Digital Transformation and the Financial Industry
In part 1 of this 4-part series on Digital Transformation (DX) we discussed what DX is, the benefits, the 4 types of digital transformation and why organizations struggle to implement new technologies. In part 2 we discussed the manufacturing industry and its opportunities and challenges as it evolves through it evolves through the digital transformation. In this blog post we’ll discuss the financial industry, which likely has the most opportunities and risks as banks, hedge funds, exchanges, and broker dealers among others navigate through DX. Further, security is key as financial institutions have the most to lose if they are breached.
Because we here at Hitachi Systems Security exist to protect our clients from data breaches let’s pause for just a moment to consider some of the data breaches of financial institutions over the past few years. The point of this is simply to illustrate how difficult it is to adopt new technology and software, deploy it securely, monitor and protect the systems, and use threat intelligence to bolster defenses on priority systems that store PII.
Data Breaches in the Financial Services Industry
Case studies of victims of breaches include world class financial institutions like JP Morgan, Capital One, Experian, Equifax and more. Why and how were they breached? We won’t get into the details here, but the diversity and sophistication of the attacks is overwhelming if you are an IT security leader in one of these massive organizations. Consider the Equifax breach where 40% of the US was impacted in some way by the exfiltration of credit card numbers, social security numbers, dates of birth and more.
Equifax was breached because they didn’t patch a known vulnerability on a high value system. Ineffective patching processes are one of the top reasons organizations are breached. Let’s look at one more example then we’ll move on. Consider the Capital One breach; a former Amazon Web Services software engineer, Paige A. Thompson, illegally accessed one of the AWS servers storing Capital One's data and stole 100 million credit card applications dating back to 2005.
It didn't take long for the FBI to identify the attacker because Thompson didn't attempt to obfuscate her connection to the event. She used her full name when she posted the stolen data on GitHub and even openly bragged about the breach on social media. Insecure cloud storage and a misconfigured firewall contributed to the security lapse, and both were fairly simple security issues that were missed.
FinTech Adoption, Mobile and IoT has Transformed the Financial Industry
The rise of FinTech companies and solutions like PayPal, Square, Venmo and countless others over the past five years has led to a completely new and transformed financial services landscape. Changing customer expectations, cutthroat competition, increasing regulatory, privacy and security complexity, the pressure to streamline operations, and other factors are driving the push for reinvention and innovation. A new era of open banking has enabled systems to integrate with new platforms and applications quickly and seamlessly. Physical banks and paper systems are quickly being replaced by robust networked digital ecosystems.
Back in 2011, the Federal Reserve estimated that 43% of those in the U.S. with a smartphone were banking on their mobile devices — roughly 58 million people. By 2015, the percentage had crept up to 53%. A milestone was reached in 2018 when Juniper Research reported that the number of global mobile banking users had surpassed those using online banking.
Over the last few years, digital channels have skyrocketed in the banking sector. Now, 71% of all Americans look primarily to online and mobile channels for their banking needs, according to the American Bankers Association (ABA).
These days, news about how COVID-19 has spurred greater adoption of digital banking channels is everywhere. A study by Lightico found that 63% of U.S. consumers said they were more inclined to try a new digital app for banking than they were prior to the pandemic. A similar study by J.D. Power found that almost 60% of consumers planned to use both mobile and online banking options more than they had prior to the pandemic, even after the crisis is over.
Digital Transformation will Impact all Financial Institutions
In this post we’ll leverage Rabin Research Company’s survey of 100 C-Level executives in a wide range of capacities for companies with annual revenues between $250 million and $3 billion in the financial services industry. The value of the survey is to gauge the investment, challenges, and opportunities that these executives are managing as they navigate the new digital landscape
The types of organizations are diverse—from 100-year-old banks and insurance providers to FinTech start-ups started less than a decade ago. Regardless of whether a business was born in the digital era or is now catching up to it, none remain unaffected.
Middle market financial services companies, especially, have a unique challenge: They must learn to navigate the journey without the more robust resources of their larger peers, nor the same level of flexibility and agility as their smaller ones.
