Actively managing customer trust in the financial services sector, amidst constant and accelerating technological disruption, presents leaders with fresh challenges and new revenue opportunities. Trust has become central to customer experience, and financial services organisations are demonstrating a commitment to trust through their cyber agenda.
Our discussion with a group of country cyber security practice leaders touched on a number of the key questions which are currently being considered by security leaders in financial services.
For instance, the growth of virtual banks is not just a competitive threat to incumbents; it's also forcing the pace in IT infrastructure transformation in order to keep pace with new players.
AI and bots may be revolutionising interactions and transactions, but these must also be kept on a leash, to ensure they are secure and trustworthy, and that they contribute to rather than disrupt the customer experience.
With the Consumer Data Right (CDR) legislation and the introduction of Open Banking in February 2020 we are starting to see changes in consumer banking behaviour. Australians are looking for more seamless and intuitive value-added banking experiences and will demand trust and assurance that their personal data and financial assets are securely managed. At the same time, a growing number of fintechs and ‘challenger banks’ are seeking to capitalise on these developments and disrupt the sector through provision of data rich services.
With everything available as-a-service, financial services organisations must ensure their governance and controls are sufficient to cope with a growing range of partners, particularly when it comes to supplier selection, data security and privacy.
And the roles of risk officers are set to change as cyber policy, risk and compliance moves from the Chief Information Security Officer (CISO) to the Head of Cyber Risk, opening the door for a convergence of fraud and cyber risk.
It's an exciting time to be involved in cyber security in financial services, and we hope the insights in this discussion paper help to further the debate and, more importantly, stimulate innovation in risk management.