Page 1

Issue 11





11 9



EM E A | A sia | A mer ic as

UK £50.00 USA $62.00 EUR €55.5 CAN $82.00 AED 227.50

Award-winning, year after year


2017 2018

Desjardins Private Wealth Management named Best Private Wealth Management Company in Canada in 2018 Winning this award for a third year straight is a nod to the top-quality service our professionals provide.

Desjardins Wealth Management Private Wealth Management is a trade name used by Desjardins Investment Management Inc. and Desjardins Trust Inc. Discretionary portfolio management services are provided by Desjardins Investment Management Inc., registered as a portfolio manager and as an investment fund manager. Trust services are provided by Desjardins Trust Inc., federal trust and financial planning firm.

CEO and Publisher Varun Sash Editor Wanda Rich email:



Editorial Coordinator Sachin MR Web Development and Maintenance Anand Giri Head of Distribution & Production Robert Matthew Head of Operations Sreejith Nair Project Managers Megan Sash, Amanda Walker   Video Production and Journalist Phil Fothergill

I am pleased to present Issue 11 of Global Banking & Finance Review. For those of you that are reading us for the first time, welcome.

Graphic Designer Jessica Weisman-Pitts Business Consultants Anshuma Gupta, Monika Umakanth, Stefy Abraham, Sara Mathew, Rhea Paul, Steve Edwin, Anna Research Analysts Maahi B, Sanjay, Sanjana, Vidhya Accounts Joy Cantlon, Quynh Quan Advertising Phone: +44 (0) 208 144 3511 GBAF Publications Ltd Kemp House, Unit 2, 7 Tarves Way, London, SE10 9JP. United Kingdom Fax: +44 (0) 871 2664 964 Email: Global Banking & Finance Review is the trading name of GBAF Publications LTD Company Registration Number: 7403411 VAT Number: GB 112 5966 21 ISSN 2396-717X. Printed in the UK by The Magazine Printing Company The information contained in this publication has been obtained from sources the publishers believe to be correct. The publisher wishes to stress that the information contained herein may be subject to varying international, federal, state and/or local laws or regulations. The purchaser or reader of this publication assumes all responsibility for the use of these materials and information. However, the publisher assumes no responsibility for errors, omissions, or contrary interpretations of the subject matter contained herein no legal liability can be accepted for any errors. No part of this publication may be reproduced without the prior consent of the publisher

In our cover story this issue Hassan Abdalla, CEO of Arab African International Bank discusses why it is time to rethink the financial industry. In this edition you will also find engaging interviews with leaders from the financial community and insightful commentary from industry experts. Mr. Pornchai Padmindra, Senior Executive Vice President, Wholesale Banking Head and Mr. Wut Thanittiraporn, Executive Vice President, Corporate Banking Head at CIMB Thai Bank Public Company Limited discuss the banks journey and future. Lebanon and Gulf Bank teamed up with International DFIs to boost SMEs. LGB Bank’s CEO Mr. Samer Itani provides us with his take on the banks strong move. We strive to capture the breaking news about the world's economy, financial events, and banking game changers from prominent leaders in the industry and public viewpoints with an intention to serve a holistic outlook. We have gone that extra mile to ensure we give you the best from the world of finance. Send us your thoughts on how we can continue to improve and what you’d like to see in the future. Happy reading!

Image credits:, ismagilov(pg18),, @istock. com/Yagi-Studio(pg24-25), Viktor_Gladkov (p27), MangoStar_Studio(pg28), @ bluejayphoto(pg40-41 ), PeopleImages(pg42-43),,, sharrocks(pg48-49),, @istock. com/estherpoon(pg56-58), Zenobillis(pg60-61),, Abdoaodalla(pg66-67),, monkeybusinessimages(pg80), @istock. com/shironosov(pg80-81),, @, Szepy(pg90), SvetaZi(pg92-94), ultramarine5(pg96-97), opolja(pg97),@istock. com/ fizkes(pg99), Ridofranz(pg102-103), joegolby(pg106-107), mrdoomits(pg107), NicoElNino(pg108-109), ANNECORDON(pg110), chombosan(pg110-111), tzahiV(pg112), oatawa(pg114-115), bowie15(pg117),, @, Szepy(pg121),, @istock. com/ monkeybusinessimages(pg124-125), AndreyPopov(pg126), AdrianHancu(pg129), BanarTABS(pg132-133), AndreyPopov(pg134-135), Chesky_W(pg137) , alexey_boldin (pg138),

Wanda Rich Editor


Stay caught up on the latest news and trends taking place. Read us online at and subscribe to the print magazine for direct delivery.

Issue 11 | 5


12 96


No business is an island: How strategic partnerships can help businesses ensure longevity in an uncertain business world

Why banks must transform origination processes to stay competitive in commercial lending

84 40

How private banks can rethink their brands to Digital in Chile of investors appealBanking to a new generation

inside... BANKING


Could Blockchain Stop PNB like Frauds? spiralling out of control?







Mr. Pornchai Padmindra, Senior Executive Vice President, Wholesale Banking Head and Mr. Wut Thanittiraporn, Executive Vice President, Corporate Banking Head at CIMB Thai Bank Public Company Limited


How private banks can rethink their brands to appeal to a new generation of investors


John Clark, Planning Director at brand design agency Coley Porter Bell

Why banks must transform origination processes to stay competitive in commercial lending

Gagan Sethi, Senior Partner and Harish Naidu,Director, Banking Consulting Practice at Genpact

6 | Issue 11

Customer data ownership in retail banking is changing


Keeping customers at the heart of PSD2 compliance


Andrew Hewitt, director payment & data solutions, FIS

Ms. Mohua Sengupta, EVP & Global Head of Services, 3i Infotech Ltd

Leading with Distinction

BUSINESS Dan Zakai, co-founder and CEO at Mindspace

Emilie Casteran, Head of Digital Strategy, Banking and Payments, Gemalto

Getting closer to SMEs: a six-step relationship builder for banks



Emilie Casteran, Head of Digital Strategy, Banking and Payment, Gemalto

No business is an island: How strategic partnerships can help businesses ensure longevity in an uncertain business world

Steve Lemon, VP of Business Development and Co-Founder at Currencycloud

Artificial intelligence will enable banks to increase customer loyalty Technology in Banking: The developing role of biometrics

Shifting from time-consuming Excel sheets to concise credit management

Martin de Heus, VP Direct Sales at Onguard

Georgiana Brown, Research Director, Financial Services at Ipsos MORI

Matt West, CMO at Feefo

Why Big Businesses are Moving their AI Teams to Coworking


Court Limits 2015 Text Marketing Rules, Gives New FCC an Opportunity to Provide Clarity Alan L. Friel, Partner, BakerHostetler Melinda L. McLellan, Partner, BakerHostetler





Solutions and Best Practices for Effective Financial Remediation Programs


GDPR: What you need to Know


Lorri E. Staal, Assistant Vice President of Operations, GCG


Karen Holden, Founder, A City Law Firm

SPAC TO THE FUTURE The Recent Resurgence of UK SPACS and Latest Trends Paul Amiss, Partner, Winston & Strawn LLP


International Horizons: Mid-market drive to increase growth Tom Pickthorn, M&A Partner and Head of International at Mills & Reeve


Registering a property in Israel has now been simplified following several regulatory changes

Tier 2 Visas

Kathryn Bradbury, Partner and Head of Immigration, Payne Hicks Beach Solicitors

No Translation Necessary: Devising a Common Language for Cyber Risk Reporting

Painting a complete picture with unstructured data



Ben Rowland, Co-Founder, Arch Apprentices



CCAR – What’s changing in 2018?


How tighter compliance can boost the reputation and value of ICOs


Insuring against a future financial crisis – staying compliant and off the front pages Grant Caley, NetApp Chief Technologist, UK & Ireland

Ajay Katara

Michael LaScola, Business Solution Specialist at Accuity

Unexplained wealth orders, what you can do if one lands on you Azizur Rahman, Senior Partner, Rahman Ravelli

Susan S. Coffey, CPA, CGMA


The Importance of Apprentices in The Finance Industry


It’s not done yet: MiFID II’s long-term implications Matt Smith, CEO of SteelEye

Lee Maor of Yigal Arnon & Co.

Issue 11 | 7



inside... INSURANCE


Tech trends reshaping the insurance landscape Kannan Amaresh, SVP & Global Head at Infosys


The CFOs guide to achieving IFRS 17 compliance



Ajay Katara


Ross E. Chapman, Global Marketing Director, Aptitude Software



UK wealth managers will have to adapt as people live longer John Doidge, Chairman, Geneva Management Group

8 | Issue 11

Robotics Process Automation (RPA)-A Transformation lever for Risk & Compliance Management Delivering Financial Services Faster and Better How BFSI can Leverage Agile Transformation

Rahul Singh, President – Financial Services, HCL Technologies


The Fastest Growing Form of Fraud That’s also Hardest to Detect: Synthetic Identity Fraud Christina Luttrell, Senior Vice President. IDology



Patches, data and patient security


Battling Brexit: How technology can help businesses plan for the unknown

Dan Lyon, Principal Consultant at Synopsys

Simon Bittlestone, CEO at Metapraxis


Painting a complete picture with unstructured data Tim Pullan, CEO and Founder of ThoughtRiver


RETHINKING THE FINANCIAL INDUSTRY 66 Hassan Abdalla, CEO , Arab African International Bank

Issue 11 | 9

Compare Prices of Hotels & Flights

Asia 12 Issue 11


Robotics Process Automation(RPA) A Transformation lever for Risk & Compliance Management Overview Robotics Process Automation or RPA is one of the digital levers that is fast becoming a tool of choice for many banks to automate processes that are standardized, low on exception, and highly manual intensive. Along with the standard benefits that an RPA implementation brings in, it also helps banks achieve compliance and attain a greater degree of control over end user computing (EUC) processes. The adoption of RPA technologies is gradually gaining momentum with investments pegged to touch nearly USD 1 billion by the end of 2019 with the banking and financial services sector accounting for approximately 40%. Furthermore, approximately 10 to 15% of these spends is expected to be taken up by the risk and compliance area.

The risk and compliance function is constantly grappling to contain compliance costs, gain better control of processes, maintain the required operational agility to achieve compliance, and improve system efficiency. The efficiency issues arise mainly due to the presence of legacy systems, the need to collate data from multiple lines of business (LoBs), and error-prone manual processes. In such a scenario, RPA comes across as a powerful solution that can help banks to •

Improve efficiency without tinkering with the existing Legacy systems

Provide required agility to scale as per compliance needs

Maintain better control on processes through required auditability

Automate manual intensive efforts and reduce errors.

Issue 11 | 13


gradually moving from simple risk tasks to complex judgement based tasks that involve review and decisioning. Also, banks are investing in RPA at an enterprise level, rather than opting for specific point solutions. These changes clearly indicate that RPA is becoming more and more strategic in nature and banks are undertaking RPA investments to improve efficiencies and save compliance costs. RPA adoption in Risk and Compliance

RPA adoption levels in Banks – In the banking and financial services industry, especially in the risk and compliance area, the adoption of RPA is still at a nascent stage. Currently most of the investments are being made in running proofs of concept (POCs) to assess the value or the return on investment RPA implementations bring to the table. Like any technology, RPA adoption can occur in many forms. Initially banks looked at RPA for short term and tactical gains. However, with RPA technology and the concept gaining maturity, more and more possibilities of leveraging RPA for strategic needs are being explored; examples include judgment based tasks and intelligent rule based automations. Banks have also started looking to integrate RPA with other digital investments in the areas of Machine Learning (ML), Natural Language Processing (NLP), Chabot’s etc. and are gradually progressing towards the desired state of Cognitive RPA. RPA as a Transformational Lever Initially RPA solutions were considered tactical fixes. However, as the digital portfolio continues to evolve, RPA is slowly evolving into a transformational lever that combines with cognitive technologies like ML to carry out strategic tasks without impacting the existing IT landscape. This change in outlook can also be observed in the risk and compliance areas where adoption is

In the risk and compliance area, RPA adoption is still in an early stage. Currently, most of the adoption is happening in areas such as KYC onboarding and generation of risk and regulatory reports where the activities are standardized and involve data collation, data aggregation, email integration, and simple rule based automation to quote a few. As the concept gains maturity, adoption is spreading to areas like AML alert investigation, credit reviews, risk reconciliation, and generation of high-volume, highfrequency risk reports such as daily LCR reporting. These processes typically involve complex business rules, processing of unstructured data, macros etc. The banking industry is currently envisioning a target state where RPA can combine with cognitive technologies such as ML, NLP etc. Many banks have started focusing on this and are in the process of identifying use cases that are a good fit. In risk and compliance, judgement based use cases such as limit breach management, risk data quality management etc., are typically good candidates for Cognitive RPA. Though many banks are keen to leverage Cognitive RPA capabilities, they are also cognizant of the fact that it is not desirable to automate judgement based tasks completely in the risk and compliance area due to the nature of the function. Even though some banks are leveraging ML components for risk assessment and decisioning, the output from such cognitive RPA solutions are aimed at improving the turnaround time for Risk processes and providing suggestive recommendations to the risk analysts. The final authority of decisioning is still resident within the risk function of the Bank.

Issue 11 | 15


14 | Issue 11


Enterprise Level Platform based approach for RPA adoption Banks too have started perceiving RPA adoption as transformational initiatives rather than point solutions. Initially when banks started experimenting with RPA solutions, their approach was operational in nature, siloed with very low focus on reusability aspects. With the RPA concept evolving, it is receiving a major boost with more and more banks adopting RPA at an enterprise level. Banks are now forming dedicated RPA Centers of Excellence (CoEs) to manage RPA programs at an enterprise level. The core function of the CoE is to •

Establish standards for identifying and assessing RPA use cases

Develop and Execute use cases across Lines of Business (LoB’s)

Deploy and manage RPA installations

Capture and manage reusability aspects that can be leveraged across RPA use cases for different LoBs

Challenges in RPA adoption No Change comes without its share of challenges, even in case of RPA adoption the Banks are facing the following key challenges •

Regulatory uncertainty over the use of RPA solutions. No formal or defined requirements from regulators on the use of RPA technology for automation has resulted in banks taking a cautious approach to adoption.

Unstable business processes – many banks have manual processes that are not very well documented or stable which makes it difficult for them to adopt RPA solutions.

Most of the initial RPA adoption has been in silos and banks are still in the process of putting in place an enterprise-wide RPA adoption strategy and governance framework.

RPA technologies are fastchanging as they are still evolving

Focusing on reusability

The Road ahead

Reusability in RPA is another concept that is fast gathering steam; reusability means capturing and managing aspects from a RPA implementation and then leveraging the same in some capacity for subsequent RPA implementations, which eventually reduces development effort. Many banks have started thinking along these lines and are working towards establishing a framework that enables identification of the reusability aspects of RPA implementations. Many third party RPA tools also provide a library space where the reusability aspects can be captured and leveraged for subsequent implementations.

As RPA technologies become more and more mature, they will open up many complex problem statements in risk and compliance for RPA adoption. The future of the RPA market looks promising as the key aspects that make RPA preferable are that it does not interfere with the existing IT investments and provides quick and efficient solutions to business users, which makes it attractive for both business and technology stakeholders.

Ajay Katara Ajay Katara is a Domain Consultant with the Risk Management practice of the Banking and Financial Services (BFS) business unit at Tata Consultancy Services (TCS). He currently leads the BFS Risk Practice’s portfolio on Regulations and Robotics Process Automation. He has extensive experience of more than 13 years in Consulting & Solution design space cutting across CCAR Consulting, AML, Basel II implementation and credit risk, and has worked with several financial enterprises across geographies. He has significantly contributed to the conceptualization of strategic offerings in the risk management space and has been instrumental in successfully driving various consulting engagements. He has also authored many editorials, details of which can be found in his linked in profile (

Issue 11 | 17


18 | Issue 11


Why Big Businesses are Moving their AI Teams to Coworking The term “coworking” once conjured up images of budding entrepreneurs and “creatives” brainstorming casually in hip offices, but the concept has evolved radically over the last few years into a completely new approach to business operations. With the booming growth of technologies as influential as AI, companies are under pressure to constantly innovate and it’s become clear that the office environment is a critical factor in the success of any business endeavour. Beyond the obvious practical benefits of having an office managed by an external dedicated service, coworking helps technology leaders stay competitive, hit targets, and nurture a unique company culture. Breaking out of the Headquarters Mold An established company should have its own building, preferably on a nice plot, with an impressive sign outside, right? Well, when you consider the current business technology ecosystem, you have to ask whether that approach is still relevant. After all, our world is becoming more and more connected every day. It’s hard enough keeping track of innovation as it is without secluding yourself from everyone else. AI represents our most forward-thinking research into what the future will look like. Since coworking presents such a versatile and open-ended approach to company management, it’s only natural that these two sectors have formed such a snug fit.

Let’s Call in the Experts Coworking isn’t just about offices that look good. Leading coworking spaces offer an holistic approach to the life of a business. While interior design is a central part of what coworking spaces offer, there’s a lot more that companies can earn from using this type of service. For example, a good coworking company will understand the importance of community in the workplace. Employees, especially those that fall into the millennial category, are understanding that because our work hours take up so much of our lives, they should be spent well. This means in an environment that is not only beautiful, but also inspiring, welcoming, positive and human-centric. This approach is not something that can usually be undertaken by an in-house HR department. The fact that coworking firms can focus on nurturing business culture at this level, makes them invaluable to companies that need to perform well, every day.

agility to organize and reorganize as projects progress, or as a product develops. Departments can be merged or divided, and dedicated spaces can be created for specialized tasks and then later redefined. Thrive to Survive With AI becoming a significant focal point of a constantly growing number of businesses, time is more of a factor than ever. It’s not enough to have the technology. You need to have it first in order to leverage it for the market you’re competing in. This need for a high level of productivity, without compromising on creative output or quality, is something that coworking spaces can help companies achieve by creating a work environment that employees thrive in, day after day.

Office Organization Goes Modular The ‘set-and-forget’ style of office organization is still used by the majority of businesses. When you consider that flexibility is one of the core characteristics of good business leadership, it’s surprising that companies don’t make more of an effort to optimize their office layouts. Flexibility is key in AI, where unchartered territory is the norm. Coworking gives companies the

Dan Zakai Co-Founder and CEO Mindspace

Issue 11 | 19


Delivering Financial Services Faster and Better How BFSI can Leverage Agile Transformation We live in an era of instant gratification. Everything we need has to be delivered on demand–anytime, anywhere we want it. Financial services are no different either. As the internet and smartphones increasingly facilitate real-time payments, fund transfers, settlements and other financial transactions, customer expectations from their banks, insurers and mutual funds continue to evolve rapidly. If a bank’s customers are not engaging with its latest app release, then it must harness user feedback to plug the gaps and roll out a revised, improved version at the earliest. If the mobile banking and Internet banking channels are currently displaying different customer data, then that bug has to be fixed quickly. A failure to effectively address customers’ queries, and act on their feedback, can lead to increased client churn and diminished brand reputation.   With disruptive trends such as consumerisation, automation, Big Data and telematics fundamentally redefining the banking, financial services and insurance (BFSI) ecosystem, financial institutions must become more agile, responsive, efficient and innovative. BFSI companies need to build new capabilities, adopt new ways of working, embrace new workspaces, and above all, adopt a completely new mindset for operations, customer service and

20 | Issue 11

other core functions. Just to put this in context, banks today are focused on delivering compelling and consistent omni-channel experiences, complying with regulation, averting fraud, and reducing costs. However, over the next 10 years, banks will have to also establish themselves as credible repositories of customers’ trust and provide real-time and secure services in an automated and integrated manner. Accordingly, the conventional BFSI IT architecture will have to be reengineered for the industry to effectively serve the needs of the millennial generation. The good news is BFSI firms recognise this pressing need for digitally reinventing themselves, and have been aggressively leveraging technologies like artificial intelligence, blockchain and the Internet of Things (IoT) to create differentiated customer experiences. Every financial institution is reimagining its IT model from the ground up. However, orchestrating this transition is easier said than done, since many of the sector’s legacy systems lack the requisite flexibility to accommodate new functionalities. Also, stringent regulations do not exactly smooth the process for BFSI firms to partner with non-financial institutions across various industries, for enabling on-demand customer experiences. BFSI companies need to embrace a fundamentally “new IT” thinking, across

four key areas. First, IT innovation has to centre around customer centricity, and must be driven by data analytics to understand and address consumers’ requirements appropriately – and quickly. Second, BFSI IT must adopt “platform thinking” in relation to IT delivery, including experimenting with Agile/ DevOps methodologies and considering rolling out a decoupled, decentralised framework. This shift is critical for banks to be able to launch new products faster, in line with rapidly shifting customer preferences and demands. Finally, financial firms must promote a collaborative work culture across their organisation, as well as the broader ecosystem, in terms of encouraging a “fail fast” philosophy and reducing dependence on proprietary tech. Simultaneously, they need to be flexible enough to disrupt their assumptions and operating models, based on continuous learnings.   In order to navigate this transition smoothly, financial services firms need to adopt a new IT service delivery framework that is based on four pillars– agility, collaboration, customer centric innovation and scalability.   The framework should foster rollout of Agile and DevOps methodologies for accelerated software delivery, helping the organisation reduce time to market for new products and services.  


For facilitating increased collaboration within and outside the organisation, the architecture must enable the institutionalisation of a common, integrated workspace for various stakeholders within BFSI companies. For example, banks should be able to leverage the framework to tie up with universities, fintechs and third parties for ideating around and developing cutting-edge solutions. To ensure rapid innovation, the framework also needs to help banks smoothly align themselves with cuttingedge tools and technologies, such as cognitive systems, artificial intelligence, machine learning, blockchain and Big Data.   Finally, for ensuring robust IT governance, the framework should adopt an operating model that’s built on real-time reporting and flat organisational structure.   So, how can financial institutions begin implementing such a framework? To start with, they should do a pilot to validate the Agile proposition for their organisation. The trial run should involve a product revamp entailing not too many functional modules, so that a cross-functional team can brainstorm and iterate on the product’s various sub-components.   Banks can then conduct group workshops for defining the deliverable’s core aspects, with all relevant stakeholders being taken into confidence. As part of this exercise, the team would develop user personas, capture product requirements, and chart workflows.

The next step is to integrate the product build into a common repository on a daily basis, so that the code can be tested in an automated manner. Programmers can then iterate the build on the basis of early defect detection. The last, but not the least, phase in the Agile delivery roadmap is for BFSI institutions to end their long-held practice of separating delivery and quality assurance (QA) teams. The user acceptance testing (UAT) team, embedded into the sprint-based delivery unit, conducts tests, and identifies bugs quickly for swift remediation, thus ensuring a substantial reduction in churn.   All in all, we have barely scratched the surface of the BFSI IT architecture reimagination landscape. Banks, insurers and other financial firms need to use this transition period to quickly test out or revise some of their hypotheses, and accordingly build new systems. The industry will significantly enhance its value proposition in the coming years by adopting a next-gen IT framework that Rahul Singh makes them more efficient, President – Financial Services productive and effective. HCL Technologies  

Issue 11 | 21


22 | Issue 11

Could Blockchain Stop PNB like Frauds?


Ever since the Punjab National Bank Fraud case has come to light, many believers of Blockchain have been saying that Blockchain could have stopped it. Present company included. I for one, very truly believe that Blockchain will become pervasive and not too far away. But could it have avoided this huge fraud that has shaken the Indian Banking system? Well it’s hard to respond in the affirmative knowing that no technology is smarter than the human brain at its best. If the intent is wrong, loopholes are found or made. Just as in this case. What was the main reason behind this fraud? While there were multiple, like mal-intent of account holders, corrupt employees, audit failure, manual contracts etc., the key reason was unintegrated applications, i.e., the SWIFT gateway was not integrated with PNB’s Core Banking System. So, transferring data from one to the other was a manual process! When money was lent by foreign branches of other Indian banks, based on the false LOU issued by PNB, no record was being made in the banks CBS. Thus, year after year, the fraud remained under cover. Could Blockchain have solved it? Well the answer is yes and no. Blockchain definitely has much higher security capability builtin. The basic concept underlying Blockchain, is Distributed Ledger Technology or DLT. So, the master data is maintained in every node of the distributed ledger and hence there is no dependence on a single source of truth. While today the banks CBS is the single source of truth for the bank, in a Distributed

Ledger framework, each node would contain the same truth. So, tampering one node would not be possible and would immediately bring to light any kind of malpractice. So technically speaking Blockchain technology does have security mechanisms to deal with these frauds. However, the success of this would depend on how distributed the ledgers are and how big the chains are. Anytime there is a gap or a break between the chains, or two or more chains are not integrated, demanding a human intervention, mistakes or fraud are likely to happen. So, whether or not Blockchain technology could have stopped the PNB fraud, would depend on how integrated the Blockchain was. So even in a Blockchain scenario if the Bank and the SWIFT payment gateway were not connected by a single chain or two integrated chains and had it required a manual intervention, the problem couldn’t have been avoided inspite of Blockchain technology. So Blockchain technology alone, is not an answer to avoiding such problem, intentional or not. The most critical requirement is for all stakeholders to be part of the Blockchain, with no breakage in the chain.

Since the security will be so much dependent on the technology itself, technology audits will have to become much more stringent and pervasive

Finally, in order for all stakeholders, no matter which industry they belong to, need to come together as part of the same or connected Blockchain, there needs to be common processes and protocols accepted and agreed on by regulators of all industries. Hence the Regulators need to come together to ensure the same.

