The implementation of technology in the banking and financial services sector has accelerated exponentially in recent years. The rapid surge in technological advances has been driven by the rise of the smartphone and ever-increasing customer expectations and regulatory scrutiny, alongside the need to provide greater flexibility and convenience to the end user.
At the same time, this digital revolution has heightened security risks for businesses, with nowhere feeling it more keenly than the finance industry, which deals with vast amounts of customer data and confidential information every day. This perfect storm has created a prime opportunity for channel players to service this burgeoning industry.
The key focus for financial services firms currently is on compliance, security and data sovereignty, as well as the need to evolve their legacy systems and processes, and add new products and technologies. And because of their capabilities, this makes channel companies ideally suited to address their needs.
The rise of AI
One of the biggest growth areas in financial services right now is AI, ranging from personalised customer experiences to risk assessment and fraud detection, particularly given that 85 per cent of senior banking IT professionals say they have a clear strategy for adopting the technology for the development of new services and products, according to the Economist Intelligence Unit.
While the concept of AI may have taken several decades to be fully embraced, now the right infrastructure is in place to support the technology, it’s the optimum time to embrace it.
“It’s the perfect illustration that the time has to be right for some ideas to germinate, while the technology infrastructure has to be at a level to allow the technology to evolve,” said Pravin Vijay, senior solutions engineer, financial services, Zayo Group. “While differentiating between trends and fads is key to the long-term success of organisations within the highly competitive financial services industry, it’s just as important – if not more so – to ensure the foundations have been laid for success before investing.
“Those foundations – namely agile network infrastructure – should be introduced after looking not only at the immediate and short-term gains of investing in a particular trend, but also the benefits it’ll have in the decades to follow. This is where we are with AI now – businesses are enjoying the productivity gains of generative AI, yet too few are looking to optimise their tech stacks to get ahead of the competition and prepare for the undoubted benefits automation and machine learning will provide in the next 15 to 20 years.”
AI brings a host of benefits, including streamlining back-office operations, reducing costs and improving efficiencies and the customer experience. Taken one step further, it can also be used to free up resources that can be used in more strategic roles.
“AI has turned into a hollow marketing buzzword for many sectors, but financial services is an area that can generate some real value out of generative AI today, not just in the distant future,” said Robert Rutherford, CEO at QuoStar.
He added, “This can readily be achieved through chatbots to improve customer service, systems that assess risk in the field of insurance or lending, develop personalised investment strategies and detailed financial plans, or through improvements to security and fraud detection.”
Open banking capabilities
Another key area of demand is APIs. The rise of open banking has increased the take-up of APIs, as mandated under Payment Services Directive Two legislation, which requires payment service providers to implement multi-factor authentication for all proximity and remote transactions carried out on any channel to protect the customer.
It’s a growing space, with approximately half of all B2B payments now conducted over APIs, and looks set to continue on that upward trajectory, given that they provide far greater data insights, more securely compared to the data scraping method used previously. But, while the benefits that APIs bring are clear, they aren’t without their challenges, namely the difficultly in monitoring and governing the technology on a continuous basis.
“Rolling out these APIs has in turn focused attention on the need to securely develop, deploy and manage them, so demand for API protection solutions is growing fast,” said James Sherlow, systems engineering director, EMEA at Cequence Security. “These need to be able to protect the API throughout the entire lifecycle, from ‘shift left’ security testing or preproduction APIs, to a runtime inventory of production APIs and their continuous monitoring to look for indicators of compromise, as well as defence mechanisms to then thwart an attack.”
A key part of API security is educating the market on how to protect their rapidly expanding footprint, said Sherlow. Many companies are unaware of the number of shadow APIs – third-party APIs not known or managed by the organisation using them – they have deployed, meaning that any abuse of them wouldn’t necessarily be noticed.
Even perfectly coded and secure APIs can be compromised through business logic abuse (which uses the functionality of the API against itself) too, while attackers have learnt to fly under the radar when it comes to rate limiting. Therefore, behaviour-based analytics is essential, requiring a mindset shift in terms of detecting and mitigating attacks, said Sherlow.
