Over the past 18 months, what could be framed as the ‘digital resilience imperative’ has been repeatedly emphasised for the business community from a competitive point of view. As the global economy returns to a more regular cadence of activity, complacency around digital resilience represents a legitimate existential threat to enterprises across a range of industry verticals, not least within the realm of financial services. Given the high stakes, financial institutions need to be more explorative with tech innovations to ensure they are well equipped to confront both today’s challenges and tomorrow’s opportunities with pep.
Maintaining a clean bill of health on the digital resilience front should be considered a prerequisite for success and the sole business enabler in today’s hyper-competitive landscape. Gauging digital resilience levels on a routine basis will keep the wheels of innovation in motion, regulatory compliance in check, and operations in sync for banks. At a micro level, digital resilience encapsulates an ability to avoid customer service interruptions, recover quickly from spontaneous server outages, fully appreciate potential vulnerabilities while adopting a proactive risk mitigation strategy. By digitally rewiring legacy architecture, a heightened sense of trust and reliability can be imbued across a bank’s service portfolio for the end customer – the lifeblood of any operation.
With a view to helping financial institutions underscore their digital resilience strategies in line with today’s highly mobilised online economy, we’ve identified five historical contributing factors to failed banking digital operations.
1. Outpaced by evolving consumer trends
When internal innovation falls short of external consumer trends, we have a problem. In some cases, traditional banks have not been able to adapt quickly enough to consumers’ evolving tastes, particularly regarding the accessibility, speed and convenience of mobile banking. It might sound counterintuitive, but traditionally, banking has never been a consumer-focused business. The modus operandi has generally been around what the banks wanted you to do: take out a mortgage, open a current account, a deposit account, a loan. But what happens when the digital resilience of the status quo is challenged? Well, a recent report by the OECD found that FinTech lenders process mortgage applications 20% faster than other lenders, and refinances of mortgages are 7% to 10% more likely to originate from FinTech firms compared with traditional banks — giving expression to the significant inroads that have been made by FinTechs in short order.
Confronted by this new reality, banks have had to adopt a more consumer-friendly orientation, and have been forced to think like a consumer services company, having historically been very product-based. The groundswell of momentum behind the FinTech surge has been powered by an unwavering commitment to serving the end-user, the customer. This is where the agile neobanks have stolen a march, challenging traditional bank pricing, complexity, and offering consumers greater transparency through a seamless digital banking experience.
2. Antiquated banking infrastructure ripe for attack
The way traditional banks’ technology is built can make the swift deployment of dynamic tech innovations a cumbersome and expensive process. The prospect of overhauling legacy systems and possibly disrupting service delivery is a non-runner, and changing to an API based infrastructure presents a number of thorny challenges. Too big to fail, or too big to innovate quickly? Research suggests that 60% of organizations acknowledge the difficulty associated with integrating new technologies because of existing IT infrastructure — a statistic that undoubtedly resonates with banking leaders acutely aware of the digital resilience imperative.
The burden of an inflexible software architecture can really impair a bank’s digital resilience, leaving the door open to cyberattack-induced outages and DDoS (Distributed denial of service) attacks. In fact, a study by Boston Consulting Group indicated that cyberattacks hit financial services firms 300 times more than other companies. This higher attack susceptibility can be catastrophic from a reputational perspective, and can badly undercut an institution’s bottom line. IBM’s Cost of a Data Breach 2020 report honed in on this inconvenient truth, noting how the average cost of a data breach in the financial services sector was US$5.85 million, compared to US$3.86 million across other sectors.
3. Legacy banking mindset and internal silos
Often when institutions fail, one of the most readily-deployed excuses is the external market conditions outside of their control. In certain instances this is absolutely true, and exogenous shocks such as the COVID-19 pandemic fundamentally changed the fabric of business strategy — forcing businesses to endure intermittent periods of closure, scale back operations or shut down completely. However, future shocks aside, a lack of synergy between the technology department and the information security department will always be a hindrance to digital resilience for financial institutions. In terms of the signals, trend indicators, and proof points that reveal if the institution is equipped to thrive long-term — poor cross-department engagement is an immediate red flag. If the institution is executing an agile growth strategy with key departments working in harmony, it can see beyond the horizon, pivot when required, and run smoothly on all cylinders.