Digital transformation is a business imperative across all industries, and financial services is no exception. Nearly all (97 percent) of financial services firms are making digital transformation a priority according to the research. Whether they’re in the process of developing a strategy or already implementing one, more than a fifth list developing a digital transformation strategy as their top digital priority.
The rapidly changing financial services landscape demands that financial institutions adopt technology to serve its customers and streamline operations or simply lose business. One subsector, banking is changing dramatically: for example, while many fundamental banking services including safekeeping, payments, loans, and investments remain the same as they were 100 years ago, how banks manage these activities and transactions and how customers expect to receive them is changing significantly.
In addition, competition within the banking sector has increased with fintech, online-only banks, mortgage specialists and more. Once defined by a few well-known intuitions, the financial services world now consists of thousands of new players spanning all sizes, revenue ranges, and services. The consolidation that was spurred by the 2008 financial crisis created banking behemoths, however, it may not be that bigger is better, and in many cases, can even be a barrier to innovation.
Financial services companies know this—and know they have a lot of catching up to do—compared to other industries. While a majority of survey participants indicated they have a digital transformation strategy, many have yet to implement it.
The Customer has the Most to Gain from the Financial Transformation
Customer experience and engagement has become more than simply customer service. While the customer satisfaction is often defined as a point in time measurement that may include a transaction or interaction with a banker, customer experience refers to a customer’s overall journey from start to finish, including every touchpoint and interaction including those with the financial institution’s technology.
The evolution of banking is evolving quickly when you consider mobile banking, fintech, Apple Pay, and countless other ways to transact. Consider a few decades ago, the idea of having a good customer experience probably meant a good experience at a neighborhood bank or other financial services company. Now it includes anything from being able to access an account from multiple channels, to getting a question immediately answered on a website, the banking app, a chatbot or text from the institution.
And yet, these are antiquated measures—customers will expect increasingly personalized financial services solutions in the future. They will want to manage all their finances—not just one component—in one place, on the devices convenient to them. They will expect nothing less than real-time engagement when they need it. They will value simplicity, efficiency, and transparency. And they will not tolerate even the slightest possibility of a data breach.
Again, according to the survey, improving customer experience is 83 percent of financial executives’ top long-term business goal and one of their top three short-term goals (74 percent). Over a fourth (28 percent) cite poor customer experience as their biggest digital threat—significantly higher than all organizations at 17 percent.
Operational Efficiency will Increase Dramatically for Financial Institutions who Invest in DX Wisely
Optimizing business operations across the supply chain is financial services organizations’ top digital priority (cited by 37 percent) according to the survey. Eighty-two percent also suggested reducing operational inefficiency as one of their top three long-term goals, and 76 percent point to it as one of their top three short-term goals.
One component of streaming operations is updating legacy IT systems, cited by 88 percent as a top goal for next year. Nearly half (49 percent) state that interoperability with legacy technology is their biggest barrier to successfully implementing digital initiatives. A legacy system is an old or outdated system, technology or software application that continues to be used by an organization because it still performs the functions it was initially intended to do. Generally, legacy systems no longer have support and maintenance, and they are limited in terms of growth. However, they cannot easily be replaced.
As a result, financial services companies worry more about their IT infrastructure’s capacity to integrate advanced technologies than those in other industries: The majority (61 percent) cite their IT system as “fair or poor,” compared to 31 percent of all organizations. Only 39 percent say it’s “excellent” or “very good” (vs. 63 percent of all organizations).
Operational Efficiency and Increased Customer Engagement Will Drive Profitability Higher with DX Investment
The benefits of digital transformation, including improved customer experience and operational efficiency, are clear. As a result, most financial services companies anticipate high returns on revenue and profitability from digital transformation—even more than those in other industries. Lower middle market companies, especially, anticipate the greatest increase in revenue and profitability (10 percent or more) over the next three years, and are thus willing to also increase their spending by the same percentage.
Because of the potential profit gains through new revenue streams and expanding customer share of wallet, financial services companies are making significant digital investments. More than half (65 percent) of all financial services organizations plan to increase spending by 10 percent or more (vs. 37 percent for all organizations). Lower middle market firms (83 percent), especially, are planning hefty investments of 10 percent or more.