“Channel partners can offer consultancy in helping financial services to bring all APIs under governance using an API unified protection solution and mitigate the risks in an environment where sensitive data is always in play,” said Sherlow. “In addition, they can help financial providers achieve compliance with rapidly changing standards such as PCI DSS 4.0, which now includes specific provisions for securing APIs.”
There’s also a clamour for tools that can interact with APIs and accelerate the innovation and delivery of new products and services, according to Tristan Shortland, chief innovation officer at Infinity Group. But managing the risk inherent in opening up these systems requires a tailored approach that effectively manages such exposures, particularly around access and data sharing, he said.
“This is where we are seeing increased interest and adoption of adaptable platforms, such as Microsoft Power Platform, that manage and automate these processes,” said Shortland. “For example, a business can automate credit checks or evaluate high-risk customers by securely connecting a bank’s services via APIs, which is all automated by a platform that has a data governance framework in place.”
Mobile and cloud technology
Mobile banking is another area in demand. But despite customers increasingly seeking mobile-only access to services, there’s still much work required in that space, with many having to switch between a desktop and mobile device to access specific functionality, even today.
Cloud technology is also highly sought-after. With many cloud transformations underway or needed, public cloud platforms remain attractive, as do multi-cloud, which mix public and private platforms to achieve the right balance between spend, security and performance.
“Financial services companies have vast amounts of data to continuously manage, with the majority of this data being highly sensitive,” said Charlotte Webb, operations director at Hyve Managed Hosting. “Over the past couple of decades, these companies have turned to the cloud to streamline operations and improve performance, by facilitating effective migration and management of vast IT workloads consisting of mission-critical data.
“Across our financial services customers, the priority when it comes to digitalising processes is clear: efficiency, performance, but, above all, security. A cloud-first mentality enables financial services to discover solutions to individual business challenges on an ongoing basis.”
There has also been a big call for UC platforms, driven by the need for better customer experience delivery, particularly given that speed of response has fallen from an average of 18 seconds in 2010 to 54 seconds, while call centre agent productivity has remained stagnant over the last decade at around 55 per cent, according to the ContactBabel Report 2022. In greatest demand are call capture, business insights and PCI compliant card payment solutions.
Messaging is another growing area of interest. Specifically, there has been a big take-up of WhatsApp for Business messaging, which is becoming an increasingly popular communication tool for banks, lenders and building societies.
“The financial services sector continues to see increasing demands for an outstanding customer experience,” said Tom Rahder, chief marketing and product officer at Esendex. “This covers every potential communications touchpoint and we’ve found that if vendors are not using a communication channel that the customer wants, whatever their age, location or demographic, then the messages are often ignored and become ineffectual.
“The finance sector needs to be attuned to the channels their customers are using. We’re seeing a big uptake in WhatsApp for Business messaging.
“It allows financial services businesses to handle multiple conversations at once and reach customers on a platform they’re already active on, chatting with friends and family and organising events, so it fits in with their everyday lives. Two-way messaging, whether via WhatsApp, SMS or another platform, helps keep customers engaged and ensure meaningful dialogue when it’s convenient for them.”
The PSTN switch-off has also presented an opportunity for service providers to help their finance customers and new infrastructure is needed, according to Lee Broxson, CSO, Jola. It’s particularly important where the matter of privacy is concerned, he said.
“Banks and financial institutions previously used copper lines for cash machines, PDQ machines and phone lines,” said Broxson. “This presents a significant opportunity for the Channel. Private APNs on both 4G and 5G networks are in demand to ensure data security.”
Key challenges
Despite the host of opportunities available for vendors, MSPs, resellers, VARs and distributors to capitalise on, there are also multiple challenges. One such issue is managing the risks around data usage and handling.
“From a security perspective, the volume of risk in the financial sector is daunting at times and requires looking after internal users, clients and customers, validating governance in the supply chain, and so on,” said QuoStar’s Rutherford. “This naturally means that security controls must be continually reviewed, particularly SIEM, SOAR, PAM, PIM, SASE, SD-WAN and most other acronyms you can think of.