Bottom line is no technology can eradicate fraud. People are much smarter than computers, being the inventors of all technology. And people with mal- intent will be there. While Blockchain has the technology built-in to improve security, it is definitely not the answer to all fraud.

There are a few other necessary conditions to the success of Blockchain as well: •

All Manual contracts of today will have to be converted into smart contracts to run some automated checks on them, whenever there is any transaction involving a contract.

Ms. Mohua Sengupta EVP & Global Head of Services 3i Infotech Ltd

Issue 11 | 23


Shifting from TimeConsuming Excel Sheets to Concise Credit Management In today’s world, technology and software are an essential part of business. This is especially true in accounts and credit management departments where organising and sharing data, tracking orders, scheduling tasks and managing workloads are all vital processes for long-term success and growth. The type of software used to manage these processes, and store the data generated by them, can help define how efficient and effective a business’s credit management function is. Currently, it’s often carried out using spreadsheets alone. Sometimes the use of basic standard software is simply a legacy of the past. Basic computer programs were used to get the business up and running and they are often being pushed to their limits by growing businesses today – far beyond their intended purposes. Excel spreadsheets, for example, are often used for a whole host of working processes that they were not specifically intended for. It’s certainly not the case that the software is intrinsically bad – far from it. Microsoft Excel is a powerful spreadsheet program that allows users to do a lot with raw data. The issue with Excel is that it is often the wrong tool for the job that credit managers are trying to do. After all, spreadsheets are ultimately designed for number crunching, not for storing masses of details about

24 | Issue 11

customers; their contact details; sales records; payment history and outstanding balances. It’s a problem that tends to get worse as the organisation grows. Using Excel for tracking credit management when the business is small is certainly convenient and it may even work adequately for a little while. Typically, however, it will not take long for the spreadsheet to become weighed down by complexity and this can lead to it becoming slow with errors inevitably creeping into data and functions.

Growing Pains When businesses are in that expansion phase, spreadsheets can be a source of frustration and aggravation, often resulting in slow processes and mistakes as their capabilities are stretched almost to breaking point. Specialist software can help here allowing credit managers to maintain control and ensure even tedious tasks are completed efficiently and to a high standard. Credit managers will be no strangers either to other standard areas of frustration that impact spreadsheetfixated businesses. Users feeling that they are having to do the same monotonous tasks repeatedly is usually a sure-fire sign that the business needs dedicated software. From inputting data to carrying out credit reviews to managing late payments, specialist software can make

workers faster at their job and bring broader business benefits too. Another key area is ease of access to information. Business systems are often overflowing with data. However, if users are not able to access that data and process it into useful information, then it is unlikely to be doing the business much good. Even with custom-designed Microsoft Excel sheets, it is typically a manual, time-consuming task to collect relevant data; keep up it to date and make sure it is easily accessible, and the risk of incorrect information, inaccurate financials and cash flow mismanagement is always high. The consequences of these kind of errors can be severe in financial and reputational terms.


An Alternative Approach With the right dedicated credit management software, however, organisations and their users can access that data and turn it into intelligence that can help the company survive and thrive. Chief financial officers can, for example, use the data to spot trends, examine growth and monitor progress while credit managers can use it to create a credit scoring model and identify the largest customer credit applications, for example. The big advantage of the best quality specialist credit management software is that unlike spreadsheets, it has been designed specifically with the credit professionals in mind. That means that it will typically integrate with relevant

business systems that the customer has and provide a variety of tools for streamlining workflow. Moreover, it will automate many everyday tasks like data entry, processing payments and correspondence. Added to this, its specialist nature allows it to provide users with the information they need when they need it and makes it easy to share data across business functions. In short, this type of software allows credit management users to save time on repetitive tasks giving them the chance to focus on customer service and building long-term-relationships. And that’s important. After all, to do a job well, you need the right tools for the job.

Martin de Heus VP Direct Sales Onguard

Issue 11 | 25


No business is an island: How strategic partnerships can help businesses ensure longevity in an uncertain business world

In today’s business space, competition is fierce. And as a result of the rise of technology, consumer demand is constantly changing and growing, making it harder than ever for businesses to stay ahead of the curve. So, what can businesses do to remain competitive and ensure longevity in these uncertain times? Steve Lemon, VP of Business Development and Co-Founder at Currencycloud, believes that strategic partnerships are the building blocks needed to help businesses grow and thrive. What advice would you give a business looking to remain competitive and ensure they withstand the test of time? For a business to last, I would say there are two main principles to consider. Firstly, always listen to the customer. With the sheer amount of power in their hands, keeping them happy is a necessity. Secondly, a business is only as strong as its foundation. If there is a gap or weakness in your service offering, then your business will eventually crumble. Competition is also fierce so being one step ahead is important: businesses need to constantly be innovating their services to ensure that they are resilient and built to last. But some businesses have been operating as usual for decades, why now do they need to innovate their services to retain their customers? What has changed? We live in the age of technology, and with this comes new ways for consumers to branch out and see what else is out there. They can now compare products, services or prices quickly

allowing them to easily switch if a better option is out there. Businesses have to focus on listening to what consumers want, or face losing them. But it is a monumental task to innovate services alongside satisfying the ever-changing list of client demands and juggling on-going business needs and regulatory changes. Not to mention building the infrastructure to offer new services to customers is an expensive and time-consuming project. But that doesn’t mean they have to do it alone: in today’s building block economy, a strategic partner can go a long way to help strengthen your foundation. Can strategic partnerships help businesses remain competitive? As the saying goes “no man is an island”, and businesses are no exception. Working with one key partner can offer a wealth of benefits to your business, not only opening up potential new leads, but also freeing up time to focus on other important business needs. Partnerships also enable the sharing of knowledge, time, funds and ideas, allowing your business to develop without limitations and ensure longevity. But before you get started, you need to find the right partner. In order to do that you first need to be honest with yourself and understand where the weaknesses in your business lie. Finding a partner who can supply you with what you are missing such as financial support or technological advancements, is how you will get the maximum potential out of any collaboration.

Issue 11 | 27


What technological benefits are there to partnerships? We live in a time where technology is king and if you do not have the funds, time or know-how to harness and develop technological advances to continually improve your business, you are going to fall behind. Partnering with someone who specialises in technology or can offer access that you would not otherwise have is a win-win situation that can help your business thrive in a highly competitive climate. We all know that the rise of technology has created an impatient consumer who expects nothing less than a quick and seamless service. Improving your technological offering for your customers is undoubtedly going to increase customer satisfaction and loyalty to your brand. By choosing a partner with technological know-how, your business could also expand in to new markets and potentially take one step closer to becoming a onestop shop for all of your client needs. Can partnerships offer any advantages when it comes to globalisation? If your aim is to expand your business globally, but you lack the funds or knowledge about the country you wish to expand into, then yes, a partnership is a smart move from both a time and financial standpoint.

28 | Issue 11

Working with a partner in another country or someone who has a firm grasp on the inner workings of the region would save you the time and hassle of researching the demographic, any regional regulations and the potential client base, allowing you to reposition that time into other aspects of the business. But going global surely means less time to spare, so how can a partner help?

Collaboration, delegation and innovation are the building blocks to success and longevity – and partnerships can offer just that. So, ask yourself this; am I missing a building block? Is there anything more I can offer my customers? If yes, then choose a strategic partner to help you create a business powerhouse where the opportunities could be endless.

There are only so many plates a single person can spin before one gets dropped. Working with a strategic partner allows you to share the hefty workload of running a business and delegate responsibilities to a trusted party. For example, working with a partner who has an understanding of today’s complex regulatory environment, especially relative with the upcoming GDPR and PSD2 changes, can remove the hassle of ensuring your business is compliant, resulting in more time for you to focus on your customer’s needs. In the race to the top, businesses have to prioritise their time and often listening to the consumer voice falls to the back of the pile. Yet it is important to remember that your customers’ needs and wants are a top priority – and in order for your business to thrive and withstand the test of time, you need to keep them happy.

Steve Lemon VP of Business Development and Co-Founder Currencycloud


Leading with Distinction Mr. Pornchai Padmindra Senior Executive Vice President, Wholesale Banking Head CIMB Thai Bank Public Company Limited

Mr. Pornchai Padmindra, Senior Executive Vice President, Wholesale Banking Head and Mr. Wut Thanittiraporn, Executive Vice President, Corporate Banking Head at CIMB Thai Bank Public Company Limited discuss the bank's journey and future.

Who We Are CIMB Thai Bank Public Company Limited (CIMB Thai), previously known as Bank Thai Public Company Limited, was established in 1998 with the Financial Institutions Development Fund (FIDF) as the major shareholder. On 5 November 2008, CIMB Bank Berhad became the largest shareholder in Bank Thai and on 4 May 2009, the Bank completed the registration of its new name "CIMB Thai Bank Public Company Limited". This name change reflects the official transition of Bank Thai from being a single company to a member of CIMB Group. CIMB Group is Malaysia’s second largest financial services provider and one of ASEAN’s leading universal banking groups. It offers consumer banking, investment banking, Islamic banking, asset management and insurance products and services. Headquartered in Kuala Lumpur, the Group

30 | Issue 11


Mr. Wut Thanittiraporn Executive Vice President, Corporate Banking Head CIMB Thai Bank Public Company Limited

is now present in nine out of ten ASEAN nations (Malaysia, Indonesia, Singapore, Thailand, Cambodia, Brunei, Vietnam, Myanmar and Laos). Beyond ASEAN, the Group has market presence in China & Hong Kong, India, Sri Lanka, Korea, the US and UK.

Our Journey Wholesale Banking in CIMB Thai under the leadership of Mr. Pornchai Padmindra, Senior Executive Vice President, Wholesale Banking Head, started in September 2013 when he joined the Bank and structured the team as 1) Corporate Banking, led by Mr. Wut Thanittiraporn, 2) Financial Institutions, 3) Investment Banking, and 4) Business Management. This dynamic structure has enabled and strengthened Wholesale Banking to better serve the client’s needs with comprehensive financial solutions. From 2013 onwards, Wholesale Banking’s income has grown by 70% and by almost 400% for cross-border income. On the asset quality perspective, the proportion of clients with good rating has significantly increased from 70% to 90% of the portfolio. Wholesale Banking

focuses on reaching out to selected major client groups as well as in the acquisition of new clients with strong earnings potential and more conservative financial base to continuously improve the asset quality. Furthermore, we continue to expand our business and services within ASEAN by facilitating both Thai clients interested in investing in ASEAN and foreign clients interested in investing in Thailand with cooperation from other CIMB Group members.

financing solution, alternative funding in Equity Capital Market and Debt Capital Market along with hedging solution has created a market presence for CIMB in the market. Amidst the challenges in economic slowdown and limited onshore growth, our competitiveness in going offshore has given us a strong advantage and we see continuous growth in this sector of our business.

Our Positioning

Fast Forward CIMB is what we are

How we choose to compete in Thailand’s market is very important. We cannot be everything to everyone. Hence, we have chosen to “Be More Important to Important Clients.” We differentiate ourselves on how we add value to our client’s needs including how we anticipate their needs. With our strength and key competitive advantage as our ASEAN platform and connectivity through CIMB Group network, we have achieved in bringing leading Thai corporates to be successful in ASEAN. Our niche position in ability to provide offshore services such as Merger and Acquisition advisory (M&A),

Future CIMB promoting internally now at CIMB THAI as the time is now for us to move fast together for the better and think BIG. As for Wholesale Banking, we are aiming to be the “Go To” Bank for ASEAN business. We are growing scale locally and improving our capability to connect us better in ASEAN. In addition, we aspire to be a champion in working with relevant regulators to connect capital markets within this region and to also enhance value to our proposition. In the future, we will be seeing Thailand championing CLMV (Cambodia, Laos, Myanmar and Vietnam) market or as we call it ASEAN-North.

Issue 11 | 31







Submit your nomination today to OR Submit Online at


Ms Tran Quynh Chi -Head of Re-Insurance Department, Mr Le Tuan Dung , CEO, Ms Nguyen Hong Van ,Chairman, Ms Le Thi Quynh Hoa ,Head of Business Development at VietinBank Insurance Company

Mr Kyaw Myo Win, Head of Business Development and Mr Myo Min Thu, Managing Director, AYA Myanmar Insurance

Mr. Winyou Chaiyawan, CEO, The Thai Credit Retail Bank Public Company Limited

(On the right)Â Viktor Fischer, Deputy CEO, ACOLIN Fund Services AG

Company Names Titles Mota-Engil, SGPS, S.A. Best Investor Relations Company Africa 2017 African Alliance Securities Ghana Limited Best Equities Research House Africa 2017 African Guarantee Fund Best Financial Guarantee Provider for SME's Africa 2017 African Risk Capacity Insurance Company Limited Most Innovative ESG Risk Protection Company Africa 2017 Sigal Uniqa Group Austria Best Insurance Company Albania 2017 NBG Bank Albania Best Corporate Governance Bank Albania 2017 Assegurances Generals Best Life Insurance Company Andorra 2017 Andbank Fastest Growing Private Bank Andorra 2017 Crèdit Andorrà Best CSR Bank Andorra 2017 Crèdit Andorrà Best Private Bank Andorra 2017 Global Seguros, SA Best Insurance Company Angola 2017 Banco Sol Fastest Growing Commercial Bank Angola 2017 Banco de Fomento Angola Best Commercial Bank Angola 2017 Banco Económico, SA Best Mobile Banking Application Angola 2017 Banco Prestígio Fastest Growing Investment Bank Angola 2017 Banco Santander Río Best Cash Management Bank Argentina 2017 Banco Cetelem Argentina SA Best Consumer Finance Bank Argentina 2017 BICE (Banco de Inversión y Comercio Exterior) Best SME Bank Argentina 2017 Portfolio Personal S.A. Best Online Broker Argentina 2017 Portfolio Personal S.A. Best Research House Argentina 2017 Puente Best Investment Management Company Argentina 2017 ICBC Argentina Best Foreign Commercial Bank Argentina 2017 Ingo Armenia Insurance CJSC Best Motor Insurance Company Armenia 2017 ARARATBANK Best Trade Finance Bank Armenia 2017 Inecobank Best Retail Bank Armenia 2017 Inecobank Best Mobile Banking application Armenia 2017 Evocabank Most Socially Responsible Bank Armenia 2017 ACBA Leasing Most Innovative Leasing product "Green Leasing" Armenia 2017 Mr. Mel Carvil, Member of the Board of Directors, Home Credit B.V. BOC Aviation Limited Best Aviation Leasing Company Asia 2017 Bursa Malaysia Berhad Best Commodity Trading Platform Asia 2017 Bursa Malaysia Berhad Best Islamic Exchange Asia 2017 Bursa Malaysia Berhad Most Innovative Global End-to-End Shariah-Compliant Investing Platform Asia 2017 Fort FX Best Forex Education Broker Asia 2017 Marquis FX Best Introducing Broker Affiliate Program Asia 2017 Salmaforex Best New STP Broker Asia 2017 Skyline FX Best FOREX Customer Service Broker Asia 2017 Starfish FX Best Institutional Broker Asia 2017 Valour FX Best Execution Broker Asia 2017 FXTM Fastest Growing ECN Broker Asia 2017 Fosun International Limited Best Investment Management Company Asia 2017 Broctagon Exchange Best Trading and Execution Exchange Asia 2017 Atradius Best Credit Insurer Asia Pacific 2017 Fullerton Markets Best New Trade Execution Asia Pacific 2017 Fullerton Markets Best New STP and New ECN Broker Asia Pacific 2017 OANDA Best CFD Broker Asia Pacific 2017 SANNE Best Fund Administration Company Asia Pacific 2017 Learn to Trade Pty Ltd Best Forex Education Provider Australasia 2017

Angela Gruzdova , FBS

Dr. Edem Bart Williams, CEO, Nordea Capital Limited

Yadi Supriyadi, Marketing, Salma Markets Companies Corp., Mai Ngoc Nguyen, Marketing CTO, Salma Markets Companies Corp., Marketing, Salma Markets Companies Corp.

Ms. Kristine Umali, Commercial Attache and Director, Embassy of the Philippines Ambassador Evan P. Garcia of the Republic of the Philippines in the United Kingdom Gilda E. Pico, President and CEO, Landbank of Philippines Ms. Catherine Rowena B. Villanueva, First Vice President, Corporate Affairs Dept, Landbank of Philippines Jocelyn Cabreza, Executive Vice President, Landbank of Philippines Phil Fothergill, Journalist and Video Producer (left to right)

Mr. Matjaz Zadravec, CEO and Managing Partner Royal Vision Capital Limited

Mr. Joseph Chan, CEO, AsiaPay

Dr. ​Rui Vicente, CEO, Dixtior Consulting

Get the

Print Magazine

delivered to your Doorstep

Subscribe at

Americas 40 Issue 11


HOW PRIVATE BANKS CAN RETHINK THEIR BRANDS TO APPEAL TO A NEW GENERATION OF INVESTORS The profile of the traditional private banking customer has changed dramatically. Whether it’s increased competition from fin-tech start-ups, or the rise of crypto currency, traditional institutions steeped in heritage are no longer automatically on the wish lists of young entrepreneurs and agile investors. Not only do private banks need to engage a whole new set of millennial customers, they need to re-evaluate their traditional approach to brand strategy and design to capture the imagination of the next generation. Despite this, the more traditional values of stability, personal experience and judgement are still important and new, digital challengers will struggle to replicate these attributes. While research from Merryl Lynch on high net worth millennials shows there’s a need for guidance, (as few consider themselves knowledgeable about financial products and investments), it means banks and wealth managers will need to push beyond both the traditional clichés of wealth, and the misconceptions of millennial stereotypes. They will need to

build brands with relevance and durability. With this in mind, we’ve identified six ways in which private banks could begin to think differently about building their brand. Be easy to live with Shaped by their experience with nonfinancial digital brands like Google and Amazon, on-the-move millennials expect to always be ‘always on’ and have control. Brands need to fit into their life; not the other way around. For private banks, using new technologies could free the relationship from being purely face-to-face in an office setting; advice and interaction could be provided wherever, to whoever and however it is needed. For instance, taking a leaf out of Babylon’s book – the subscription health service provider – private banks might consider offering a service that allows video calls at any time of the day or night instead of face-toface meetings. This means someone on a business trip abroad, can get the advice they need without waiting to get home.

Issue 11 | 41

AMERICAS BANKING Work with me, not for me At work and as managers, millennials tend to spend more time inspiring and empowering their colleagues than previous generations. This style of professional relationship is likely to extend to their expectations of their wealth manager. Indeed, when it comes to their investments, research from Deloitte found millennials want to remain in the driver’s seat: they want to understand and feel empowered to make investment decisions, fully understanding what is involved. In response, private banks may wish to shrug off their reputation as sages, and position themselves not just as partners, but as coaches or companions that are there to develop and grow with their customers. Again, taking inspiration from outside the category, in the world of beauty products, new skincare umbrella brand, Deciem, has achieved category-disrupting growth not by formulating the best creams, but by putting ingredient decisions into the hands of the consumers. With a portfolio of 200 products across 10 brands, Deciem taps into the millennial desire to both understand and be given permission to do what they think is right. The wisdom of my peers Millennials grew up immersed in online communities where the wisdom of the group, the ethic of crowdsourcing, and a learn-it-yourself culture are valued. It’s not surprising the same behaviors can be seen when it comes to their finances. According to Deliotte, when making an investment decision, millennials are more likely to seek out and collate opinions and views from multiple sources. So, while private banks are there to provide expert advice, they shouldn’t expect millennials to take it at face value. Instead they can facilitate the conversation and provide platforms for investors to share their knowledge. UK based online investment service, Wealthify, is a good example: investors can create investment “circles” to share their investment experience and receive a discount on their annual management fee as they grow their own circle. Do good and make money When it comes to money, millennials don’t want it to compromise their personal values: they are less likely to measure their success

42 | Issue 11

in terms of wealth alone and they care about their personal impact on the world. For example, HSBC research with millennial entrepreneurs found they are motivated to go into business to both better themselves, and have a positive impact on their community. This sense of purpose is likely to extend to their approach to investments, with millennials seeking out banks that share their personal values. Private banks will need to demonstrate that they can help clients grow their wealth, while having a positive and visible wider social impact. In the mass market, newer financial players are already building purpose into their business and brands. For example, US insurance provider, Lemonade, donates what’s left from annual unclaimed premiums to causes you care about, and Abundance Investments uses funds under management in projects and businesses take an active role in creating a better future. Understand my personal goals The long-term financial goals of millennials have shifted and may feel unfamiliar to private bankers. According to Merrill Edge, they are the first generation to plan for financial freedom or to afford to live a desired lifestyle, rather than the more traditional goals of say a comfortable retirement. They also don’t want to be treated as a homogeneous segment: they want advice that is unique to them and tailored to their life and aspirations. To attract new millennial customers, banks will need to adapt their brand and communications to show they understand what their next generation of investors care about. The stuffy, clichéd visual language of wealth is unlikely to be appealing. With clients, private bankers will need the emotional intelligence to help balance what could well be the conflicting and confusing financial goals of a millennial investor. Technology can also play a role in helping clients not only understand but explore and feel the consequences of decisions. For example, MeetInvest has designed a fantasy football approach that allowed investors to select and build an investment team, and Merryl Lynch created an app that aged photos of their customers to help them build empathy for their future needs.

AMERICAS BANKING Old world values with new world relevance There is a tendency for private banks to either focus on themselves – their heritage, expertise or track record – or the functional, more transactional side of their business in their branding. This is then reflected in a visual identity that uses traditional, stuffy imagery or has a clinical style that feels more ‘big bank’ than ‘personal banker’. While it’s key to create meaningful changes in the brand experience, the visual identity also plays a big role in convincing the conscious and seducing the subconscious of both prospects and clients. If millennials care about convenience, inspiration and openness when it comes to their investments, then these values should be visually expressed through every touchpoint: from the welcome letter, to the welcome desk, every interaction is an opportunity to express your point of view and create the seamless, modern branded experience that millennials expect. At the same time, it’s important for banks to stay

authentic and build on their strengths and DNA while making them relevant to a new generation of investors. Lombard Odier is a great example of this. Having survived 40 financial crises and emerged stronger each time, Lombard’s brand is now built on a core idea of “capacity for reinvention”. In a fast-changing modern world, the brand now speaks to the banks’ ability and desire to constantly rethink to bring about financial stability. Ultimately there is a need for private banks to balance innovating their experience and brand to reach new audiences, while reinforcing their reason for being. Private banks can draw on the learnings from brands that are already succeeding with millennials to help redefine their client relationships, while also restating their purpose as modern-day beacons of trust within the banking industry.

John Clark Planning Director at brand design agency Coley Porter Bell

Issue 11 | 43


The Fastest Growing That’s also Hardest Synthetic Identity Synthetic identity fraud (SIF) is one of the fastest growing and most sophisticated forms of fraud in the United States today. The Federal Trade Commission estimates that SIF costs American businesses $50 billion each year and, unfortunately, it’s difficult to detect and even harder to stop. First things first, are you up to speed on SIF? While traditional identity theft involves a criminal targeting and assuming an individual’s entire identity, with SIF perpetrators combine real and/or fictitious information, such as Social Security numbers (SSN) and names, to create identities that they then use to defraud financial institutions, government agencies or individuals over time. At first glance, a synthetic identity appears unremarkable, and that's the point. SIF criminals are in it for the long haul, which is why it's sometimes called "sleeper fraud." The longer an artificial identity remains "in

44 | Issue 11

play," the larger the credit profile becomes and the greater the potential for criminals to profit. Successful synthetic identity fraud schemes evolve over months and sometimes even years before the criminal decides to “bust out,” cashing in on the identity and leaving the credit provider to foot the bill. How did we get here? When businesses in the United States adopted EMV chips in credit and debit cards, criminals were forced to channel their fraud efforts online. That migration, paired with large-scale data breaches, loosening credit standards and the exploitation of legacy credit creation practices and systems, laid the groundwork for certain forms of fraud to flourish, hence the recent exponential rise in SIF. In 2016 alone, SIF cost lenders $6 billion. Today, it’s also responsible for 20 percent of credit losses, with an average charge of $15,000.


Form of Fraud to Detect: Fraud There are several other factors that are contributing to the increase in SIF: Social Security Number Randomization. Beginning on June 25, 2011, the Social Security Administration (SSA) changed how it issued SSNs. According to the SSA, randomization helps protect the integrity of SSNs as well as extend the lifespan of the nine-digit system. However, randomization eliminated the ability of legacy fraud detection solutions to use the information embedded within an SSN to determine its veracity. Vulnerabilities of Legacy, Static Fraud Detection Tools. Along with the challenges created by SSN randomization, many firms are also still utilizing conventional identity verification systems. These systems use simple, single-layer matching processes that are configured for yesterday’s fraud schemes. Criminals are constantly collaborating and innovating, and they have adopted more sophisticated cons that legacy systems can’t detect. Difficulty of Detection. Because a synthetic identity looks and acts like a real identity, companies often do not realize they’re dealing with a fraudster.

Relaxed Credit Standards and More Authorized Users. After the “Great Recession” ended, tight credit standards loosened up and financial services firms aggressively sought more revenue to make up for less fee income. As a result, lenders enabled more authorized users on accounts. Fraudsters exploit this by recruiting and “piggybacking” off of legitimate card holders with good credit, adding themselves to the account as an authorized user, then building up the synthetic identity’s credit score. Making matters worse, they may also add new synthetic authorized users to their previously established synthetic identities, thereby extending and amplifying the scheme. SIF Protection and Prevention The first step in combating SIF is acknowledging that traditional, static approaches to detecting identity theft are insufficient. These legacy systems are geared toward matching an established identity and credit history belonging to a real person. As we’ve mentioned, that’s not how SIF works.

