Fintech Finance Magazine Summer 2017 by Fintech Finance

Issue 5

Summer 2017

Smart Engine’s Christian A. Bacher How he's living the e-commerce dream

Copenhagen here we come!

Follow our Fintech Finance whacky racers

GDPR: The BIG issue Is it PPI all over again?

Money 20/20 Europe 2017 SPECIAL

Fintech’s #1 show featuring:

Ashok Vaswani, Nuno Sebastião, Jim Marous, Anne Boden, Simon Schou, Kasper W. Rost, Emmanuel Aidoo, Alison Verlander & Simon Black

PLUS INSIGHTS FROM Barclays ● Feedzai ● Anomali ● RBS ● Santander ● TAS ● DocsCorp Rabobank ● Danske Bank ● TSB ● ClearBank ● AIB ● Matica ● Unity Trust Bank ● SafeCharge

CONTENTS

MONEY 20/20 EUROPE 8

20/20 vision

An insider’s guide to Europe’s largest gathering of fintech gurus

10 Run for your money

The Fintech Finance whacky races get off to a blinding start

12 COVER STORY: One smart operator

Smart Engine’s Christian A. Bacher is living the one-click dream

16 The eagle has landed

Ashok Vaswani takes a giant leap for banking-kind at Barclays

18 The AI utility

Big Data's giving way to an era of Big Insight at Feedzai

20 Judgement day?

Consult Hyperion prepares to face #cardmaggedon

22 Doing it by the book

Accuity weighs up the unintended consequences of regulation

24 Here’s looking at you…

Will 3D facial recognition from OneVision be a gamechanger?

25 A fully fledged bank

Newby Starling has safely launched

26 Shifting sands

Paul Wilson from Multos on why the only certainty is change

28 Till death us do part?

Industry observer Jim Marous on the future of personal banking

30 The Pro Europeans

Transact Pro has post-PSD2 Europe in its sights

32 Time for plan B

Borica is on a mission to transform Bulgaria's economy

34 Holding all the cards

National payment schemes are defying the odds, says Trionis

36 Smoothing the path to PSD2 Simon Black of PPRO is feeling positive about payments

THEFINTECHVIEW

ISSUE #5

SUMMER 2017

Half way through 2017 already and a very warm welcome to the biggest issue yet of Fintech Finance – the Money 20/20 Europe special!

With the region’s largest gathering of fintech geeks and gurus about to take place in Copenhagen, we thought it was a good excuse for the FF team to take a minibreak. And what a city if you’re into serious data crunching! From Denmark’s fair fintech capital we've brought news of companies such as Copenhagen Capacity, Schantz, New Banking, Fintech Copenhagen, CardLab, Calcabis, Danske Bank and CodeSealer. In this issue we also go deep into upcoming regulation, focussing in particular on GDPR. Contributors range from Buck Rogers at the Bank of England to respected observer Jim Marous; RaboBank’s Finbar Hage to Alison Verlander at TSB.

42 A virtuoso performance

We talk cyber data, biometrics, and, of course, Money 20/20 Europe itself, profiling many of the speakers and companies presenting in Copenhagen, including ourselves! The FF team will be there as speakers, sponsors, media partners – and organisers of the first ‘currency’ race across Europe! Ali Paterson | ali@fintech.finance Did you recognise last issue’s ‘spine tingler’:

"If you live for money, no amount will ever satisfy you." – Richie Norton, Author and CEO of Global Consulting Circle

50 Ahead in the Cloud

How Allied Irish Bank is orchestrating customer journeys

Why is Italy’s TAS Group so very API?

52 A single digital market

44 A tiny giant

Wim Mijs is encouraging a new spirit of co-operation between EU banks and fintech start-ups

Charlotte Newby bigs up the opportunity for micropayments

46 Clearing the way

54 Cheers to the mobile wallet!

48 Out of the box

56 Smashing the payments barriers

Entrepreneur Nick Odgen marks a landmark bank launch

MeaWallet raises a glass to its payment platform's global growth

SafeCharge signs, seals and delivers on marketplace solutions

Acapture’s looking for silver linings in PSD2, says Gijs op de Weegh

58 Truth or dare?

RBS’s Richard Crook holds out for the promise of distributed ledger

38 I see no chips…

Vantiv looks beyond EMV to a ‘paymentless’ future

40 Plastic surgery

Personalised and instant-issue cards are transforming the industry, says Matica

Summer 2017

www.fintech.finance |

Talking Technology!

BIGDATA

Sentiment Analytics

Next Best Oﬀer

Customer Segmentation

Customer 360 Channel Journey

CLOUD ANALYTICS

Advanced MOBILITY

SocialMedia PredictiveAnalytics

ArtiﬁcialAnalysis

CONTENTS

72 80 60 Blinking marvellous!

78 Older & wiser

62 Joining the bots

GLOBAL FINTECH HUBS

Why Microblink wants us to open our eyes to OCR

Dorsum’s started a craze… for Botboarding

MONEY 20/20 EUROPE: SPOTLIGHT ON DENMARK 64 A fintech catch

Denmark's Copenhagen Fintech welcomes Britain's digital disruptors

66 In with the old... in with the new! How Danske Bank is melding classic and on-demand banking

68 What’s up, Doc?

Calcabis founder Kasper W. Rost offers some expert advice

70 Gimme five!

Digital security lies in our own hands, says CardLab’s CEO

72 Someone to watch over you Who’s your data guardian? asks CodeSealer’s Tonny Rabjerg

75 Digital Danish... tempted?

Copenhagen Capacity shares the city’s start-up secret

76 The missing link

If Blockchain’s not on your bank’s agenda, you’re missing something, says Christian Visti Larsen

Summer 2017

Schantz puzzles out the paucity of pension advice

80 Rise of the fintech hubs

Who’s up, who’s down in the annual Deloitte global fintech report

82 A hive of industry

B-Hive's digital dating agency is creating quite a buzz a

84 Peace, love and fintech

SWIFT’s Fabian Vandenreydt gives a Zen-like glimpse of a more collaborative future

COMPLIANCE 86 GDPR: build your defences

Alan Calder of IT Governance urges companies to muscle up

88 Transparently compliant Glassbox’s answer to a regulation nightmare

90 A changeable forecast

Santander’s head of regulation takes out his banking barometer…

91 A radical new model

Is FundsDLT as ground-breaking to investment as Ford was to the car?

92 The future-proofed bank

Core values and a new platform puts TSB ahead of the regulation race

94 Fixing the patient: A journey through digitisation The McKinsey & Company team reflect on digitising credit risks

DATA 96 Top Score!

SafetyNet Credit's new spin off AccountScore takes the mystery out of ratings

98 The Good Ship digital

Jamie Armistead considers a fully digital horizon for Bank of the West

100 The power of partnership

Marc Braet believes fintechs and banks are stronger together when it comes to Big Data

102 Data: the new frontier

It helped ‘win the West’, now Wells Fargo is claiming new digital territory

104 I know it’s here somewhere... Are you a data horder? Then it’s time for a clean out if you want to avoid trouble next year, warns John Culkin

106 The data banks

Gold is so yesterday, says Rabobank’s Finbar Hage; the future belongs to data

www.fintech.finance |

200+

c-level speakers

130+

fintechs

120+

exhibitors

45+

countries

2000+

attendees

Save the date parisfintechforum.com

networking

@ParisFinForum

CONTENTS

108 The data crunch

138

Peter Moss of SmartStream RDU on why banks will learn to share

SECURITY 110 Houston, we have a problem Hugh Njemanze of Anomali on the 200-day cyber threat

112 Prevent. Protect. Respond

The Bank of England’s Buck Rogers wants more awareness training

114 It’s getting personal

Ben Mitchell offers advice on upcoming GDPR rules

117 Looking East

Surrey Mui of BNP Paribas reveals the challenges of the Asia-Pacific

118 The power of speech

Clive Summerfield of Aureya on why the customer’s voice really should be your command

118

120 GDPR: A way forward

Fail or thrive in the face of General Data Protection Regulation, says Dr Guy Bunker

TRADING 122 Blockchain: lighting the way Credit Suisse’s Emmanuel Aidoo on how close we are to arrival time

134

CUSTOMER RELATIONSHIP MANAGEMENT 134 Bank as Social

Vayana has conquered connecting enterprise, banks and payments – is social media next?

BRANCH ATMs 124 Helping the cash flow

Ron Delnevo of ATMIA makes the case for retailer-filled machines

136 The human touch

Nationwide Building Society embraces AI with a little help from Silicon Valley

126 Ready to branch out?

138 Are we nearly there?

129 Who are you calling a dinosaur?

140 Next stop on the Metro express

Dominic Hirsch looks at face-to-face options, including the ‘Extreme Teller’!

132 Smart ATMs, smart bank

142 What’s so small about business banking?

PAYMENTS DIRECTOR Doug MacKenzie COMMERICAL DIRECTOR Jason Williams PHOTOGRAPHER Jordan “Dusty” Drew

146 Who needs a data bootcamp?

Phil Cantor takes a flight of fancy to contextual banking Utopia

LAST WORDS 150 When I want your advice... Will Dove settles down with the Fintech Finance essential read... on the rise of the robo-advisors in wealth management

Daryl Wilkinson and Unity Trust Bank on bridging the 'missing middle' and connecting with SMEs

ISSUE #5 SUMMER 2017

FINTECHFINANCE EXECUTIVE EDITOR Ali Paterson EDITOR Sue Scott ART DIRECTOR Chris Swales

INSIGHT

148 Just help me buy and sell!

Martyn Atkinson introduces the high street bank of the future

Clever, cost-effective and customer-centric ATMs… what’s not to love? asks Auriga’s Antonella Comes

Can banking woes be remedied by PSD2? Martin Schorel thinks so

In wake of new data protection rules, Christopher Jehan says training takes priority among financial services companies

Pitney Bowes’ Kieran Kilmartin says there’s still a long way to go to meet GDPR

Xavier Durochat says ignoring the power of the ATM could be a dangerous mistake

144 Testing, testing

FEATURE WRITERS Tracy Fletcher, David Firth, Sean Martin, Oliver Morrison Josh O'Neil, Ritchie Bann, Andrew Sharp, Will Dove, Tori Hywel-Davies

VIDEO TEAM Douglas Mackenzie, James Ellis, Lea Jakobiak VIDEO TEAM Richard Webster, Shaun Routledge, Sam Goddard

Fintech Finance is published by ADVERTAINMENT MEDIA LTD. Advertainment Media Ltd. Riverside Business Centre, Riverside Lawn, Tonbridge Kent, TN9 1EP

IMAGES BY www.thinkstock.com PRINTED BY Webmart Limited www.webmartuk.com

All Rights reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, photocopying or otherwise, without prior permission of the publisher and copyright owner. While every effort has been made to ensure the accuracy of the information in this publication, the publisher accepts no responsibility for errors or omissions. The products and services advertised are those of individual authors and are not necessarily endorsed by or connected with the publisher. The opinions expressed in the articles within this publication are those of individual authors and not necessarily those of the publisher.

Summer 2017

www.fintech.finance |

MONEY 20/20 EUROPE

20/20 vision

Europe’s largest gathering of FinTech and TechFin geeks’ will look beyond finance, to everyday life experiences with the goal of shaping the future of money’ says Pat Patel, Content Director for this year’s Money20/20 in Copenhagen

An eye on the future: Money 20/20 is an opportunity to network, learn and develop

Where would you find the founder of Twitter and Square standing cheek-by-jowl with the heads of global technology giant Samsung and accommodation marketplace phenomenon Airbnb; arch rivals Mastercard and Alipay in tantalising close proximity; and fistfuls of fintech startups rubbing shoulders with the CEOs of major companies of the Western world – plus a fair few beyond it? Answer: this year’s colossal Money20/20 Europe, of course! The 2017 event in Copenhagen brings together every type of stakeholder in the commerce revolution: payments and financial services providers, banks and non-banks, the mobile ecosystem, the retail industry (offline and on), marketing services and data companies, investors, advisory firms and government bodies. Despite its name, the emphasis is not

| www.fintech.finance

on cash – not as we know it at least – but on the multitude of ways consumers and business can, and might in future, spend, manage, save, borrow, share and protect money of whatever currency, even if that’s a crypto one. This year the theme is super heroes – a comic con meets fintech vibe – and among those featured are Twitter’s Jack Dorsey, who also happens to be a Disney board member, who will share the main stage with Samsung SDS’s president and head of solutions business, Dr. Won-Pyo Hong, and Jonathan Larsen from Chinese insurance heavyweight Ping An. Dorsey entered a whole new world last year by launching Square, which is challenging established providers with its cheaper, simpler and faster card payment solutions for small businesses. Won-Pyo Hong has also been busy recently, launching his company’s Nexledger product, a blockchain platform ready to

be deployed to monetise customer loyalty programmes and create seamless user experience for digital identity. As chief innovation officer for Ping An Group, Larson has just overseen the launch of a his company’s $1billion fintech and healthcare startups fund.

Join the conversation Money20/20 content director Pat Patel believes ‘Europe’s largest gathering of fintech and fintech geeks’ will be a bigger hit than ever and a catalyst for dialogue and collaboration. “We’ve been famous for bringing a lot of traditionally siloed communities together and looking beyond financial services to engage with the tech players and e-commerce providers to augment the fintech community,” says Patel. “We involve the banks, the tech giants, retailers and new players in the tech space, the investors, the payments Summer 2017

companies and the new start-ups – the whole value chain – because we believe they will need to collaborate across these verticals to create new propositions.” Patel’s looking forward to welcoming a crowd of industry heavyweights to the floor and encouraging them to be generous in sharing their vision for the future of money and their experience. “Jack Dorsey is one of the most influential entrepreneurs of our generation and he’ll have an inspiring message for the community,” says Patel. “Then, we’ll be bringing together Mastercard and Airbnb on the main stage, to talk about the sharing economy, which is estimated to grow from $1billion to $335billion globally within 10 years. They will be looking at what that means for frictionless commerce, focussing on the trust and data elements that lead to greater personalised experiences. “For the first time on our main stage, we’re also going to have content around digital identity, using the blockchain from Samsung SDS. This will look at the value of what they’ve been developing in Korea and also cover their roadmap for new developments which includes logistics, supply chain and IoT. We’ll also have coverage of Samsung’s connected commerce strategy with insights on the journey to leverage synergies between its various propositions (Connect, Health, Pay, Bixby, Family Hub). “And then there’ll be Ping An Group, of course, looking at its investment strategy in fintech and healthcare tech innovation, so hopefully a few start-ups will be able to get in front of them. Did you know that they have 20,000 developers at their disposal, plus a banking subsidiary and also Lufax, one the largest lending companies in China?” Meanwhile, mobile payments disruptor Alipay’s presence on the agenda for the second year running, makes this event a good precursor to Money20/20 Asia in 2018, when the conference will host its first event in Singapore. “We define the conference and who features on the agenda by looking at who is genuinely shaping the future of money, and there are a lot of exciting things going on in China and the wider Asia region,” says Patel. “What’s happening in my home country of India is really fascinating, with the Summer 2017

Aadhaar system and how this will enable a number of digital propositions to be developed. “I was in the India last year and an Aadhaar rep came to my house with a laptop and the associated biometrics scanner. Within five minutes I was registered. This will allow me to access a whole bunch of financial and non-financial services. To have close to 100 per cent of the population in the database is nothing short of phenomenal,” says Patel. “Last year, and again this year, we’ve brought some of Asia’s big hitters over to the show because what they are doing augments what’s going on in Europe and the US. We can make the linkages and promote cross-fertilisation of ideas and best practise and delve into the nuances and developments.” Money20/20 has a paid attendee model but also relies on an element of sponsorship income, but Patel is keen to stress the integrity of his content choices “Our content topics and speakers are carefully chosen on merit and for their

With the brand new Arena Stage we wanted to create something that was completely different... We have a few crazy things lined up! deep insight on where the industry is heading. Over the past year we’ve had more than 1,000 conversations across multiple industry sectors to gather deep insight in order to make the event relevant for us all.”

Regulation and innovation Patel says the revised Payment Services Directive (PSD2) is creating controversy and confusion in equal measure. “But I think people will walk away from the show with a clear sense of where some of the opportunities are arising, too,” he adds. “There are a number of organisations that will be telling their

story of how they are utilising the benefits of open banking to launch new products or to enter new markets. “We’ll also be looking at how some industries outside of banking have made great advances, designing new propositions that utilise application programming interfaces (APIs). This will really help to give a view of the art of the possible in terms of developing products that leverage a number of data sources. “And then there’s artificial intelligence (AI) or augmented intelligence with some great examples of how this improves customer experiences and adds value. We'll also be looking at blockchain.” The huge growth in corporate venture capital activity in the industry will be explored in detail. “Between 2011 and 2016, the number of global active corporate investors tripled to 965 and total investment in fintech deals involving corporate VC participation increased massively from $300million to £8.5billion,” says Patel. “Our agenda will seek to really understand what value is being achieved.” Following on from the success of its Money20/20 Pitch contest last year, 12 of the hottest early stage companies from across Europe have been selected to take part. The BBVA is also hosting its Open Talent competition for AI and Visa its startup competition. “Lastly, we’ve been developing a new stage, called the Arena, that will showcase some really left field content. It’s where some of the innovation labs will be able to demo the things they’re working on. We wanted to create something that was completely different for innovators and creative gurus who generally don’t get the chance to do this at other events and we have a few crazy things lined up!” His advice for anyone planning to attend Money20/20 for the first time this year is do your homework, learn, network and develop. “Check out the sessions you really want to attend, and the people that you want to connect with. Make full use of the app to prepare, and get involved via our audience interaction tool, Sli.do, which enable a two way dialogue between our speakers and the audience. We all work so hard in our industry, so we also want you to have fun and enjoy the experience we’ve created with you for you.” www.fintech.finance |

MONEY 20/20 EUROPE

Copenhagen: Here we come! The Fintech Finance team is pushing payments to the limit in an extraordinary #money2020race across Europe Got the cards. Check. Got the phone. Check. Got the cash. Check. Armed with these three payment methods, you can get anywhere, right? But what if you had to rely on only one of them? Would you make it 700 miles... across borders, across currencies? That was how this challenge started. Then it got silly – or interesting, depending on your point of view. Eight intrepid travellers set out on the inaugural #money2020race, each with the equivalent of £500 and instructions to get to Copenhagen just as fast as they could. The catch was, they could use only the payment method provided. And while we figured the mobile wallet, contactless card, chip & PIN, and swipe and sign would be widely accepted across Europe, we weren't

sure how far bars of gold bullion, several piggy banks full of Her Majesty’s coinage and a Bitcoin account would go. “It’s never been done before, which is as good a reason as any to try,” says Fintech Finance publisher Alasdair Paterson, “but we are also making a serious point. That when it comes to everyday transactions, consumers should have a choice – and that choice should not be dictated by the seller. It demonstrates there is not one payment to rule them all.” ■ The winner will be announced at Money 20/20 on Monday 23 June.

Name: Giorgi Zinetti Currency: Mobile wallet

Software engineer, fintech nerd, innovation manager, and startup founder, Giorgi works for UBS where he focusses on creating new business models for its wealth management arm. In 2015 he co-founded the bank’s first digital-only offering. Travelling with the help of Spire Payments, he will be relying on his phone for POS payments. But we’ve also given him the option to use Apple or Android pay. “I’m looking forward to being seen as a complete weirdo when I try to pay for my hotel room using my phone,” he says.

| www.fintech.finance

Name: Dave Erasmus Currency: Bitcoin

YouTuber and founder of givey.com, Dave Erasmus will be setting out with the backing of CoinCorner, determined to give cash a run for its money. In the crazy world of Bitcoin, the value of Dave’s dosh could move dramatically either way in the space of a week – he could, of course, end up quids in by the time he reaches Copenhagen.

Summer 2017

Name: Kevin Leslie Currency: JCB Card

Actor Kevin drew the ‘wild card’ in the race – the world's only international payment brand to originate in Japan. Kevin, who is being sponsored by JCB itself, says: “I’m looking forward to the adventure and exploring Europe. I’m not looking forward to getting lost and stranded without means to pay, so I’m just hoping JCB is as widely recognised as Fintech Finance magazine told me!”

Name: Ash Cooper Currency: Gold

Goldmoney is fittingly supporting Ash as he hauls his bullion across Europe. There’s no two-factor authentication with this booty and Ash is concerned as much about his security as his creditworthiness... not to mention his back! “This stuff weighs a tonne,” says Ash, a music producer. “I just hope I get there in one piece.”

Name: Ali Paterson Currency: Contactless

The smart money is on Ali to win this race, but he’ll have to be inventive. Contactless payments are by no means as universal as they are in the UK and where they do feature, there is usually a payment cap. Still, as the Fintech Finance publisher, producer and fintech commentator, we think we can rely on him to blag his way to fincity.

Name: Jordan Drew Currency: Chip & PIN

Fintech Finance head of video production, Jordan was selected as our chip & PIN guinea pig and wasn’t anticipating he’d have any trouble travelling across Europe... we’ll see. “I’m looking forward to seeing the creativity the others use to complete the race!” he says.

Name: Stuart Thomas Currency: Coins

Cash presented us with a weighty issue – how to transport £500 worth of brass? Our original idea was to give Stuart a wheelbarrow of pennies, but he declined and we settled instead for swag bags of various denominations. Stuart, an internationally recognised creative director, says: “I’m just hoping people will take pity on me – but I don’t rate my chances of staying the distance.”

Summer 2017

Name: Misha Jessel-Kenyon Currency: Swipe & sign

Misha, a business manager for Big Rock marketing agency, which represents fintech and financial services firms, is barely old enough to remember swipe and sign, so let’s hope the rest of Europe does! “It will be an interesting challenge,” says Misha, “but I have a feeling I'll be walking most of the way to Copenhagen!”

www.fintech.finance |

Man of infuence: Smart Engineâ&#x20AC;&#x2122;s co-founder Christian Bacher

| www.fintech.finance

Summer 2017

MONEY 20/20 EUROPE

A really Ecommerce nirvana for fintech entrepreneur Christian A. Bacher is a one-click checkout – the point when payment is so painless it becomes a transcendental moment of pure pleasure. That’s what the CEO & Managing Partner of Smart Engine believes it has finally attained

operator Picture the scene: it’s a lazy Saturday afternoon, and you’re settled in front of the TV, catching up on your favourite Australian soap. It cuts to a break, and as you heave yourself up to make a cup of tea an ad comes on for a stylish Swiss watch (helpfully modelled by a certain Formula One driver). The strap’s just gone on yours and you’ve been working hard lately, so you decide to treat yourself. You pull out your phone point the camera at the TV, and click. You’ve just purchased yourself a watch. You forget the cup of tea and sink back into your sofa to get into the second half of Home and Away. Pretty impressive, right? Well, how about this? Two days later you’re strolling down the high street sporting your new Swiss watch. An outfit in the window of your favourite clothing store catches your eye. You phone-scan the mannequin through the window and

Summer 2017

the screen lists the entire outfit, from the cashmere scarf down to the suede brogues. One click and the entire ensemble in your size is on its way to you. The sales assistant looks a little confused as you pop your head through the door and thank them for their help. This technology is already a reality, developed by the visionary team at Smart Engine as part of their Smart Ads solution. Christian A. Bacher, CEO and managing partner, explains the process behind the Austrian company’s offering: “At its core, our Smart Ads technology constitutes a blend of image recognition and deep learning software,” he says. “You can take a picture or record a video stream of an advertisement, be it on a computer, in a magazine, or in a shop window, and our application will instantly recognise the product within the advertisement. Then, in real time, our software will locate the same product in a connected ecommerce store, allowing the user to check out in one click.

www.fintech.finance |

“Obviously, the technology involved is very sophisticated and innovative, although I personally perceive Smart Ads to be even more exciting from a business perspective,” says Bacher. “We’re enabling merchants to close the gap between physical and digital. With Smart Ads, you see a physical product, you capture it on your phone and then you’re immediately redirected to a digital store. In a sense, what we’re doing is adding value to ecommerce by realising the one-click checkout dream,” he says. He believes that the more popular digital payments become, the more we all want to skip the actual payment process. “People no longer want to fill in forms or input credit card details on mobile devices; they want the whole operation to be encapsulated within their use of a wallet,” adds Bacher. “That’s how Smart Ads is helping ecommerce firms to deliver a better customer experience – by disguising the payment process itself to create a real buzz for wallets among consumers.” Being able to idly leaf through a copy of Vogue in a dentist’s waiting room and order an entire spring wardrobe faster than you can say scale and polish is certainly a transformation. However, the true ingenuity of Smart Engine’s latest solution lies in its potential to revolutionise marketing operations worldwide, says Bacher. “The industry is currently jam-packed with advertising hubs promising to deliver real-time marketing solutions to websites. However, what all these providers lack is the input element from the consumer side.”

We’re enabling merchants to close the gap between physical and digital… we’re realising the one-click checkout dream 14

| www.fintech.finance

Summer 2017

MONEY 20/20 EUROPE

The more popular digital payments become - such as those used by Galeria Inno, the more people want to skip the actual payment process Targeted marketing: Smart Engine lets consumers dictate the ads

Photography: www.paulheartfield.com

Dydydydydd opportunity: It's developed apps to run on open standards marketplaces

As a user, they don’t allow you to configure your preferences, nor provide an indication of what sort of advertising you’d be interested in. The best they can do is follow your interests on the internet, and then send out a general piece of marketing to a broad demographic that may or may not be relevant to you. “As a user of Smart Ads, however, you’re continually informing the system of your marketing preferences,” he continues. “You can either directly tell the application what kind of merchants, brands and offers you’re interested in, or you can leave it to accumulate this data autonomously through analysis of your ecommerce shopping habits. Not only this, but each advertising profile is automatically linked to a user’s payment card data, ensuring a high level of marketing consistency and personalisation, no matter where you choose to shop.”

The end of spam...? Smart Engine’s Cloud-based technology has already enabled merchant banks to create point-based loyalty schemes that operate across a network of payment terminals. It’s ushered in a new age of consumer profiling, wherein merchants will know exactly what advertising to send to their customer, as well as where and when to send it. “In short, what it means from a user perspective is you’ll only receive the most relevant, consumer-friendly advertisements and offers,” says Christian. “They’ll be Summer 2017

“All of the companies I’ve mentioned seamlessly integrated into the checkout are introducing their new terminals,” he process and will negate the need for email says. “This trend in terminal technology scanning and all those other marketing data promises open standards, meaning collection strategies that currently blight merchants can download apps from each the lives of merchants and consumers alike. marketplace and run specific value-adding You could say that, with Smart Ads, we’re services within their terminals. turning the tide in the war on spam.” “At Smart Engine, we quickly realised the Unsurprisingly, since unveiling their opportunity for further integration with innovative Smart Ads technology, the team these open standards marketplaces, and at Smart Engine have been inundated have consequently already developed some with partnership offers from point of sale of our own apps to run on them. (POS) solutions providers across the board. “One of our offerings is an out-of-the-box “We’re now partners of Backbase and are loyalty programme, that we hope will offering our services to their customers appeal to SMEs that are struggling to through their marketplace,” says Bacher. develop their own programme from “We also teamed up with AEVI in January scratch. Building a loyalty system is a very 2017 and are bringing Smart Ads to their costly and intense process of acquiring Global Marketplace by integrating with software and securing partners, but by their acclaimed Albert terminal. using our platform “There’s certainly no merchants can instantly shortage of integration Christian A. Bacher offer rewards schemes opportunities for us at the Prior to co-founding Smart for existing and moment; we’re already Engine, Bacher spent 12 potential customers. present in Verifone and years with IBM Europe in Best of all, our loyalty Ingenico’s platforms, the systems integration and programme comes latter covering the majority outsourcing, before pre-integrated with of the European market.” heading up strategic all of our POS and Smart Engine will be projects at Raiffeisen Bank. ecommerce services,” promoting Smart Ads Now one of Austria’s he says. at Money 20/20 Europe Top 30 Fintech Influencers, “We don’t like to boast, in Copenhagen this year, his company picked up but we’re starting to feel and Christian feels that three awards last year we deserve our place in POS terminal integrations and is rapidly expanding the Top 100 European could be one of the beyond Europe. Fintech Award 2016.” conference’s hottest topics. www.fintech.finance |

MONEY 20/20 EUROPE

The eagle has landed Barclays UK boss Ashok Vaswani is taking one giant step for banking-kind with his Digital Eagles and addressing an altogether different kind of ‘legacy’ There’s a famous saying about cats and mice and what happens if you don’t focus on the job in hand that must resonate with many banking stalwarts. They are still running to catch up with their fleet-of-foot fintech rivals as technological advances in other sectors cause a dramatic shift in the kind of service consumers expect from their financial service providers. Ashok Vaswani, who took over as the CEO of Barclays UK in 2012, is determined this is one cat that won't be outwitted. Recognising that – who’d have thought it? – the mobile phone is now the bellwether of consumer behaviour, ‘his Barclays’ is successfully blending very non-traditional digital banking platforms with the kind of benevolent values associated with a bygone banking era. It was an era in which banks were respected custodians of not just a community’s cash but its social capital, too. He is gradually positioning Barclays as an organisation that embraces ‘social learning’ through concepts such as open banking and collaboration, and offers support to everyone, from entrepreneurs to elderly technophobes. He’s resisting the temptation to lay the blame for not delighting customers at the feet of the legacy issues that banks like Barclays face. Instead, he’s trying to beat the fintechs by going where they can’t. He wants Barclays to create a positive new era of banking based on trust and respect, which is supported by a brand, presence and infrastructure that its juvenile rivals just can’t achieve. “The financial services industry is going through a significant amount of change. It is very exciting. Scary as well, but for the most part exciting,” he says. “It all starts with the customer. The way they are living their lives today has

| www.fintech.finance

completely changed with the penetration of the smartphone. Today’s customer expects to do all things financial in the same way that they do everything else in their lives. As an industry we have to keep up with that and create customer experiences that are instant, easy and transparent,” Vaswani says. Nowhere is that more apparent than in the adoption of mobile technology. “We’ve seen the number of customers going digital increasing rapidly, but with mobile it’s even faster,” he adds. So, rather than build different architectures around them, Barclays adopts a one-landscape approach. “We treat all of digital the same,” says Vaswani. “We build responsive platforms once on a multichannel architecture, so that they work on mobile and web as well as in-branch and via ATM. The different interfaces look almost identical and contain the same information, and our

You build back trust and reputation in multiple areas. If a company isn’t solving real societal problems, why does it even exist? customer service staff are trained to move seamlessly between them. This is great for the customer because they don’t have to change the way they do things, depending on which channel they are interacting with.” Digital is only as good as the customer service that underpins it for Vaswani. The

nephew of a hotel manager in Bombay, where he worked the summers as a kid, he grew up knowing good, old-fashioned customer service when he saw it. “We know that customer interactions kind of break into two. There’s stuff that the customer just wants to be automated and instant, such as routine transactions like paying their credit card bill or withdrawing cash. Then there are transactions where the customer wants personal interaction,” he continues. “Banks need to have people. Whether that’s on the phone, on video or in a branch, customers want to have a conversation with human beings. “This is why, wherever we’ve put machines in our branches, we’ve made sure that we have enough people to enable our customers to have a conversation around something else if they need to.” While that’s a big customer-centric tick in the box that smaller, totally digital companies can’t beat, it’s not perhaps the most significant. Not content to re-gain ground lost to them after the global banking crisis, under Vaswani’s leadership Barclays is intent on rediscovering the industry’s strong sense of corporate social responsibility – by giving back to the tangible communities in which it operates for the future good. “You build back trust and reputation in multiple areas,” says Vaswani. “One, by being open for business and lending to SMEs and large corporates. The second fundamental is solving real societal problems, because if any company doesn’t do that, why does it even exist?”

Summer 2017

Investing in the future Barclays’ social mission centres on acting as a catalyst for progress. “For us it’s about taking all areas of society forward. For kids, this involves using our branches in order to teach them coding. For young adults going from school to work, we’ve got a LifeSkills programme that has reached 4.2 million young children. We have the Digital Eagles programme in our branches, where anybody can get help with anything digital. We also use technology to empower people and make them more independent – from helping small businesses to leverage social media, to helping large companies make sure they can take advantage of information to move their businesses forward.” In a new banking environment where regulation is powerful and potentially crippling, Vaswani believes banks shouldn’t comply and complain, but be motivated for the right reasons. “Don’t do regulation because you have to; do it for the customer’s sake,” he says. “Every morning when I get up and go to work, my goal is to do something right by the customer. The same is true for everybody in my organisation. If I’m committed to getting it right by the customer, and the regulator wants me to get it right by the customer, where is the ray of light between what the regulator thinks and I think?” he continues. “And if the regulator outthinks me, or is smarter than me, shame on me. I should in fact be smarter than the regulator. We must continuously strive to up our game, understand our customers better, take care of them and meet their financial needs.” ‘Upping their game’ involves Barclays experimenting in the technological spaces where consumers are increasingly interacting – from artificial intelligence (AI) to voice platforms like Alexa and Siri and the Internet of Things. That means investigating, among other things, the

Summer 2017

blockchain security and data management technology that will be needed to support such progress. “We’ve set up the largest fintech hub in Europe in London,” says Vaswani. “And 11 Eagle Labs across the country, where people in the community can come and experiment with a whole bunch of stuff. “We want to create an open innovation environment because, clearly, we are not going to have all the best ideas, or do everything ourselves. We are looking to partner and learn. At some stage, we will hit upon that solution which really powers it forward and we’ll be ready to go.”

Keeping an ‘open’ mind At Money 20/20 Europe, where the bank has a strong presence in 2017, Barclays will be leading the conversation about open data and open banking. “We’ve got a lot to talk about and areas we’d like to explore more,” says Vaswani. But this ‘sexier’ side of banking is balanced against simple solutions that just make customers’ lives easier and reduce complaints. “Taking a small but significant example,” says Vaswani. “How many times have you gone out spending, looked at your mobile phone to check your balance, but then tried to withdraw that sum of money and not been able to? The reason that happens is that transactions don’t always get posted immediately and this

Brave new finance world: Barclays wants to leave it better than it found it

creates a lot of customer angst. So, we’ve introduced something called pending payments, which allows customers to see the transaction the minute it’s done, even if it’s not debited to their account. “The way customers have taken to this is unbelievable. We used to get so many calls from customers who couldn’t reconcile things, but pending payments has changed that.

If the regulator outthinks me, or is smarter than me, then shame on me… Don’t do regulation because you have to; do it for the customer’s sake “At the other end of the spectrum, we’ve got these 18,000 Digital Eagles who, every single day, are helping our customers in amazing ways, like the 103-year-old person who walked into one of our branches because they’d been given an iPad by their grandkids and didn’t have a clue how to use it. Our Digital Eagles set it up for them. “For small businesses, we’ve created an online portal that allows them to not only monitor cash flow, but select apps that are relevant to their business and manage their entire business via the Barclays portal.” Creating a brave new banking world of convenience, equality of opportunity and social responsibility could be seen as an act of shrewd business or awesome humility. Either way, it’s working. Barclays UK first quarter results in 2017 showed income in its personal banking, Barclaycard Consumer UK and wealth, entrepreneurs and business banking divisions was all up. As Vaswani says of the new era of banking: “This time around, we are committed to leaving no one behind and taking everybody forward.”

www.fintech.finance |

MONEY 20/20 EUROPE

The dawn of AI like running water As we harness the power of artificial intelligence, the era of Big Data is giving way to the era of Big Insight as Nuno Sebastião, CEO of Feedzai, explains Today we’re welcoming a new kind of artificial intelligence (AI). It’s not AI as green lines of code, or textbook theories, or the Terminator. In fact, it’s something even more exciting: AI as a utility. The last time we introduced a new utility was two and a half years ago. That’s when President Obama called on the Federal Communications Commission (FCC) in the United States to classify broadband internet as a public utility. He said: “For most Americans, the internet has become an essential part of everyday communications and everyday life.” A few months later, the FCC agreed. The internet joined a small and essential list. It’s a list you know well: gas, electricity, running water. Being a utility means something is essential. It also means something more than that. It means something is distributed. Distribution of these essential goods means we can live our lives. It means society can function. I believe this list of utilities is about to grow, like the periodic table gaining a new element. This is happening just in time, because somewhere in the digital growth spurt of the last couple of decades, things have gone terribly wrong. Stealing isn’t new, but the way criminals steal is. When money was more tangible, security was tangible, too. When the ancient Chinese started using money in the 10th century, they used paper from mulberry trees.

Armed guards watched over the mulberry forests to prevent counterfeiting, which was punishable by death. A thousand years later, commerce has become more complex. Armed guards no longer make for a good security strategy, because now money exists as ones and zeros transmitted across cell towers and satellites. We’ve migrated our economy to a digital infrastructure and that infrastructure is vulnerable.

The rule breakers Today we have an epidemic of data breaches that are creating mountains of stolen information and feeding a thriving black market, which is an economy in itself. Most of these data breaches begin with a vulnerability that’s hiding in plain sight, in the form of fixed rules. These rules are no match for human creativity. A human can think of a hundred rules, then a thousand, and maybe ten thousand. It won’t matter. The fraudster will find the ten thousand and first rule, the rule that was never written. And that’s their back door. Two years ago, 110 million people had their data stolen from the computer network at Target. You already knew that. But did you know that the hackers came in through the air conditioning? Fazio Mechanical is the heating, ventilation and air conditioning company that helps Target keep its food

Organisations becoming PSD2-ready face a great unknown, and as we’ve seen, our best tool for the unknown is artificial intelligence

| www.fintech.finance

and drinks cold. One day, an employee of this small vendor acted on a phishing email. Hackers got their login. From there, it was a matter of ‘hackineering’ up into Target’s servers and down into Target’s point of sale (POS) systems. This breach cost the retailer $116million in settlement money. It cost the CEO his job. The next quarter, Target’s stock dropped by 40 per cent and all because of the simple fact that if a human thinks of a Summer 2017

Ready for 2018: Feedzai will be talking PSD2 and you at Money 20/20

rule, then another human can think how to break it. There’s another problem. Today’s consumer experiences are instantaneous, which means fraud is, too. Breaking into the digital mulberry forest to cut down a money tree is something that happens in milliseconds. The money at stake is not measured in the millions, or even the billions. One study that measured the loss that humanity suffers to fraud every year, made it $3.5trillion. If fraud were a country, its GDP would be similar to that of Germany. And today, organisations face Summer 2017

increasing uncertainty as regulations and directives drive shifts in payments, whether it’s the shift to Europay, Mastercard and Visa (EMV) or the approach to the European Union’s second Payment Services Directive (PSD2). As financial institutions scramble to become PSD2-ready in 2018, emerging payment methods will compete with legacy methods and organisations have the opportunity to build more connected experiences for customers. But with this directive comes a great unknown. PSD2 introduces more doorways for third parties and customers to enter and exit the payment ecosystem, introducing more entry points for criminals as well. And as we’ve seen, the best tool for navigating the unknown is artificial intelligence, because machine learning techniques can keep pace with uncertainty and emerging criminal threats in a way that humans on their own cannot. Enter AI. As a utility, AI can only happen because of the very recent convergence of five distinct threads of technology: affordable parallel computing; faster processors; better data storage; big data and better algorithms. Add up all of these and you have a quiet revolution. The end result will be a complete restructuring of the world’s digital infrastructure. Last year, Google migrated its search platform from a rules-based system to a machine learning-based system. Every major industry is slowly following suit, and this migration of our global financial infrastructure to machine learning systems is creating a revolution. The last time we had a revolution, it was industrial. To participate, you needed to amass capital and huge physical resources. But today, with a relatively small amount of money and access to off-the-shelf technology, you can upend existing capital-intensive industries in ways that were unthinkable before. Companies like Feedzai are pioneering the use of AI for risk management, leveraging the power of machine learning to detect patterns and safeguard commerce. We’re able to compete against legacy systems because of the power of our code. This is the pattern of the future. Code overthrowing capital. Small beating big. The last revolution resounded with the clanking of steel, this one with a whoosh. Like water flowing through the pipes. www.fintech.finance |

MONEY 20/20 EUROPE

Judgement day? According to digital scriptures, the mobile wallet was prophesied to wipe cards off the face of the earth at #cardmaggedon... then Mastercard had a revelation. David Birch, Director of Innovation at Consult Hyperion, says the battle isn’t over yet A payment scheme isn’t just a data switch that connects consumers, banks, merchants and retailers. If it was, there wouldn’t be any, because we’d all just use the internet instead. There are rules that need to be in place to make a scheme work in the mass market, to protect the participants and to fairly distribute liabilities. Hence, when I saw this interesting comment about the opening up of the European payments marketplace under the revised Payment Services Directive (PSD2) in a discussion about Google wallet at the recent Google I/O conference, I did think that it perhaps

| www.fintech.finance

underestimates what it takes to create a new consumer payment scheme: “Once Google’s able to go direct to accounts they will cut out the card companies and, to some extent, the banks.” This resonated with a story that I heard last year and mentioned to a few Consult Hyperion clients in seminars and workshops. A friend of mine was on a study tour of the US during which he visited a number of different technology companies as well as a number of different technology users in a group of related industries. He told me that the whole time he was in the US, the only people who had

asked him about PSD2 came from Facebook and Google. Not from banks, not from retailers, not from payment processors and not from card issuers. Yet, as I think comes over in our recent webinar on threats and opportunities, PSD2 is a fundamental driver for all of their strategies for the foreseeable future. When my friend came back from California with his tale of PSD2 indifference, I remember thinking at the time that it might be an indication that not all of the participants in the payments marketplace had fully evolved their open banking strategies. Hence, I explained to him that as Summer 2017

#Cardmaggedon: But payment schemes ‘won't just do nothing’

PSD2 was going to completely change the way in which consumer data is managed by banks, it was natural that banks had no strategy for dealing with it, whereas people who sell consumer data for a living (e.g. Facebook and Google) would undoubtedly have already created and explored a number of different scenarios and set a strategy to exploit the changes. Is that rather dramatic Google comment justified though? Is it right that once the

banks are required to open up their application programming interfaces (APIs), and are forced to allow third parties to obtain account information, instruct payments and obtain confirmation of available funds, those third parties will ‘cut out the card companies’? In other words, is open access bad news for (to choose the obvious examples) Visa and Mastercard? Well, that depends. I remember answering this question a couple of years ago at a conference by saying that if the people that Consult Hyperion were working for at Visa and Mastercard were stupid, then it was a threat. But since the people that we were working for at Visa and Mastercard were not at all stupid and could read the newspapers just as well as we could, I thought that on balance the new infrastructure would present an opportunity. At the time, of course, I couldn’t have foreseen that Mastercard would step up to the plate and pay $1billion for VocaLink so quickly, thus ratifying my conclusion! Somehow this takeover didn’t make the news headlines but, mark my words, it was one of the most significant events in the evolution of the UK payments industry since Reg Varney got a tenner out of that first ATM in Enfield half a century ago. It’s a significant milestone on the road to #cardmaggedon, and it’s not only me who thinks this. The network itself, the technological component of a scheme (the interfaces and switches and connections), is easily replicated, but the non-technological components (the 3Rs of rules, rights and relationships) are much harder to create and manage. This is where Visa and Mastercard have half a century on the competition. I saw this view echoed in a recent article on the Payments Cards & Mobile1 news hub: “It is felt that as the distinction between cards and other forms of payments (e.g. credit transfers) breaks down, the management

Merchants want value-added services… As the cost of payments heads toward zero, nodes in the value chain will have to provide those value-added services or be bypassed Summer 2017

experience of card schemes positions them well to extend into these other payment methods rather than being replaced by them.” What it comes down to is that sending money from account to account over instant payment rails is ultimately cheaper, quicker and simpler than messing around with 16-digit PANs, authorisation networks and settlement files. As many industry observers have pointed out, in the long run the ‘push’ payments will win. However, sending the money around is only a very small part of a real-world, mass-market, effective payment infrastructure. The rules, rights and relationships may well be simpler than in the world of the 16-digit PAN but they still have to be there. Someone still has to set the messaging standards, define the format of the associated data, draw up merchant agreements and so on. At the excellent Merchant Payment Ecosystems conference in Berlin earlier this year, I chaired a terrific panel session that touched on this issue. The key concept that came out of this discussion, that the traditional merchant acquirer will transmute into a merchant service provider (MSP), fits within this narrative. I can see that merchants want value-added services, a great many of which depend on collecting and analysing large quantities of data, rather than just cost-plus-payment processing. What’s more, as the cost of payments heads toward zero, nodes in the value chain will have to provide those value-added services or be bypassed. So, will Visa and Mastercard be bypassed by open banking? If they do nothing, then yes. Facebook, Google, Amazon, Alipay and others will simply go direct to consumer payment accounts via APIs and payments will begin to drift away from the 8,583 rails put in place over many years. But they won’t do nothing. ■ David Birch is an internationally recognised thought leader in digital identity and digital money. He will be speaking at Money 20/20 Europe where one of the main topics for the Consult Hyperion team will be the demands made by PSD2 on identity infrastructure.

European domestic payment schemes shifting focus to new digital payments services – Payments Cards & Mobile http://www.paymentscardsand

www.fintech.finance |

MONEY 20/20 EUROPE

Financial routing: Is risk on the rise?

Doing it by the book “Sooner or later, everyone sits down to a banquet of consequences,” Robert Louis Stephenson once wrote, and when it comes to reform of financial systems it seems that banquet is now repeating on us.

Will an unintended consequence of regulation be a dangerous, two-tier global financial payments system? asks Bob McKay, EVP for Accuity, the data firm behind Bankers Almanac

The strain that ever-more-stringeant regulation is putting on the global financial services marketplace is in itself creating a creeping threat to economies through a significant drop in global correspondent banking relationships, linked to de-risking by the world’s ‘premier league’ banks. This, warns global financial data super power Accuity, has the potential to significantly increase financial crime and threaten world security by removing many of the checks and balances that established banks have traditionally brought to international payments. At the same time, local businesses are potentially left without an important bridge to the international financial community. In a recent statement, Henry Balani, Accuity’s global head of strategic affairs, pointed out the irony of regulation designed to protect the global financial

system ‘having an opposite effect’ and forcing whole regions outside of its scope. “Allowing de-risking to continue unfettered is like living in a world where some airports don’t have the same levels of security screening – before long, the consequences will be disastrous for everyone,” he warned.

| www.fintech.finance

Failed relationships According to research released in May 2017 by the firm, between 2009 and last year, correspondent banking relationships, where one financial institution provides services on behalf of another in a different location to facilitate cross-border payments, have reduced globally by 25 per cent. This comes despite the fact that global GDP per capita grew during the same period. The exception is China, which witnessed its highest growth in correspondent banking relationships over the same period.

“The expansion of some regulatory pressures, not just around financial crime but also capital adequacy and, perhaps, tax recovery and the new European Payment Services Directive, is having an impact on financial institutions,” confirms Bob McKay, EVP for Accuity. “Meeting those regulations is forcing some to change quite dramatically and others to perhaps even exit some lines of business. “De-risking is an aspect we’re acutely paying attention to, because it changes the landscape of participants, certainly within a payment chain. Inherently, the reduction in supply of payment-related services, especially for global transactions through traditional players, could force these volumes into less practised institutions, where the rigour around financial compliance, particularly around anti-money laundering (AML) and sanctions compliance could be less robust. Summer 2017

“You then have to ask, does that inherently create the possibility for elicit behaviours?” says McKay. “Because, obviously, criminals find the weakest points within chains and try to exploit them.” Financial technology innovations, such as blockchain, could attenuate that risk, of course. But there’s a limit to what the biggest players can do on their own, says McKay. “We’re certainly seeing the strains within the industry,” he adds. “Many financial institutions are having to make practical choices about how they apply any available capital to innovation projects and, in some cases, there’s a diminished amount of capital that they can apply to it. “I think there is an opportunity in this to let the fintech firms become the innovators for the sector, in close partnership with the banks.”

A regulatory shakedown Owned by RELX Group, one of the world’s leading business-to-business data and content providers, Accuity holds information on more than 125,000 US financial institutions and 750,000 global institutions, positioning it as a leading player in global financial crime compliance, payments and know your customer (KYC) solutions. Well-known for the internationally trusted Bankers Almanac solutions, it provides the essential information for accurately routing cross-border payments and streamlining counterparty KYC intelligence. One fruit that might fall out of the tree currently being shaken by regulation, is an increased demand for Bankers Almanac by smaller players and new entrants to the global transactions market. “Cross-border transactions are on the rise, driven by all sorts of market factors. Buyers will increasingly take goods and services from suppliers that aren’t just around the corner,” says McKay. “Supply chains and distribution channels are globalising, so the financial services firms that support that commerce, or that supply chain extension, need to make sure they have an appropriate reach. “There’s a complexity, though, with global transactions that needs to be better appreciated. Within the financial services space, there are more than 40,000 banking institutions where accounts are held that are managed by more than 900,000 physical branch locations throughout the world. The movement of money through Summer 2017

global transactions, across the various currencies, involves a number of participants – intermediaries and correspondents that play a part in originating a payment, orchestrating foreign exchange and other activities, and ultimately ensuring that the money arrives in the beneficiary’s bank account. Where Bankers Almanac comes into play is acting as the universal source of technology-driven information services, to facilitate all of those processes.” So, just what level of intelligence is necessary to protect the legitimacy of worldwide financial transactions? “Bankers Almanac covers issues such as: ‘how can these payments be affected in a way that reduces the likelihood of transactions being failed and returned, or stalled because of incompleteness?’; ‘how well does your institution understand the organisations, including the banks, that are

Regulation is forcing some financial institutions to change and even exit some lines of business. De-risking is an aspect we’re accutely paying attention to because it changes the landscape participating in these transactions?’; and ‘what level of KYC might they need to perform on the various participants?’ “Not having the right understanding could raise the risk of organisations violating regulation or even breaking the law. “There are ways in which all of these transactions can be routed and some are more expedient, or less expensive, than others. Sometimes that’s not obvious unless you go through a robust set of information, such as Bankers Almanac can provide.” Such information can also be a powerful tool for helping institutions anticipate regulation around, for example, KYC.

McKay continues: “There are a couple of different facets to KYC. At the transaction level, there are movements of money from an originator, or an ordering party, to an entity that’s receiving the money – a beneficiary party. Obviously, the institutions need to perform a level of KYC and ask themselves how well they know a particular customer, whether a retail or a corporate one. “For a corporate customer, they need to understand who the owners and controllers of the business are, their business practices, the goods and services they are selling and any potential for the nefarious use of those goods. They need to consider whether an item has a dual purpose, one quite benign and the other malicious. For example, graphite. This is quite acceptable when it is being shipped from one supplier to another to manufacture pencils. However, it is also a key component in the refinement of uranium, which can be made to weapons grade.”

