Fraud and Financial Crime Management
Gain unparalleled protection from internal fraud and external financial crime. Meet compliance and regulations without complexity.
Hosted by SWIFT, SIBOS is one of the most important conferences of the year for the banking industry.
As the ‘go to place’ for all the up and coming industry trends, it’s an unmissable event. So what happens if you did miss it? This episode on the Payments Podcast features Bottomline Technologies Marcus Hughes summarising the most important announcements, some of the most talked-about topics, and he explains his four key takeaways from the event which will set you up for the year.
Rich Williams: SIBOS is the leading annual conference for the financial industry, thousands of delegates working in banks and financial institutions flock to the chosen country that the conference moves to every year, for days of exhibitions, seminars and networking.
It sets the pace and topics for the year ahead keeping everyone informed of what’s on the horizon. I’m Rich Williams the host of The Payments Podcast, and today I’m joined by Marcus Hughes, head of strategic business development at Bottomline Technologies. Hello Marcus.
Marcus Hughes: Hello Rich
Rich Williams: So you’re just back from a trip to Australia and Singapore, and Today we’re going to talk about highlights and takeaways from the Sibos conference in Sydney. For anyone not familiar with Sibos, how would you describe this event, please Marcus?
Marcus Hughes: Well For me, Sibos is simply the most important conference of the year for the transaction banking industry. The event is hosted by SWIFT, which is the largest global financial messaging network and the secure messages that they exchange on this really mission-critical network cover payments, foreign exchange, securities and trade finance. And these messages represent a massive $6trillion of value per day, so it’s a really important network. This year’s Sibos, which was in Sydney, attracted 7,000 professionals from coming from banks, fintech firms and consultancies from around the world. It’s a really fabulous event for networking, and it’s the “go to place” for the latest expert views on where the industry is heading.
Rich Williams: The theme for this year’s Sibos was ‘Enabling the digital economy’. How did you feel this led to conversations that you were having?
Marcus Hughes: The top focus during Sibos was really the need for banks to accelerate their digital transformation. This theme was evident in pretty much every panel debate and presentation that we attended, as well as the many meetings that we had with our customers, partners and prospects at the event. Technology is a crucial part of banking more and more so, and to the extent that it was suggested by some commentators that only those banks which use technology successfully are going to survive.
So at Sibos, the big debate was about how banks can compete in these new circumstances and how can they embrace digital transformation. For most banks, a basic rip-and-replace strategy is not really a viable option, given those huge cost implications.
Rich Williams: And where do you see this leading the future for banks and Financial institutions?
Marcus Hughes: So I think banks need to respond proactively to the faster moving environment in which they now operate in. It is not enough to simply take defensive measures or just do the minimum to comply with new rules. Instead, banks need to work with fintech partners to develop more flexible, customer-centric solutions and In doing this, they should explore cost-effective new operating models, like using third-party software as a service offering.
Rich Williams: But do these fintech providers represent a threat to the banks?
Marcus Hughes: Yes, but I’d say only in a limited way and the isolated cases of those few unicorns which are doing one thing really well quite typically. But they are the exception to the rule regarding those many other thousands of start-ups. For the rest, the best way forward is to partner with banks. Many banks are already partnering with fintech firms or at least assessing this strategy. When some of those regulatory changes were first discussed, there was a kind of “fake fear” that a new breed of start-up fintech firms would move so fast and be so innovative that they would “eat the lunch” of incumbent banks. I think much of that initial scare-mongering, or hype even, is now over. To a large extent, many of those concerns about fintech eating the bankers’ lunch have now evolved into a more mature phase where fintech and bankers are more likely to be having lunch together and partnering with each other. A number of fintech firms already have strong relationships with banks to whom they provide valuable solutions, often on a white-labelled basis. At Bottomline for example, we’ve been doing this for years, and these well-established partnerships are now more important than ever for both parties.
Let’s not forget that banks have many advantages over the new start-ups fintech firms: one obvious reason is that banks have got large customer bases and strong revenue streams. Likewise, banks are generally trusted by their customers, whereas many of the relatively unknown fintech firms still have got to really earn that trust. Banks have also got the advantage of deep pockets, deep enough to potentially acquire the best of those fintechs. Not surprisingly, many start-up entrepreneurs and even their private equity firms backing them, they dream of selling their fintech firms to big banks, and preferably at super high valuations, of course.
Rich Williams: So where should banks allocate their budget, in these competitive times?