Issue 11 | 45


46 | Issue 11


To protect against SIF, technologies and processes should be put into place that offer: Multi-Layered Identity Verification. With consumer data accessible on the dark web, detecting and preventing SIF schemes demands an intelligent, multilayered approach that pulls together an array of location, activity, device, digital and other identity attributes to validate customers. Predicated on a risk-based approach, powerful algorithms coupled with robust data sourcing and mining capabilities can provide companies with detailed analyses of the relationships and characteristics of identity data that far exceed the rudimentary matching of data elements with public records. Dedicated Synthetic Identity Fraud Analytics and Tools. Deploying synthetic fraud tools requires big data analysis to identify the relationships between the identity attributes, as well as their veracity. While synthetic identities may appear as a complete and existing identity, the identity is ultimately an amalgam of disparate identity attributes. With a relational analysis of those attributes, inconsistencies that may indicate a synthetic identity can be identified and escalated for additional verification early in the process. Photo Identity Document Verification. Real consumers usually have “proof of life” documents on hand, such as a driver’s license and passport. They also have smartphones. Synthetic identities may not have such credentials. Document verification and matching a “selfie” with a driver’s license or passport photo can differentiate a real customer from an artificial one. It also offers a way to onboard customers with much less friction.

Cross-Industry Collaborative Networks. Detection also depends on access to a collaborative network of companies united in the fight against identity theft. Mitigating SIF requires companies and industries to share data. By flagging data elements such as phone numbers, addresses and SSNs connected to previous fraud schemes and making such information available collaboratively, companies can receive access to real-time, actionable fraud data. Synthetic identity fraud schemes exist due to inherent weaknesses in the processes that institutions establish and consumers follow to establish and build credit profiles. Until the credit creation and maintenance process changes, criminals will continue to manufacture identities with the goal of committing fraud. Given SIF’s reliance on both real and fake data, preventing it depends on being able to analyze multiple layers of an identity in order to determine the account holder’s actual existence and intent.

Christina Luttrell Senior Vice President IDology

Christina Luttrell is the senior vice president of Product, Client Solutions and Marketing for IDology, a leader in multi-layered identity verification and fraud prevention.

Issue 11 | 47



What’s changing in 2018?

48 | Issue 11


Comprehensive Capital Analysis and Review or CCAR is a Capital Planning exercise involving Large US Bank holding companies (BHC’s Complex and Non Complex) and foreign firms with Large US operations also known as the Intermediate Bank holding Companies (IHC’s). CCAR assessment includes quantitative and qualitative assessments of firms capital plans. Quantitative assessment includes supervisory and company run stress tests . Through these stress test the U.S. Federal Reserve expects the participating firms to be sufficiently capitalized in adverse operating environments and also continue to carry on normal business activities like lending and also meet obligation of its counterparties. The CCAR Capital plan for this year needs to be submitted by the participants to the Fed by 5th April 2018 and the results will be announced by the Fed on 30th June 2018. The participants of 2018 CCAR exercise include: •

18 of the large US Bank holding companies will be subject to qualitative and quantitative disclosures. This includes 5 large Foreign Banks with large US operations 20 Bank holding companies with less complex operations will be subject to only Quantitative disclosures . This also includes one foreign firm with US operations

What Continues with CCAR •

Firm’s capital plan submissions

Expectations regarding the mandatory elements of a capital plan like capital management, process to ascertain capital adequacy, capital policy and business plan changes

Qualitative assessment of a firm’s capital plan (LISCC* and large and complex firms only)

Quantitative assessment of a firm’s post-stress capital adequacy;

Federal Reserve’s response to a firm’s capital plan and planned capital actions

Limited adjustments that a firm may make to its planned capital actions

Public disclosures by the Federal Reserve at the end of the CCAR exercise

What are incremental changes in 2018? •

Non advanced approaches firms are required to continue to apply the transition provisions applicable for calendar year 2017 for certain items (i.e., mortgage servicing assets, certain deferred tax assets, investments in the capital instruments of unconsolidated financial institutions, and minority interest) over the nine-quarter planning horizon.

Impact of the Tax Cut and Jobs Act: to be reflected in CCAR 2018 projections, as applicable

Market Risk Component changes for certain IHC’s in lieu of the global market shock component, IHCs will be subject to interim market risk components in the supervisory adverse and severely adverse scenarios used in the annual company-run stress test (companyrun market risk component) and the supervisory stress test (supervisory market risk component)

Issue 11 | 49


112 | Issue 10


Attestation requirements for LISCC firms - LISCC firms that are BHCs must attest to the effectiveness of internal controls for FR Y-14 Submissions

Limited adjustments to planned capital actions – Before the final results are published Fed will provide an opportunity to make onetime adjustments

Reduced supporting documentation for LISCC and large and complex firms

generally have a high probability of receiving MRA’s (matters requiring attention) or MRIA’s (matters requiring immediate attention) initially, till they mature on the CCAR best practices. •

Reduced documentation – Fed will inform the CCAR participants who are subject to the qualitative submissions a month before on what are the in scope supporting documentation, though the impact of this is minimal as firms still have to prepare exhaustive documentation, but from an examination perspective it will help them to be better prepared and provide more focus on in scope topics

Opportunity to address capital deficiency – This is more important for the IHC’s as the Fed will give them an opportunity to supplement any capital deficiencies observed after running the stress tests. The IHC’s can get the necessary equity capital supplements from their parent to address this deficiency which will also help them to avoid over capitalizing their US firms going forward

Impact of the Changes Most of the CCA instructions and scenarios are in line with earlier guidelines and limit the impact of the exercise on the participating banks, however some of the additional changes suggested in 2018 guidelines may have following impacts on the CCAR participants •

Severe scenarios are included which require firms to reflect the recent tax law changes in their projections of net income and regulatory capital. From a stress testing perspective banks will no longer be able to offset the stress losses with projected tax refunds as a result this will impact the capital.

Relief for 20 CCAR participants in the category of large and Non Complex as they will not receive objections to their capital plan based on qualitative assessments

Addition of 6 IHC’s in this year’s CCAR stress test .Out of these 5 will also be submitting qualitative assessment to Fed and 4 (LISCC) from the list will also be subject to Fed heightened expectations .Also it is observed that new entrants

CCAR exercise continues to widen its net of participating banks and this year we will see the entry of 6 IHC’s who will be part of public disclosures for the first time since their private submissions to fed last year. This year’s CCAR submission will see more impact on IHC’s as they are very new to the rigor of CCAR exercise, but the good part is that they can leverage the Prior learnings of existing CCAR participants and work towards making their qualitative and quantitative CCAR submissions complete in all aspects.

Ajay Katara

Ajay Katara is a Domain Consultant with the Risk Management practice of the Banking and Financial Services (BFS) business unit at Tata Consultancy Services (TCS). He currently leads the BFS Risk Practice’s portfolio on Regulations and Robotics Process Automation. He has extensive experience of more than 13 years in Consulting & Solution design space cutting across CCAR Consulting, AML, Basel II implementation and credit risk, and has worked with several financial enterprises across geographies. He has significantly contributed to the conceptualization of strategic offerings in the risk management space and has been instrumental in successfully driving various consulting engagements. He has also authored many editorials, details of which can be found in his linked in profile (https://www.linkedin. com/in/ajaykatara/)

Issue 11 | 51


Tech Trends Reshaping the Insurance Landscape

New and emerging technologies are disrupting the business-as-usual approach by displacing established models, forging new revenue streams and driving unprecedented innovation. This is triggering a ripple effect across industries. The insurance industry is not immune to these forces. Today, customers want to shop for policies and claim damages as seamlessly as they would browse for and buy any product on Amazon. To keep up with customer expectations, insurance companies must first understand how technology can revolutionise their value chains. 1. Hyper digital adoption – Digitisation is becoming a top priority for insurance companies. Most digital transformation initiatives are driven by customer demand for omni-channel and personalised experiences. Hence, insurers are refocusing their investments on digital transformation initiatives, so they can better serve their customers. For example, mobility solutions help insurance agents instantly catalog damage, file reports and access customer claim information. Such round-the-clock connectivity streamlines tasks, thereby improving agent productivity. On the consumer front, apps provide instant information about policies and allow customers to file a claim, compare policies and get instant quotes. Further, as wearables become popular among users, there are lucrative opportunities to leverage data gathered from sensor-enabled devices to improve product design in health, home and automobile insurance. Leveraging robust digital insurance platforms can help insurers better differentiate themselves in the market and accelerate growth. 2. Data and robotics – Currently, innovation in robotics focuses on machine learning software that automates repetitive processes by learning like humans do. Many companies are using automation and software robotics to enhance productivity and minimise errors in back-office functions. However, robotics can play a much larger role than just process optimisation. For example, the recent launch of Haven Life’s Facebook-embedded chatbot has made it much easier to dispense quotes for life insurance. The bot can converse with interested customers, assess life insurance needs and provide premium estimates within minutes.

52 | Issue 11


Here, one must not forget the importance of data. Any automation or robotics initiative is unlikely to succeed without a strong data management strategy. For robots to be effective at what they are programmed to do, they should be able to access unstructured data across every channel. Thus, robust big data tools coupled with innovative AI technology are critical for such initiatives. The policy change for robotics adoption is clear in Germany. Leading insurers are reimbursing beneficiaries with roboticsbased solutions to cure medical problems. ReWalk Robotics is a leading robotics company that provides patients with wearable robotic exoskeletons. These enable hip and knee motion by integrating a wearable brace support, computer-based control systems and motion sensors so physically-challenged individuals can stand upright and walk. While ReWalk has already been associated with leading insurers across the globe on reimbursement policies for its exoskeleton technology, now a major German insurance company, Barmer, will reimburse ReWalk systems for qualifying customers. 3. IoT and InsurTech – Close on the heels of the FinTech revolution in the financial services industry comes InsurTech, a trend that promises to channel technology-led disruption into existing insurance models. Consider how a Canada-based IoT, AI and data analytics company called Mnubo received nearly US $16.5 million in financing from Munich Re, the German insurance giant. These investments will help Mnubo’s customers who are making IoT investments benefit from financial products for risk management and RoI-enablement. Further, emerging InsurTech companies will find avenues to leverage smart devices powered by the Internet-of-Things (IoT) for extreme product innovation and

personalisation. For instance, data gathered from sensors embedded in cars can track driver behaviour so insurance companies can customise policies, accurately assess risk and reduce cost. As early as 2015, Germany was already leading the way in driving the adoption of telematics. In fact, the Commissioner for Data Protection and Freedom of Information for North Rhine-Westphalia was the first authority to evaluate a telematics-enabled product to determine violations of data privacy. The pay-as-you-drive product provides insurers with driving insights to help customise premiums. Today, customers, too, are increasingly interested in the prospect of lower premiums on auto insurance. A report by Business Insider estimates that nearly 50 million US drivers will have dabbled in usage-based insurance by 2020. These IoT applications range across all insurance verticals such as home, assets, property, land, equipment, etc.

technologies, nimbler start-ups are competing aggressively to establish themselves in an industry governed by trust. This creates an environment ripe for mergers and acquisitions where established insurers can choose how to reposition themselves based on specialised market segments. Some of the examples above clearly indicate how insurers are reaching out to smaller start-ups to deploy sophisticated technologies across their product lines. The insurance industry is on the cusp of pervasive disruption and transformation. Existing business models such as traditional auto insurance may soon become redundant as consumers shift to innovative schemes. Thus, organisations must look ahead and reinvent their product and business strategy through technology if they are to stay relevant and competitive.

4. New risk assessment models – While technology transformation delivers tremendous value, it also comes with its own set of risks. As companies go digital, the threat of risk shifts from physical attacks on assets to cyber attacks where the target is sensitive data. With the explosion of mobility, smartphones are an easy target, emphasising the importance of protecting one’s device. In fact, many insurers are developing and launching products to address cyber security issues. Recently, France's central bank has urged French insurers to enhance cyber risk coverage for their clients, as hack attacks and data privacy laws in Europe spur rising demand. The idea behind is to create a more mature market in France and Europe for insurance against cyber risks. 5. Dynamic industry landscape – In the face of pervasive disruption, the insurance industry is becoming increasingly competitive. Even as traditional companies struggle to seamlessly adopt new

Kannan Amaresh SVP & Global Head Infosys

Issue 11 | 53


Court Limits 2015 Text Marketing Rules, Gives New FCC an Opportunity to Provide Clarity On March 16, the D.C. Circuit issued a long-awaited decision1 in a challenge to the Federal Communications Commission’s July 10, 2015 Declaratory Ruling and Order2 regarding the Telephone Consumer Protection Act (the July 2015 Order). We have previously explained the challenges created by the July 2015 Order here3 and here4. On the whole, the unanimous 3-0 Decision offers some good news for businesses: the court struck down the FCC’s broad definition of “autodialer” (or ATDS) as unreasonably and impermissibly expansive and held

54 | Issue 11

that the FCC’s interpretation of ATDS functionality was so lacking in clarity as to fail the requirement of reasoned decision-making. The court also found that the FCC’s liability approach for calls to reassigned numbers unintentionally contacted by advertisers with the prior subscriber’s consent was arbitrary and capricious. However, the Decision upheld the FCC’s positions that consumers must be able to withdraw consent to telemarketing by any reasonable means, as opposed to only certain manners designated by the advertiser and upheld the limited scope of exemptions for healthcare messages.

At the end of 2016, the FCC issued an advisory on text messaging, but as we wrote at the time, the advisory left advertisers struggling with how to comply with the very issues addressed by the court last week. Although the Decision vacates certain parts of the July 2015 Order, it leaves those issues unsettled for the FCC to reconsider and open to interpretation by trial courts. Given that the FCC majority has shifted to the Republicans and former Commissioner Pai, who dissented from much of the July 2015 Order, is now the Chairman of the FCC, industry is likely to obtain better results when the FCC


revisits the rules. The court’s 51-page Decision provides some suggestive guidance regarding how to approach these issues in the next effort. The most significant aspect of the Decision involves the definition of autodialer. Only text messages sent via an autodialer are governed by the TCPA. The act defines an ATDS as “equipment which has the capacity (A) to store or produce telephone numbers to be called, using a random or sequential number generator; and (B) to dial such numbers.” 47 U.S.C. Section 227(a)(1). The language left ambiguity around the meaning of “capacity,” as well as what functionality constitutes the actions described in (A) and (B). The petitioners took on both issues, and the court found the July 2015 Order lacking on both counts. •

The FCC had rejected the industry position that “capacity” should be measured by present capacity in a current configuration without modification, determining that “potential functionality” and “future possibility” were enough to establish capacity. This frustrated the ability of telemarketers to enable or disable calling equipment depending on the nature of the communication and forced them to comply with the more burdensome consent requirements applicable to use of an ATDS in all cases. The court found the FCC’s rulemaking “arbitrary and capricious” with respect to its interpretation of “capacity” as the Commission had failed to articulate a reasonable and comprehensible standard, essentially qualifying all smartphones as autodialers. As for the FCC’s interpretation of the content and scope of the regulated functionality of an ATDS, the court found the FCC’s ruling internally inconsistent and lacking in clarity such that “affected parties are left in a significant fog of uncertainty about how to determine if a device is an ATDS so as to bring into play the restrictions on unconsented calls.”

The court also struck down the July 2015 Order’s approach to calls to reassigned numbers. The court did uphold the FCC’s finding that the statutory definition of “called party” means the current subscriber, not a previous subscriber who had consented to the communication and was the intended recipient of the call – provided the advertiser lacked knowledge of the number reassignment. But the court invalidated the FCC’s one-call “safe harbor” from strict liability for a single unintentional call/text, ruling it “arbitrary and capricious” because no reasoning was given as to why reasonable reliance would cease after a single call, or why the one-call exception was perpetual, inconsistent with the notion callers could learn of reassignments over time. In short, the court agreed that called party means the current subscriber, but struck the safe harbor, theoretically creating the potential for telemarketers to face strict liability from the moment a number is reassigned. To avoid that outcome, the court invalidated all of the July 2015 Order’s consideration and treatment of reassigned numbers, noting that the FCC had declined to adopt a zero-call strict liability approach and also noting that the FCC is already working on alternative ways to regulate reassigned numbers. The petitioners fell short with the court on their two remaining issues: (1) methods for opting out, and (2) the scope of exemption from the TCPA for certain types of calls. The court upheld the FCC’s prohibition on limiting opt-out methods and requiring advertisers to honor consent revocations given by any reasonable means. Thus, advertisers cannot limit opt-outs to replying STOP or QUIT; they need to address unrecognized replies that might reasonably indicate an opt-out and otherwise accept reasonably given opt-outs such as requests to customer service. The court also let stand the July 2015 Order’s treatment of a healthcare text exemption from TCPA consent requirements; such texts must be limited to critical health messages and not healthcare-related marketing or collection messages. At least until the FCC can promulgate new rules, the Decision likely will force trial courts adjudicating TCPA class actions to turn to principles of statutory

interpretation when evaluating issues that are the subject of the invalidated FCC determinations. We will be watching how both courts and the FCC address these matters in the coming months.

Alan L. Friel Partner BakerHostetler

Melinda L. McLellan Partner BakerHostetler



“TCPA Omnibus Declaratory Ruling and Order.” Federal Communications Commission, 10 Nov. 2016, document/tcpa-omnibus-declaratory-ruling-and-order.

3 “‘Don't Call Us, We'll Call You." The FCC's Latest TCPA Ruling Imposes Even More Restrictions on Telemarketing Calls and Texts.” Data Privacy Monitor, 15 July 2015, www.

4 “FCC's New TCPA Order May Require Companies to Obtain Updated Consents for Marketing Calls and Texts.” Data Privacy Monitor, 22 July 2015, enforcement/fccs-new-tcpa-order-may-require-companiesto-obtain-updated-consents-for-marketing-calls-and-texts/.

Issue 11 | 55


Solutions and Best Practices for Effective Financial Remediation Programs Since its inception, the Consumer Financial Protection Bureau (CFPB) has processed more than one million consumer complaints stemming from alleged errors, processing mistakes, technical glitches, and other issues related to credit cards, ATMs, marketing programs, debt collection practices or loan services. Today’s technology makes it easier than ever for consumers to identify, report, and join existing complaints, placing banking and financial institutions in a reactive – and often costly – position.

Voluntary Vs. Mandatory Remediation Programs

Of the thousands of complaints filed each week, many will require some form of programmatic consumer remediation, instituted either voluntarily or by regulatory mandate and frequently requiring payments be made to consumers who have been affected by an identified error. Consumer payments, however, account for only a fraction of the cost of remediation, which can strain a financial institution’s resources and compromise its reputation.

Mandated remediation programs, while less common than voluntary programs, often limit the role financial institutions take in the design and execution of remediation and may even restrict their involvement in changing internal systems and processes following remediation. The nature of mandatory programs enables regulators and lawmakers to impose additional fines, audits, and reporting processes, making it critical to get ahead of remediation whenever possible.

The following is a look into how financial executives can execute remediation programs effectively to minimize cost, avoid burdensome penalties and corrective actions, and enhance favorability among consumers and regulators.

Voluntary programs employ a selfpolicing and self-reporting approach and can help financial institutions avoid significant penalties and external audits. Oftentimes, the act of self-reporting errors is taken into consideration when configuring penalties. In fact, corrective action required by regulators may be less onerous or avoided entirely when institutions voluntarily identify and report customer complaints.

56 | Issue 11

Financial institutions are generally governed by The Same set of industry regulations, from the Dodd-Frank Act to the Fair Credit Reporting Act. Breaches of those legal and regulatory standards, regardless of intent, will garner attention from regulators and enforcement agencies, which require urgency in both restoring consumer loss and repairing the internal systems that prompted complaints.


The CFPB and other regulators will consider a number of key factors when determining remediation and oversight requirements, including the type and severity of the violations, the effectiveness of the proposed remediation in resolving violations, and both the history and the efficacy of prior remediation programs. For that reason alone, developing a plan to respond quickly and decisively in the event of a consumer complaint or regulatory violation is crucial. Financial institutions can decrease reaction time and make remediation programs scalable and repeatable by building the following service capabilities into their infrastructure, establishing a relationship with a third-party remediation provider, and conducting vendor onboarding and security clearance processing in advance. Data Compilation + Transfer The first, and arguably most important, process in customer remediation is the compilation and transfer of customer data from the financial institution to its third-party remediation administrator, which involves considerations such as quality assurance and security. From a quality perspective, it’s imperative that customer and data records are complete, accurate, and formatted appropriately. Partial information and incorrect formatting can result in added costs and delayed timelines, which may attract attention from enforcement agencies. Simple mistakes can be costly. For example, when data is missing from a file, the inevitable back-and-forth between and among departments in the institutions and their vendors to complete data sets can add significant fees to remediation. Incorrect or incomplete addresses often result in a higher rate of undelivered payments, which may raise red flags for auditors.

And when internal audits and data files fail to include all affected customers, additional waves of “catchup” payments must be processed, which both increases expenses and compromises consumer and regulatory confidence. Once internal mechanisms are in place to ensure accurate data analysis and formatting, institutions must consider their processes for transferring data to third party support agencies. It is advisable to determine and agree upon security protocols with remediation partners in advance, such as when and under which protections data will be shared. Further, financial institutions should require that their administrators develop and host secure, online portals to facilitate the safe transfer and sharing of sensitive consumer data between and among remediation vendors. These portals are not only critical to preventing fraud throughout remediation, but they also afford institutions access to real-time program updates and reports. Notification Process Once remediation data has been compiled and analyzed, institutions begin the important work of reaching consumers with the intention of making them whole again. This is achieved, in part, through a comprehensive consumer notification process. The noticing phase is particularly sensitive as it may represent a consumer’s first and only interaction with the financial institution following an error or complaint. In many instances, remediation program information can be communicated to customers via customized check stubs. In other cases, however, such as when compensation is distributed electronically or a more detailed explanation or language translation is required, a standalone notice is advisable.

Issue 11 | 57


Responsibility for identifying the amount and type of information to be included in a consumer notice falls squarely on the institution. Working with multiple fields of data requires several layers of review to ensure information is transferred correctly from the original template to the final files. While drafting, translating and sending the notice can be done in-house, this work is often outsourced to the third-party administrator. Regardless of which entity does the drafting, beyond ensuring the validity of notification content, financial institutions should consider partnering with their internal communications and legal teams to review the design of content and messaging for customer notifications. Notices that demonstrate genuine concern and empathy and which outline how the institution is moving forward have been shown to positively impact brand sentiment and restore consumer loyalty and confidence. Compensation + Funds Distribution Compensation and financial disbursements can take multiple forms, so it’s imperative that institutions support diverse distribution methods and timelines, which vary by remediation type and geographical location of customers. The distribution of remediation funds to existing customers may occur via account credits, digital disbursements, or paper checks. In cases where consumers’ accounts have been closed, institutions may either send paper checks to the last known address or issue electronic payments to the customers’ account of choice. This reinforces the need for quality control in data collection and transfer; a simple email to former customers for approval to transfer funds to their account of choice may be the most cost-effective manner of distribution, especially if the remediation audience is geographically diverse.

58 | Issue 11


Once payments have been issued, they must be monitored and tracked in consistent intervals (30-, 60-, and 90days) and reissued as appropriate when requested in writing by the customer. For checks that remain uncashed at their half-life, reminder emails or letters can be sent to encourage consumers to cash the checks. Additionally, efforts should be made to inform consumers of their right to claim payments via their states’ unclaimed property funds. Together, these strategies will go a long way to demonstrating the institution’s intention to make all customers whole again. Finally, the pre-existing online portals used for the transfer and analysis of customer data can be leveraged during the distribution phase, providing institutions with real-time access to payment data, such as details on payments sent, received, cashed or pending, or returned as undeliverable. These data sets may be exported in Excel or other formats for easy retrieval and submission to various agencies overseeing remediation programs, keeping the institution in good standing. Data Security, Privacy, and Anti-Fraud Systems While the mishandling of consumer data or breaches in data or privacy within financial institutions can prompt consumer complaints, data and privacy concerns do not end there. In large and complex remediations, where consumer data may be handled by multiple internal and external agencies, institutions are solely responsible for safeguarding consumer privacy and circumventing the potential for fraud. When considering administrators or vendors with which to partner, it is important that selection criteria include robust anti-fraud procedures and key compliance indicators,

such as SOC 2 certifications and SOX compliance. Additionally, third-party providers that have been previously retained by leading financial institutions and government enforcement agencies are likely to have been extensively vetted for security measures and best practices, which may also ease regulatory oversight throughout remediation. Institutions should routinely communicate best practices with their customers, detailing how to communicate securely with their institutions, outlining what type of information will and will not be requested from them and how. Anti-fraud systems, such as secure portals and FTP sites, minimize the transmittal of one-off data spreadsheets, helping to reduce the likelihood of fraud throughout the data analysis and transfer phases. Externally, setting up digital disbursements whenever possible eliminates the need to handle sensitive bank account information, and the use of traceable bar codes on check stubs will facilitate the coordination of returned payments and ensure payments are made only to the affected parties.