“Along with that, there are, of course, significant developments in AI on the security side to assist with risk assessments, endpoint protection, behavioural analysis on platforms, threat intelligence and more – these areas are all very much in play from the technical control perspective.”
As a result of these risks, a high level of compliance is required. That means technology partners must be able to evidence adherence to compliance standards and competencies around information security, such as cyber essentials and other qualifications.
Companies also need to have the right data governance processes in place, all managed by a platform that has an inbuilt data governance framework. For example, ensuring that any connector into a system, such as an API call requesting data, comes from a profile that has the right access permissions.
Accreditation that meets the most rigorous global security and privacy standards is also key. In this vein, Evolve IP achieved ISO 27001 certification – a stringent audit process – across the EMEA region. It has also embraced Service Organisation Control 2 – a cybersecurity compliance framework – to demonstrate its commitment to operate at the highest service and reliability benchmarks, while it carries out ongoing employee security training.
“Educating employees about data security and adopting best practices as part of a culture of accountability can further help mitigate any risks,” said Alex Finn, global partner manager, Evolve IP. “This could be avoiding leaving a laptop open on a train through to more sophisticated solutions. Any holes in the net leave organisations and their customers exposed.”
Esendex has also turned the increased need for security into an opportunity. In particular, it has received greater demand for one-time passwords and two-factor authentication.
“It gives customers assurances that the bank or lender they are working with takes their security seriously too,” said Esendex’s Rahder. “This is a service that vendors and channel partners such as ourselves have moved quickly to adapt and update to meet the demands of more mobile-focused financial transactions.”
Hyve Managed Hosting’s Webb said, “For financial service companies, one of the biggest challenges is in finding a provider that is complying with ever-changing regulations and security standards for the industry. You have to be able to prove that you understand these challenges and can remove the complexity of compliance for the customer, leaving them confident that all data is protected, which, in turn, instils trust in their own customers.
“This element of trust and safety is huge with the financial services sector. As well as making sure data is protected, it’s also really important to ensure high availability of systems and that these systems never go down – mitigating risk, but also feeding into reputation management.
“With cloud hosting, you can demonstrate high availability through eliminating single points of failure to ensure transaction data, customer records and payments go uninterrupted and make sure infrastructure is redundant – so the platform always remains available.”
QuoStar’s Rutherford added, “Channel companies need to live and breathe governance, risk and compliance, both for their clients and, just as importantly, for themselves. You just can’t leave anything to chance in an organisation these days; security and risk need continual evaluation and review.”
Growing competition
Another challenge is the increasingly competitive and commoditised market. This requires companies to differentiate their offering and provide their partners with a solution that makes them stand out through being agile in delivering quick efficiency gains, such as automating and accelerating cumbersome processes, as well as delivering an exemplary level of service.
“The best route to take is the consultative approach and become their trusted advisor, offering personalised guidance that will help them navigate what can be a very complex landscape,” said Finn. “Understand the needs of every customer and try to simplify the process based on the extensive product knowledge you can provide them. In a competitive space, the level of service and knowledge you provide a business is priceless.”
Esendex’s Rahder said, “Now is an ideal time for financial service providers to re-evaluate how they communicate with customers. Mobile-first methods are already indispensable in the sector and have been hugely effective in interacting with audiences. Whether it is through WhatsApp, email or the ubiquitous SMS, the key is to provide customers with the same level of quality service they’ve always been used to, but in an automated environment that can be accessed at a time or place that’s convenient for them.”
Infinity Group’s Shortland added, “Partners that help financial services customers meet their greatest digital transformation challenges, such as overcoming cumbersome legacy systems and process, will deliver the most value. Identifying where the adoption and implementation of tools that secure, accelerate and automate time-consuming processes is crucial, as is delivering quick wins that have minimal impact on day-to-day operations.
“It’s also essential to focus on the key challenges facing the industry, such as evolving regulatory environments. By implementing solutions that enable agility in the face of these challenges, channel organisations will prove themselves invaluable technology partners.”
This market report appeared in our April 2024 print issue. You can read the magazine in full here.