto firms have nowhere near the research and development resources of a major financial institution or tech giant.

All this doesn’t mean that the battle is lost, and crypto firms are condemned to a future of frequent cyberattacks. Instead, there are a series of practical, achievable steps that firms can take to protect themselves. Let’s examine the recent Coinbase hack. Though a disaster for the 68 million users at risk of losing their assets, by traditional finance standards, the cause of the breach was extremely simple – and therefore relatively easy to guard against in future. According to experts, the attack was a “SIM swap”, where hackers compromise victims’ mobile phone numbers and use these to authenticate themselves as a valid account holder.

For many years, SIM swap fraud was a method commonly used by malicious actors to gain access to the bank accounts of unsuspecting consumers. As a result, financial institutions moved away from using text messages as a form of authentication. Utilising text messages for multi-factor authentication (MFA) often puts the onus of protecting customer data on mobile network operators, whose systems are not designed to withstand such attacks. This is the security equivalent of locking the Mona Lisa away in a self-storage unit, rather than the Louvre.

The U.S. Federal Financial Institutions Examination Council (FFIEC) appropriately notes in its updated Guidance Authentication and Access to Financial Institution Services and Systems that not all MFA solutions offer equal usability and security pointing out that “certain MFA factors may be susceptible to ‘Man in the Middle’ (MIM) attacks, such as when a hacker intercepts a one-time security code sent to a customer.”  This is true as NIST uses this example in its Digital Identity Guidelines: Authentication and Lifecycle Management (Special Publication 800-63B). In July 2020, NIST published Special Publication 800-63: Digital Identity Guidelines FAQs reminding readers that SMS-OTP is a “restricted” authenticator.

Instead, most major banks now use Mobile PUSH notifications for MFA, verifying customer identities using a secure mobile app. These apps often employ the latest ID verification technologies – such as AI, biometrics and liveness detection – to ensure that access can only be gained by a genuine account holder. Looking forward, crypto firms urgently need to re-examine their user authentication practices, using these technologies to stem the flow of authentication-based hacks.

Implementing user verification policies

Unlike online banking fraud or card identity theft, it’s extremely difficult for crypto firms to mitigate the effects of a hack. This is because cryptocurrency transactions are irreversible and can only be refunded by the recipient. So, once a hack happens, funds are usually lost forever. This makes preventing hacks from occurring in the first place even more important.

What’s more, crypto networks typically rely on pseudo anonymity, where users are identified only by a string of random letters and numbers known as an address. This makes it very difficult to identify the perpetrators behind a hack and bring them to justice. Plus, since networks are decentralised and trustless, there is no way to identify transactions subsequently made with stolen cryptocurrency.

By contrast, traditional banks have for many years been subjected to stringent Know Your Customer regulations, designed to prevent money laundering. In 2019, the Financial Action Task Force (FATF) adopted strict AML/CTF requirements on Virtual Asset Service Providers (VASPs), which include crypto exchanges.  In its latest draft to revise its 2019 requirements, it states, “regardless of the nature of the relationship or transaction, countries should ensure that VASPs have in place effective procedures to identify and verify, on a risk basis, the identity of a customer, including when establishing business relations with that customer; where VASPs may have suspicions of ML/TF (money laundering/terrorist financing), regardless of any exemption of thresholds; and where they have doubts about the veracity or adequacy of previously obtained identification data.”

There’s no doubt that crypto firms need to take security more seriously. The risks of not doing so are enormous. On the one hand, every successful hack chips away at already shaky consumer trust. On the other, there’s the very real possibility of inspiring the ire of regulators, who have the power to impose draconian regulation that would stifle the growth of this nascent industry.

When it comes to security, crypto firms can learn a lot from their older, more established peers in the world of traditional finance. If they are to build and maintain the credibility needed to become trusted, mainstream providers of financial services, they need to avoid repeating past mistakes made by banks and financial institutions. It’s now up to crypto firms to take advantage of the wealth of security resources available to them.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Business

The Role of Technology in Unifying Africa’s Capital Markets

Source: Finance Derivative

Author – Eugene Tawiah CEO and co-founder of SecondSTAX

  • Can you elaborate on the current state of African capital markets and the challenges they face in terms of fragmentation and accessibility for investors outside their respective jurisdictions?

Despite having some of the best-performing stocks and bonds globally, Africa’s exchanges are largely inaccessible to investors outside the jurisdictions where they are domiciled.