Minding your back Data can also help institutions check on the legitimacy of other banks involved in any transaction – who their beneficiaries are and what policies and compliance procedures they have in place. This is vital to ensure robust organisations aren’t held accountable for the actions of counter organisations that don’t employ the same level of rigour or – worse – are complicit in financial crime. Such is the risk now associated with international payments that Accuity has developed a suite of three products to help institutions check their counterparties’ capability for payment processing, give them a better understanding of all the parties involved in a transaction, their levels of due diligence in relation to KYC, and how well they adhere to regulatory sanctions, screening and other AML requirements. McKay says the extent of Accuity’s data, coupled with in-house software solutions means it can provide organisations with a unique level of confidence in a seamless way. But new financial institutions (FIs) still need to proactively embrace the capability. “As they play larger roles in financial technology and the movement of money, these FIs should ask themselves how they can adopt the same sort of solutions to perform KYC checking or AML and other sanctions screening. “I think there’s going to be a greater evolution for banks and financial technology firms to cooperate at much deeper levels.” www.fintech.finance |

MONEY 20/20

Here’s looking at you... Brian Haverty, VP Sales Americas at Swiss cyber security platform OneVisage, focusses on the launch of ‘game-changing’ 3D facial recognition software 3DAuth If you think that a handful of characters protect your digital life, you are naïve. Passwords and PIN codes no longer fit security requirements for digital services – and more particularly digital financial services. The main reason is that passwords can be easily discovered, copied or hacked. Passwords/PIN codes are thought to account for 80 per cent of security threats or a total cybercrime cost exceeding $435billion per year. The alternative is for financial services to provide hardware tokens, such as RSA keys or similar. But such two-step authentication systems impair the end user experience and result in more than 30 per cent of transactions being abandoned, which is also costing the industry dear – an estimated $100billion in lost revenue to businesses worldwide. So it has to be simpler than tokens and safer than passwords. There are five critical added values that all financial services are looking for: user experience, security, universality, cost-effectiveness and data privacy. If one of these criteria is missing from a product’s make-up, it’s an immediate showstopper for a financial service provider. You would think then that biometrics, such as fingerprints, 2D facial or voice recognition, are the answer to their prayers. Yes and no. When it comes to giving

access to financial services for billions of individuals, universality is probably the most important hurdle. You are looking to offer the same services to all your customers, regardless of whether they use an Android or iOS mobile device and whether it is high-end, like the iPhone 7, or an entry-level device, such as the Huawei Honor. But as long as the authentication is hardwaredependent, it can never be universal. Take fingerprints. As of December 2016, only 47 mobile devices out of 24,000 models were fingerprint enabled. We are a long way from having a universal solution.

Expediency versus safety Most digital financial services have focussed on simplifying the end user’s journey and making transactions simple and fast. The bottom line is that – and most end users know this – mobile security has been sacrificed to avoid boring customers with multiple authentication actions, such as blinking your eyes, pronouncing words, or typing in a one-time password. As a result, there is now one identity theft every two seconds with nearly zero security. Data privacy is a growing concern even if some people say they don’t care about sharing their data with service providers. They don’t really understand the implications. For example, if you apply for a job you wouldn’t want your application rejected because you’d mentioned you’d

had a health condition on your social media page. But many web community services are currently looking for that kind of data to monetise for advertising purposes. Nothing is for free. Anonymising your data isn’t the answer, either. There is a new generation of big data tools capable of retrieving similar anonymised data patterns in the Cloud where, even if only one service knows who you are, all the others soon will too. The less you share the better. That’s why OneVisage has been working on 3D facial biometry solutions for financial services’ mass markets. Its 3DAuth software has been developed to provide a simpler, safer way for financial services to verify it really is you, without sacrificing your data privacy. As of today, 3DAuth software development kit, which is also available as a platform as a service, is the first authentication solution to be password/PIN code free and yet provides bank-grade security by being 100 per cent spoof-proof to picture presentation attacks. It potentially supports 60 per cent of mobile devices and doesn’t collect any private data, storing a hash representation of someone’s biometric data that cannot be reverse-engineered. It does this by capturing approximately 20,000 biometric points in 3D compared to around 50 points generated by 2D technologies. And we think it’s going to be a game changer.

Mobile security has been sacrificed to avoid boring customers with multiple authentication actions 24

| www.fintech.finance

Summer 2017

MONEY 20/20 EUROPE

A fully-fledged bank When you think about it, money isn’t about finances. Not really. Money is about feelings. Finding a fiver in an old pair of jeans comes with an unexpected thrill. Going to the shops and having your card declined leads to embarrassment or panic. The end of the month can feel like the World’s Toughest Mudder, while that first weekend post-payday fills us with a rush of relief, joviality and generosity. Money is emotional. But sadly, according to research, the most common emotions surrounding it are those of shame, fear, anxiety and anger. Even the positive emotions – surprise, relief, joy – arise as a response to that stress and worry. With today’s technology, however, money does not need to be the rollercoaster we know it to be. Starling believes it can be simple, clear, fast and stress-free. That people can have a relationship with their money that is positive and healthy. That’s why we’re so excited to become a fully licensed bank – with no restrictions – authorised and regulated by the Financial Conduct Authority and the Prudential Regulation Authority. We’re now able to move forward with our vision, to provide a step change in banking and help more people to have a healthy financial life.

Mobile-only platform The first thing to note is that Starling is built specifically for the mobile and there’s good reason for this. From ordering a takeaway to arranging a babysitter – many of us now organise our lives through our mobile phones. Managing money this way, however, has been little different to doing it through a bank branch until recently. Because, just as money is more than finance, banking is so

Summer 2017

The branchless Starling, which launched in March 2017, is about to deliver on its promises, says CEO Anne Boden much more than just a bank account. It’s your health and your family’s health. We’ve therefore built the Starling account with features such as Faster Payments, direct debits, contactless debit cards, overdrafts for qualifying customers, and protection for all eligible deposits up to £85,000 from the Financial Services Compensation Scheme. These are all tools within the account that help put people in control of their money, where it’s going and when. We also offer a real-time view of balances so there’s no longer any need to worry whether Friday’s bar tab has gone through before you do your weekly shop on Sunday; it all shows up on the account as the customer spends and they can sign up for notifications, too, if they want them. Controls for money are likewise central in the app because we know this can help alleviate stress. Customers can switch their card off if they’re not quite sure if they’ve left it on the kitchen table or on the bus, then turn it back on once they’ve found it. If a customer qualifies for an overdraft, there’s the facility to increase or decrease how deep it goes. Passcodes, passwords

We built this bank account to give everyone a chance for a healthy financial life

and PINs are all accessible from the app. And 24/7 customer care is available through the app, too (with actual humans answering questions at the other end). Thirdly, we’re building a marketplace of products and services to help beyond everyday spending by partnering with smart apps like Transferwise and Moneybox. Customers can wave goodbye to emails trying to sell them a mortgage when actually what they’re saving for is to travel the world; or an ISA when they’re more worried about paying for groceries that month. We believe in giving customers access to a mobile market of products and services that best fit their financial needs. So there’s no sales pitch, just their data working for their benefit and no one else’s. And there’s so much more we have planned. Soon we’re going to be introducing insights into spending habits, categorisation options, and savings goals. And throughout we’ll be fair. We’ll be transparent. There won’t be fees for having an account or surprise charges if you’re off travelling. We built this bank account to help solve everyday money problems. To give everyone in the world a chance for a healthy financial life. And that’s exactly what we intend to do. n Anne Boden will be taking part in the Track 2 Session Perspectives of Fintech Leaders on the first day of Money 20/20 Europe.

www.fintech.finance |

MONEY 20/20 EUROPE

Shifting sands The only certainty in fintech is the inevitability of change, according to Paul Wilson, Commercial Manager at MULTOS Consortium, in a special Q&A with Fintech Finance Fintech Finance: What are the biggest changes and challenges happening in the industry? Paul Wilson: As with life, one thing is certain, change is inevitable. The worldâ&#x20AC;&#x2122;s population increases and technologies and industries evolve. Many industry sectors are experiencing shifts. The defence industry is having to negotiate on a country-by-country basis in a more multipolar world. Oil and gas companies have struggled with weak demand and low prices and have been through major cost-cutting campaigns. Manufacturing has experienced uneasy times, initially from economic challenges and more recently triggered by political uncertainties. The utility sectors in the industrialised world are being forced to economise and innovate as businesses and consumers become more energy conscious. In telecommunications, traditional service revenue is declining as consumers adopt competitor services from over-the-top players, and the firms suffer from intense competition as a result of lagging industry consolidation. Digital technology is altering the landscape for financial services, where smartphones, social media and Cloud-based services are being widely

| www.fintech.finance

accepted, and new regulation and technology is increasing competition and challenging traditional operating models. Technology industry megatrends are developing, such as Cloud computing, the Internet of Things (IoT), drones, autonomous vehicles and augmented and virtual reality, as well as artificial intelligence. The world is becoming ever more automated and connected, and an unfortunate by-product of this progress is a growing trend in cybercrime. We see many examples of security weaknesses and sophisticated attacks. Digital security should be a primary focus for most businesses, and the MULTOS technology adds security and flexibility to many business and consumer solutions. FF: Where are the key trends in payments going? PW: Globally, there are several major changes in payments, some driven by consumer demand. Mobile payments continue to grow, mainly promoted by Apple and Samsung. Contactless payment is now proliferating into a myriad of consumer offers and Juniper Research predicts that cards will continue to contribute the most to total contactless transactions, accounting for 80 per cent

of payments in 2019, and more than $2trillion worldwide by 2021. Europay, Mastercard and Visa (EMV) rollouts have made significant progress in the US market. Glenbrook Partners reported that 63 per cent of all cards in the market are chip enabled and it is now considered mainstream. Interestingly, the US is yet to make the leap to contactless cards, with only a few projects issuing a dual-interface product, which is reflected in the generally very poor adoption of mobile contactless payment services. MULTOS is seeing fantastic growth in the US, capitalising on

The world is becoming ever more automated and connected, and an unfortunate by-product of this progress is a growing trend in cybercrime Summer 2017

An altered landscape: IT solutions must evolve

this market adoption by supporting thousands of EMV issuers in the region. In the mobile payment market, overall adoption of original equipment manufacturer (OEM)-pay solutions has been slower than originally forecast, and there have been some challenges along the way. Juniper Research has estimated that the number of OEM-pay users, including Apple Pay and Android Pay, will exceed 150 million by the end of 2017. However, this will represent a very small percentage of total contactless transactions, possibly due to factors like clarity of user and issuer benefits, set-up complexity and cost.

quality products and a competitive and reliable supply chain. Collaboration is a core ethos and the Consortium members and wider networks enable the technology to service a range of applications, including EMV payment, contactless payment, authentication, digital identity, biometrics, loyalty, mass-transit ticketing and connected smart devices. FF: What is it doing in terms of mobile payments and what sort of customer demand are you seeing for these and point of sale (POS) payments? PW: Mobile and contactless payments represent an interesting evolution in consumer transactional behaviour and the range of technology solutions being offered. Ever growing in popularity are contactless payments, peer-to-peer payment applications, Cloud and software-based solutions and secure element architectures. MULTOS has been implemented in more secure form factors, including NFC stickers and wearable devices, and it offers an embedded secure device that can service multiple payment brands for OEM device producers to integrate into their products. With key management functions built in, it is easier to implement than some other technologies. FF: With cybercrime being one of the biggest threats to the industry, how do you build security into your payment offerings? PW: Security is a core facet of MULTOS and we have achieved the top levels of approval, such as the Common Criteria EAL7. For smart cards and many other payment devices, MULTOS provides a range of protective measures. Digital keys and other sensitive data can be protected. Software running on

hardware components can be validated and policed to protect against malware and other attacks. Authentication and communication protocols are also boosted by encryption within MULTOS. Critical processes, including provisioning and lifecycle management, benefit from the secure and dynamic features in our open standard. FF: How will the financial services market evolve over the next few years? PW: Major drivers of change will be consumer demand, business efficiencies, regulation, competitor threats and advances in IT. Consumers will continue to adopt the cool and convenient offers, driving service providers to upgrade and refresh their payments propositions. Contactless payment will continue to play a major role. Some financial businesses are already downsizing their high street assets and internal striving for operational efficiencies will continue this trend, also fuelled by gradual changes in consumer habits and the growing adoption of online services. The challenges and opportunities posed by regulation will also alter the way financial services partner and interact with each other to develop service offers. IT solutions will continue to evolve, with greater decentralisation for some and a heavier reliance on third-party IT services. Advances in connectivity, the IoT and automation will allow financial service providers to identify and interact with their consumers in new ways, while enriching their lives with more convenient ways to pay and manage their finances. The global MULTOS ecosystem and its Consortium will continue to contribute towards many of these advances within the payments market and will support its future evolution.

FF: What role does the MULTOS Consortium have in payments? PW: The MULTOS Consortium is central to the wider MULTOS ecosystem. More than 3,000 businesses around the world currently use MULTOS technology, and more than one billion MULTOS cards and smart devices have been supplied. Banks, governments, corporate enterprises and transit authorities use the high security, multi-application MULTOS technology. The consortium consists of respected global businesses across sectors, and is focussed on ensuring high standards, Summer 2017

www.fintech.finance |

MONEY 20/20 EUROPE

Parting words: Or can banks learned to get cosier with customers?

Till death us do part? Jim Marous, co-publisher of The Financial Brand and owner of Digital Banking Report, has a special place in the Fintech Finance Hall of Fame. Here, one of our industry’s astutest observers looks at the relationship between banks and customers Fintech Finance: What in your view is the biggest challenge facing financial services today? Jim Marous: Maintaining customer loyalty. This is because there are more empowered and better informed customers reviewing alternative providers in greater numbers as their digital expectations are unmet. These expectations are not being set by traditional financial services providers, but by technology firms, such as Google, Amazon, Facebook and Apple, and fintech start-ups that are more agile, more innovative and understand the capabilities of mobile and advanced analytics to deliver a more personalised solution. Traditional financial services are investing more heavily in innovation, digital products and better analytical and personalisation solutions, but indications are that it may not be enough and that the culture of most legacy financial institutions is not in alignment with what is required. Research from The Financial Brand and the Digital Banking Report indicate that smaller institutions are at a greater disadvantage than their larger counterparts

| www.fintech.finance

when it comes to becoming digital organisations and responding to the needs of a more mobile consumer. According to several recent customer satisfaction surveys, larger financial institutions are improving their scores far faster than smaller firms. Combined with the onerous level of investment required to respond to government regulations and the difficulty in upgrading legacy back-office systems, it is more challenging than ever for small banking organisations to compete. Even the historical differentiator of more personalised service provided by smaller community-based banks and credit unions, is being challenged by the high level of customisation and personalisation possible with digital channels.

FF: We’ve seen an unprecedented amount of regulation being introduced. What impact is it going to have? JM: New regulations in the US and UK/Europe are trying very hard to catch up with the expectations of the digital consumer. In both regions, regulations have

significantly lagged behind the reality, where branches are becoming less important, personalisation is more desired, privacy and security is more at risk and competition is beneficial. In both regions, the mandate is protection of the consumer. There is opportunity in these new regulations for financial organisations to differentiate themselves with regard to personalisation, moving towards real-time contextual offers that address the consumer’s desire for his/her financial institution to ‘know me’, ‘look out for me’ and ‘reward me’. Those organisations that can leverage consumer insight for the benefit of the consumer will be early winners.

FF: Will this level of protection be a positive thing for consumers?

JM: Research for Digital Banking Report made it clear the majority of consumers globally want to share insights with their financial institution. Both parties realise there has been a ‘personalisation gap’ between what is desired and what has been delivered. But there is also a ‘privacy paradox’, where the consumer wants highly personalised Summer 2017

offerings while still protecting their privacy. What will be difficult for the financial organisation is that every consumer views their privacy (and desire for personalised offerings) differently. It’s a matter of trust. To date, most financial services organisations have used consumer data to build great reports as opposed to developing great relationships. With the new regulations, there will need to be a value transfer between the consumer and the banking organisation, where experiences will need to become much more personalised in real time.

FF: What has been one of the most mind-blowing innovations you have seen from a bank? JM: ‘Mind blowing’ is definitely in the eye of the beholder. I set the bar a bit lower than I would for other industries due to the slow moving nature of banking. That said, I have been most excited about how digital technology, data and machine learning have combined to deliver amazing customer experiences. The ability to now get a personal loan in seconds and a mortgage loan without the historical ton of paperwork illustrates how the consumer can benefit when traditional departmental silos are taken down and digital technology is leveraged to the fullest extent. I think we are just seeing the tip of the iceberg with regards to the application of advanced intelligence, the Internet of Things (IoT) and voice technology in financial services. Imagine waking up in the morning and having a personalised voice device tell you your financial positions in traditional banking products and investment services, providing recommendations for changes in your portfolio using robo-advising technology. The voice device would then provide an overview of the upcoming day, recommendations for travel based on previous experiences and let you know what groceries are running low in your refrigerator. The potential to integrate all of these through application programming interfaces (APIs) is there. The question will be whether a banking organisation, a tech company, or another firm will be at the centre of that consumer experience.

FF: When was the last time you were personally wowed by a bank’s service?

JM: I honestly can’t remember. My concern is that most banks think they are doing a Summer 2017

great job because they are looking in the wrong places. In research on customer experience for the Digital Banking Report, we found that many banks still measure the satisfaction of their customers from a branch interaction perspective. They also equate problem resolution with great customer service even though less than one per cent of customers have a problem. Despite increasing investment, most financial institutions admit they are not improving customer satisfaction. This is because satisfaction is now defined in digital terms, where banking lags. There is also a clear delineation between the smaller banks and their larger competitors in the ability to deliver a great experience. The larger banks are doing best. At the end of the day, I have had a relationship with my current bank for more than 15 years, yet they don’t illustrate they know me any better than they did in the first

I have had a relationship with my bank for more than 15 years, yet they don’t illustrate they know me any better than they did in the first year... Maybe I should divorce my bank year. I wouldn’t accept that in my personal life, why should I accept that level in my financial life? Maybe I should divorce my bank.

the most exciting trends, though, have been around machine learning and chatbots, the competition for person to person and digital payments and the trends around voice technology. With regard to the potential for banks to become utilities, it will completely depend on each bank’s path. We are already beginning to see the impact of smaller financial institutions not being able to meet the consumer’s need for advanced banking technology. For all but the more progressive (or very smallest) firms, we will first see significant consolidation, especially in the US. We will then see a transformation of what banking means, with many of the services that are highly engaging (commerce and payments) moving to the background of larger experiences. This will occur at the same time that massive consolidation and reconfiguration of physical facilities occurs. Finally, banking transactions will move towards digital initiation and digital delivery. Consumers will demand the ability to open new accounts using end-to-end digital tools that no longer require a branch visit, while many transactions will be initiated by voice. I also see a movement away from the phone as the primary digital device to maybe a wearable. There will be a role for banks that integrate beyond financial services to provide a link to all daily activities and interactions. This is where the (IoT) comes into play. In the end, banking will be seamless and integrated within different components of our life. This will require partnership with the fintechs of today, using these firms as innovation think tanks. And yes, one (or more) of the largest tech companies will be a competitor, offering the majority of services that banks do today. Most likely, one will be from China.

FF: What’s next for The Financial Brand and Digital Banking Report for 2017?

FF: What are your predictions for the

JM: The Financial Brand is entering its

next few years? Will banks go the way of telecoms and become utilities? Will we see more fintech/bank partnerships? JM: The Digital Banking Report’s 2017 Retail Banking Trends and Predictions found that the top five were: improving the customer journey; increased use of big data and AI; improving integrated multichannel delivery; testing open banking APIs; and partnering with fintechs. I think some of

10th year in business and is experiencing its biggest readership ever. Digital Banking Report just introduced a new website with an e-commerce platform for reports on a variety of subjects. Recent topics include a review of key challenger banks worldwide. Upcoming reports will look at digital wallets and person-to-person payments, the use of AI and advanced analytics, and the state of bank innovation. www.fintech.finance |

MONEY 20/20 EUROPE

The Pro Europeans Transact Pro is among a new generation of e-commerce solutions providers with post-PSD2 Europe in their sites. Business Development Manager Yuriy Bordulan outlines the Latvians’ strategy to become ‘the world’s first e-money institution’ Here’s a fun fact for you: jeans were invented by a Latvian. In 1854, a young man named Jākobs Jufess left Riga and emigrated to the United States, where he changed his name to Jacob W. Davis. In 1870, Davis was hired to craft a pair of tough trousers for a woodcutter, and two years later he teamed up with a small-town tailor called Levi Strauss to patent his template for denim jeans. And there you were thinking your pair of 501s was as American as apple pie. The nation of Latvia has a rich history of innovation, and companies like Transact Pro are helping to fly the country’s flag (which happens to be the second oldest flag design in the world – Fun Fact #2) across the fintech industry. The Baltic state has some of the fastest internet in the world, with speeds averaging an impressive 14MB/s, which is great news if you’re an e-commerce solutions provider. But there are advantages and disadvantages to having your headquarters in Jufess’ home town, as Transact Pro business development manager, Yuriy Bordulan, explains. “In terms of e-commerce payments, Latvia differs a little from the rest of Europe,” says Bordulan. “The majority of Latvians use a SEPA (Single European Payments Area) payment solution called BankLink. “In a domestic sense, BankLink is a fantastic resource,” he says. “It’s quick, efficient and very cheap. However, the problem for us at Transact Pro is that people outside of Latvia can’t use BankLink. Today, online card payments are ahead of BankLink since it is a more universal solution. However, it is possible in a couple of years and after the revised Payments Services Directive (PSD2) is implemented, that the focus in the European market will change slightly. “As a global company, we need to target the systems that are seeing widespread use

| www.fintech.finance

across the world and that means the card payments market.” Bordulan and the team feel that they’ve outgrown Latvia, so the company is setting its sights on the bigger picture, both geographically and economically. “Nowadays, our home nation only provides around five per cent of our total income. We’re a Mastercard Principal member, and also have a Visa licence for direct acquiring, both of which are allowing us to bring a more rounded offering to our European customers that goes beyond just payments,” says Bordulan.

We don’t share the same sense of dread that a lot of companies are feeling towards regulation... New directives will open the door to companies like us As Transact Pro continues to extend its reach across Europe, it’s turning its attention towards regulation and trying to assess the impact that new directives, such as PSD2 could have on its fintech crusade. “We don’t share the same sense of dread that a lot of companies are feeling towards regulation,” says Bordulan. “In fact, we believe that these new directives will open the door to companies like us that are looking to increase their collaboration

with European banks. Services like the SEPA network will come into their own under PSD2; they’re planning to launch their instant payment solution in November and this should generate a fresh, competitive pricing system for card payments across Europe. “Fintech projects like Transferwise and Revolute have already begun to divert payments away from their traditional routes, and we expect more models like this to emerge following the implementation of PSD2. “The challenge of new regulation comes in finding a balance between compliance and the customer experience,” adds Bordulan. “Developing a user-friendly product that complies with ever stricter legislation is no mean feat. PayPal and the rise of the e-wallet is a clear indication of the direction in which the market is heading – the provision of secure, convenient services for the end user that neatly align themselves with regulation. “A lot of specialists are predicting that directives such as PSD2 will be a barrier for the incumbents,” says Bordulan. “I tend to disagree. Although I think it’s impossible to make any accurate predictions at this stage, in my mind, a large team and ample resources always helps when striving for compliance, which means the big players should continue to control the market through their continual release of compliant products. “I’m all for the sparky new market entrants,” he says, “but I can’t help but

Euromillions: A flexible turnkey solution makes Transact Pro competitive

Summer 2017

feel they have an uphill struggle ahead of them in terms of compliance.” Speaking of products, Transact Pro’s latest solution is gaining popularity across Europe as a method for companies to keep track of their costs when dealing with cross-border payments. The Transact team are confident of the benefits that their system will bring to e-commerce businesses worldwide. “We call it dynamic currency conversion,” says Bordulan. “In practice, what it does is allow our clients to choose the currency most appropriate to their customer. For example, you could be buying something on a French website from the UK, and when you arrive at the checkout the merchant offers you the chance to pay in pounds as opposed to euros. “What we’re offering is a universal solution to accept and manage all currencies,” he says, “which has previously been a sticking point for payment service providers the world over.” Transact Pro began working with payments back in 2004, and since then its payment gateway has gone from strength to strength in terms of adoption and functionality. Always keen to keep the systems fresh, the Transact Pro team have been hard at work revising various technical aspects of their gateway, and will be promoting the updated platform at the Money 20/20 Europe conference. “Our integration with Visa and Mastercard to become a direct acquirer required some

Summer 2017

substantial technical reworking of our payment gateway,” says Bordulan. “However, we’re confident that our decision to partner up with the card providers will increase the appeal of our gateway to prospective clients a great deal. “Not only are we broadening our software offering to merchants, but we’ve also expanded the range of payment accepting services that we supply to banks,” he says. “Our payment gateway now constitutes a turnkey solution for banks, whereby we provide the card transaction, support, chargeback management, and fraud monitoring in one complete package. In turn, our bank clients can transfer these services on to their merchant customers as a robust e-commerce solution that ticks all the necessary boxes. “This is where we see big opportunities arising for Transact Pro in the future,” says Bordulan. “We’re persevering with our white labelling strategy, allowing banks to brand the product in their own way, but at the same time improving and maintaining the system as if our own name was splashed all over it.

“We’ve decided to make the platform more modular, and we’ve introduced a new system where each merchant has their own private database. This way, should the need arise, a merchant’s data can easily be transferred from our payment gateway to another. “It’s this flexibility that’s making our solution so competitive,” he says. “As a merchant, a feeling of freedom regarding your payment system of choice is crucial. Our gateway’s management tools are API flexible. “We’ve no doubt that our platform’s merits will help us to maintain our impressive rate of expansion across Europe for the foreseeable future.”

www.fintech.finance |

MONEY 20/20 EUROPE

Time for

Like many Eastern European countries, Bulgaria is significantly behind the curve when it comes to not only digital banking, but card payments, too.

Bulgaria’s interbank organisation Borica is on a mission to popularise plastic with the launch of the Bcard, as CEO Miroslav Vichev explains

Despite its stable economy and highly educated population, less than five per cent of banked individuals in Bulgaria use internet banking, compared to the European Union (EU) average of 46 per cent. With just 11.1 card payments per capita in 2015, plastic is less popular here than anywhere else in Europe, too. It may be hard to separate a Bulgarian from his/her cold cash, but Borica, the country’s interbank organisation and card authorisation centre, is giving it its best shot. Borica’s Bcard, a national debit card that enables residents to access everything from government services to social activities and vending machines, was

launched in response to local banks demanding a ‘more cost-efficient servicing of the cards industry’. “Ninety-five per cent of card usage in Bulgaria is local,” explains Borica CEO Miroslav Vichev. “So, utilising an international brand for a person to withdraw money or pay for food is a little bit extreme and costly. “This has now improved because local settlement of card transactions is happening through us and we don’t use international schemes for that purpose. Our role in the market is related to local currency net settlement and the card infrastructure of the country. We provide a major share of its card-related services.”

| www.fintech.finance

It’s indicative of how the differing needs of some economies, coupled with the potentially revolutionary impact of the revised Payment Services Directive (PSD2) in opening up the market is creating unexpected opportunities for some niche players to operate local payment services – services that many in the industry thought were doomed six years ago. “Paying for tickets or for the Metro in a standardised way, accepting transactions related to social services, or using vending machines – these are a few of the transaction types and products that we plan to launch through the national card scheme because the Bcard is a cheaper and more efficient local service,” says Summer 2017

Vichev. “You can imagine the reaction of the international card schemes, though. It’s quite a challenging initiative.” This low-cost local upstart will, Vichev hopes, not only popularise card use among fellow Bulgarians, but also help to accelerate innovation in other payment areas. While the country is likely to take time coming around to some of those ideas, Vichev says Borica is determined to have the latest technology ready and waiting for them when they do. A policy of continuous innovation has seen it focus specifically on point of sale (POS) and ATMs. “The country is relatively conservative and not an early adopter of instant payments, so anything that we do on contactless, no matter if it’s ATM or some kind of microtags, helps the adoption of electronic payments and card payments,” he says. “On the POS side, we’re looking especially at host card emulation through mobile phones. Most of our investment in pilots and proofs of concept is around mobile wallets and the adoption of tokenisation, which enables phone transactions over POS devices. “Microtags are interesting, too, to enable payment through any device, watch or bracelet, although the mobile seems to be the focus here at the moment and is what many of our customers are interested in. Right now, though, Bulgaria is still very much a cash-fuelled nation and that is likely to continue so long as access to electronic POS is restricted by the ‘grey economy’, adds Vichev. “We still have to convince all the merchants to offer the service widely and not deny use of POS devices. The banks are pushing them a great deal and almost every merchant has one, but some will pretend theirs is not working because they prefer cash. Some of this also relates to the ability to hide part of their income.” That’s more a cultural trait than a deliberate attempt to outwit the Exchequer, says Vichev, but it does make life complicated for payment services.

“They don’t necessarily hide their income for tax purposes because the income tax here is quite low, in fact we’re almost a tax haven in terms of income and profit tax,” he says. “Many larger merchants have adopted POS technology and operate legitimately. Many small and medium businesses, however, still attempt to hide income, especially in the food and tourist industries. This means there is a lot of cash in them that doesn’t surface as income within the economy.”

A barrier to growth The resulting lack of clarity over Bulgaria’s financial health has held the country back from joining the Eurozone, despite being a member of the European Union since 2006. “So targeting small and medium businesses is the key right now, to

Lev it alone: Bulgarians have been keen to hang on to cash payments

The Bcard is a cheaper and more efficient local service… you can imagine the reaction of the international card schemes

Summer 2017

of this, but they don’t see any benefit in it, so we will be opening more business lines related to device monitoring and terminal management. That’s in addition to a major project to revamp our core card infrastructure.” So, what does Vichev see in his crystal ball, when it comes to the future of the financial services industry? He believes that the introduction of PSD2 will significantly shake up the wider financial marketplace. “The ability to interface the banking and payments infrastructure directly from third party providers will change the landscape,” he says, although he’s concerned by the current debate over screen scraping. “This is a controversial and decisive moment for PSD2 and I hope things sober up and we have good,

encourage them to adopt electronic payments and bring them and their revenue onto the ‘white side’,” says Vichev. He’s confident that POS will come into its own eventually and Borica is extending its services accordingly. “Our organisation has been servicing cards and devices, but we haven’t been sufficiently involved in device management and monitoring services. So, we are putting a lot of effort into these areas, as well as terminal management services for the banks,” he says. “Until now, the banks were doing most

documented interfaces with the banking infrastructure,” say Vichev. ‘Banks have been very proprietary in their attitude to interfacing the customer electronically. But in a couple of years we should see a lot of difference as a result of PSD2.” As for payment trends, he can’t see popular mobile methods, like Apple Pay and Samsung Pay, getting a foothold in Bulgaria any time soon. “We are not a large enough market for Apple Pay and Samsung Pay,” says Vichev, ”Although we are piloting host card emulation services and mobile wallets, it’s not those versions. “It will take ages before they reach this market… if at all.” www.fintech.finance |

MONEY 20/20 EUROPE

Holding all the cards

Plastic’s been fantastic, but as domestic payment schemes continue to evolve, processors need to be alert to new opportunities, says Trionis MD, Ernst Verbeek In 2011, when the Single Euro Payments Area (SEPA) was comprehensively adopted – removing barriers to cross-border transfers and making life easier for millions of citizens and businesses – many predicted a bonfire of domestic payments schemes.

But managing director of Trionis, Ernst Verbeek, wasn’t so sure. Bearing in mind that there were nearly as many payment card schemes as there were countries in Europe, he didn’t believe it was a foregone conclusion that they would be replaced by two or three pan-European behemoths. Quite the contrary. Their proliferation was in fact being reinforced by a tendency of both the card issuers and the card acquirers to broaden the portfolio of brands on offer to cardholders and merchants. With so many new brands competing for consumer share of wallet, an explosion not an implosion was on the cards. But at the same time, Verbeek foresaw that non-card payment instruments would converge with card payment systems to create new, hybrid networks. To become or remain a part of this landscape, he argued, two key changes were required of scheme operators: a willingness to convert networks to more open platforms, and for providers to move away from being purely card schemes.

A singular not single market “To talk about a single European payments market anyway is a misnomer, as a single market does not exist in the way that it exists for other industries,” says Verbeek. He points out that market actors still have a very country-centric orientation, although new regulation means payments are in a state of constant flux. Among

| www.fintech.finance

existing players, he sees acquirers increasingly looking to process transactions cross-border; issuing banks onboarding card customers in more than one country, and retailers looking for card acceptance solutions that are cost effective for all their outlets, irrespective of country location. But the peculiarities of domestic infrastructures still dictate the way most payments are processed, even by new market entrants. After the demise of schemes such as Laser in Ireland and PIN in the Netherlands, among others, it did indeed look as though the European market would be dominated by a few global payment card schemes. “Nowadays, I think people again recognise that there clearly is a place and a future for domestic card schemes and infrastructures and, eventually, domestic mobile solutions, despite the globalisation trend,” says Verbeek. “International card schemes will probably play a role in all markets and, in some cases, they may be the sole providers, but there are very sound reasons why a number of markets will choose to operate domestic schemes as the preferred solution for in-country payments, which in most cases are the vast majority of the transactions. This approach has the potential to be lower cost, to create services more suited to local market needs and to result in better relationship with regulators.” What we will see decline, he believes, is the traditional hook-up between domestic debit schemes co-branding with either Mastercard or Visa to access international markets. “That no longer seems to be an option,” says Verbeek. “The international schemes are clearly seeing the domestic schemes, and also domestic infrastructure providers, as competitors and a major impediment to

them driving revenue from a market that is now much more important following their stock market listing. And there does seem to be evidence that the domestic schemes, because of their proximity to the market, can develop some unique capabilities, despite lower innovation budgets. The Portuguese ATM network and the Nigerian Quickteller system are just two examples.”

A three-legged stool Most people see card payments as having two distinct processing activities: the merchant or acquiring side of the business needed to support card acceptance at the point of sale (POS) or at the ATM; and activities required on the issuing side to take care of all the account management, to support cardholders and their banks in completing transactions. But there is a third, which is often overlooked. Card payments are a global phenomenon. In Europe alone, according to the European Central Bank (ECB), by the end of 2015, there were more than 780 million cards in circulation and more than 52 billion transactions processed. That’s likely to be an underestimate. According to the 2016 edition of the World Payments Report by BNP and Capgemini, payment cards are the leading non-cash instruments, growing by 11.8 per cent in 2014, faster than any other payment method. And the majority of these transactions need to be switched. “Card switching is the third domain that sits between the issuer and the acquirer for whom it ‘switches’ transactions,” says Verbeek. “It takes place in the background, but the other reason it is often overlooked is the nature of the original three and four-party card scheme models, where the switching activity was designed to sit in a Summer 2017

closed environment exclusively supporting one specific domestic, international or private label card scheme.” He believes two things are likely to change that. “One is market-driven. We are now in a situation where the conventional wisdom is that you should be able, as an issuer or acquirer, to support any number of brands,” says Verbeek. “The other key development is regulatory. Initiatives such as the revised Payment Services Directive (PSD2), the Multi-Interchange Fee (MIF) Regulation and the SEPA Cards Framework aim to separate schemes from processing. But in order for that to happen, schemes have to open up and become ‘interoperable’, just as banks have to open up and allow third parties access to their customers’ accounts. To talk about interoperable closed environments is an oxymoron. That is why interoperability is such a challenge in the payments industry. “The co-branding one sees with domestic schemes creates the impression of interoperability but, in fact, it is merely a vehicle for a domestic and an international scheme to sit side by side.”

The issue of legacy Verbeek believes that what defines a card scheme today will almost certainly not be the same tomorrow. He also thinks new payment innovations will come from outside, where mobile phone companies, not financial institutions, have driven change. The European Central Bank (ECB) defines a card scheme as a technical and commercial arrangement set up to serve one or more brands of card, providing the organisational, legal and operational framework necessary for the functioning of the services marketed by those brands. Now that regulators want a split between the scheme function and the processing function, legacy platforms face a dilemma. ”For a start, they do not lend themselves to encouraging external development and will risk losing out to new payment services that easily integrate with modern platforms that are open to external developers – Google, PayPal, social networks, web 2.0 are cases in point,” says Verbeek. “The incumbents share a weakness in the sense that they are not set up to allow developers access to their core infrastructure. On the one hand, schemes are trying to open up and become Summer 2017

API-friendly but they are trying to do business with monolithic rulebooks. Also, Cloud computing will promote payment innovation that benefits open networks.” Changes in consumer payment behaviour and the devices they use to pay will, Verbeek believes, lead to a blurring of the line that divides Card Not Present (CNP) transactions from point of sale (POS). “In a way, this is already happening with payment services such as Bill-me-later and Pay-by-cash,” he says. “The black/white distinction between credit/debit/charge and prepay card will disappear as well. Tomorrow’s scheme will be expected to offer a combination of these, if possible all residing on the same card/chip. Openness of platforms will accelerate this development. “Direct debit and credit transfer payments can already be considered as a utility and, in my opinion, card payments will follow the same path,” he continues.

Interchange fees, brand fees and annual fees will not be where the critical mass of the revenue comes from. Instead, the type of payment and contextual value add around it will generate revenue “As a result, payment brands will become less important and the revenue base will shift towards transaction processing. Interchange fees, brand fees and annual fees will not be where the critical mass of the revenue comes from. Instead, the type of payment and the contextual value add around it (think data) will generate revenue. “Processors themselves will see a stronger argument for standardisation as they begin to process across multiple payment networks and products as a result of this convergence of direct debit, card and credit transfer payments. This reinforces the view that processors need to unbundle from schemes and become platform providers

for different payment instruments,” adds Verbeek. That’s not to say payment schemes will disappear any time soon. “The TV did not make the radio redundant, planes did not do away with trains, the internet did not lead to the death of books, newspapers or magazines. Card schemes – or perhaps they are better to be renamed ‘payment schemes’ as the physical plastic will increasingly be absent – will continue to exist but will no longer revolve around the four-party model that they are traditionally associated with.” Verbeek believes the systemic and high volume nature of payment schemes, at least in Europe, will in itself be enough to ensure their domestic survival. “And there are two other factors that will serve to strengthen the case for domestic schemes: control over settlement risk is part of the systemic risk but there is also the consideration of data privacy and monetary policy, both of which are regulated locally.”

Regulatory impact There are more powerful forces at work, of course, that will create opportunities for providers of switching services. “The second Payment Services Directive (PSD2) enables new entrants to enter a hitherto closed market. All of these new entrants will need outbound application programming interface (API) services to existing banks. There will be a similar demand, on the other side of the market, for inbound access," Verbeek points out. “As far as instant payments are concerned, this is a good opportunity for a provider of switching services, as there are many initiatives underway, such as Swish in Sweden, Jiffy in Italy, Bizum in Spain, Paym in the UK, with more on the drawing board. All of these were designed for a specific market without much thought being given to cross-border interoperability.” Whatever the new payments landscape looks like, Brussels-based Trionis will be a dominant feature, promises Verbeek. “Most other companies in this space may be larger than us but have a very strong national focus. Given that our presence is in more than 12 countries, we are in full support of the vision of a Single European Payments Area, because the Trionis interbank processing network expands the choice now available to financial and payment organisations wishing to process transactions within the SEPA zone or outside of SEPA.” www.fintech.finance |

MONEY 20/20 EUROPE

A world of choice: There are going to be yet more payment methods for merchants to navigate

Smoothing the path to PSD2 Card and crossborder payments provider PPRO recently said proposed technical standards surrounding PSD2 would be like ‘letting the fox guard the henhouse’. But there’s still much to applaud, says CEO Simon Black The revised Payment Services Directive (PSD2) promises to be the key that unlocks bank customer data for the benefit of consumers, creating new opportunities for fintechs. But implementation isn’t without its problems; the devil is in the detail, according to Simon Black, CEO of e-commerce payments provider PPRO. It’s one of 70 companies concerned that

| www.fintech.finance

the regulatory technical standards being negotiated around PSD2 by the European Banking Authority (EBA), fundamentally undermine – even contradict – the spirit of the directive. The sticking point is over permitted automated direct access to customer data – sometimes referred to as ‘screen scraping’ – whereby data can be copied from a bank’s system using the customer’s online interface. The EBA wants it banned due to security fears, forcing fintechs to go through the

bank’s application programming interface (API) – in effect making them, not the customer, the data gatekeeper. PPRO’s business development director Ralf Ohlhausen recently described the move as like ‘letting the fox guard the henhouse’ and effectively strangling those innovative fintech fowl who are striving to deliver a seamless customer experience. “There’s an awful lot right with PSD2 and I think the EU, and particularly the European Banking Authority, should be Summer 2017

applauded for wanting to take what’s really a big step forward,” says Simon Black. “But once you get into the detail there are things that need to be ironed out and that is where we are at the moment.” Once the regulatory creases disappear – and hopefully they will before January 2018 when the directive comes into effect – PPRO will be well placed to benefit from the lid that’s lifted on banking customer data. The company not only sells and manages e-money accounts linked to pre-paid cards that provide an alternative to bank accounts for businesses and individuals, but it’s also active as a third-party provider in facilitating cross-border payments. Viabuy, its Mastercard pre-paid card with a personal IBAN that can be managed via an online account, is an example of how important the new directive could be to the business. “The access that PSD2 will allow means we can make Viabuy a more comprehensive tool as a way to manage your money,” says Black. “That’s because you’ll be able to link it to information coming from your other accounts. “In terms of how we support merchants, we ought to be able to develop even more effective solutions around the various payment methods that exist across Europe.” He adds: “I think, in the short to medium term, we’ll see a proliferation of new payment methods brought about by PSD2 and acceleration in growth for those that are very tiny today. “The challenge for payment service providers that are supporting e-commerce merchants is that there is going to be more payment methods they need to navigate. For us that’s a good thing, because a key proposition for PPRO and our payment processing business is that we simplify that complexity and accelerate time to market for payment service providers. “So we’ll ensure that, not only are we providing our partners with a PSD2-ready solution, but we will also add more value to take advantage of any change PSD2 brings about.”

The big card bonanza While globally Mastercard and Visa, and the networks they have built, dominate payments, there remain hundreds of alternative methods that were developed when commerce was constrained by national borders. In some African countries Summer 2017

direct carrier billing systems that grew on the back of telecoms allow consumers to pay by providing their telephone number. In other developing markets there exist scores of pre-pay and post-pay methods that are the result of legacy systems and cultural norms. PPRO’s expertise in these alternative payment methods is attractive to acquirers, payment service providers and any kind of financial institution. In December, for example, it announced a partnership with business credit card processor Vantiv. The deal means the US firm’s merchants can now sell to customers around the world who don’t settle bills with credit cards. Black says: “Vantiv selected PPRO because it identified we had an unrivalled platform, both in terms of the breadth of integrations that we provide, but also the value-added services we offer around those payment integrations, such as our completely integrated billing, collection and settlement capabilities.

There’s an awful lot right with PSD2… But once you get into the detail there are things that need to be refined “By doing one technical integration to PPRO, Vantiv’s merchants not only get access to more than 140 payment methods, but they also get in one settlement file all the transactions relating to any of their merchants across any payment method. So it is a highly efficient solution for them.” Growth in alternative payment methods is not restricted to emerging markets, of course. According to PPRO, 43 per cent of e-commerce transactions in western Europe are made with something other than a credit card. And the customer is firmly driving that trend, says Black. “In China there’s a hugely successful digital payment method in Alipay,” he says. “And there is a big focus now on making Alipay a way to pay for Chinese nationals overseas, too. We’ve seen the rollout in Europe, and an announcement in the US where different payment companies are

enabling acceptance of Alipay at point of sale in stores. It’s the consumer that’s driving those changes.” In the UK, its contactless that’s setting the agenda, says Black. He believes the adoption of contactless in its many forms will spread across western Europe and beyond. He says: “People were only using cards for significant amounts, typically over £20 or €20. Now, we’re seeing people get in the habit – and habit’s a key word – of using cards for everyday, low-value purchases. So, they tap the card for a couple of pounds or a couple of euros for a coffee, say. In some markets, they may tap a phone. We may be at the latter stages of early adoption with that, but it’s really going to go mass market.”

Contactless to wearables Contactless was made more attractive by the introduction of a £30 payment ceiling in the UK. But for contactless payments via a mobile phone or wearable device Black argues a limit is pointless. “If you tap a contactless card there is very little security control. But with your phone there is a huge security control – for example, the use of a fingerprint scan to approve the purchase. So there’s no logic for limiting that transaction to £30. “In the markets where contactless cards are being used, it’s a small step in behavioural change for a consumer to tap their phone, or even their watch, which you do see occasionally on the London Underground, for example. “But then in other countries – certainly Germany and the Netherlands – the most common forms of digital payment will be paying via your bank account, because that’s what people are comfortable with.” Looking to the future, Black suggests payment systems will consolidate. “The way payment systems evolved until very recently was on a national scale,” he says. “So, you have huge discrepancies and I think we could build a solution, if not for the world, at least for a majority of markets. “Many people may want to move towards blockchain, because it is a highly efficient way of executing a transaction. But trust is key. In any transaction you can have six to eight parties involved and each of them wants to have a sense of protection. Ideally, you’d have one incredibly efficient, digital global system, maybe using blockchain. But the challenge is getting the different parties and countries to buy into it.” www.fintech.finance |

MONEY 20/20 EUROPE

Voyage of discovery: There's still a way to go before the industry realises the ‘paymentless dream’

I see no chips (or PINs)

The US payments industry may have just dragged itself into the 21st Century, but Matt Ozvat, Head of Developer Integrations at Vantiv, is looking beyond EMV to a ‘paymentless’ horizon When was the last time you made a card transaction in Europe and were asked to swipe and sign to complete the payment. Struggling to remember? That’s no surprise. In the 11 years since chips replaced magnetic strips, digital card terminals have swept through the high street, the ‘I Love PIN’ campaign of 2014 heralding the biggest change to payments since decimalisation. To ask someone to sign today would be like asking them to pay in sixpence and shillings. But ask the same question of an American and you’ll get an immediate answer: ‘Last week, to pay for gas. That V8 won’t run itself, you know!’

| www.fintech.finance

When it comes to technology, the United States is a land of contradictions. On the one hand, Silicon Valley start-ups deliver an unparalleled degree of innovation, unmatched in vision and scope almost anywhere in the world; on the other, you have one of the world’s most consumer-driven societies held back by a 50-year-old payments technology, wedded to magnetic strips and lidless Biros. But things are changing, albeit slowly. In 2015, the US government finally decided it was time for the nation to adopt the global standard EMV (Europay, Mastercard and Visa), which equips chip-based cards to authenticate signature-less transactions. This was

despite the misgivings of many in the US financial industry. “You’d have thought, judging by the frankly obscene lateness of the US in transferring to EMV, that it would’ve been more sensible for the country to leapfrog the entire two-part authentication system altogether,” says Matt Ozvat, head of developer integrations at US-based payment processing and technology provider Vantiv. “In fact, we almost did. The government were literally days away from saying, ‘let’s skip EMV,’ when the Target data breach happened.”

The Target effect As 40 million or so of the retail giant’s customers had their credit cards threatened Summer 2017

by malware in the point of sale (POS) systems of 1,800 stores, all hopes of directly adopting a newer, less tried, encryption technology quickly dissipated. “Following that incident, the government regulators came in and laid down a clear EMV strategy,” says Ozvat. “It’s a shame that the possibility of leapfrogging two-part authentication was snuffed out so rapidly in the US, especially when we were so close to embracing a more contemporary alternative. However, EMV is now gaining traction at a tremendous rate, despite the obvious challenges that it’s imposed on many constituents within the industry.” Business Insider recently reported that the number of EMV-enabled merchants in the States has grown by 191 per cent. It’s worth bearing in mind, though, that there are more than 10 million points of sale to be upgraded and EMV adoption started from zero in 2015. “Since the inception of EMV, the US merchant has had to understand and be trained in payments to a much greater degree than before,” says Ozvat. “There’s been a total shift in liability towards merchants of all sizes, from tier one companies down to SMEs, and they’ve all had to immediately become aware of payment systems, transactions, charge backs, and a whole host of other intricacies that they needn’t have worried about before. “This is where Vantiv, and specifically my work, comes in,” he says.

Black box solution The Ohio-based company is one of the US’s largest providers of payment technologies to financial institutions. Formerly known as Fifth Third Processing, in 2011 it adopted the name Vantiv as a step towards becoming a publicly traded company. It went on to acquire payment services firms Element and Mercury, to which Ozvat belonged, in 2013 and 2014 respectively. “Our mission has been to create technologies that enable these merchants to process payment transactions as quickly and efficiently as possible. We provide the black box technology that draws all elements of compliance together in one neat package, allowing companies to rest easy in the knowledge that the system they’ve employed has them fully covered, regulation-wise, from end to end. “In a sense, what we’re doing is permitting our clients to continue to focus Summer 2017

on what they need to – the consumer experience,” says Ozvat. “We relieve them of as much of the pain of compliance as possible so that they can devote themselves towards delivering that personalised retail service, that world-class dining experience, or that unforgettable night of entertainment to their customers.” While it’s currently engaged in soothing the birth pains of EMV for merchants across the US, Ozvat believes this latest generation of payment technologies is just the start of a rapid evolution. “For me, the pinnacle of payment technology is close at hand, and I refer to it (somewhat paradoxically) as the ‘paymentless’ experience,” he says. “When a consumer visits a retailer or a restaurant, for example, they’ve gone there to achieve something. At this point, there’s a golden opportunity to ‘capture’ that consumer – to deliver a strong service that instils a sense of loyalty towards their business in the customer. “Paymentless is the eradication of any recognisable payment stage – something that has always prevented businesses from being able to focus 100 per cent on the customer experience,” says Ozvat. “In a paymentless system, payments would still be made, only they’d be completely seamless from a consumer perspective; there’d be no more need to flick through wallets for the correct card, or rummage in bags for mobile phones. Businesses would be able to dedicate themselves entirely towards generating customer loyalty through the perfect in-house experience, free from the disruption of the inherently undesirable payment stage. “Of course, the question now is how to turn paymentless from a fintech dream into a transactional reality,” says Ozvat. There are several alternative technologies, with bioscanners and facial recognition ranking high on the list of possible solutions. “However, in all honesty, I’m not sure that the technology currently exists to do paymentless,” he says. “What I am sure of is the rate at which technology is advancing

in the US, and indeed globally. In the next 10 or so years, quantum computing will arrive and make our current computers look like Commodore 64s, so I’ve no doubt that paymentless technology will follow shortly afterwards.”