Processing issues, mistakes, and other consumer-related errors are a reality within the financial industry, and today’s regulatory landscape mandates that financial institutions react decisively and in good faith to restore consumer loss and to repair internal infrastructure and processes that prompted consumer complaints.

Lorri E. Staal Assistant Vice President, Operations GCG

Lorri E. Staal is an assistant vice president of operations at GCG, a leading global provider of legal administration and business solutions. In her role, Staal oversees complex class action settlement and regulatory administrations, particularly those requiring extensive and detailed analyses of complicated data. She has spearheaded more than 300 bank remediation programs and overseen the distribution of more than 1 million checks totaling $64 million to consumers.

Whether remediation programs are voluntary or mandated, they can be costly and distract financial institutions from their core business objectives. When consumer favorability, brand reputation, and regulatory standing are at stake, a proactive and well-planned approach to customer remediation is key to reducing cost, minimizing oversight and penalties, and getting back to business.

Issue 11 | 59


How tighter compliance can boost the reputation and value of ICOs At the latest Financial Action Task Force (FATF) meeting, 35 countries, the European Commission and the Gulf Co-operation Council urged the international body to improve understanding of money laundering risk related to cryptocurrencies. In light of this, Michael LaScola, Business Solution Specialist at Accuity, discusses some AML best practices for ICOs and why they should consider compliance an asset, rather than overhead.

The rise of ICOs In 2017 Initial Coin Offerings (ICOs) became the hottest new tool for startups, and transitioned from being a relatively unknown fundraising method used in the blockchain community, to raising over $4 billion by the end of the year.1 Just like Kickstarter or Go Fund Me, ICOs let entrepreneurs take their business plans directly to non-accredited2 or inexperienced investors to try to secure early stage funding for their ideas. Unlike traditional crowdfunding platforms that give away t-shirts and posters as a ‘thank you’ for investing, ICOs distribute digital coins to investors with the promise of big returns.

60 | Issue 11

For most of 2017, the ICO market was on fire and the companies that launched them were doing everything they could to lure in investors, including running multiplatform social media campaigns and promoting celebrity endorsements. Most ICO pitches consisted of two elements; they encouraged their audience to read a ‘white paper’ a document laying out their grand plans - and they prompted people to ‘buy now’ for the chance to secure the biggest profits.3 These marketing campaigns proved extremely successful in raising billions of dollars of startup funding.


Risky business

Bridging the compliance gap

Unfortunately, the easy money bubble had to burst and as 2017 drew to a close, governments around the world began to take note and crackdown on the ICO market. In the U.S., the. Securities and Exchange Commission (SEC) ruled that many digital coins and tokens from ICOs must be considered securities and therefore subject to federal securities laws.4 China and South Korea banned ICOs altogether, and most recently, at the Financial Action Task Force (FATF) meeting held in February 2018, members representing 35 countries, the European Commission and the Gulf Co-operation Council, asked the global body to improve the understanding of money laundering risks relating to cryptocurrencies.5

The good news is that KYC compliance screening is not difficult to implement and a realm of regulator-ready best practices have already been tried and tested by financial institutions of all sizes, around the world.

While no crypto-enthusiast wants to see a fully-fledged ban on ICOs, there is clearly growing sentiment that a more regulated ICO market would create a fairer playing field for everyone. Since these investments are available to the public and not just accredited or experienced investors, it is important that situations like the one that occurred with Confido (in which the founders disappeared with $375,000 just days after concluding their ICO) are avoided.6 With the U.S. SEC and now FATF positioned to take an even closer look at the ICO market in 2018, it is important to look at all of the risks involved, and to note that they don’t all fall on the side of the investors. The companies running ICOs in a market that is sure to become increasingly regulated, need to demonstrate they are operating as legitimate businesses. Part of that will mean understanding who their investors are and performing Know Your Customer (KYC) checks before engaging in transactions, just as financial institutions are required to do, to protect themselves from becoming involved in any illicit financial activity.

Take sanctions screening, for example; best practice for ICOs would be to screen the lists of their contributors against the sanctions lists that are relevant to the jurisdictions in which they operate. In doing so, ICOs will be able to detect any investors who are linked to blacklisted entities and ensure they are not breaching sanctions legislation before coins are issued. Removing any questionable investors from the ICO fundraising round will not only ensure they are in compliance with AML and KYC laws, but will also send a clear signal to the market that they are a legitimate, trustworthy business. Yet the screening of investors should not be limited to their initial onboarding; ICOs can last weeks or even months and someone who invested on day one might be added to a watch list some time later. Continuously re-screening investors until the conclusion of the ICO is the best way to guarantee that no bad actors are exploiting the system. After all, anyone who is involved in illicit financial activity might need a place to stash their cash at a moment’s notice and ICOs currently seem a much more attractive place to put it than banks which already have extensive AML and KYC infrastructures in place and can quickly stop deposits or freeze accounts.

Turning a problem into an opportunity In a cryptocurrency market that is becoming increasingly crowded as each new ICO emerges, investors want to make sure they give their money the best chance of making a good return. Such investors are looking for indicators that the ICO is the real deal and that they won’t be scammed. It all comes down to trust and reputation. The savviest ICOs in the market today are beginning to see that putting the correct compliance controls in place can be a smart commercial move as it gives investors confidence in the coin and in several cases, has proven to increase its value.

Michael LaScola Business Solution Specialist Accuity 1 icos-in-2017-from-two-geeks-and-a-whitepaper-toprofessional-fundraising-machines/#5a16ef63139e

2 A non-accredited investor refers to any investors who do not meet the income or net worth requirements set out by the Securities and Exchange Commission (SEC) https://www.






Issue 11 | 61


Patches, Data and Patient Security The intersect between security and medicine is a strange place. While it has created many benefits to patients and healthcare professionals, it has also raised issues that both medical and security professionals have never even considered. On the positive side, patients are directly benefiting from automation replacing manual processes through a wide range of connected devices. They are also benefiting from increased availability of their data for self-management, as well as access to historical monitoring data through the internet. Integration of consumer technologies like mobile phones means that patients and caregivers alike can have on demand access to data and use that information to make informed decisions. All of these items are intended to increase the quality of care for patients. However, the increased reliance on the internet and use of various connected devices, including mobile phones, present significant security concerns. Recent articles on cybersecurity issues related to pacemakers and defibrillators highlight how security can take front and center in the media as demonstrated by Muddy Waters press releases. Even if safety concern is not present, events like this can still cause concern and worry among patients, and in the worst-case scenario, patients may even decide to forego beneficial therapies because of a potential security risk. Another item that can be particularly challenging is to design adequate security while maintaining usability. Some aspects of usability are driven

62 | Issue 11

by the patient population that will be using the device. For example, an older patient population has a different foundation for using technology than a younger one, and a system that is usable by younger patients may not be usable by older patients. One example of the intersection of security and usability is provided by passwords. Password-based systems have technical security controls that can provide the necessary security, but only under certain conditions that are directly influenced by the person selecting the password. This is the reason that web sites ask for passwords of a certain length, with numbers, letter and special characters. From a security perspective, very long and completely random passwords offer the best protection. From a usability perspective, a very long and completely random cannot be remembered and is therefore not very usable. On traditional computer systems, there are technologies that can help to solve this called password managers. They allow storage and retrieval of long, random passwords so that a user does not need to remember their password. Security experts consider use of a password manager a requirement for people to securely use any password-based system. That presents a problem however, because medical devices often do not allow users to install additional software like a password manager. The result is that users will use a weak password which can be easily guessed, circumventing all the security controls within the system. Finding the appropriate balance in this type of problem is essential to maintaining both usability and security. The patient population, use scenarios, and use environment all affect the kinds of security controls that are reasonable.


Connected medical devices typify this issue. On August 30, 2017, the U.S. Food and Drug Administration published a Safety Communication noting that patients using any of six specific pacemaker and CRT-P (cardiac resynchronization therapy pacemaker) devices should consider applying a software update to fix the security holes. The security patch release by the FDA demonstrates some of the difficulties for connected medical devices. Among those difficulties are the tension between safety and security, the ability of patients and doctors to evaluate security risk, and the long product release cycles required for medical devices. The security patch was released to fix a hardcoded unlock code present for enabling emergency care. This showcases the tension that exists between safety and security of the implanted device. Medical devices often need to have functionality that supports delivery of emergency care so that patients can obtain potentially lifesaving therapy when necessary. However, that same emergency use case contributes to security risks that bad actors could potentially exploit to cause harm. Balancing this kind of tension during product

development is essential and provides an exemplar scenario for why security needs to be driven from a comprehensive, program level initiative such as those observed through the BSIMM study1. Overall, medical products fundamentally provide benefits to patients while also introducing risks. Some of the most familiar of risks are called out as side-effects of prescription drugs. Take cough medicine as an example. The same drug that reduces coughing may cause extreme drowsiness in a small percent of the population. Surgical procedures are something familiar where doctors talk with patients about the benefit of the surgery, but also about potential risks, such as infection. These risks can sometimes be very serious, but their rate of occurrence is very small. In these examples, the risk-benefit discussion between patients and their doctors are informed by scientific studies categorising the risks as a percentage of people who experience the risks. Most people can grasp the concept of “1 out of 1000 people experience extreme drowsiness� and are able to make an informed decision around that.

Issue 11 | 63


However, that kind of data isn’t present in security vulnerabilities, and because of that the risk-benefit discussion between patients and their doctors is not based on empirical evidence, and an alternate means of communicating the risks and benefits needs be used.

Tackling the Security Issues The significant length of time required for a patch to be released is typical in the medical device industry. While the FDA has noted releases strictly for security vulnerabilities will not be subject to the same regulatory process, it is still the responsibility of the manufacturer to ensure that any change to their system is safe and effective. In other words, the software patch that is deployed still needs to go through a rigorous process of analysis, development, verification and validation to ensure that it is operating as intended and not introducing new risks. The recent Meltdown and Spectre vulnerabilities are a great example of how patches may have adverse performance impacts (as much as 30%), and manufacturers need to perform the necessary testing to ensure all patches work appropriately. Medical device security is fundamentally about risk identification and reduction. Manufacturers need to be incorporating security risk management processes throughout their entire development lifecycle in a similar manner to how they have incorporated safety risk management. This means performing activities such as architectural risk analysis, threat modeling, automated code reviews, and security-focused testing activities. This is an issue which is broadly about healthcare and security as much as it is about patching individual devices. Many people suggest a cultural change is necessary within the healthcare industry

towards privacy, highlighted by the worrying statistics that on third of mobile medical apps have no privacy policy, one third of mobile medical apps share data with third parties, and one third of mobile medical apps do not even use encryption to protect users. If you are downloading a medical focused app, there is a significant probability that your data is going to be available for uses that you may not be aware of. Even encryption, which in the medical space should be a must-have before going to market, is missing from a large portion of apps. Consumers should understand that to get the benefit of some of the mobile medical apps, they will be losing control of their private health data. Additionally, imagine a situation where the data you unknowingly submit through a mobile application is used to link your biologic information to a potential medical disease. Should that information be communicated to you? How should it be presented? Did you even want to know if you were trending towards something that may not happen? To conclude, security can be an enabler of new healthcare models that can deliver great benefits to patients, but it also remains a source of major concerns. For patients to fully benefit, security must become a top concern for healthcare organisations.

Dan Lyon Principal Consultant Synopsys

1 “Building Security In Maturity Model | BSIMM.� Building

Security In Maturity Model | BSIMM,

64 | Issue 11


Issue 10 | 131

EMEA 66 Issue 11


Re-thinking the Financial Industry Hassan Abdalla speaks with Global Banking and Finance Review on the occasion of winning Best Investment Bank in Egypt 2017. “Finance” has been a core discipline in your life, as a student who studied finance in the late 70s, to a seasoned Professor of Finance since the 90s and a practitioner with a whole career spanning over 3 decades in the financial industry, how do you see the state of the industry back and then? If I may reflect back and examine the financial industry across the last 3 decades, I think most financiers in my generation would agree that the industry is changing from focusing mainly on the return on equity to focusing on both qualitative and quantitative dimensions beyond numbers. To say the least, you can hardly sustain the same level of growth if you continue with the same business models or the “banking as usual” mode. We have a dilemma that textbook finance does not comprehensively address real world challenges. Concurrently our real world day-to-day practices do not accommodate the constantly evolving pressures and trends. We have been taught to measure the return on equity and target profit, the single bottom line. Now we are requested to target the triple bottom line. So yes, the financial industry in terms of theory and practice is outdated.

In your opinion, what are the contributing factors that led to this situation? Could the financial crisis be the reason behind this situation? As a finance veteran, it has always come as a surprise how financial markets never fail to have a crisis almost every decade. Black Mondays, Black Tuesdays, Latin American Debt Crisis, South East Asia crisis, and Saving & Thrifty crisis…etc. It is an industry plagued with crises. The 2008 financial crisis is a shattering moment that has shaken the foundations of mainstream banking. Notwithstanding the fact that it destabilized the industry to the core, it is more of a symptom of the industry’s falloff rather than a root cause. It is more of an alarming sign urging the financial industry to pause and reconsider its assumptions and its relationship to the whole ecosystem.

Issue 11 | 67


What is more compelling is the rise of major developments known as “Megatrends” that are bound to change business fundamentals. Thus apart from the 2008 global financial crisis, the industry has ever since been encountering serious developments that are constantly putting pressures. For example, the concept of “Sustainability” –a rising trend - has gained traction and is urging governments all over the world to pursue inclusive growth or sustainable development. What is this telling the financial industry? It is testifying that the grand design was originally not made with the poor and the environment in mind. Suddenly, there is social and environmental risk on the rise urging the revision of mainstream risk management. Banks are in need to run reevaluation of all types of risks and update them to avoid future crises since the banking risks are no longer the traditional ones we used to know including credit risk, market risk and operational risk. Sustainability is also telling us that we have to develop new business models to address financial inclusion, funding of SMEs and entrepreneurs as well clean energy, waste recycling and energy efficiency. All this requires conceiving new systems, structures, policies and capacity building techniques. Shadow banking is another case in point. Informal economies are a tantalizing development. The fact that formal economies failed to accommodate low-income disenfranchised segments left a big amount of wealth outside the financial system. How to get it inside remains to be rethought. Technology is another megatrend; from “big data” that impact product design to Fintech to Crypto Currencies, these are all rising modalities that urge prompt revision within the industry. IT fraud and electronic crimes remain to be added to the operational risk of banks. Also topping the list is facing evolving international regulatory and compliance requirements including new risk management techniques and capital adequacy requirements in addition to tighter banking supervision. Compliance cost, data reporting, and necessary IT infrastructure are becoming additional costly mandates. Basle III will add further capital and supervision requirements that will put pressures on banks’ profitability and trigger the risk –return trade- offs. Banks cannot sustain their profitability unless they undergo a fundamental revision. Every new development is testifying that it is no longer “Banking as Usual”. Many financiers acknowledge this but still few act upon it. It is important to note that the new trends are destabilizing but not necessarily threatening; if well understood and preempted they could well lead to the revival of the industry and with it create a new round of balanced growth. It is time to take a step back and rethink.

68 | Issue 11

What type of rethinking is necessary if “finance” is to evolve? Which opportunities and challenges does finance bring? The rethinking is towards bonding with the whole ecosystem not just shareholders; towards creating value rather than only making profit. The nub is to rethink the role of the financial industry in the economy and the society at large. Agile financial institutions can take advantage of the transition, but it is not easy to adapt and evolve. The main issue is how to create value in non-monetary terms and how would this be reflected on banks’ financials. An issue we need to address to enable the transformation.

Egypt has recently been witnessing remarkable economic growth, tell us about its highlights GDP growth rate reached around 5% in the current fiscal year 2017/18 compared to 4.2% and 3.5% in 2016/2017 and 2015/16 respectively. Also, inflation is taking a downward spiral since its peak in July 2017 reaching 33%, it recorded 17% in January 2018 and is poised to go lower. Foreign exchange reserves hit a record high of USD 42.5BN in February 2018 exceeding the figure recorded before January 2011, and is now covering 8 months of imports. Tourism receipts remarkably surged by 256% in Q1 2017/18 to record USD 2.7BN up from USD 0.8BN a year earlier. In addition, according to the Ministry of Planning (MoP), the construction sector, manufacturing and the extractions sectors grew by 10.7%, 10% and 14% in Q2 2017/18 respectively.

In your view, what are the main drivers of economic growth right now in Egypt? Current economic growth in Egypt is the function of taking bold and effective reform and regulatory measures on several parallel tracks in a timely manner. This is happening despite the presence of massive challenges. Here, it is important to raise the resilience of the Egyptian economy and its capacity to reboot, when decisions are made right. Egypt’s successful reform program has played a critical role in stabilizing the economy through liberalization of the exchange rate regime and fiscal consolidation measures, which assertively restored the competitiveness of the economy and encouraged private sector activity, projecting higher investments and job creation in the medium and long term. Equally important, the Central Bank of Egypt’s (CBE) exchange rate reform has proven to be a “turning point for the economy,” increasing macroeconomic stability and removing most currency restrictions that were earlier replaced to end a chronic dollar shortage that earlier crippled the economy and intimidated investors. Credit rating agencies have applauded the measures and have upgraded the financial outlook to “positive”.


Hassan Abdalla C.E.O Arab African International Bank

Issue 11 | 69

EMEA COVER STORY In parallel, the GoE has already commenced a structured approach to overhaul the investment climate believing that a dynamic and strong private sector is an essential prerequisite for growth transformations. The modernized regulatory framework is working its way to alleviate the key bottlenecks that impeded the growth in a relatively short time and create a level playing field for all investors, enhanced competition, greater trade integration, and complete removal of trade barriers along with improved access to finance and land. The government successfully introduced several legislative and regulatory reforms such as the introduction of VAT, Civil Service Law, in addition to investments, and industrial licensing, all of which are likely to boost investment in the approaching period. Recently, the parliament has approved Egypt’s first Bankruptcy Law, the latest in structural developments in the GoE business legal framework and is part of the overall reform efforts to facilitate a healthy business environment for foreign and domestic investors, as well as, local small and medium enterprises as the process of unwinding insolvent companies becomes easier. In addition, the amendments made to the Capital Markets Law introduce new financial instruments including Sukuks, protect rights of minority shareholders, and lower securities registration fees to encourage SMEs. Broadly speaking, macroeconomic stabilization provides a solid basis for broadening the scope of structural reforms to attract investments, raise the growth potential, and create employment opportunities.

70 | Issue 11

How does the Egyptian government determination to proceed with huge infrastructure projects and huge budget commitments fit in the growth scenario? Parallel to these structural reforms, economic growth is propelled by ambitious and unconventional Mega Infrastructure Projects that are being implemented with a high degree of dynamism. It is remarkable that these mega-projects run across the whole of Egypt – rather than being Cairo centric - and well leverage its geopolitics and natural resource richness. Some view this as burdensome and should not be addressed at this point of time because they are not Egypt’s priority. In my opinion, they represent the structural base for further sustained inclusive economic growth on the medium and long term. These megaprojects will significantly boost job creation. As a case in point, the headline act for 2018 will be the opening of the Zohr gas field that will help to place Egypt in the league of world’s major energy producers. Also, plans are underway to construct the largest Solar Park in the world in the city of Benban in Upper Egypt. This project will help Egypt tap into its massive potential for solar energy and scale back its use of expensive—and polluting—fossil fuels. The Suez Canal development project aims towards upgrading the infrastructural and industrial capabilities of cities like Port Said, Ismailia, Suez, Ain Sokhna, and Al Tor City in Sinai. The GoE’s strategy extends to develop the country’s impoverished south along the Red Sea coastline. Golden Triangle is a continuation of a plan that goes

further south to cities like Marsa Alam, Safaga, and Qoseir. As the government tries to revive its tourism sector, the cities south of Ain Sokhna all the way down to Marsa Alam can become major tourist destinations. As a new economic zone, envisaging USD 18BN in investments, with the first phase accounting for USD 5.5BN, three-quarters of it private. Infrastructure and utilities projects have been charted out, including a logistics hub to be built behind Safaga Port. Lately, an agreement was signed between Dubai Ports Worldwide and the Suez Canal Authority to launch the first phase of a marine terminal in Ain Sokna over an area of 30KM which will integrate with Jebel Ali free zone.

Although ambitious and successful, these measures remain within the mainstream. Do you detect any evolution or progressive strides in the Egyptian financial industry over the past period? Absolutely. Parallel to these impactful structural and regulatory reforms, the financial industry has been experiencing a subtle but a deeply founded overhaul. There is a growing tendency to bring the industry closer to its ecosystem, being more responsive to the needs of the masses, and more focused on inclusive growth and the sustainable development of the country. The financial industry has witnessed a series of regulations that urge the banks to address Financial Inclusion. In my opinion, this counts as a second reform. The first successful round of banking reform (2004-2010) that addressed non-performing loans, consolidated the sector and ensured a

EMEA COVER STORY competent and solid financial sector that well weathered the global financial crisis and 2 revolutions erupting within couple of years 2011/2013. Now the Egyptian financial industry is experiencing a well-spelled evolution that is felt across several fronts. The Central Bank of Egypt (CBE) - with the support of the Egyptian governmenthas ushered a national commitment towards Financial Inclusion. Egypt’s current socio-economic challenges urge addressing SMEs to rebuild and reinforce this vital base. SMEs account for around 80% of GDP and 75% of employment. Today, the number of MSMEs in Egypt exceed 7M with a credit gap of USD 10BN. Currently financial institutions are urged to provide loans to small and medium businesses; new regulations mandate all banks in Egypt to give out 20% of their total loans to SMEs, with 5% interest rate. In tandem, Egypt has been committed to become a Cashless Society. Regulations have been made in 2016 to launch the mobile payment system, another milestone towards the evolution of the financial industry in Egypt bringing it closer to the populace. Expanding mobile payments will be instrumental in advancing financial inclusion. Mobiles are widely spread in Egypt with a penetration rate 103%, one of the highest in the world. Having a mobile payment platform will revolutionize the industry and further deepen its role in achieving inclusive growth. This national determination has found expression in the establishment of the National Payment Council personally presided by the Egyptian President.

The dynamic evolution of the financial industry in Egypt is one of high pace. It is challenging banks to cope and revise policies and practices. But it is definitely healthy.

How Does AAIB fit in this dynamic landscape? There is a seamless fit. AAIB’s distinction lies in its dual feature; a legacy of solid corporate and investment banking tradition that spans over half a century coupled with a progressive and innovative drive. AAIB has a record of accomplishments as an industry trendsetter. Along this spectrum, we have been committed to meaningful and impactful business to help create value to all stakeholders. The bank’s human resources are agile, proactive, and well trained to read the future and move ahead. The current economic dynamism in Egypt certainly avails a precious opportunity for the bank to sustain its growth and contribute to the economic growth of both Egypt and the region.

In what ways does AAIB’s investment banking expertise assist international businesses interested in investing in Egypt? What are AAIB’s plans for continued growth, investment and further strengthening the foundations of the bank? AAIB has solid credentials as an investment and corporate bank leveraging a comprehensive financial platform to support its international clients with integrated solutions. The bank has both commercial and investment arms, and is fully equipped to act as a trusted advisor providing complex solutions that sharply

address our clients’ specific needs and challenges. We guide clients to grow in the right direction. Another advantage is leveraging a financial group providing consolidated investment and financial services including asset management, brokerage, leasing and mortgage finance. Along with our strong regional presence, we are right on track maintaining our distinction and realizing our vision to become the gateway of international business into the region. There is much AAIB can do to build on current economic growth especially that we already have a strong client base in emerging Gulf markets including Saudi Arabia, Kuwait, Bahrain, Oman and Qatar. There are huge prospects for our business progress especially that Egypt expects private investments to take the chief role in driving economic growth this year. Private investments are projected to contribute 60% of economic growth in the current fiscal year, compared to 48% last year. FDIs are also projected to respond positively as well by increasing significantly over the medium term due to the higher certainty and clarity regarding the foreign exchange policy paired with the new Investment Law and the CBE’s decision to lower interest rates. FDI inflows reached $8.7BN during the 20162017 fiscal year, up 26% when compared to the $6.9BN in the previous fiscal year.

Issue 11 | 71


Egypt’s BenBan ; World largest solar photovoltaic generation park

How is AAIB helping support SME’s and their growth? The bank has been a forerunner in developing its business to attend social and environmental dimensions. Despite our tradition focus on large corporates, AAIB has been agile in expanding its client base, moving to the Middle Market segment for loan portfolio diversification and the base for creating new revenue streams and uncontested segments.

72 | Issue 11

Moreover, the bank will be further downscaling by tapping the bottom of the economic pyramid. AAIB aims to serve the micro entrepreneurs segment through a dedicated Micro Finance subsidiary, Sandah, in partnership with excellent partners- KfW GmbH and Sanad Fund respectively. Effectively speaking, Sandah will start operations this April 2018. Sandah is planning to leverage on its wide branch capillarity, advanced digital capabilities, and its human resources, which are trained to address the growing needs of its diverse client base.

AAIB has its fingerprint in boosting Egypt’s economy especially in Energy sector and Renewables. The bank has succeeded in financing the World largest Solar Park in Egypt in its first stage in Benban city in Aswan.

How has technology and the move to cashless society transaction impacted the way you do business? With increased adoption of digital channels, the role of the branch is undergoing a change from a transaction-based entity to customer advisory one, which will significantly curb operational overheads.