Marcus Hughes: Banking is a highly regulated industry, and banks have to focus on mandatory compliance: So complying with those regulations. In fact, this absorbs the lion’s share of a bank’s budget, leaving only limited budget funds available for discretionary spend. This risks having a negative impact on encouraging innovation of course. Project overload within banks is another practical barrier to innovation, as banks wrestle with so many conflicting demands on their time and budgets. So many bank projects are mandatory, and with more to come, no doubt this makes it quite challenging for the banks. It is therefore important for banks to find cost-effective ways to ensure their offering is competitive and up-to-date, as well as compliant of course. These are all really compelling reasons why banks need to consider partnering with trusted partners and with industry expertise and cost-effective solutions which help banks to get that digital transformation done more efficiently.
Rich Williams: So moving back to SIBOS specifically What were some of the main challenges highlighted by attendees at the event?
Marcus Hughes: Nowadays, cyber fraud and financial crime just cannot be ignored, especially with the growing number of banks and other organisations which are falling victim to cyber-attacks. So It is clear that cyber fraudsters are increasingly sophisticated. These criminals are willing to invest significant time and money in planning highly focused cyber-attacks. This means it’s essential that banks and large corporates “up their game” so that they can ensure they’ve got multiple layers of defence to help them keep ahead of the fraudsters.
Rich Williams: So how do fraudsters operate when attacking banks or a big business?
Marcus Hughes: Well Cyber fraudsters begin by targeting personnel inside banks and large corporates, to obtain access to payment systems. Once inside the firewalls, these fraudsters deploy reconnaissance malware and, for many months they’re observing before they strike, to see what's going on in the network with a view to establishing what is typical behaviour and what are the normal processes. Databases can then be tampered with to get rounds security controls and to hide evidence of fraudulent payments, so for example by deleting inbound SWIFT messages confirming transactions.
Banks and corporates using SWIFT really have to be alert to the high risk of cyber-attacks. One valuable technique is to deploy transaction and user behaviour monitoring; this helps to detect unusual activity. And This strategy should form a central part of a bank’s cyber defence. A fraud prevention system should really also include the ability to flag suspicious transactions and then to be able to stop fraudulent payments in real time. Machine learning can help this process of monitoring and looking out for anomalous transactions and abnormal employee behaviour.
One of the worrying aspect about increasing adoption of real-time payments is that Faster Payments can, in fact, become “faster problems”. By that I mean, with Faster Payments, there is a real-time risk of fraud. Hence, control systems need to operate in real time also, or else fraudulent payments can have already been made before the alert is raised.
Rich Williams: Here in the UK there is a lot of excitement about Open Banking. Did the delegates at Sibos share this enthusiasm?
Marcus Hughes: Yes, definitely, Open Banking was a big topic at Sibos. An important challenge faced by banks is the risk that the many APIs being developed could become highly fragmented. This is because there is a lack of common standards across the many markets around the world which are now adopting Open Banking. Banks recognise the importance of Open Banking going forward but are wrestling with the best approach to develop APIs.
Let’s remember that it is due to the European Commission’s PSD2 ruling that APIs as a communication tool have been promoted to make payments across Europe more competitive and innovative. But actually, it’s the Commission that has been less than helpful by declining to impose a common standard. Fortunately for us, this is different to the UK, where at least the Competition & Markets Authority insisted that a common API standard should be developed for banks adopting Open Banking in this country. So ironically, the EU’s decision not to impose a common API standard runs the risk of creating unnecessary complexity to the opening up of bank data, because different banks and countries across the European Union may well adopt different API standards. This in turns puts at risk PSD2’s timeline and could really seriously impact the success or failure of this really ambitious undertaking.
Rich Williams: So What do you think can be done to reduce the risk of fragmented APIs and to make interoperability easier?
Marcus Hughes: Well, at Sibos, there was an important announcement from SWIFT who said they are planning to coordinate the development of API standards globally, so that’s not just for Europe but a much wider scope that they’ll take on. And then as a second phase, SWIFT propose to deliver an API platform for their bank customers. In other words, they are looking at becoming an API aggregator.
At Bottomline, we certainly welcome this initiative by SWIFT to bring about API standardisation. They are well positioned to coordinate the development of open API standards. And they actually definitely have strong credentials for this kind of work: they are already the Registration Authority for ISO 20022, and they maintain the content and integrity of that messaging format. So there is a logical extension for SWIFT into APIs. But for me, to be frank, this work is not without challenges: just bringing all the interested parties to the table and working through conflicting points of view is going to be tough so I hope SWIFT know what they’ve got ahead of them.
Rich Williams: so What would you say were your four key takeaways from the event?
Marcus Hughes: The biggest takeaway was that Open banking is becoming a global phenomenon, and more and more banks plan to use this new way of doing business. The countries adopting Open Banking typically fall into 3 categories. At one extreme, we’ve got countries like the UK, like Australia, Hong Kong and regions like the European Union, where the use of APIs is becoming mandatory, and a specific timetable has been laid down by the regulators. At the other end of the extreme or spectrum, we have countries like China, India and the United States, where adoption is market driven, and banks and payment service providers are using APIs to differentiate their product offerings. And, in between these 2 categories, we’ve got Singapore for example which is encouraging the adoption of Open Banking APIs by “organic transition”, as the Monetary Authority of Singapore calls it, and this is providing clear encouragement, without actually imposing new regulations.