Vantiv O.N.E. for all Alongside its work in the fields of EMV and end-to-end encryption, Vantiv launched a major initiative focussed on POS developers in 2017. As Head of developer integrations, it’s Ozvat’s responsibility to manage and nurture the ties between the developer community and Vantiv’s platforms. “It’s these technologists who are creating new use cases, who are inching us steadily closer to our goal of a paymentless future,” he says. “Part of the reason Vantiv acquired Mercury was because of the highly successful developer infrastructure that we’d previously established. I manage a thousand or so developers that are all intent on integrating with us, adding new features to our platforms. We provide these developers with a customer service experience that allows them to integrate in the quickest, most secure way possible. “We’re creating an infrastructure for t hat tech community, so that they can quickly understand how to be compliant, but yet how to innovate, how to futureproof their technologies so they can be relevant. “We have created that community by funding something called Vantiv O.N.E,” he continues. Described as ‘the O.N.E. place to connect, develop and geek out’, it’s an online resource that offers the chance for developers to interact directly with Vantiv’s integration analysts, who can in turn help them to build and market their solutions on the Vantiv platform. “It’s our aim to be there for our POS developers at all times and to pool our resources and roadmaps so that they can prosper from our platform as fast as they can integrate,” says Ozvat. It might not be long, then, before the chip has definitely had its chips.

The payment stage has prevented businesses from being able to focus 100 per cent on customer experience

www.fintech.finance |

MONEY 20/20 EUROPE

Plastic surgery Matica CEO Sandro Camilleri examines how the trend towards print-on-demand, personalised payment cards is transforming the industry that builds the machines Plastic is fantastic! Despite the innovation of mobile wallets and the promise of biometrics, it’s debit and credit card purchases that continue to enjoy the biggest volumes today. Figures from the UK Cards Association show that in February they accounted for 77.7 per cent of all spending, or £57.2billion, an increase of £5billion compared to February 2016. We just can’t get our hands on them quickly enough – which is why banks are looking to perform the ultimate card trick… and print them in front of our very eyes. Such digital alchemy isn’t sleight of hand – it’s down to hard work and technology development by, among others, card machine manufacturer Matica, which is pursuing a big opportunity in shrinking the size of its products while simultaneously increasing its portfolio of services. While it remains a leading producer of centralised, high-volume printers for ID cards, driving licences, security passes, pre-payment cards and SIM cards in Europe, Asia, the USA and UAE, such machines’ days in banking are clearly numbered, believes Matica chief executive Sandro Camilleri. “When I started 20 years ago, the back office was the place where you issued the bank cards. But we believe that the era is over because of the investment needed. We need to develop smaller machines and

| www.fintech.finance

reduce the cost to banks; to reduce cost you either pack more features into a machine, or change its performance.” It’s not simply a matter of economies and scale. Earlier this year, the company surveyed 1,000 bank customers in four European countries and found that just under three quarters of them wanted the option to have cards issued on the spot in branch. Just a couple of months later and tadaaa! The Matica Desktop Modules arrived. The new suite of baby printers, which will be showcased at Money 20/20 Europe among a raft of other innovations, are designed to link up over a bank network and perform the same job as those big, back office behemoths.

Financial institutions want to customise cards for clients, and that goes with a growing market in instant issuing. The two things are related

“The instant issue market is booming,” says Camilleri. “Customers can go to a branch, request a new card and within two minutes they will have it in their hand, ready to use straightaway.” Printing in branch reduces costs, dramatically cuts fulfilment times and improves customer experience. But there are other advantages to be had, too. Camilleri explains: “Take some countries in Africa – they present logistical problems in shipping cards to customers. There, all cards have to be transferred by secure transport, but with smaller machines banks can issue cards locally, avoiding the need for that.” Matica’s portfolio now includes more than 20 products designed for use by branch staff. “Banks want small and medium-sized machines at the counters,” says Camilleri. “They have to be user friendly, like a document printer in an office. So we have to provide more technology in a much smaller space.” Bank clients begin with a basic configuration – a retransfer printer – and can build upon it as business needs develop. Each MDM-based module is controlled by the Matica Desktop Suite middleware, which supports any

Summer 2017

combination of new modules with existing stand-alone products. “The desktop suite allows you to run a farm of printers with the same software platform. If you consider the return on investment for these printers plus the software, it’s much better than the centralised systems,” says Camilleri. “With smaller machines, you can connect an endless number of desktop machines into the same platform that you can run from various servers.”

One step ahead Cards as a payment system are hugely profitable for banks, he says, but they need to keep innovating the product. “The biggest challenge (for financial services) is going to be having lots more technologies embedded in products, in order to reduce the cost of branches. “If you look at the profit and loss sheet, you can see banks make serious money with cards, so they keep investing in

them. But as a company we have to be at the cutting edge of technology, providing features that are unique.” Camilleri points to the evolution of mobile phones – a tool that began as a telecoms device but that has now morphed into a highly personalised mobile computer. There’s no reason why plastic can’t be just as flexible and just as bespoke, he says, including biometric activation and even printed with a picture of your favourite pet or loved one. “Basically, it will become a little PC,” he says. “The cards have the potential to store lots of data. There will be more software on there, more security features, maybe even holograms and, last but not least, a high degree of personalisation – perhaps with a picture of your grandmother, your best friend or your dog. Financial institutions want to customise cards for clients, and that goes with a growing market in instant issuing; the two things are related.”

At the end of the day a card is a tool, says Camilleri. “It’s a tool to allow you to have certain services. So, banks can enlarge the number of services that can be accessed with a card and do more with the data that it can store. “I actually don’t see the use of plastic cards declining. I see them becoming more sophisticated, not only in finance but in the ID and security businesses, too.” While their popularity will not decline, the volume of cards on the market is unlikely to grow, predicts Camilleri, forcing a change in the business model for companies like his. “There is a consolidation process in our industries, which will affect the product portfolio and the offering to banks in the next year. “Digital banking isn’t a trend anymore, it’s a reality. And we need to cope with it. But it’s also an opportunity,” he says. “Banks prefer to have only one partner to deal with, so Matica is moving into a new market, to supply a complete solution to the banks, in terms of hardware, software and a card management system. This is our new challenge.”

Super flexible: Cards will become ‘little computers’ says Camilleri

Summer 2017

www.fintech.finance |

MONEY 20/20 EUROPE

Digi-gen: More than half of AIB's customers bank on the go

They’ve got the power Customer orchestration is how Fergal Coburn, Head of Digital Products & Payments at Allied Irish Bank, describes the third phase in this dynamic bank’s digital journey Technology is changing the financial services sector. But it’s changing consumers’ actions and expectations even more. “Traditionally, the banks were the power brokers for financial products. Now, the power is in consumers’ hands,” says Fergal Coburn, head of digital products and payments at Allied Irish Bank (AIB). “The modern consumer is hyper-connected to their phone, which means they’re hyper-informed and their expectations are set for instant service, instant value. They’re very much self-promoting; putting their own information out there. This has implications for banks in terms of how we inform the consumer and educate them.” Coburn, who led AIB’s digital acceleration after the financial crash of 2008, can take some credit for its frankly astonishing rise

| www.fintech.finance

to become one of the world’s most digitally connected banks. Within one year of launching its mobile app, more than half of its active customer base were cheerfully banking on the go – one of the fastest adoption rates in the world. Within a year of launching its social media channels it was ranked 7th fastest bank in the world for Facebook adoption and 10th fastest for Twitter adoption. With so much connectivity going on, of course, comes more data. Coburn is acutely aware of the impact that the General Data Protection Regulation (GDPR) will have on how banks handle customer information… and how it will change their relationship with them. Crucially, how it will monetise an asset that many consumers didn’t even know they had, by making them aware of just how

valuable it is to organisations that collect it. “When you sign up for a broadband service in North America, you pay $80 a month. But if you tick a box allowing your broadband provider to see your browsing data, the charge drops to $50 a month. There’s a real $30 value put on your data,” says Coburn. “I think we will see this grow more and more. As banks are compelled to release data, there will be a different ecosystem of companies who will be able to offer consumers value for their information.”

Platform change At the same time as he’s contemplating the implications of GDPR, he’s in the thick of a €870million strategic investment to enhance the resilience of the bank’s core systems, including improvements to the payments platform infrastructure, the Summer 2017

replacement of the internet business banking platform, and the installation of a new treasury platform. AIB was the first bank in Ireland to go live with mobile open payments via Android Pay, and it’s now working on replacing its digital business banking platform to offer equally dynamic digital services for its commercial clients. “The investment we are making in our digital business banking platform, which will sit on top of the core payments platform, is hugely centred around where we see business payment requirements going,” says Coburn. “And that’s around the need for information, complete view, real-time value transfer, and a much richer data set behind payments that businesses are demanding. “Businesses have asked if we’re able to integrate our payments technology into their systems. So we’re not prescribing that they use our online channel, but we are going to integrate our payments capability into their business channels. With Cloud accounting packages that small businesses use, for example, we are planning a seamless integration so we’re part of their business but not telling them how to run their business.” The bank takes a pragmatic attitude towards the development of all its customer services, making sure the solution fits the market, rather than the other way round. By way of illustration, Coburn says: “An Irish person goes to an ATM 39 times a year. At the other extreme, people in Denmark go three times a year. Traditionally, Ireland has been a very heavy cash-usage society, but Irish people are also among the fastest adopters of mobile capability in the world. So, we’ve gone live on Android Pay and seen a dramatic surge in the take-up of that, but we haven’t chosen to remove traditional payments by cash and cheques. “The consumer will lead the services we provide,” he says. “We have a focus on giving them better alternatives, but the

traditional way is going to be there as long as they want and need it.” The most surprising – and counter intuitive – demonstration of that is the fully self-service banking kiosk. Another world first for AIB, it offered internet banking functionality without having to register online, as it was driven by card or PIN. Coburn says: “We were expecting this to be a transition device, as people would realise they didn’t need to be there to use the services. But what we’re actually seeing is that customers are continuing to use it as well as mobile banking, so it’s become a complementary channel for engagement. It’s a hybrid solution – digitally enabled but in the physical environment.” Behind the scenes at AIB, there has also been a big investment in data collection, to the extent that the bank has collected more data in the last six months than in the

More strings to their bow AIB’s digital journey is mapped over three distinct stages. “Up until the last two or three years, we have been very focussed on building a digital, one-to-one service relationship that Customer-led: The Irish visit ATMs around 39 times a year

As banks are compelled to release data, there will be a different ecosystem of companies who will be able to offer consumers value for their information

Summer 2017

Such deep data will always be used not only in compliance with regulations, but in accordance with the bank’s own codes of conduct, says Coburn. “Research shows consumers trust banks more than the likes of Google, Amazon and Facebook with private information,” he says. ”That’s a trust built up over many decades. So, regulation aside, it’s not a trust we ever want to breach. We’re not going to do anything with their data that’s not in their interests. It’s a real focus for the banks to maintain trust over any commercial value they get from the information.”

previous 15 years. This payments data, even when it’s anonymised, can provide surprising insights that are valuable not only to the bank, but also to businesses it serves. Coburn gives the example of a hotel customer in Wexford in the south of Ireland. The bank’s data showed that the hotel’s highest spending guests came from County Cavan in the north, which was ‘quite strange and difficult to understand’, but the insight prompted the hotel to explore further and it identified that customers were coming from a number of golf clubs in the area. That in turn allowed it to better target its marketing.

leads the market,” says Coburn. “That’s done. Where we are now is looking to build on that, using our analytics to personalise the relationship with consumers. To offer them advice when it’s timely and relevant, not to saturate them, but to bring meaning to their financial life. “We’re adding more adjacent value to financial services for consumers. So, for example, a key value stream, such as offering mortgages, could also come with additional services, from solicitors to valuation to furniture. The same goes for business customers.” Instead of playing with one string, the bank will become a virtuoso in added-value performance. Says Coburn: “The theme of orchestration for our customers is really what we’re going to be focussing on.” www.fintech.finance |

MONEY 20/20 EUROPE

A tiny giant Micropayments add up to a big opportunity post-PSD2 for direct carrier billing operator Dimoco, as Charlotte Newby, Head of Corporate Communications, explains Much has been made of the impact the revised Payment Services Directive (PSD2) will have on opening up the banking market, the consequent rise of the application programming interface (API) economy – predicted to reach $2.2trillion by next year – and the opportunities created for new entrants. There’s been less talk of the regulatory impact on the world of direct carrier billing as the EU attempts to fully unite the Single Euro Payment Area. And according to Charlotte Newby, head of corporate communications at the Dimoco, it’s about to undergo a fundamental shift. “Only regulated suppliers will be able to operate in future. This wasn’t the case with the initial PSD,” she explains. “A fundamental piece of PSD2 is that it requires payment service providers to make a significant number of changes to existing operations. The main objective is to make payments safer, increase consumers’ protection and advance innovation.” No one could argue with that, but worryingly just 46 per cent of payment service providers (PSPs) in the UK are ready to comply with the upcoming regulation, according to research in June 2017 from Ping Identity, which warns there’s a shocking lack of education and understanding about the changes across businesses. Only 12 per cent said they were even aware that the directive will be in place by January 2018. Nearly 30 per cent knew of the changes, but did not understand them, while 44 per cent were unsure what they needed to do to comply. Dimoco was ahead of the game. In January 2016 it attained a Payment Services Act licence from the Austrian Financial Market Authority, which was then passported to all 28 EU member states, meaning it is deemed fit as a fintech for direct carrier billing of micropayment transactions across Europe.

| www.fintech.finance

And if you think micro billing sounds small fry, think again. Leading industry analysts estimate that every year direct carrier billing supports between $12million and $16billion in sales and is projected to grow to more than $24billion by 2019, the majority of it made up of individual transactions worth less than a decent cappuccino – think Uber fares, parking tickets and your last music download. That puts Dimoco at another advantage. Because, while 19 per cent of organisations that understood the impact of PSD2 told Ping Identity they were worried the legislation would leave them more vulnerable to fraudsters after 2018, the nature of Dimoco’s business means

Apart from making payment processes simple, this growing sector reduces fraud, and saves time and money criminals are likely to regard it as not being worth the trouble. “Direct carrier billing is almost exclusively used for micropayments,” explains Newby. “In 2016 we saw an average transaction amount of €3.50, which makes our business model of direct carrier billing unattractive for fraudsters, as a scam would be very time-consuming and low-yield.” She adds: “We have a strict code of conduct procedure, which filters out fraudulent activities. Online content is closely and constantly monitored by both us and the mobile network operators

(MNOs). Any occurring chargebacks are executed by the MNOs.” Dimoco Carrier Billing – one of three companies in the Dimoco group, which also includes Dimoco Messaging and Dimoco Payments – already connects with local and global mobile networks to enable almost one billion European subscribers to purchase goods and services from merchants and aggregators with their mobile devices, which are charged via the operators’ billing system. And it’s confident that figure will grow.

Flexing its muscles A joint industry white paper produced by Dimoco and Juniper Research, released in January 2017, estimated that revenues from digital content billed via carrier billing in Europe will increase sharply to more than €11.5billion by 2021 (an average annual increase of 27 per cent). With 17 years of market expertise in direct carrier billing, the company can now offer all major payment options to clients and from this year it is one of the few suppliers covering the whole of Europe. It has also recently launched in Thailand as well as Egypt. Its growth has been fuelled by smartphones, says Newby – ‘the online payment method that everybody literally holds in their hands’. “A mobile device turns into a progressive payment instrument for online and physical goods, such as e-publishing, video on demand, online gaming, digital music, streaming services or ticketing and parking,” she adds. Already a leading facilitator of one-click Summer 2017

on-the-go consumerism, it’s now helping to empower retailers with application to person (A2P) messaging, allowing clients to communicate directly from their enterprise application to billions of global consumers. Its latest report on the A2P SMS market quotes Portio Research figures that suggest by 2018 some 1.7trillion A2P SMS messages will be sent worldwide. Among the key trends driving that growth, identified in Dimoco’s recent white paper on the A2P message market, is increasing use of SMS A2P messaging in two-person authentication security procedures and increasing use of alerts by financial services to make customers aware of billing cycles and payment notifications.

A local hero service

Not so tiny: Microbilling payments are expected to add up to a whopping €24billion by 2019

Summer 2017

Dimoco Messaging positions itself as the local hero on a global scale, offering direct connectivity to mobile network operators for reliable mobile engagement with customers. “Apart from making payment processes simple, this growing sector reduces fraud and saves time and money,” says Newby. “People are using technology to make the financial world easier, using smartphones, apps and the huge level of connectivity that we now have. Banks, often weighed down by old IT systems, lack confidence, and are unsure which part of the cake will remain.” As a result, she says, fintechs are attracting more investment, pushing into new markets and forcing the world’s money managers to adapt. “One of the only advantages for banks at the moment, is that fintechs often fail in customer acquisition and profitability. As a result, many are willing to enter partnerships, which is proving to be a life safer for banking models.” With near ubiquitous billing reach and a superior conversion rate over other payment methods, carrier commerce has been described as a ‘quiet giant of fintech’. Given the post-PSD2 opportunity for agile, mobile payment channels, it’s unlikely the giant will remain quiet for long. www.fintech.finance |

MONEY 20/20 EUROPE

Clear need: Response to the first UK clearing bank in 250 years has been phenomenal, says Ogden

Clearing the way Nick Ogden’s new venture ClearBank does exactly what it says on the tin. And with the UK about to row away from Europe’s financial shores, the country’s first clearing bank in 250 years couldn’t have come at a better time It was a chance encounter and a bold exchange with a speaker at a conference that prompted Nick Ogden to invest three years of his life in secretly raising more than £25million and planning the launch of the UK’s first clearing bank in 250 years. Formerly the CEO of WorldPay and an established fintech entrepreneur (some may say ‘Godfather’), Nick Ogden is now executive chairman of ClearBank, which launched in February 2017. He recalls the day he made a friendly swipe at Mary Starks, the interim managing director at the Payment Systems Regulator, who was about to make a speech about access to markets. “I was very cheeky. I said ‘that’s going to

| www.fintech.finance

be a very short speech then because there isn’t much access to markets!’ And she agreed it was a challenge! In shooting the breeze with Starks, he mentioned the Cruickshank Report of 2000, the global financial crisis and everything else that followed, and shared his observation that ‘nothing really had changed’ despite the arrival of the payment services regulations in 2009. And that’s when he got started on clearing banks. “I was saying that, in 1960 we had 16 clearing banks providing theoretically competitive services, and through natural market consolidation (because that requires planning and intelligence) that didn’t happen since, that condensed down to just four banks. “So, I said, there must be a political or

regulatory reason why there’s never been another new clearing bank? And I said that, if there were a chance of starting one, I’d finance it – that was the killer line and stupid moment in the whole thing.” As it happens, Mary Starks, who’s now director of competition at the Financial Conduct Authority (FCA), obviously thought it was an interesting enough question to seek answers and a few weeks later called Ogden to share her findings – opening up a whole new career path for him in the process. “She’d bothered to talk to the Treasury, the Bank of England and various regulators about this mad guy she’d met at a conference with the idea of creating a new clearing bank. And she said, ‘here’s a contact for the FCA. We agree there should Summer 2017

be a new clearing bank. No guarantees that you’ll get there, no help, but give it a go!’’’

Changing the dynamic Fast forward to 28 February 2017 and Ogden has a heavyweight executive team in place for ClearBank, led by CEO Charles McManus, (formerly CFO of both RBS Ulster Bank and Royal Bank of Canada Europe and Asia); access to all of the UK payment systems, including Bacs, CHAPS and Faster Payments, plus SEPA for international payments; an application programming interface (API) platform for open banking in accordance with ISO 20022, to support easier connection; and robust cyber security. Its customers are other banks, building societies and fintechs. All funds are held by the Bank of England. The launch was attended by the great and good of the City, the fintech world and beyond. Economic Secretary to the Treasury, Simon Kirby MP, added the Government’s voice, saying: “I am so pleased to see ClearBank launch today – it will play an important role in helping challenger banks to access the services they need to do business, so that they can compete effectively with the big players and deliver the benefits of greater choice and value for consumers and businesses.” Competition and choice was a massive driver for Ogden, believing that the time and money involved in clearing payments was unnecessarily off the scale. “There are thousands of new fintech start-ups and challenger banks improving choice, but the industry will never truly move forward while it’s constrained by the challenges of legacy operational structures,” he said in his press release at the time. “ClearBank was built specifically to create competition and aims to change the market dynamics radically. “Figures from the Cruickshank Report indicate that, with the improved efficiency delivered by ClearBank’s built-for-purpose technology, between £2billion and £3billion could be saved from the annual costs that are paid for transactional banking in the UK.” Ogden believes that the globalisation of financial services and the ability to transact internationally is still regressive and needs to be resolved. “It’s absolutely nuts that we accept that domestic and international payments will get lost when it just doesn’t need to happen. And it happens because of legacy Summer 2017

decisions, legacy structures, lack of straight-through processing and financial crime policies that are constantly being reviewed and changed. “I think there’s going to be a consolidation over the next two to three years around financial collaboration between banks – and of course, ClearBank is one such bank – to change how this works to improve the service for customers, rather than running the global financial infrastructure to suit the banks.”

Setting banks free His API purpose-built, open access technology is a first for a British clearing bank; it’s a radical move, which will fundamentally disrupt and challenge the market. This agile way of working, which has been facilitated by partnering with the Microsoft Azure Cloud platform, means that customers can access faster, more efficient and more cost-effective solutions and payment processing. Unlike legacy technology, this also means that the API can be easily integrated into an organisation’s infrastructure, enabling access to ClearBank’s services, which means that other financial organisations can use ClearBank’s technology but retain their own branding.

We’ve got nobody doing sales work at all. We’re literally just dealing with the demand from the market for change “They may be a building society, or credit union or electronic money issuer and they want to deliver sort code current account services and, if they are legally allowed to, lending services, and all the rest of it. So we give them a cool banking platform – it’s just the platform, not the banking licence.” On top of representing excellent competition for the legacy technology and structures of the Big Four, ClearBank also supports world-class cyber security. Microsoft is committed to continual investment in safeguarding data and information online ($1.5billion every six

weeks), with its round-the-clock cyber security management and intervention systems in the US. “We did that because we needed to have very, very strong cyber security. We couldn’t be in a position where we were hacked, and we couldn’t afford to raise the funding to put in all the tech, knowledge and services that a large company like Microsoft could offer,” Ogden explains. ClearBank has also said that, in the future, it will deploy new authentication methods, such as face, voice and vein biometric verification technologies. With about five months under its belt and no sales staff on board, ClearBank has been taken aback by the high levels of interest the market has shown its newest arrival. “We’d been working on the project for three years,” explains Ogden. “It was completely under wraps, nobody knew what we were doing. When we announced, we just hoped we’d get some interest. “We’ve got nobody doing sales work at all. We’re literally just dealing with the demand from the market for change. And we’ve had a phenomenal response: doubled the interest across the key market sectors, banks, building societies, credit unions and fintechs. “One interesting issue that’s arisen is that financial organisations have never had the opportunity to talk to somebody about having access to transactional banking and clearing services, and core banking using APIs. That hasn’t existed because the existing incumbent banks haven’t got that technical capability, so it’s a bit of a major change in the way that we’re delivering the services.” As for the future, with Brexit looming uncomfortably ahead, Ogden feels largely optimistic for his newborn because ClearBank is regularly approached by foreign banks to explain how they will be able to help them once the UK’s split from Europe prompts new banking regulations. “Lots of international banks are looking back at this ‘rock’ in the middle of the English Channel, which is looking at Europe, thinking ‘what is Brexit going to mean to us?’ The exact opposite conversations are being had in Europe… the number of international banks that have come to us, saying ‘Is this right? You’re independent? Neutral? You provide all of these services? You’re regulated? Can you come and help us out?’ The answer is yes!” www.fintech.finance |

MONEY 20/20 EUROPE

Marketplace payments out of a box They’re a massive e-commerce success story but running them poses unique technical and regulatory challenges. Shemer Katz, CMO of SafeCharge, sets out his stall for an outsourced payments solution Global marketplaces are predicted to own nearly 40 per cent of the online retail market in the next three years… that’s a lot of brown boxes. But organising payments for these sales channels is far more complex than for traditional e-commerce businesses. Their onboarding process is twice as demanding and they have to keep both buyers and sellers, who require different user experiences, happy – not to mention the regulators. All of which led payments technology provider SafeCharge, one of the leading suppliers of solutions to the gaming industry, to think there must be an easier way for marketplaces to cut a slice of this $1.3trillion global e-commerce pie. Enter its application programming interface (API) Marketplace Manager – a digital one-box answer to their problems. We asked Shemer Katz, chief marketing officer for SafeCharge, how it goes about solving the challenges. Fintech Finance: How can a marketplace ensure sellers experience a seamless and quick onboarding experience? Shemer Katz: To start selling on a marketplace, the seller needs to open an account on the marketplace website. This should be a quick and frictionless process to retain the seller. We’ve developed Marketplace Manager to enable the marketplace to open a seller account using a set of application programming interface (API ) calls. The seller can start quickly by

| www.fintech.finance

providing minimum details and additional compliance information, such as know your customer (KYC), is run at a later stage and, importantly, is mandatory to get paid. During the onboarding process, the seller provides information about how he/she wants to be paid, either by direct bank transfer, immediate settlement through a pay.com prepaid account, through a transfer to a credit card, or PayPal. The selection of a pay-out option can also be provided or updated after the onboarding process is completed, which includes providing full regulatory compliance information. The entire seller onboarding process is handled by the Marketplace Manager in the background and requires no direct interface with the seller, while all the interaction with the seller is performed by the marketplace itself. FF: How can marketplaces maximise buyer conversion? SK: Marketplaces that want to start accepting payments quickly on their site are able to do so with us via Marketplace Manager, which provides ready-to-use, customisable checkout pages. These payment pages offer benefits, such as all the relevant payment options, local language and currency, based on the buyers’ location, and one-click payment for returning buyers. FF: Trust is key to successful marketplaces. How do you establish that? SK: By enabling smart mechanics. With

Each marketplace can pick and choose which of the services it wants to use and can easily scale up as their business grows Marketplace Manager, once the transaction is complete, the money is kept in a segregated escrow account until the service is fulfilled or the seller ships the product. Upon service completion or product delivery, the marketplace sends an instruction through an API call to transfer payment from the escrow account to the seller and the commission is automatically paid to the marketplace. Marketplace Manager offers multiple options for paying out to the seller, with the most popular being a direct bank Summer 2017

Signed, sealed and delivered: The SafeCharge API offers a total solution

transfer and payment via prepaid debit cards or PayPal. Another interesting payment option is a pay-out on a credit card via credit fund transfer (CFT). In case the seller has not properly fulfilled the service or product, the marketplace can instruct the Marketplace Manager to facilitate a full refund to the shopper. In every aspect of the payments journey, Marketplace Manger plays an active role to not only smooth the process, but also to provide a unified solution for all the payments needs of marketplaces. FF: How easy is it to integrate the Marketplace Manager? SK: SafeChargeâ&#x20AC;&#x2122;s Marketplace Manager is designed to serve the most innovative and demanding businesses. Easy integration is Summer 2017

made using modern, open software architecture and a single, efficient API. This approach allows for each marketplace to pick and choose which of the services it wants to use and can easily add and scale up its payment function as their business grows. FF: How do marketplaces cope with the challenges thrown up by a tight regulatory environment? SK: The Marketplace Manager takes full responsibility for all the paymentsâ&#x20AC;&#x2122; regulatory aspects. This is a unique proposition, which enables marketplaces to be completely relieved from applying and maintaining any payments licence. It also covers compliance related to the onboarding process, payment acceptance and split settlement,

so that marketplaces do not deal with the hassle of becoming a payment institute or Payment Card Industry compliant. FF: How do marketplaces provide insight and analytics to their sellers? SK: Reporting and business intelligence are essential for every successful business and therefore the marketplaces and their sellers alike require a comprehensive suite of reporting services. Marketplace Manager offers multi-level, detailed reporting to the marketplace and provides reporting to sellers directly via their marketplace user interface. Our vision is that marketplaces can significantly boost their growth by outsourcing their payment functions, while remaining in control of their payments through a smart API-based solution. www.fintech.finance |

MONEY 20/20 EUROPE

Ahead in the Cloud

Italy’s TAS Group is forging ahead with plans to make its services available anytime, anyplace, anywhere, as Peter Caiazzi, Senior VP of product development, explains To survive 35 years in the fast-moving world of financial technology, you’ve got to be doing a lot right. And TAS Group undoubtedly has been.

Built in Rome and still headquartered there, the software solutions company has a track record in simplifying the way in which private and public sectors, commercial and national banks interact with their customers, stakeholders and technology systems. It manages millions of European central banks’ daily financial messages and 75 million cards in total on its worldwide platforms; 35 million of them belong to the Italian Post Office’s BancoPosta, one of the biggest issuers of prepaid cards in Europe. With offices in the US, Brazil and across mainland Europe, it’s seen a lot of changes in the past three decades in electronic money, payment systems, capital markets and Enterprise Resource Planning (ERP). But in senior vice president of product development Peter Caiazzi’s opinion there’s been nothing to equal opportunities created by the Cloud. “We think this is a gamechanger,”

| www.fintech.finance

says Caiazzi. “The first generation card systems were mainframe-based. From there, it went to open systems-based, and we think the next trend – although it’s going to take a number of years – is Cloud-based. We intend to be a leader there. Together with our functional and product management team, we’ve already decomposed all of the functionality that’s comprised in our product and we’re going to offer it through APIs in the Cloud.’ He says the company is working through a couple of ‘important partners that are household names in banking’, but it’s too early to reveal who they are. “By the end of the year, customers who perhaps don’t know us in, for example, France, Germany or the US, could find us online if they’re looking for a card management system or a card processing system. They’ll be able to buy our services in the same way people buy virtual machines through the Cloud. They’ll be able to buy

access to the database, even process salesforce automation, card management, card processing, tokenisation through APIs.” Understanding how to exploit Cloud-operated systems influences a significant chunk of future innovation for TAS Group. Caiazzi believes it will underpin the way in which consumers receive (and demand) services. For instance, they may not want to have all their banking services in one place; they might want to self-serve in other ways other than through their mobile phone. As a consequence, it wants to give TAS Group customers the option not to have all of their infrastructure on premise, or all of their infrastructure in the Cloud. “They have to do what makes sense for them, given their circumstances,” says Caiazzi. “For example, the post-sales part of a card management system, like changing PINs, changing limits on a card, participating in GeoControl for security, enabling internet payments, are things consumers now expect to do through their

Summer 2017

mobile phones. That might be something that banks could quickly and securely roll out through APIs, in the Cloud, through their card management service provider – and it would be cost-efficient. “On the other hand, banks may decide it doesn’t make sense to do card processing in the Cloud and it’s a lot easier for them to do it on the premises. So we can see that there could be a mix and match approach. We believe that this opportunity extends beyond the card issuing space. “It is important that the systems are designed to be fully distributed and they’re API-based, so they can be quickly deployed to take advantage of client infrastructure.” Nurturing growth in innovation is matched by TAS Group’s growth strategy across the continents, which Caiazzi says, hits the sweet spot for chairman, Dario Pardi. He brings the team together once a month to talk about what’s working and what’s not, how to ramp up successes more quickly and learn from any mistakes. The challenges of transformation keep it agile – not least in the area of instant payments as major disrupters, such as Uber, radically change the way things work. “If a payment system is message-based and it’s in near real-time, a number of systems in banks may also need to change, which is, I think, challenging,” says Caiazzi. “We are talking about real-time anti-money laundering (AML), real-time know your

customer (KYC), real-time fraud prevention. Batch to message-based systems is probably a once-in-a-generation kind of change.” Banks can’t complain – they’ve largely become a victim of their own success, having produced some excellent home banking apps, which have whetted the consumers’ appetite for even more innovation and faster, real-time banking, says Caiazzi. “It might lead banks to rethink how they can do things at lower cost; it might lead them to offer new value-added services, such as coupons or targeted loyalty programmes,” he says. Like most in the industry, he recognises that the revised Payment Services Directive (PSD2) is going to have a ‘massive’ impact on consumers and the industry. “There will be a huge amount of losers and a few winners – and one of those winners is clearly going to be the consumer

We think the next trend is going to be Cloud-based, and we intend to be a leader there

because they are going to be able to do things they hadn’t ever imagined and they’re going to really like it.” He forecasts consolidation among existing service providers in the instant payments market, pointing to the rapid success of the Italian person-to-person (P2P) mobile payments app Jiffy, which topped 4.2 million users for the first time this spring. “It could be interesting if there emerged a European Champion in the P2P space,” he says. PSD2 also opens up a new world of possibilities. “There could, for example, be some kind of service for people who want higher paying interest, zero-risk saving accounts. Given PSD2 – and other European regulations – savers from northern Europe might, in the future, prefer to put their money in bank- and governmentguaranteed Southern European foreign bank accounts, up to the guarantee limit, that offer better interest rates with the simplicity of opening foreign savings accounts in their local languages.” “I think we’re going to find a lot of disruption in e-commerce, driven by instant payment and PSD2. We think the change in payments is going to be pretty big and we are well-positioned to take advantage of that.”

Liberated: TAS Group services will be API-enabled through the Cloud

Summer 2017

www.fintech.finance |

MONEY 20/20 EUROPE

Digital discussion: The new fintech platform will help inform EBF’s response to regulation

Europe and the single digital market As new technology redefines financial services, banks and startups must cooperate to achieve a single goal, says Wim Mijs, CEO of the European Banking Federation, which has launched a fintech ‘open platform for regulatory affairs’ to get them there In his role as CEO of the European Banking Federation (EBF), Wim Mijs is party to some of the most important debates on the impact of fintech on the European banking community. While technology is a unifying force, bringing banks and their customers closer together, the relentless pace of change is also raising questions about security and trust. The sector has come a long way, but the journey is not yet over, which is why in its vision paper late last year, the EBF suggested a new framework for companies

| www.fintech.finance

to safely experiment with cross-border financial services, in what it described as a ‘Europe-wide fintech sandbox’. Under the title ‘Innovate. Collaborate. Deploy’, it identified and made recommendations on nine key issues that need to be addressed in the near future if banking without frontiers is to be achieved. They included e-identification, Cloud services, data, cybersecurity, digital platforms, payments and digital skills. It’s quite a shopping list. But then since the EBF was established in 1960 as the voice of Europe’s banking sector with a seat at the table of regulatory debates,

representing 4,500 banks, the world has changed somewhat. “For me, traditional banking is associated with branches in towns and villages, where people serve you behind counters and use cash-counting machines. But those days are gone,” says Mijs. “In my parents’ time, you had to check on a Friday that you had everything you needed from the bank. If not, you might be stuck without cash over the weekend. And even with the arrival of ATMs, you still had to search for a cash dispenser, which is only one stage beyond standing in line in a bank.” Summer 2017

So have we lost anything in our headlong flight towards digital? “You could say we’ve lost some of the friendly, face-to-face service; however, in reality, all we need to inspire confidence and trust is to be sure that our money is safe where we put it, and that it ends up where we want it to when we transfer it,” says Mijs. “If someone has a life event with financial implications, like getting married or divorced, or having children, perhaps then there’s a case for the personal touch. Otherwise, it’s definitely better to keep things mobile and remote – and it’s what today’s digital consumers want.” That said, you’d expect him to be prudent about how we achieve it. “Banks must move cautiously in order to contain risks and anything new, no matter how great the promise, needs to be controlled,” he says. “With fintechs moving into the banking space and becoming part of the value chain, we have to tread carefully. Things are slow for a reason, and it’s why we have such a stiff regulatory environment. This is what we deal with at the European Banking Federation: we smooth the way for technology and make sure that progress goes hand-in-hand with cooperation and control.” A major step towards that is the recent launch of its fintech platform. “It was born out of need,” says Mijs. “We saw that many of the fintech start-ups have a great idea, but are struggling with the heavily regulated environment for banks. They want to get on with their idea and are not ready to spend millions on a European lawyer telling them what the law is. We already know this stuff at a European level. So, we want to work with them.” For Mijs, working with start-ups is a two-way street, their ideas helping to frame the EBF’s strategy as much as its input informs their development. “For us, it’s about dialogue in getting the regulatory environment right,” he says. “So, we will start with just trying to see where their problems are in the regulatory environment and explaining where ours are. Then we hope to move on with providing basic knowledge. It’s a little bit like a shared, open platform for regulatory affairs, because on this regulatory platform, we want to build new banks. That is the main idea. We hope as many fintechs as possible, who are struggling with the regulatory environment, come to us to see if we can help.” Summer 2017

With the days of big AS400 mainframes, sitting in huge cooled rooms, now receding into distant memory, Mijs believes the future is Cloud-based, but banks need to ‘trust the new environment before making the switch’. And, he says, they must work closely with suppliers who understand the business standards. “Naturally, it’s a challenge to get all the data into the Cloud and the client has to trust the migration. But if the entire banking ecosystem had to be built from scratch, Cloud would be the best foundation. “At the EBF, we want a European e-identification, for example, that’s highly secure, perhaps with biometrics, because we don’t want people hand-signing bits of paper, and backed by legal agreements. “A basic requirement is an environment that’s supervised and trusted.” Were he starting with a blank sheet of paper, he’d want the European financial system organised into local hubs with the cooperation of finance ministers, central banks, and other vested interests. He’d give SMEs the tools to create the financial packages they need: “Loans, but maybe also equities. I would add a

On this platform we want to build new banks and we hope as many fintechs as possible come to us to see if we can help crowdfunding or business angel mechanism, too, and I would create more sophisticated resources for big companies like Airbus, who need a range of foreign exchange solutions as well as complex loans and structured instruments,” he says. As money becomes increasingly digital, people aren’t tunnelling into vaults any more and one of the EBF’s recurring challenges is how to counter cybercrime. “When you move everything into cyberspace, you’re going to attract cybercriminals,” says Mijs. “Remember the old story about the bank robber who was asked why he robbed

banks? He replied, perfectly logically, ‘because that’s where the money is.’” The scale of the threat, however, is greatly increased. “Say there was a huge breach of our Single Euro Payments Area (SEPA),” says Mijs. “Not only would you have a bank heist, you’d also have a stability problem for the financial system.” So, it’s not enough for banks to be up-to-date on cybersecurity, they must also cooperate and be vigilant. “This isn’t a competitive issue,” insists Mijs, “it’s a collective threat. If one bank gets attacked successfully, the system has a problem. Cybercriminals have global reach, so it’s essential to work with law enforcement agencies. That’s why the European Banking Federation has a partnership with Europol. “Awareness and cooperation must begin locally, normally with bank security departments and bank security heads talking to their counterparts in other banks and sharing information and alerting the financial community to dangers. This is then backed by bigger alert systems. In all cases, trust is fundamental.” The EBF’s new fintech platform is all about building that trust – between banks, fintechs and the regulatory authorities – as well as promoting understanding. And by that Mijs means also making sure consumers have a strong grasp of digital tools, what virtual money is and how to use it wisely. “From children having an electronic wallet and discovering that after buying 15 ice creams the wallet is suddenly empty, to SMEs in search of financing, we need to educate people on the fundamentals of doing business in the digital world,” he says. “Indeed, in relation to SMEs and loans, we recently signed some high-level principles with Valdis Dombrovskis, the European Commissioner. We are working closely with the European Commission on awareness and trust, and the place of banks in society today, especially as they become more virtual.” His intent is to make the digital single market a success for financial services. “That means banks, fintech startups, and the whole digital infrastructure that’s now driving financial services,” says Mijs. “And behind it, of course, banks must deal with regulation. What I hope in 2017 and 2018 is that the regulatory environment actually starts fostering innovation, rather than hampering it.” www.fintech.finance |

MONEY 20/20 EUROPE

Thirsty for innovation: MeaWallet works with national and global payment schemes

Cheers to the mobile wallet 54

| www.fintech.finance

Summer 2017

The beers are on Lars Sandtorv, Chief Executive of MeaWallet, at Money 20/20 Europe, as it raises a glass to the worldwide growth of its mobile payment platform Lars Sandtorv will be a popular man at Money 20/20 Europe. You can expect to see a queue of conference delegates a mile long, keen to download his company’s payment app, pre-loaded with enough euros for three bottles of beer from a purposefully well-stocked vending machine… this the home of probably the best larger in the world, after all. The MeaWallet CEO’s enormous beer tab is a marketing ploy, of course. But with 600 million smartphones supporting near field communication and 35 million contactless terminals currently in operation across the globe, it’s a neat way of illustrating how tempting a cashless society is and how it’s edging ever closer. That’s a European perspective, of course. While many of us in the West are happy to use a mobile phone to buy a coffee, catch the bus to work or pay for their groceries, you might find it harder using the same device to order sushi in Japan, a steak in South Africa or a chilli in Mexico. That’s where digital and mobile payment solutions provider MeaWallet is aiming to make both payment service providers’ and consumers’ lives easier. It’s built its platform to enable HCE/ tokenisation, Masterpass and converged wallets, certified to operate with local and global payment schemes, using an out-of the-box solution. And the Oslo-based technology platform says it can typically help banks cut costs by 50-80 per cent when it comes to setting up mobile payment technology. “People don’t understand that developing an app is not too hard. The complex bit is making the infrastructure for payment, mobile payment, digital payment, multi-point of sale and so on. That is what we do,” says Sandtorv. “We are one of the few companies working with Mastercard, Visa and Amex to provide mobile solutions on behalf of the banks, through the banks. “We have two ways to do this. First, our normal offering is a managed service, so the banks just connect their API to our solution and we take care of the rest. We then provide a software development kit Summer 2017

so the banks can embed it into their existing app. Or we can sell them a white label wallet.”

A world of schemes The platform has been specifically built to support any scheme, no matter how large or small. “If you take Norway as an example, your typical Norwegian bank uses Mastercard and Visa and they also have a local scheme that is BankAxept,” explains Sandtorv. “We can deliver all of them. “Japan is an interesting area. Currently, around 85 per cent of all transactions there are cash transactions. There are almost no mobile or contactless payments. But we have started to talk to Japan’s JCB card and have been invited to do business with them. “We have signed a contract in South Africa and have had several requests from Africa. And we are also starting in Latin America this year. Each of these areas has different payment solutions. Be it micropayment in Latin America or QR-based, our idea is that we want to support everybody – all banks, all schemes. So it’s up to the banks and the schemes to compete in that scenario. We will deliver the technology, so they can just tick that box and say, ‘OK, it’s mobile digital technology, it’s delivered by MeaWallet, so we don’t need to think about that and we know it will be future-proofed as well’.” MeaWallet has taken a pragmatic approach to the market. “We are trying to support the standard way to do it, so we don’t mess up existing business models,” says Sandtorv. “We believe this is the right way to go instead of trying to steal someone’s interchange, like Apple are doing. You cannot steal the business off banks and then think banks will be happy in the end.” They’re certainly happy not to have to

deal with the raft of new regulations that have either landed or are about to land in their laps as payment service providers. There is also the challenge of having to keep pace with ever-changing tech. “There have been so many regulatory changes in the last two to three years, it has become very complex,” says Sandtorv. “We have seen some banks try to build these mobile payment systems themselves but the total cost of ownership has spiralled and the risk for them also becomes much greater. “Then there are new mobile phones, new operating systems and new versions of old operating systems to contend with. For banks doing it themselves, all of this becomes very hard to follow. “We are doing a lot of research and development so one of the things that we can tell banks is ‘you really don’t need to do R&D on mobile payment and digital payment because this is something we can do on your behalf ‘. “We are also working a lot with wearables, looking at how we can personalise them direct from the app. If it’s a ring, a watch or whatever, it can be personalised direct through our system so the consumer can choose which card to link to it. “Our solution is set up and built to be extremely flexible. It is enterprise service-based, which is like Lego in a way. It means that you can add or remove any services from the platform quite easily.” Those services might in future include tokenisation for purposes other than payments. “If you tokenise football tickets, for example, you can get rid of the black market,” says Sandtorv. “You can also tokenise your passport, your driver’s licence, a health card, anything. Not this year, but maybe next year we will start to see pilot projects in things other than payment.”

We don’t mess up existing business models. You cannot steal business off the banks and think they’ll be happy

www.fintech.finance |

MONEY 20/20 EUROPE

Smashing the payments barriers As if marketplace payments weren’t complicated enough, brace yourself for PSD2, says Gijs op de Weegh, Chief Operating Officer at Payvision and Acapture By 2020, 39 per cent of the worldwide online retail market will be controlled by e-commerce marketplaces. This presents any platform that hosts multiple vendors with a terrific opportunity for massive international growth. Yet a major issue plagues online marketplaces, one that sees revenue and efficiency reduced across the sector. That issue is payments. Marketplace payments are particularly complicated for a number of pressing reasons, both practical and legal. The problem is compounded by the fact that inflexible payment service providers (PSPs) are failing to deliver the sort of dynamic, secure and tailored payment solutions that marketplaces desperately need. This is why, at Acapture, we developed a specific payment solution for our online marketplace clients, which is designed to smash all the barriers that stall them on the road to major cross-border growth. To show how we do it, let’s take a look at the main difficulties online marketplaces are facing and what Acapture does to alleviate them.

draining time and resources and opening your business up to a high risk of error. Imagine a single marketplace checkout where a customer has purchased two products. Each product came from a different independent vendor using the platform and each vendor is located in a different country, using a different currency. The shopper clicks the buy button and the full price of the entire shopping list is sent to the marketplace. The marketplace then needs to calculate the correct percentage of the total amount owed to each merchant, while also calculating the amount owed to the logistics and fulfilment companies used to deliver the product, not forgetting its own percentage. As everybody, including the seller, is using different currencies, a series of accurate conversions is required. As each country operates under its own legislation, all portions will need to be released at different times to meet the demands of the recipient’s local authority. This simple purchase of two products quickly becomes extremely complicated, with dozens of opportunities for costly human error popping up along the way. If a mistake is made, it could result in an unhappy buyer, an unhappy merchant, lost revenue, or all three. At Acapture, we wanted to eliminate this risk of error and make life as simple as

The coming three years will see the marketplace sector grow, eating up a huge share of the e-commerce market. It will be a brutally competitive time

A complicated scenario Typically, a marketplace transaction will see money being split between a number of parties. When done manually, this process can become extremely convoluted,

| www.fintech.finance

possible for our marketplace clients. That’s why we designed SlicePay, an automated system for simplifying and unifying complex split settlements. The marketplace simply tells us which parties should be paid, how much, at what time and in what currency, and the system takes care of the rest for them, sending the correct funds to the correct recipient. Also, it can provide escrow services should they be required by the recipient’s local authorities. As we take this operational headache away from our clients, they can get back to concentrating on improving their services and optimising their platforms.

An obstacle to growth? The new Payment Services Directive (PSD2) is set to be implemented in every European Union member state by January 2018. Widening the scope of businesses that need to be regulated compared to the original PSD, it places new demands on many online marketplaces. Under its regulations, any intermediary party (or ‘commercial agent’) handling funds from both a seller and a buyer needs a payment institution licence. This definition would extend to an online marketplace, as its business model is powered by transactions such as these.

Fistful of dollars: In three years, 39 per cent of e-commerce will go through marketplaces

Summer 2017

Where PSD2 becomes problematic is in the process required to attain a payment institution licence. Before you can even make an application, all payment institution policies must be in place. Satisfying this long list will take money, time and a lot of administrative disturbance.

Summer 2017

Among the stipulations are the hiring of new staff members (including a money laundering officer, compliance officer and risk monitoring officer), the deployment of new departments (including an internal audit department and underwriting department) and the placing of a company-wide cap on financial rewards offered to your workforce. Even after this long list of stipulations has been satisfied, the application process takes, on average, six to 12 months. Altogether, the cost of becoming a licensed payment institution could be as high as €200,000 and there is nothing guaranteeing the application will be approved. So, how can marketplaces that operate in the European Union or service either buyers or sellers in the EU, avoid all of this hassle? The simplest way is to partner with a payment service provider (PSP) that is already licensed as a payment institution. Acapture is a licensed PSP and so takes all of these problems off our marketplace clients’ hands. As we are the ones handing the funds from transactions made on the platform, the marketplace doesn’t

need to make a single change to meet PSD2’s standards. They can simply go on conducting business as normal.

Optimising the process The huge proliferation of data currently being generated by companies across the online world is profoundly shifting the way e-commerce business is done. For an online marketplace, each and every transaction generates valuable information that could be put to use improving processes, increasing conversion rates and strengthening customer service. Yet doing any of those things will not be possible without the input of a PSP that offers clear, actionable data analysis. Where once marketplaces received the barest of information from their PSPs regarding which payments had succeeded and which payments had been declined, today a whole new level of insight is available. By analysing the data behind each transaction, Acapture can return valuable advice to the marketplace on how to eliminate elements of their process that prevent payments from being authorised, improving authorisation rates and maximising revenue. For example, if certain banks or cards are declined for opaque reasons where we believe the transaction is legitimate, Acapture can suggest more intelligent routing of transactions to optimise the chance of authorization. Or, if technical outages at a bank are causing payments to be denied, we can automatically find a working connection. Also, fraud can be prevented with a level of accuracy never before possible, while reducing false positives and maximizing revenue. In other words, data science is the most sure-fire way for an ambitious marketplace to optimise its payment processes. If you run an online marketplace, you stand at the precipice of an unprecedented boom period. The coming three years will see the sector eating up a huge share of the e-commerce market. It will be a brutally competitive time, one where some will prosper while others are left in the dust. Though many factors will play a role in deciding who survives, any ambitious marketplace will need to solve the problem of payment complexity to truly make the most of this highly lucrative moment. www.fintech.finance |

MONEY 20/20 EUROPE

Truth

dare?

Distributed ledger technologies are banks’ best hope of reducing stubborn back office costs, believes Richard Crook, Head of Innovation ngineering at RBS. But it demands a paradigm shift in the way the industry works

It’s a sign of how quickly the technology world moves when you reminisce about something that happened just three years ago. But start talking to Richard Crook about blockchain and it takes him back to 2014 and the time when he took a small team to a Deloitte digital hackathon. Their aim was to explore what it would be like to be a market maker for the different digital currencies inside the Ripple Consensus network. “We came away with the first prize,” he says, ”which catapulted us into the innovation wing of the bank, where we have been running the blockchain lab ever since.” Crook is now head of innovation engineering at RBS, which means he is ‘doing innovation in an incumbent bank’, leading a small team of innovators and engineers looking at disruptive technologies and trying to apply them to old problems from a customer’s perspective. For him, distributed ledger technology is very much moving in the right direction – towards making the business more cost-effective and giving customers a better experience. And it remains a democratic process. He particularly welcomes the Hyperledger Project, hosted by the Linux Foundation, an open, collaborative global effort to advance cross-industry blockchain technologies. It includes leaders in finance, banking, the Internet of Things (IoT), supply chain, manufacturing and technology. “There hasn’t been a single vendor that has won the tech war over the blockchain platforms and that’s good,” says Crook. “All of those viable platforms are now converging underneath the Hyperledger Project. It will take time, but it’s in the right

| www.fintech.finance

direction and, from my perspective, the first and foremost principle was to ensure we didn’t get a vendor lock-in.” The next debate, for him, is how to create decentralised business models where people still get paid for running them. He says: “We’re not going to do it for free. Our clients don’t expect that. What they want us to do is run a safe, trusted network and for us to be remunerated reasonably for it.”