Encouragingly, there are signs that the legacy mindset of old is making way for a bolder, decisive frame of mind at boardroom level, as evidenced by Expleo’s Spotlight on Financial Services report. Our survey found that 64% of respondents feel their company is now more likely to approve new IT strategies and innovations as a result of the pandemic. With renewed focus on digital resilience, big-picture thinking for banks means heightened investment in digital infrastructure and services geared towards future-proofing service offerings.
4. Under-prepared for regulatory shifts
One of the most turbulent and disruptive periods in living memory was precipitated by the global financial crisis of 2008, and since that point, banks around the world have had to deal with heightened regulatory scrutiny. The events of 2008 sent tremors through the global financial ecosystem, and today, banks are operating within the confines of a much stricter regulatory environment, required to meet certain standards to retain their banking licences.
In today’s regulatory minefield, not adopting a robust compliance culture can be a death sentence to any financial institution, particularly the SME banks with narrow bandwidth and limited resources. With a deeper pool of resources to draw from, established market leaders will be in a stronger position to confront the myriad of regulatory challenges, but SME banks that kick the compliance can down the road, or choose not to enlist the services of prospective partner consultancies, will be at a marked disadvantage. Weighing up the cost of regulatory compliance versus incurring a potential fine no longer has to be a zero-sum game, and SMEs can now navigate the regulatory journey with a greater sense of confidence and conviction — by leveraging partners with the depth of scale, demonstrable expertise and the industry-leading intellectual property tailored for compliance and digital resilience.
Today, one of the most pronounced challenges confronting financial institutions concerns the sizable investment required in capital and resources to adapt legacy systems and uphold full compliance with open banking regulation. In the UK, we’ve seen the likes of HSBC and Barclays underline the high costs associated with data sharing brought on by open banking reforms. With regards to these reforms, it’s fair to say that a lack of clarity in terms of who has to do what is hindering banks’ ability to chart a clear path forward. With so many stakeholders, it can be difficult to delegate responsibility and ensure compliance is water-tight. Having an industry-leading consultancy partner will help make this strategic transition as seamless as possible.
5. Working with the wrong third-party platform providers
On that note, today more than ever, banking leaders need to be on the lookout for partner organisations with the technical acumen, stellar track record helping players in their market, and repertoire of tools to enable fast-tracked, regulatory-compliant digital transformation.
Large swathes of banks and financial institutions leverage the services of third-party vendors in order to enhance their overall service offering, but how rigorously do they vet the partners? If these third-party vendors are lax on cybersecurity, or have any vulnerabilities unbeknownst to the client, the institutions will be the ones left reeling. Properly gauging the security and rigour of these vendors is essential when it comes to executing a firm digital resilience strategy.
As financial institutions across the board count the cost of sluggish digital transformation and regulatory mal-practice, the aperture of innovation must be broadened, with unvarnished assessments of past mistakes informing future decision-making. Institutions that absorb the key learnings outlined above will be in a strong position to thrive in an increasingly competitive landscape, and be more attuned to pivots in consumer demands.
In today’s increasingly competitive landscape, it is essential that institutions chart this new path forward in a manner that mitigates risk on a rolling basis, considers evolving consumer attitudes and ensures rigorous regulatory compliance. Moreover, adopting a disciplined, data-led decision making process will enable nimble growth strategies to be executed. To that end, Expleo’s upcoming research report honing in on the Digital Resilience imperative will provide a comprehensive overview of current trends, challenges and opportunities, with expert insights and analysis.
Find out more
Our upcoming report ‘Digital Operational Resilience: The New Heart of Operational Risk’ explores the preparedness of the sector for the upcoming European DORA legislation and bridges the gaps to best practice with case studies from leading global financial institutions.
By Angus Panton, Head of Banking and Financial Services, UK at Expleo, a trusted partner for end-to-end, integrated engineering, quality services and management.