Rich Williams: In this international adoption of Open Banking, is the main focus better services for consumer banking or do businesses get a look-in as well?
Marcus Hughes: In the early days of Open Banking discussions, the main focus was definitely new apps for consumers, such as personal financial management and product comparison apps. But Sibos shows that increasingly banks are realising that small business and corporate sectors really do represent a rich opportunity to offer exciting new value propositions. These are typically related to multi-bank payments and cash management, but also include cash flow forecasting, bank fee analysis, lowest cost routing for payments, spend analysis, reconciliation and even trade finance.
Rich Williams: Noting the success of Faster Payments in the UK, was there any evidence at Sibos of increasing the adoption of real-time payments in other countries?
Marcus Hughes: Yes, real-time payments was definitely a hot topic. They are being adopted around the world, with more than 20 initiatives to launch new real-time payment systems. Two of the largest and most ambitious real-time payment systems were launched at the end of last year: First, there's the SEPA Instant Credit Transfer Scheme, which covers the European Union, and second, we’ve got the Clearing House’s Real Time Payments initiative in the US. What’s striking about both these projects is that they propose to work with Certified Technical Service Providers. This is going to be an efficient way of connecting the large financial community cost-effectively, and also it’ll be a mechanism to encourage wide adoption of these new payment instruments by banks and other Payment Service Providers of all sizes.
This is actually great news for Bottomline since this approach that's now being adopted in the EU, and the US is similar to the UK’s New Access Model, this was developed a couple of years ago in the UK to provide easy and cost-effective access to the Faster Payments Service. We at Bottomline were one of the first fintech firms to become accredited as an Aggregator Service Provider. And That’s how we have enabled banks and non-bank financial institutions to get Direct Technical Access to the Faster Payments’ central infrastructure for making faster payments cost-effectively. This positions us well to help other countries to adopt real-time payments, drawing on expertise that we’ve gained in the UK.
Rich Williams: And Were there any announcements regarding the complex world of cross-border payments?
Marcus Hughes: Another important takeaway from Sibos was the growing success of SWIFT’s global payment innovation initiative, which is now usually known by its acronym, GPI. So At Bottomline, we‘ve worked on GPI for some of our largest bank customers, and we’ve helped them ensure their corporate customers achieve more efficient and transparent cross-border payments. This means corporates get clear information on bank charges and Foreign exchange rates before issuing their payment instructions. And they can even track their payments through payment networks, a bit like using tracking on a DHL parcel, and they now even get confirmation that the beneficiary has received its payment in full, so that’s a very positive development.
Rich Williams: What were the drivers for SWIFT to develop this GPI solution Marcus?
Marcus Hughes: So Ironically, GPI was originally developed and launched as a defensive measure by SWIFT, it was to fight off the threat of blockchain payment initiatives such as Ripple. But it has already gone much further than that in a short space of time. Apparently, there are about 100 banks live on GPI, and there are another 180 other banks committed to implement the scheme in the coming months and next year. This represents about 80% of all cross-border payments going over the SWIFT network. Historically, cross-border payments have a reputation for being complex, slow, expensive and in some cases, payments get lost of course. At SIBOS, SWIFT were about to announce that over $100bn of payments a day are already being sent through GPI and that 40% of these transactions are being credited to the beneficiaries account within 5 minutes which is pretty impressive, and 95% of GPI payments are credited to the beneficiary on the same day they are initiated. That is a really big improvement compared to traditional settlement times of 2, 3 or even 4 days for cross-border payments.
An exciting next step for GPI is that the scheme is being expanded to allow large corporates with multiple bank relationships to actually track all their cross-border payments through a single multi-bank platform provided by their fintech provider. This will help Bottomline’s large corporate customers to streamline their global payments and cash management. With multi-bank GPI, they will soon be able manage all their GPI payments in one place, instead of tracking them through the individual e-banking platforms of their numerous cash management banks.
Rich Williams: You mentioned earlier the threat of blockchain And looking ahead at the future of payments, what news on blockchain?
Marcus Hughes: I think that at last, it’s fair to say that Distributed Ledger Technology has gone mainstream. So Distributed Ledger Technology is the term which many banks are using instead of blockchain, to avoid confusion with cryptocurrencies which are also closely associated with blockchain. The principal areas seeing adoption of Distributed Ledger Technology are cross-border payments, trade finance, capital markets processing, and also across those transaction banking areas KYC and digital identity which are very important.