Consensus banking This talk about business models leads into a discussion about the old saying that some technology is a ‘solution in search of a problem’. For Crook, this doesn’t apply to distributed ledger. He highlights the way that banks have spent at least a decade trying to remove back-office costs by bringing together different ‘sources of truth’ within their operations and making sure they don’t have two or more versions of that truth. As a result, what he describes as ‘reconciliation cottage industries’ within the banks have largely been eradicated. The next step is to reach consensus on data between the banks and this is where distributed ledger technologies could make a huge difference. Crook explains: “The regulator receives huge tracks of data every day from each of the regulated entities around the world and they should concur or, at least, net off. And they don’t. It could be trade reporting, it could be inflows and outflows of liquidity positions. It doesn’t matter what you’re reporting to your regulator, if those are not consistent – and the regulator has a mandate to try and create consensus, or an aggregated position across the monetary system – then they stand like a man with two clocks, they don’t know the time.

“The vision that we’re putting out there with distributed ledger is that you could create a consensus of a dataset between regulated entities.” He cautions that the problem won’t be solved tomorrow, but if the industry can get to a point where there’s a single source of truth between two banks that the regulator can read from, there’s no need for the regulator to keep going back to the banks for new figures. It will eradicate a huge back-office cost. And yet this may not be the biggest benefit. Crook points out there’s often a lag of around half a decade between a major disaster and the regulations that aim to prevent another one. It was only a few years ago that a ‘tsunami of regulation’ came through from the financial crisis in 2008. However, he believes that the regulators are now changing their focus. “They recognise that they don’t just want more data, they want better data and they are upgrading their regulations to tighten up how it is classified. There are thousands of man years of effort going on inside the banks to attempt to get the right number before it is reported, but this is still nothing in terms of value compared with a small change in a bank’s risk-weighted assets, whether it comes from the quality of the data or the trading volumes.” Banks have to hold huge amounts of capital liquidity on their balance sheets to deal with the risk in the system and, as Crook says, ‘it makes the business case very easy for regulatory reporting programmes’. While Crook is clearly positive about the benefits of distributed ledgers, he also recognises that this technology is not a panacea for the financial industry’s data challenges. He gives know your customer (KYC) as an example.

Summer 2017

There’s talk about using blockchain to resolve this problem, but for Crook it has simply been a catalyst to discuss it. When he raised it with his team, they said he needed to go to the Passport Office and get it to provide an application programming interface (API). He explains: “What you’re asking for in the know your customer conversation is an API from the central authority – the key word is

If we could get a consensus with our peer, before we reported it to the regulator, or before the regulator reads it from that consensus ledger, it would be a huge cost saving

central – that gives you verification that a passport is correct. Is that a use for blockchain? For me, the answer is: no.” It’s easy to talk blockchain all day, but it’s not the only technology that is exciting Crook. He highlights artificial intelligence (AI) developments, which have led to machine learning and bots, such as the RBS Assist bot on its website, which is backed into IBM’s Watson and is already live-answering customer questions. Crook finishes by highlighting open banking. “I call it our Openreach moment for UK banks,” he says. “Our hackathons are now nine events in and we’ve had 700 delegates in seven locations. These are public events where people can see a bank innovating and working with the fintech community. BankofAPIs.com is the portal for fintechs and hackathon participants, which shows where we are going with our open innovation.” He believes this open, collaborative approach to banking is where the future lies. “I think we are expecting over the next 10 years to see an open standard, an open network, an open access for people to use. Much like the public internet protocol (IP) that we have today, we will undoubtedly see the emergence of large platforms on top of that network, and hopefully, those platforms won’t own that

technology layer beneath. The best examples of those are things like Amazon and Google on the internet, and new ones for blockchain networks will emerge. “And then finally, we want to make sure that there is ability for new entrants to come in and disrupt. Things like Instagram are a great example of that. Because there is an open access to that technology layer – the public IP, the internet – Instagram can exist and can compete with the Googles and the Amazons, and we’d want to see the same inside this new arena.”

Peer to peer: Distributed ledger systems demand consensus

Summer 2017

www.fintech.finance |

MONEY 20/20 EUROPE

Blinking marvellous! As consumers and regulators demand increasing digitisation, a golden age is dawning for optical character recognition software, says Microblink’s Co-founder and SMD, Izet Ždralovi´c Helping to get voters out for the controversial US presidential election in 2016 is probably one of those claims to fame best judged through the prism of history. And history is what Microblink’s text recognition for mobile apps is making. The company’s software development kit, which was used to embed its blinkID tool into the American electoral registration process, has been accessed by 40 banks worldwide, including every commercial bank in its birthplace of Croatia.

| www.fintech.finance

That was from a standing start just five years ago. Voted Best in Show at Finovate Spring 2017 in San Jose, its proprietary blinkOCR (optical character recognition) technology is one of those fintech products that has the ‘wow’ factor, its myriad use scenarios and technological cleverness making it a standout in the crowded world of on-the-go. The pipeline of products the company has built on the back of blinkOCR have all been developed in response to a specific problem – with the exception of

Photomath, a fun free app that scans and solves maths problems in real time, which was created to showcase its core technology. Within six months, Photomath had grown to millions of monthly users, won the 4YFN competition at the Mobile World Congress, and was spun off as a separate company. Since the beginning of this school year, it’s been able to scan handwritten equations and downloads reached 60 million. What sets the Microblink technology apart is that it’s based on a custom-made Summer 2017

Wow!: Microblink’s PhotoPay tool saw a 20 per cent increase in mobile payments at one bank in four months

introduced two new products: blinkInput and blinkReceipt. As with its other tools, they support iOS and Android and can be embedded into any mobile app. “We focus on solving specific problems for banks but as our research moves forward, we are able to automate data input for even more use-cases,” says Izet Ždralović, Microblink co-founder and SMD. “So it might be ID documents for onboarding with blinkID, or till receipts with blinkReceipt, or different forms of payment slips with PhotoPay. “In South Eastern Europe there are still utility bills in printed format. There are a lot of paper invoices from different sources, and it's a real pain for customers to pay them online because you need to re-type the IBAN number, type in the amount, the reference codes, etc. We can do it in a second. This is really enabling the sector, because it switches users to the digital channel where you can interact with them in a smart way. It makes the consumer’s life easier, too. “People like a frictionless experience,” says Ždralović, “and they are used to getting it through other mobile apps that they use every day.”

A digital demon

machine learning system. So the research team is constantly finding new ways to design state-of-the-art neural networks that address particular user needs. Developers then make sure they run as fast as they can – and without server processing, that’s lightning fast – while at the same time requiring minimal local memory. All that is wrapped up in parallel processing with SIMD (single instruction, multiple data) and multithreading, alongside integrated camera management for user interface scanning.

Micro to macro Last year, the Zagreb-based Microblink team grew from seven to 35 and Summer 2017

Microblink recently integrated PhotoPay with a large banking group, which it claims saw a 20 per cent increase in mobile payments in four months. Ždralović says there is no doubt that new regulations, including Europe’s second Payment Services Directive (PSD2), will bring more opportunities ‘and enable us to bring customer-friendly onboarding solutions to even more people’. “On the Croatian market, where we started, mobile payment became the number one choice for customers because it’s much easier than typing in anything to internet banking or going to the branch. We hope to extend

this success story in banks to user onboarding, as well. This is where we think can provide a lot of value, because the acquisition cost is much lower, and there’s a big wow effect when customers see it for the first time. It also sends a message that the bank cares about their customers’ experience; that you want to provide the best UX possible.” While Microblink’s face tracking tool can match a selfie with an ID photo to verify someone’s identity, customers can use their phone camera to scan documents, such as utility bills and passports. “We can easily extract all the data using a camera, which does two things. It enables smooth customer experience and it unlocks the power of data for the bank, because you can learn much more about your customer,” says Ždralović. He is particularly excited about blinkReceipt scanning, which will be among the tools on show at Money 20/20 Europe. The company believes blinkReceipt’s value lies in purchase validations, loyalty and rewards programmes, market research and personal finance/lifestyle management, among other things. Currently, it supports receipt scanning for more than 80 per cent of US printed receipts and the plan is to increase coverage and expand globally by the end of 2017. “We believe this will be a major game changer for many retail-related businesses, but also for banking, because we see a lot of potential in all sorts of areas, from data mining and analytics to chat bots,” says Ždralović. He gives an example: “If by scanning receipts you figure out someone is expecting a baby, maybe they need a house or a financial product that can be tailor made and offered at the right time.” And while this is all very much a new frontier in terms of technology, the end goal is simple, says Ždralović. “Banks will know their customers much better while customers get really good user experience.”

Customer onboarding is where we can provide a lot of value. Acquisition cost is lower and there’s a big wow effect when customers see it for the first time

www.fintech.finance |

MONEY 20/20 EUROPE

Joining the bots With its chatty AI demo DAISY, software provider Dorsum coined a new phrase – botboarding. Business Development Director Imre Rokob explains why everyone in financial services should be part of the conversation It’s February 2017, and London’s Old Billingsgate Market is playing host to the crème de la crème of the financial world. More than 1,500 financial executives, venture capitalists, fintech entrepreneurs and banking nerds (the Fintech Finance team included) have gathered in the Thameside venue for FinovateEurope 2017 – one of the largest conferences in the financial calendar. In the main hall, not a spare seat is to be found. Industry leaders line the aisles, eagerly awaiting the next presentation. The company which will be delivering it is Dorsum, an award-winning investment software provider, based in Budapest. Like every other company on the Finovate stage, Dorsum will have exactly seven minutes to demonstrate its latest innovations, without the use of slides or pre-recorded video. Dorsum’s business development director, Imre Rokob, greets the crowd in traditional rock ‘n’ roll style (“Hell-lo London!”) before unveiling the company’s new Botboarding as a service (BaaS) platform to aid financial institutions in their customer acquisition. Rokob’s assistant, business development consultant Renata, hooks

| www.fintech.finance

her smartphone up to the screen and as she scrolls through her Facebook newsfeed we see an advert for a credit card. She clicks on it and a chatbot named DAISY offers to help Renata through the card application process. After asking some basic questions about Renata’s shopping habits, and responding in a distinctly unrobotic manner (“You went to Hawaii? Niiice!”), DAISY sends Renata a prototype image of her new card and prompts her to fill in her contact details with the bank to complete the application process. It’s taken precisely two minutes. Fast forward to this summer, and the effects of Dorsum’s presentation are still being felt across the industry. The Hungarian company walked away from Finovate 2017 with the prestigious Best of Show award for its Botboarding platform, which runs on Messenger and helps financial institutions with customer acquisition. Its presentation surpassed those of 72 other companies to win Dorsum the grand prize. Speaking to Fintech Finance three months after the event, Rokob speculates on why his company’s innovation captured the attention of industry leaders so well. “There’s only one avenue that firms should be using to approach customers

and that’s mobile,” says Rokob. “This may sound restrictive, but it really isn’t when you look at the figures. Facebook hosts one billion potential customers, with around 20 per cent of the world’s population having signed up to the social media site. How do the vast majority of these users access the site? On their phones! This makes Facebook an ideal channel through which to approach new customers on their mobiles and our platform allows banks to access these customers without the need to develop a mobile application of their own.”

Changing the conversation Following its success at Finovate, Dorsum was inundated with partnership offers from industry leaders keen on integrating the Botboarding platform within their own products, says Rokob. “We’ve received more than 50 inquiries from different banks and providers, and some previous Best of Show winners, including Backbase, eToro and CREALOGiX, converged on us before we’d even left the conference,” he reveals. “However, we’re determined not to let our recent triumphs go to our heads; there’s so much potential in this technology, and we need to stay focussed on tuning it to Summer 2017

Making the connection: Dorsum’s chatbots are even more personal

achieve maximum effectiveness. We intend to experiment with different levels of chatbot personalisation, intelligence and proactivity. For example, starting a conversation with a chatbot in one channel and then continuing it in another instantaneously. There are so many different options for banks to choose from, and it’s remarkable how many combinations are available within the parameters we’ve created.” And not just banks. Rokob believes the company’s Botboarding platform could bring advantages to certain asset management firms – a sector Dorsum knows a deal about, given its origins are in the wealth management and investment markets. Founded in 1996 by a team of just six people, by 2005 Dorsum was supplying Hungary’s leading credit institutions (OTP, MKB, and CIB) with their own investment service systems. “Using chatbots for customer acquisition is a potentially game-changing solution

for the mass and premium markets,” says Rokob. “Through interaction with prospective customers, chatbots can generate some remarkably complex conclusions. Complete financial planning, life objectives and current savings are all examples of information that can be gleaned from a customer during a natural language conversation on Facebook.” Despite the unprecedented reception to Dorsum’s Botboarding platform, Rokob is realistic about its limitations. “When it comes to asset management, I don’t believe that chatbots have the ability to take over the ultra-high net worth segment,” he says. “In fact, I don’t believe that all basic banking communications will be pushed into the virtual assistance field. Sure, we’re seeing a lot of plans on the market to develop universal virtual assistants that can advise customers on everything, but I still think that people will revert to using native mobile applications for some specific purposes. “This way of thinking is reflected in the release platform that we demonstrated at Finovate this year,” says Rokob. “What we developed is not a holistic virtual assistant that you can ask about

There’s only one avenue that firms should be using to approach customers and that’s mobile

Summer 2017

absolutely anything; it’s actually a very targeted chatbot that analyses whether certain banking products are suitable or not for you as a customer. I like to refer to it as a ‘single use chatbot’,” he says. “Following your conversation with DAISY, you’ll either become a customer of the bank and move on to communicate with them via existing portals, or the product won’t be right for you and you won’t.”

A good story to tell Dorsum is intent on maintaining its innovative momentum throughout the remainder of the year. Now boasting a team of 250 people, there are some ambitious projects brewing at HQ, according to Rokob. “First of all, we plan to integrate IBM Watson into our chatbot platform as a means of capitalising upon its impressive application programming interface (API) services offering,” he says. “Also, we’re developing a number of hybrid solutions that combine personal data with a digital approach. We’re specifically targeting the advisory space with these technologies. Using our virtual advice service, high net worth individuals can initiate conversations with personal assistants and view all their investments within one tailored mobile application. “In terms of business development, we’re mainly focussing on expanding our reach to more English-speaking territories. We already have some possible partners in the UK, and we’ve noticed some significant opportunities in the Middle East. Of course, we’re not taking our position as market leader in central Europe for granted, so we’ll continue strengthening that position.” www.fintech.finance |

MONEY 20/20 EUROPE: SPOTLIGHT ON DENMARK

A catch of fintechs! If British disruptors are spooked into digital flight by Brexit, Denmark would be happy to reel them in, says Copenhagen FinTech’s Chief Innovation Officer Simon Schou

Harbouring innovation: The city of Copenhagen

Lock up your fintechs, the Vikings are coming! But the tactics may be more charming this time. These 21st Century adventurers are here to collaborate and, in the light of Brexit, to offer British fintechs a way back into Europe – via Copenhagen. Worryingly, there is a lot to recommend the city. Beautiful surroundings, a culture that embraces innovation and a great work/life balance. And if Brexit blows ill-winds into London, the Danish capital’s fintech community would love some of the UK’s influencers to flee across the North Sea.

| www.fintech.finance

“If we see companies looking to switch focus from the UK we are telling them they should look here,” says Simon Schou. “I think it’s sad that the UK is leaving the EU. But it might be a benefit for us, especially in terms of non-European companies wanting to enter the European market. “We will see advantages. We will see companies arriving, we will also see talent coming here.” Schou is Copenhagen FinTech’s chief innovation officer and he clearly loves his city. Known for its progressive culture, Denmark’s capital has long had that laid-back air so loved by the tech-sector set. People

pedal to work on dedicated cycle paths that criss-cross the city, and at Copenhagen FinTech’s office – or ‘Lab’ – you can take to the waterways outside on a kayak. “The quality of life is high here,” says Schou. “We were in London talking to start-ups recently and the things they value we are quite used to in Denmark… biking to work, caring for the family, having a great work/life balance. It’s about combining ambitions at work with the ambitions of life outside, and we can compete on that. We have a lot of holidays, we have a lot of free time in Denmark compared to the UK and the States, but we Summer 2017

have high levels of productivity because people are happier and work better.” But beyond the lifestyle pitch, can Copenhagen cut it as a place to do business, compared to the city Schou admits is still the European capital of fintech – London? The answer is yes, he says, and a key reason is Denmark is ahead of the curve in terms of digitalisation. “Brexit will mean problems for us also because London is, and will still be, the financial centre in Europe,” explains Schou. “But we have a great advantage – more than 50 per cent of Denmark’s small businesses have their accounts in Cloud-based, digitalised systems. Fintechs can access this data, and make real-time credit scoring models for the banks. At the same time they can help companies become more financially efficient.” Because of this, innovators can do things in Denmark that cannot yet be achieved elsewhere, he says. “Companies say to me that when they go to the US, for example, they discover that they cannot develop what can be developed here. Maybe in three or four years the level of digitalisation will be the same as in Denmark. So we have an advantage, we can have products ready for when other countries reach the same level.”

A question of trust Schou says networking with Denmark’s banks is straightforward, too. The country’s banking system is made up of a handful of major international players and scores of small, regional banks. Many are linked by common ownership, so share resources. But despite this and an innovation culture that stems from the country’s education system, fintechs have faced barriers from banks due to mistrust – just like everywhere else in the world. “Some of the mid-sized banks in Denmark are really well-established,” says Schou. “They’ve been doing business for 100 years and doing it well. So in the past we’ve brought in a bank’s head of development to see our start-ups and they understand what we can do. But when that person gets back to the bank and tells colleagues about the solutions they’ve seen, it drowns. “What we do now is bring a bank’s entire investment department in to see the start-ups. We might have 30 people invited. They then understand that the start-up is not there to disrupt or destroy them, and Summer 2017

they see a new product for their customers that can easily be placed on their platform. “One person from a bank is not enough to convince the rest of the bank. We need a deeper understanding of the new solutions, and that’s what we’re trying to do here, but it’s a rather long process.”

A cool place to do business Copenhagen FinTech’s Lab is a key weapon in the fight to get those messages across. It is in an ideal location – the district of Christianshavn – a place known for its progressive, trendy sub-cultures and separated from the rest of the city by the inner harbour. As well as offices where about 32 fintech start-ups are based, the Lab has meeting rooms, event spaces, and access to services such as legal, HR, auditing and PR.

50 per cent of Danish small businesses have their accounts in Cloud systems... We can have products ready for when other countries reach the same level Plus, there are those tempting kayaks and paddleboards that can be taken onto the water outside. “Start-ups, even if they are not based in the Lab, hang out here,” says Schou. “It’s very much a meeting place between the old and new world and it works well to have a physical base. “We can do different programmes, such as hackathons, teaching events and stuff like that, bringing ideas to the newcomers. “Soon, we will be staging what we’re calling a friendly bank takeover. The top management of one of our partner banks is coming here to hand over virtual control of the company for a few hours. “The start-ups will control the bank and

show where they would take it. For the top management it’s a bit of fun and should inspire them. And for the start-ups it’s another way of getting closer to the banks, and it will help them better understand the core business of a local bank. “Even though Denmark is a small country, there’s quite a distance from the Copenhagen start-up environment to the end users in the countryside, which is where many of the local banks operate.” With so many start-ups based at the Lab there’s a lot going on. Copenhagen FinTech is currently targeting the city’s insurance industry by launching innovation partnerships. It is also working with the Danish financial regulator on a new sandbox model for secure software testing. And the innovation chief is keen to develop new investment models for start-ups – particularly equity-based crowdfunding which he says is in its infancy in Denmark. Beyond that, Schou is keen to shout the message that Copenhagen is a great place for both fintechs and financial giants to do business together. “We are telling the story of brilliant new start-ups wanting to collaborate with banks, pension firms, insurance companies from all over the world. It’s about saying that we’re ready, and that because of digitalisation you can do things in Denmark that can’t yet be done elsewhere.”

Global perspective “Our fintechs are ready to bring their solutions to other parts of the world,” says Schou. “But we also want to bring in the world’s best solutions to this place. “We are saying ‘if you are doing something better, then come here, teach us about it, and let us help you take your product into our market’. We could, for instance, be the place for US firms and Chinese firms that have brilliant solutions and want to bring them to Europe. Why not bring them to Copenhagen? The city is an entry platform for brilliant foreign ideas.” Close neighbours on Copenhagen’s doorstep are in Schou’s sights, too. “We’re looking at closer collaboration with the other Nordic countries – Sweden, Norway, Finland too. We’re working quite closely with them at the moment,” says Schou. “This year I think we will bring in Nordic partners or find other ways of working with them to open up the Nordic market for our fintechs.” www.fintech.finance |

MONEY 20/20 EUROPE: SPOTLIGHT ON DENMARK

In with the old... in with the new Danske Bank is looking to marry ‘banking when it’s needed’ with a classic branch network as Thomas Rudolf Personal Banking Head of Strategy & Insights explains “Is it a man or is it a machine that knows best in terms of how we run the bank?” asks Thomas Rudolf. Like many other personal banking chiefs, it’s a question that occupies much of his time. But as Danske Bank experiments with an increasing number of digital functions and looks towards working with a growing number of fintech partners, he believes that (for now at least) it’s come up with a working solution to the dilemma: a hybrid of the classical and the digital bank. Rudolf admits that getting the ‘branch-based advising system working with the digital system, is actually harder than you might think’, though. “An example of where this plays out is in the customer relationship,” he says, “because that has typically been driven out of our branches. Now, as the customer is doing everything pretty much online and advisors have bigger and bigger portfolios, we can’t rely on knowing the customer on the front line to be enough to drive that relationship.”

Financial comfort zone Cue data analytics. Danske Bank has chosen to focus on using the intelligence it’s gathered to make customers feel financially comfortable. “We were the first bank to give people a spending overview, so they could see month by month what they were spending their money on,” says Rudolf, who is the personal banking division’s head of strategy and insights. “I think there’s a lot to be gained in making

| www.fintech.finance

customers feel on top of their own financials and helping them out with everyday matters. “Data can be used, for example, to tell me that I usually pay my phone bill every month, but this month I haven’t put it up for payment. Did I forget to do something? It can help me see that both I and my wife are subscribing to the same HBO service and we could save some money there. Then you can take it to an advanced stage, which is more about ‘people like you do this…’“ Benchmarking customers against their peer group and, for example, letting them know that people their age with roughly the same earnings, save more or save less than them, helps customers understand their financial situation better. Such mapping also leads to better targeted advice. And how the bank then helps them is where partnering with fintechs comes in. “We are working a lot with an application programming interface (API) structure because what has held us back on development time is the bank’s legacy systems,” says Rudolf. “Whenever we wanted to offer something to customers, it meant we were dependent on a lot of specialist people. So now we’re trying to create an API layer within our own banking structure, allowing our employees to develop things much faster. We’ve shown great progress already and once we have that in place it will also allow us to have other partners. That’s also opening new doors for us.”

Summer 2017

New broom: But classic branch network will stay, says Rudolf

It will lead to what Rudolf terms ‘contemporary banking’, or ‘banking when it’s needed’. “So, if you’re browsing in a furniture store, for example, a chat bot will come up on your phone to talk about how to finance a purchase. I think we’ll see a lot more of that going forward – the whole front line of banking will be integrated into third-party players,” he says. That’s not to say there won’t continue to be a key role for bank branches. Curiously, Danske monitoring has found that the younger their customers are, the keener they are to speak face to face with a branch advisor when they make serious decisions, says Rudolf. “When it’s your fifth or sixth mortgage, it’s maybe not that necessary to come in. But there are a lot of customers who want the comfort of having pensions and different mortgage options explained – to have the chance to sit down and talk to someone.” Which brings him back to that central question – human or humanoid?

There are a lot of customers who want to sit down and talk. We’re not trying to box customers in to having a remote relationship

The question of AI Over the past couple of years, the bank has introduced robotics into back office functions to reduce customer waiting time and cost. But the use of more sophisticated artificial intelligence (AI) has been limited to supporting the staff who interact with customers, rather than having the AI interact with customers itself. Recent pilots, however, could soon see Danske bots appearing in customer-facing roles. “If a chat bot can beat ‘click 1 if you want to talk to technical support, click 2 if you want your statements’ and truly help customers get to the right questions more easily, then I’d use it straightaway,”

Summer 2017

says Rudolf. “We’re not trying to box customers in to either having a remote relationship or belonging to a branch. Our aim is to offer some of the best solutions to do everything digitally, but also have an extensive branch network.” Data handling and intelligence has played a huge part in the bank’s progress towards that point – some of it throwing up surprising applications. Rudolf highlights a recent hackathon for some of the bank’s most talented data scientists, where they were given the challenge of developing a model for spotting when the online system would break down. “In 24 hours these guys came up with a model that could predict all the breakdowns over the last three months, without too many false positives,” says Rudolf. “And there’s nothing that annoys our customers more than ‘no, our mobile bank is not working‘ or ‘internet banking’s not working’. So, we’re looking forward to taking this development further.” Regulation and market forces will continue to reshape the model. “Up to now, pretty much everyone in the game is also a product supplier. But, I think we will see ‘new banks’ with people just offering a service but not having the functionality to do the mortgage or whatever underneath. “The regulations make it so much more complicated, which means you need a fairly large scale to be able to offer products. It will definitely drive technology. There will be a huge push to make the most customer-friendly interface, because that, essentially, is going to win this. We, as the bank, want to keep our interface with customers and sell products to them. It’s going to be very interesting to see how it plays out.”

www.fintech.finance |

MONEY 20/20 EUROPE: SPOTLIGHT ON DENMARK

What’s up, Doc?

Artificial intelligence won’t solve all the banking industry’s ills, but it’s a powerful complementary medicine when it comes to compliance, says Kasper W. Rost, CEO & Founder of Calcabis Virtual Expert Platform

Crime doesn’t pay. And, even worse, if you’re a bank it can cost… a lot. According to research by anti-money laundering (AML) technology experts, Fortytwo Data, the combined bill for regulated industries meeting their compliance obligations this year will be £6.4billion. It’s an eye-watering amount – but what should really make banks weep is the £2.7billion it says will likely be wasted by organisations chasing false leads thrown up by outdated systems. That’s why uncovering criminality while complying with regulation is a job for a machine, according to Calcabis. The Danish fintech, which has taken out 143 patents on bespoke intelligent

| www.fintech.finance

software capable of integrating an organisation’s intimate knowledge, experience and data into one platform, is among hundreds to emerge over the past few years in anticipation of a regtech bonanza. Unlike most of them, it plans on sticking around. “I think the second Payment Services Directive (PSD2) and the fourth Anti-Money Laundering Directive (AML4) are going to put a massive strain on the financial industry with different financial/fintech companies trying to invent the Holy Grail. And I think we will see 60 to 70 per cent of them closing within 24 to 48 months,” says Calcabis CEO and founder Kasper W. Rost. “The amount invested in financial

technology firms by venture capital will also decrease. That’s because some of them are going to burn a lot of money on start-ups that won’t succeed.” Calcabis, on the other hand, brings something more enduring to the table. Its next-generation artificial intelligence (AI) onboarding platform sets a new standard for documentation around compliance. The company chose not to take the one-size-fits-all approach adopted by many of its rivals, which is partly why it’s taken the better part of a decade to bring the platform to market. Instead, Rost says, it mines the expertise that exists among the organisation’s own Summer 2017

staff, creating a truly customised artificial intelligence that is their partner in fighting crime and not their replacement. “The banks have the necessary resources in-house in terms of knowledge. They know what they need to comply with and what to look for. Their challenges are a lack of resources, the amount of data, legislation, and not being able to predict future fraud in time,” says Rost. “Banks have different departments looking at AML, know your customer (KYC), risk and compliance, but these functions are not joined up, so they can view the information in a qualitative way.” Which is where the Calcabis software fits in. Staff knowledge is used to create virtual experts around the human experts, so they can take over selected tasks. “Every client is unique and is a specialist within its area. Clients are able to teach and develop the virtual experts on their own. This enables them to maintain and increase the complexity of the Calcabis platform, without having us involved. That way the organisation knows for a fact it will work. “We’re building cognitive computing around a human expert, combined with artificial intelligence, machine learning and deep learning. We don’t work with processes as the AI will always find the best and most efficient way to do the task,” says Rost. “So when you ask the Calcabis Virtual Expert Platform a question, it will solve it the same way we do in the real world, by consolidating the relevant experts/virtual experts with the right skill set to solve the problem/question.” A major aim of the Calcabis Virtual Expert Platform is to reduce cost by speeding up the client onboarding process and removing mistakes caused by human error. It pays off handsomely, too, reducing some of that 42 per cent of wasted AML outlay identified by FortyTwo Data. “When bank staff carry out the client onboarding process, each person’s mind works differently,” explains Rost. “Some of them are better at image recollection, some are better at intellectual language.” So, the first step in building a customised

AI, is to map the resources in the organisation, interviewing staff to understand what they do and which tasks they preform. When we have this, and we know all their internal rules etc, we create virtual experts around this information (it could be one to 200), connecting them with the bank’s infrastructure.” Onboarding processes can be reduced from weeks to a few minutes as a result, claims Rost.

Diagnosis and prevention Rost describes the platform as being ‘data independent’, able to work with all types and integrate it to all back and front-end systems. “The banks have a lot of excellent data, they just don’t use, but we can!” The Calcabis platform provides background checks in accordance with AML rules and processes, analysing customer

Legacy: It's as much about the mindset as the system

Banks know what they need to comply with and what to look for. Their challenge is a lack of resources

Summer 2017

with people who are politically exposed. Another defining characteristic of the Calcabis system is that it not only identifies a cause for concern, but gives detailed reasons for raising a flag in the first place. “If you ask another system how it got an answer, it will reply ‘I have X amount of data and this data contains Y’. What our AI can do is give you the calculations for how it arrived at the answer and a solution for solving the problem, both now and in the future. It’s like the difference between a doctor who tells you you’re sick and a doctor who tells you why you got sick and how you can prevent becoming sick again.” He believes, such advanced intelligence will be key to banks meeting obligations under PSD2, AML4 and the upcoming General Data Protection Regulation. “And the good thing about our Virtual Expert Platform is that we don't have to

profiles against data collected from more than 300 million organisations, including politically exposed persons and sanction lists worldwide. The Virtual Expert Platform also keeps a constant eye on a customer’s own clients and flags up significant changes, overcoming one of the main data intelligence challenges for banks – how to ensure green flags that pass the onboarding process don’t subsequently turn an ugly red and get missed. For business accounts, such monitoring includes changes around a company’s ownership, governance or links

code/programme the whole system when new regulation comes in. The client is able to do this on their own. And if the Virtual Expert is not programmed for that specific task, then we just create a new one. “At the moment, we don’t see the banking industry’s compliance as being solid. We see departments that don’t speak to each other and don’t implement new knowledge that they have,” says Rost. Overcoming legacy issues isn’t just a matter of updating the operating system – it’s about updating the mindset. That said, he believes 2017 will be the year ‘when everybody is talking about AI’. “AI is not the answer to everything,’’ warns Rost, ‘“and before they dive into a massive AI project, they need to know what they will gain.” www.fintech.finance |

MONEY 20/20 EUROPE: SPOTLIGHT ON DENMARK

Gimme five!

Consumers might hold the answer to card fraud in their hands. Probably the smartest smart cards on the block are those activated by a finger print, says CardLab CEO, Frank Sandeløv It doesn’t matter what new payment method emerges, financial smartcards are here to stay – for the foreseeable future at least. That means finding ways to combat the onslaught of card fraud remains high on banks’ agendas.

A recent survey in the US by Javelin Strategy and Research saw a 16 per cent jump in card hacks, costing customers and banks $16billion in 2016 – the biggest annual increase since Javelin began monitoring in 2003 – which was largely attributable to card-not-present theft. It’s a heartstopping amount, but one company that has its fingers (quite literally) on the industry’s pulse is CardLab. Based in Denmark and led by CEO Frank Sandeløv, the company is working on a range of card protection technologies, including biometrics. “We’ve seen a lot of solutions where companies are trying to teach the end users a lot of new things in order to use their card. We’ve seen this normally fails. So we need to keep the inventions inside the framework – where the customers do not really feel there’s a difference in the use. We need to adapt to the kind of use patterns that they already know, or are already used to,” says Sandeløv. And people ‘get’ fingerprint scanning – they use it on their phones and, increasingly, on their travels. The US Department of Homeland Security plans

to introduce fingerprint scanning at 20 of the country’s busiest airports by 2018. “Our customers are now so aware of the risk of identity theft that they are willing to pay an amount fully covering the cost to produce a biometric card,” says Sandeløv. “We will be able to help banks to enhance their business case and also save significantly on fraud losses.” They might even be able to help banks turn fraud prevention from a cost to a profit. Consumer research published in March 2017 revealed that credit card holders in the States are so concerned about identity theft that 67 per cent of them would pay $69.95 for a credit card if it were made safer with biometrics. It’s an indication that the PIN has had its day, says Sandeløv, who believes paid-for biometrics and one-time passwords are the future of secure financial payments. “We provide cards that work in existing infrastructures. So, for banks or whoever it might be, this won’t be a huge cost to implement because it’s when it becomes costly that we see things being delayed or postponed – or you simply just live with the risk,” he says. Sandeløv refers to a set of building blocks – or more accurately padlocks – for cards. “The dynamic mag stripe enables us to change the data from one transaction to another – either by a complete change of data or tokenised.

We need to keep the inventions inside the framework – where the customers do not really feel there’s a difference in the use

| www.fintech.finance

Thieves will still try to skim but once the token has been used, the next time somebody tries to use what’s been skimmed, the information will be rejected, because it’s a one-time password. “When it comes to biometric data, we are not storing the fingerprint itself on the card, but the specific algorithm it creates. So, when you swipe your finger on the card you create an algorithm that it compares to the one it has. If there’s a match you’re allowed to use the card, if not, you just have a dumb piece of plastic.”

One up on dual encryption A natural extension of one-time passwords for online banking, Sandeløv says it enables physical Europay, Mastercard and Visa (EMV) transactions, and magstripe and contactless ,as tokenized transactions, or just a private/public key system exchange. But whatever the communication platform, it will not fall behind dual encryption. Outside of the States, where they’re just catching up with EMV at the point of sale, CardLab’s work at improving contactless security could see tap and pay, which relies on near field communication technology (NFC), accelerate further. It’s already a hit with consumers in Canada, Summer 2017

“It’s like keeping your wallet open, leaving it on the street and hoping that when you pass by in the evening, nobody has picked up your money.” CardLab’s anti-fraud jammer for contactless cards works by jamming the communication field until the cardholder unlocks it. “Whenever the card enters a reading field, the jammer will start, jam the signal and you are not able to communicate until you tap the card, then it locks up again,” explains Sandeløv. “If you limit the reading time when the card is open for transactions you disable

Your prints all over it: People ‘get’ fingerprint scanning

Australia and the UK where nearly one in five purchases made on a card are contactless and more than half of all debit cards in circulation are NFC enabled. The UK Card Payments Association and the industry’s Financial Fraud Action UK insist fraud n contactless cards remains comparatively low, with £2.8million of losses compared to spending of £7.75billion in 2015. It equates to half of one per cent of overall card fraud. The most secure contactless cards are designed so that they can only Summer 2017

be used a certain number of times before customers are asked for their PIN. But concerns around the potential for digital pickpocketing of these cards have led to caps on individual payments. Unlike other plastic, contactless is subject to spending thresholds, currently £30 per transaction in the UK because, whatever the statistics, the perceived risk of theft is high. “To date, we haven’t seen anything in terms of protecting these contactless cards and it’s something the banks will need to do something about,” says Sandeløv.

the potential for skimmers to get a full read of the transaction – and if you can’t read it, you can’t hack it.” The biggest challenge, however, remains online fraud and, despite investment in countering it, banks are still ‘not getting to the core of the problem’ says Sandeløv. “In our opinion, a secure smartcard is a card that is capable of making a positive identification of the user, but at the same time, fully protects your privacy. That’s done by communicating via a public private key system, or similar. So the bank, or whoever receives the payment and has to do something for the customer, will know for sure that it’s you and nobody else but you who initiated the transaction. At the same time, the key system will be able to release only the data that’s needed.” If we could roll back time to the introduction of plastic payments in the 60s, Sandeløv would design a system where no personal data would ever have been stored in an online database. “Instead, I would make sure that your personal data was stored in such a way that only you would have the ability to release it, or initiate a transaction. “And that’s basically the way we are building it now, by storing your biometric data in the card, which is, in effect, an offline media.” www.fintech.finance |

MONEY 20/20 EUROPE: SPOTLIGHT ON DENMARK

Someone to watch over you There are only so many bricks you can put in the firewall, which is why CodeSealer CEO Tonny Rabjerg believes companies should focus on becoming the consumer’s digital guardian angels

Standing the wrong side of a front line is a dangerous place to be, especially when you know the enemy has you in his cross hairs. And yet that’s precisely where many companies leave their customers. Holed up in their data bunkers behind ever more resilient firewalls, only 20 per cent of businesses have even thought about protecting the poor application software user out in digital no man’s land. So says Tonny Rabjerg, chief executive of CodeSealer, who believes leaving millions vulnerable to so-called man-in-the-middle or man-in-the browser attacks, isn’t just a crime under upcoming EU law, but a foolish dereliction of duty. You only have to look at the scale of reputational damage to corporates from recent cyber attacks to

| www.fintech.finance

realise that by far the biggest punishment they’ll suffer is loss of consumer trust. So why risk it? According to Rabjerg, it’s a simple case of thinking in institutional silos. “In most companies the security department is like a separate vertical in the organisation,” he says. “And it’s a vertical that the application team may not really listen to. That needs to change. There needs to be a closer cooperation between security and application areas. “When I speak to the business side, they understand the impact of a major security breach. But often you find that the application team are resistant to doing anything about it because it will make it much more difficult for them to build new applications.”

The introduction of the General Data Protection Regulation (GDPR) in 2018 is likely to be an uncomfortable wake up call to change that. “One of the most important aspects of GDPR is that it demands privacy by design and default,” says Rabjerg. “I have been working on the application side for 30 years and I have never been asked to make safe applications. I have been asked to make them sexy, look good and so on, but nobody asks me to make them secure. The notion of privacy by design and default is new and is something companies have to think into their future development.”

The protection paradox Focussing, as CodeSealer does, on what happens in front of the firewall also has Summer 2017

Guardian angel: An end user won't even know the CodeSealer security is there

says Rabjerg. “I have Microsoft Defender, which is built into Windows 10, and that’s it. And if somebody comes and asks me to install new software to increase protection, I will not do it.” Judging by the figures, he’s not alone. “The reason is, people didn’t suffer many attacks and the security software slowed devices right down,” he adds While security downloads might spike following the global security breach that paralysed services across the globe in May, Rabjerg believes there is no going back to a culture of regularly downloading security software because usability, not privacy, is now uppermost in consumers’ minds. CodeSealer estimates that just 18 per cent of users will download protection for a physical device if they are recommended or requested to do so by an app; the rest will go elsewhere.

Discreet security It’s for this reason that the CodeSealer programme works without the need for an installation on a customer device. The security software is embedded in a company’s existing servers and is invisible to the end user; in fact, they will be blissfully unaware that they are being protected by an extra level of security, a kind of digital angel on their shoulder. “What we promise to a company is that whatever they send to a user, that is what the user will see and nothing else,” says Rabjerg. Among the scams it will detect are phishing attacks and redirects to lookalike sites as well as manipulation of data, known as SQL injection attacks. Some of the worst SQLs have seen consumers unwittingly transferring large sums of cash to bogus bank accounts. While no system can be 100 per cent secure, Rabjerg points out that the more obstacles a business puts in the way of an attacker, the more likely the hacker is to move on to softer targets. Even so, a balance between security and usability has to be struck. “There are three aspects you have to consider when you implement security

I’ve been asked to make applications look sexy, but I’ve never been asked to make them secure

the potential to reduce threats behind it, says Rabjerg. Although only 10 per cent of cyber attacks currently take place in the browser space, incidents are increasing as criminals recognise it is relatively poorly protected territory. To be fair, users have let their defences down. According to Microsoft, only a quarter of the world’s PCs are running up to date security software, while one national cyber security agency study shows two-thirds of mobile users are leaving themselves unprotected. “Twenty years ago when I got my first PC, I had so many different products on it to protect me; today, I have basically nothing,” Summer 2017

measures. One is usability, so that’s the customer experience. Another is performance, which also affects customer experience. And the third is security. “You can make an internet site or app 99.9 per cent secure, but then nobody will be able to use the system. So you have to strike a balance. That is one of the big challenges many companies have today. “I used to live in India and every time I used internet banking, I got a call from the bank, saying ‘did you just make a transaction?’ That’s not usability and online friendliness – you might as well just go to the branch if you have to speak to them anyway.”

The GDPR effect But there’s no wriggling out of the fact that, post GDPR, the onus will be on business to protect users like never before. Data processors will have direct legal obligations and responsibilities, which means organisations can be held liable for data breaches. And the inference is that organisations will be responsible for protecting data, regardless of where it is. “Personally, I welcome GDPR because the existing laws around this area date back to before the internet took off,” says Rabjerg. “Crucially, GDPR is not saying where companies have to protect data. Right now, companies are focussed on how to protect data within their own systems, but the regulations say you have to protect the EU citizens’ data, no matter where they are. “It also says that if the EU citizens believe they are in dialogue with you, and they believe that they should be secured by you, then it’s your responsibility. “That means companies need to protect data in the browser. GDPR is going to be supporting our penetration of new markets, there’s no doubt about that.” Rabjerg predicts many companies will panic when they realise the scale of the changes they must implement – although Scandinavia itself is relatively well insulated against attack. “Cybercrime in the Nordic regions is low compared to many other countries,” says Rabjerg. “One of the reasons is that we have a single authentication system for all of the banks, so theft is low. “Scandinavia is an important market, of course, because we are a Danish company. But we see the majority of business in countries such as the UK, Poland, Indonesia, Italy, where theft is much higher.” www.fintech.finance |

COPENHAGEN FINTECH INVITES YOU TO

THE NORDIC FINTECH HUB

THIS IS THE GATEWAY TO NORDIC FINTECH SCANDINAVIAS FIRST DEDICATED FINTECH LAB, BRIDGING CORPORATES AND STARTUPS. WE ARE AN ECOSYSTEM FOR FINTECH INNOVATION. MEET AND MATCH WITH THE 100 FINTECH ENTREPRENEURS AT COPENHAGEN FINTECH LAB. LEARN MORE AT COPENHAGENFINTECH.DK / FINTECHLAB.DK

COPENHAGEN FINTECH Find us at Applebys Plads 7, 1411 Copenhagen Photo: Thomas HÃ¸yrup Christensen

MONEY 20/20 EUROPE: SPOTLIGHT ON DENMARK

Digital Danish... tempted ? Collaboration is a successful Danish fintech recipe. It would be foolish not to get a slice of it, says Oliver Hall, Head of ICT Investments at Copenhagen Capacity The European Union ranks Denmark as the most digital country among its 28 member states. The population is the most e-ready in the EU, with 88 per cent of Danish internet users using e-banking and 82 per cent doing their shopping online. Danes are also among the most intensive users of video on demand. Denmark’s digital public services are also highly advanced and there’s a strong tradition for collaboration in the Nordics that has always characterised business – especially within financial services, where hundreds of banks have shared both infrastructure and development. Among Greater Copenhagen’s fintech community, collaboration not only covers existing and new players in financial services, but also between the financial and public sectors. They have worked together for decades, building new infrastructure and developing technology solutions. One example is the successful Danish digital identity solution, NemID, which was launched in 2010 and whose next-generation solution will shortly go out to international tender.

A Scandinavian first The City of Copenhagen, the Financial Services Union and Denmark’s leading banks have joined forces with the aim of establishing Greater Copenhagen as a leading fintech hub, with Copenhagen Fintech driving the ecosystem. Scandinavia’s first co-working space solely for fintech entrepreneurs, Copenhagen FinTech Lab, opened in November 2016. Already hosting 35 fintech companies, it is expanding to accommodate more residents.

Summer 2017

A booming ecosystem “Greater Copenhagen is the best platform in Europe for companies to be successful,” says Oliver Hall, head of ICT investments at Copenhagen Capacity. The official investment promotion agency for the city, it works closely with Invest in Denmark to support companies who want to set up business in Greater Copenhagen. “A lot has happened recently, especially for fintech companies. The European Blockchain Centre has just opened in Copenhagen, and the Emerging Payments Association has recommended Denmark as a prime location for regulated companies if the UK loses passporting rights post-Brexit. “All of the large bank IT system providers in Denmark have created a joint application programming interface (API) solution for entrepreneurs to tap into a large number of banks here. The Danish FSA has established a task force dedicated to support foreign companies entering Denmark and we have a regulatory sandbox on the way,” he adds. It’s helped towards the World Bank ranking Denmark as the easiest country in Europe to do business in every year since 2012. According to Deloitte, fintech investments in the Nordic countries tripled from 2015 to 2016 with the number of investments surpassing that of both Germany and the UK.

World’s first cashless society? Almost 75 per cent of the Danish scale-ups are located in Copenhagen, offering easy access to customers and business partners in the rest of Europe. “With an airport only 25 minutes away and flying times of just over one hour to London I can get there quicker than some of my old colleagues can from the home counties”, says Omar Shaikh, co-founder of COCOA Invest, who previously worked

in the City of London for companies such as Schroders PLC and Capita Financial. COCOA is an independent, online saving and investment company, which challenges the banks by cutting out the middleman. “Danes are naturally open to new technology – in fact, I have confidence that this will be the first cashless society – but at the same time, they are rightfully hard to impress. If you have the right formula to work in Denmark, I believe it will work almost anywhere,” Shaikh says. “And I cannot emphasise enough how valuable it is to operate in a country where the English is so good I often forget it is not the first language.”

Finding the right talent Copenhagen Capacity began focussing on fintech in 2015, including access to talent. Partnering with fintech companies in Greater Copenhagen, it posted 36 jobs in the sector through targeted online banner ads and interest has been overwhelming: ”Our job is to help companies plug in to the network – co-working spaces, legal and financial experts, regulators, institutions, incubators and accelerators – as well as assisting with market research and finding talent,” adds Oliver Hall. “Tech talents are a scarce resource with fierce global competition for them. During our eight-week campaign, we had 175,000 views worldwide and we delivered 326 screened candidates to the companies involved in the campaign.”

For more about business opportunities in Greater Copenhagen or if you would like to meet companies in the fintech community, contact Oliver Hall, Head of Tech Investments at Copenhagen Capacity on +45 21 84 74 44 or e-mail ohall@copcap. com. If you are interested in meeting a local Invest in Denmark advisor, contact Lasse Grøn Christensen on +45 61 97 90 34 or e-mail: lassch@um.dk. www.fintech.finance |

MONEY 20/20 EUROPE: SPOTLIGHT ON DENMARK

The missing link Blockchain might one day short-circuit the banks, but in the meantime it’s their best way to remain compliant, says Christian Visti Larsen, CEO of NewBanking Denmark’s NewBanking, which won a place in KPMG’s Global Emerging Star Fintech 100 last year, is one of the most bankable new kids on the block. It is one of those cool start-ups that’s demonstrating the acceleration of the disruption that’s taking place in the global financial services industry and, of course, its very existence is testament to the capital – and confidence – invested in its ambitions by two leading angel backers, who have stumped up a reported 5million Danish krone (€0.5million). Co-founder Christian Visti Larsen, former chief financial officer for the Nordic digital currency processor Coinify, wants to reduce the cost of traditional payments and create a new method of letting ‘trusted services’, such as banks, verify personal identification through blockchain technology. Just referencing the word blockchain elicits a spectrum of reactions, much as ‘internet’ did in the 1980s. So, just to clear things up at the start, let’s have a quick review of what supporters of blockchain, like Visti Larsen, believe it to be. In contemporary life, our digital things, whether that’s voice and video calls, emails, pictures, instant messages and so on, travel directly from A to B. But with money, we trust a third party – the banks, building societies and other financial institutions – to handle it on its journey. Blockchain seeks to remove that third party so that we can make a secure payment direct to an organisation or individual. In place of the bank is a public ‘distributed ledger’ where every

| www.fintech.finance

transaction is recorded chronologically. Although ‘transactions’ may be financial, it also allows for the exchange of goods, property, work or even votes. If there really is a paradigm shift in financial services, then this is probably it. Advocates point to the positives – the democratisation of finance, making it easier, for example, for migrants to safely access cash; financial products becoming much more competitive; and third party trust organisations as we know them no longer being necessary. Crucially, the transparent nature of a blockchain itself means there’s nowhere for criminals to hide. Blockchain is built with maths and cryptography, creating independent, decentralised ‘blocks’ of data – but it’s enough to understand the ‘what’ over the ‘how’ for now.

Faster, smarter, cheaper Specifically for NewBanking, one of a growing number of Nordic next-gen financial services companies working in the blockchain arena, there is a significant chunk of work up for grabs around the verification of personal identification. “Today, if I want to become a customer of a bank, I engage with the bank and send documentation, such as a passport or utility bill. I give the bank information and then the bank processes and verifies this information,” explains Larson. “The verification process can be done in different ways: people can look at it, or they can engage with other technology providers to verify whether, for example, this passport is real or not. NewBanking helps you with that onboarding process. So

customers upload their documents and verification is done through our system. Once we’ve verified someone’s passport, a document saying that this document has been verified, not the actual ID document, is placed on the blockchain. After that, the customer grants the bank access to see the documentation.” This simple change has the ability to speed up the onboarding process to an unimaginable degree, promises Larsen, because verification only needs to happen once. The verification document stays on the blockchain and when a customer wants to open another account, or join any other third-party trust organisation, they just permit access to it. For banks, such technology holds the potential for significant cost savings, while for customers the onboarding experience is genuinely elevated as processing and application processes are simplified and accelerated. “Let’s say my verified documents are on the NewBanking platform, and I’ve already engaged with one bank but now I want to have a prepaid card. The only thing I need to do is give the prepaid card issuers access to my documentation. I would be able to

Summer 2017

onboard within seconds, rather than go through a whole new verification process. So the user experience is much better and the onboarding cost for the prepaid card issuer will also be lower,” says Larsen. This form of verification means customers can also better protect their data by staying in charge of who they grant access to. “In the old world, once I’ve sent my documents to the bank or whoever, they have control of them. I have no chance of tracking what they do with them. On our platform, the bank can access my information only for as long as I grant permission, but I can also remove this access.” And that’s important in light of the impending General Data Protection Regulation (GDPR), which comes into force across Europe from April 2018. It requires significantly more of organisations that store customers’ personal data – including deleting it at the customer’s request. “With blockchain, the only thing the bank has to delete is the access key for the data and they are compliant,” says Larsen. It will, he says, be quicker, cheaper and way more secure, which, if you’re in the business of prepaid cards – and who isn’t these days? – sounds like an attractive option. The prepaid card market, covering everything from corporate charge cards, to retail, entertainment and government as well as financial institutions, is anticipated to grow by nearly a quarter to $3,653 billion in 2022, with Europe accounting for almost half of it. It’s created defacto financial services companies – a phenomenon that when combined with distributed ledger platforms could radically transform the way we pay. “Starbucks is one of the biggest banks in the US today,” says Larsen. “Its prepaid card service for your coffee is a good example of a business that is providing a financial service

that is not a financial institute. They are a coffee chain but they have millions of financial customers. So this breaking up of financial services is becoming more and more a possibility. “Why not have an Uber account and collect points for travelling in the way that you would with a Starbucks account? And this is where it becomes really interesting – why wouldn’t I be able to use my Starbucks points to pay for my Uber car? Technology and platforms like the ones we are introducing, will eventually make it possible for the Uber guy to pay the Uber coins that he earns from driving his taxi directly to Spotify to download his music. The technology is engaging with both end users without the banks.”