Infinity Solar SAE ib vogt GmbH

As we speak, AAIB is currently upgrading its Core Banking System and replacing its legacy systems to drive agility and efficiency to its clientele. Forward looking, the adoption of financial technology applications (Fintech) and Mobile Banking will allow customers to transfer money without the need to go to channels.

Which unique products and services were created as a direct response to the needs and desires of the clients? AAIB has a reputation among its clients of its proven ability to innovate and customize products. The bank

boosts distinguished calibers who are well groomed to provide tailor- made solutions customized to our clients’ needs across different sectors. Our corporate portfolio services include mergers and acquisitions, advising on equity placements, feasibility studies, valuations, escrow arrangements, agency services and raising finance through syndicated loan market. In addition, AAIB has a leading role in the debt capital market products such as securitization bonds and corporate bonds that assist in promoting various instruments and diversifying the Egyptian market’s sources of finance.

Ever since, we have been committed to advance sustainable finance in Egypt and the region. We have constantly been endeavoring to ensure that our business integrate the ESG into its operations. This entailed several measures to revise our business to include environmental and social dimensions. AAIB has been the first in Egypt to join the UN Global Compact in 2005 and the Equator Principles in 2009 to become the first bank to introduce social and environmental risk management in its credit operations. The bank also joined the UNEP FI in 2017. We have also been a forerunner in issuing our Sustainability Report based on the GRI guidelines.

But I always say product distinction does not last as they get replicated easily. The true distinction materializes at the relationship level and this is very proprietary and cannot be replicated easy.

We are also committed to become a driving force to create an industry move on both the regional and global level towards enacting sustainable finance. Our ambition goes beyond the bank, to advance an industry movement within the Egyptian banking sector and that of the region towards sustainable finance by launching MOSTADAM; the first platform in Egypt and the MENA region to enact and promote sustainable finance through capacity building, policy advocacy, and promoting sustainable products and services. MOSTADAM is a joint effort between AAIB, the United Nations Development Program, and the Egyptian Corporate Responsibility Center. To date MOSTADAM, has secured the engagement of 60% of the Egyptian financial sector. In 2016, it achieved a partnership with Frankfurt School of Finance and Management to provide two certified programs in SMEs Finance as well Climate and Renewable Energy Finance grooming a new generation of bankers with a new mindset capable of achieving balanced growth.

Still our edge lies in the “powerful synergies” that are inherent in the bank’s lines of business, locally and regionally as a Financial Group and corporate legacy of distinguished performance and international exposure for over 50 years. Moreover, the Gulf region provides a solid geographical base for expanding in investment services, especially that AAIB is the first private sector bank to establish presence in the Gulf region (Dubai, Abu Dhabi) in the early 1970s. AAIB is a true partner to its clients. We never let go during times of uncertainty.

AAIB is known for its strong commitment to Sustainable Finance. Can you tell us more about it? AAIB has been a forerunner in rethinking finance. We have realized the inherent connection between economic growth and social, environmental and governance concerns early on since 2003. The starting point was our commitment to achieve growth, so we started a decade ago but it is a tedious process.

It is redeeming to see our consistent efforts bearing fruit on the industry level. It feels good to witness the transformation of the Egyptian financial industry driven by all stakeholders.

Issue 11 | 73


The CFOs guide to achieving IFRS 17 compliance IFRS 17 is arguably the most significant change to insurance accounting that has ever taken place. The standard requires insurance CFOs to produce new financial reporting and will challenge their ability to explain the business clearly to investors, boards, regulators and other stakeholders. The principles-based standard drives forward-looking estimates onto the balance sheet, placing finance teams under an even brighter ‘audit spotlight’ with the need for new controls and governance processes, extensive disclosures and the ability to substantiate reported results. While initially the focus was on the addition of a new required calculation, the contractual service margin (CSM), insurers and advisors are realising that correctly calculating the CSM over time is just one aspect of achieving IFRS 17 compliance. Insurance IFRS 17 project teams recognise the challenge extends well beyond where to home the CSM calculation and are focused on delivering an end-to-end IFRS 17 reporting process.

An overview of finance’s IFRS 17 requirements •

Chief Financial Officers are vested with Chief Actuarial Officers to deliver IFRS 17 reporting accurately, ontime with controls and audit-ability

Complying with IFRS 17 requires more than delivering Contractual Service Margin calculations – IFRS 17 requires finance to harmonise data, processing and control across the entire systems environment

In a post-IFRS 17 world, CFOs will be challenged to clearly explain the business strategy and results, but it offers many obvious opportunities to improve finance’s capabilities

What are finance’s IFRS 17 accounting requirements?

typically more accelerated than other regulatory insurance reporting such as Solvency II.

IFRS 17 compliance requires a series of financial accounting changes. First, insurers need to fit their entire book of business into new measurement models, to create and apply complex accounting posting rules over hundreds of contract types and product lifecycle events.

Finally, finance teams need to manage IFRS 17 transition closely, as new balances will drive profitability for years to come and will be under scrutiny from investors, regulators and tax authorities.

Second, finance need a new IFRS 17 chart of accounts and to produce extensive new disclosures, delivering IFRS 17 accounting quickly within the ‘working day timetables’ which (for finance) are more frequent (monthly) and

74 | Issue 11

Importantly, IFRS 17 reporting cannot be delivered in isolation as financial balances are invariably affected by many other GAAP reporting standards including IFRS 9, IFRS 15 and other rules such as those that dictate the application of fair value.


An overview of finance’s IFRS 17 requirements Chief Financial Officers are vested with Chief Actuarial Officers to deliver IFRS 17 reporting accurately, on-time with controls and audit-ability Complying with IFRS 17 requires more than delivering Contractual Service Margin calculations – IFRS 17 requires finance to harmonise data, processing and control across the entire systems environment In a post-IFRS 17 world, CFOs will be challenged to clearly explain the business strategy and results, but it offers many obvious opportunities to improve finance’s capabilities

The challenge of explaining business performance in the post-IFRS 17 world CEOs rely on their CFOs and clear financial reporting to explain their business to investors, boards, regulators and management teams. Many insurers expect IFRS 17 to result in more volatile results and the new standards may affect the ability of companies to pay dividends and even impact executive bonuses. In the IFRS 17 world, finance teams will have to focus on how all reporting processes across metrics will work together, including for things such as planning and forecasting.

Insurance companies need to deliver comparative reporting starting in 2020, challenging CFOs to explain the variations between reporting bases. Consistency of treatment across the business will be under much higher scrutiny, and investors will expect CFOs to explain variations across multiple GAAPs and regulatory reporting regimes.

“We should be able to produce a set of parallel books to let the users [of financial statements] make a judgment as to whether it is useful. But, that will be costly…we will need to run parallel systems and have to reconcile between the bases.”

“Whilst ultimate economic profits will not change, the emergence of those profits can change significantly. Both insurers and their analysts will need to assess the full impact in terms of telling the performance story of their companies.” – Alex Bertolotti, PwC For the external audiences, the common language of IFRS 17 will (eventually) reduce variation in reporting practices and place pressure on CFOs to quickly and clearly substantiate financial results. Experience adjustments will have to be applied and explained, and accountants will have to understand how profit and loss statement changes can be attributed to changing assumptions such as interest rates.

Comparative reporting will challenge CFOs for many years to come, with many insurers already hearing from tax authorities that they will want to see results presented using old and new models for up to seven years, and managers wanting to continue non-IFRS 17-related KPIs for employee performance management processes.

What we learned with global European and Asian insurers through our first three IFRS 17 proof-of-concepts and hundreds of market interactions Most mid-sized and large-insurers will need to bridge the gaps between actuarial systems and general ledgers; between CSM engines and accounting; and data integration and calculations. One client had 250+ source systems, with many holding data in proprietary formats. Compliance requires tackling a whole host of detailed accounting requirements, e.g. managing full and delta ledgers, auto-reversing journals, the ability to manage manual adjustments, transition balance management, following the sun to produce IFRS 17 across Asian, European and American entities, simulation of accounting impact under different scenarios, aligning management information systems will with IFRS 17 financial data, and reconciling existing Solvency II and local GAAP accounting. IFRS 17 brings significant new volumes of accounting. Many firms are recognising the requirement to store contract or even lower “cover” level-data, but for many insurers this equates to hundreds of thousands (if not millions) of accounting line items per day. Finance need to “run the business” in a post-IFRS 17 world and many are incorporating finance improvements into their projects - including “fast close” requirements; chart-ofaccounts consolidations; improvement of Solvency II reporting outputs and timetables; reducing manual processing; improving reconciliations cycles; standardising finance data across business lines; and “digitising”/ modernising finance’s IT architecture.

Coordinating across divisions and geographies will make IFRS 17 compliance more difficult. Many insurance companies have grown through acquisitions with federated business divisions and a single group finance function consolidating results. (Several of Aptitude Software’s prospects had more than 40 General Ledgers!) Grouplevel IFRS 17 project teams will need to define IFRS 17 accounting approaches, unit of account, measurement models, transition methods, using financial accounting hubs to ensure divisions deliver appropriate data and apply accounting policy correctly.

Issue 11 | 75


Who’s got financial control and governance? Those insurance companies that have performed deeper analysis or completed proof-of-concepts have highlighted the need for finance teams to harmonise data, processing and controls across actuarial, policy administration and finance systems, to create and manage IFRS 17 portfolios, to ultimately produce highly-controlled financial results. Expected cash flows sourced from actuarial systems environments will form the basis of most IFRS 17 calculations. A lot of these numbers have been done by actuaries for many years, but insurers will need higher levels of comfort and greater control frameworks around the actuarial data sets. Ownership of these figures is driving actuarial and accounting teams much closer, but ultimately finance will need to be able to deliver the controls around the end-to-end process. This goes well beyond the CSM calculations. Whereas data for these judgements may source from actuarial, pricing or policy systems, finance’s role is to manage the endto-end process to deliver consistent, auditable results with the ability to quickly and clearly explain business performance to all stakeholders. Having the ability to drill down into the provenance and transformation of underlying data will be a key success factor for insurance CFOs.

Summary of learnings from Aptitude Software’s 4Q 2017 Global IFRS 17 Readiness Assessment 39% of firms that have started their analysis expect to kick-off implementation projects in Q2 2018. The 8.2% that are already in active implementation phases have an average gross written premium (GWP) of £15.3bn ($20.4bn). The average GWP of companies at a pre-impact analysis phase is £6bn. IFRS 17 is challenging insurers of all types and sizes. It’s not just a life insurance issue; it is having a significant impact on smaller, regional and non-life insurers. The industry has learned that IFRS 17 requires much more than delivering CSM calculations. Functionally, CFO’s are taking the lead on IFRS 17 but working closely with chief actuaries with the goal of harmonising data, processing and control across finance and actuarial environments. With many insurance companies expected to start implementation in mid-2018 and with project teams consisting of 50+ FTEs, a major skills gap is expected.

“How are we going to link the ‘pricing guys’ to understand whether a contract is onerous, when information from pricing is not typically good enough to use in our finance systems? How will we allocate costs to groups of contracts? How are we going to show that the Premium Allocation Approach is applicable as it produces similar results to the general measurement model? On the life side, what are our rules for coverage units? How are we going to use discount rates, as it looks like it’ll be different from what’s in use for Solvency II? How do we deal with diversification? And where we hedge… how are we going to account for that in this new world?” – Questions raised by a lead technical accountant and member of the IFRS 17 Transition Resource Group

76 | Issue 11

Shifts in thinking – financial reporting requirements shadow CSM calculation decisions 84% of firms included in the Aptitude Global IFRS 17 Readiness Assessment cited a disparate actuarial environment, which will be a constraint to delivering consistent calculations (cash flows, discounting, risk adjustments, CSM). Project teams are also grappling with how to capture granular contract data necessary to support the application of IFRS 17 measurement models, how to connect heterogeneous actuarial and finance systems environments, and how to manage the all-important transition balances. 88% of insurance company IFRS 17 project leads highlight that new processes are needed to support IFRS 17 disclosure requirements. Most insurers cited the need to incorporate parallel reporting requirements, including local statutory reporting standards and the new IFRS 9 accounting rules governing financial instruments. And many respondents expressed the desire to fix or improve Solvency II reporting requirements as part of their IFRS 17 project.

EMEA INSURANCE How do CFO’s equip themselves for their IFRS 17 expeditions? It is possibly premature for insurers to seek ‘strategic benefits’ from their IFRS 17 programmes when their routes to compliance are not yet defined. However, when considering how to tackle the standard, it is important for CFOs to keep focused on improving (rather than reducing) their ability to explain business performance. With this need in mind, some insurers are already tying their IFRS 17 programmes into broader finance improvement initiatives, with insurance CFOs wanting to gain a single chart-ofaccounts across their business, support new business models and product lines, deliver cost reductions (through reduced manual processing), and build better financial data foundations to drive better insights into the business. For some, these ‘strategic’ benefits come with an incremental cost but will provide insurance companies with important capabilities to compete effectively in a post-IFRS 17 world.

Ross E. Chapman Global Marketing Director Aptitude Software

Ross E. Chapman is global marketing director for Aptitude Software

About Aptitude Software Aptitude Software is a leading financial software specialist. Aptitude’s technology equips CFOs, of the world’s largest organisations, with competitive advantages by streamlining and automating financial accounting processes and enabling faster actionable insights. This year Aptitude’s enterprise customers use its proprietary software to help account for $1 trillion in combined revenue and over 500 million end customers. 

Issue 11 | 77


Battling Brexit:

How technology can help businesses plan for the unknown Uncertainty. That’s the word which has been plaguing businesses for days, months and years when it comes to Brexit. Uncertainty over the single market and customs union, uncertainty over whether EU citizen employees will be allowed to stay working in the UK, and uncertainty over the next steps when it comes to future business strategies. Responsibility for future planning and budgeting sits with the CFO, who is currently under even greater levels of pressure to perform and to judge how best to navigate the unclear and everchanging path ahead. And while not all uncertainty can be removed until the deal is finalised, technology can offer some support to CFOs in the interim period. Understanding past performance Businesses are currently finding themselves stuck between a rock and a hard place. With the news headlines about Brexit developments still changing

78 | Issue 11

daily nearly a year after Article 50 was triggered, CFOs in particular are often unsure of how to successfully plan for the future. One sure-fire element to strategic planning which finance functions will be relying on during the Brexit transition period, is historical context for the business. This means looking at what happened, where, when and why. The ‘what’ is quite straightforward – businesses will have sophisticated record systems where data is easily available for analysis. The ‘where’ seems obvious too, but all organisations will have multiple dimensions to consider – their locations, customers, products and the actual business functions themselves. There may be trends within each of these areas which impact a business’ performance more than others, so each must be considered separately. An obvious example would be where 20%

of products are driving 80% of a region’s growth. In this case, to plan only at a regional level will miss the opportunity to focus on the products which can better accelerate future revenue. It is the multidimensional approach to analysis which will provide for better planning. The ‘when’ is all about understanding cycles and seasonality – not just looking at in-year spikes in demand, but also the underlying growth of a business. It is the ‘why’ which is perhaps the most crucial element here. Too often, analysis is focused on the outcomes, rather than what drives them. If the finance team can map out the drivers of financial outcomes, such as the number of new inbound leads, market share and so on, their ability to plan with precision will be vastly improved. Technology will play a big part in this data analysis, but it is how this data is used which will enable them to plan through uncertainty.


Finance’s answer to a crystal ball While different businesses and industries will be affected by Brexit in completely different ways, the end goal is the same for the CFO: how to plan for the future. There’s two things which technology can do to help here – giving CFOs the ability to model different scenarios, and also helping them to predict the future. Scenario modelling is a game-changer for future financial planning. With robust technology in place, CFOs will be able to answer the ‘what if’ questions which they have historically been unable to answer. What if we lose 20% of our skilled labour? What if domestic demand drops as the UK economy continues to slow down? What if our exports to the EU decrease dramatically, and the government doesn’t manage to get those game changing deals in with India and Canada as quickly as expected? There is a long list of scenarios that the CFO will want to consider when putting the plan together. Modelling hypothetical situations such as these will allow the finance function to understand the likely impact of them, and then make better strategic plans and decisions.

Technology can help predict the future of a business, too. Many CFOs view predictive technology as a leap into the unknown – most probably because they have to relinquish some control to a machine. But the benefits of this approach are clear – businesses can access trends in their historical and future performance across that multi-dimensional business model, quickly and clearly, to understand where changes need to be made. This, combined with modelling the potential impact of particular scenarios, will help to alleviate some of the Brexit burden. These predictions can be taken one step further, too. By integrating the wealth of market data now available with internal data, CFOs can get an even clearer picture as to the impact of certain scenarios as different suggestions spring up during the Brexit process.

Simon Bittlestone CEO Metapraxis

Ultimately, CFOs are responsible for ensuring positive future performance – even during testing times. Technology is the key to fast, effective financial planning and will assist CFOs in understanding the impact of things like the Brexit process on their businesses, and in turn be more confident in their strategic decisions for the future of the organisation.

Issue 11 | 79



Fintech has been particularly hit by the digital skills gap. The fast-paced and quickly evolving nature of the industry means that within just a few years, new specialisms have grown, but without the right people to work those specialist roles. Growing Fintech business, Liberis, are all too familiar with the struggle to recruit. They provide loans for SMEs and ‘high-risk’ companies, which are then paid back through card terminals, enabling them to pay back while they earn. Despite their product being unique, the market is flooded by alternative lenders and high-quality products. In order to remain industry leading, they realised that they needed to invest in digital skills. They chose to do this through apprenticeships as they believed it was the best way to build the workforce that was going to future-proof them against their competitors.

80 | Issue 11


How should Fintech businesses begin their apprenticeship journey?

Fintech and apprenticeships The rest of the finance industry hasn’t necessarily followed suit. Primarily the big banks have been spearheading apprenticeships whilst other financial services are yet to adopt apprentices within their recruitment strategy. Joanne Tripp, Head of HR at Liberis believes that this is due to Fintech’s constantly changing outlook, with line managers believing that they don’t have enough time to train an apprentice. However, she said that “as someone with 20 years’ experience in HR, that’s simply not true”. While it requires some investment as a manager, it pays off once you’ve developed an individual that has been moulded to meet the needs within your team and is an ambassador for your company. Businesses can often get wrapped up in the idea that they should only hire apprentices who can do industryspecific roles, rather than looking in other departments, like HR or IT. Liberis bucked that trend, deciding to take on apprentices within their IT and marketing departments as that’s where they found they needed to invest in skills. Joanne believes that apprenticeships are a great way to source this raw talent, particularly talent with native digital skills, which are essential to closing the emerging skills gap.

Joanne’s top tip for bringing in an apprentice is to make sure that you set up an internal apprenticeship scheme that helps welcome people into the business. It’s important to consider that, especially with young people, they may not have any experience of the working world. They may need help with tasks that you take for granted like diary management, timekeeping or how to communicate professionally. By ensuring there’s a structure in place for them, it brings out the best in the individual and allows them to flourish in an environment they’re comfortable in. Joanne believes that while apprenticeships haven’t had the opportunity to change the landscape of finance yet, the Apprenticeship Levy will be the catalyst to shift how the industry views apprenticeships and talent acquisition. What’s the Apprenticeship Levy? The Apprenticeship Levy is a scheme implemented in April 2017 by the Government to encourage businesses to invest more in developing the skills needed for the future of the UK economy. Companies with a payroll of over £3 million pay 0.5% of their annual payroll, which is then returned as electronic vouchers that they can only spend on apprenticeship training with an approved training provider. Due to apprentices now being funded by levy-paying employers rather than the Government, the strict funding rules implemented by Government have been disbanded, opening up apprenticeships to anyone of any age as long as they don’t hold a higher qualification in the same industry as the apprenticeship they want to study. Joanne thinks that the levy has the potential to make a big impact on the finance industry, but it won’t be given the chance until businesses get to grips with it. A challenge that she’s found with the levy is the lack of advice and education around

it, meaning that Joanne, and others like her, didn’t initially know she could put existing staff on programmes. Apprenticeships offer a solution By hiring apprentices, an organisation can combat the growing skills gap facing their industry. It is particularly important for the finance industry to combat their digital skills shortage as the function becomes ever more digitally focused. As new technology is introduced and ways of working change, apprenticeships offer a flexible and agile solution. Not confined by out-dated curriculum, Standards are made by employers for employers through trailblazer groups. This means that all programme content is relevant and up-todate. Employers are not restricted to hiring 16-19-year-old and can train their staff in new and developing skills to stay ahead of the curve. The apprenticeship levy has awoken many employers to the possibilities that apprenticeships hold but, as Joanne said, it will simply take time. Companies are being more strategic in their hiring of apprentices and are beginning to include it in their wider recruitment approach. While Fintech still has a long way to go to reap the full benefits that apprenticeships can bring to the industry, the levy will be the catalyst to make the change that is needed.

Ben Rowland Co-Founder Arch Apprentices

Issue 11 | 81



What you need to Know

From 25 May 2018 The General Data Protection Regulation (GDPR) will replace the Data Protection Act 1998 (DPA). The new regulation will bring with it important changes that will impact the ways that businesses collect and store personal data about people. It allows individuals to have complete control over the information that is stored about them and allows them to understand their rights in relation to what is stored about them. The new regulation is to be introduced as a response to increased internet usage and the sales of personal information.

82 | Issue 11

This new law will bring the UK in line with the rest of the EU and there is nothing that will slow its implementation, so it is best to start preparing now! This article will highlight some of the key elements of GDPR and the main policies to help businesses become more aware and to avoid scrutiny and potential fines. What are the Key GDPR Policies? In essence, the general framework of GDPR is similar to that of the DPA, and the level of compliance is dependant on the data collected, and how much is collected. In short, your compliance with GDPR correlated with the amount of data collected and stored.


However, no matter the size of the business, you must still afford privacy protection, notification and consent and protect the information by secure storage. GDPR brings a greater focus on protecting an individual’s rights about their data, therefore when a company collects and processes data, they must justify why it is legal.

Consumers now have Absolute Control Over their Data

What is ‘Data’? Personal data relating to an individual can refer to a name or address, however can also include fingerprints, DNA, recorded calls, date of birth and now has become more stringent. Now, data can relate to anything that can be traced back to a single person. All of this information will be covered and protected by the GDPR. How does this affect recording phone calls? So, what does this mean should you want to continue recording phone calls? Under the DPA, when a recording takes place the individual must be informed of the purpose and how the information will be processed. If the participant continued the call consent was assumed, and this was acceptable and common practice. The GDPR implements tighter regulations, meaning implied/ assumed consent is no longer enough. There must be express consent given, either by recording verbal consent or having AI terminate the call if consent is not given.

If you are recording phone calls you must ensure you are complying to the following conditions to be doing so legally: • •

• •

When using call recording to monitor customer service businesses are still left to fulfil the first condition to be fully compliant. The fifth condition may also apply as it could be argued that staff quality assurance outweighs the interest of privacy.

Receive consent from the individual(s) in the phone call to record. Justify the necessity of the recording, i.e. to fulfil a contract, or for legal requirements. The recording is in the public interest, or necessary for the exercise the official authority. It is necessary to protect the interests of one or more participants. It is in the interest of the recorder, only overridden if they conflict with the interest of the participant of the call.

Individuals will now have absolute access to any information stored about them, and this will need to be identified, retrieved and provided to them on demand, data should last be removed when asked with immediate effect. Businesses must now implement an efficient method of doing this upon request. Any Policies that are put into effect must be cleared with your IT and call recording providers to ensure you can fulfil the claims you are making. Principle of Accountability Businesses must now actively display their compliance to the new rules under the ‘Principle of Accountability.’ The GDPR regulations states the implementation of new data protection systems are of great importance and should occur with immediate effect. In addition, while creating an extensive policy may appear impressive, it would not be useful if the business is unable to fulfil the obligations. Having an honest and realistic policy is the most effective and would be easier to demonstrate fulfilment. In order to effectively implement any policy there are several steps that must be completed, including; drafting policies and protocols, and training staff to make them fully aware of the new provisions followed by careful management and implementation.

Penalties There are now new penalties designed to deter and punish organisations committing breaches against the GDPR regulations. Under the DPA, organisations could be fined up to £500,000, under the new GDPR fines can range from 2-4% of global turnover, depending on the severity of each case. These fines are designed to have a large impact on non-compliant companies – so it is important to act sooner rather than later. What should your lawyer be doing? Lawyers should not offer a template document, rather actual guidance so that necessary changes can be implemented. Talking to your providers will also help you see whether you are compliant by the time GDPR comes into effect. We believe that the best place to look when deciding what improvements and changes need to be made you need to have a full understanding of your business, its operations and the date you really need to be collecting. All polices created should be created bespoke on a client by client basis, on what can be achieved, based upon; size, budget, suppliers and compliance.

Karen Holden Founder A City Law Firm

Issue 11 | 83


Lebanon and Gulf Bank teamed up with International DFIs to boost SMEs

In the spirit of furthering its successful support of SMEs in Lebanon, LGB BANK’s CEO Mr. Samer Itani has signed, on January 25, a syndicated facility for this purpose with renowned DFIs in Vienna, Austria. Here’s his take on the Bank’s strong move. How will this syndicated facility help LGB BANK and what will it allow you to do that you couldn’t otherwise?

country. As we speak, LGB BANK represents 2% of the total banking sector but contributes 4.5% of total funding provided to SMEs in the country. This facility will furthermore increase our contribution to the Lebanese economy and will provide the Bank with a competitive edge in the Lebanese banking sector.

