Blockchain, globalization, digitization, cybersecurity, fintech, new customer demands, and more. Money 20/20, the largest global financial industry event focused on payments and financial services innovation for connected commerce at the intersection of mobile, retail, marketing services, data and technology, gets underway this weekend (Oct. 23-26). Once again, Protiviti is proud to be an exhibitor sponsor and speaker at the event.
We will be posting daily dispatches from the event’s sessions, starting Sunday, here and on Twitter. Subscribe and follow us for current commentary, insights and reactions from industry experts as the event unfolds.
Financial technology, or fintech, firms are disrupting the financial services industry with their nimble structure and innovative payment, banking and wealth management services. Unburdened by legacy core systems, regulatory scrutiny and complex processes, emerging fintech companies innovate from day one, creating optimal customer experiences that are difficult for traditional financial institutions to match.
New entrants are significantly improving the customer experience in the person-to-person (P2P) payment sector, for example, by allowing transfer of funds with just a couple of taps on a smartphone. Despite the popularity of these payment apps, however, there is growing concern from consumers and regulators that some emerging fintech firms, in their haste to get ahead of their more-established competition, may not have focused enough on security and privacy controls.
We examine this dichotomy in a new Protiviti paper, Balancing Customer Experience with Security and Fraud Controls. But I wanted to whet your appetite with a small example.
A governing dynamic long known to established financial institutions is that success (or failure) brings regulatory scrutiny. The Consumer Financial Protection Bureau (CFPB) sent a strong signal earlier this year when it levied a $100,000 fine against a fintech company for failing to employ reasonable and appropriate measures to protect consumer data from unauthorized access, and for not encrypting some sensitive personal information. While the monetary value of the fine was not significant, it was an overture for other fintech firms to be more mindful of their practices.
This example should serve as a lesson for traditional financial institutions as they seek to partner with emerging fintech companies or emulate some of the more successful practices of these tech-savvy upstarts. The lesson is that innovation needs to be balanced with security, fraud, risk and compliance requirements from the earliest design phases of any technology transformation project.
Control functions such as risk, compliance and security are perceived to have an adversarial relationship with innovators, who sometimes sidestep compliance in favor of speed to market. And yet, it is critical to embed these checks and balances from the earliest planning stages of product design. The key is finding a balance between the two.
Despite their inexperience, emerging fintech companies may have an easier time of this, because of a cultural bias against silos and for collaboration. Traditional financial institutions may need to work harder to break down established mindsets and find security and compliance people who think more like innovators.
That’s really the crux of the matter. As traditional financial institutions seek to transform to answer customer demands around nimble and innovative experiences, it is important for them to remember that the transformation also requires changes to organizational mindset, processes and, of course, technology. A holistic focus on customer experience, with a balanced and integrated (not layered) security and fraud approach, will drive powerful customer relationships. Customers and the security of their transactions are at the heart of the financial services industry and, in that regard at least, established players still have the advantage.