I do think Regulators are right to be concerned about cryptocurrencies because their exchange rates are volatile and counterparties are hard to identify. This means cryptocurrencies can be used to hide financial crime and to finance terrorism. What’s more, the unregulated cryptocurrency exchanges don’t offer proper protection for consumers who invest in cryptocurrencies, when they’re maybe looking for a quick profit. Not surprisingly, banks are therefore very cautious about using cryptocurrencies as a way of streamlining cross-border payments. In fact, one senior banker at Sibos described cryptocurrencies as a “mere distraction”.
Rich Williams: So looking beyond cryptocurrencies, so why are banks excited about Distributed Ledger Technology?
Marcus Hughes: Many banks have now recognise that Distributed Ledger technology can help streamline cross-border payments which but when using conventional currencies such as US dollars and GB Pounds. These central bank currencies are technically known as Fiat currencies. So An exciting example of the use of Distributed Ledger Technology in cross-border payments and using with Fiat currencies is the new Visa B2B Connect solution. This initiative is being prepared for commercial launch in the first quarter of 2019. At Sibos, Visa announced a partnership with IBM, for its robust Distributed Ledger Technology platform known as Hyperledger Fabric; and Visa also announced a partnership with Bottomline, for our ability to make it easy for banks to access Visa B2B Connect, through our cloud-based payments platform. Looking at Visa B2B connect I’d say it’s the Tokenisation, Digital Identity and Compliance features of this new payment platform which are key differentiators. This means Visa B2B Connect can protect businesses from cyber fraud and financial crime, and it can also ensure compliance with anti-money laundering regulations.
There are Other use cases for Distributed Ledger Technology, and these would include trade and supply chain finance, and capital markets, for post-trade settlement. These activities involve really a lot of manually intensive processes and are still reliant on paper documents. A number of exciting DLT initiatives in trade finance and capital markets are already live commercially and are gaining traction because they help to reduce cost, improve visibility, and they make these complex transactions quicker and easier to process.
Rich Williams: That’s been hugely informative so far Marcus thank you, I think it’s clear to see that there’s going to be a lot of change happening and a lot of innovation in this space which I think that should lead us onto a couple of closing questions so What do banks and financial organisations now need to focus on going forward?
Marcus Hughes: The first thing I’d say here is that there has never been a period of such unprecedented change in the payments world, with so many innovations and new regulations. For this reason, it is more important than ever that banks work with trusted advisers who can help them to develop a digital strategy, and to move forward faster and more cost-effectively on their journey towards digitisation. Cloud-based payment solutions have an important role to play here.
“Open, instant and cyber” are 3 key buzz words to bear in mind: Open Banking APIs, real-time payments and cybersecurity are all areas where banks need to focus and where they can upgrade their own operations and differentiate their customer propositions. Banks should make sure they have easy and secure access to the growing range of real-time payment systems around the world, as well as getting positioned to be proactive in Open Banking.
Adoption of cloud-based solutions is helping banks to manage their costs and to insulate themselves from the complexity of many changes in the market, and also to future-proof themselves. In the exciting area of Open Banking, it’s important that banks capitalise on the opportunity to develop Account Information Services and Payment Initiation Services, rather than just doing the minimum to comply with these new regulations. But banks don’t have to undertake these projects on their own. There are fintech firms out there with the expertise and technology to help.
Rich Williams: And finally how do you see the UK fitting into this big picture of global payments?
Marcus Hughes: One thing that Sibos really reinforced was that the UK is at the forefront of many of the key technology developments which were discussed by this very international audience in Sydney. In January 2018 Open Banking, using APIs was introduced in the UK, making this country a pioneer in this initiative which is gaining traction around the world. Bottomline’s subsidiary First Capital Cashflow is accredited by the UK Financial Conduct Authority as a Payment Initiation Service Provider and an Account Information Service Provider. Against this exciting background, we will certainly be using our unique early experience of Open Banking, combined with our risk and compliance solutions and cloud-based access to UK Faster Payments, so that we can deliver exciting solutions to our customers across the world.
Rich Williams: Thanks for your time today Marcus
Marcus Hughes: My pleasure
Evangelists of Blockchain are predicting that it will be the most disruptive invention since the internet. But even with Blockchain being among the top buzzwords over the last couple of years, there remain many misconceptions about this much-debated topic.
For the 4th year running, Strategic Treasurer and Bottomline Technologies have partnered to develop a comprehensive market research initiative covering the realm of treasury fraud and controls. This year, our research has uncovered vital insights related to the fraud environment.
Our solution experts are here to help.+44 118 925 8250
Chat with one of our solution experts. We'll recommend the right product to fit your needs.
Tell us a bit about you and your business and we’ll get back to you with all the information you need.