Fintech companies rely mostly on their rapid adaptability to emergent changes. That is to say that these companies – the likes of Revolut, Monzo, TransferWise, Acorns, Addepar etc, just to name a few – owe their very existence to their ability to meet their ever-changing user’s needs quickly and practically on-the-go.
To be able to deliver these type of new services in mobile banking, lending schemes or financial advice also means less time for developers to build their products. This can signify that there is also a bigger risk that the new services developed, hold some kind of vulnerability and weak points not as secure as they should. “Simply put, given the growth, dynamism, and complexity of the digital financial ecosystem, it is inevitable that some solutions will be insufficiently secure against cyberattacks. And, it’s highly likely that those vulnerabilities will be found and exploited,” said cybersecurity expert John Villasenor to Forbes.
The risks attached to a security breach in financial services can be even more harmful than in any other industry, as it is the user’s money what is at stake. “In addition to causing immediate financial losses,” continued Mr Villasenor, “breaches can undermine longer-term confidence in new solutions, leading to lower adoption rates—particularly among users with less experience engaging with digital services.”
The hectic pace of innovation happening in financial services comes along with more trouble than solutions. Big banks and long-established institutions can’t keep up with new innovative new ideas. Payment systems that can operate across borders, jurisdictions, and currencies without paying fees; mobile banking apps built upon blockchain technology or small endeavors offering low-fees; lending schemes through cryptocurrency; these are just a few of the numerous advancements that banks can’t just catch up with. They imply risks to the institution itself and cybersecurity exposure for their customers. And we haven’t even started to talk about regulations…
Because, actually, regulatory frameworks are the ultimate cybersecurity risk that these Fintech companies – and their users for instance – are exposed to. Traditional banks are under the supervision of National Banks and other regulatory bodies, which are tight and strict. They keep an eye out for their customers if these banks misuse their money or act abusively. On the contrary, most Fintech platforms and companies aren’t, which in the end means less protection for their customers.
Mr Ismael put up a really good example of how self-frameworks actually are critical for Fintech companies in keeping customer’s trust within their products. “In collecting and storing personal information, client-facing Fintech companies have to protect its customers first and foremost.” Mr Ismael continued, “The challenge then is the way they protect this data. Though they’re disrupting traditional financial channels, many of them have adopted bank-level security measures and fine-tuned them for their digital platforms.”
That doesn’t mean that Fintech platforms are operating outside the law. They need, evidently, to be compliant with the country’s regulation in where they are operating, even though if their reach is global. The problem is that regulatory bodies are far slower passing new laws than these Fintech solutions reaching markets, so most of them follow self-regulatory frameworks. Cybersecurity is thus very important for fintech companies.