Thinking the unthinkable At the moment, it’s just a what if? But the potential for global deliverers of local services, such as Starbucks, Uber and Airbnb, or digital leviathans, such as Spotify, to leverage their combined volume of customers and turn them into blockchain users is the elephant in the room, says Larsen. “I think that it will be something that will lurk in the dark and then suddenly, when Uber and Airbnb, say, get together and say, ‘OK, this makes sense,’ then it will be a shock for the industry.” The transparency offered by blockchain systems could also significantly impact money laundering. “Systems like ours, based on blockchains where you can have different parties on the same platform, make it possible to

trace when there’s something going on. The risk of being caught (on the blockchain) is too high,” says Larsen, who will be on a mission at Money 20/20 Europe to find the right customer among financial institutions at the show. But he’s realistic. Integrating an entirely new operating system into a bank’s legacy structure is an enormous challenge. “There are so many touch-points and their systems are so integrated with many different areas that it’s not just something you can put into a bank and say, ‘hey, this is the perfect Know Your Customer, let’s use that!’ And yet we have that perfect product. The question for us is should we focus on other sectors that don’t have the same difficulties of integration? “ Unlike the arrival of the internet in the 80s, when modems, HTML, FTP and even emails were a foreign language to most, the terminology around the blockchain has already been made familiar through compliance, which at least gives NewBanking a head start in the sector Regulators, says Larsen, are the blockchain’s best friend in that they are ‘creating a positive movement for these new technologies’ while companies built upon them will have ‘a huge advantage over the existing financial sector’. “Words like ‘crypto’, ‘private keys’ and ‘wallets’ are all included in the updated anti-money laundering directives that are being enforced next year,” Larson points out. “So, this technology is approved at the highest level – by the EU Commission. “This is something that is coming to your bank soon and it can change the way you act in the market – we can change the way you act in the market.”

Why wouldn’t I be able to use my Starbucks points to pay for my Uber car?

Holding it together: If there is a paradigm shift in financial services then blockchain could be it

Summer 2017

www.fintech.finance |

MONEY 20/20 EUROPE: SPOTLIGHT ON DENMARK

Older & wiser

Every month, thousands of us make contributions to pension schemes but, in most cases, it’s a whole year before we know how they are performing. Jesper Essendrop says that’s not good enough and, as CEO of Schantz A/S, he’s set out to change it Given the sensitivity around pensions, not to mention the £145billion deficit among the UK’s top 350 defined benefit schemes and some high profile scandals, you’d think the industry would be bending over backwards to keep customers sweet. By its very nature, a pension, more than any other financial asset, should give its holder a sense of reassurance. We want to be comfortable in the knowledge that we won’t be left penniless in retirement. Bearing in mind that pension contributions are a significant monthly expense for many workers, maintaining frequent regular contact with policyholders would, you’d have thought, be a given. After all, how much effort does it take to send out

| www.fintech.finance

a monthly message to confirm that payment from the policyholder has been received, that their deposits are indeed going into a pot, and that pot will be sufficient to meet their needs? But for most investors that simply isn’t the case. “I put 20 per cent of my salary into pension savings, and what do I get in return? A single yearly message,” says Jesper Essendrop, CEO of Schantz A/S. “Put it this way: if I needed a new washing machine or television, I’d happily spend a weekend on the internet researching options and I’d receive a lot of feedback from different suppliers on what choice to make. A new washing machine or television is a relatively small part of my budget, whereas my pension payments form a huge chunk of

my monthly expenditure. And yet my provider only interacts with me once a year. “The irony is that the technology required for a pension provider to improve their customer contact is remarkably simple,” says Essendrop. “It’s not rocket science, or even artificial intelligence; it’s just a process of using calculation engines that already exist to send a text message saying, ‘thanks for this month’s payment; here’s what you’ve saved so far, and here’s what you could do to improve your financial situation even further’. “The systems are already in place to monitor the daily finances of policyholders, so why don’t pension providers deliver relevant, real-time financial suggestions in immediate response to changes in their clients’ budgets?” Summer 2017

Waiting an age: Why are pension providers so slow at communicating

Tilting the triangle Founded in 1994 in Copenhagen, Schantz A/S specialises in solutions for the financial industry. It was recently acquired by Keylane, a move that will accelerate its strategy of becoming the leading European supplier of software to the insurance and pension sectors. Its mission is to revolutionise the customer experience, leaving providers free to concentrate on client interaction. “We call it tilting the triangle,” says Essendrop. “We believe that a lot of our clients are currently spending far too much time and money on the creation of systems and staying compliant with

product and processes, when they should be investing in the customer experience. “Our value proposition is to provide clients with standard systems so that they can benefit from shared, compliant processes, and consequently be free to dedicate all their IT investment budget in customer experience. “Through us, pension providers can shed the weight of having to maintain outdated IT infrastructures and legacies, and can instead devote their efforts to developing great new apps and web services for the benefit of the customer,” he says. As Essendrop and the team at Schantz A/S have discovered, ‘tilting the triangle’ to place the customer experience back under the spotlight for pension providers requires a highly strategic approach. In order to implement its systems as efficiently and seamlessly as possible, the firm has divided its software portfolio into three key solutions: Schantz Life, Schantz Advice and Schantz Valuation. “The foundations of our portfolio can be found in the Life solution,” says Essendrop. “This is effectively the engine room for our pension provider clients, where they can manage all of their policies, processes, and payments as cost efficiently as possible. At first glance, Schantz Life may appear somewhat irrelevant to the end user. However, were it not for the engine room’s advantages in terms of cost and compliance in policy management and straight-through processing, the funds would not be there to invest in stages that do focus on customer experience.” After the company’s Life solution comes Schantz Advice. “This solution develops a 360-degree overview of a policyholder’s finances as a means of distinctly improving the customer experience,” explains Essendrop. “On behalf of the customer, Schantz Advice asks the question, ‘how should I change my pension scheme for the best results?’, and then it generates an answer using the financial overview that it has previously developed. The final stage of the Advice solution is to alter the actual pension scheme within

Schantz Life, which demonstrates how our portfolio allows pension providers to adapt the fundamentals of each of their policies to the needs of the holder.” The last solution, Schantz Valuation sits slightly away from the others as an asset liability tool for back office functions. “It’s of most value to risk management functions that need to calculate whether a pension provider’s business models are suitably future-proofed,” explains Essendrop. “The Valuation solution can take into account a vast number of variables (for example fluctuations in the stock exchange, or the current topic of Brexit) and then simulate what effect these variables will have on a pension provider’s total portfolio of policies. Following this simulation, Schantz Valuation provides an answer to the question of whether, in 30 years, the provider will be in a position to pay out their pensions or not, and in this sense constitutes an invaluable risk management discussion tool for the board rooms of the pension providers," he says. While the entire pensions industry revolves around one basic fact of life – that we all age – Schantz A/S software remains eternally fresh and relevant. “We like to split our solutions into components and avoid trying to tackle them as one giant organism,” says Essendrop. “This way, if one legislation changes, we don’t have to reprogramme an entire legacy system, but instead can simply alter one particular parameter. “Not only do we segregate our solutions, but we also develop our systems in bitesize chunks, resisting the urge to invest in overwhelming projects that require two or three years to take to market,” he adds. “As soon as you spend more than six months on one project, the end product immediately becomes outdated. By working in very short delivery times, we distribute solutions throughout the market at an impressive rate. “That’s the only way we’re going to achieve our goal of revolutionising the customer experience for pension policy holders worldwide.”

The systems are already in place to monitor the daily finances of policyholders, so why don’t pension providers deliver relevant, real-time financial suggestions? Summer 2017

www.fintech.finance |

GLOBAL FINTECH HUBS

A world of fintech Louise Brett, UK Fintech Lead Partner at Deloitte, previews findings in its upcoming Connecting the Global Fintech Community report, made possible with support from Innovate Finance and Innotribe The Deloitte annual Connecting the Global Fintech Community report now covers 20 hubs in Europe, 12 in Asia Pacific and 12 from other regions around the world, and offers a broadly representative overview of the global fintech landscape. That said, there are still a few notable hubs that have not yet joined the Global Fintech Hubs Federation (GFHF), for example Beijing, and therefore have not been featured in the 2017 report. In addition, we are aware that there are interesting developments from emergent hubs across Eastern Europe, South America and Africa that are not yet represented here. As the network of GFHF participants expands, the scope of our report will become increasingly comprehensive.

Emergent themes When we analysed the data from the 24 new hubs that we profiled and coupled it with additional desk research, a number of interesting regional themes emerged. On the whole, our research found that new European hubs (particularly those within the European Union) tended to agree that there is good access to talent in their hubs. On the other hand, most of these 12 new European hubs rated regulation in their hub negatively, and regulatory barriers were cited as a common challenge. Consistent with this, our research on regulatory sandboxes and regulator collaboration, showed that in Europe, only the UK, Netherlands, Russia, Switzerland and Norway have committed GFHF HUBS Africa Asia Pacific Central and South America Europe Middle East North America Grand Total

to a regulatory sandbox; and only the UK, French and Swiss regulators have signed fintech co-operation agreements with other regulators across the globe. In Asia Pacific, hub representatives were more positive about regulation in their hubs, compared to their European counterparts, and with good reason, too. Over the last year, we have seen very positive developments from regulators across Asia and the pace of change has been extremely encouraging. For example, of the 16 regulators who have either set up or committed to setting up regulatory sandboxes, seven are in Asia. Moreover, Asian regulators have also been proactive in cooperating with other regulatory bodies outside of their region. For example, China, South Korea, Hong Kong, Japan, Singapore, Australia and India have all signed international cooperation agreements with other regulators. Singaporeâ&#x20AC;&#x2122;s Monetary Authority has signed more fintech cooperation agreements than other regulatory bodies in the world. Although the tangible outcomes of these agreements largely remain to be seen, cooperation between regulators globally has undeniably become a trend.

Regional differences Although our research only included two hubs from the Gulf region, both hub representatives presented very similar self-assessments. Both hubs claimed excellent government and regulator support for fintech and these are evidenced by the range of initiatives that the government and regulatory bodies are

NEW HUBS 1 7 1 12 2 1 24

| www.fintech.finance

OLD HUBS 2 5 1 8 1 3 20

TOTAL 3 12 2 20 3 4 44

Cooperation between regulators globally has undeniably become a trend driving together. For example, the RegLab in Abu Dhabi, the fintech Hive and 2020 blockchain ambition in Dubai, and the fintech work driven by the Economic Development Board in Bahrain. In Africa, fintech developments continue to be concentrated around mobile and social payments. Highly successful fintechs are rare as low levels of government and regulatory support and lack of quality infrastructure continue to be barriers to scaling. In the Central and South America region, Brazil leads the pack by way of investment and number of fintechs, and much of the activity is concentrated in Summer 2017

Mapping progress: 24 new fintech hubs have been added to the report

Sao Paulo. Broadly, across the region, corporates and investors are the ones proactively developing the local fintech ecosystems. However, there are positive signals that government and regulator support for fintech is increasing. For example, Mexico’s new financial inclusion strategy is expected to promote fintech. Finally, we complete the map with North America. While Silicon Valley and New York continue to be the indisputable top fintech hubs in the USA – and Toronto in Canada with 80 per cent of the Canadian fintech activity in this hub – over the last year we have seen a number of other emerging hubs in Chicago and Charlotte, North Carolina. Another interesting development in the Summer 2017

USA in recent months has been regulation, particularly with regards to the Office of the Comptroller of the Currency’s (OCC’s) fintech charter. As the USA’s complex and fragmented regulatory environment has been cited as a challenge by US fintech hubs in our research, it will be interesting to review these developments in our full report, launched at Sibos in October.

An evolving story As we have seen, fintech ecosystems continue to evolve at pace across the globe. As these ecosystems evolve, so

too will the report and its methodology for assessing and presenting the fintech developments in these hubs. We are pleased to be working with the Global Fintech Hubs Federation to review and refine the methodology and improve the robustness of the assessments currently being completed by each hub. Without giving away too much, we are very excited about the full report in October and look forward to working closely with ecosystem participants across all the GFHF hubs over the coming months. www.fintech.finance |

GLOBAL FINTECH HUBS

A hive of industry Philippe Mauchard, Senior Partner and Chief Bridge Officer at B-Hive, offers a digital dating agency with a difference. He matchmakes companies across financial services and it’s creating quite a buzz

Since the start of the fintech revolution, the assumption has been that the plucky start-up is a thorn in the side of the lumbering incumbent. That the fintechs are a pack of hungry hyenas using speed and ingenuity to prey upon the legacy-laden elephant, the watering hole not big enough for the both of them. But is that still accurate in an age of digital transformation? For Philippe Mauchard, senior partner and chief bridge officer at business ecosystem B-Hive, the answer is obvious. “Sure, at one stage, fintech companies were very much considered to be a threat,” he says. “However, many incumbents now view their fintech peers as potential assets and are more keen to foster alliances than

| www.fintech.finance

to build barriers. Companies are finally realising that it takes two to tango, and the financial services industry is no exception to the rule.” According to Mauchard, the dissipation of this rivalry is only partly due to a mutual realisation that collaboration is king; it's also as much about the gradual change in the type of business constituted by the majority of new fintechs. “In recent years, there’s been a progressive shift in start-ups in financial services from business-to-consumer (B2C) models only. For example, Uber,” says Mauchard. “Instead, many new companies are adopting business-to-business (B2B) or B2B2C structures, both of which are better suited to collaborations with larger incumbents. “Incumbents and start-ups are also

beginning to acknowledge the possibility of gaining the best of both worlds,” he says. “Smaller firms are recognising the value of larger companies in terms of their access to the market, consumer trust, resilience, and investment capacity, and more mature firms are seeking to learn from the agile start-ups about how best to appeal to a new breed of customers. Once you bring these two sets of positive traits together, it’s a match made in heaven.” Unfortunately, cherry-picking the best features of an incumbent and a start-up is not quite as straightforward as it sounds. “There are a couple of pitfalls to watch out for, of course,” says Mauchard. “The first sounds rather obvious, but is surprisingly difficult to avoid. In gaining the best of both worlds, the companies can

Summer 2017

unintentionally absorb the worst of both worlds at the same time. This could mean a slow pace of action or unnecessary processes in the case of an incumbent, or a messy, blinkered view of the world, courtesy of the start-up. “The second issue is arguably even trickier to resolve: start-ups and incumbents speak a different language, and I’m not talking about English and Spanish here,” says Mauchard. “The primary reason for this communicative discrepancy is pace. There are 24 hours in a day, but those 24 hours mean very different things to both incumbents and start-ups. As a start-up, you need to be moving on to the next project as quickly as possible, to prove to your investors that your business plan has traction, to achieve that growth rate of at least 50 per cent per year of your top line. As an incumbent, you’ll be more than happy to maintain your top line, or perhaps grow it by a couple of percentage points, if you’re lucky. “Here at B-Hive, our mission is to eliminate this problem of communication between start-ups and incumbents, in order

Summer 2017

to turn the dream of total unity between mature incumbents and fresh tech players into a reality. We firmly believe that innovation and digital transformation in the financial services industry will come, by and large, from the collaboration of these two types of company and not just at a surface level, either," he says. “The entire ecosystem of technology enablers, consultants, HR lawyers, and everything else needs to be shared between companies, should they wish to achieve the ultimate goal of better services, which means we certainly have our work cut out.” Formerly known as Eggsplore, B-Hive’s headquarters are located in Brussels, and its shareholders consist of 13 renowned financial institutions, ranging from globally influential companies, such as SWIFT and Allianz, to more local firms, including Belfius Bank and Baloise Insurance. “We work both jointly with our shareholders and on behalf of them on various projects,” says Mauchard. “We usually commence our practical operations by choosing a series of topics and themes that our investors wish to work on together. A real example of one topic that we’ve examined is how to approach blockchain technologies within our sector. “From here, we organise specific working sessions, meet-ups and networking events to facilitate interactions with start-ups that could help to produce new technological solutions in tandem with our shareholders,” he adds. “The B-Hive team are present at every single one of the events we run. Our role on

There’s been a shift in start-ups away from B2C models, to B2B or B2B2C structures, both of which are better suited to collaborations with incumbents

the night is threefold: to get the right people talking together, to translate what’s being said so that it’s clear to both parties, and to cultivate agreements relative to the topic in question. “Should a company decide that they’d like to take things further, we can support them in a bilateral way throughout the entirety of the process. This usually involves running an incubator or providing technical services to the start-up where necessary.” Despite technically constituting a start-up themselves at the tender age of just two years old, B-Hive can already take credit for several collaborative success stories as a result of its networking sorcery. “A Belgian start-up called Qover actually hosted its on-demand digital insurance infrastructure within our offices,” says Mauchard. “We leapt at the opportunity to support its new technology, especially since it had been received so warmly by the local incumbent and start-up ecosystem. Qover’s innovative insurance solutions are now gaining good traction within the UK, and that’s all because we helped them to breach other markets using our substantial list of international connections.” B-Hive will be present at the Money 20/20 Europe conference and welcomes visitors to its booth to discover the effectiveness of its networking activities through showcasing some of the solutions developed by its previous beneficiaries. “Alongside past projects, we’ll also be exhibiting our keynote Cyber Hive initiative,” says Mauchard. “We’re developing this cybersecurity programme on behalf of the industry as a whole to address recurring digital security issues. “Beyond Money 20/20, our medium-term goal is to establish a truly global success network, in order to extend our services to incumbents and start-ups across multiple new international hubs,” he says. “Our new office in Tel Aviv opened on 12 June and we’re also exploring opportunities within New York and South East Asia, alongside our current offices in London and Brussels. “We want businesses across the financial services landscape to immediately think of B-Hive when considering the development of new technological solutions, and we make no differentiation between start-ups and incumbents. Everyone is equal in the race for innovation.”

www.fintech.finance |

GLOBAL FINTECH HUBS

Peace, love and fintech

Collaboration, playing to your strengths and embedding trust in financial services will shape the industry as it comes of age, according to SWIFT’s Fabian Vandenreydt You’d kind of expect an awesome view of the future from the head of a company responsible for fuelling some of fintech’s greatest innovations – and Fabian Vandenreydt doesn’t disappoint.

He has a vision for a new era, fuelled by exciting technology and the market-liberalising effects of the revised Payment Services Directive (PSD2). It’s one in which daggers-drawn rivalry will become a thing of the past and key industry players will focus on what they’re good at, contributing to a new, collaborative environment in which the customer will be the ultimate beneficiary. “I think the immediate future for fintech will come down to the three value disciplines organisations fall into. Either they are very customer intimate, or they create nice products, or they run safe infrastructure. It’s difficult to be the three together,” says Vandenreydt. “If you look at PSD2 regulation, it clearly says that banks will function in the future as infrastructure-ish, running the accounts and providing data to other institutions, including fintechs, to create new products. “So there is a likelihood that the large banks might become more infrastructure-focussed and that products – even financial products – might be created by non-banks. In terms of who will be the front end to the customer, I think it clearly won’t be the banks alone, especially for younger generations.” If he’s right, we’ll see a seismic shift in the whole banking value chain. “The way it’s going to evolve is not clear. When it comes to private banking and wealth management, the front-end customer might remain in the hands of the

investment or wealth manager, but this might not be the case for everything in financial services. “If banks become infrastructure, this poses the question ‘what does this mean for their business models in a lower margin environment without the added value of products?’ So, it changes the way the ecosystem is going to work.”

Future of ‘Google Bank’ Technology, Vandenreydt believes, will be the key differentiator and catalyst for change, supported by PSD2-fuelled developments in the way financial players operate. “Technology makes this split between customer intimacy, product leadership and infrastructure easier to do, and regulation is also opening up products and customer relationships to non-banks. “Things are reshaping and I guess the ones that can manage infrastructure in a lean, very efficient way, on a gigantic scale, will win. “Amazon is one example of an organisation that is not a bank and does that, and of how such changes could create a cost redistribution in the ecosystem.” So, does Vandenreydt believe we’re heading for a financial future dominated by the likes of ‘Apple Bank’, ‘Amazon Bank’ and ‘Google Bank’? “If they were to try to form banks, they would need to comply with lots of regulations which, as we know, require a lot of energy, time and money to keep up with,” he added. “So they will need to weigh up whether becoming a bank is the best way to achieve what they want to achieve. “Maybe not, maybe the best way is to partner with existing infrastructures. A good template to look at is what’s going on

in Asia, especially in China. Their regulatory environment is different, but the notion of having gigantic companies doing a bit of everything is quite common.” Vandenreydt is global head of securities markets, Innotribe, and The SWIFT Institute for the cooperatively owned provider of secure financial messaging services, SWIFT. It created technology accelerator Innotribe to identify emerging trends in financial services innovation and promote discussion among key players about how those trends will impact the industry. It’s taking this into exciting new territories, including Russia, where it ran its first Start Up Challenge in the country this Spring, with the aim of recruiting fintechs for its annual start-up event at the Sibos conference this October. Last September, the Global Fintech Hubs Federation (GFHF), co-founded by Innotribe and collaborator Finovate, produced the first report into the world’s fintech hubs, their potential and the challenges and opportunities they face. GFHF is an independent and inclusive global network of emerging and established fintech hubs, made up of associations, industry bodies and partner firms and fostering innovation through knowledge sharing and collaboration. Its report held no surprises in terms of the areas it identified as leading hubs – Sydney, London, Hong Kong and Silicon Valley. However, it showed that countries like Belgium, Ireland, Shanghai and South Korea are encroaching fast, based on specialist niches from payments to servicing and asset management. And the lowest-scoring hubs, including India, Mexico and South Africa, are those with arguably the most potential, with

One future: Old rivalries will become a thing of the past

| www.fintech.finance

Summer 2017

weaknesses, such as limited regulation, providing an opportunity for fintech. The key innovation areas it identified were in customer-focussed services, such as e-commerce and retail banking. But data – both ‘big data’ and analytics – and mobile technology are also key. Lack of government support and risk aversion were the major challenges. SWIFT, and therefore Innotribe, is focussing its groundbreaking efforts on the minefield of cybersafety. “Everything that relates to safety of the financial system in general is the top challenge on the agenda of CEOs these days,” according to Vandenreydt. “And safety means cybersafety. It means financial crime compliance safety, anti-terrorist financing-related safety and regulatory reporting. All the kinds of things that are not necessarily related to a specific financial asset, product or even customer, but to the trust and safety of the system as a whole. This is because those threats are much more sophisticated and understand the financial system much more than they might have done 10, or even five, years ago.”

Connecting the hubs The annual Sibos conference, this year taking place in Vancouver, provides an important showcase for the fintech hubs involved with Innotribe and the GFHF. “The world is specialising, not only in fintech, but other industries,” continues Vandenreydt. “Israel is a leader in everything relating to cyber defence, while Singapore is advanced in regulation

Summer 2017

technology. Innotribe is always looking to make connections with those hubs, to help them find solutions to their problems. Sibos is a place where we can have a get-together and present what the fintech hubs do. “It’s important for the global banks to see what is cooking in all those hubs.” Vandenreydt himself will be exploring the very foundation of innovation in his Sibos presentation this year. “I’ll be looking at the ‘how’ of innovation, with questions like ‘how do you innovate?’

If you don’t have trust, then any financial product you would like to exchange – bonds, FX, gold – will not work and ‘what are the soft and hard skills you need?’ – things like working as a platform and coming up with value propositions that are beyond products, while creating an environment where your clients and providers can innovate jointly.” On this theme, what are the optimum conditions Vandenreydt believes fintechs need to fuel their innovation? “The GFHF report showed there are a number of elements. If you want to create a fintech hub that attracts people and capital, you need a regulatory environment that is conductive to that,

stable and committed to helping start-ups develop, while also helping mature companies to innovate and export services and software. “You also need an environment where start-ups want to come, not just in terms of fiscal advantages, but also proximity to universities, ease of hiring the right people, strong digital infrastructure, affordable real estate and good access to clients. Our report reviews cities and countries in terms of how attractive they are and what they need to do to improve.” Interestingly, despite his clear commitment to pushing the frontiers of fintech, Vandenreydt believes the tenets of the new financial ecosystem remain good, old-fashioned values. “If I had unlimited time and money to rebuild the financial services industry, the first thing I would do is implement a global trust system, in which parties that need to transact can 100 per cent trust each other,” he says. “This is fundamental because, if you don’t have trust, any financial product you would like to exchange, whether bonds, equities, derivatives, foreign exchange or gold, will not work. “In my system, the consumer would also have a more transparent way of comparing products, and more control over the data they supply to banks. “Financial services and other platforms, such as Facebook, have a lot of data about each of us, that we’re not fully in control of, but the new General Data Protection Regulation will start to put the ownership of our data back in our hands.” So, there’s already a new value chain redefining roles for existing actors in financial services, and bringing in new ones, accelerated by regulation and aided by technology.” As to what this might all look like in 10 years’ time, as even Vandenreydt, with his eye to the future, says: “The crystal ball isn’t clearing on that just yet.”

www.fintech.finance |

COMPLIANCE

Painful shock: The GDPR will be strictly enforced

GDPR: Build your defence! With large-scale casualties predicted as strengthened data protection regulations come into play next year, Alan Calder, Founder and Executive Chair of IT Governance, urges companies to prepare for compliance The General Data Protection Regulation (GDPR) is the most significant development in data protection law for more than two decades and will have far-reaching implications for businesses and organisations worldwide. The GDPR strengthens the privacy rights of EU residents, and requires organisations to develop clear policies and procedures to protect personal data, and adopt technical and organisational compliance measures. The UK public sector has always taken compliance seriously with the Data Protection Act. The private sector

| www.fintech.finance

however, has done just enough to meet its obligations – although, at times, ‘just enough’ has fallen some way short of regulatory expectations. But that's all about to change. With the Data Protection Act (DPA) being replaced by the General Data Protection Regulation (GDPR) next year, things are looking to become a lot more problematic for those companies that take a lax approach to compliance. “The jump from the financially poorly enforced Data Protection Act to the very tightly enforced new General Data Protection Regulation (GDPR) is frankly huge,” says Alan Calder, founder and

executive chair of IT Governance. “Large financial consumer institutions have been aware of GDPR for quite some time now but, despite this awareness , we estimate that only 30-35 per cent of all UK organisations understand what they need to do to address it to be compliant. With less than 12 months to go before GDPR is implemented, he says: “We suspect that there’s going to be a whole host of organisations unable to demonstrate compliance by next May. They will be subject to receiving eye-watering fines and dealing with complaints and actions for financial compensation from private individuals,

Summer 2017

whose rights under the new regulation have been strengthened.” One of the reasons why many private British companies are finding it so hard to develop action plans to ready themselves for GDPR is because of the absence of refined compliance systems that, Calder points out, should have been in place under the Data Protection Act. “At its core, GDPR is an enhancement of the Data Protection Act” he says. “The eight key data protection principles from that act still exist within GDPR, therefore, making the step from full Data Protection Act compliance to GDPR compliance is not such a daunting prospect; making the leap from flimsy compliance foundations is another story.” Despite seeming like somewhat of a ‘remastered edition’ of the Data Protection Act on paper, GDPR is imposing some significant practical requirements upon companies should they wish to avoid up to €20million or a four per cent global revenue penalty, come May 2018. “The entire basis on which data is processed is being altered by GDPR,” says Calder. “From next year, companies will require a lawful motive to support every bit of data processing that they complete, and they will also have to offer consumers the option to withdraw their consent at any stage. The guidelines state that, under GDPR, it should be as easy for customers to delete their data within a company as it was for them to provide it, and lots of companies will need to update their systems significantly to supply this facility. “As well as ensuring that every data processing action is attributed to a lawful motive, companies will need to send individual privacy notices to every single data subject on their books,” says Calder. “These notices will explain exactly what the company is doing with their particular data, be it an employee’s or a customer’s. ‘GDPR comes with a clearly structured privacy and retention policy concerning personal data, and as soon as any of that data slips beyond what the policy deems to be lawful, then a company must discard it. Not doing so will result in significant monetary penalties. Another key practical challenge that companies will face under GDPR is data subject access requests. “Data subjects won’t have to provide a

Summer 2017

written application nor pay a cent in order to demand all the information that a company is holding on them,” says Calder. “Companies will have 30 days to respond to access requests with all of the necessary information, archived or not, and failing to do so will result in (you guessed it) more fines. You can see why we’re expecting the number of data subject access requests to skyrocket in 2018. “The final, and arguably most important, practical change that companies are going to have to make for GDPR is in their reporting of data breaches,” Calder continues. “Institutional vigilance regarding data security is frankly woeful in the UK and that’s because there’s currently no legal requirement for companies to report cyberattacks when they occur. In fact, until now, organisations have been more inclined to try to keep security breaches under wraps for PR purposes and that can have a distinctly negative

Institutional vigilance regarding data security is frankly woeful in the UK but there’ll be no more sweeping of data violations under the rug impact on anti-cybercrime initiatives. “However, following the implementation of GDPR, there’ll be no more sweeping of data violations under the rug,” he says. “Any company that suffers a breach where there is a risk to the rights and freedoms of natural persons will be under a legal obligation to report it. At the moment, most organisations struggle to even recognise when a security breach has taken place, so installing the necessary systems to be able to report an incident to the Information Commissioner within 72 hours will be a challenge to say the least.” In short, companies have a fairly

lengthy ‘to-do’ list to complete before May 2018, and pleading ignorance in the months following won’t be an option due to the categorical accountability clause at the heart of GDPR. However, as one of the world’s leading experts in IT governance, having published several books on the subject, Calder offers some crucial advice to companies feeling at a loss to know where to start their GDPR preparations. “Put it on your corporate risk register, alert the board, and do your best to emphasise the gravity of the problem,” he says. “Give someone inside your organisation overarching responsibility for compliance – perhaps a data protection officer or someone else at an executive level. Do a data inventory and a data flow audit so that you can identify the gaps between what you’re currently doing and what you should be doing. Update your policies and procedures and ensure that you can handle data subject access requests as soon as they come in. Prepare for a data breach because, unfortunately, you’re going to get breached. “The trick is to have a robust privacy compliance strategy in place so that you can prove to the regulators that you’re holding yourself accountable for the protection of personal data.” IT Governance is dedicated to helping companies achieve and maintain the level of compliance necessary for GDPR, and is seeing increasing demands for its services as May 2018 draws nearer. “We recognise that different organisations like to approach compliance in different ways, and we’ve consequently designed our business to deliver product and service packages that match the cultural and resource requirements of each individual company,” he says. “We can mix and match foundation and practitioner training, online staff awareness training, extensive or limited consultancy, gap analysis, software, and documentation toolkits to provide our clients with the most practical route to compliance status for them. “Most of our customers are based in the UK, but we also have delivery capability across the entire European Union, the United States, Asia-Pacific, the Gulf and Africa. It’s probably optimistic to think everyone will be ready for GDPR come next May. We certainly have our work cut out.” www.fintech.finance |

COMPLIANCE

Transparently compliant Glassbox has even impressed the regulators with its ability to capture, analyse, store and replay data, while the ability to co-browse has endless possibilities for customer service and the war on fraud, says CEO Yaron Morgenstern It’s June 2018 and your Pseudo Bank is going from strength to strength. There is a stack of fintech start-up awards on the shelf, your fee-less current account with instant transaction notifications is the most popular thing since sliced bread and other banks have given up trying to compete with your low interest loans. Then one day, as you’re idly toying with your Newton’s cradle in your high-rise office suite, you receive a phone call from the Financial Conduct Authority (FCA) and they don’t sound too pleased. They’ve spotted a technical error on your website, which has meant you’ve been selling financial products online without displaying the appropriate Ts&Cs. “We need you to provide evidence of exactly what has happened, as well as an accurate record of how many people have been affected. After this, we’d like a full report of how you’ve dealt with the issue. You have 48 hours. Goodbye.” Remember, this is June 2018 and MiFID II and the General Data Protection Regulation (GDPR) are in full swing. At this point the most obvious thing to do is evacuate the office and relocate your family to the Outer Hebrides in the hope of escaping the

Sauron-like gaze of the regulators. Unless, of course, you’re using Glassbox’s risk management and compliance solution, in which case your response to the FCA is ‘no problem’ and you can go back to admiring the spectacular view over the city from your floor-to-ceiling windows. “Our software automatically captures every single interaction with your app or website, be it internal or external,” explains Yaron Morgenstern, CEO of Glassbox. “This includes anonymous visits, for example when someone decides to enter their details and log in at a later stage. Having captured every single interaction, it then identifies and indexes all of the information in real time, meaning you can effectively co-browse with someone who is still on your website or app. Finally, it analyses all the data, compresses it by more than 95 per cent to minimise storage requirements, and makes it available for instant replay,” he says. “In terms of MiFID II and GDPR compliance, Glassbox has it covered.” Due to the automatisation of its software, the Glassbox team is confident that its compliance solution is fundamentally

future proofed and unlikely to become irrelevant, despite ever-changing technologies and regulations. “Because it does everything automatically, at the point of capture, there’s no tagging or pre-configuration involved,” says Morgenstern. “For regulatory technology, this is a really important feature because it’s impossible to guess what the regulators’ concerns are going to be in few years’ time. “Not only this, but your websites and apps are evolving all the time. By capturing absolutely everything, you’ll always be totally covered. There’ll be no need to tag up journeys that you believe might possibly be relevant in years to come, nor spend bags of money storing unnecessary quantities of data,” he says. “Glassbox’s solution totally eliminates the gambling element of future compliance preparations.”

When the regulator calls Originally called Clarisite, Glassbox was established in Israel, the ‘start-up nation’, in 2010. Since then, the company has transferred its headquarters to London and opened offices in both New York and Tel Aviv. Unsurprisingly, it wasn’t long before Glassbox’s solution caught the attention of the UK regulators.

Clear advantage: Glassbox technology gives companies a head start on compliance

| www.fintech.finance

Summer 2017

“It became clear during our first meeting with the Financial Conduct Authority that they were unaware that this kind of technology existed,” says Morgenstern. “They immediately became very interested in it! Not just because of its revolutionary functions, but also because it’s been thoroughly tried and tested. Our technology has been up and running in Israel for several years and we’ve progressed beyond the regulatory sandbox stage. What we’re offering is a proven, instantly implementable compliance solution and one that will no doubt make the regulators’ lives just that little bit easier,” he adds. One of the solution’s features that he’s most proud of is its rapid deployment capability, whether you choose to have it on-premise or in the Cloud. “Every large organisation has its own unique technological infrastructure and this can really take its toll on the installation of new compliance solutions,” says Morgenstern. “Inserting new software into a legacy-filled IT environment can be a messy process and it’s no wonder that the majority of compliance services take months and months to implement. We’ve made it a priority to ensure our solution can be fully deployed within weeks. “We’ve specifically designed our software to slot neatly in between whatever existing legacy technologies there may be.”

Let’s co-browse! With MiFID II and GDPR just around the corner it could prove to be the lifeline that

Summer 2017

financial institutions are searching for. However, the advantages of this technology don’t stop there, as demonstrated by the wide variety of clients that it now serves. “The ability to co-browse your app or website with a customer using our software has great implications in terms of customer support optimisation,” says Morgenstern. “As a customer, it can be extremely frustrating trying to explain a specific problem over the phone. However, a company using our software can provide

It became clear, during our first meeting with the FCA, that they were unaware that this kind of technology existed their contact centre operators with a real-time view of the customer’s screen, be it on a mobile device or computer. This eliminates the need for convoluted, unnecessarily lengthy phone or text conversations, as the contact agent can immediately see exactly what’s going on from the customer’s perspective. “Bank Leumi in Israel has been using our software in this way for a few years now and the result has been a reduction in their

average call time from five minutes to one-and-a-half minutes. In contact centre terms, that’s a huge improvement,” says Morgenstern. “Leading banks in the UK have also been using our solution to improve the customer experience element of their businesses. “Our software alerts you when, for example, lots of users are abandoning a process on a bank’s website at a particular stage. Other useful insights, such as server performance, precise customer location, and web browser inconsistencies, can all be made available by our technology, which makes it a valuable tool for monitoring and improving performance in all channels. “The real beauty of Glassbox’s software is that a bank can do anything it likes with the data it produces, within regulation, of course,” says Morgenstern. “There are too many possible applications to list, although in my opinion it’ll begin to gain substantial traction within the insurance sector in the near future. Companies such as AXA are already using our technology to model risk around fraud. Because every single click and key stroke is recorded and made available for playback, you can watch, as if you’re standing behind them, the exact process of a customer inputting their details for a quote,” he says. “Hey, look! They typed that their car is being stored on the road, but now it’s being stored in a garage! “It may sound a bit like Big Brother, but I’m sure companies won’t be complaining when the regulators come calling.”

www.fintech.finance |

COMPLIANCE

A changeable forecast Even for a seasoned professional like Guillaume Lenoir, the tectonic plates shifting under banking are a little unsettling. A perfect storm of regulations and reforms include the Markets in Financial Instruments Directive (MiFID II), the Fundamental Review of the Trading Book (FRTB), the Market Abuse Regulation (MAR II), the General Data Protection Regulation (GDPR), the fourth Anti-Money Laundering (AML) directive... one could go on. “That they are all happening simultaneously implies a lot of pressure on banks in terms of project delivery efforts and investments, so that’s a massive challenge,” Santander’s head of IT Regulation and Compliance, admits. “There is also an on-going risk of project rework as some elements of the regulators’ legal interpretation are still being worked out. We may have some late refinement to deal with ‘in-flight’ as it were.” The banks feel each other’s pain, he says. “Collaboration among banks is complex to achieve, but the regulatory pressure has pushed them to find ways to do it – I think there really is a change of attitude. We cannot continue to bear, on our own, replicated regulatory costs. I think we need to recognise there are areas we can share.” All of which is forcing everyone to adapt and reconsider traditional ways of working and operating, which includes migrating IT services to the Cloud. “This technology not only offers time-to-market benefits and a scalable environment, but also a new ecosystem to develop innovative technologies, such as data analytics. “The Cloud is a key part of Santander’s digital marketplace strategy for IT services to interconnect to each other,” says Lenoir, who is managing teh bank’s move into the Cloud for services supporting components of MiFID II.

Santander’s Head of IT Regulation and Compliance Guillaume Lenoir gets out his banking barometer… Now there’s a spirit of conciliation, even partnership, between banks and some of the most innovative players in the digital market, but particularly when it comes regtech, says Lenoir. “You will find banks with a hybrid between their legacy systems and a lot of regtech solutions plugged in on new forms of technology. The right data granularity will really ease future regulations because it’s all about data. Although I think those regtechs will support us in the use of data, consumption and managing our risk rather than helping us to improve data quality. “These collaborations will allow us to tackle some regulatory burdens and to meet the requirements without requiring significant overhaul of existing platforms,” he adds. “They will help us use the data and figure out whether we can identify, through management information and data analytics, any form of process flaw, client fraud, operational alerts and even business trends.” Lenoir also sees fintechs and Cloud providers enabling and introducing new platforms and technologies – “things we could not do before, such as machine learning and artificial intelligence”. But that’s not to underestimate the strides that banks have made themselves, he says.

We cannot continue to bear, on our own, replicated regulatory costs. I think we need to recognise there are areas we can share 90

| www.fintech.finance

“Many banks have focussed on simplifying their existing technology estate and building big data solutions, APIs and services, which have the potential to ease future regulatory deliverables. “They have also implemented organisational changes around data management governance, creating a chief data officer function, for instance, as well as data quality controls across processes that support the life of transaction data, client data and product data. All of this improves the level of data granularity and quality. “GDPR will require us to explicitly manage our personal data (client, supplier and employee data) via new operational processes and heightened security. This will directly impact our ability to do marketing, data mining and historic modelling.” Lenoir is not, however, pessimistic. “Instead of continuing to invest in upgrading and maintaining some legacy infrastructure and IT solutions, I expect more collaboration in supporting evolving business models. Banks will, for instance, invest in regtechs to establish a broader digital market and to gain immediate benefit from services that will ultimately benefit the client. That digital market is going to be an interesting element driving change in financial services.”

Never rains but… A perfect storm of directives also encourages innovation

Summer 2017

COMPLIANCE

A radical new model

Fundsquare’s Head of Product Management Paolo Brignardello explains why its distributed ledger platform could be the Ford Model T of the fund industry It’s not easy adapting to change, and the fund industry is finding it a particular struggle. Pressure on product costs and transparency are increasing, while new ways of doing business demand new operating models. The advent of several compliance directives in quick succession, such as the second Markets in Financial Instruments Directive (MiFID II), the Regulation for Packaged Retail and Insurance-based Investment Products, and UCITS V, are also heaping a greater regulatory burden on asset managers’ shoulders. At the same time, rising intermediation in distributing funds in the last decade has squeezed margins. What’s more, they’re having to adapt to changing client behaviour, with a growing number of millennials placing greater emphasis on simplicity and convenience of services, as well as security. Paolo Brignardello, head of product management and marketing at Fundsquare, says the sector has little choice but to adapt. The question is, how? “The industry is really facing pressure on cost and fee transparency. So there are big pressures that require a transformation,” he says. “But for many reasons, above all legacy systems and organisation, it’s not easy to embrace.“

The platform, which is a collaboration with InTech (a subsidiary of the POST Group) and KPMG Luxembourg, works across the value chain, allowing asset managers to sell funds direct to the investor, and speeding up the messaging between the investor, the asset manager, the custodian bank and the transfer agent, thus reducing execution times from days to a matter of hours. The operating model sees an investor going through a smartphone application to access fund information and performing know your customer (KYC) Direction of travel: Ford's Model T was as disruptive as blockchain

A ‘concrete’ blockchain For Fundsquare, an initiative by the Luxembourg Stock Exchange to improve market infrastructure, the answer lay in using a distributed ledger that directly connected investors and fund managers. Described by Fundsquare’s MD Olivier Portenseigne as the ‘Ford Model T’ of the fund industry because of its potential for radical disruption, FundsDLT launched late last year as a decentralised fund order processing engine, based on distributed ledger, digital tokens and smart contracts. “Many blockchain projects are still experimental. Our initiative goes beyond that. We have started to create something concrete that will be completely new,” says Brignardello. Summer 2017

compliance checks, then processing an order by provisioning cash through a digitalised token. On the other side, transfer agents will inspect the KYC elements that have been collected and accept the order, while an asset manager can follow up inflows and outflows in the register in real time. Once the net asset value is published, the entire settlement process is executed instantaneously.

Deep digitalisation FundsDLT operates through an application programming interface (API) framework

that delivers an open standard, covering account creation, transaction processing, KYC, payments and entitlements. A key feature of the platform is the ease with which compliance checks around anti-money laundering (AML) and KYC can be undertaken. That’s achieved by standardising and mutualising the process so that customers no longer need to be verified separately by each bank. The platform will also facilitate fund data look through and MiFID verification. “As an industry we need to go much deeper into the digital transformation, otherwise we’ll be hit hard like the music, video and press industries that have all seen digitalisation. New generations will want to have easier access to financial products. That’s why we need to reframe the architecture and the ways products flow to the selling point.” Crucially, here he’s talking about personal pension management, which is likely to bring a much wider and more inexperienced mass affluent audience of investors into the fund market. For years, fund managers have found it hard to reach out to investors, while they in turn are frustrated by intermediaries. The upshot has been restricted choice and an industry known as being opaque. Brignardello says greater transparency is being driven by a combination of market forces and regulation. “There are more and more competitors in the fund industry that are competing by showing their fee levels,” he says. “They are pushing to gain market share.” He adds that, while cross-border distribution is a trend that already exists, ‘more capital market union efforts from the European Commission will trigger the possibility of even more efficient cross-border distribution’. Rather than squeeze out actors in the fund distribution supply chain, Brignardello believes the Fundsquare platform will benefit everyone who can plug into its new ecosystem, concluding: “It’s still in the early stages, but the industry should follow the model.” www.fintech.finance |

COMPLIANCE

The future-proofed bank Core values and a new platform that gives it a 360-degree view of data puts TSB ahead of the regulation race, says Alison Verlander, Director of Conduct and Operational Risk Considering TSB bank’s rollercoaster history in the last 20 years– its raft of mergers, acquisitions, buy-outs and name changes – managing programmes of transformation must now be embedded in its corporate DNA. Perhaps that’s why the rapid succession of looming regulations leaves the bank’s risk and compliance department relatively unfazed. Or it could be something more fundamental. TSB’s values already aligned closely with the customer-leaning tenets of the General Data Protection Regulation (GDPR) and the revised Payments Services Directive (PSD2), argues Alison Verlander, director of conduct and operational risk. And that gives the bank a head start. “TSB was born with some pretty fundamental values,” she explains. “One of them is around being straightforward with customers, which is why we’ve stripped out any sales incentives. There are none at all within TSB. That’s because we want to be led by what customers want – not by what we want to sell them. “This is very different from many other banks. So, it doesn’t matter how we are contacted – through digital or branch networks – the fundamental question is: 'what would customers like and what would deliver value to them?' It’s not 'what do we want to sell?', because there are no incentives.” One of the big question marks over GDPR is how far it will impact on data stored for marketing purposes and on an institution’s ability to gather and share it. “If banks think of GDPR as just another regulatory change project, I think they’re

missing a trick,” says Verlander. “As an industry, we should think of GDPR as an opportunity to put more control into the hands of customers and think about it in a more rounded way.” So, where some banks are having to significantly adjust their thinking and deliverables, TSB has been able to keep calm and carry on. “The environment is becoming more competitive and more customer-centric,” she says. “All of these drivers offer choice in a way that we haven’t seen before and that’s good for customers and good for competition.” Creating understandable products at the bank is high on Verlander’s list of achievements. “We have a very straightforward product range that delivers value for customers and we’re offering mobile and digital channels, which they love. At the same time, we’re committed to our branch network and to delivering local banking.” Having transparency and communication at its core makes it resilient to regulatory change, she argues. “We don’t know what regulations are to come but we do know that we have a principle-based regulator in the UK that cares about the quality of customer outcomes above all else,” she says. “So, if we grounded our strategy – whether it’s our growth or compliance strategy –in anticipating the quality of those outcomes, we’d have a better opportunity to be successful. It would be unfortunate, and miss the point, if we grounded it in trying to comply with the ticking of boxes. We need to lift our thinking up and be more principles-based. “We can’t always anticipate what customers will want in the future, but it’s likely to be a really convenient and easy

Ageing architecture that doesn’t allow a single view of your customers makes GDPR far more difficult to deliver

| www.fintech.finance

service. The best way to secure that success is to have a service model that offers customers choice – through digital or branch network access – offers flexibility and ensures that whatever we offer is based on customer need.” With the slogan Local Banking for Britain it’s hard for the branch not to play a part in that mix, regardless of TSB’s investment in digital. “We’re putting £250million over the next five years into our bank branch network, including two new flagship branches. It’s incredibly important to us and we need to do that alongside developing the digital channels,” says Verlander.

Reshaping for GDPR This April TSB began rolling out its next-generation mobile app. Built on the relatively new Proteo4UK platform – designed to integrate with Spanish bank Sabadell’s proprietary Proteo platform after TSB’s sell off from Lloyds in 2015 – the app has a whole new interface, promising user-friendly features such as fingerprint access and one-hand navigation for most transactions. In future, Proteo4UK will integrate with third party apps and services from fintech providers. “Ageing architecture that doesn’t allow you to have a single view of your customers makes GDPR far more difficult to deliver. So, we’re not going to have any of those constraints,” says Verlander. “We’re going to have a brand new platform that is robust and agile. It means we’ll have a single source of information about our customers that will enable us to comply in a much more seamless way. “It’s going to be incredibly difficult for banks to get over the line of GDPR if the proliferation of IT systems not speaking to one another continues,” she adds. “It’s futureproofing ourselves, isn’t it? And I think that’s key – you really can’t do that if your infrastructure is a drag on your ability to innovate.” Summer 2017

While Verlander’s focus has been on data migration and getting onboard with the new infrastructure in time for GDPR, among the platform’s many other functions is an enhanced capability around social media. “We think social media is a really important source of information and sentiment about what customers think and feel about TSB. We track it to get that insight,” says Verlander. “But we don’t use social media to deliver our core banking services and there are some important reasons around that. We may in the future, but we’d have to do it in a way that’s thoughtful and compliant, and secure.” The use of social media to evaluate how customers perceive the bank is a big deal for TSB. It also deploys Net Promoter Score Summer 2017

Better all round: TSB’s new platform architecture will give a complete picture of data

(NPS), specifically using the question: “On a scale of 0-10, where 0 is not at all likely and 10 is extremely likely, how likely is it that you would recommend TSB to a friend or colleague?” “An independent benchmark study by BDRC Continental found that we’re the most recommended high street bank, so we are very interested in how that plays out across the UK," says Verlander. Under the new GDPR, of course, banks will be under scrutiny from customers, who will be given extended rights to inquire, restrict and delete data, as much as customers are from banks.

“When you compare the GDPR subject access requests to the existing requirements under the Data Protection Act, they are subtly different. We’ve got to be a bit quicker in how we respond and it’s got to be done in an electronic format, but fundamentally, the requirements are pretty similar,” says Verlander. “So, for existing banks like us, it’s just about building on what we already do well. It might be slightly different for new market entrants that aren’t used to trading in a regulatory environment. For a mature bank with mature systems like TSB we’ll just have to wait and see. But we are definitely ready.” www.fintech.finance |

COMPLIANCE

Fixing the patient: A journey through digitisation Banks don’t need to perform open heart surgery on their core legacy systems, but some judicial digitisation of the vital organs could rapidly improve outcomes. In their concluding article on digitising credit risks the McKinsey & Company team consider the first incisions There is plenty of room for digital improvement in client-facing processes, but banks also need to go deeper into the credit risk value chain to find opportunities to create value through digitisation. The systematic mapping and analysis of the entire credit risk work flow is the best way to begin capturing such opportunities. The key steps – from setting risk appetite and limits, to collection and restructuring – can be mapped in detail to reveal digitisation opportunities. The potential for revenue improvement, cost reduction and credit risk mitigation for each step should be weighed against implementation cost to identify high-value areas for digitisation (see table 1 opposite). Some improvement opportunities will cut across client segments, while others will be segment specific. On the other hand, in credit analysis and decision making, banks will likely find that instant credit decisions are mostly relevant in the retail and SME segments, while the corporate and institutional segments would benefit more from smarter workflow solutions. The application of geospatial data,

combined with advanced analytics, can yield a high-performing asset valuation model for mortgages in the retail segment. For collection and restructuring, automated propensity models will match customers in the retail and SME segments with specific actions, while for the corporate segment banks will likely need to develop debt restructuring simulation tools, with a digital interface to identify and assess optimal strategies in a more efficient way.