This syndicated facility will assist LGB BANK on many aspects. •

First and foremost, this facility has allowed LGB BANK to build a strong relationship with renowned DFIs, namely FMO, OFID and OEeB. Such a strong relationship will furthermore strengthen our existing and future relationships with correspondent banks and international stakeholders. Evidently, this facility will also allow us to furthermore position the Bank as a leading SME lender in the

84 | Issue 11

Finally, the Environmental and Social milestones required to be achieved by LGB BANK will also allow the Bank to become a role-model among its competitive peers in adopting international Environmental and Social standards. The lenders’ step by step assistance in this aspect will assist our Bank to translate our strong social and environmental beliefs into our lending activities.

What has been your experience of working with DFIs on this transaction and how important are DFIs in supporting banks such as yours? The professionalism and integrity demonstrated by the DFIs in all stages of the due diligence and signing process truly make working with DFIs a pleasurable experience. The structured manner by which this facility was constructed illustrates the best practices in facilities arrangement and demonstrates a sound level of prudency and thoroughness. As a matter of fact, LGB BANK was treated as a “partner” rather than a “borrower” since the very early stages of this transaction.


The importance of DFIs in supporting Lebanese banks is evident on two dimensions. •

The first dimension represents the level of professionalism and sophistication required by Lebanese banks in order to become suitable for DFI funding. Completing a transaction with international DFIs illustrates the Bank’s sound governance, policies and operational robustness, all of which are required to be on parity with international best practices. For LGB BANK, we are very proud of our ability to attract DFIs and are aware that continuously enhancing our operational robustness will furthermore nurture and strengthen our relationship with DFIs and put us on the international map. The second dimension represents the financing provided for supporting SMEs in the country. International flow of funds to a country such as Lebanon will provide Lebanese banks with the required incentive to support SME financing and boost the Lebanese economy as whole. Boosting the SME sector will not only provide one-off benefits to the underlying banks, but will also have a multiplier effect on the overall banking sector dynamics through building a largely diversified lending portfolio.

As a final note, it is crucial to point out that funding from DFIs would also promote employment in a country were the unemployment rate is already quite high. What are LGB BANK’s short-, mid- and longer-term goals? •

On the short-term, LGB BANK will strive to continue providing customers with a tailored banking experience on all major fronts. In addition, the Bank continuously aims to maintain a prudent level of liquidity at all times while remaining in compliance with all pending regulation and best practice standards. On the short-term, LGB BANK will also ensure that all required systems, processes, and human resources are available in order to drive business objectives and achieve annual targets.

Over the medium-term, LGB BANK aims to furthermore enhance its strategic position within the Lebanese banking sector. This goal entails expanding organically through expanding our local branch network. In addition, the Bank’s medium term goal also entails expanding its existing product portfolio in order to provide customers with a wider range of innovative banking products.

Issue 11 | 85


In terms of capital, the Bank will further strengthen its capital base both in terms of quantity and quality during the medium term and will also maintain the policy of full-earning retention in order to drive growth objectives and achieve set targets. None the less, we believe that Digital transformation will be a key factor in the success of any business in the future; consequently LGB BANK will be determined to exert all necessary efforts in transforming LGB BANK into a digital Bank. •

On the long-term, the Bank’s main goal is to build a legacy based on our personalized banking experience and to be viewed as “success-story” in the challenging Lebanese banking environment based on adopting key attributes of transparency, integrity and professionalism in all our banking operations. In a similar sense, our long-term view also entails overseas expansion both regionally and internationally which will both allow us to diversify our business and open up to new markets.

As a final note, we at LGB BANK are aware that maintaining a strong and solid banking infrastructure and human resources profile is a prerequisite for achieving our long-term goal. The professional demeanor we currently demonstrate is our key competitive edge which we will capitalize on and furthermore nurture for the years to come. What are the main challenges and opportunities facing the banking sector in Lebanon? Despite its high level of indebtedness and the political turmoil, Lebanon’s economy has proven resilience to major internal and external shocks. The risk of the banking sector’s high exposure to the Lebanese sovereign was curbed by the resilient policies and regulation put forth by the Central Bank of Lebanon. After a major institutional overhaul taken place during the year 2016 and 2017, which started by appointing a new president and government cabinet, positive reform plans are in place. In addition, reform and incentives put forth by the Central Bank of Lebanon also provide Lebanese banks with an opportunity to diversify and capitalize on the benefits of such reforms. Most notably, the Central Bank of Lebanon provides incentive to fund SMEs operating in the “Knowledge” economy through providing subsidized loans. Finally, the financing requirements for the reconstruction of Syria in the near to medium term, as well as the possible oil exploration in Lebanon, represent additional opportunities the Lebanese economy and banking sector can capitalize on in the near future.

86 | Issue 11

Finally, we have a strong belief that Lebanon will once again be categorized as the cornerstone of the Middle East in different fields, ranging from hospitalization, media, education, to banking. Confidence of foreign investors in our country will play a major role in the realization of this objective, but Lebanese authorities are required to look eyeto-eye with major economic players in order to accomplish this realization, and build a stronger and better Lebanon for generations to come. What are the main development-related challenges and opportunities facing Lebanon and how does LGB BANK help to overcome / capitalize on them? The current structure of the Lebanese economy illustrates concentrated exposures on the Lebanese sovereign and a few large corporations operating in the country. This being said, access to finance for Small and Medium enterprises is somewhat limited. This developmentrelated challenge is the main obstacle faced by SMEs in the country alongside the below-par financial reporting standards adopted by such SMEs. We, at LGB BANK, view this challenge as an opportunity for building a strong niche as a leading SME lender in the country. The aforementioned facility is also a key driver for benefiting from this opportunity. Operationally speaking, LGB BANK capitalizes on this opportunity through opening up to markets and SMEs with limited access to financing and assists such enterprises in developing their financial reporting standards and incentives them in being more transparent with their business operations. In addition, the Bank also ensures that such SMEs also prioritize the Environmental and Social aspects of their business. Providing technical assistance to such SMEs and providing them with the necessary funding structure has undoubtedly enhanced the Bank’s position as one of the main SME lenders in the country.


Issue 11 | 87

A bank for a

Brilliant new world




WHAT’S NEXT? What will you need tomorrow? We are already on it. A bank that keeps pace with you? We will do it. Never been done before? We will try it. Because we’ll never stop asking, “What’s next?”




UK Wealth Managers will have to Adapt as People Live Longer According to Joseph Coughlin, Director of the AgeLab at the Massachusetts Institute of Technology, “Global ageing is the most dramatic demographic change facing the world today.” In fact, nearly 4 million people in the world will be 100 or more by 2050. And Britain is facing “…a life expectancy timebomb: By 2030, the average man will live to 85 and women will reach 87.” Some reports suggest that, for the first time, a group of men – those who are wealthy and educated – will outlive women in the UK. All this means that wealth management has to change to meet the needs of this ageing cohort. Although there have been significant improvements in medical care, which results in the longer lifespans, living longer does not necessarily mean that people will live in better health. The conditions associated with old age long-term conditions such as diabetes and dementia - are still present, and require medical interventions: regular health check-ups, medical tests, medicine, assisted living, and so on. All of this comes with a financial cost and with greater administrative requirements, and this may create an added role for family offices having to manage the processing of medical care for their clients. In addition, there is a risk that the wealthy will face paying higher taxes to fund longer and better health and social care, and this is where the wealth manager can add value by advising on structuring to limit tax liabilities.

90 | Issue 11


Living longer is likely to result in an increase in the number of people suffering from dementia and Alzheimer’s Disease. Here the family office can play an important role in assisting the older person and the family prior to the onset of a condition of this sort by advising on the benefit of housing wealth in a trust – should one of these conditions arise, the financial affairs of the person can continue as before without the family having to apply for a legal process to place the ill person under curatorship. Control of family businesses is another significant element. The wealth manager will have to become more directly involved in the passing of control over to the 2nd or 3rd generation. While the founder of the business could have a major role to play beyond the traditional retirement age of 60 or 65, holding onto the Number 1 position beyond the age of 75 or 80 can be problematic, both for the family and for the business. It will be the responsibility of the wealth manager to nudge the transfer of control over to other generations. Where today we deal with a family of perhaps two generations – the original client and their children – it is likely that we will in the future have up to four generations making up the client for whom we manage wealth. The wealth manager may have to develop more advanced personal skills to handle conflict within families relating to the family finances, or to dealing with a principal client who has begun to show signs of mental impairment as a result of old age. A strong relationship with all the members of the family can help with this situation. It may involve taking difficult decisions regarding care homes, and the wealth manager can assist the family with this, acting in a professional capacity without any family emotional ties.

As for the transfer of wealth, gifting strategies are likely to play a larger part in a wealth portfolio as the wealth manager advises the clients to transfer assets to other generations in order to benefit from lower income tax rates and to defer estate duties. With education having become increasingly expensive, the 3rd and 4th generations can benefit from earlier transfers of wealth used to fund private schooling and university education. Wealth advisors will more and more have a role to play in advising grandparents in this regard. Methods such as Advance Fee Schemes, setting up family businesses that pay dividends to grandchildren, and investments into international investment bonds are particular ways in which wealth managers will be able to assist families. Internationally, the concept of ‘ageing in place’ is gaining traction, and this impacts on the wealth manager, too. This involves an older person choosing to remain in a family home, with carers and other service-providers coming into the home. Again, the administrative function needed for this may rest with the family office. Investment strategies will also have to be relooked. So, where, for instance, today one would consider more conservative investments for someone in their 60s, it may in future be better to retain investments with a high risk-profile and the chance of greater growth, since the longer lifespans mean that there will be a greater chance to recover any value lost on something that does not perform as well as was expected. This applies particularly where the first-generation wealth-creator remains involved in the family business.

John Doidge Chairman Geneva Management Group

Geneva Management Group (GMG) is a multi-faceted global financial services provider dedicated to helping its clients manage and service their businesses and wealth. Whether providing financial services for corporations, local financial institutions and intermediaries, investment funds, trusts and foundations, entrepreneurs, investors, business leaders or wealthy families, GMG provides expert guidance on structuring and managing business and wealth in 8 countries and more than 50 markets. Additional information is available on

Wealth managers always have to be conscious of new developments that impact their role, and longer lifespans are certainly a factor to be considered.

Issue 11 | 91


UNEXPLAINED WEALTH ORDERS, WHAT YOU CAN DO IF ONE LANDS ON YOU With the first Unexplained Wealth Orders (UWO’s) having been issued by the National Crime Agency, Aziz Rahman explains what to do if you are the subject of a UWO. The National Crime Agency announced on 28th February that it had secured UWO’s on two properties valued at £22M, whose ultimate owner was a "politically exposed person". The FT reported that the PEP was a politician from central Asia. The properties are also subject to interim freezing orders, to prevent them being sold or transferred. Their owner is believed to be from a country belonging to the Commonwealth of Independent States (CIS); which consists of ten former Soviet republics as well as Georgia and Azerbaijan. In announcing the UK’s first two UWO’s, the NCA’s Director for Economic Crime, Donald Toon, said: “Unexplained wealth orders have the potential to significantly reduce the appeal of the UK as a destination for illicit income. They enable the UK to more effectively target the problem of money laundering through prime real estate in London and elsewhere.’’ The fact that the NCA has only taken a month to issue its first UWO’s indicates that it has been doing its research well in advance of being able to use the new tool at its disposal. This is to be compared with the SFO whose Director, David Green, recently warned not to expect a flood of UWO’s and emphasised that the SFO would take its time to pick the right case, as corruption cases have high costs and make slow progress.

92 | Issue 11

The NCA’s recent result shows they do not share the SFO’s apparent lack of enthusiasm. Land Registry records suggest that 40,000 properties in the capital are now owned by secretive offshore companies. Transparency International says it has identified UK property worth a total of £4.4 billion that should be subject to UWOs. But what exactly are UWO’s? And what purpose do they serve? UWO’s were introduced by the Criminal Finances Act 2017. Section 1 had the effect of heavily amending the Proceeds of Crime Act 2002 (POCA) to introduce these new orders. The relevant provisions came into force only on 31st January this year. A UWO can be obtained by the NCA, the Serious Fraud Office, the Crown Prosecution Service, HM Revenue and Customs or the Financial Conduct Authority. Applications are made without notice to the High Court. The Order requires the target to provide information about how a particular asset, say a big house in Mayfair, was acquired. Such orders will usually be accompanied with a Freezing Order so that the property concerned cannot be sold or transferred. If the person on the wrong end of the UWO does not provide an explanation, or provides unsatisfactory evidence, that will then raise a presumption that the asset constitutes “recoverable property” for the purposes of a civil recovery order under POCA.


Issue 11 | 93

EMEA FINANCE UWO’s may be deployed against individuals, companies or trustees-see s362H. The applicant has to show; (i) a reasonable belief that the target holds the property; (ii) that the person is a non-EEA “Politically Exposed Person” (PEP) or that there are reasonable grounds to suspect that the target, or a person “connected with” the target is, or has been, involved in serious crime in this country or elsewhere. A PEP, is defined at s362B(7) as: •

an individual who is, or has been, entrusted with prominent public functions by an international organisation or by a State other than the United Kingdom or another EEA State, a family member of a person within paragraph (a), known to be a close associate of a person within that paragraph, or otherwise connected with a person within that paragraph

The other category of target is a person suspected of serious crime (anywhere in the world) or connected to such a person. This casts the net very wide. The test for involvement in ‘serious crime’ is whether the suspected criminality is listed in Schedule 1 of the Serious Crime Act 2007. The offences listed there are various and include drug trafficking, people trafficking, firearms offences, bribery, money laundering and other offences. Civil Recovery If an individual fails to comply with a UWO without reasonable excuse, the identified property can be considered for civil recovery under POCA. No criminal proceedings can rely on the information obtained from UWO’s – that is because the information would have been obtained by compulsion and infringes the right to silence applicable in criminal proceedings and protected by Article 6 of the European Convention on Human Rights. That is why the civil route is used. We predict, now that UWO’s are starting to be granted, a significant increase in civil recovery proceedings.

94 | Issue 11

EMEA FINANCE Civil recovery is highly specialised High Court litigation. It is basically a criminal trial in a civil court so that the civil standard of proof applies – no one goes to prison but property can be ‘recovered’ by way of a Civil Recovery Order if a civil recovery trial is lost by the respondent.

enforcement agencies slip up on. In our experience, the police do find it difficult to ‘put on their defence hat’ as the case law obliges them to for ex parte hearings. That is when search warrants, productions orders etc get discharged. It is likely that the same challenges can be made in respect of UWO’s.


UWO’s are controversial as they mean the authorities do not have to prove the person’s assets are the proceeds of crime. A UWO assumes criminal activity and makes it the responsibility of the subject to prove that is not the case. And, as UWO’s are a civil law device rather than a criminal law one, when it comes to applying to the court for one, the authorities only have to show that a crime was committed on the balance of probabilities – the civil law standard of proof -rather than beyond reasonable doubt, which is the criminal standard.

But the various agencies do not always get it right. There is a risk at the UWO stage. That is because the agency will be making applications on a without notice basis – the target is not there and has no opportunity to make representations against the making of the Order. Such investigative orders are not unique but, unusually, the UWO provisions do not include a direct right for a respondent to vary or discharge the Order – if it is made in England or Wales. This is odd as most provisions that provide for state agencies to be able to secure orders against individuals, without them being notified, allow for the target to be able to challenge the Order after it is made. The lack of any direct provision for such a challenge arguably leaves the whole scheme open to attack. It is our view that there is scope in the common law to argue for UWO’s to be challenged in the same way that search warrants, production orders and the like can be challenged. There are, however, specific provisions dealing with the challenge to a freezing order – and such an order will inevitably be made along with a UWO.

Rahman Ravelli is the most experienced firm of solicitors in the country when it comes to dealing with POCA civil recovery cases. We were the first firm to challenge a civil recovery order all the way to the Supreme Court. In our view, despite what David Green says, we will be seeing a lot of UWO’s in the future. For those on the wrong end of an UWO, it is vital that he or she acts quickly. They must also be able to consider what is required some months down the line as well as being capable, if possible, to mount a challenge to the immediate UWO and the freezing order that comes with it. Civil recovery proceedings will be just round the corner, otherwise.

So what challenges might there be? A respondent served with an UWO has options. First, a detailed consideration of whether all the statutory tests have been properly met on the evidence before the court. Has the NCA, SFO or other agency involved been completely candid with the judge? The agency is under a duty of full and frank disclosure at without notice hearings: they would have to put forward any defence point the agency is aware of, that might be put forward by the defence if it had been present. This is critical and is often a point that law

Azizur Rahman Senior Partner Rahman Ravelli

Issue 11 | 95


Why banks must transform origination processes to stay competitive in commercial lending

96 | Issue 11

As the UK’s booming alternative finance market becomes an ever more established1 part of the country’s financial landscape, traditional banks must find ways to transform and speed up originations and underwriting processes if they are to compete for commercial lending opportunities from small-and-medium sized enterprises (SMEs). According to recent data released by the Bank of England2, loans to SMEs fell in December 2017 at the steepest rate for three years. In fact, SME lending declined by £0.4bn, the largest decline since the same month in 2014. However, despite this overall decline, it is interesting to see that lending levels outside of the UK’s main banks remained consistent. The chairman of the National Association of Commercial Finance Brokers, suggests is this a sign that businesses are continuing to seek finance outside of traditional means for growth and it leads us to consider why this may be the case.


Time is of the essence In traditional banks, the origination processes, including underwriting and contracting, often take a long time. Due to legacy systems and complex regulations, assessing and analysing the huge amounts of unstructured information required for loan applications is a big task – and it is usually manually, requiring many hours from bank employees. Advances in digital technologies like artificial intelligence (AI), robotic process automation (RPA), and dynamic workflow can help banks transform these operations. Banks can streamline and speed processes to free up employees to provide more value-added service and improve the overall customer experience. The business impact is clear: In a competitive market, delay and cumbersome manual processes can lead to great losses as clients simply give up and shop elsewhere.

Fintech companies that use multiple sources of data to create agile and efficient underwriting models are proving to be a very real competitive threat. For example, financial technology and data company Kabbage can deliver loans to SMEs in just seven minutes. With their data-first approach, fintechs are increasingly establishing a growing position in commercial sector lending and financing – already responsible for close to 10 percent of the industry’s revenues. This strong foothold in the market will only continue to strengthen as a result of the new open banking regulation3, which came into effect in Europe at the start of year. Under the new ruling, banks must share data with third parties, as authorised by an account holder. Fintechs will, therefore, be able to combine their own data about customers with banking data and offer SMEs owners more tailored options.

What banks need to do As commercial lending becomes increasingly competitive, traditional banks must transform, or risk falling behind as they lose valuable clients to more innovative and agile companies. These disruptive fintechs are not strangers to using emerging technologies, such as AI and machine learning-based algorithms, to determine an applicant’s eligibility. This makes the processes required for loan applications much more efficient, with zero human intervention required. To compete, banks must redesign their processes and incorporate new technologies into end-to-end solutions. They need to streamline the entire lending process – from origination to maturity – and leverage new technologies to automate operations. From our experience working with global companies, AI and machine learning tools can complete 10 hours of ‘human’ work in just one hour.

Issue 11 | 97


Harish Naidu Director, Banking Consulting Practice Genpact

Bank professionals also need to leverage the huge amounts of data they have at their fingertips to tailor customer experiences. Especially with open banking initiatives, it will be easier to access additional customer information to assist in underwriting. Banks could create models to offer differential interest rates depending on the sources of data available to underwrite. A successful example is the M-Shwari, a product from the Commercial Bank of Africa that taps into the telecommunication data of the poor and unbanked to make underwriting decisions. In the quest to improve customer service, we also see an increasing number of traditional banks partnering with fintechs to deliver a more efficient experience via innovative platforms and breakthrough technologies that do not interfere with banks’ existing systems. This is something Santander did, teaming up Kabbage4 to accelerate growth in its SME business .

Be disruptive, not disrupted

Gagan Sethi

Banks that successfully transform and automate their origination and underwriting processes will see the investment start to pay off as profits begin to rise. Automation not only ensures that banks can process applications much more efficiently, it also allows relationship managers to spend time on tasks that add more value. These include cultivating relationships and finding new business opportunities, instead of manual data entry for loan applications from SMEs. The opportunity is there for the taking. Now is the time for banks to consider how they can redesign their processes, or else risk losing high value customers to competitors with much faster systems in place.

Senior Partner Genpact

Gagan Sethi is senior partner and Harish Naidu is a director in the banking consulting practice at Genpact, a global professional services firm focused on digital transformation.


Prosser, David. “Alternative Finance Boom Continues With 43% Growth.” Forbes, Forbes Magazine, 15 Dec. 2017, www.forbes. com/sites/davidprosser/2017/12/15/alternative-financeboom-continues-with-43-growth/#14f40a1dcf20.

2 money-and-credit/2017/december-2017.

3 “PSD2: Should Banks Be Scared of FinTechs?” Finance Monthly | Monthly Finance News Magazine, com/2018/02/psd2-should-banks-be-scared-of-fintechs/. “Kabbage and Santander UK Partner to Accelerate

4 SMB Growth.” Kabbage Small Business Blog, 29 June 2016,

Issue 11 | 99


Insuring against a future financial crisis – staying

compliant and off the front pages As Brexit plunges the UK into an era of uncertainty – that in recent history can only be likened to 2008’s cataclysmic economic crash – the robustness and accountability of our professional and financial industries are once again confronted with the prospect of change. With hefty fines for non-compliance and the memories of reputational damage from the last recession still fresh, data protection, privacy and compliance are more important than ever, as companies seek precautions against another crisis. The question is, have our retail bankers, insurers and equity traders invested in future-proof strategies to keep them compliant and their reputations off the front pages, if another recession were to hit? After all, as financial services undergo digital transformations, now is the time to build an underpinning data fabric, that reduces risk by providing enterprise data security, protection, mobility and visibility, irrespective of where financial services data flows in this modern Hybrid Cloud world.

100 | Issue 11

The 2008 financial meltdown was the worst to hit in almost 80 years, breaking records1 with 312,000 company closures in the first year and then 492,000 in 2009. Newspapers were littered with accusatory headlines, hammering the financial services. Everybody suffered. Inquests into the chain of events leading to the crisis were established. And so, the banking industry was tasked with taking a long hard look at itself: closely examining the cause and effect to ensure institutions safeguarded investors, debtors and their future reputations. Regulation was badly needed in order to guarantee banks had enough capital to pay out to debtors in the face of another financial down-turn. The result was a threepronged set of regulations, from EUbased legal and industry institutions – shifting the focus to the creation of regulated reporting against specific metrics, on a massive scale.


As the term ‘double-dip recession’ planted itself in the nation’s consciousness, so the triple whammy of new and amended regulations sought to curtail any rogue elements within the financial sector. Basel III is one such measure developed by The Basel Committee on Banking Supervision, to strengthen regulation, supervision and risk management of the banking sector. Its reforms target the resilience of individual banking institutions to periods of stress; as well as system-wide risks and pro-cyclical amplification of these risks over time. Another measure is the Solvency II Directive 2009/138/EC, an EU Directive codifying and harmonising the EU insurance regulation. Primarily, this concerns the amount of capital that EU insurance companies must hold to reduce the risk of insolvency. The third measure involves the amendment of European Union law, known as The Markets in Financial Instruments Directive 2004/39/EC (MiFiD). This provides harmonised regulation for investment services across the 31 member states of the European Economic Area. Building upon its initial purpose, in part to regulate reporting and avoid market abuse, its 2011 evolution seeks to improve the functioning of financial markets making them more efficient, resilient and transparent. Today, the financial sector is taking compliance with these established regulations seriously – some banks have as many as 20,000 employees tasked with compliance. But with three sets of regulations to potentially comply with, they could drive huge efficiencies by developing a single reporting platform, through which visibility of individual customer records and performance metrics can be applied to each regulation. This would ensure a consistent process for all compliance reporting, while ensuring the appropriate tools and data are in place.

By fully utilising a data fabric and embracing digital transformation, financial businesses could seamlessly transfer customer data between each of the regulatory buckets, freeing up capacity and saving time on a repetitive data entry process. More importantly, that mission critical data, including debt, mortgage and credit ratings, needs to be securely protected, making infrastructural investment essential. While digital transformation and the application of a data fabric to banking compliance seems like a no-brainer, the distance between procurement and IT infrastructure means the solution is not being fully grasped. On the one hand the banking system is bending over backwards to meet the stringent reforms, investing in a large workforce to ensure compliance is met. The threat of another fall out economic or reputational is unfathomable. Yet, procurement seems blissfully unaware of the IT solutions that lay quietly under its nose, contained within the fluid possibilities of a data fabric. Ultimately, digital transformation lies at the heart of future banking compliance. With data and infrastructure increasingly shifting from a mere business formality, to a strategic asset – essential for any future-facing business with an eye for efficiency – investment is wise. Looking ahead to the murky uncertainty of a postBrexit Britain, linking procurement and IT more closely together to really shore up compliance could protect banks from a total wipe-out.

Grant Caley NetApp Chief Technologist UK & Ireland

1 Duedil, Andrew Connolly and. “Duedil Map the UK

Recession by Region and Sector.” The Guardian, Guardian News and Media, 20 Aug. 2012, news/datablog/2012/aug/20/duedil-analysis-impactsrecession-uk-business.