The siloed nature of these exchanges as well as insufficient data on the risk profiles of assets has led to limited access to capital for markets and limited access to high-growth assets for investors.

  • SecondSTAX aims to unify African capital markets through technology. Could you explain how your platform facilitates seamless investment and trading across borders, and what specific technological innovations enable this integration?

We facilitate seamless investment and trading across African borders by leveraging innovative technologies such as our cloud-based smart order management and execution routing system which allows investors to trade across multiple African exchanges with ease. 

Our integration of liquidity partners on our platform has mitigated the risks involved with currency disparities and exchange and has aided us in facilitating a seamless trade environment and also in reducing the impact of currency volatility on our users.

Lastly, our platform provides investors with access to real-time and the latest trading news, emerging research on trends and economic data from reliable local sources. This feature allows investors to make informed decisions by having necessary data accessible on a single platform.

  • Collaboration and integration within African capital markets are crucial for fostering economic growth and development. How does SecondSTAX work with exchanges like the Nigeria Exchange Group, Ghana Stock Exchange, and Nairobi Securities Exchange to promote this collaboration, and what benefits does it bring to investors and issuers? 

Through our collaboration with the Nigeria Exchange Group, Ghana Stock Exchange, and the Nairobi Securities Exchange and the utilization of our portal, we significantly expand our users’ access to high-growth assets, effectively opening up African capital markets to a broader audience of both local and international investors. 

These partnerships not only enhance market liquidity but also foster intra-region trading, ultimately integrating African capital markets. Furthermore, our alliances with the African Securities Exchanges Association and African Development Bank facilitate the seamless movement of investments between exchanges and licensed investment firms, empowering firms to engage in trades beyond their domicile jurisdictions within the African region. 

By offering a centralized database of information, we empower investors to make well-informed decisions about their assets, further strengthening the efficiency and transparency of African capital markets.

  • In what ways do you see SecondSTAX contributing to the promotion of innovative financial solutions for African businesses? Can you provide examples of how your platform supports businesses in accessing capital and expanding their operations?

Our intuitive, cutting-edge cloud-based platform facilitates seamless investment and allows investors to securely buy and sell stocks and bonds across multiple African exchanges with ease. 

We aim to streamline the investment process and enable investors to manage their investments from a single portal, providing functionality for every aspect of the investment lifecycle—from know-your-customer (KYC) verification to account onboarding through to trading and settlement in multiple local currencies.

Our partnerships with renowned brokerage firms such as Kestrel Capital (Kenya), Databank Group (Ghana), and Afrinvest (Nigeria) allow for investments to be made in native currencies thus allowing for an easier pathway to wealth accumulation in Africa. 

Also, our partnerships with multiple exchanges enhance economic growth and investment opportunities in those regions, allowing businesses greater access to more affordable long-term funding from capital markets supporting their growth and increasing market liquidity.

  • With the rapid advancement of technology, what opportunities do you foresee for further enhancing the efficiency and effectiveness of African capital markets? How do you envision SecondSTAX evolving to capitalize on these opportunities?

New technologies serve as an enabler and force multiplier to improve the lives of investors across the globe. This is true for developed countries and is certainly the case for the African continent as well. Artificial (General) Intelligence (AI/AGI) is very relevant to the evolution of the African capital markets, and we are already incorporating it into our platform as a way to synthesize timely trade ideas from the rapidly changing news, detailed research and market trading data available across the various stock and bond exchanges in Africa. 

This will democratize investing, making the African capital markets dramatically more accessible to everyone, from the savvy professional trader through to the novice investor, looking for the opportunity to grow their wealth. 

With 100+ years of combined technology and finance experience deploying complex large-scale systems and having built similar products and services at globally renowned firms, our team of experts at SecondSTAX believes we can create the frameworks that shall be used to turn these unique insights into opportunities for investors to trade more effectively and generate improved investment returns across Africa.

  • One of the goals of SecondSTAX is to attract investments from both African and international investors. How does your platform address concerns about regulatory compliance and investor protection in cross-border transactions?

We partner with well-established licensed brokerage firms with a multi-decade track record of trading and execution excellence within their local capital market jurisdiction, ensuring we efficiently operate and mitigate emerging risks within the regulatory frameworks of the markets we operate in. This also helps us to securely leverage the robust existing market infrastructure for trade facilitation and settlement thereby encouraging trust and credibility with both the regulatory bodies and investors.