Digital credit creates value Several leading banks have implemented digital credit initiatives that have already created significant value. These are a few compelling cases: Sales and planning. One financial institution’s journey to an interactive frontline involved the construction of a digital workbench for relationship managers (RMs). The challenges to optimal frontline performance were numerous and included the lack of systematic skill building, customer relationship management (CRM) systems with a fragmented overview of clients and difficulty gathering relevant client and

Juan Antonio Bahillo Monné

Andreas Kremer

Saptarshi Ganguly

Ida Kristensen

is a Partner at McKinsey & Company with a special focus on financial institutions, risk management, private equity and restructuring

is a Partner in the Boston office of McKinsey & Company, where he principally works with clients in retail and commercial banking

| www.fintech.finance

industry data. Onboarding, credit, and after-sales processes required many hours of paperwork, drawing frontline attention away from new client meetings. By engaging RMs with the IT solutions providers, the bank’s transformation team created a complete set of frontline tools for a single digital platform, including best-practice CRM approaches and product specialist availability. The frontline soon increased client interactions by four to six times while cutting administrative and preparation time in half. The mortgage process. This presents a large opportunity for capturing digital value. One European bank achieved significant revenue uplift, cost reduction and risk mitigation by fully automating mortgage loan decisions. Much higher data quality was achieved through exchange-to-exchange systems and workflow tools. Manual errors were eliminated as systems were automated and integrated, and top management obtained transparency through real-time data processing, monitoring and reporting. Decisions were improved and errors of judgement reduced through rules-based decision making, automated valuation of

is an Expert Principal in McKinsey’s Berlin office and a member of the McKinsey Risk Management Practice

n The article on which this feature is based first appeared on the McKinsey & Company blog

is a Partner in McKinsey’s Banking and Risk practices, based in its New York office

Summer 2017

Working on two levels While the potential value in the digital enablement of credit risk management can be significant for early movers, a complete transformation may be required to achieve the bank’s target ambitions. This would involve building new capabilities across the organisation and close collaboration among the risk function, operations and the businesses. Banks should embark on this journey by prioritising the areas where digitisation can unlock the most value in a reasonable amount of time: significant impact can be tangible in weeks. Rather than designing a masterplan, banks can develop a digital approach to one area of credit risk management based on existing technology and business value. Banks that most need to increase regulatory compliance and the quality of their execution may begin with initiatives in process re-engineering to reduce the Summer 2017

TABLE 1: TO FIND THE AREAS WHERE DIGITISATION WILL CREATE THE MOST VALUE, MAP THE ENTIRE CREDIT RISK WORK FLOW n >10% of current baseline

n 5%-10% of current baseline

Credit risk value chain Appetite & limit setting Organisation (customer contract)

Work flow

collateral and machine learning algorithms. The bank’s automated real-estate valuation uses publicly known sale prices to derive the amount of real estate collateral available as a credit risk mitigant. The model, verified and continuously updated with new data, attained the same level of accuracy as a professional appraiser. Recognised by the regulator, it is saving the bank considerable time and expense in making credit decisions on actions ranging from underwriting to capital calculation and allocation. Insights and analysis. By making machine learning a part of the effort to digitise credit risk processes, banks can capture nearer term gains while building a key capability for the overall transformation. Machine learning can be applied in early warning systems (EWS), for example. At one financial institution, a machine learning-enhanced EWS enabled automated reporting, portfolio monitoring and recommendations for potential actions, including an optimal approach for each case in workout and recovery. Debtor finances and recovery approaches are evaluated, while qualitative factors are automatically assessed, based on the incorporation of large volumes of nontraditional (but legally obtained) data. Expert judgment is embedded using advanced analytics algorithms. Among SMEs, this achieved an improvement of 70 to 90 per cent in the ability to accurately to predict late payments six or more months prior to delinquency.

Credit analysis and decision Back office & loan administration Monitoring & early warning system Collection & restructuring Reporting ©McKinsey&Company

! Potential n <5% of current ● priority area baseline High-level digital credit risk value map

Potential for Potential revenue for cost improvement reduction

Potential to reduce cost of risk mitigation

Strategies & policies Sales & planning

! ●

Pricing Analysis Scoring and rating Application Decision

! ●

Contracts & documents Collateral management Issue identification Action recommendation Workout strategies Restructuring Report generation Insights & analysis

! ● ! ●

Work-flow support

number of manual processes or to build a fully digital credit risk engine. Those looking to improve customer value from greater speed and efficiency might implement such initiatives as a state-of-the-art digital credit underwriting interface, a digitally enabled sales force, data-driven pricing, or straightthrough credit decision processing. Banks needing to mitigate risk through better decision making may develop initiatives to automate and integrate early warning and recovery tools, and create an automated, flexible risk-reporting mechanism. A credit risk transformation thus requires banks first, look for initiatives that are within easy technological reach and that will also advance core business priorities. Launching initiatives that bring in savings quickly will help the transformation effort become self-funding. Once a first wave of savings is captured, investments can be made in building the digital capabilities and developing the foundation for the overall transformation. Based on what has been learned in early-wave initiatives, new initiatives can be designed and rolled out in further waves. Typical first-wave initiatives digitise underwriting processes, including frontline decision making and reporting. Risk reporting is another likely candidate.

Building digital capabilities The experience of specific initiatives will help shape digital capabilities for the long term. These will be needed to support the overall digital transformation of credit risk management and keep the analytics and technology current. To begin with, banks can examine their current capabilities and assess gaps based on the needs of the transformation. The talent focus across the organisation will likely shift as a result towards a greater emphasis on IT expertise and quantitative analytics. Improved data infrastructure is essential for the credit risk-management transformation. The uses of data are disparate throughout the bank and will continually change. For big data analytics projects, great quantities of data are needed, but how they should be structured is not usually apparent at the outset. In addition to enhancing their talent profiles and data infrastructure, the banks will have to shift the direction of their IT architecture. The target will likely be two-speed IT. The bank’s core (often legacy) IT systems constitute a slower and reliable back end, while a flexible and agile front end faces customers. Without a two-speed capability, the agility needed for digital credit risk management would not be attainable. www.fintech.finance |

DATA

Top Score! Having spun out from a short-term lender itself, new transactional data analysis platform AccountScore is just what the credit industry was waiting for, says Commercial Director Emma Steeley In a culture where people are reluctant to even disclose how much they earn, giving permission for a stranger to riffle through your bank statements may seem odd. But that is what one British start-up is doing – and consumers will almost certainly let it, so long as it leads to more favourable credit deals in return. AccountScore does what it says on the tin. Used alongside traditional credit reference bureaux, the platform offers lenders a more sophisticated (and probably more accurate) assessment of a customer’s financial health and habits by scoring their bank accounts. It understands precisely what lenders are looking for because the platform was spun out of one itself. Parent company SafetyNet Credit pitches itself as an alternative to a bank overdraft for consumers who regularly stray into the red. It claims its interest charges are cheaper than using a bank overdraft and it achieves that by constantly monitoring borrowers’ spending behaviour. SafetyNet Credit has been using the system on which AccountScore is based to analyse transaction data for several years. Now, it’s giving others the chance to use it, too. AccountScore’s commercial director Emma Steeley explains: “We take banking transactional data, we normalise it, we categorise it, and then we present it to financial services providers in the form of a dashboard, or they can pull it via our application programming interface (API).” The software has enabled SafetyNet Credit to monitor a customer’s current account so closely that as soon as it nears an overdraft trigger point, money is automatically advanced and deposited in their account to prevent bank fees being incurred. The company pledges to be a

| www.fintech.finance

responsible lender, so customers are not swamped by debt. The account monitoring comes from a data feed mined by partner Yodlee – which acquires the data direct from the customer’s bank account. According to Steeley, such a model has several advantages over credit reference agency scoring. “Lenders are still required to run credit checks, but we then provide an additional layer with income verification and the ability to conduct a true affordability assessment in real time, either via the dashboard or the API,” says Steeley. “A lot of people are not given credit in the first instance because they have a thin

in the US market as well, is absolutely encouraging the use of transactional data,” says Steeley. “They have been looking at it now for the last couple of years and are saying to financial services providers, ‘why don’t you use this?’ “SafetyNet Credit was the first in the UK to use bank transactional data to underwrite loans. We’ve taken that experience to develop AccountScore. “It’s all about driving revenue, reducing losses, improving the customer experience and satisfying the regulator.“ With full access to a customer’s bank account data, AccountScore can provide insight into an individual’s spending behaviour.

It’s about driving revenue, reducing losses, improving the customer experience and satisfying the regulator credit file,” she explains.“That doesn’t mean that they cannot afford credit, or that they would not be a good customer. “Getting details from bank transactional data gives you the most powerful insights you can have into that individual, because you can see all of the income and all of the expenditure in order to assist you in making a decision. “For me, that’s about financial inclusion more than anything else.”

A lesson not to forget But realistically, for lenders it’s more about reducing risk – and with lessons from the sub-prime market collapse still raw, the UK’s financial regulators are, not surprisingly, keen see transactional data used more like this. “The regulator in the UK, and seemingly

Using a keyword database containing more than two million keywords, AccountScore first categorises transaction types from the raw Yodlee feed. It then monitors the recurrence of transactions to make calculations about a person’s disposable income. By using at least 90 days of an individual’s bank data, it can recognise if someone has lost a job, changed jobs, missed paying a bill or reduced their number of direct debits. It knows how often an individual is paid and can predict their next expected pay date; reveal if they are in receipt of social security benefits; spot a returned payment flag; and even identify a potentially ruinous online gaming habit. Once a business has bought the AccountScore product, the dashboard can

Summer 2017

be customised and bespoke affordability models inputted. Steeley says that developing such a high level of intelligence from raw data took years. “Categorising the transactions, figuring out the salaries with regular incomings and outgoings, calculating defensible disposable income, all took years of trial and error and development,” she says. “But once we figured it out, it proved to be immensely powerful as a driver of profitability for SafetyNet Credit.” The target market for the AccountScore dashboard and API includes debt management organisations and personal loan providers. Steeley says: “We’re from a consumer credit background ourselves, so it’s very easy for us to see where it fits. But we are also working on the mortgage side of the industry and it is something that we have had some really strong success in.

“That’s because for the mortgage industry, lenders are required, from a regulatory standpoint, to understand when a salary pay date is and have that verified along with a borrower’s income. A lot of mortgage lenders still require bank statements for that, which is a clunky process. “By using AccountScore, they are able to automate that process and make their decisions a whole lot faster.”

Overwhelming response Another feature of the AccountScore product is an audit trail for its users. Given the high level of regulation financial firms face, the dashboard captures an individual’s data in a snapshot by writing a PDF each time their data is examined. That way an auditor can refer back and determine why a particular decision was taken, giving the evidence to justify their actions, should they be required to. AccountScore began pitching its products to other UK businesses in

September and has already launched operations in the US and India. Steeley says global roll-out will continue apace, with Canada, South Africa and Australia to be added to its markets later this year, followed possibly by a move into Asia. For those lenders already using independently supplied transactional data, the company also offers AccountScore Enrich, which takes the data they already have and integrates it with the AccountScore analysis tool. Transparency is key – the AccountScore website invites consumers to test its veracity by opening the door to their own bank account and seeing exactly how their data is crunched. The response to the product in the UK has been ‘overwhelming’, says Steeley. “One of the comments I hear the most when I present this product to people is ‘I can tell you were lenders, because this is the first product we’ve seen that exactly meets our requirements’.”

On the money: AccountScore has hit the sweet spot with lenders

Summer 2017

www.fintech.finance |

DATA

If digital banking is a ship, the customers who fail to jump aboard get left stranded. The diehards who refuse to make the journey, spend less, deposit less and fail to sign up for new banking products. That was the finding of a two-year Bank of the West behaviour study into 32,000 of its customers. Using transactional data it discovered that, after customers enrolled for digital banking, their product adoption rate soared to 58.4 per cent, compared to a 0.04 per cent for those who weren’t connected. And the number of credit and debit transactions on those accounts increased, which the bank realised was due to digital customers having access to up-to-date knowledge of their balance. The bank’s revenue growth was also impacted, with incremental growth of 10.7 per cent for digital customers, compared to 4.5 per cent for the others. And Bank of the West found that all this extra engagement through digital meant the connected customers were also less likely to switch and leave the bank – at an 8.9 per cent churn against 13.8 per cent. For all the key performance indicators measured, online connected customers were found to benefit most. If evidence of the importance of digital was needed, Jamie Armistead, head of digital channels at the San Franciscoheadquartered bank, certainly now had it. “We’re living through a time of rapidly evolving customer expectations,” he says. “If you think about how people are interacting with mobile devices in their everyday lives, in their non-banking lives, they are using mobile in social media, transportation,

Bank of the West is steaming towards a fully digital horizon – and it can’t afford to leave anyone behind, says Jamie Armistead, Head of Digital Channels retail. All those expectations that they’re gleaning from those experiences are resulting in people asking ‘why can’t my bank do this?’ So we are – Bank of the West is doing a ton of new innovations.”

Digital outreach The bank, a subsidiary of BNP Paribas, has more than 500 branches in 19 US states, and branch staff are working hard to ensure customers know about its digital services. It has introduced digital engagement specialists to branches, who help demystify digital for customers and explain its advantages. Harnessing big data around customer behaviour has been key to that process. “Digital services are a really strong indicator for our customers, in terms of their satisfaction with the bank,” says Armistead. “So we try to look at opportunities where we understand what a customer is doing in another channel but where digital offers a better way. We present that through our contact centre agents and branch agents. “Our digital engagement specialists will use data to understand which customers might be good candidates to talk to about mobile banking or remote deposit, for example.“They’re getting flags and indicators at a customer level to drive those conversations, which is really exciting.” Better use of data has enabled Bank of the West’s marketing teams to establish the segment-of-one approach that the digital

engagement staff can take advantage of. Armistead explains: “You start with broader segments. So at first individuals get treated as a group within a population. But once you look at the customer relationship, and bring that into play, it rapidly ends up as a segment of one. By drawing from 30 or 40 product opportunities, staff can pinpoint the best solutions for that individual. “It may be remote deposit, or our bill pay service or e-statements. But if you’re putting your customer first in how you view this evolution, ultimately you’re going to win in the game.” An example of Bank of the West’s attitude to technological change can be seen with its approach to the roll-out of chip and PIN cards in the US.

Who needs chip and PIN? The country has lagged behind the rest of the world in the use of this technology but for some customers, cards can be leapfrogged, says Armistead. “With chip and PIN you can see friction at the point of sale,” he says. “If you just stand in line at the grocery checkout, or your drug store, you see people frustrated with the experience. So what we asked ourselves was ‘OK, what is the alternative to that?’ and right now it is mobile. “That meant we took steps to enable our payment cards in all of the mobile wallets. We went out with Android Pay, Samsung Pay, Apple Pay, Masterpass and Microsoft Pay, so now our customers can choose the

The

good ship

digital 98

| www.fintech.finance

Summer 2017

wallet that makes the most sense for them.” Armistead explains that many retailers’ payment terminals are still not contactless in the US, but customers who use mobile wallets are enthusiastic about them. “It’s like when touch ID was brought in to wake up a phone, everyone loved that move to a biometric device. In the same way, the customers who are using mobile payments love the wallet.” Asked about how Bank of the West approaches digital’s demands on existing IT hardware, Armistead says it ‘isolates the core’ so that its inherent legacy limitations do not hamper progress. Application programming interfaces (APIs) are the solution to allow new digital systems to mine data held on customers. He says: “When you talk about core banking, you’re talking about the legacy mainframe systems that are running the deposit accounts, for example. You could migrate to a much more modern core but that costs hundreds of millions of dollars and is a multi-year proposition. “So, short of that, what we’re doing is moving to an API-based infrastructure within our existing technology, and we have communication gateways in place so we can isolate the core. “As a result, the manifestation of your banking experience, be it through mobile or online or even in branches, is not reliant so much on the core bank technology. “You’re able to do things like Touch ID and other things in your mobile app and online while the data exchange is happening behind the scenes. It’s seamless to customers,” says Armistead.

Plug and Play approach Armistead says partnerships with fintechs are key to digital development and Bank of the West makes contacts by hosting events, such as the BNP Paribas International Hackathon. Based in San Francisco, it also takes place simultaneously in nine other cities around the world. It invites start-ups to tackle new business opportunities and offers the expertise of BNP and Bank of the West staff, IT systems, customer insights and a sandbox API. From July to November, teams move into a co-working phase where they develop prototypes. Then in December their work is presented to BNP executives, investors and invited experts. If the scheme’s finalists have a product that is deemed worthy of investment then partnerships could be offered. Cash prizes are also given for the best projects. Last year, BNP and Bank of the West also announced their partnership with Plug and Play, a global innovation platform for Silicon

Valley start-ups, corporations and investors. It brought the banks right into the heart of the Silicon Valley start-up ecosystem. Armistead says: “We’re pretty bullish on the fintechs, mostly from a partnership perspective. They always start off with a really good customer-centric idea, but as they try to bring it to market they realise that scale is the biggest challenge. “They also realise that partnership with the banks is the way to go and we accept that because the fintechs can help us to accelerate what we are bringing to customers. “I think there’s more synergy than conflict, or friction, between the incumbent financial services players and the fintechs. “That’s why we’re a sponsor of Plug and Play down in Silicon Valley. It’s one of the largest incubators around. We’re able to work with the fintechs at a very early stage, understand what they’re doing and pinpoint opportunities that we can bring to our customers.”

We have digital engagement specialists who use data to understand which customers might be good candidates to talk to

All aboard: Customers’ product adoption rate soared after joining the digital journey

Summer 2017

www.fintech.finance |

DATA

The end game: Banks need partnership, not a scrum with fintechs

The power of partnership INTIX CEO Marc Braet believes fintechs and banks can be stronger together as they work to capitalise on data and provide a clearer picture of customers and transactions The quest for big data is a common goal for the financial sector. The more detail you have about the value chain – be it transactions, counterparties or customers – the better your bottom line. But data alone is not sufficient: you have to structure it and find out what’s important. This is where specialists such as INTIX come in, by helping to distil value from the mountain of unstructured data that’s available in today’s digital world. “Data is not what it used to be,” says Marc Braet, co-founder and CEO of Belgium-based INTIX. “If we go back 20 or 30 years, before the internet took off and digital business was a reality, the financial world was less complex and moved far more slowly. Although banks have had to

100

| www.fintech.finance

adapt, they’re innately conservative, which means there are still many legacy systems. “Among the driving forces for change are real-time payments and regulatory control. Today, we have many silos: silos from the past and silos that have been created as banks have diversified and added new systems, applications and business areas. The goal is greater transparency and insight, which means having a firm grasp on all the data, how it relates to other data, and who’s using it. This is what INTIX provides.” One of the most pressing requirements for better use of data is regulation and compliance. “We need to produce data in a way that satisfies regulators and auditors, particularly with developments such as the revised Payment Services Directive (PSD2) and the growth of open banking. It’s

important to have both oversight and understanding of data, so everyone in the transaction chain is clear about their responsibilities. This is something the industry currently lacks.” So will new players, such as INTIX, who are more proficient in handling data and have the digital tools, outmanoeuvre established financial players? How does Braet view the possibility of disintermediation? “There are always new entrants, innovative businesses that can harness data more effectively and provide a better customer experience, but I think collaboration is the key – working in partnership with fintechs. “Customer experience is crucial, because the expectations of millennials are totally different to those of older generations. Millennials want on-demand banking, Summer 2017

mobile access, no delays. Whether the customer is an individual or a corporate, banks nowadays must develop technology that provides a seamless, real-time service.” INTIX is an enabler for financial institutions and provides technology to ensure that banks are responsive to data-driven needs. “We help organisations to achieve their strategies through standard products that have versatile applications,” says Braet. “Everyone is now talking about big data, and how to harness it and how to use it. We can configure our products to meet all types of data requirement, be it for payments, securities, regulation, business intelligence, or customer experience.”

Breaking down the silos According to Braet, fintechs such as INTIX have the advantage of speed and agility when compared to in-house IT departments, and can help to break down silos. “We can work with any kind of format, across any environment. Wherever data is stored, whatever format it’s in, we can create single-window access. So, while creating correlations between different data sources and data elements, we can deliver data to customers in whatever context they want. For example, it might be liquidity management, tracking and tracing transactions, lifecycle management, or compliance.” This highly focussed, single-window approach is particularly important for compliance, which has been a priority since the 2008 financial crisis. As Braet puts it: “We need to be sure data isn’t being transformed or manipulated, that it maintains its integrity and can be delivered in a structured way. Think of us like a Google on the bank, but in a more selective and refined way. Our technology understands all the financial nuances and details that define a transaction, such as value dates and currencies. “Every element of a financial transaction can be logged and interrogated. Any business can see what an institution or person has done with the business in the past, in any context, value range, currency or other relevant detail. And it’s very simple to do, with the response coming back in seconds. Institutions often either struggle or fail to deliver that kind of intelligence, which means they can fall foul of regulators and are then fined. Summer 2017

“Of course, as well as satisfying regulatory requirements, the more you know about customers, the better you can understand their needs and serve them. Accurate and complete data provides the depth of knowledge to create products that are more targeted, more focussed on certain types of customer or business.” As for improving customer service, Braet highlights the improvements that INTIX has made to call centres. “Previously, customers would contact a call centre with a query about a payment they had made, perhaps because it didn’t appear on their bank statement. This would require the bank clerk and the call centre employee to dig deep to answer the query. It was time consuming and tedious, so pretty bad in terms of customer experience. Our technology cuts through this. When the customer calls, you can provide an instant response. If you address the query immediately, the customer is happy.”

Collaboration doesn’t mean fintechs sacrifice their freedom to be able to work in the way they want. But if they get absorbed by banks, and have to work like banks, the innovation will be lost Avoiding ‘embarrassment’ Another business benefit is lifecycle transaction management. “The value here comes from looking beyond a specific element in a transaction,” says Braet. “We can provide insights about the total flow of a certain payment, and detect processing anomalies in real time. Because we’re now making progress with artificial intelligence, machine learning and similar technologies, we can not only tell you what has happened but also predict

what might happen. This will certainly help with fraud and intraday liquidity.” The heightened level of control and scrutiny means that some of the typical embarrassments in the transaction space can be avoided. “We’ve seen situations where banks have temporarily lost sight of some high-value transactions and only realised when a customer has contacted to them to say: ‘Where’s my transaction?’’’ says Braet. “Reputation damage is compounded by the cost of such things as missed value dates. But our technology has tracking functionality that ensures we can alert people in a bank when a situation like this is happening. They can then make corrections so a cut-off date is not missed, and because the customer will receive the funds in time, they have no clue that something was potentially amiss.” Braet is proud of Belgium’s role in the development of fintech. “We have a number of significant industry players here, such as SWIFT, Mastercard, and Euroclear. For a very small country, we’re an important financial hub and innovation leader. Clear2Pay started in Belgium, and then there’s the recently formed Belgian fintech platform B-Hive. INTIX is a member of B-Hive and it’s encouraging to see banks, insurers and market infrastructure players collaborate in this kind of industry initiative. “Not so long ago, fintech companies were saying, ‘We’re going to take down the big banks.’ It was a them-or-us situation. But now we’re seeing a lot more partnerships. A big one, and a surprise to me, is the partnership between Moven and TD Bank.” But banks still need to gain momentum. “Banks remain tied to legacy systems and need fintechs to move forward,” says Braet. ‘We must work together and embrace technology, although it’s important that collaboration doesn’t mean fintechs sacrifice their freedom to be able to work in the way they want. If they get absorbed by banks, and have to work like banks, the innovation will be lost. “Regulation, real-time payments, PSD2… these are all things that will push banks to work more closely with fintechs. The business model is changing. In short, banks must reinvent themselves. They need fintechs to both deliver a faster and more efficient service and at the same time learn more about their customers so they deliver the right kind of service.” www.fintech.finance |

101

DATA

Data: the new frontier Set up during the American gold rush in the Wild West, Wells Fargo’s intrepid history in banking is legendary. But there’s still new territory to be won, as Executive Vice President Bipin Sahni explains When you were America’s first bank to offer customers online access to their accounts, you’ve a reputation to maintain. Wells Fargo was that bank, providing the service in 1995 when only one in 10 people used the Internet for anything, let alone banking. It was a brave move then, but 22 years later the bank has lost none of its frontierman zeal. It’s still blazing a digital trail, but now its taking fintechs along for the ride. “Fintech is just a new way of talking about innovation and innovation is part of our DNA,” says executive vice president Bipin Sahni. “We were the first to offer Internet banking, the first to offer mobile channels for both corporate and consumers, too. We understand what our customer needs are, what our business needs are, and we evolve with time.” And there’s been quite a lot of evolution over the bank’s 165-year history. Originally formed as a joint stock company to provide banking and express services between New York and California, the Wells Fargo brand has become synonymous in America culture with the Pony Express, stage coaching and the railroads, opening up new opportunities for millions of citizens. Now it’s facing a new challenge. “Data will be the new frontier for the bank going forward,” says Sahni. “Understanding our customers’ behaviours and patterns is very important, and doing that means we can serve them better. It’s not only about improving their experience, but also about how they interact with us, or how we engage with them.”

Getting the message Artificial intelligence is an area where the bank has harnessed that data to develop virtual assistance for its customers. Wells Fargo partnered with Kasisto through its Startup Accelerator programme and is now trialling an AI-based customer services chatbot through the Facebook Messenger platform. The bank says millions of its customers use Facebook Messenger to communicate with friends and family, so it was an obvious place to broaden their conversation with the bank. Wells Fargo had been giving assistance to customers via Facebook since 2009, before switching its focus to Facebook Messenger last year. AI technology allows the bank to develop an experience that is focussed on a customer’s immediate need to answer a question, or provide data that would previously have required navigating through various pages on the bank’s website. It is delivered in a simple conversation format and it potentially saves time for busy customers. Sahni says: “There’ll be a lot (of innovation) coming out in the near future. And more and more will be

focussed on making our customers’ lives simpler; that’s very important for us.”

Reaching out to fintech Wells Fargo’s Kasisto Startup Accelerator programme deal is non-exclusive – Kasisto also works with Singapore’s DBS on a similar chatbot. The Startup programme accepts applications twice a year from new businesses and will invest up to $500,000. But the aim is furthering innovation – the bank has no interest in anything more than a minority stake in its partners. It helps the start-up move forward by assigning business mentors and venture capitalists to provide input. “We’re here to collaborate with smart companies that can add value to our ecosystem and

Fast and secure: Wells Fargo applies the same principles to digital

102

| www.fintech.finance

Summer 2017

partnership is the best way to ensure growth,” says Sahni. “No one can win this battle all by themselves, right? So from that perspective the Startup Accelerator programme has played an important role in connecting the dots from interesting companies, things happening in the tech ecosystem, or enterprise software space, with the lines of our business. “It’s a mutual exchange programme – value is exchanged from both sides. The start-up gets access to a bank of our size, and an operating environment of our size, to deploy its product. Working closely with our staff, they learn how we do things Then they are trained enough to go to another bank, because it’s a non-exclusive programme. We would

Partnership is the best way to ensure growth – no one can win this battle all by themselves

Summer 2017

love to connect interesting start-ups in the cybersecurity space to other banks. Because you know what? We’re all dealing with similar problems around that.” Wells Fargo is also lifting the lid on its customer data to offer new services through API agreements.

Savings for businesses The API enables customers to use tools such as Intuit’s QuickBooks software without having to hand over account credentials to the third party. Using a tokenised ‘handshake’ between the bank and the third party’s servers, the accounting software can retrieve a customer’s bank data seamlessly with no risk of compromising security. The sharing of customer data had been a sticking point for such deals until Wells Fargo thrashed out its Xero agreement. And the bank’s API is being further developed so that customers have more control over what data is revealed to third parties from later this year. The accounting software is aimed at small businesses and the self-employed – and harnessing current or business account data directly reduces time spent on bookkeeping for the user. In the sphere of payments, Wells Fargo has recently embraced mobile payments with its mobile wallet, and offers cardless transactions at its 13,000 US ATMs. Under the ATM feature, its 20 million mobile banking customers can log into the bank’s app and select the card-free ATM access option to

request single-use eight digit access codes. At the ATM, the customer enters the code and their PIN to access a full range of services. Wells Fargo stresses the feature’s high level of security – because as well as the one-time code, customers have to access the app with their password or a scan of their fingerprint. For the mobile wallet, launched last year, customers can add their Wells Fargo debit and credit cards for use at tap and pay near field communication (NFC)enabled terminals. The wallet is incorporated into the bank’s existing mobile app so that customers can also view account information before and after making a purchase. Another new payments innovation is a digital on/off switch feature for holders of Wells Fargo debit cards. It aims to remove the risk of a contactless card being used by a thief if the card is mislaid or stolen. Using the bank’s mobile app or online banking website, customers can switch a card off, and subsequently switch it back on if they later find it – removing the potential hassle of cancelling a card and having to wait for a new one to be issued. Although customers have been able to phone the bank to use this on/off feature since 2015, Wells Fargo says it has been impressed by the interest shown since it was added online and to the app. Customers can now also activate new debit cards via online or mobile. And a website/app on/off switch for the bank’s credit cards is being developed for launch for next year to further improve security. It certainly beats riding shotgun on the Wells Fargo express.

www.fintech.finance |

103

DATA

I know it’s here somewhere... It’s time to clear out the digital loft because hoarding stuff could land you in a heap of trouble come next May, warns John Culkin, Head of Information Management at Crown Records Management The ultimate clear-out has been ordered – and you’ve got until May 2018 to do it. The EU’s General Data Protection Regulation (GDPR) demands that organisations rummage through every box in the digital attic for personal information on customers and staff – then justify their decision to hang on to it or throw it out. The industry has never seen such a thorough spring clean. GDPR is designed to shift the control of personal data back to the individual, so companies will no longer be able to gather and hold information without their explicit consent. That means firms must change their practices from May 25, 2018, but the biggest challenge they face right now is tracking down the stuff. “A lot of people will have shared drives, full of information they’ve collected over many years. Emails. Lots of unstructured data. Data on local computers. USB keys. That’s very convenient for lots of people, but it also introduces lots of risk,” says John Culkin of Crown Records Management. Working out what they have, where it is, what they use it for and when they get rid of it, is what his firm specialises in. “There’s no technical solution, no piece of software or a magic button you can press to become GDPR compliant,” says

Culkin, who is head of information management. “It’s a case of understanding what information you have.” More than that, the way an organisation requests, gathers and uses information in future will also require it to address its internal behaviour, attitudes and culture. “There must be a big change from believing it’s your data that you can use as you see fit for as long as you want. Things can no longer be kept ‘just in case’,’” says Culkin. The legislation’s aim is to protect all EU citizens from privacy and data breaches. It is a tool to fight the risk of data theft from cyber criminals, but it also seeks to set firmer boundaries for how legitimate organisations use personal data. For individuals, the biggest change they will experience is being politely asked for consent to use their data and made aware of the fact they have the power to remove that consent at any time. They can also set and vary limits on who their data is shared with and how, with the right to see what information is held on them. At the very least that means rewriting data protection notices. Among the regulation’s instruction is one that ‘firms will no longer be able to use long illegible terms and conditions full of legalese, as the request for consent must be given in an intelligible and easily accessible form’. It goes on: “Consent must be clear and

There must be a big change from believing it’s your data that you can use as you see fit for as long as you want

104

| www.fintech.finance

Clear out: The GDPR will force organisations to be ruthless about keeping data

distinguishable from other matters... it must be as easy to withdraw consent as it is to give it.” Organisations must tell regulators and customers if they suffer a data breach that could ‘result in a risk for the rights and freedoms of individuals’ within 72 hours. And the fines for getting this wrong? They are potentially huge – up to four per cent of a firm’s global turnover or €20million, whichever is higher. To put it into context, the UK’s Information Commissioner's Office imposed fines last year of £880,500. One estimate puts that at £69million under GDPR.

Costly mistakes Culkin says the ease with which modern computing can store data means it’s tempting to keep it ‘on the off chance’ that Summer 2017

“Then you’ve got to consider the behavioural aspects. So, what training are you doing for your staff and how do you interact with your customers? Things like privacy notices need to be examined to make sure they’re fair and compliant. “Then there are third-party contracts. Anybody that uses a data processor needs to make sure rules are in place because liability is shared if there is a regulation breach.”

A unique perspective

it holds ’that golden nugget of information‘. In future that could be a costly mistake. He explains: “Everyone perceives data storage to be cheap but that’s not necessarily the case any more. With GDPR you’ve got to prove why you’ve got the data in the first place. If a data protection authority – in the UK that’s the Information Commissioner’s Office –asks ‘have you got permission to use this? Can you prove it to us? What’s the evidence for that?’ you will need to have answers ready. “Crown is very keen on understanding the lifecycle of information as it flows through organisations. So, for example, we’ll do an information audit that will look at all your unstructured and structured information, your databases, and give you a clear picture of what you’ve got, where it is and why. “That will include the jurisdictions, the Summer 2017

sensitivity of the information, and where it’s stored, which gives you a good insight into your risk, so you can decide what you want to keep and what you want to get rid of.” Because GDPR applies to all companies processing the personal data of EU subjects, its effect will be felt across every sector and in every region, irrespective of whether it’s in or outside of the EU. But as with any spring clean, you’ll feel much better when you’ve done it, says Culkin. “The UK is going to have lots of regulations very similar to Europe’s for a very long time and GDPR provides a good basis for that. Ignoring it would be silly.” He advises starting with a full information audit. “Look at what information you hold, why you hold it, and how long you’re going to hold it for. That will give you a good basis moving forward.

Crown’s approach to helping a customer face GDPR is based on risk, rather than a technical solution, and there is no off-the-shelf fix – all organisations have different challenges to face. “Every organisation comes from a different place and is going somewhere different, therefore they need to think about GDPR in a way that’s unique to them,” says Culkin. “Some industries are already geared towards sensitive personal data, such as healthcare. GDPR will have a bigger impact where people don’t have the same sensitivities around privacy. For example, where there is lots of marketing, especially in the consumer space, or even B2B, where they don’t consider business contacts as having personal information. “They will have to get used to treating personal information in a much more structured manner. It goes across all industries, but I do see that where you’re directly dealing with customers, you’re going to have to be very careful around what information you’re giving, and what information you’re sharing with third parties.” Crown’s traditional business is that of document storage and disposal, and the group has 19 offices across the UK. But drawing on decades of experience, it can guide customers on how to manage their data so that information remains secure and accessible in years to come. Culkin says: “A lot of people perceive their technology, especially some of the legacy technology, as being an anchor, stopping them from moving forward. So one of the things we look at is long-term digital preservation. Just because you can read it now doesn’t mean you’ll be able to read the information in 10 or 15 years’ time. “We look back at Betamax videos, laserdiscs and even floppy discs. For regulatory or legal reasons in the future, it’s important to be able to render them in a way that’s easily accessible.” www.fintech.finance |

105

DATA

The data banks Information is the new currency on which the banks’ futures will be founded if big brands are not to become wallpaper in an increasingly competitive environment, according to Finbar Hage, Head of Data and Analytics (EVP) at Rabobank Like many incumbents, Rabobank finds itself at a curious inflection point between the old and new financial orders – having to hire armed security guards to protect its cash-dispensing ATMs one minute while trialling an internal chatbot and launching a new digital identity service the next. The latter, Rabo eBusiness platform, is a joint venture deal with fintech Signicat, using an application programming interface (API) to help the bank’s clients

digitise their services and remain compliant. The conversational AI, meanwhile, is an internally run project that is looking to improve the speed and efficiency of the bank’s day-to-day customer service interactions. “For us, as one of the biggest retail banks in Holland, the challenge is to be present and to remain relevant for the customer,” says Finbar Hage, who was brought in as the bank’s head of data and analytics in October last year to create one overarching department.

“My role is basically to accelerate and to facilitate other domains of the bank getting their value out of data,” says Hage. “When you start tackling all the issues that come across data in an environment like this, which is a total data environment, there are no more vaults containing bars of gold, there’s only data. Your money is data, so we need to make it work – for you as a customer and for us as a bank. Creating this department really brings us to the next level on data uses.”

Digital assets: The banks' real value lies in the data they hold

106

| www.fintech.finance

Summer 2017

Rabobank’s approach is in marked contrast to many traditional players who tend to silo data according to its function, each department in blissful ignorance of the other’s stash of ‘gold’, while IT stubbornly resists third party attempts to leverage information across the organisation.

Taking a holistic approach Hage believes Rabobank’s holistic approach leaves it much better prepared for the upcoming legislation, including the General Data Protection Regulation (GDPR). “People underestimate what GDPR could mean, not just for their IT infrastructure, but also for the way their company is organised. Somebody’s described it as another Y2K situation in 2018. “There are a lot of hidden must-dos within the regulation. It forces you to take a customer-orientated view of your data, basically, and that’s something you need to start acting on now. “Banks have an advantage because we’re used to being really careful with data to begin with. For us, there has always been a triangle of decision points: what we are allowed to do with data, which is governed by regulation; what we can do with data, which is dependent on technology; and what we will do with the data, which is the ethical question. That is now helping us with all the new regulations. “The GDPR, for example, is basically saying that data is owned by the customer who has provided it. So, if the customer wants to do something with their data – take it out, have it deleted, reuse it somewhere else – it’s not illogical that they would be allowed to do so. “So, we are approaching the GDPR from a totally different perspective and saying how could this be something we can help customers with? How can we be transparent and compliant to the wishes of the customer – view it not so much as a challenge but as a way in which we can add value for them.”

An ‘open-minded’ approach The bank has taken a similar attitude to the upcoming revised Payment Services Directive (PSD2), which seeks to open banking to competition. “Open banking is the most significant change we’re seeing in financial services, bringing more and more participants into Summer 2017

the sector and breaking down what was seen as one service until now, into several elements,” says Hage. “As a result, the number of competitors is increasing and customers are being confronted with more and more opportunities to do business. “Like many more traditional banks, we tended to focus first on complying with the need to make open banking possible. Then we shifted to thinking of it as an opportunity to bring our products and services to a wider audience of consumers. Now we’re looking at new business models. “Open banking has created a need for parties that can verify, identify and make transactions easier and more accessible. One of the best examples of this is our new eBusiness platform, which uses an API, together with authentication and identification services, to help clients digitise their services and remain compliant.” PSD2 demands not just that banks know their customer but that they have a rich, multi-layered understanding of them – it’s what Hage’s department was set up to achieve and it’s now impacting on

There are no more vaults containing bars of gold; there is only data many areas of the bank’s business. “This subject has been top of our minds for the last couple of years, from a compliance perspective. The need to know our customers, and understand them and their data, and keep it in check,” he says. Coupled with machine learning, it’s informing the bank’s work on fraud detection, pricing strategies and risk detection. “Using data and automation, we can detect things that are out of the ordinary, classify them, and either stop them or tag them for action within a fraction of a second,” continues Hage. At the same time, the bank is teaching its machines what data anomalies to ignore, to minimise customer disruption.

“We basically look at regular patterns and things that don’t fit in. But not too much, because somebody could have done something unusual, like a special trip abroad, and used their credit card legitimately,” adds Hage. Another major future application for big data and analytics, Hage believes, is the assessment of credit risk. “This is something you basically want to get right. You decide to have a company as your client based on the assumptions you make and your assessment of the risk this company will bring, and you adjust your pricing and acceptance policies accordingly. “We have a lot of historic rules in place for this but can make more advanced decisions using data to look at patterns, predictions, past behaviour and peer behaviour, basically getting a picture of a client before you know the client. “We can use this kind of risk assessment ourselves, to improve our own portfolio, but in an open banking environment we can also do that for anyone who would be interested in an assessment of a company, to understand their credit risk. Our system can give us a ‘today view’ of the company and also analyse what it will be like in a few years’ time.” Rabobank’s re-invention and the development of new niche services are its way of responding to the major challenges facing the industry. “With all the new entries into the market and the opportunities of open banking, the main questions for banks are ‘where will they play?’ And, as a financial institution used to playing right opposite the customer ‘how will they remain there?’” says Hage. “A lot of the financial decisions and financial moments are shifting away from traditional banks and I think the main fight will be around the fact that if financial institutions want to remain visible, remain a brand or a player for that customer, there’s only room for so many. “So, who will be at the front and who won’t, and, if they’re not, where will they be? Will they be a provider of a network or an infrastructure? Can they make enough money on that? Can they excel in that? Do they have a cost structure that fits that? “And if they don’t succeed, there will be really difficult questions to answer after that.” www.fintech.finance |

107

DATA

The data crunch Peter Moss, CEO of The SmartStream Reference Data Utility, says regulatory pressure will persuade many banks that it’s good to share Given the greater regulatory scrutiny that financial instruments will be coming under next year, the need to access accurate, relevant reference data is becoming more vital than ever. The Markets in Financial Instruments Directive (MiFID II) and its associated regulation significantly extend firms’ reporting requirements to nearly all instruments traded on regulated markets, multilateral trading facilities (MTFs) and organised trading facilities (OTF), as well as financial instruments whose underlying components are involved in trading. The level of detail required has also increased. While no one could argue with the directive’s ambition – to maintain the integrity of financial markets – it does present investment firms with something of a headache. The SmartStream Reference Data Utility (RDU) offers data management and compliance officers a very large ibuprofen. “We can’t remove the requirements placed on them, so we are helping them

108

| www.fintech.finance

to reduce the amount they need to spend to meet the regulations,” explains Peter Moss, the RDU’s CEO. “Everyone is very focussed on building out their reference data requirements to support the regulations. While it covers a number of areas, the key one is transparency in the market. This requires a huge amount of reference data which, as a Reference Data Utility, we’re already providing to support many clients.” Founded by Goldman Sachs, JPMorgan Chase, Morgan Stanley and SmartStream, the RDU was the first industry utility, based on shared principals of market commonality, collaboration and contribution. Working across legal entity, security, instrument, corporate action and pricing data, the model fixes data glitches. In other words, it establishes the truth, providing accurate and timely reference data for use in regulatory reporting and trade processing. Its MiFID II reference data service helps firms to prepare for what it has described as a ‘very fluid’ regulatory environment.

MiFID II might not be perfect yet, but it’s a step change from the situation pre-financial crash when there was plenty of activity but precious little transparency for investors. So, the regulation is to be welcomed, says Moss, even if reform has been a long time coming. “With MiFID II, investors should have a much better picture of what’s happening – and it’s less of a closed environment that can be exploited by those ‘in the club’,” he says. And more transparency in the marketplace could allow for much more innovation. “We could be looking at different ways of managing investment strategies, trading strategies and so on,” says Moss. “In the end, I think it will lead to a step change in the way markets trade. It’s also worth remembering that more clarity typically means smaller spreads, which leads to lower margins. That is always a good thing for the investors, though not necessarily for the people doing the trading,” he adds.

Summer 2017

“In this instance, Europe is leading the way, but I think it’s going to end up expanding out to Asia and the Americas as well. A lot of organisations adopting these regulations in Europe are global, so it won’t be a huge amount of additional work for them. They’ll just replicate it and move it into other jurisdictions.” These are major changes for the banks, but for the Reference Data Utility, it’s just a question of scale. The RDU already works across tens of millions of instruments. With MiFID II, the number could potentially rise as high as 400 million. Individual customers can then take whatever slice of data they want, without having to worry about dealing with the whole amount. “We have a very flexible infrastructure in our datacentres, essentially it’s a private Cloud, and we continually build out the technology to reflect the latest capabilities,” says Moss. Its key advantage over competitors is its single focus on reference data. “That’s what we do. We are experts in the space; we spend our days living and breathing reference data,” says Moss. “This means that when we talk to our customers, we become part of the conversation they’re having inside their organisations. I like to describe what we’re doing as very much an industry initiative. It was kicked off by a set of banks and we’re being driven by the industry as we build out the proposition.”

The RDU grew out of frustration with automated processes that regularly broke down because of poor quality data. Moss adds: “The fundamental reason we exist is that banks have automated a lot of their processes and they then found that the quality of the data was the biggest issue they had. “They pick the most reliable sources, but when they assemble everything there are gaps, inconsistencies and potential quality issues.” This led to the banks building teams of 50 to 100 people each, purely focussed on cleansing their data. Quite simply, the RDU takes on that risk, so there’s

With MIFID II, investors should have a much better picture of what's happening... I think it will lead to a step change in the way markets trade

no need for thousands working across the industry to achieve the same imperfect goal. Not surprisingly, for those that buy into the Utility, it has a massive cost benefit. Other banks have only come round to this sharing economy of scale “somewhat begrudgingly”, says Moss, whose job it is to build the community. However, he believes that the cost pressures that have been created in the years since the credit crunch, have opened their eyes to what’s possible. As a result, the industry is looking for areas that don’t have competitive value, where they can introduce sharing – reference data is obviously of them. This slow cultural change, and the more urgent pressures of MiFID II, are creating huge opportunities for the RDU. “We’re now talking to 50 or 60 organisations across Europe, with very much a MiFID focus,” says Moss. “Once that goes live on 3 January next year, our focus will then go back to building a security master for the industry – providing the full set of data the industry needs. “We’ll be bringing to market equities and fixed income coverage to complement the regulatory coverage that we have with MiFID and the exchange-traded data coverage that we already offer.”

A core issue: Banks are turning to the RDU in light of MiFID II

Summer 2017

www.fintech.finance |

109

SECURITY

Houston, we have a problem Hugh Njemanze, CEO of Anomali, which describes its security platform as ‘mission control for threat intelligence’, explains how organisations can find and respond to an attack – before it even happens Cyber criminals typically lurk inside enterprises’ IT systems for 200 days or more before discovery. A sophisticated attacker often initially gains access to the internal network via phishing or malware. From there they will look to identify where key systems are and attempt to escalate privileges – doing all of this while trying to avoid detection. This internal reconnaissance, privilege escalation and, ultimately, data exfiltration (or other damaging event) can take weeks or even months to execute. During an attack lifecycle, from breach to final compromise, virtually every action made by an attacker is captured in the system, application and network logs. However, the ‘200-day problem’ arises from the fact that 1) logs are produced in such massive quantities that typically only 30 days are retained, and 2) running searches over long time ranges can take hours and even days.

Effective defences Fortunately, there are several things that can be done to help protect organisations and minimise the human vulnerability factor and security weaknesses. There are many sources of intelligence that companies can use to keep at least up to date with the criminals, if not one step ahead of them. These including commercial providers, open source lists, industry sharing groups, government feeds and more. But the quality of this data can vary widely across intelligence feeds, which is why Anomali provides enterprises with vetted, curated feeds that reduce false positives and increase the detectability of actionable incidents.

110

| www.fintech.finance

Then there’s what we call the ‘cyber no fly list’. If you were in charge of an airport’s security, you would want tools to detect weapons in luggage and prevent people with such items from boarding a plane, right? But what if you have a known malicious individual who wants to fly and isn’t bringing anything illegal on board. In real life there is a ‘no-fly list’ to deal with this – a list of known malicious individuals who have been deemed unsafe for air travel. For the cyber security industry, Anomali has created something very similar by implementing a ‘cyber no-fly list’. This allows us to identify malicious cyber actors, such as a known command and control IP address that has no legitimate purpose on your network. Anomali flags any activity to or from this IP address, regardless of the nature of the traffic. In addition, our platform supports trusted circles, where multiple organisations can decide to share critical intelligence information with each other. The communication of new attacks among cybercriminals is very fluid and effective. In fact, the bad guys often seem to be more organised in terms of collaboration and staying up to date with the latest techniques and implementing them, than the security systems. Techniques used by cyber attackers in pursuit of profit fairly rapidly become commercialised and available for sale. Either the techniques themselves, or the tools to execute the techniques, or the results of breaches, like lists of credit cards, quickly go onto the black market. There is a whole marketplace infrastructure, known

as the dark web, or the dark net, where this information is freely traded. So it’s hard for organisations to keep up with all of the patches that are required to guard against them. Often, they are running systems that for operational purposes need old software, and so there is a conflict between running your business versus updating it to something that is free Summer 2017

Mission critical: Anomali monitors an organisation’s cyber vulnerability

element of surprise to the first victim. Industry-specific information sharing groups also facilitate this and every organisation should consider joining one. Having ways to monitor and vet the percentage of employees that are aware of threats and trained to handle them is essential, too. An effective tactic is to simulate breaches, to see how people respond, from which policies can then be developed and enforced. For example, the first time a staffer gets caught out in one of these tests, they might receive a friendly email from IT. The second or third time might be more career limiting than just a friendly reminder. So there are different approaches you can take to find out who is the weakest link.

Cyber threat intelligence

from most of the known vulnerabilities. A lot of attacks that succeed are entering organisations through just such vulnerabilities that have been known about for a while, but are still exploitable.

In an ideal scenario, if a bank was breached, we would want all other banks to become aware of the particular nature of the threat. This can limit the attacker’s future effectiveness, containing the

There are many components to building robust cyber defences and overcoming the 200-day problem. Anomali brings to security teams the external context – relevant, timely threat intelligence – to help organisations find and respond to cyber threats even before they reach their network. Its platforms include STAXX, a free tool that makes it easy for people to obtain access to bad actor lists and download them for use in protecting their network. Anomali Enterprise, meanwhile, is a powerful threat-hunting engine and forensic search solution that compares millions of indicators of compromise (IOCs) against an organisation’s internal traffic to identify active threats. It also allows organisations to look back at historical activity, offering 365 days of searchable data, which enables users to view the anatomy of an attack with all associated IOCs. ThreatStream is a complete threat intelligence platform. It manages the collection of intelligence data, optimises and enriches this information, and integrates with a business’s security operations alongside the tools already in place, such as Splunk, ArcSight and IBM QRadar. Those tools can then detect activity that involves actors that have been identified as ones to be on the lookout for. This equipment all works in unison and results in a powerful defence technique that eliminates the 200-day problem.