Issue 11 | 101


SPAC TO THE FUTURE The Recent Resurgence of UK SPACS and Latest Trends Introduction Whilst the market for SPACs has been strong in the US for a number of years, 2017 was a particularly strong year with just under $10bn being raised in aggregate through 34 separate vehicles. This has acted as a driving force for SPAC IPOs elsewhere, more so in the UK where in excess of $2.3bn (£1.7bn) was raised in 2017 alone.

What is a SPAC ? A special purpose acquisition company (“SPAC”) is a newly incorporated company with no existing operations

102 | Issue 11

or underlying business that is founded by one (or a group of) sponsors, being well known entrepreneurs, private equity or industry experts with the objective of making one or more platform acquisitions. Its funds are raised through an IPO of its shares on a stock exchange (or units in the US) and such funds are deployed to make its acquisition. It is also known as a “cash shell”, an “investment company” or a “blank check” company. The SPAC’s investment strategy is published in its listing document – such strategy may be industry specific or it may be more of a general mandate, depending on the track-record of the founders.

Recent Trends in the UK In the UK, there was a surge in SPACs shortly after the financial crisis from 2009 to 2011 where sponsors sought alternative sources of capital that was otherwise unavailable in the private markets and investors sought alternative investment opportunities. However following a series of high profile failures (with the odd notable exception) investment demand for the model dwindled. More recently SPACs are re-emerging in the UK as a viable investment for institutional investors. Such investors


structure, executives from private equity firms are increasingly acting as SPAC sponsors. This is starting to underpin investor confidence in the model. In this way, the success of private equity over the last two decades is beginning to feed a demand for “public equity” as private equity executives look for permanent capital options to complement their more traditional private fund limited partnership structures. In the traditional private equity limited partnership model, returns are typically made to investors within 5 years but through a permanent capital listed structure investors are instead able to realise their investment through selling their shares on the stock exchange. Such a model thereby provides sponsors with more time within which to generate real returns.

are being attracted by the private equity derived skill-set of sponsors and the opportunity to invest in, and derive substantial value from, assets that would otherwise not have been immediately available to them through the public markets. This is evidenced by the IPOs of J2 Acquisition and Landscape Acquisition Holdings in the UK which between them raised in excess of $1.75bn in the last quarter of 2017. In fact 15 SPACs listed in London in 2017, a significant increase on the previous two years. One of the most interesting aspects to the J2 Acquisition IPO is not so much

that it was the second largest SPAC in history (it raised $1.25bn) and that it was the 8th SPAC vehicle for Martin Franklin (Mr. Franklin has raised more than $7bn in previous vehicles including Justice holdings in 2011 went on to merge with Burger King) but that there was a roadshow “hit rate” of 90% and 55% of the order book had never invested in any of Mr. Franklin’s previous SPACs. Such was the underlying demand for shares in the vehicle, the fundraise was upsized from $750m to $1.25m.

Drivers Behind the Trend As an alternative route to raising capital beyond the traditional limited partnership

A SPAC also has the added benefit of being able to issue paper as part of the consideration for its acquisition which (being in the form of listed shares) is more marketable than equity issued to management on a traditional private equity buy out. This can provide sponsors with more firepower to make their acquisition. For investors, low interest rates and high market valuations in the equity capital markets have contributed to financial institutions looking elsewhere to deploy their capital. The perceived ease of exit for investors either through the “money back” feature following a failed or no deal situation (see below) or via freely transferable and liquid shares in the market following an acquisition have also made SPACs an attractive option for institutional investors. Market commentators are saying that this trend is set to continue into 2018.

Issue 11 | 103


Main Features of UK SPACS The founders (or sponsors) will incorporate the company and invest a nominal amount of capital to cover the fees of the IPO process. On IPO, investors will typically receive shares and warrants (representing the right to acquire additional shares at a 15% mark-up to the IPO price) in the vehicle. The founders or sponsors will often have a 10-20% equity holding and may hold a combination of ordinary shares or performance related preference shares which entitle them to a certain proportion (often 20%) of the upside when the share price of the company following its acquisition reaches a certain level (often a 15% hurdle). This so-called “promote” structure for the founders is structured so as to create a positive alignment with institutional investors. This is often what is known as the “public equity” aspect to the vehicle, private equity principles in the form of shares in a listed company to incentivise the founders to generate value for investors. The sponsors (or founders) generally sit on the boards of the listed companies and perform investment management services to the SPAC to identify and execute the acquisition. The cash raised from institutional investors on IPO is often held in a ringfenced bank or trust account (which may be administered by a third party trustee) and may not be released until completion of the acquisition. Often interest earned in the account is used to fund working capital expenses incurred post IPO but prior to acquisition.

104 | Issue 11

In the event that an acquisition is not made within the specified timeframe, normally 24 months, funds are returned to shareholders (the “money back” feature) and the company is wound up. Sponsors often bear the cost of the expenses of the company from incorporation to winding up through the principle of “first loss“ capital whereby cash is returned investors in priority to the sponsors. The principles of “first loss” capital and the founder “promote” structure therefore combine to incentive the founders to identify and execute the acquisition of an attractive target within the stated investment strategy and within the designated timeframe.

Process for a UK Listing In the UK the most common listing venue to list a SPAC is by way of a standard listing on the Main Market. AIM has traditionally been more suited for smaller IPOs although more recently a number of smaller vehicles have listed on the Main Market, to take advantage of the perceived advantages of such market (see below). There are certain important consequences of the choice of listing venue in the UK (whether as a standard listed company on the Main Market or an AIM listed company) and the main differences are summarised in the table below:


Standard Listing


Listing document


Admission Document

Shareholder approval on acquisition



Minimum raise on IPO



Investment window to implement acquisition

No formal requirement (2 years is normal)

18 months


No formal requirement


Shares in public hands


No formal requirement


As a consequence of the above, notwithstanding the added administrative and cost burden involved in producing a prospectus (and having it approved by the UKLA), and the requirement for 25% of its shares to be held in public hands (being independent shareholders each holding 5% or less), a standard listing on the Main Market of the London Stock Exchange has become the favoured listing venue for SPACs. This is principally because the SPAC does not require shareholder approval to make its acquisition (provided of course that such acquisition is within its investment strategy). A Main Market listing is also seen by some sponsors as somewhat more prestigious than AIM.

Acquisition Process Following IPO, on the announcement of an acquisition but before its completion the relevant exchange will suspend listing of the company’s shares if it believes, having considered the information in the market on the target at the time, that there is or may be a disorderly market or it is otherwise necessary to protect investors. The acquisition by a SPAC constitutes a “reverse takeover” under relevant exchange rules and as such the relevant exchange will generally cancel the listing of the SPAC’s shares upon the completion of the acquisition (unless the target is already listed and subject to the same disclosure requirements) and the shares of the enlarged group are readmitted to trading upon publication of a prospectus for the enlarged group (in the case of a standard listing) or an admission document for the enlarged group (in the case of an AIM listing).

Key Difference between US and UK SPACs One of the key differences between US and UK SPACs is that in the US, shareholders get a vote on the acquisition and they are able to redeem their shares if they do not want to invest in the underlying target. This creates some uncertainty with respect to closing, which while avoidable through deal structuring, can be a deterrent to potential sellers. This is not a feature of the typical SPAC on the Main Market in the UK and (as indicated above) is one of the reasons why the Main Market is preferred by some sponsors as it gives them the ability to have deal certainty and to execute acquisitions quickly following a successful IPO.

transaction certainty on acquisition. This is often contrasted with a more challenging fundraise on a UK SPAC (which may be improved by structuring) but without a shareholder vote or a redemption option, a greater degree of deal certainty on acquisition.

Conclusion The London market for SPACs appears to be growing as investors and sponsor teams seem to have both gained confidence in the model. The use of SPACs by private equity executives with strong track records is contributing to this growth. The impetus from 2017 is therefore expected to continue and we are seeing a much greater interest than before in the model. This in turn is set to feed M&A activity into 2020.

This needs to be balanced of course with the fundraise process on IPO in the US. With a shareholder vote and a redemption option, the fundraise process for a SPAC in the US is generally viewed as being easier than in the UK as ultimately investors are able to get clarity on the underlying business that they are going to invest in (through the shareholder vote) and more importantly, they have an ability to extricate themselves (by way of redemption) if they do not like the target. Furthermore, in the US some investors may opt to redeem their shares but retain their warrants on the acquisition, thereby enabling them to be reimbursed their initial capital invested on IPO but hedge their bets by taking a stake in a successful acquisition at an attractive price through the exercise of their warrants at a later date. These factors can inevitably lead to more investor demand on a US SPAC IPO but (without deal structuring) less

Paul Amiss Partner Winston & Strawn LLP

Paul Amiss is a Partner at law firm Winston & Strawn LLP and is based in London. He advises on key domestic and cross border corporate transactions for private equity, strategic companies and entrepreneurs. He has extensive experience setting up and working with special purpose acquisition companies on their IPOs and acquisitions. Find out more here

Issue 11 | 105


International Horizons:

Mid-market drive to increase growth Mid-market businesses are bracing themselves for the impact of Brexit and looking beyond Europe to shore up their future successes. The road ahead is becoming increasingly complex, leading to various challenges, specifically for mid-market businesses. Despite this, research from national law firm Mills & Reeve found that a majority of firms remain ambitious about growth, with more than four in five planning to increase turnover this financial year by a confident average of 22%. It must be hoped that business leaders who are able to see the opportunities in all the uncertainty will be rewarded for their efforts.

106| Issue 11

Navigating Roadblocks Two-thirds of business leaders have expressed frustration at the roadblocks that seem to be popping up along their path to growth. Sentiment in some ways seems quite negative, with over half claiming they do not view the economy as “strong and stable.” This is not entirely surprising as larger, more well-established organisations may have the resources to mitigate risk in uncertain times while midmarket businesses have to navigate these winding roads on their own. Ongoing uncertainties around Brexit are undoubtedly creating substantial new pressures that business leaders will need to address.

In particular, the pound’s fall in value has had various implications. While a weak currency may be good for exports, fluctuations in currency make it difficult to manage foreign exchange risk. This is ‘top of mind’ for business leaders, with over half agreeing that currency volatility is damaging their business. This comes in addition to declining cash flows caused by increased issues with late payments which have been experienced by more than half of businesses since the Referendum. Unsurprisingly, nearly two-thirds of mid-market businesses claim that failing to reach a deal with the EU will cause significant damage to their business. Whether a deal is reached or not, there will be an inevitable impact. Regulatory or legislative change always leads to an


An offensive strategy may prove to be the best one, as the majority of businesses that achieved high turnover growth last year focussed on capitalising on opportunity rather than managing downside risk.

administrative burden, costing time and money, neither of which are a luxury that businesses possess. In addition to financial burdens, the lack of talent is a recurring topic of concern. Already nearly half of midmarket businesses are worried that they lack the skilled workforce required for growth, rising to 60% of those who have experienced a decrease in turnover. The threat of Brexit only intensifies this issue, with business owners expressing equal anxieties over their ability to retain low cost and specialist labour. Mapping a Route While the odds may seem to be stacked against them, mid-market businesses remain confident in their ability to succeed. Of those that plan to grow this year nearly two-thirds would be willing to bet their house on meeting their target.

However, balance is rarely achieved easily and mid-market businesses need to implement various measures in order to effectively ride out the EU referendum. More than half of mid-market business leaders have increased their cash reserves, adjusted pricing strategies, reduced investment and postponed or cancelled acquisition plans. The most common strategy has been to look for new roads. Nearly two-thirds of mid-market business leaders have decided to increase investment in exports beyond the EU.

Expanding operations internationally is one of the top five reasons that businesses intend to increase their investment in growth. Supply chains are also top of mind, with nearly two-thirds of mid-market businesses expanding or reorganising their supply chain outside the EU. Regardless of how uncertain and potentially challenging the Brexit decision has made the road ahead, it may have been the push mid-market businesses needed. This shift to expanding horizons may help businesses capitalise on the future economic growth that will likely be driven primarily by emerging markets rather than our closest neighbours. Businesses that are willing to look beyond Europe can expect to move ahead in the race.

Finding New Roads At the moment, most mid-market businesses have minimal international scope, which makes any uncertainty on the home track even more perilous. On average only a quarter of turnover comes from exports. However, businesses with larger international reach seem to be ahead in the race, with high performing businesses reporting 27% of turnover generated by international operations. This drops to 21% on average and just 16% for those experiencing flat levels of growth.

Tom Pickthorn M&A Partner and Head of International Mills & Reeve

Issue 11 | 107


108 | Issue 11


Painting a complete picture with unstructured data The Financial Conduct Authority (FCA) has asked for input on how technology can help achieve smarter regulatory reporting1. This is unsurprising given the IFRS 9 accounting rules that came into force in January and the introduction of the GDPR on the horizon. There will also be plenty of regulatory uncertainty around Brexit. Most firms in the finance industry rely on a suite of technology to help meet regulatory obligations but many tools do not provide sufficient legal context around commercial data. Artificial intelligence (AI) tools, combined with intelligent schemas, can supplement traditional tools, helping extract useful data from unstructured documents such as contracts. Traditional software tools work with structured data to meet regulatory obligations. However, the process of populating these tools is not efficient because much data, the so-called ‘known unknowns’, has to be extracted manually from unstructured documents. And too often the database does not capture legal restrictions and permissions related to commercial data. For example, when dealing with revenue recognition in accounting, traditional tools might only report revenue figures aggregated from data that is easily populated. However, if the system does not take into account the warranty clause in the contract that specifies the circumstances

when that revenue is not recognized, it provides only a partial picture. To obtain the full legal context and complete the picture, firms must find data across contracts or other unstructured documents. Currently, many firms are doing this manually and most firms are not uncovering all the relevant data. Potential applications of AI tools with intelligent schemas AI tools that combine machine learning with natural language processing can analyse and summarise contracts and unstructured documents efficiently. It is easy to extract and organise data in a structured manner almost entirely without the need for human supervision. AI tools that run on machine learning require users to input samples of relevant documents containing the issues they are looking for. These issues must be labelled for the intelligent software to build algorithms to extract those types of issues accurately in new documents. The best tools allow users from various organisations to pool AI training for the issues that they all share. This way, users do not need to reinvent the wheel developing their own AI in silos. When AI training data is pooled, accuracy and applicability improve for all users. The latest intelligent tools have even achieved a level of sophistication that enables them to summarise the meaning of data extracted.

Issue 11 | 109


This sophistication is important because it allows the AI to establish relationship between data fields, providing a layer of context and meaning. It converts a simple database into an intelligent schema. The advantage of using an intelligent schema is that users may field complex queries to the AI, which the AI then answers using both extracted data and the hierarchy of relationships between those data. Two potential applications for AI tools coupled with intelligent schema are: •

Asset Classification: Under IFRS 9, firms are required to perform the ‘contractual cashflow’ test or SPPI test for asset classification. An AI tool can trawl through contracts of varying complexity to determine whether cashflows are limited to principles and interests or if there are other types of compensations involved2. The AI can quickly determine whether something passes the test by pulling out

110 | Issue 11

the exact provisions and looking at how they relate to the two outcomes. In this case, that would involve determining whether exact provisions involving non-principle and non-interest cashflows exist. The meaning of relevant provisions is understood by the AI with regards to the intelligent schema even if no exact wording is found. In this case, the intelligent schema can understand when cashflows occur, whether payment terms occur only under rare circumstances (“not genuine”), whether non-payment results in bankruptcy rights or what contingent payment terms exist. The AI relates answers from each of these features to determine the outcomes to this binary test. This information also makes the process of modifying future instruments to fall under desired asset classes much easier.

Stress Testing: Stress testing has become a fact of life in the industry since the financial crisis of 20083. Insurance firms use stress and scenario testing to consider the potential impact of adverse circumstances on their business. Banks must hold capital against several types of risks and must regularly prove that their capital is sufficient. How firms fare during stress testing – and in real life – depends heavily on which legal obligations are triggered across thousands of contractual relationships. Many firms utilize various statistical sampling methods to deduce non-credit risk because reviewing all contractual obligations manually is prohibitively expensive. This does not always capture scenarios of “Black Swan events” well. AI tools can be trained to unearth relevant obligations and their temporal or geographical contexts. This allows a more accurate picture to be painted during stress testing and speeds up the process.


The types of insights obtained from AI tools coupled with intelligent schema go beyond simply helping firms meet regulatory obligations more quickly and cheaply. Commercial data with legal context is extremely valuable because of the visibility it provides of the firm’s commercial relationships. This visibility can be used to identify and mitigate previously unknown risks or to develop new business opportunities in the increasingly competitive banking and finance sector.

Tim Pullan CEO and Founder ThoughtRiver

Tim Pullan, is CEO and Founder of ThoughtRiver. ThoughtRiver has researched and pioneered AI technology that tells you which contracts to look at and which sections to focus on, without having to read them. ThoughtRiver’s Review application can generate risk assessment reports on contracts in seconds. For further information visit

1 “FCA Launches Call for Input on the Use of Technology to Achieve Smarter Regulatory Reporting.” FCA, 21 Feb. 2018,

2 “IFRS 9 Explained – Solely Payments of Principal and Interest.” BDO,

3 “Stress Testing.” Alt Text, 16 Mar. 2018,

Issue 10 | 93 Issue 11 | 111


Registering a property in Israel has now been simplified following several regulatory changes The World Bank’s annual Doing Business report examines the ease of conducting business in 190 economies around the world. The report provides comparative ranking of the processes of doing business in several different areas. One area examined and ranked in the report is “Registering property.� In the 2010 report, Israel ranked relatively low. In recent years, the Israeli authorities introduced various new processes and methods to simplify, speed up and streamline the process of registering real estate. Thanks to these efforts, Israel has moved up 21 places in the 2017 ranking.

112 | Issue 11

In Israel, real estate rights are registered with the Land Registrar.To transfer property rights from the seller's name to that of the buyer, the parties must sign a deed of transfer, submit tax certificates issued by the Israel Tax Authority (ITA) and provide clearance from the municipal authorities confirming there are no outstanding debts on the property. If any of the parties is a registered company, a copy of its Certificate of Association, certified by the Companies Registrar, and corporate resolutions authorising the transaction must be submitted.

EMEA BUSINESS This list of requirements, which involve various authorities and processes, previously made the registration of rights in real estate in Israel long and arduous. To facilitate a simpler and easier process, several regulatory changes have been introduced, as described below.

Certificate of Association from the Companies’ Registrar As mentioned above, where one or more of the parties is a company, the party must submit a certificate of association certified by the Companies Registrar as a true copy.

Tax Certificates – The Land Tax Authority According to Israeli law, the responsibility for reporting real estate transactions and their tax results is incumbent upon the parties with the tax authorities having eight months to audit the report. Often, the Land Tax Authority did not approve the parties’ self-assessments and instead assessed a higher tax duty. To fight such a decision, the parties had to conduct long appeal processes with the tax authorities. Only once these were completed and the full tax levied paid, could the parties obtain the tax certificates they needed to register the transaction in the Land Registry. Following the conclusions of a committee chaired by the Director General of the Treasury, some important amendments to the Land Tax Law were introduced in 2010, including a new mechanism for obtaining the tax certificates required for registration of rights. To date, subject to certain circumstances that are generally satisfied in most cases, tax certificates are obtained even before the full consideration has been paid and before the transaction has been completed. This has removed a major delay for registration of many transactions. Israel may be the “Start-up Nation” and a world-renowned center of technological innovation, however, until recently, government bureaucracy was lagging. Having understood the need to ease the performance of real estate transactions and to make the interface with the Land Tax Authority as smooth as possible, the government recently introduced an online land-tax reporting system that expedites the processing of self-assessments.

Until recently, to obtain a true copy, the company had to apply and retrieve the files from the central archive of the Companies Registrar. Only once the physical copy was at the office of the Companies Registrar could the company copy the certificate of association and, against further payment, obtain a “true copy” stamp from the Companies Registrar. Now, company files can be downloaded online and printed with a Companies Registrar electronic “true copy” stamp, which saves time and money for all involved. Clearance Certificate from the Local Authority To receive confirmation from the local authority that there are no outstanding debts on the property, the parties must first send the local authority an application form, a copy of the sale agreement, a copy of the buyer’s ID and documents certifying the date in which possession is delivered to the buyer. In the past year, large local authorities, such as Tel Aviv, have introduced a new system enabling parties to submit all these documents by email. Hopefully, other local authorities will follow in their footsteps and allow for faster processing of real estate rights transfers.

the past few years, the Land Registrar has undergone a sweeping reform whose purpose is to make registration fast and more efficient. For example, many new procedures were published over the last two years, relaxing the strict requirements previously practiced. Registration procedures are published regularly on the website of the Land Registry and Settlement of Rights Department. The Department staff reviews all transfer documents submitted and does their best to return all comments in a single reply. Concurrently, the number of people working at the Land Registration Bureaus has been increased, which has shortened processing time. Recently, an online registration system was launched, which allows for online transfer of rights in certain properties. While this is still in pilot stage, it indicates the future aim of being an online system connecting between the Land Registration Bureau, the local authority and the Land Tax Authority – sparing the parties the need to apply for individual clearances. The results speak for themselves. According to the Land Registrar’s data, the nationwide average registration time has been reduced from 45 to 13 days. In most cases, registration takes only a few days. To conclude, in 2010 Israel defined a clear aim: To simplify, expedite and streamline the process of registering real estate rights. Various actions that the government has implement since, have changed the situation in this field for the better. Israel is not resting on its laurels, and we can expect further changes that will make registration of real estate rights – and doing business – much easier.

The Land Registrar Once the parties have obtained all the documents required to register the rights transfer, they must submit them to the Land Registrar. Until recently, many applications were rejected because of formalities that the parties then had to correct and resubmit. In

Lee Maor Yigal Arnon & Co.

Issue 11 | 113


Customer data ownership in retail banking is changing 2018 will see some of the biggest changes to retail banking in history. Since the 13th of January, all of Europe’s financial institutions have been subject to the Revised Payment Services Directive (PSD2), impacting organisations in the continent and abroad. A significant evolution of existing regulation for the industry, the legislation aims to increase competition and drive forward innovation, while enhancing consumer protection and security. Yet changes in the ownership of customer data spell tough times ahead for retail banking providers

114 | Issue 11

today. The core of the directive has broken the monopoly retail banks have had on their customers’ data, allowing third-party providers to retrieve information from bank accounts at the customer’s request. In the age of digital transformation, where data is everything, the loss of this exclusive right presents a substantial risk to every retail bank’s business. In the wake of PSD2, the industry faces greater competition than ever, with the door now wide open for technology giants, retailers and other FinTech organisations to compete with their own digital financial services.

Not only are established providers losing control of customer data, the new legislation has already presented some interesting technological challenges, including the requirement for banks to provide suitable interfaces for external access to account data and payment initiation. Traditional banking services are already beginning to be either supplemented or completely replaced by digital services, and branches and personal advice are becoming less important. In the midterm, the question of who can best assert themselves as a central service provider, aggregating customer data and


providing the best tools and services to the end user, will be a decisive competitive factor. Newcomers to the market have been received well, offering improved customer experiences and new innovative ideas at speed. Unlike existing banks, they’ve been unencumbered with legacy technology, siloed data and a range of other issues that come with trying to pivot a longestablished business. From a technological standpoint, many such disruptors have already

achieved a head start. FinTechs are investing on average 3:1 in the area of payments, compared with investments from traditional banks, and PSD2 will only provide further catalyst for success. The worst-case scenario from the banks point of view would be the technology giants such as Amazon or Google utilising their vast resources and digital expertise and outstripping established providers. Open data will allow competitors to offer individually tailored offers, new applications and services to lure customers away from their existing providers. As performance and costs

become more transparent, price comparison becomes easier for consumers to find with just a few clicks, placing greater price pressure on the retail banking ecosystem. For banks, there is real danger in losing long term business. Large margins and fees generated by financial products such as personal loans, insurance, and payment transfers are all at stake, as young, digitally savvy clientele become accustomed to expecting more from service providers from all areas in life, not just banking.

Issue 11 | 115


Leverage existing strengths to secure market position Established retail banks now face the new challenge of having to regain the privilege of direct contact with customers, requiring a substantial change in business as usual. Increasing legislation may have led to slower developments in recent years, but now is a critical time to switch to a proactive, self-disruptive approach, to have any hope of securing existing market position. To do so, traditional players should build on the unique strengths developed over decades, even centuries of doing business. Whilst it’s true that new market entrants will benefit from the advantages presented by PSD2, they will also have to face intensive compliance issues and regulatory requirements. Banks already have extensive expertise in these areas. Data security, fraud prevention, secure digital identity and confidentiality of personal data are

all core competencies of established financial institutions. Despite the financial crisis, banks also still enjoy a considerable amount of consumer confidence. Carrying these strengths forward is key to survival in this era of change, whilst undergoing digital transformation and ensuring new innovations are deployed at speeds the industry is somewhat unaccustomed to. PSD2 will undoubtedly change the market in the mid and long term. For consumers, there is a lot to look forward to, in the shape of smart new technologies, improved financial product offerings and greater transparency in fees. For banks, FinTechs and the wider technology industry, we are entering the make or break phase in the race to aggregate services and secure access to customers. Banks must focus on exploiting their existing advantages in order to continue to play a role in retail banking.