Consider AI or Artificial Intelligence. Artificial intelligence is allowing financial organizations to build their business advantage by engaging customers with finely tuned offers and actions based on AI insights. Our own Hitachi Vantara helps its customers leverage customer insights by collecting, analyzing, and providing recommendations that gives its clients:
The Challenge of Increase Regulation and Security Requirements are Slowing Adoption
Because of the 2008 financial crisis as well as the fraud that has been perpetrated on the public, think Bernie Madoff, the number and complexity of rules, regulations, and compliance demands put on financial institutions are countless. The number of regulations that have been put in place over the past 15 or so years is again, countless. In addition, the number of federal governing groups keeping watch and the costs of compliance and fines for non-compliance has grown in parallel. Regardless of whether it’s the Financial Crimes Enforcement Network, the Financial Industry Regulatory Authority (FINRA), the Office of the Comptroller of Currency (OCC), or another entity, financial institutions can’t afford to be out of compliance, or they will suffer dramatic consequences.
To navigate this intricate network of demands, financial institutions have no choice but to turn to technology solutions for assistance. One notable field that has emerged as a result is regulation technology, or Regtech. Regtech is the management of regulatory processes within the financial industry through technology. The main functions of Regtech include regulatory monitoring, reporting, and compliance.
Regtech tools seek to monitor transactions that take place online in real-time to identify issues or irregularities in the digital payment sphere. Any outlier is relayed to the financial institution to analyze and determine if fraudulent activity is taking place. Institutions that identify potential threats to financial security early on are able to minimize the risks and costs associated with lost funds and data breaches.
Prioritizing Security and Privacy is Critical to Protecting Sensitive Data
Data privacy and cybersecurity will remain a serious problem for decades to come, as attackers use increasingly sophisticated methods and enter through a greater number of entry points due to the proliferation of technology platforms and IoT devices. Financial services companies have the most PII and sensitive data and thus, are the targets of cyber thieves more often than organizations in other industries. Those that experience a breach will face serious consequences, including the loss of money and reputation, as well as legal claims and sanctions.
In the survey however, less than a fourth (24 percent) of survey participants cite cyberattacks or privacy breaches as their top digital threat; surprisingly, lower than the average for all organizations - 33 percent. The percentage citing cyber concerns as their biggest challenge in moving forward with a new digital initiative is also less than average as well, 15 percent vs. 25 percent.
The survey results are a bit concerning considering the widescale cyberattacks and potential software vulnerabilities in recent years including Log4J, WannaCry, NotPetya, Petya and more. Think about this, In total, the breach cost Equifax $1.14 billion in 2019 alone. Overall, the breach cost Equifax more than $1.7 billion since it was first disclosed in 2017.
To avoid being the next Equifax, financial services companies must focus more on detection and response, shore up internal controls, and implement security awareness training for all employees. The financial sector experiences more phishing attacks than any other industry by far according to research from Upguard. In addition, ransomware and SQL injection attacks and are becoming more successful despite the improvement in security technology.
Conclusion
The digital transformation in the financial and banking industry has been underway for decades starting with the ATM then moving to banking apps for the desktop and now to the prevalence of mobile banking, Fintech, IoT and so much more. And that is just on the consumer side of banking. However, the innovation and the benefits of new technology including AI, customer analytics, automation, new products, and intelligent software are just getting started.
Just consider how mobile banking, for example, can be used as an alternative yet effective marketing channel. Banks can inform their customers about their new offerings like insurance package, new type of savings account, and cashback directly from the mobile banking apps. Banks can also use push notifications to inform users about their new products and offers.
In addition, as we said earlier the emergence of new technologies such as cloud, artificial intelligence (AI)/machine learning, internet of things (IoT), big data, social media, and other operational technologies is increasing dramatically in the financial services industry. This has made it essential for CISO’s and security teams to manage digital transformation risks by augmenting and enhancing IT and cyber risk management functions to support this new paradigm. Yet, most security teams complain that their corporate leaders do not recognize the threat level that insecure digital assets pose to their brand assets. Ponemon’s Digital Transformation and Cyber Risk study indicates that 82% of IT security and C-level executives experienced at least one data breach when implementing new technologies and expanding the supply chain. It is clear that organizations in the banking sector will be challenged to secure the most valuable data available going forward.