  • Looking ahead, what is your vision for the future of African capital markets, and how do you believe SecondSTAX will contribute to realizing this vision? Additionally, what role do you think technology will play in shaping the future landscape of capital markets in Africa?

We hope for a unified African capital market, and in five years, we will be successfully integrated into major African capital markets, and be a trading and execution vendor partner commanding at least 25% of all African capital market transactions into and between these markets. We would also have launched services to support the investment goals of retail investors, facilitating simple transactions for them. We expect that by enabling the shift to a more efficient capital markets ecosystem in Africa, we will reduce the overall cost of funding for projects in both the private sector and the public sector.

The use of technological inputs on our platform will result in a vibrant capital markets ecosystem which should drive growth for all African emerging economies.

Continue Reading

Business

Total Experience in Insurance

Source: Finance Derivative
Author: Monica Hovsepian, Global Industry Strategist for Financial Services, OpenText

While the insurance industry might be undergoing major changes driven by technology, the end goal remains much the same. Improving the customer and employee experience has been the priority for the industry ever since the digital transformation got underway.

Obviously, financial metrics are the true bottom line, as ever in business. But, as ITT President Harold Geneen put it so sagely, ‘in the business world, everyone is paid in two coins: cash and experience. Take the experience first; the cash will come later.’

Geneen was speaking in a different age, when the word ‘experience’ was used in a slightly different way. But his insight is just as important today. Getting digital experiences right – for both customers and employees – is critical to the overall business success of companies within the insurance industry.

McKinsey has highlighted this, reporting that many insurers are struggling to effectively respond to their customers’ demands for a better digital experience. They’re hampered by legacy information systems that are inadequate for modern purposes. On the other side of the counter, those outdated systems are making it hard for insurance employees to do their jobs to the best of their ability; 70% of employees in the sector have more work to do than they have time for.

Eradicating these frustrations is therefore a business-critical priority for insurers going forward. The customer experience (CX) and the employee experience (EX) must be addressed and optimised simultaneously, requiring a focus on balancing back-office optimisation and customer-facing excellence.

As these two facets become increasingly linked, it can be more useful for insurers to think of it in a singular term, approaching the task by building a total experience (TX) business strategy to differentiate themselves in a fiercely competitive and dynamic market.

Transforming the way customer data is managed

McKinsey also has some stats to back up the importance of managing CX effectively in this new digital age: companies that do so typically see a 20% improvement in customer satisfaction, a 15% increase in sales conversion, a 30% lower cost-to-serve and a 30% increase in employee engagement.

Getting to those benefits involves transforming the way you manage your customer data to make it more efficient and agile. At its core, this is about being able to understand your customers better so you can make better business decisions and deliver greater satisfaction. This can be achieved by leveraging modern information platforms to streamline internal systems and bring all important data into a single ‘pane-of-glass’ 360-degree customer view.

The EX component of TX comes in here too, as the kind of technology that achieves that 360-degree view makes things much easier for employees, and gives them readily-available insights they can then use to elevate the experiences they offer to customers, including joined-up interactions and personalised service and engagement.

Finding harmony across the channel mix

Once the foundations of the 360-degree view is in place, insurance companies can begin to build out the seamless experience demanded by customers across the mix of different channels, including websites and applications, over the phone or in-person services.

As an example, modern technology can facilitate self-service tools, to add convenience for customers and decrease the burden on employees, allowing them to focus on delivering more strategic, valuable engagements elsewhere.

To touch on the ongoing topic du jour, there are also many demonstrable use cases for AI in insurance already. Combined with analytics, it can be used to help reduce information overload and optimise customer experiences, by giving support teams with AI-driven intelligence to anticipate the next-best action, next-best offer, and next-best channel to engage customers with.  Furthermore, AI can be utilised to empower employees to engage with customers by writing relevant communications, by summarising claim documentations to expedite decisions.

The Future of Total Experience

As economic turbulence continues, insurers are heavily focused on operational efficiency. As a strategy that harmonises customer experience excellence and streamlined back-end operations, total experience offers more than just another buzzword in the digital age. Gartner states that ‘Improving the customer experience (CX) ranked higher in the survey this year than more strategic focuses, such as growing revenue or new products/services development to support transformation.’

TX can be key to driving success through benefits such as:

  • Building lifetime relationships with customers by providing rich, relevant, and targeted communications across all channels
  • Empowering and engaging employees by ensuring they have the most current and relevant information across critical business systems with a single source of customer truth
  • Making better business decisions by leveraging AI to deliver actionable insights to employees.