Internal reconnaissance, privilege escalation and, ultimately, data exfiltration can take months to execute Summer 2017

www.fintech.finance |

111

SECURITY

PreventProtectRespond Buck Rogers, is one of the UK’s most high-profile ‘cybernauts’, using his role as Chief Information Security Officer at the Bank of England to make the digital universe safe Fintech Finance: Your background isn’t that of a typical CISO. Can you tell us a little about yourself and what your role now is at the Bank of England? Buck Rogers: I suppose I’ve had an interesting journey. I left home at 16 to join the Royal Navy and I was there for 15 years. I then had two or three years at BT, before I moved into central government for 11 years. I spent a year at HSBC as a global head of intelligence and I’m now in my fourth year at the Bank of England. Since leaving the Navy, I’ve attained a MSc in information security and I’m a visiting professor of cybersecurity at Gloucester University as well as a trustee for the Cybersecurity Trust, again based in Gloucestershire. I think it’s crucial we train and educate people and that’s reflected in my internal role, which is almost a CISO-plus. I manage cyber governance, risk, training, education, intelligence and investigations at the bank. I suppose the difference at the Bank of England comes from our mission to be at the centre of cybersecurity excellence across the sector. We are doing this through the CBEST programme, which was designed by the bank and is now widely used as an intelligence-led testing framework across the sector.

112

| www.fintech.finance

FF: Cyberthreats are evolving almost on a daily basis. Is there one particular threat to financial institutions that you would single out for attention? BR: It’s varied. I mean everyone’s probably familiar with Anonymous [the hacktivist group] and heard of ransomware. Firms face a range of different threats and I think that will continue to grow. When it comes to a cyberattack, there’s a low barrier to entry, the tools and

The Bank of England has a mission to be the centre of cybersecurity excellence across the sector techniques are getting easier to acquire. We all face common threats, and I think there’s a moral obligation that we work together to meet them. Data is the modern gold – it has a worth and with it we are seeing the evolution of threat. Rather than holding up a stagecoach, criminals now look to

compromise an organisation electronically, and there’s a range of actors that will do that, ranging from the nation state all the way down to a lone hacktivist. FF: With the General Data Protection Regulation (GDPR) on everyone’s thoughts right now, how important is the role of cybersecurity in data security? BR: As a bank, we’ve got our own GDPR team, but it will be different for different types of organisations. So, for example, for a customer-facing organisation, GDPR is going to be really important, which is why we’re seeing something of a trend for some organisations to align their privacy and cyber capabilities. But I think for organisations that are primarily B2B, or perhaps whose profiles otherwise mean they hold relatively little personal data but still possess valuable commercial data or intellectual property, there could be a significant difference between the privacy specific and the cyber risk profiles, that may make their alignment more difficult. So, I don’t think there’s a single answer, but I think what all these organisations will want to be able to show is that they have a strong understanding of the type of organisation they are, the nature of the data they hold, and what the impact might Summer 2017

be on the individuals who are the subjects of the data, were it to be compromised. I think with an intelligence-led picture of the threats, organisations have a better understanding of the risks they’re exposed to with respect to data, and where they should look to take appropriate actions. FF: So, how vulnerable are banks to cyber attack? BR: The methods are constantly evolving, but if firms deploy sound controls, supported by an education programme, then they should be in a good place to defend against the attack. There’s a range of mechanisms to help organisations do that. For example, I’m a fan of the National Institute of Science and Technology (NIST) cybersecurity framework, because I think it helps provide a policy framework and guidance on our abilities, or organisations’ abilities, to prevent, protect and respond to cyber incidents. Along with the National Cyber Security Centre, I think they’ll play an important role in co-ordinating the work of the financial authorities and firms. Within the bank, we host something called the Cross-market Operational

Resilience Group. It’s a sort of chief risk officer, senior level group, to ensure coordination among firms and the authorities, both in peace time but also in crisis and how they respond to it. It also addresses the defence capabilities across the financial sector, and we are closely involved with that, along with other organisations. FF: In what ways do financial institutions need to improve their cybersecurity? BR: The threat’s not going to disappear and the bar for attackers is going to get lower and cheaper. So, it’s not just about developing new technology or systems to improve defences, it’s about people and processes. Organisations need to talk and share, because that’s what the attackers do – we know that. We need cyber-educated boards and non-executive directors who can challenge organisations about their cyber functions. The Bank of England shares intelligence and expertise across the authorities. The Bank of England shares intelligence and expertise across the National Cyber Security Centre, Her Majesty’s Treasury, the Financial Conduct Authority, the National Crime Agency and individual businesses.

Multos International is a leading provider of technology and solutions for the smartcard industry, offering a comprehensive range of highly secure MULTOS products designed to meet the specialised needs of financial and government card issuers.

The authorities and firms across the sector recognise that cybersecurity can only be addressed through close cooperation. FF: It’s well-documented that you have been involved in various hackathons. BR: Yes. It’s not just about developing new technology, or systems to improve defences. It’s about people and processes, and that starts right back at school with awareness training and going right through to the workplace. My team educates staff in the Cyber Seven: keeping their passwords secure; being aware of phishing attempts; classifying documents appropriately; being security-aware when working remotely; being security-aware when using social media; keeping a clear workspace; and to report lost or stolen devices quickly. Inside the Bank of England, our tagline is: ‘You’re the first line of defence’. That theme goes across everything we do. But as an industry, we should be developing the next generation of cybernauts to help defend systems. We need everyone from technical people to others who can sit in front of a CEO and explain phishing. The bank supports a range of programmes to do that.

EMV Migration Government ID Contactless Technology Internet of Things (IoT) www.multosinternational.com

SECURITY

Protection: Keep in mind GDPR is there to keep the individual safe

It's getting personal Of all the new compliance rules that financial institutions will be subjected to next year, GDPR is by far the scariest in terms of being data ready. Ben Mitchell, Vice President EMEA of DocsCorp, has some timely advice You don’t have to be a genius to realise just how influential the year 2018 will be for the financial services industry. When the clock strikes midnight on 31 December 2017, the European payments industry changes. From the moment they wake up, European bankers will have to abide by the Revised Payment Services Directive (PSD2) and they’ll have no more than three days to take off their party hats and put the champagne bottles out for recycling before being hit with the Markets In Financial Instruments Directive (MiFID II), too. OK, so January’s not going to be the easiest of months, but it’ll be smooth sailing the rest of the year, right? Unfortunately not. As if two new waves of regulatory compliance weren’t enough, the General Data Protection Regulation (GDPR) comes into force in May, and it’s

114

| www.fintech.finance

looking to be one of the most important pieces of EU legislation the banking world has witnessed in decades. “The first question on everyone’s lips is whether, following Brexit, the UK will be exempt from the changes enforced by GDPR,” says Ben Mitchell, Vice President EMEA of DocsCorp. “The answer is a definite no; GDPR will be implemented before the UK could possibly leave the EU. Therefore, the information from the Information Commissioner’s Office (ICO) at this stage is that UK businesses should prepare themselves for GDPR, as they’ll need to comply fully with the new legislation for as long as we remain in the EU. However, even after we’ve left the EU, it’s highly likely that the replacement UK General Data Protection Regulation will be based entirely on 2018’s GDPR anyway, so there’s no reason for UK banks and businesses not to comply.”

Intimidating as GDPR may sound, there’s no need to activate DEFCON 1. But it’s vital that European bankers and business owners understand the fundamentals of the new legislation. “The most important thing to know about GDPR is that it only applies to personal data. It’s not data protection in relation to any business or corporate information – it only applies to the personal data of EU citizens and individuals. “The other important thing to note is that GDPR stipulates two distinct levels of protection,” he adds. “The first concerns personal data, which is anything attributable to an individual’s name. The second relates to sensitive personal data, which constitutes a higher security classification. Any information that could reveal a person’s religious beliefs, financial data, sexuality or biometrics Summer 2017

will be classified as sensitive personal data under GDPR.” Following the introduction of these two new sensitivity classifications, GDPR will impose a number of requirements regarding the storage, sorting, processing and access of data. Naturally, the rules surrounding sensitive personal data will be more stringent, meaning banks will have to drastically alter their operations if they wish to store data, such as fingerprints and photographs, under the new legislation.

Plugging the gaps Although banks are stepping up to the challenge of GDPR, Mitchell believes there are still some gaps in their data protection that could spell trouble for them in the future. “Unsurprisingly, it’s the retail banks that will be hit the hardest by GDPR, as they’re the ones holding the most information on individuals,” he says. “Thankfully, the protection provisions that they already employ for account holder contact details are reasonably adequate. However, where retail banks are falling down is in their handling of unstructured data, such as customer documents. “When you sign up for a new account or mortgage, the bank normally requests a copy of your passport or a utility bill. Between banks, we’re seeing a huge amount of variation in where this unstructured information is being stored; some have centralised repositories for this type of data, whereas others don’t. “The reason why this unstructured data storage is so important is because banks will need to be able to retrieve the content on demand to comply with GDPR,” says Mitchell. “After May 2018, if you’re hit with a data subject access request (DSAR) under GDPR, you’ll be required to provide all the necessary information in a timely manner, and fully complete. Therefore, having customer documents randomly scattered around their organisation could prove disastrous for a bank in the second half of 2018, and it’s a problem that some institutions need to address urgently.” Another issue following the onset of GDPR is ‘dark data’ – or more specifically, banks’ involuntary creation of it. “A few years ago, a lot of organisations began decolourising and shrinking images as a means of economising on disk space,” says Mitchell. “Not only are these Summer 2017

documents no longer acceptable pieces of information in the eyes of GDPR, but the file format they used to store them makes it difficult for those documents to be subsequently retrieved. “A lot of banks chose the TIFF image format for long-term data retention purposes, and as a pure image format it doesn’t contain the vital hidden text layer that a document needs in order to be referenced by a search engine,” he says. “As a result, a company could have the best search function in the world, but their sensitive documents would remain invisible to them. This is what we call dark data, and its existence within a bank makes complying with GDPR very difficult.” As the dawn of GDPR edges ever nearer, DocsCorp has released a software solution that promises to help businesses eliminate the issue of dark data within their systems.

Where retail banks are falling down is in their handling of unstructured data, such as customer documents... because they will need to be able to retrieve the content on demand to comply with GDPR Mitchell is confident that his company’s solution, contentCrawler, will prove invaluable to firms seeking to achieve compliance in time for judgement day. “contentCrawler’s primary function is to assess documents on whether they’re searchable or not,” he says. “You can point the application at a data repository, punch in some details about the information you’d like to uncover, and then contentCrawler will let you know whether there are any dark documents hiding from you. From here, our software uses optical character recognition (OCR) technology to create fully searchable versions of each document, which are then

stored back in the repository as completely indexed, wholly available data.” Alongside their development of contentCrawler, the team at DocsCorp has been hard at work producing other software solutions to ease the GDPR teething pains for banks and businesses. “The barriers for demanding data subject access requests will be significantly lowered under GDPR,” says Mitchell. “Currently, banks can charge a fee to supply someone with a copy of all the information that the banks holds on them, but this will be prohibited in May 2018. As a result, we’re expecting to see a large increase in the number of DSARs being made next year, which will force banks to establish efficient systems for responding to these requests. “Our portfolio is the efficient system that banks are looking for. contentCrawler will help them to locate the required information quickly, and then another application of ours, pdfDocs Binder, will allow them to package the data so that it can be disclosed to the requester in the most compliant way possible. pdfDocs Binder has the capability to attach thousands of documents together in a very short space of time, so it certainly shouldn’t be overlooked by companies hoping to remain efficient in their GDPR compliance, come May 2018.” DocsCorp’s resident GDPR guru has one final piece of advice for business owners counting the days. “Our recommendation is to have a GDPR impact assessment done as soon as possible,” he says. “There are plenty of consultants that offer a great assessment service, who’ll equip you with a comprehensive GDPR compliance strategy, including a clear action plan tailored to your business. “If, after all that, you’re still feeling nervous about the new legislation coming next year, there’s one key thing to remember: GDPR is being introduced to protect you, as an individual, and your data,” says Mitchell. “Under GDPR, EU citizens will be granted a whole host of new rights to help protect their privacy. They’ll be able to go to organisations and request a copy of the information they have on them, demand that their information is corrected, or even ask for it to be deleted on the spot. That’s just a small taste of the benefits that GDPR will be bringing to citizens across Europe and, as far as legislation goes, it’s promising to be one of the most empowering for individuals that we’ve witnessed in decades.” www.fintech.finance |

115

THE MOST EFFECTIVE WAY TO STAY AHEAD ON FINTECH INNOVATION

SAVE 20% ON YOUR REGISTRATION WITH CODE FINTECHFINANCE20

www.fall2017.finovate.com

SECURITY

Looking to the East

Surrey Mui talks through the challenges facing her as Chief Information Security Officer responsible for the Asia/Pacific region at BNP Paribas,operating in Hong Kong Information security and cybersecurity are rocketing up the agenda in the Asia-Pacific region. According to Forbes’ report on Top Cyber Security Risk in 2017, ransomware and distributed denial of service attacks show no sign of slowing while there has been a surge in carding activity, linked to information sharing on social networks.

of connected objects and the Internet of Things has blurred the line between private and professional. This, in turn, has heightened the risk of hackers targeting sensitive bank and customer data. Regulators are gradually setting the terms for how these new technologies can be used. For example, if we authorise our employees to use their own smartphone or tablet, we apply strict procedures to make sure customer data stays safe.

Singapore has responded by setting up its own Cyber Security Agency, while China’s new Cyber Security Law (CSL) comes into effect in June 2017. While companies operating in the region are still interpreting the impact of the CSL, Forbes suggests it will affect all foreign companies operating in China and could present challenges, particularly around data flow. Against this background many companies have installed their own in-house threat intelligence teams. Here, Surrey Mui, chief information security officer at BNP Paribas in Hong Kong, gives an insight into her role.

My role is to act as business enabler within the bank – not to police what everyone is doing

Fintech Finance: We’ve just seen the announcement that Asia Pacific’s first industrial cyber security Centre of Excellence will open in Singapore later this year. Is cyber security a hot topic in the region? Surrey Mui: Yes, especially in the banking sector, where we manage data and money for a huge number of customers. The rise

Summer 2017

FF: What does your job as chief information security officer entail? SM: My role is to act as business enabler within the bank – not to police what everyone is doing. I cover every aspect of IT and cybersecurity in 14 countries in the Asia-Pacific region by identifying, developing, implementing and maintaining security processes and tools across the bank to reduce information technology risks. I respond to security incidents, establish appropriate standards and controls, manage security technologies, and the establishment and implementation of policies and procedures.

FF: What is the biggest challenge you are facing right now? SM: Establishing a security culture within the entity. I work in a highly technical field, but many of the issues we face have to do with how we communicate with employees. So, for example, raising awareness about the risks of sending sensitive or confidential information from a personal email account, or demonstrating that we are all responsible for ensuring IT security. FF: You have spent most of your career with British and American banks, including RBS and JP Morgan. What brought you to BNP Paribas? SM: Getting on for three years ago, a recruiter contacted me about an interview with BNP Paribas. The position matched my skills and experience perfectly and it offered greater responsibility and more interaction with businesses. I was also drawn to the support offered by BNP Paribas management and the emphasis placed on career development. No other bank I know of operates a training campus like the one BNP Paribas has in Singapore! FF: Was it a culture shock compared to your previous business environments? SM: Not really. BNP Paribas is an international bank, even though it has French roots. But compared to American banks, for example, I would say that it is less centralized and that it grants more autonomy to each region. That’s important in areas like IT security, which is managed differently from one region – or even one country – to the next. Our approach is more dynamic and collaborative.

www.fintech.finance |

117

SECURITY

Banks will tell you that the customer’s voice is their command… so why isn’t voice biometric software more popular? Clive Summerfield, Founder & CTO of Aureya Systems is keen to find an answer People do not like passwords and millions of consumers say so in annual surveys right around the world. And yet the average person has at least 19 different log ins to remember – or forget. No wonder that a third of us admit to suffering password rage.

The power of speech 118

| www.fintech.finance

But what if our voice was our password? Could financial technology restore the power of speech? “Customers have been calling for the elimination of PINs and passwords for the last 10 years and the technology is here to replace them,” says Dr Clive Summerfield, chief technology officer with Aureya Systems, the developers behind ArmorVox voice biometrics technology, based in Sydney, Australia. “It just makes so much sense. You only have to look at it in terms of business productivity, financial security, fraud detection and tracking, and then also consider that compliance requirements are increasing around stronger identity authentication,” he says. And that’s quite apart from the uptick in customer satisfaction. “I saw a report not so long ago that credited 30 per cent of the detraction in net promoter score (NPS customer satisfaction measurement), to clumsy, cumbersome and password-related identity authentication processes in customer service,” says Summerfield. “It’s really up to the banks to respond to customer desire to eliminate PINs and passwords as a recurrent theme of their frustration.” But so far only a limited number have been prepared to do that with voice biometrics. In the UK, Barclays began introducing speech authentication among its wealthiest account holders in 2013 and HSBC is currently involved in a roll out to 15 million of its customers. Summer 2017

BNZ New Zealand deployed voice biometrics four years ago and now has 40 per cent of its retail customers enrolled, while smaller banks, such as Schwab in the US and Canada’s TD Waterhouse, also have VA identity authentication systems. For Summerfield, who has been involved in the voice biometrics industry for around 30 years, it’s all rather slow. An academic specialising in speech recognition technologies, he established the National Centre for Biometric Studies at the University of Canberra in 2003. Four years later he founded Aureya and led the development team. He helped build a reputation for worldclass technologies with the widely deployed ArmorVox, before handing over the reins to CEO Paul Magee. Summerfield has been hugely instrumental in getting the banking world to accept voice biometrics as a legitimate technology for securing customer service and yet, for most people, their voice is still not their command. “We needed a paradigm shift to move voice biometrics away from being a laboratory curiosity into being a mainstream security technology, robust enough to protect billions of dollars of assets that are exposed by the customer service interface,” says Summerfield. “I believe voice biometrics will become a standard feature of the emerging intelligent assistance, such as the bots that are starting to appear, driving automated customer service. We currently see these bots in a typed chat interface but that can be augmented using voice.” His views are shared by other secure identity management experts, particularly those working in the field of artificial intelligence (AI), where voice analytics can help a chatty bot get a handle on your emotional state and sentiment and respond accordingly. “We can already detect and determine gender from voice, which can be very useful for a bot tailoring the type of customer service you’d want to deliver. That’s where I see voice biometrics going,” says Summerfield. The technology has a more serious role to play in national and financial security. Government agencies are capable of monitoring telephone intercept information and identifying speakers in Summer 2017

the calls – a feature that the counter-card fraud industry has also adopted to catch out criminals who leave their voiceprints all over things. “If a customer’s failing the voice biometric authentication for no apparent reason, and they’re failing it badly, they are clearly not the right customer,” says Summerfield. “It may be something very innocent – a member of the family acting on their behalf. But it may also be something very serious, such as a fraudulent group attacking the bank. “Banks have made it very hard for fraudsters to break in through firewalls, so the easiest way to break in is through the telephone network to the customer service agent. Voice biometrics is incredibly effective at stopping that from happening,” adds Summerfield, whose patented ImpostorMap Tuning feature maximises authentication accuracy for each user enrolled in the system, tailoring thresholds of error to the security performance of individual voiceprints. “You may not actually know who it is but now you have a voice print of a known fraudulent attempt, which you can use to scan all the other voice samples that are coming in, that are failing their verification processes,” says Summerfield. “You can build a fraud list compiled from known fraudulent calls logged in the voice logging systems at the bank. You can also use these lists to monitor suspect or suspicious calls and confirm that this person is not trying to break into the bank over and over again.” A recent ArmorVox benchmarking exercise involved conducting 25 million cross matches a minute, which means that ‘to all intents and purposes, fraud detection and tracking is a real-time process that banks can use to monitor their incoming customer service calls’.

financial transaction and simultaneously authorise it, points out Summerfield. Time is money and it saves lots of it for customers and banks – not to mention embarrassment. According to a survey conducted by US company NICE, 55 per cent of bank customers said their biggest frustration with telephone banking was having to answer personalised security questions when they’re in a public place. That’s not to say voice technology should necessarily remove two-step authentication, which for now many experts agree is the best belt and braces security, but the way it is currently used is not the most effective, says Summerfield. A set phrase authentication like ‘my voice is my password’, for instance, has its limitations, as illustrated by a headlining incident earlier this year when a BBC correspondent fooled HSBC’s new voice recognition software. “The notion of using a set phrase is not an optimum solution, and it certainly doesn’t reflect the state of the art in voice biometrics,” says Summerfield. “The latest voice biometric technologies, which are reflected in the ArmorVox product, allow customers to choose whatever they want to register as a voice token.” HSBC’s Trust in Technology global report, released in May 2017, showed that 46 per cent of consumers put their faith in fingerprints to replace passwords and PINs, while just 18 per cent trusted face and voice recognition. But with an increasing number of voice-activated devices on the market, such as Amazon Echo and Google Home, and 20 per cent of online searches last year made by voice, Summerfield believes speakeasy banking is the future. “We are definitely crossing the Rubicon with voice biometrics in the banking world,” he says. “That 20 per cent looks set to increase, particularly as we want to do more things while we’re mobile. It enables you to say, for instance, ‘tell me how much I have in my bank account’ and it will.”

We are crossing the Rubicon with voice biometrics in the banking world – particularly as we want to do more things while we’re mobile

The speakeasy bank Voice is the only biometric to allow customers to make a request to perform a

www.fintech.finance |

119

SECURITY

Swift change of direction Risks loom large for businesses ill-prepared for the General Data Protection Regulation but those best equipped for it can thrive, says Dr Guy Bunker, Senior Vice President, Products and Marketing at cybersecurity specialist Clearswift

Pointing the way: Clearswift’s GDPR solution could be applied to future regulations, too

We’re now less than 12 months away from the EU’s General Data Protection Regulation (GDPR) being enforced, but there are signs that the UK is frighteningly unready. In a recent YouGov survey of 2,000 companies, more than two-thirds admitted they have not even begun to prepare for what’s described as one of the most extensive and potentially disruptive changes to the way business operates. Most said they were not ready, while a quarter wrongly believed their sector wasn’t covered by GDPR. And 71 per cent were not aware that they could face heavy penalties of up to four per cent of their annual turnover or €20million, whichever is higher, if they are found to be in breach of the guidelines after May 2018. Oliver Wyman, a global management consulting firm, reckons that FTSE 100 companies

120

| www.fintech.finance

could face fines of £5billion a year if they don’t shape up. And if you think Brexit is a get-out clause, think again because the regulation will apply to any company that holds data on any EU citizen, whether or not that company is based within the EU. It’s time to adapt to survive, says Dr Guy Bunker, senior vice president responsible for products and marketing at data protection specialists Clearswift. “Being fined four per cent of your global turnover if you only have less than 10 per cent margin is a massive amount of money. For a lot of banks it could be a company-changing event,” he says. “And if you start to be known as somebody who doesn’t look after data, then your business is going to suffer and it’s not something that will recover overnight. If you do end up on the front page, customers can easily, and will readily, change to somebody else.”

Hunting down the data Under the GDPR, every businesses that handles personal information must not only be compliant, but must be able to demonstrate it is, too. Traditional data loss prevention solutions may therefore be ill-equipped to deal with the new regulation, says Bunker. “Businesses need to look at not just the data that’s going outside their organisation, but also at the data that’s coming into their organisation, as they will have a duty of care around that, as well.” Firms will need to discover what data they have on their customers, where they hold it, if they have permission to do so, whether it is stored safely, and how they can extract it in an easily portable form or delete it if asked. And that’s before they start addressing a host of other requirements in the GDPR, Summer 2017

which strengthens and extends consumer rights that are currently safeguarded by the Data Protection Act, “Banks tend to think about what they have in their databases, and the security around those databases is very high, because they’ve been regulated for a long time,” says Bunker. “However, from our perspective, it’s not just about the information in the databases. It’s what happens to the reports that are run on those databases, that people then have on their laptops. What happens to those reports that are shared with credit scoring companies? What happens when you’re looking for a mortgage and the provider comes to the bank to find out how much you earn and there’s a letter written? “All of that information has to be tracked and traced and managed, because when the regulation comes in, understanding where all the instances, all the pieces of information are, is absolutely critical.” It doesn’t necessarily require a wholesale change in technology but it will mean a fairly big shift in policy and process, says Black.

The right to be forgotten One of the most challenging aspects of the regulation, especially for organisations such as retailers who not only process personal account information but also hold customer details for marketing purposes, is the ability to find and delete data on those consumers who exercise the right for to be forgotten. “For retailers, things like consent and withdrawing consent, and the right to be forgotten, are going to come to the fore, very quickly. They will need to have technology in place, which will make it operationally efficient to carry out the request that’s given,” says Bunker. “In the financial world, it’s being able to delete just that information which is appropriate. But while under GDPR you can ask for all your details to be forgotten, if you transacted with them, then they have to be kept for different regulatory purposes. So understanding the context in which you hold the information, and how you hold it, is so important.” That’s where Clearswift’s GDPR solution, based on what it calls adaptive security, comes in. It’s designed to protect all areas of the enterprise, including those extended out into the Cloud, and it is applied in real Summer 2017

time based on specific GDPR policy, whether it calls for automated redaction, encryption, blocking, moving or deleting. Crucially, instead of blocking communication, this approach allows it to continue between parties without breaking the rules. “We’ve created the next generation of data loss prevention, which includes the ability to remove pieces of information which you share in collaboration,” says Bunker. “The key piece here is that the collaboration continues even though the information has been removed.” Clearswift found that in the normal course of protecting companies against cyber security threats, such as malware and ransomware, which it does by separating out documents, understanding the contents and removing any information that could be a threat – it could also make organisations compliant with GDPR and any other current or future industry standard. “There is a really simple example from a customer we have in Australia,” says Bunker. “They’re a bank, but they have a network segment which is not Payment Card Industry Data Security Standard (PCI DSS), so they should never receive credit card numbers. They will receive them, however, because if there’s a problem upstream in the processing, then an entire record is copied, and that contains some of this information. We can remove that credit card number as it crosses the boundary, so that PCI DSS is not breached. People also insist on sending their details, including bank account numbers and credit card numbers, through email. If customer support then replies, it breaks PCI DSS.”

information and credit card information. But we’ve seen in the US, that the Securities and Exchange Commission regulations have moved on from what we would call GDPR information – personal information – to intellectual property, as well. We can see something equivalent coming in across the EU. So, the same solution that can dissect documents looking for GDPR information, can also be used to look for intellectual property. “Our solution is not just about understanding the content, but also the context, which determines the action we take. So, for example, if I send a document by email to somewhere I trust, I’m going to encrypt it. Perhaps that same document needs to be uploaded to a collaboration site, but on that one, we’re going to redact information because the person at the other end has been authorised to know the addresses but not the account numbers. Perhaps you want to copy that same document onto a USB stick but our tool is going to block that, because that’s not secure. So, flexibility is not just about understanding the content, it’s also about understanding the context, and that’s really crucial going forwards,” he says. “We’ve seen an increasing number of ways in which finance is delivered, and we’ve seen an increasing number of players who are entering into the financial market. So there’s going to be a lot more innovation and the speed at which people turn over services within financial organisations is going to increase significantly. “So, if you’ve got in place processes and technology that ultimately protect that information, then your ability to roll out new services, knowing that they’re secure and the information is protected, is going to be absolutely critical. “The end result of a well-executed GDPR compliance project will not only reduce data breach risks and help you comply with the GDPR, it will increase the trust of your customers and prospects, and ultimately grow your business.”

When the regulation comes in, understanding where all the instances, all the pieces of information are, is absolutely critical

A flexible response The adaptive security model is supremely flexible, says Bunker, and suited to an infinite number of regulatory environments and applications. “One of the things we pride ourselves on is flexibility of policy. So the policy around GDPR is about protecting personal

www.fintech.finance |

121

TRADING

Blockchain: are the landing lights on yet? Credit Suisse has been piloting distributed ledger trials in its investment banking operation. But Emmanuel Aidoo, head of the bank’s distributed ledger and blockchain effort, isn’t quite ready to make a final decent There’s a perception in some parts of the media that the big beasts of the financial services industry, weighed down by legacy systems, are losing in a race against disrupters trying to take their business. That’s not something that keeps Credit Suisse’s Emmanuel Aidoo awake at night. Quite the opposite, in fact. As his title suggests, the head of the bank’s distributed ledger and blockchain effort has a keen interest in companies developing technologies that have the impetus and thought leadership to drive innovation – and Credit Suisse is right up there among them. Chief among the technologies that could deliver benefits for financial services is blockchain, which he distils as being a special purpose database that makes it possible to ‘reconcile cryptographic mathematical certainty across firewalls’. Its principle benefit to a bank, therefore, is a substantial saving on time and cost, although the spin-offs in

122

| www.fintech.finance

improved compliance, more efficiency and greater transparency across the network are equally tempting. “It’s easy to get carried away,” cautions Aidoo. “We have to be level-headed about things and really try to peel back the technology to understand the benefits and how we can use it to support our business.” For him, 2015 was the hype stage in the blockchain development cycle and last year was the proof of concept. This year is the prototype stage, but there’s still a long pathway to production. Aidoo draws a colourful comparison: “The industry’s taken off on the flight and decided where to land. Some proofs of concept are even planning the approach or have the landing gear out. But we still need to get down, taxi safely along the runway, offload passengers and baggage, and clear customs. There’s a lot of work to do, but we’re making some great progress.” Deloitte’s Centre for the Edge report on Bitcoin, blockchain and distributed

ledgers came to the same conclusion, but put it slightly differently. It said the technology was ‘caught between promise and reality’. Aidoo still thinks it’s a journey worth making, though. He highlights the simple equation behind return on equity and the cost component. There are obvious potential cost savings in blockchain. So long as it’s introduced in a careful, regulatory compliant way, some processes can be automated to create greater efficiencies in the middle and back office. However, he believes it’s the ‘divided by capital’ part of the equation where blockchain can make the biggest impact. Aidoo explains: “An enormous amount of money is used to support the clearing

Summer 2017

process, for margin and collateral – billions of dollars in fact – so if you can speed up an operational transaction and get faster settlement, you’re reducing credit risk. You have less exposure and you can allocate less to areas such as funding. It means there are huge savings implications. “But that’s not all. People often forget one of the key reasons we do reconciliations. Operational risk ties up a massive, unquantifiable amount of a balance sheet and reconciliations are the way we identify this risk. We have an enormous number of people reconciling data all the time between our clients, counterparties and even internal systems. They aim to make sure the system is accurate and we’re not missing anything. With blockchain that process becomes more efficient.”

Easing the pain When it comes to the practical application of

a blockchain, Aidoo’s job is to look for the ‘pain points’ and then focus on ways the technology can help take that pain away. “We try not to make it a technology looking for a problem, but really apply it

If successful, we’ll be able to show blockchain removes significant cost and capital from our business. It would have a massive impact on banking to where we think it makes most sense and has the most impact. Where we’ve had high levels of friction in particular processes, for instance.” He’s some way from making a call on the technology. As he points out: “We’ve

got very expensive legacy infrastructure and if we find it holds very little benefit, there’s no point in taking the technology risk associated with doing the work.” Even so, there are already use cases, ranging from trade finance and loans to over-the-counter credit default swaps and equity swaps. These experiments suggest that blockchain can create a 50 per cent reduction in costs – and that’s just on the projects that have high friction. Aidoo stresses this figure is likely to drop as the technology becomes more widely used. To use Aidoo’s analogy, there might be something flashing on the arrivals board at Money 20/20 in Las Vegas later this year. “If we’re successful, we’ll be able to show that blockchain can help remove significant cost and capital from our business. This would have a massive impact on the banking industry,” says Aidoo. “My hope is that in 18 months we’ll be able to prove the business case supporting more blockchain, not less.”

Cautious approach: Credit Suisse is looking to see if a business case can be made for blockchain

Summer 2017

www.fintech.finance |

123

BRANCHES/ATMs

Helping the cash flow Ron Delnevo, Executive Director Europe of the ATM Industry Association, makes the case for retailer-filled independent cash machines I vividly remember the installation of the first independent ATM in the UK. The company I worked with at the time – and was later to buy – installed the machine in a Spar store in Stone Cross in Birmingham. The BBC and Which? had got wind of this marvellous innovation and sent along a radio crew and consumer interest experts to gauge reaction to this landmark in cash access in the UK. Of course, paraphrasing the words of Shakespeare, they came to bury the idea, not to praise it. Why? Because the ATM was pay-to-use, the first in the UK to charge for a cash withdrawal. The amount involved was modest enough; £1 to have up to a £250 cash dispensed. Still, the BBC crew and their Which? interviewee were expecting a massive negative community reaction to the charge. Imagine their surprise then when everyone they interviewed in the neighbourhood, which hadn't had an ATM of any kind before, loved their new source of cash. Indeed, they felt £1 was ‘cheap at the price’, considering the time and trouble involved in travelling to get cash elsewhere. So that night’s TV coverage was very positive. In fact, the tone of the news item was along the lines of ‘this is wonderful! Why didn’t it happen before?’ In December 1998, there were 25,000 bank-operated ATMs in the UK and that one, independent machine in Birmingham. Today there are a 70,000 cash machines and more than half are operated by independent ATM deployers (IADs). Of course, it is not simply the number of machines operated by independents that is significant; IADs have been responsible for many of the innovations that have improved ATM services in the UK. For example, mobile phone top ups were first available on IAD ATMs. It was also an IAD that first introduced £5-note-only cash machines, which led to a vast increase in the number of fivers in circulation. Similarly,

124

| www.fintech.finance

dynamic currency conversion – the ability to select the currency in which a withdrawal is debited to your bank account – debuted on independently operated ATMs. Oh, and it was the non-bank sector that introduced Cockney as a language option on cash machines located in the East End of London! And then, of course, there is the really important innovation of allowing retailers to put the cash from their tills into ATMs located on their premises. This is, without a doubt, one of the most significant innovations to date, as far as ATMs are

79 per cent of payments made in the UK’s 50,000 convenience stores were cash. What could be more logical than encouraging retailers to use it to fill ATMs on their own premises? concerned. Instead of cash-in-transit (CIT) organisations sending security vehicles to deliver cash for ATMs, the cash that retailers have in their tills is used to fill the machines.

The macro/micro picture We are all aware that the ATM is the most efficient method of getting cash into society bar none and it has been successfully distributing it for five decades. But right now its role is more important than ever. At a macro level, most banks are closing their branches and withdrawing to the internet. The closure of branches in rural areas is particularly rapid.

It is easy to understand the issues for banks; they have a huge cost of ownership for premises, systems and their people. The traditional banks must invest far more than new entrants to be innovative and bring new services to the fore; they must upgrade existing systems while also introducing new technology to link to the innovative payment solutions. The legacy that banks have make it an uphill battle. The reduction in the number of bank branches – and often the ATMs they housed – inevitably has a detrimental impact on the smooth and convenient circulation of cash in the UK. But there is also a micro local cash recycling model, where cash never leaves the community or village. This overlaps with the macro circulation model, with its national and regional cash flows (see diagram below). Today, regulators seem to fear fraud at retailer-filled ATMs. They have particular concerns about the circulation of counterfeit notes, which is very strange. What, I ask you, is the difference between retailer-filled ATMs – where the retailer places his or her cash in the ATM – and Regional Cash Centre (Bank)

Central Bank

Regional Cash Centre (Bank)

Retailer

ATM

Retailer

CIT Branch National Regional

physically giving the money to the customer by way of change at the counter? There is absolutely no difference in distribution, yet we see one accepted and one apparently frowned upon. With bank branches closing, convenient access to cash is under threat. We must

Summer 2017

therefore encourage growth in the number of retailer-filled ATMs, not discourage or inhibit them. They limit the need for visits to fastdisappearing bank branches, for retailers and their customers alike. In fact, the benefits are numerous: ■■ The ATM operating cost model is up to 50 per cent lower than when cash is delivered by third parties, so it can efficiently go down the food chain to smaller retailers. This will often take it into the areas of financial exclusion, breathing new life into local communities and economies ■■ Retailer-filled ATMs are identical to ATMs that are conventionally filled, with the same electronic protection and security as a bank ATM ■■ The ATMs support the retailer by reducing their cost as they require less cash collections by security vehicles, thus also reducing the carbon footprint of the retail sector ■■ The ATMs prevent the need for retailers to walk to a bank with substantial sums of cash, which is a significant security and health and safety issue for both retailers and their staff These are just a few of the key benefits of retailer-filled ATMs and, in my view, it is essential that we encourage retailers to operate more of them to boost the local economies in both truly rural areas and in urban village locations. Of course, retailer-filled ATMs will never totally replace cash-in-transit replenished machines. In reality, the two modus operandi are complementary, together providing the optimum ATM services to the British public. In the year to April 2016, 79 per cent of payments made in the UK’s 50,000 convenience stores were cash. What could be more logical than encouraging retailers to use it to fill ATMs on their own premises?

Deposit recycling Going forward, retailers will have new, exciting options for using their cash to fill ATMs. Smart ATMs, which allow cash deposits to be made and then recycle the

Summer 2017

More where that came from: Retailer-filled machines are a no-brainer

cash internally to ready it for withdrawal by customers who need money, are starting to appear in every market in Europe and should soon be commonplace in the UK. These new cash recycling ATMs will allow retailers to deposit cash in the ATMs on their premises in the same way as their customers. Gone will be the days of having to open up

the safe inside the machine to carry out a refill. Retailers and their customers will simply feed the cash they want to deposit into the ATM and the ATM has cash to dispense. This ‘magic’ new customer service innovation will be coming to an ATM near you soon… I don’t know why we didn’t think of it before! ■ Additional material provided by Andrew Martin, CEO of Retail Bank Consulting Group. Both Andrew and Ron Delnevo were headline speakers at this year’s ATM & Cash Innovation Europe. For details, go to: https://www.atmia.com/conferences/ atm-cash-innovation-europe/

www.fintech.finance |

125

BRANCH /ATMs

Ready to branch out? A high street presence is still critical for banks, but what form should it now take? Dominic Hirsch, Managing Director of Retail Banking Research, looks at all the options, including the ‘Extreme Teller’ Until fairly recently, bank branches used to be almost sacred, especially in Europe. Branches were rarely shut down, meaning many locations remained unchanged for decades. Some banks even made commitments not to cut their branches, reinforcing the status quo. With remarkable speed, that has all changed; banks have retracted such promises and most developed economies have seen falls in branch numbers. The primary driver of this decline has been decreasing footfall or, more specifically, the difficulty in justifying the cost of running branches if customers are visiting less often. Despite the financial pressures, banks remain reluctant

Taking shape: RBR’s latest report shows branches are taking an imaginative approach

126

to close branches if this can be avoided. Branches are still critical for building brands and recruiting and serving customers – those that still regularly use branches and those that visit less frequently. There is an alternative to closing branches, and this is where branch transformation fits in. If banks can make branches more attractive and/or more efficient, then the business case for maintaining individual branches is improved. Transforming branches can mean many different things, which is why no two branch transformation projects are the same. The record attendance at RBR’s recent Branch Transformation conference in London highlights the ongoing interest in this topic and the varied case studies on the agenda emphasised the wide range of approaches being taken.

Intelligent tellers There are a number of common elements: branches themselves are more open-plan, processes are more automated (increasingly paperless), technology and automation play an ever greater role and transaction-oriented employees are being retrained or replaced with staff in more value-adding sales/consultation roles. There are differences, too – some banks are replacing most of their cashiers with multi-function, assisted self-service devices that replicate the majority of transactions, while others are automating a smaller number of traditional customer service staff and migrating as many customers as possible to in-branch ATMs. One area that is often mentioned by banks, but where further progress is needed, is how banks can better use their branches to generate increased value for customers; for example, are banks fully exploiting their branches to sell a wide range of products? RBR’s new report, Teller Automation and Branch Transformation 2017, shows that banks in a number of countries are turning to terminals offering remote video Summer 2017

www.rbrlondon.com/events

28 th -2

7 T1 #B

17 20 er

9 th No

a Tr

7 01 r2

f ns

Learn from case studies by the world’s leading banks Explore the latest technology solutions in expo area Network with banks and industry experts

exhibit | sponsor | attend

tio

an c

10 th -1

se c

#A TM

AT M

20h 17

cu rity

2&0Cy 1ber7Se

4 th

Eu ro

-S

Se lf

A year ago, many branch transformation projects like the Extreme Teller Machines were just pilots; 12 months later, the number of projects that are now rolling out is impressive. Not every bank has decided on its branch strategy, however, and existing initiatives will need to be refined along the way. So while branch transformation has gathered pace, it still has years to run. ■■To find out more about RBR’s Teller Automation and Branch Transformation research, visit www.rbrlondon.com/tabt. For details of RBR’s Branch Transformation 2017 conference on 28 and 29 November, please visit www.rbrlondon. com/branchtransformation

23 rd -2

3 rd Ma

2e0rvic 1e 7Ban

rch

i Ma

nil

2 nd -2

2e0rvic 1e 7Bank As ia

Se lf-S

EVENTS

Euking ro pe M

Asng ia

Transforming branches can mean many different things, which is why no two transformation projects are the same

existing, and in some cases new services, more cost-effectively.’ The key takeaways from the report are: ■■ Video banking will play an important role in the bank branches of the future ■■ Video banking helps banks keep branch costs down and maintain strong relationships with customers ■■ Video banking helps banks to reach a larger number of customers at a lower cost

large number of transactions from the cashiers to terminals such as the intelligent Teller Machine (iTM) deployed by China’s Bank of Communications, reducing labour costs and improving branch profitability. In Europe, one of the main proponents of remote video assistance is Turkey’s Küveyt Turk, with its Extreme Teller Machines, or XTMs. They feature a touch screen and allow customers to perform standard ATM transactions while receiving assistance from a bank employee via a video link. They are marketed as mini-branches and have given the bank the opportunity to establish a presence in areas where opening a traditional branch would be too expensive. Daniel Dawson, who led the RBR study, said: “Banks across the world are constantly on the lookout for ways to improve branch efficiency without compromising customer experience. Customers see branches as an important part of their banking relationship, and video banking helps banks offer

1 th Oc

transactions as part of their branch transformation strategies. Providing assistance from a remote location – often a call centre – these terminals allow banks to reach a higher number of customers at a lower cost. A small number of employees can provide services to customers in all parts of a country, including those where opening a branch, or employing specialist staff, would be impossible or unprofitable. Video banking has proved popular in China, where a large number of banks have installed terminals offering remote video transactions. They were first installed in 2011 by China Guangfa Bank, and are now used by more than 30 banks. Small branches in remote locations are finding video banking enables them to add to their existing services by offering transactions that were previously only possible in a more traditional branch environment with multiple tellers. In larger branches, remote video assistance has allowed banks to migrate a

Welcome to Greater Copenhagen We support foreign companies, investors and talent in making a successful start in Greater Copenhagen – free of charge

Before

During

After

Information gathering and analysis

Business establishment

Expand and retain

• Market overview • Cost/quality benchmark analyses • Mapping potential partners, costumers and service providers

• Practical business start-up assistance

• Talent attraction

• General advice on legal, financial and corporate structure matters

• Benchmarks on performance

• Fact-finding tours

• Identifying business and funding opportunities

• Land and property search

• Industry insights

• Introductory meetings with business clusters and public authorities

• Expansion support

• Identify new business opportunities • Advice on consolidation of your business case

Photo: Adrian Cowo

Oliver Hall Head of Tech Copenhagen Capacity +45 33 26 87 67 ohall@copcap.com

Lasse Grøn Christensen Team Leader - ICT Invest In Denmark +45 33 92 01 62 lassch@um.dk

BRANCHES/ATMs

Who are you calling a dinosaur? Xavier Durochat, Head of Learning, Change & Digital Transformation at BNP Paribas believes ignoring the power of the ATM could be a dangerous mistake From an aesthetic point of view, it’s fair to say that the humble ATM has not kept pace particularly well with the rest of banking technology. Everything from the 8-bit beeping of the key pad to the Commodore 64-esque console makes the hole-in-the-wall feel a bit like a dodgy 80s company car in a world of plug-in hybrids. “The ATM is more than 50 years old now, and people are viewing it as the bank of yesterday,” says Xavier Durochat, head of learning, change and transformation at BNP Paribas. But he believes companies are making a big mistake if they write it off. “Marketing and digital teams are simply forgetting about it, instead choosing to focus their efforts on new ‘digital’ banking processes,” he says. “The irony is that, despite what consumers and industry professionals

may think, the ATM is as digital as any other banking technology. “At its core, it’s a computer, and that means it’s fully connected, both internally and externally – the very definition of what it is to be digital. I’m always baffled at the banking industry’s reluctance to accept the ATM as digital.” It’s a perception BNP Paribas was trying hard to dislodge at London’s Self-Service Banking Europe event in May. Formerly known as European ATMs, the conference features presentations from Europe’s leading players in the ATM and self-service banking field. “Self-Service Banking Europe is obviously a great opportunity to meet and network with everyone in the industry across a two-day period,” says Durochat. “However, I have to admit, I have felt somewhat underwhelmed here in previous years. There just hasn’t been

the dynamism that I’ve been hoping for, and that’s what the team at BNP Paribas are trying to change. “We believe that the ATM has a bright future ahead of it, and that there’s enormous room for improvement within the self-service field,” he says. “Unfortunately, it’s taking a long time for our peers to come to that conclusion.” Perhaps that’s because of the inherent costs involved in any sort of bricks-and-mortar presence. “Yes, the branch network, including ATMs, is comparatively expensive to both construct and operate,” admits Durochat. “However, it’s still where customers are interacting with their banks, and it’s still where banks are acquiring new customers. Therefore, branch networks are a necessary evil; you need to have one, so you might as well do the absolute best you can with it.

At its core, the ATM is a computer, and that means it’s fully connected both internally and externally... I’m always baffled at the banking industry’s reluctance to accept it’s digital Summer 2017

www.fintech.finance |

129

BRANCHES/ATMs “Take the example of First Direct in the UK,” he continues. “This award-winning bank is almost always at the top of the leader boards for customer experience, their exceptional digital channels and phone service regularly outperforming numerous other big players. However, First Direct has a less than two per cent market share in the UK. Why? They’re branchless, and in my opinion that’s the only thing holding them back. “On the other side of the coin, we have Metro Bank – the first of the challenger banks to emerge in 2010, and the first bank to be awarded a licence by the FSA in the UK for more than 150 years. Undeterred by the

“Like many other banks, we’re installing instant card issuance facilities in all our branches,” says Durochat. “We’re also trying to generalise our recycling operations and offer contactless universally. However, something that we’re particularly excited about is our work in the field of mobile transaction portability.” Mobile transaction portability is bank-speak for integrating ATMs with a customer’s mobile app, one of the many stages on the journey to creating seamless customer experience – be it at an ATM, on the phone or on the website. “To create this sense of continuity, we’re trialling a system of ‘pre-staging’

told they would be able to make host card emulation (HCE)-based mobile payments through the bank’s mobile banking app and Paylib, an online platform supported by the Luxembourg’s major banks. And in May it announced a tie up with French retail giant Carrefour to launch Lyf Pay, a new joint mobile wallet that grew out of a previous joint trial. LyfPay will support in-store and person-to-person transactions as well as loyalty cards, coupons and offers. For Durochat, ATMs are not the dinosaur in the room, but an underused omnichannel resource. And, despite his reservations about the fossilised perception of ATMs in the banking industry, plenty of

ATMs should not be consigned to fintech’s Jurassic Park, says Durochat, because they are very much alive, well and ignoring them may mean they just come back to bite you. threat of online banks, like First Direct, Metro Bank has made it its mission to crack open the quintuplet of British high street banks, and it seems to be succeeding. “Since 2010, Metro Bank has erected just under 50 stores and invested around £4million into each. Couple that with the excellent service, featuring longer opening times and instant issuance of cards, and is it any wonder that they’re leaving First Direct in their dust? Metro Bank is proof of how the self-service industry is as relevant and vital today as it has ever been,” he says.

New solutions for banks Taking heed of their own advice, Durochat’s team at BNP Paribas have been hard at work, developing new solutions to bolster the French bank’s self-service offering.

130

| www.fintech.finance

transactions,” says Durochat. “In simple terms, this constitutes starting a transaction on our mobile app, which generates a unique QR code on screen. From here, the customer just has to present the QR code at an ATM, whereupon their cash will be dispensed immediately. By authenticating the transaction beforehand on the mobile app, the withdrawal process itself is both card-less and PIN-less. This new system offers a much more secure alternative to a traditional ATM transaction, eliminating the threat of card skimming and other security risks.” Could it perhaps ultimately eliminate the card itself? While the bank’s investment in card use continues, this year has also seen it unveil a raft of initiatives linked to the mobile wallet. In February, customers were

others agree with him. According to an ATM Marketplace report last year, mobile integration is identified as one of the top three trends that are most likely to affect the ATM industry worldwide with 48 per cent of the banks surveyed seeing mobile access to in-branch systems, such as cash dispensers, a key part of their branch transformation. Elsewhere, ATMs have been described recently as ‘the friendly face of 21st Century banking’ – a high street proxy for the branch in an increasingly branchless era. Added to which, the demand for cash stubbornly increase year on year. So no, ATMs should not be consigned to fintech’s Jurassic Park, says Durochat, because they are very much alive, well and ignoring them might mean they just come back to bite you. Summer 2017

BRANCH /ATMs

Smart ATMs, smart bank ATMs have wised up, says Antonella Comes, Chief Marketing Officer at Auriga, the omichannel banking software specialists, which manages 33,000 of them. They’re clever, cost-effective and customer centric… what’s not to love? Fintech Finance: How are the challenges and trends facing banking affecting the ATM industry? Antonella Comes: Everyone acknowledges how retail banking is being transformed by extremely dynamic customer behaviours and technology trends. While ordinary customers don’t know the term, what they want is a perfect omnichannel experience with their bank. They will no longer accept excuses for variable service quality when they move between those different channels. At the same time, challenger banks are also emerging, intent on tapping into a loosening of customer loyalty with traditional bank brands. These dynamic trends are challenging the future of the bank branch. It is clear banks need to deeply transform their branch network to serve their customers, but face-to-face interaction is still something customers value when it is appropriate. Working out the right model is a major focus, with banks looking at wholly automated facilities or totally remodelled branches that combine enhanced self and assisted service systems with expert personal advice from staff. FF: How would you define the difference between an ATM and smart ATM? How do you think the ‘Average Joe’ would be able to see the difference? AC: For a customer, a smart ATM can offer a much more personalised experience and offer a wider range of services. Greater integration with online and mobile banking means that customers can expect a smart ATM to interact with their smartphone and be able to do money transfers and other functions associated with their online account, as well as pre-staging a transaction on the mobile to conclude it on the ATM. For the bank, the benefits of a smart ATM

132

| www.fintech.finance

are how the device is seamlessly integrated with the other channels and how it can become a more flexible and powerful vehicle for improving customer loyalty. The use of a single, Cloud-based software platform means the management of ATMs becomes more streamlined and can be evolved with more new features and services much more easily and faster as well as reducing dramatically the total cost of ownership. The ease with which new services can be implemented on a smart ATM also means a fleet of ATMs can be utilised to run new revenue-generating services to offset their operational costs.

The use of a single, Cloud-based software platform means ATM management becomes more streamlined and can be evolved with more new features, faster FF: Statistics on the use of cash seem to be somewhat erratic, but as a form of payment it is not going away. What role in the wallet does cash have? AC: Cashless payments are growing in popularity but attachment to cash and ATMs runs strong and deep. We sponsored a survey of 500 British bank customers earlier this year, which revealed

that UK consumers rank cash as the most secure payment method (5.62 on a scale from one to seven) followed by paying by debit card (4.63) and credit card (4.52). ATMs were also confirmed as integral to how they want to run their finances: 43 per cent of UK respondents to the survey said they used an ATM on a weekly basis with 63 per cent saying it is more important to have an ATM nearby compared to just 20 per cent feeling the same about branches. Although 61 per cent said they think there are enough ATMs, almost the same number said it was ‘very essential’ to have access to a fee-free ATM. Ninety-two per cent of UK consumers would like all ATMs to be fee free, even if it means having to go further to find one. FF: How else can banks utilise this channel to improve customer experience? AC: Smart ATMs have the potential to deliver improved customer service, which can drive greater customer loyalty while cutting operating costs for the financial service provider. Ensuring that customers remain loyal is increasingly important as new challenger banks and non-traditional entrants compete for customers. On one hand, it is about ATMs offering customers a greater variety of useful self-service banking features. These can range from note and coin deposit and recycling and doing cardless withdrawals using a mobile, to making overdraft applications and fund transfers, processing bill payments and setting up appointments with financial advisers. What’s key is how the ATM is no longer isolated or poorly integrated with other systems to manage customer relationships and product offers. This might mean branch staff can see which customers are interacting with ATMs within the branch and use that opportunity to introduce themselves and make appropriate offers.

Summer 2017

FF: An ATM network is costly – costly to run and costly to install. How can Auriga help with ensuring cost efficiency? AC: We recently launched our WWS Cash Management module as part of the WWS Branch suite. This goes right to the heart of how banks can transform their ATM cash management operations. It is designed to manage banks’ cash more effectively and improve cash management, cash handling and security. It is fully multi-vendor and multichannel and the module analyses at least 12 months of records to accurately run cash forecasts for every cash point (cash-out/cash-in ATM, multifunction ATM, recycling ATM, ASD/ASST, TARM, branch window with TCR). These forecasts are combined with other key factors, such as the cashpoint’s physical location and its capacity, as well as the bank’s insurance policy, any legal requirements and any likely spikes in demand for cash withdrawals, for example around bank holidays, Christmas or other seasonal events. By correlating these factors, the module automates how the bank determines the most efficient cash delivery and collection schedule and processes, enabling a drastic reduction in operational costs as well as out-of-service time for cashpoints and the impact of this on customers and the banks’ reputation for quality of service.

Truly omnichannel: ATMs are just as much a part of the digital transformation

FF: Lastly, how do you think the financial services market, including ATMs, is going to evolve over the next few years? AC: The market is going to continue to evolve around what customers need and how banks can deliver more personalised customer experiences. The ability to apply predictive analytics is also going to become prevalent as banks use more AI and machine learning to anticipate customer needs earlier and make better, tailored offers. ATMs are 50 years old this year and have evolved hugely since 1967. They and a new generation of self-service machines, offering a richer array of personalised services, will continue to be central to how people bank alongside other channels. ■ See www.aurigaspa.com for more details.

Summer 2017

www.fintech.finance |

133

CUSTOMER RELATIONSHIP MANAGEMENT

The future’s social: A communal vision for banking

Bank Social Tomorrow’s bank won’t just interact with social media, it will become it, creating a community around customers, says Vayana Chief Innovation Officer Karthik Raman Who hasn’t heard of Facebook? It’s the world’s number one social media site with 1,871 million users (an 18 per cent market share) followed by WhatsApp and Facebook Messenger, both on 1,000 million users. Three Asia Pacific favourites occupy third to fifth places respectively: QQ (877

134

| www.fintech.finance

million), WeChat (846 million) and QZone (632 million), while picture-led network Instagram pulls into sixth place followed by microblogging site Tumblr, then Twitter1. If you could leverage this infectious new world, with its hermetic language and cultural mores, and make it work for the financial sector, wouldn’t that be

something? Well that’s exactly what Vayana, the omni-channel customer experiences provider, is attempting. “Currently, banks are integrating with social media to look social but the future is for banks that become social by creating a community around their customers – the Bank as Social,” says Karthik Raman,

Summer 2017

Chief Innovation Officer for Vayana. “Say the bank can help me create a virtual sticker when I have purchased something from a shop that I like. I should be able to share it within a closed group in my social banking network where I have created friends and families. This can then induce another transaction for that shop. Or, I can actually share it on Facebook, where seeing a sticker also allows more onboarding opportunities for the bank,” says Raman, who’s job it is to turn these visions into reality. His response to the advent of open banking, accelerated by the Revised Payment Services Directive (PSD2), could best be summed up by a series of winking-eyed, tongue-out emojis. “Banks nowadays are forced to open up communication channels in the ecosystem. A bank can decide what application programming interfaces (APIs) can be exposed to the outside world and can invite third-party partners, collaborators, or even customers themselves, to integrate and consume those APIs.” Once the concept of open API banking has evolved across many banks ‘they will become standardised and the equivalent of PSD2 norms’, says Raman. “Then it becomes much easier to create and share content in a community.” Raman argues that, while banks have been focussing on a ‘segment of one’, individual customers are in fact multiple personalities – their roles changing a dozen times a day. “The experiences and customer needs based on these personas are very different, but banks do not cater for them as they currently provide a one-size-fit-for-all experience,” says Raman. “We realised there are different personas for the same person. I act as an individual, a father, a friend, an employee. What we try to do is create different user experiences for different personas; create different user experiences for the same set of transactions and create that closeness to the customer, to the role he/she is playing,” says Raman. “While we were doing this, we also

Summer 2017

created the concept of family banking, which is tied to personal finance and social banking. I can tag my son’s account and my wife’s account as a group and we’ll be able to track expenses or set goals at the family level. So I can create circles within my family and friends and then share information, create stickers and hashtags, which can induce a banking transaction.” Vayana’s experience in omnichannel development led it to create a suite of specific apps for touchpoints in the customer journey, including digital onboarding and an app to track personal finances against a budget. All these off-the-shelf apps were steps on the way towards personalisation, says Raman. “But the real prize is in creating Bank as Social, like a Facebook. “Some aspects of making Bank as Social are still work in progress and haven’t been tested on the market yet, but we are very excited about them.” It’s not that far from a future banking experience in which deposits, payments, fund transfers and investments could be done via social networks – or by integrating functions of social media apps into banking apps. After all, peer-to-peer lending, crowdfunding and microfinance already intersect with the emoji world. “I’ll give you a very simple example,” says Raman. “In the banking app, one should not only be able to track your friend’s birthday on Facebook, but also conduct a meaningful transaction, such as sending him a gift or money.” Already hugely successful with other products, Vayana was recently celebrated for its Apple Watch app for Alawwal Bank. The services include balances and mini statements, notifications and payments. Based in India where there are 200

million active social media users and the world’s largest number of Facebook members (195 million, mostly aged 18-24), Vayana enables banks to engage with their customers by creating experiences with every transaction or event.

Hyper personalisation Raman anticipates that banks will ultimately opt to create organised, personalised silos of data to generate unprecedented personalised customer experiences. Patterns and trends can be analysed at the cellular individual customer level and, through algorithms, Vayana can already offer additional bank services, based on the individual’s behaviour. In a recent interview, CEO Kannan Ramasamy said ‘machine-learning algorithms will be able to provide real-time responses to engaging a customer with offers that are meaningful and timely’. And he added that he believed ‘20 per cent of our customers are keen and eager to move in this direction’. By fostering this type of interface, Raman says banks increase opportunities to cross-sell or up-sell. “We've already seen banks and retailers take the first steps towards strategic alliances that go beyond rewards schemes. A good example is ‘Lyf Pay’, a recently launched mobile wallet that supports in-store and P2P transactions as well as loyalty cards, coupons and offers, which was jointly created by French retail giant Carrefour and BNP Paribas bank.” Vayana means weaving in Sanskrit – and that’s precisely what it’s attempting to do, using financial services as the weft and social media as the warp. And it could completely change the fabric of banking.

In the banking app, one should not only be able to track your friend’s birthday on Facebook but send a gift or money

1 We Are Social statistics, January 2017

www.fintech.finance |

135

CUSTOMER RELATIONSHIP MANAGEMENT

The human touch Nationwide Building Society meets Silicon Valley as it explores the digital/human interface.But that makes it more – not less – of a ‘people bank’ as Matt Cox, Head of Insight and Innovation, explains Even casting an objective eye over Nationwide’s reputation, you’d be hard pushed to find the sort of negative reporting one has come to associate with financial institutions. For starters, the biggest mutual building society in the world has a track record for consistently winning polls for best customer service, which surely warrants respect in a market that’s experiencing pressures from the bank transformation programme and an ever-changing and demanding customer base. Last year alone, Nationwide came an impressive third in The Sunday Times’ poll of the Top 25 Big Companies to Work For, second in the British Bank Awards and first among its high street peers for customer service satisfaction for the three consecutive months to March 2016. This year it scooped the prize for Best Application of Technology in the Institute of Customer Service Awards. Let’s not forget that Nationwide is also the second largest provider of household

136

| www.fintech.finance

savings and mortgages in the UK, too. Altogether, it seems like this 169-year-old institution can do little wrong. Matt Cox, head of insight and innovation at Nationwide, says that offering choice to its members is integral its customer service objectives. This explains its broad spectrum of communication channels, including contact centres, branches, social media, webchats and video calls. “We have consistently been first for service for a long period of time, and I think that is a reflection of the technology we provide for our members, but probably more for having great human service when our members need it. “If I think about why we continue to invest in our branches, it’s because we recognise that we absolutely need to provide human service in the towns and villages across the country where our members live.” Cox says that the key for Nationwide is balancing the needs of all its members, given their differing preferences for interaction that alter according to their age.

“We need to make sure that we can offer all those different technologies so they can interact in their method of choice. If, for example, younger people choose to engage in social media, we need to respond – and we have responded by providing 24/7 social media teams that interact with them through Twitter and Facebook, whenever they choose.”

Spoilt for choice? Evolving technology has facilitated this increased choice – but how successful and streamlined can the customer journey be when there’s so much of it to choose from? “I like to think they’re not separate channels. They are just different ways that a customer can contact us and then they’ll receive the great service they deserve when they get through to us,” says Cox. “And whether that is through webchat or voice, you’re going to get through to the same, highly skilled, highly capable employees that care. I don’t want to think that this is just about technology because Summer 2017

at the end of this there is usually an employee that cares deeply and whose job it is to provide great service.” Cox believes that no bank customer service strategy will ever achieve its aims without people. “I think it would be easy to look at the trends for digital and uptake of digital and make false assumptions. By that, I mean assume that customers don’t want to interact with a person when they find something difficult, or complex, or confusing. I just don’t believe that that’s true. “I think the power of technology is when you can bring together digital services and digital capabilities for those who want it – in their own time and homes. But when they want access to human service, how do you utilise technology to give them access? In Nationwide, we often say ‘it’s made possible by technology, but made meaningful by our people and our employees’.”

Nationwide Now Cox has a clear vision of how the potential of technology can reach untapped needs. Referring to ‘Nationwide Now’, its video technology for mortgage-based appointments, he acknowledges how video appointments between customers in local branches and employees in contact centres can speed up the application process. It’s one of Cox’s standout projects during his 18-year career with Nationwide, because it ‘meets a real member need and combines technology and great employees’. “A customer who is trying to buy a home, but is in a hurry and wants to get the offer sorted, can have an appointment much quicker because they can go to their local branch and use the video facilities. So it saves them time, they get a better experience, and we get better utilisation of our resources across the different channels.” Printers in the video conferencing room provide the customers with their completed application forms, while cups of tea or coffee are provided by the local customer representative. Nationwide was the first financial institution to launch an internet service (in 1997) and ditto with social media. “We need to be where they are spending their time,” says Cox. “Therefore we took the decision to be really early adopters of social media customer service. Now, we process thousands of interactions and conversations through social media Summer 2017

channels, and it’s something that I think will grow and grow over time.” Artificial intelligence (AI), on the other hand, has some way to go before it debuts at Nationwide, although it’s certainly on its R&D agenda. Bots will have their place, says Cox, but they will never be at the expense of human service. “For me, direct customer service bots provide a great opportunity in the really quick, simple things, like ‘what products do you have for this? What’s the interest rate for this?’ Early on, we can utilise bots to provide those kinds of needs. “But the key for me is, how do you then hand off to a person when those needs can’t be met through a bot? As soon as it becomes more complex, you have to find that seamless hand-off to an employee who can answer that for them. “As the technology matures, I’m sure there will be ways that we can use bots and more sophisticated AI technologies to provide a more complex and human-like service, but that’s very much a long-term game,” says Cox.

It would be easy to look at the uptake of digital and make false assumptions that customers don’t want to interact with a person when they find something difficult, complex or confusing Last summer, Nationwide partnered with Snapchat for a limited promotion period and it also launched its own YouTube channel ‘Money Stuff’ with vloggers such as TomSka and Emma Blackery giving input to 14 to18 year olds about their finances.

Good time to talk One of the newest innovations that Cox has overseen is the ‘Nationwide Chat’ app, a service introduced in March 2017 that allows registered members to talk to

Nationwide on their iPhones. Marketed as ‘your own digital, personal financial assistant’, it allows customers to hook up through a straightforward chat or video conversation with representatives in local branches, who are qualified to offer advice. “We’re exploring how we could start to utilise the great employees we’ve got in our branches to provide customer service in a way that isn’t just for those who walk in off the street,” explains Cox. “We’ve working in collaboration with a fintech organisation, based in Silicon Valley, to explore the link between customer reactions and business benefits. For me, that’s really exciting because I think it’s right at the interface of that digital/human service we are talking about.” Innovation will reach new heights when open banking is fully realised, says Cox. The ability for third-party developers to build other new apps and services around financial institutions’ propositions will certainly shake up the market, as will greater transparency. “I think that [open banking] has the potential to radically change the kind of service we give our customers. While that is about technology, we need to ask 'when customers have choice, who do they choose?' And a big part of that is about trust. ‘Who do I trust to keep my money? Who do I trust to provide me with the best services through digital, but also offer me help and human support when it goes wrong?’ “I think Nationwide’s uniquely placed to provide better services in that kind of environment because we are the most trusted brand on the high street and being a building society we can make different decisions – all of it is about fostering trust.” He may be head of innovation, but it’s apparent that all the technology he manages rests on a pillar made up of well-trained staff. And there’s no better illustration of this human touch than Nationwide’s latest service, created to support customers living with cancer. “When, in that really difficult time in their lives, people have significant financial needs, we took the decision to set up a dedicated team to better support them and provide proper case management services, help and guidance and support,” he says. “That, for me, is a great example of how a building society can do something really innovative in customer experience, without technology. You know, there’s no shiny technology in that, but it’s just as valuable.” www.fintech.finance |

137

CUSTOMER RELATIONSHIP MANAGEMENT

Are we there yet? Becoming fully compliant with GDPR will take some companies time to achieve, says Kieran Kilmartin, Director of Marketing at Pitney Bowes. But it will be worth it in the end… “Regulatory change is a good thing,” says Kieran Kilmartin emphatically. As marketing director EMEA for Pitney Bowes, a company that helps power billions of dollars of transactions across borders every day and whose job is made infinitely more complex by new rules, that sounds a little odd, to say the least. “Compliance and regulation are costs, not money makers,” he says, warming to his theme. “However, better data management is always a plus and can have very positive business effects. “At Pitney Bowes we look at businesses where there are many customers, large volumes of data, and complex relationships within the data. The upcoming General Data Protection Regulation (GDPR) is an opportunity to improve those relationships and processes across organisations.” As well as managing data, effective communication is a big part of regulation. Clearly, the GDPR and anti-money laundering (AML) initiatives, which span all industries and geographies, are prime topics at the moment. If you consider AML, it’s about entities, individuals, parties, and ensuring that you can understand the relationships across those different parties, whoever they might be.” In his opinion, one of the biggest challenges for banks is the ability to track and resolve data issues and because the banks have many disparate systems, criminals exploit any organisational gaps. He’s hoping GDPR will help to plug them. “Large retail banks have a vast data challenge. I was talking with a bank the other week, and one of its biggest challenges, given its huge customer base, is to gain consent to process

138

| www.fintech.finance

data, and to understand where the customer data is. “A big difference between the Data Protection Act and the GDPR is that with GDPR you have to demonstrate that you know what you’re doing. You have to show you’ve got clear processes, and you’re on top of your data. For a lot of organisations, the Data Protection Act was simply about knowing how to avoid fines – miniscule fines compared to those expected with GDPR.” It will be a huge cultural change for many organisations, he says, not helped by the sheer amount of data collected since the original DPA was enacted in 1998. “The amount of data flowing around the internet then was minimal compared to today,” he says. “Now, organisations must be far more proactive and attentive, and make people aware of what GDPR means. Within our own business we have documentation that is sent to every part of the organisation, so people understand what it is and what their data responsibilities are. We have some two million customers, and we’re trusted with their data, so we must ensure that our employees understand regulations. It’s the same for any large organisation with many customers and large amounts of data.” He underlines that gaining customer consent to use data has now become

an organisational imperative if you’re in financial services. “GDPR for banks is all about profiling data on every party in the value chain and making sure that it’s controlled and compliant. Banks know they have major data management problems and GDPR is

Summer 2017

a compelling event for them. It’s forcing them to get the house in order.” So, what are the plusses? “It’s a data solution,” says Kilmartin. “Because GDPR and AML provide a single view of the business and the customer, once you’re GDPR compliant and have effective measures in place for AML, you have the essence of a single view. And the benefit of a single view is that you can provide a better customer service. Although you could say that the return on investment is not being fined, there is also a return in terms of customer service. “I always think of a single customer view as two sides of the same coin. On one side you have compliance, with people doing what they need to do, but without considering the other side of the coin. The other side is the shiny one, where the marketing and sales functions are, and which is about service.” As well as consent, trust is a fundamental plank of GDPR. Kilmartin explains: “For many years there’s been a lack of trust in banking organisations. We need to share data as well as protect it, which is a problem if trust is missing. Perhaps that appears to fly in the face of GDPR, which is about protecting data, but you need to be confident about sharing data as well as protecting it. “Pitney Bowes has a long history of helping organisations with data. We have technologies that allow organisations to connect and rationalise data, and that’s one of the biggest challenges, because of the disparate and complex data sources in banking. “From an AML point of view, there are blind spots, which we help organisations to navigate. For example, when it

Summer 2017

comes to customer due diligence, we help organisations make sure that the person they are onboarding is who they say they are. “As for transactions, banks would rather inconvenience us than risk being fined, so there are many inefficiencies and false positives to root out. We help through automation, ensuring that a transaction doesn’t need to be removed from the system for manual intervention. “Our strength is to bring data together, without creating an impenetrable data lake. Data is federated across multiple data sources, and draws on the power of our matching engines.” This brings us back to the importance of having a single view. “Once you’ve matched the data,” says Kilmartin, “you have your single view, whether it’s for GDPR or AML. We have a very robust platform, and it’s why large banks are using us for AML. We’re also talking to tier 1 and tier 2 organisations about GDPR, and how we can help them to find where their data is and why they’re holding it.” The importance of that single view becomes very apparent when you consider the number of subject access requests (SARs) from customers demanding to see and vet the

We have technologies that allow organisations to connect and rationalise data – and that’s one of the biggest challenges

information held on them, which are likely to be triggered next year. “There may be challenges when someone requests data to be erased, for example,” says Kilmartin. “It’s your right to have data erased if it’s no longer relevant, but there might be instances where there’s a legal or contractual reason why it should be kept. This is where we help organisations create a single view very quickly, across multiple data sources. Whether for GDPR or AML, the underlying technology is basically the same.” Although 25 May 2018 is when GDPR comes into effect, Kilmartin suspects many companies will take months to tick all the boxes so they are fully compliant with the regulation and will be made examples of if they fail the deadline. “My feeling is that a lot of organisations won’t have everything in place by next year,” he says. “When the GDPR talks about fines, it says they have to be effective, proportionate and dissuasive. I think the operative word is dissuasive. They’ll want organisations to hurt if they don’t comply. But the flip side of this is that we will see the vast majority of companies making sure they are compliant or at the least making considerable progress towards it. “All in all, GDPR is a game changer for all involved.”

www.fintech.finance |

139

CUSTOMER RELATIONSHIP MANAGEMENT

Next stop on the Metro express The first new high street bank in 150 years is accelerating into the future, says Martyn Atkinson, Director of Change and Digital at Metro Bank Vernon Hill, the US entrepreneur who launched Metro Bank in the UK seven years ago, recently predicted the bank’s assets would stand at £27billion by 2020 if it continued at its current rate of growth. Assuming he achieves it – and with up to 10 more stores planned this year alone, there’s no reason he shouldn’t – that would give Metro a one per cent share of the entire UK banking market. And this, remember, is a high street bank in hand-to-hand combat with the Big Five. Since opening its first outlet in Holborn, London, in 2010, it’s relentlessly built territory as others yield it. According to Which? 482 bank branches will close this year alone, bringing the grand total of losses to 1,526 since 2015. Metro’s 48 open-all-hours ‘stores’ (all within south-east England and mostly in London) make up a small but significant counter revolution and, so far, it’s brought

140

| www.fintech.finance

the bank 1 million card-waving followers or ‘fans’, as it prefers to call them. Changing the language around banking is more than cosmetic; it’s not ‘culture written on their poster on the wall’ as Martyn Atkinson, director of change and digital at Metro Bank has been quoted as saying. From the words it uses to its dog-friendly, open-plan retail spaces in high footfall shopping locations, it’s all about being accessible and convenient. That’s what its recently launched app was all about, too. But there’s always room for improvement. “We’ve probably been slightly guilty of building some capabilities – and our registration process was a case in point – that wasn’t designed as optimally as it could have been,” says Atkinson. “So, we took nine pages down to three, minimising the amount of data entry that the customer needs to do. Unequivocal feedback from the market was that

customers want frictionless authentication, so, we made sure that Touch ID was a fundamental component of our authentication protocol.” The app took nine months to arrive but it was worth the wait. “You’re always going to have some wrinkles, but overwhelmingly, the feedback has been really, really positive,” says Atkinson. “I’d like to think that’s because we actually talk to our customers, and therefore it’s not a surprise they’re pleased – fundamentally, we’re delivering the things they’ve asked us to do.” In Metro’s case, the successful physical format is driving the creation of a highly branded Metro customer journey – not the other way round. “We’re trying to replicate the fanatical service execution in our store model and replicate that through our digital offering – whether that’s through the mobile app or Internet banking platform. It’s all about service and convenience,” he explains. Summer 2017

High-speed service: Metro Bank has a reusable technology stack

Atkinson. “That’s meant that new innovation services are now delivered jointly by fintechs and the incumbent banks. Therefore, we’ve moved away from a period of competition into a period of collaboration, and that can only be a good thing for customers.”

Working in partnership

“We believe that the branch, or the ‘store’ as we call it, is fundamental to the financial service experience. We think the digital glue that’s wrapped around it, is complementary rather than a substitution. It’s making sure we build experiences across all of our channels that allow our customers to engage in the channel that they want, when they want. But most importantly, it allows them to move seamlessly between channels.” That’s what’s driving a significant investment in digital transformation across its core consumer facing channels to make sure it doesn’t end up with a two-tiered service between physical and digital. So does that mean Metro will also be exploring the use of AI, robotics, blockchain and biometrics alongside the introduction of app features such as, ‘create new payee’ and building a notifications platform so they can send personalised messages to customers? Maybe. “I think the expectations of consumers are driving the proliferation of innovative services through the market,” says Summer 2017

Metro Bank has already forged one of these new-style collaborations with accounting software firm, Xero, allowing it to offer Xero accounting feeds to business customers on a pay-for subscription basis, much like the Moven (money management tool) collaboration with TD Bank in the U.S. “Historically, I think the term was ‘fintech piranhas’: these guys that are going to come and nibble around the edges of the banking ecosystem. Now, we are seeing that the banks offer structure and scale, they’ve got customers and understand the regulatory landscape, but actually, the fintechs offer innovative services. They offer new ways of working, and they offer real speed to market. We’re seeing the value of those things coming together and working for all parties.” Blissfully free of the legacy systems and debt that has encumbered other high street banks, Metro has been free to build its own technology stack. “The platform we built our internet banking capability on is a brand new digital platform. So we’re building a technology stack that is reusable. I think in terms of the challenges, we adopted an agile methodology, and that bled across large parts of the organisation. “Because of our brand presence and what we stand for in terms of service excellence, and the fact that we can partner in a really quick and elegant way, makes a lot of fintech companies want to work with Metro Bank. “We’re going through a process now, particularly in the concept of open banking, where we’re starting to understand what partnerships we can

offer. And, are there gaps in our own capabilities that we could address through partnering with other companies?” It puts the bank in a strong position going into a new regulatory period that's fashioned by the revised Payment Services Directive (PSD2), the General Data Provision Regulation (GDPR), the Competition and Markets Authority (CMA), and the fourth Anti-Money Laundering (AML) directive. “PSD2 is mandating that we expose certain products and services, but actually, it offers a real opportunity to build new relationships or new economic value chains,” says Atkinson. “Therefore, while the driver is regulation we honestly think that with the capability we’ve built, we can seize this as a strategic opportunity. “I think GDPR could have a really impactful consequence in a positive and negative way for banks,” he adds. “First and foremost, it’s about protecting consumers and giving consumers the right of access to their own data and making sure they understand how to use it. But as financial institutions, we have an accountability to make sure we manage our customers’ money and data safely and securely, and part of that is educating the customer as to what data we hold, why we hold it and who’s using it. “But if banks get this wrong, I think there could be a real impact, because security is one of the core tenets of why people remain with their banks. If GDPR is not done well and doesn’t have the right controls, I think you could have extinction-level events.” He believes Metro’s clean technology stack allows for more efficient execution, compared to long-established banks. “Because we have a relatively small store or branch footprint, the driver for digital transformation in our world is not about cutting costs to improve our cost-to-income ratio. It’s about actually delivering the digital services that our customers tell us they want.”

Because we can partner in a really quick and elegant way, a lot of fintech companies want to work with Metro Bank

www.fintech.finance |

141

CUSTOMER RELATIONSHIP MANAGEMENT

What’s so small about business banking? Director of Customer Propositions & Strategic Marketing at DWC Ltd (and frustrated business customer) Daryl Wilkinson speaks up for the ‘missing middle’ In Europe, 99 per cent of registered firms are classed as an SME and 5.5 million are in the UK, according to the Federation of Small Business. Each and every one of those UK-registered organisations will require banking services to establish themselves, grow and survive. The sector has traditionally been served by the traditional Big Four banks with little competition or innovation. Whilst it appears new entrants have woken up to the profitability of the sector, it’s a market that has lacked the leadership ambition so prevalent now in retail banking, from high street incumbents to nimble fintechs. It seems SMEs are stuck in the haze between personal banker and large corporation, resulting in access to many products and services that don’t quite fit their needs. When I took the plunge to establish DWC Ltd, I felt confident that, given my background of 10 years in the banking industry, banking would be the least of my worries as a new business owner. However, I found myself switching accounts on three different occasions in an attempt to find a service that worked for me. With each new bank I quickly found the processes to be time-consuming and frustrating. From opening an account to making payments, every time I had to contact the bank it proved to be a significant distraction from where my time should have been spent; establishing my business and serving my customers. My flow was interrupted by processes that made the simplest of things unnecessarily hard. Clunky processes built for larger corporations and then poorly adapted for smaller firms, have resulted in badly

142

| www.fintech.finance

designed and inefficient systems, such as one of the accounts I had requiring entirely different security data, depending on whether I was using the app, online banking, or telephone services. If any of these credentials were forgotten (gulp!) I was in for a seven to 10-day wait for new credentials to arrive in the post, never mind that these were digital banking services!

A forgotten segment Whilst mainstream banks take the time to distinguish between the needs of personal and business customers, offering different services to each segment dependent on need, what they don’t seem to do well is

75 per cent of SMEs did not consider banks supportive of their business... a one-size-fits-all approach from banks cannot and will not work recognise the ‘missing middle’. This is a segment that needs the flexibility of the personal market combined with the business support of corporate accounts. Simple issues, such as being able to log in with a single password to access accounts, apps that enable rather than restrict, and technological (dare I say APIs?), routes for

engaging experts on issues such as tax, forecasting and debt management would go a long way to helping time-poor SMEs.

A partnership approach For larger SMEs I feel a closer understanding is required, which is where the relationship manager adds value. Done well and built on mutual trust and respect, this role should be at the forefront of identifying more complex needs while offering tailored advice. It’s where ‘added value’ services are introduced, from syndicated loans to alternative sources of finance for organisations constantly stuck in an overdraft. A visit to, or from, the ‘bank manager’ should be a rewarding experience. But a study carried out by the Competition and Market Authority and the Financial Conduct Authority in 2014 revealed that 75 per cent of SMEs did not consider banks supportive of their business. These feelings stem from the individuality of the SME sector, meaning a one-size-fits-all approach from banks cannot and will not work. A new and flexible partnership approach to banking would enable SMEs to access resources they need on demand, while allowing them the freedom to make decisions about their own business. SMEs are not a homogenous group. Commercial banks need to offer services that deliver to a multitude of needs across customer types. But as with personal banking life stages and topologies, shared values are evident in commercial banking: ■■ Convenient and accessible (multiple touch-points, as and when needed) ■■ Expedient (from account opening to account servicing) Summer 2017

Missing middle: SMEs’ banking needs float between the personal and business

■■ Tailored to need (solutions and advice from trusted experts) ■■ Efficient (complements internal processes, such as accounting, payroll, taxation) SMEs are time poor, especially micro SMEs, and they require banking that enables them to choose how and when they interact – for some, face-to-face interaction is important while others may simply need to use an app on demand. The SME customer needs to feel valued, which some banks have been able to do by visiting them at their own premises rather than asking the SME to go to them. Forget branches, who wants the hassle of parking, queuing and hoping that it’s Summer 2017

still open by the time you get there when a relationship manager can visit your premises instead? This ticks all the above boxes while also offering a chance for the bank to better understand and support the business.

Innovation in Unity I have recently engaged with Unity Trust Bank. Our paths first crossed last year when they contacted me at DWC Ltd. Together we saw the opportunity for it to extend its value by offering commercial banking services to firms with a social conscience. Unity Trust Bank has an interesting differentiator – a ‘double bottom line’ strategy. This means it seeks to generate a

return for shareholders while making a positive impact on society through the loans provided to its business customers. They have already shown what they can do in the not-for-profit sector. Unity Trust Bank won independence from the Coop Bank in 2015 and has successfully transformed processes for the needs of the broader SME. By rewriting the service handbook and giving customers everything they need on tap, while still investing sensibly in transformation for the road ahead, opportunities for growth are inspiring. SMEs generate roughly half of all private sector turnover. Helping them to grow holds significant benefits to all of us in society. www.fintech.finance |

143

CUSTOMER RELATIONSHIP MANAGEMENT

Testing, testing Banking outages are increasing and with them fines and frustration. But when PSD2 opens the market to third-party APIs,preventing meltdowns will become a real challenge, says WTSS founder Martin Schorel, whose job it is to watch banks’ backs Outages are seriously bad news for banks. When the shutters crash down on an app or website, customers are usually quick to scream their displeasure on social media. So, for more than a decade, Holland's WTSS has helped banks avoid such embarrassment by improving online reliability and testing every online link. And the fintech now aims to offer that expertise to ensure the revised Payment Services Directive (PSD2), and the thousands of APIs it spawns, soars instead of stalls. “PSD2 for banks is an opportunity and a threat,” says WTSS founder Martin Schorel. “For us, it’s a very big challenge, because all these interfaces need to be verified and tested and it adds to the infrastructure that needs to be monitored.” The Rotterdam firm is setting up a PSD2 register to test, certify and accredit PSD2 interfaces and service providers for when the regulation is introduced next year, opening up consumer banking to third-party service providers. At that point the IT environment will become massively more complex. No longer will banks just be concerned with the reliability of their own systems, they will also have to be sure these third-party API interfaces are running properly, too. Schorel says: “We want to do the validation and monitoring of the PSD2 interfaces. There are, at this moment, 8,000 banks out there that are building, or hopefully will build, a PSD2 interface. “We would like to have a certification programme up and running for those types of interfaces. And then if we can get those customers, we would hope to keep them from a monitoring perspective.” WTSS is offering membership of its register for free, and details of members’ APIs will be listed for everyone to see. From there, WTSS will offer its end-to-end monitoring service, which it has already developed for its bank customers.

144

| www.fintech.finance

The service has grown with the development of web banking, and customers‘ systems are tested up to every minute around the clock. “Twenty years ago, when we were still writing cheques and sending invoices through the mail, a customer would never have known about a bank outage,” says Schorel. “Then, when internet banking was new, if a site wasn't working a customer's attitude was ‘well, it‘s new technology so no problem, I'll do my banking tomorrow‘. “Now, people have banking apps on their phones. So banking has gone from a slow pace to customers checking their bank account several times a day.

Our aim is to search every corner so, even when an error is caused by an obscure system run at a bank’s data centre in a foreign country, we can log it “That's very difficult for banks. They now need to be available 24/7 with a very high service level.”

Social embarrassment Schorel explains that even if web services are running 99.99 per cent of the time, that still means several minutes of outage. Even if a small minority of customers are affected, the issue is more often than not flagged on Twitter, the news is shared,

and as minutes pass the risk of a problem becoming a story on a news website increases. HSBC and National Australia Bank outages hit the UK tabloid press on two consecutive days in May, while Lloyds, Halifax and NatWest all found themselves in the media spotlight on the same day the previous month. They’ve become such a regular occurrence that last year the UK’s Treasury Committee called on the Bank of England to take a ‘leadership role’ in addressing system failures. With consumers’ trust in banks already knocked by the global financial crisis, product mis-selling scandals and the continued low interest rate environment, such everyday annoyance adds fuel to the flames. “The question of trust is difficult for banks,” says Schorel. “Banks are not trustworthy, according to some people. Putting money in your bank doesn’t pay off, because the interest rates are so low. “Some banks collapsed, others were shored up with state support. “I can relate to the people who believe it is prudent to have more than one bank account should one bank be hit by trouble. “But in the end it boils down to trust. Banks must do all they can to ensure a customer can get at their money when they want to.” The WTSS monitoring service involves the setting up of multiple customer accounts, which are then used to continually test every corner of a bank’s customer-facing system. “We get accounts, we get PIN code machines or whatever is needed to get access at a particular bank, then we actually start using those bank channels,” says Schorel. “We set up accounts, place money there and start playing with the Summer 2017

apps or the website. When we find things that are not working as they should do, it gets interesting. Our findings get fed back to the bank. Our aim is to search every corner so even when an error is caused by an obscure system run at a bank's data centre in a foreign country, we can log it on the dashboard.” Schorel says the beauty of monitoring from the perspective of a customer is that WTSS can ‘start with the low hanging fruit’ from day one. From there the process digs deeper and deeper. Schorel explains that it has taken up to six years for WTSS to become fully embedded within some banks’ systems, so the fintech can now give guidance from the development phase right up to production monitoring. Pilots of new features can also be tested for a customer, alongside regular monitoring of live systems. Many financial institutions use a different system to test system reliability – the sandbox – but Schorel argues sandboxing comes with its own risks. “If you sandbox a system you tend to only let employees who are directly involved work on it, and perhaps a customer will be let in there, too,” he says. “However, it’s not always the best idea to get

Warning, warning: WTSS tests the system up to every minute

Summer 2017

your customer into the sandbox because they might get dirty. “If the system fails, the customer could be left thinking ‘if it’s not working now, what will happen in a few months when it actually goes through to production?’ “Of course, you can get a customer to sign a confidentiality agreement but it is better to have somebody who is contractually obliged to keep quiet.”

The update dilemma One potential pitfall for bank system reliability is the regularity with which apps are updated – which sparks the potential for unforeseen consequences. Schorel says even if the trigger for an update is the fact that Apple’s iOS has started to spit the app out, a new version with no changes still has the potential to throw up fresh errors. WTSS's up-to-every-minute test interval is the firm’s solution because a system is ‘tested, and tested often’. He says: “We start, as we call it nowadays, a journey. We start a customer journey by starting the app, going into the app, finding out if there is a balance available. Then we create a transaction and observe whether the transaction is executed from the ordering party to the counterparty. “So, since this is done up to every minute, the moment the bank app changes for some reason, either via a regular update, an internal update or a server update, we directly see the result of that.” A dashboard is used to log the process and feed back accurately to the bank just what went wrong. And with such regular testing, a bank can use the results to ensure it is meeting its own service level agreements. So far, WTSS’s services have been confined to the Netherlands and its near neighbours. But Schorel reveals that he has plans to move into the UK and US markets soon. “We will be opening both a UK and a US presence because we need to have accounts in those areas,” he says. “That, together with our plans for PSD2, means there are a lot of things happening in 2017.” www.fintech.finance |

145

INSIGHT

Who needs a data bootcamp? Training will become a high priority among financial services companies as they consider their responsibilities under new data protection rules, says Christopher Jehan, MD of Midshore Consulting

The day-to-day role of the average data protection officer is about to undergo a Clark Kent transformation. Forget the superhuman sight, awesome strength and unaided flight, these individuals will be imbued with an enviable ability to interpret regulation, a Spock-like understanding of data technology, its strengths and cyber weaknesses, and a Thor-like capacity to anticipate and account for human frailty. But, much like superheroes, there aren’t many of them around. “In the past, the role of compliance officer and the role of data protection officer have often been the same person,” says Christopher Jehan, managing director of Guernsey-based Midshore Consulting, which specialises in training and consultancy for GDPR and other regulatory areas. Midshore is also one of the founding members of the Association of Data Protection Officers, launched in May 2017. Although launched to specifically respond to the professional challenges posed by the GDPR to businesses in the Channel Islands, it addresses a national concern. “To be a data protection officer, you

146

| www.fintech.finance

need to understand the regulation and the types of media that the information’s being stored on, what the safeguards are and what the information security is,” says Jehan. “A data protection officer needs to have the additional layer of skills, more geared towards technology, alongside the regulation. I think, like the role of compliance officer, the role of data protection officer is really going to come into its own going forward. From next year, I think the data protection officer will become a more highly-paid speciality.” Although let off lightly compared to GP surgeries, hospitals and others storing what’s deemed to be ‘sensitive information’ under the upcoming GDPR and therefore subject to stricter monitoring, financial services staff can’t rest on their laurels. “The data protection officer is going to need to deal with a lot of different parts of the business,” Jehan says. “A lot of it is going to be about staff training because most data protection breaches don’t occur due to IT issues. They are down to people either making errors, or stealing data from a firm they’re working for.”

A regulatory ‘gold standard’ As any superhero working with mere earthlings knows, it’s the human element and our capacity for error and deviation that is as much, if not more, of a risk than the technology on which we depend. Which is why Midshore Consulting is launching a GDPR training scheme, for which it intends to seek accreditation. It hopes it will go towards Guernsey’s gold star status in international finance. Guernsey, which is not a member of the EU but has relations via the UK and under Protocol 3, tends to base its legislation either on European Union or broader international standards. Complying with the GDPR will enhance Guernsey’s reputation as a financial centre even further, says Jehan. “It’ll become another standard that Guernsey is hitting, something that we can hold up internationally and say, ‘you should come to us because, among other things, we have a good standard of data protection. We will look after your data. As an island, we’re committed to that’.’” Part and parcel of that is making sure everyone within a financial services Summer 2017

Super powers: The role of the data protection officer will come into its own

organisation is trained in data security. Paying attention to competencies isn’t just a box-ticking process, says Jehan. It could add real value to the business. In fact, compliance could be made into a selling point, if trustworthiness, as evidenced by training and accreditation, is marketed to differentiate a company from its peers. It turns the concept of compliance as a cost on its head.

Practical understanding Midshore’s GDPR training package – one of a number now being developed across the sector – will award a certificate equivalent to a Level 3 qualification for successful candidates, and should therefore be recognised by regulators. The company says it will be offered online or in a classroom setting. “The sort of services we’re looking at will include the practical applications: what happens when you have a breach, the breach reporting process and deciding who you need to engage with within your business to try to ensure that your business is compliant,” Jehan says. “Compliance is the key. The breach is what happens when things go horribly Summer 2017

wrong and probably in just over a year’s time, when the regulations apply, everyone will be starting to talk about the first breach.” Meanwhile, companies that must appoint a data protection officer under GDPR include those carrying out ‘large-scale systematic monitoring of individuals’, including, for example, online behaviour tracking. For others, demonstrating that they have trained staff to a competent level will go a long

The role of data protection officer is going to come into its own. From next year, it will become a more highly paid speciality

way towards satisfying regulatory monitoring. Currently dealing with the consequences of the Alternative Investment Fund Managers Directive, the Markets in Financial Instruments Directive (MiFID II), GDPR and the Capital Markets Union package, to name but a few to have emerged since the financial crisis of 2008, Jehan says regulatory fatigue is at an all-time high. “Financial services companies, banks, asset managers and insurance companies are just used to a continually rolling set of new regulation coming out. Most financial services companies have to have regulatory programmes in place to track all the new regulation, assign different project managers to deal with different pieces of regulation and, of course, a lot of different project teams and working parties. “There comes a point when it’s got to stop. There comes a point when it’s got to slow down, because otherwise the industry will be less about doing business and more about just complying with regulation,” says Jehan. “A balance between the two has got to be struck.” www.fintech.finance |

147

INSIGHT

Just help me buy and sell! (so I can grow my business) Phil Cantor, Co-founder and Head of Digital Transaction Banking at iGTB, takes a flight of fancy to a perfect world of contextual banking. Scary thing is, this imaginary conversation is based on real ones He said to me: “I just want to buy and sell – safely – have the funds to buy and do the right thing with the money from selling. That’s all I ask of a bank. I can win the deal at the right price, I can provide the service in the right way, I can choose what to buy on the right terms. Just help me buy and sell. So I can grow my business.” I said to him: “Isn’t that what the bank does?” He said to me: “No! They keep going on about SEPA and NETS and BACS and HOFINET and CHAPS and CHIPS and FAST

148

| www.fintech.finance

and KEPSS and NPP and MPESA and FPS and NIBSS and…” His voice trailed off as he lost track of the acronyms. I said to him: “But those are just different ways of making payments. Some of them are quite good. Well, a few of them.” He said to me: “No! They want to know about sender to receiver information (which is 72 and 6*35x) and bank operations codes (which is 23B and 4!c) and third reimbursement institution (which is 55A or 55B or 54D) or…” His voice trailed off again as he lost track of the codes. I said to him: “Oh, that’s just SWIFT. Don’t worry, Ripple will soon put paid to that.”

He said to me: “No! They keep going on about bank guarantees and letters of credit and forfaiting and standby letters of credit and demand guarantees and clean letters of credit and credit insurance and commercial letters of credit and documentary credits and…” His voice trailed off as he lost track of the credits. I said to him: “Don’t the bank explain all this to you and make it simple?” He said to me: “I don’t listen. If it’s not a conversation about how I can fly wealthy people around and make money from them, well, frankly, my dear, I don’t give a damn. Didn’t used to, but since I grew the Summer 2017

Pure fantasy? Small businesses prosper in contextual banking land

business, and went from what they called SMB to Low Mid Cap it all changed, and now I do actually get to see someone from time to time. One of them is quite bright, actually. I guess that’s where all my higher fees go. Paying for them. But when I want to actually do stuff, she’s not there. Anyway, I’d rather just deal directly with the bank, through the computer. More likely to get it right. But when I log in, it’s like I could be any business at all. The bank itself seems to have no idea of what I need in running a niche airline. I have a small fleet of aircraft. Posh stuff, not cheap. At any time, I know exactly where they are. I know who is on them – both my guys and the host (we do a lot of work with agents) and the caterers if it’s a plane and, of course, the punters. I can track the plane right here, on my mobile – Summer 2017

there’s an app, anyone can do it. I get real-time flight information, I get real-time weather information, I get real-time airport information, I get real-time fuel price information (and by golly does that go up and down), I get real-time information on other flights nearby. I can even track my competitors’ flights and if they seem to be having a problem ring up the airport and see if I can help. In my business, speed is everything. Oh, and comfort. And luxury. And service. And having everything they might need. And calling them correctly, all Your Excellency and the like. And… ” His voice tailed off. As his voice tailed off again, the ground seemed to rise towards us, the sky changed to a more intense shade of blue and the sound of birds became distant… I drifted off until suddenly I came to in a world that seemed ever so slightly different. He was saying to me: “…really brilliant! I always know how much cash I have! I bank with a few banks, really, OK in a few countries and a few currencies, but with my main bank, the one I like, they’re brilliant – just telling me how much money I have, up to date at any time of the day or night, seems so easy. I had to help a sheikh refuel suddenly recently and pay the oil company cash on the nail – but there was no waiting around for a decision. It was great and the analytics are to die for. It’s like it already knows why I want to look at that data and gives me the options…” His voice tailed off in delight. “…so easy. Paying is so easy. When I log in I get all the options, rating them – which is fastest, which is cheapest, which I can undo, and so on and so forth. It doesn’t ask how I want to pay, or even who I want to pay. No silly initials. Just what I want to pay. If I’m paying an invoice, it knows who I am paying, it knows how much (unless I want to change it), it knows where to pay it to, it knows where I pay it from, knows how I usually pay but will suggest smart routing alternatives if circumstance warrant it. It even knows what reference to put in. It just seems to understand what I’m trying to do. Salaries, you see, that’s just payments as well. But it’s treated totally differently. Staff here and there, often in awkward countries and not easily contactable. But one click and it’s all handled, whatever currency, all properly accounted, with no-one knowing how much I really pay my wife…” His voice tailed off in rapture.

“…do you know, the bank now tells me what’s coming up – some sort of artificial intelligence I guess. I had a slew of invoices I had been meaning to deal with but when I logged in it told me I should probably pay two of them. It had worked out the best time to pay them – taking into account settlement discount, currency fluctuations, my cash position and what else was liquid, and, of course, taking into account the supply chain financing arrangements I had. It cost me less than I thought because I had a short-term boost of cash I could use to get into the next level of discount. And another thing, they were really proactive, and offered me a special deal on Sing dollars. I don’t usually do anything with Singapore, it’s a bit far for me, but I’m getting a few contacts there and things are looking up. Well the bank noticed – well, I say ‘the bank’, I don’t know how they did it. It was just on

I had a slew of invoices I had been meaning to deal with but when I logged in, the bank told me I should probably pay two of them – it even worked out the best time to pay them the screen when I logged in. Anyway, the bank noticed, and just gave me options. Just like with the payments. Did I want to buy some Sing dollars now, so I didn’t have to worry if the rate changed? Or open a Sing dollar account? Or, much simpler, just send me a message if the rate suddenly goes down (or up!). And then another thing…” His voice tailed off in ecstasy. The mood broke and I was awake again. I found myself back in the real world. Contextual banking land had gone. But I was left with an aching longing to return. If only there was a bank that could do all those things and more… www.fintech.finance |

149

WHAT SECTION????? LAST WORDS: BOOK REVIEW

When I want your advice … I’ll ask you for it But who or what will answer back? asks Will Dove as he explores the strange world of robo advisors in Paolo Sironi’s new comprehensive look at the future of automated wealth management

Paolo Sironi sets out to discover if wealth management robo advisors are just a sprinkling of Nutmeg or something much bigger… Flagrant headlines and clickbait journalism have become part and parcel of the fintech industry. There isn’t a day that goes by without some new blog post proclaiming blockchain technology will eliminate the need for world currency, or how MiFID II will upset the Earth’s orbit come January. Robo advisors have certainly experienced their fair share of hyperbole at the hands of these bedroom bards, which is why it’s refreshing to find a book that cuts through the cliches to explore where they’ve come from and how they’re evolving. In Fintech Innovation: From Robo-Advisors to Goal Based Investing and Gamification author Paolo Sironi sets out to discover if automated investment solutions are just a sprinkling of Nutmeg, or something much, much bigger. And if anyone is qualified to ask the question, he is. As far as fintech writers go, there are few with credentials as impressive as Sironi’s. Prior to joining IBM’s wealth management and investment analytics team, the author founded his own fintech start-up to supply wealth managers with goal-based investment (GBI) portfolios.

150

| www.fintech.finance

Sironi drew directly from his own experience as an entrepreneur within the asset management industry to write his first book in 2015. Modern Portfolio Management examined the effectiveness of simulating real securities to reduce the risk for investors and wealth managers alike. As well as contributing to the innovative crowd-sourced project The Fintech Book, late 2016 saw Sironi publish Fintech Innovation in response to what he perceived to be the most disruptive influence his field has witnessed in decades: the robo advisor. In his latest book, Sironi helpfully begins by providing some definitions of terms on the cover. While I’m not sure that Sironi fleshes out his thoughts on gamification enough to justify its presence in his subtitle (the entire subject feels like a bit of an afterthought, which was crammed into the final chapter), he undoubtedly succeeds in validating his opinions on GBI through intricate reference to all aspects of the wealth management sector. The ramifications of robo advisors in terms of user personalisation, portfolio modelling, and traditional platforms are all carefully examined, allowing Sironi to paint a highly credible picture of just how

revolutionary this budding technology could prove to be. Fintech Innovation may not be the most concise of reads, but at least Sironi inserts the odd, welcome synopses that condenses the point he’s trying to make. Were it not for these, laymen such as myself would have a tough time drawing any concrete conclusions from Fintech Innovation, but instead they neatly help to summarise the concepts that frame each chapter. So, if you’re tired of scrolling through melodramatic blog posts in search of an informed study on the future of the wealth management industry, then look no further. Paolo Sironi’s Fintech Innovation is the most comprehensive evaluation of the future of the robo advisor that I’ve yet to come across, and Sironi’s ideas look set to hold water over the next few crucial years in the evolution of the automated investment solution. Whether you’re planning on remaining loyal to your current wealth manager, or tempted to betray your human compatriots in favour of software, this is one book that you’d be a fool to miss. Oh, and just for the record: no, he doesn’t believe humanity is going to be enslaved by them any time soon. Fintech Innovation: From Robo-Advisors to Goal Based Investing and Gamification By Paolo Sironi is published by Wiley and is available as a hardback (£30) or e-book (£22.99). Go to eu.wiley.com. Great for: Robo-philes keener on stacks than ‘I’ll be backs’ Best read: In a cosy corner of one of IBM’s supercomputer facilities Good read rating: ★★★★★

Summer 2017

Today, 10:15 AM

We just lost our top client. What happened?!? Incomplete routing data + Red flags in compliance screening = Too many delayed payments So much for all that work to build a faster payments solution. Oh, no. #fintechfail is trending on social media.

At least everyone knows our name? ...for all the wrong reasons.

When your innovation depends on financial intelligence that never rests, rely on our dynamic payments data and comprehensive risk and compliance solutions.

// Stake your reputation on ours. Visit accuity.com