Geneen talked about taking the experience first, with the financial success to follow. In today’s new environment of digital insurance, creating the right experience first is what will lead to long-term success. That involves both end customers and the employees that are responsible for serving them. By leveraging technology to offer cohesive and integrated solutions for both employee and customer experiences, insurance companies can ride the wave of change currently washing over the industry and come out the other side on top.

Continue Reading

Business

AI in Investment: A Guide for Asset Managers

Source: Finance derivative

Giacomo Barigazzi ,Co-founder, Axyon AI

In today’s dynamic investment landscape, the race to harness new technologies for a competitive advantage is more fierce than ever. For those in the asset management sector, embracing innovation isn’t just a choice—it’s a necessity to stay ahead in the relentless pursuit of investment opportunities.

The bedrock of investment management has always been grounded in exhaustive research and due diligence. However, the rapid evolution of technology mandates a shift in strategy. Now, it’s critical for leaders in this space to not just familiarise themselves with, but to fully integrate advanced technologies such as artificial intelligence (AI) and machine learning (ML) into their processes.

Exploring the Varieties of AI in Asset Management

It’s essential for asset managers to recognise the specific AI technologies available to them, as this understanding can greatly influence their approach to investment strategy. Broadly speaking, AI in asset management can be categorised into generative and predictive models, each with distinct capabilities and applications.

Generative AI, powered by advanced machine learning techniques, is designed to produce new data that mimic real-world information, such as text, images, and more. This technology is especially useful for creating realistic and diverse datasets, enhancing personalisation, and improving the accessibility of financial services. For asset managers, generative AI can play a crucial role in developing innovative solutions and strategies by generating novel insights and scenarios.

On the other hand, Predictive AI focuses on analysing historical data to forecast future trends and patterns. This aspect of AI is invaluable for asset managers aiming to anticipate market movements and adjust their strategies accordingly. The predictive capabilities of AI provide a strategic edge by enabling more informed decision-making and risk assessment.

For asset managers intent on leveraging AI to enhance their operations, distinguishing between these AI types is a fundamental step. By adopting the appropriate AI technologies, they can significantly improve client outcomes, operational efficiencies, and, ultimately, investment performance.

Creating a personalised client experience

Improved performance is not the only advantage AI brings to asset management; it significantly enhances the client experience by enabling the development of personalised services. For clients, generative AI tools like chatbots and virtual assistants establish a continuous support system that provides instant responses to queries, as well as up-to-date insights on market developments and portfolio adjustments.

A heightened level of personalisation throughout the investment journey ensures clients are not just satisfied but also better informed – a dynamic which undoubtedly fosters greater human relationships in the industry.

Strategic considerations for asset managers

As the widespread adoption of AI in the financial services sector continues to materialise, asset managers face a crucial task in nailing down the right WealthTech solution. It’s not just about adoption; it’s about making strategic choices.

Ultimately, companies expect to see a strong ROI after adopting an AI solution. Only by making a well-informed choice will they see the expected tangible impact of AI in asset management. A lack of due diligence in the procurement process risks introducing a solution that is both ineffective and disruptive.

Integration is key. AI solutions should align seamlessly with existing systems to avoid unwanted disruption to day-to-day operations. Therefore, choosing a provider that is ready to provide extensive training to support a smooth assimilation into operations should also be a priority for management.

There is an element of self-assessment required in the decision-making process. By recognising areas in a firm that require enhancement and understanding the specific value offered by each AI solution, leaders will be best positioned to identify a product that will bring significant improvements in targeted areas.

With a sea of options available in 2024, selecting an AI solution demands thoughtful consideration. Managers need to assess how each aligns with their investment strategy and delivers results. Consulting with experts and analysing case studies from similar businesses equips managers with valuable insights for informed decision-making.

AI as an empowerment tool

While AI will be a revolutionary tool in the asset management industry that will drive efficiency and innovation, it is not intended to replace the human touch. The technology should be viewed as a tool that empowers asset managers to focus on high-value work of greater importance to clients.

AI’s transition from a nascent curiosity to an integral business tool underscores a pivotal shift in industry dynamics. Asset managers who are slow to adopt these technologies risk falling behind in a market that’s increasingly influenced by AI’s capabilities. By contrast, those dedicated to swiftly and responsibly adopting this technology will likely be rewarded with an extra edge in performance.

Continue Reading

Copyright © 2021 Futures Parity.