Andrew Hewitt Director Payment and Data Solutions FIS

Issue 11 | 117


Keeping customers at the heart of PSD2 compliance Smooth and seamless user authentication should be a priority in Open API design For banks across Europe, the PSD2 clock is now well and truly ticking. Late last year, the European Commission issued its final draft of the RTS (Regulatory Technical Standards) that supports the new directive. Assuming it is approved by the European Parliament and Council, stakeholders now have clear sight of what is required, and when. However, the RTS does not define how to design the newly required direct interfaces. In meeting the challenge of complying with this new regulatory framework, it is vital banks ensure a high level of interoperability and do not lose focus on the end user experience. In particular, this means relying on standards that combine the efficient access to account holder data for PISPs (Payment Initiation Service Providers) and AISPs (Account Information Service Providers) that is required by PSD2 with a smooth authentication process for consumers. In agreeing the final draft of the RTS, one of the most contentious issues for the Commission to resolve was the precise means by which TPPs (Third Party Payment Service Providers) such as PISPs and AISPs would be provided access to bank accounts. Ultimately it has come down in favour of Open APIs (Application Programming Interfaces). These will need to be created by the banks, be free of charge for TPPs to use, and subject to stringent service level requirements. The alternative, screenscraping, is still an option, but primarily

118 | Issue 11

as a fall-back for banks that fail to meet the necessary deadlines or performance targets. What’s more, the Commission expects Open APIs to be up and running six months before the RTS comes into force. Assuming a vote in the next few weeks, that gives banks a target date of March 2019. Whilst the RTS defines the goals for Open APIs, they do not specify the detailed technical implementation that banks should adhere to for achieving them. And in deciding which route to go down, banks are not short of options. Standardization initiatives include the UK Open Banking Working Group, which was quick off the mark in unveiling its Open API specifications over the course of last summer. Subsequently, the country has also led the way in terms of the recent roll-out of AISP APIs, which are being piloted by the top nine banks. In France, a similar initiative is being driven by STET, the payment processing body owned by the country’s six leading banks. The Berlin Group, meanwhile, is a broader, processor-led initiative that aims to create a pan-European standard. National initiatives are also underway in Eastern Europe. Moreover, it should be remembered that a number of banks pre-empted the arrival of PSD2 and have already launched Open APIs to their own specifications. Finally, the API Evaluation Group kicked-off at the end of January, overseeing the implementation of API specifications and paving the way for further harmonization.


Each bank’s final decision will inevitably be shaped by a number of issues, including domestic context, wider corporate strategies and more detailed technical considerations. However, in the race for compliance, there is a real danger that banks will overlook the most important factor of all – the customer. In particular, banks need to consider how best to design an SCA (Strong Customer Authentication) solution that facilitates the work of AISPs and PISPs without compromising either the user experience or security. Of course, we are still in the early days of standards development, and different approaches to the issue are evolving rapidly. However, in broad terms, there are three clear options for SCA. These are known as redirect, decoupled and embedded. With redirect, the TPP reroutes the end-user to the bank’s website. The ASPSP manages the entire SCA process, leveraging a hardware or mobile authentication method, before redirecting the user back to the TPP. As the name suggests, decoupled is an out-of-band process, fully controlled by the bank and leveraging its mobile authentication app. In contrast, with an embedded solution, the SCA is executed through the TPP interface. The bank generates a challenge that is sent back to the user for ‘signature’ through the TPP interface and verified by the ASPSP. Of the three, there is no doubt that redirect represents the quickest and most straightforward solution for banks to implement. What’s more, at present it is the only one defined in all

the leading standards initiatives. But in terms of the user experience, it is also the clumsiest. Indeed, in the long run, it might be considered incompatible with the requirement, set out in PSD2, that banks do not obstruct the experience offered by TPPs. In the short term it may be necessary for banks to utilize a redirect solution to meet pressing compliance deadlines. However, those seeking to optimize the customer experience should also target a seamless embedded implementation. Digitalization and the emergence of the FinTechs have already changed the rules of the game for established banks. The implementation of PSD2 simply adds greater momentum to the on-going Open Banking revolution. PSD2 also confirms, once and for all, that banks must accept AISPs and PISPs as a fact of life and favour opportunities to co-innovate; by making it harder for customers to utilize their services, banks will simply undermine loyalty and the ability to attract new business. Moreover, in a world in which connected devices are rapidly supplanting bricks and mortar branches, the SCA process has become

a key point of day-to-day contact between banks and customers. So, whilst PSD2 compliance is inevitably going to create some serious headaches in the coming months, it must not be allowed to distract banks from the bigger picture. And at the heart of that is the need to create SCA journeys which can deliver a real competitive advantage in the brave new world of open banking.

Emilie Casteran Head of Digital Strategy Banking and Payments Gemalto

Issue 11 | 119


Getting Closer A Six-Step to SMEs: Relationship Builder for Banks

“What does good proactivity mean to small business customers?” When a financial services client recently asked this question, it got us thinking about what proactivity really means to customers, particularly small and medium-sized businesses’ customers, and how a provider can best demonstrate that it is being proactive. ‘Proactivity’ is a concept that is increasingly high on the agenda of financial and professional services firms, and is increasingly preferred to ‘responsiveness’, which customers and clients see as too passive in the context of a developing and serious provider relationship. We put our heads together, drawing on recent research conducted among SMEs for banks and others, and defined these key principles of demonstrating an outstanding provider relationship. 1. Provide a roadmap, setting expectations at the start If a small to medium-sized business (SME) customer starts the relationship feeling as though they’ll get lots of personal contact and support, and then this doesn’t materialise, they are likely to feel the provider is not paying enough attention or being proactive enough. Setting expectations at the outset about contact, advice and what help and proactivity will look like should aid customer satisfaction – but only

120 | Issue 11


if these expectations are then met or exceeded consistently throughout the course of the relationship. 2. Proactivity is more than anticipating and reacting: it must appear tailored to your customers’ individual needs As a provider, this activity is based on an understanding of each customer’s business needs, goals and sector challenges, and then providing a customised response. In the context of a financial services provider, targeted proactivity can be demonstrated through a combination of the following: •

Regular contact, usually from a dedicated Relationship Manager. Customers place great value on personal relationships, though there are often challenges of contact time, and there can be a feeling of: ‘Why do they not have more time for me? Am I not important enough? Are they favouring other clients over me?’ This can be remedied by ensuring a single point of contact and being easy to get hold of.

Making suggestions for financial products / vehicles. These are likely to be well-received, if they are seen to be new, and it is essential that they are perceived as relevant, targeted and tailored - not just random or generic, and not put across in a way that seems ‘salesy’ – a real turn-off for SME customers. Providing other anticipatory services. This could include annual reviews (opportunity to re-assess goals and expectations), or offering some sort of valid ‘help’ which also demonstrates proactivity. Providing information – a source of financial knowledge – and arranging focused networking events. These should either be sector-related (though not a room full of direct competitors), or with others who are at the same stage of their business journey, and with the same needs / challenges (e.g. startups, those in a growth stage, etc).


Judge how reactive they want you to be A few things to consider:

While some customers will welcome – and even demand – proactivity, others would hate it – so this should be understood early

on and catered for on an individual business basis. There is no point trying to be proactive and offer products, services and advice if your business is not a good fit with theirs. There are already many active SMEs, and this figure continues to grow. Providers should attempt to narrow down the target list to those suitable for this sort of proactive relationship building. It’s only credible to make proactive suggestions if a provider really knows and understands a customer’s business. Generic ‘small business’ advice tends to be ill-received, as lacking relevance. The approach will vary according to size and personality: •

Smaller businesses will often have needs similar to individual consumers

SMEs are often (rightly) truly passionate about what they do – it is their life, not just their work – and they can often feel that their business is unique, and be quick to think that nobody can offer appropriate advice as they don’t understand them and their business.

Issue 11 | 121


Overcoming scepticism around truly tailored advice is hard, but the first step to any proactive suggestions or advice is that it must feel personal. 4. Don’t make them work for it SME customers are always busy, and often looking for efficient help – that’s why proactivity is often wanted / required. But many customers (including SMEs) often feel they are putting in far more effort than the provider – so brands should, wherever possible, demonstrate that they are putting in at least as much effort as their customers (an effective customer – company effort ratio). Crucially, they should continue this throughout the relationship, not just at the start. This idea of ‘fairness’ can build relationships that last, and create advocates of brands. 5. Innovation, innovation, innovation The launch of PSD2 / Open Banking in January 2018 presents new opportunities for financial services providers to offer a whole range of new proactive solutions for SMEs. Providers could enhance their support of smaller businesses by developing products and services, utilising open APIs, that will tap into SME pain points and help ease pressure. As an example, SMEs are often time poor and find business administration an unwelcome drain on their time; they may also lack the resources or expertise to manage tax and accountancy obligations as well as they should. A service that could integrate with existing small business accounting software packages to automate and speed up invoice reconciliations, payment initiation and tax liability calculations ought to be very well-received. There are also opportunities to support SMEs with cashflow concerns and instant payments.

6. Fall in love all over again Demonstrating proactivity is likely to be a constantly evolving commitment to client service, but when successful, it will help build loyal, sustainable relationships with business customers, worth both the time and financial investment. The banks have not always enjoyed the best relationships with their smaller business customers over recent years. Perceptions of low willingness to lend and, in some instances, of declining levels of service and support can make SMEs keen to look for alternative sources of advice and ultimately finance. Demonstrating proactivity through these sorts of behaviours and activities could play a big part in convincing SMEs that you not only want their business, but you really value them. And those that truly feel valued may, in turn, support you by becoming advocates for your brand, making recommendations and referrals among their peers.

Georgiana Brown Research Director, Financial Services Ipsos MORI

Issue 11 | 123


ARTIFICIAL INTELLIGENCE WILL ENABLE BANKS TO INCREASE CUSTOMER LOYALTY There is huge amount of noise currently about the use of artificial intelligence (AI) in the financial services sector. Every fintech application or new piece of banking software must be accompanied by bold claims about its use of AI, even though in many cases they are simply upgraded algorithms. It would certainly be beneficial if we had an AI application that could cut through the spin and present us with only what is relevant to the specific requirements of our job or organisation. In truth, such advanced filtering applications are already available. They are just one of the AI-driven applications that are going to transform the way customers view financial organisations, especially in the retail banking and lending sector. What could be more timely in the UK when the Competition and Markets Authority’s Open Banking revolution is placing greater requirements on banks to use technology for more effective engagement with customers? It all adds to the competitive pressures as new challenger banks and fintech companies enter the banking and lending market.

124 | Issue 11

AI will change banking As they compete in this intense atmosphere, financial organisations will quickly find they must embrace AI, given the range of applications now operational, such as chatbots, virtual assistants or automated personalised review summaries. Analysts at Gartner have forecasted that more than 85 per cent of customer interactions will be managed without a human by 2020, while AI market research specialist TechEmergence believes that chatbots will become the primary consumer AI applications over the next five years. There is indeed every reason for banks to deploy chatbots to engage with customers seeking help or information, just as H&M’s Kik app, recommends outfits to shoppers based on the style of clothes they prefer. Banks and insurers know their customers far more intimately than fashion retailers and with AI to analyse the data, can make highly relevant recommendations about financial products and services.


AI solutions can also head off potential problems before they develop, learning to detect the ‘distress’ signals and react accordingly. The technology is a huge driver of efficiency in customer-service, facilitating rapid expansion and keeping a lid on recruitment costs. The use of chatbots and other virtual assistants, for example, reduces what is often heavy and costly staff-turnover in call centres by removing tedious tasks from the work of customer-service agents. AI will meet the demands of new generations There certainly is no alternative to AI-adoption unless a bank or insurer is determined to lose out to competitors. It is clear that today’s consumers – especially the under-35s – will head elsewhere if they are not given fast responses and quick, effective solutions to their problems. This generation wants to engage with banks, lenders, insurers and mortgage-providers in more meaningful ways – preferably using a mobile device. Our own research found that while they regard themselves as loyal, more than six-out-of-ten of the under-35s see themselves switching primary providers more often in future. Nearly nine-out-of-ten thought banks should be doing more to keep them as customers.

This is a demographic that is moving into the mortgage market, gaining higher salaries and having families. They cannot be ignored and while fees and charges matter, the use of technology is a major factor in who they should bank with, especially when it comes to customer-facing technology that makes interaction easier and increases personalisation. Personalisation is essential to winning customers when a simple mouse-click is all it takes to switch between competitors. What builds loyalty and increases revenues, is treating customers as individuals, recognising them each time they interact with a business so that their specific requirements are always met. AI-powered review systems will have immense influence Which brings us to reviews. Authentic reviews now play an important role in determining what consumers think of products, services and organisations. Research conducted by Feefo has found that access to positive feedback from fellow customers in genuine reviews is the single most influential factor when consumers under 35 decide which bank, lender or financial service to opt for (selected by 85 per cent).

Issue 11 | 125


Remarkably, it was more important than verbal recommendations from friends and family (82 per cent). Among the financial organisations surveyed, we found that 43 per cent envisage using AI to provide personalised summaries of reviews, saving customers’ time and increasing the overall relevance of the organisation to each individual. The fact that financial institutions are embracing AI is promising, but it is still lower than the average across all industries of 46 per cent. Finding the resources and solutions to make it work At first glance it may seem as if the financial sector is well on the way towards implementing these advanced AI solutions. More than nine-out-of-ten decision-makers in our research said failure to implement AI would be a competitive disaster. The great majority (71 per cent) said they will use the technology in customer-engagement, with the same percentage opting for customerservice chatbots.

126| Issue | Issue1011 38

The difficulty across the industry, however, is that almost eight-in-ten banks and lenders (79 per cent) said they are short of the capacity and expertise to develop AI initiatives. Yet this is not an insuperable difficulty. Many organisations are already realising that off-the-shelf solutions with their plug-in-and-play ease of integration will enable them to meet these challenges immediately. In this way the shortage of expertise is effectively side-stepped, with bottom-line benefits quickly realised as existing customers feel more engaged and potential customers are convinced it is worth switching accounts. The ease of reading genuine reviews that cover precisely what interests each person is a powerfully persuasive factor. Chatbots, virtual assistants and personalised review summaries are AI technologies that are fit for purpose now, and with sophisticated out-of-the-box solutions readily available, retail financial business must start implementing them or watch competitors leap ahead.

Matt West CMO Feefo


Out-doing yourself makes you better. Doing this year after year makes you a leader. Today, we want to be better than yesterday. Out-doing ourselves every day. Not to be better than the others, but trying to be better than ourselves. This attitude has helped us become the no.1 healthcare and accident insurance company, the entity with the highest growth in the Top 5 non-life insurances, and we have also become leaders in distribution with the largest bank insurance network. All of this has enabled us to win the prize Best Insurance Company 2018 for the second year in a row, and this motivates us to continue bettering ourselves.

Issue 10 | 39


MiFID II’s long-term implications The second Markets in Financial Instruments Directive (MiFID II) was supposed to introduce the largest overhaul of the financial services industry in decades. With over 1.4m paragraphs of rules, MiFID II had a number of laudable, far-reaching aims covering virtually all asset classes traded within the EU, including the goals of increased transparency, reduced costs for investors and a clampdown on market misbehaviour in the financial industry. However, despite coming into force on 3 January 2018, MiFID II is starting with more of a whimper than a bang and has not yet even been introduced into the national laws of 17 EU countries, including the Netherlands and Spain. Rather than signifying a radical shakeup of the financial industry, MiFID II has been marked by a series of delays and uncertainties, including major exchanges failing to implement the regulation on time, postponement of the dark pool caps, unpredictability surrounding Brexit, and even the possibility of a MiFID III.

The situation so far MiFID II was meant to open the clearing of futures contracts to competition through a policy known as ‘open access.’ However, on the date of implementation, regulators in Germany and the UK, and later Sweden, granted a reprieve to their domestic exchanges, not of three or six months but of 30 months. This extension was blamed on uncertainty surrounding the status of the UK’s capital markets following Brexit; however, many in the industry have cited it as an example of regulators bowing to vested interests. As market leaders have found themselves unable (or unwilling) to meet MiFID II’s demands, with many voicing concerns over the new open access rules and their impact on industry competition, another MiFID II policy has been postponed – this time, for more than two years. Another MiFID II target was ‘dark pooling’ – the practice of allowing investors to trade without having to reveal what they are buying or selling. Under MiFID II, a cap was put in place on these dark pools in an effort to move investors back onto “lit” public stock markets. These caps were meant to be accompanied by a list of European equities that were to be excluded from trading via dark pools but the publication of this list was delayed for three months by the European Securities and Markets Authority

(ESMA) due to a lack of data. Legally, the MiFID II dark pool caps still came into force on 12 January but, without data showing which instruments would be excluded, it was difficult for ESMA to know if the cap had been reached, leaving it unable to enforce penalties for breaching the rules. This meant that the hundreds of European equities that would have been caught out were granted a last-minute respite, and one of MiFID II’s biggest changes is not yet being enforced. Another aim of MiFID II was to make the market more competitive by introducing an unbundling requirement for fund managers to charge analysts for research rather than receiving it for free in return for supplying brokers with trading business. The end of such inducements was supposed to spark the growth of a new generation of independent research boutiques. However, this has yet to be seen. It seems that most managers are choosing to pay out-of-pocket for research, putting further pressure on profit margins. This removes or at best delays the benefits of fragmenting the market, as firms continue to use their familiar bank and broker analysts in fear of contravening the ban on unsolicited research.

Issue 11 | 129


What does the future hold for MiFID II? Although the future of MiFID II is far from clear at this juncture and may continue to be for the next few years until its full impact is evident, it is likely that MiFID II will have a farreaching, broadly beneficial impact on the financial industry across Europe, though with still many issues to address before it can deliver new opportunities for financial firms. These include questions about consistent implementation of the rules in every jurisdiction affected. ESMA published the list of equities affected by the dark pool limits in early March, which should allow regulators to police these pools more effectively under MiFID II. According to new research from Thomson Reuters, dark pool trading has halved in the wake of these rules being introduced earlier this month. There is still some concern in the market, however, that in the long term trading will migrate to registered systematic internalisers (SIs), a group of banks and dealers that operate under an off-exchange trading regime. Critics have argued that SIs will simply become a new version of dark pools, a private alternative to regulated public exchanges. This could prompt more action and a toughening of the rules by regulators as they try to increase the transparency of such activity. Once the data accompanying dark pool caps has been published, regulators can begin to analyse the market to see where improvements to the regulation are required. Additionally, the UK’s impending exit from the EU in 2019 leaves considerable uncertainty. There is speculation that the UK could opt for

‘MiFID II-lite’ in some or all areas, with the government choosing to translate diluted MiFID II’s standards into UK legislation to better align with the UK’s financial markets. On the other hand, there is still the risk of a hard Brexit wherein no regulatory technical standards are agreed – leaving the financial industry in a state of limbo. It should however be borne in mind that the FCA was the architect of many of the recordkeeping and reporting principles embedded in MiFID II. Moreover, with the aftermath of the UK’s previous dalliance with “light touch regulation” still fresh in memory, the national regulator is unlikely to favour watered-down standards that could see London regarded as a less safe or transparent marketplace for global capital.

already encouraged the rapid growth of an innovative regtech industry and this is set to continue in the future, as businesses increasingly look to technology to help them improve their working practices, cut costs and risk, improve agility and gain new insights – all while ensuring regulatory compliance. Requiring businesses to review their data has led to the emergence of a number of new technologies that capitalise on this valuable resource, and in the long-term this will allow businesses to become better-informed about the decisions they make, identify patterns and trends within their organisation and the wider industry, launch new products and improve customer satisfaction.

Whatever the outcome, the strength of the UK’s regtech and fintech offering means the City will be well-placed to adapt to Brexit’s realities and their effect on the resulting regulatory regime. Fintech and regtech firms’ flexibility and agility means that they can easily adapt and update their offerings as the market changes, helping them to quickly validate any future offerings as the postBrexit landscape begins to take shape.

As the industry adjusts to this new regulatory landscape, attention will shift from mere compliance to the opportunities provided by this new framework of rules. MiFID II certainly has the power to accelerate a reshaping of the financial sector and, once the dust settles and uncertainty fades, a more transparent, competitive and trustworthy industry should emerge.

There is also the question of a MiFID III. Already, hiccups with MiFID II’s implementation have caused regulators to consider the creation of a third iteration of the regulation and a speedy rewrite of the rules, with Brexit set to make this more likely by presenting a significant challenge to some of MiFID II’s core objectives such as improving transparency in financial markets. Many suspect that if the UK and the European Commission fail to harmonise the financial services landscape post-Brexit in a way that includes MiFID II’s core objectives, a third iteration of the regulation, and another major overhaul of the market, may be required. In the meantime, we will likely see UK financial businesses benefit from the new regime in a number of ways. MiFID II has

Matt Smith CEO SteelEye

Issue 11 | 131



2 Visas

The Government imposed cap on sponsorship of overseas workers has exceeded the limit for the last three months and is expected to be exceeded again this month, leaving UK employers reliant on foreign workers unable to fill vacancies. The annual cap for sponsoring non-EEA skilled workers to come to the UK was introduced on 6 April 2011. Under the scheme, a Certificate of Sponsorship (CoS) is required for salaries of less than ÂŁ159,600 with the exception of certain UK graduates and those on a list of recognised

132 | Issue 11


shortage occupations. The annual cap is currently 20,700, split into unequal monthly allocations with February to March having the lowest allocation (1,000) and March to April the highest (2,200). When the number of valid applications exceeds the quota of CoS available, applicants with the highest salaries are favoured over those offered lower salaries. It was not until March and June 2015 that the cap was first reached, with the number requested far exceeding the allocation. Subsequent tinkering with policy and economic uncertainty has meant that the cap was not hit again until the beginning of December 2017. It is likely that the cap will be exceeded again in the early March allocation, as it has for every month from early December 2017, meaning that only those roles meeting a very high salary threshold (possibly only those with a salary of £55,000 or more) will succeed in securing a CoS. This can be highly damaging for businesses who rely on overseas skilled labour particularly those with younger workers who are generally on lower salaries. Delays in commencement of employment could be fatal to the success of smaller businesses. Also affected is the NHS who can ill afford difficulties in recruitment in the present climate. It is thought that the fall in the number of European nationals choosing to live in the UK after the EU referendum result has contributed to the pressure on the Tier 2 category as employers increasingly look beyond the EU labour market to fill vacancies in their skilled work forces. Despite the need for increased skilled migration the government remains committed to reducing net migration, whether this is by quotas or by making

financial costs prohibitive to all but those with the deepest pockets. In April 2017 an Immigration Skills Charge was introduced, adding £1,000 per year to an employer's costs for sponsoring each new non-EU national under Tier 2 with few exemptions. An announcement was made in February 2018 that the immigration health surcharge is to be doubled from £200 to £400 per year for non-EU nationals. It should be noted that the immigration cap applies only to workers sponsored under the Tier 2 (General) subcategory - predominantly new recruits from overseas. Sponsorship under the Tier 2 (Intra Company Transfer) subcategory does not form part of the 20,700 quota and some of the recent changes that the Government has made to policy in this area will be of interest to multinational businesses. As of April 2017 it is now possible to sponsor a non-EU national under the Tier 2 (ICT) category without them having been employed by the business's overseas office for 12 months. The high earner threshold under Tier 2 (ICT) has also been reduced so that those earning over £120,000 can extend their status in the UK for up to a total of up to nine instead of five years. Tier 2 (ICT) does not however lead to settlement so the Tier 2 (General) immigration cap will continue to be an issue for more permanent hires to the UK. Companies may need to put on their thinking caps and perhaps look to alternative immigration routes when Tier 2 is not possible. The 'Exceptional Talent' category is often overlooked but is worthwhile for world leaders or potential world leaders in particular fields such as arts, technology and sciences, and is one of the few areas where the Government has loosened its policy somewhat, announcing in November 2017 that it is increasing the

quota of visas from 1,000 to 2,000 per year. Attractive for non-UK companies establishing a branch or subsidiary in the UK is the 'Representatives of Overseas Business' category which, unlike the Entrepreneur (for setting up or joining a UK business) category, does not require investment of £200,000. Each category has its own nuances and not all will be suitable, but it is worthwhile bearing in mind that there are alternatives. In July 2017 the Government announced that the Migration Advisory Committee (MAC) had been asked to report on the impact to the UK labour market of leaving the EU and how the immigration system can better serve modern industry. Consultation closed in October 2017 and it is expected that the MAC will present its findings by September 2018, coinciding with the scheduled publication of the Government's repeatedly delayed white paper on post-Brexit immigration policy.

Kathryn Bradbury Partner and Head of Immigration Payne Hicks Beach Solicitors

Issue 11 | 133


No Translation Necessary: Devising a Common Language for Cyber Risk Reporting Last year was the worst year ever for data breaches and cyber-attacks, with 159,700 total incidents worldwide, according to a recent survey by the Online Trust Alliance. Research by the Ponemon Institute found the average cost of cyber crime last year in the United Kingdom was $8.74 million, a 21 percent increase from 2016. And costs are escalating even faster in Germany (up 42 percent), Australia (up 26 percent) and Japan (up 25 percent). This is a global problem that demands global tools to solve it. In the board room the message is being heard loud and clear. High-profile incidents involving Equifax, PCI, Yahoo! and Wonga, have put intense pressure on corporate manages to establish effective cybersecurity risk management programs – and to clearly communicate the steps they’ve taken to address cyber risks to their board members, investors, regulators and the public. Despite the seriousness of the issue, companies face challenges in meeting the problem effectively. A lack of uniformity has made it difficult to describe risk mitigation strategies for cyber attacks in common terms that permit apples-to-apples comparisons and industry benchmarking. The quality of information provided to boards appears to be growing: some 31

134 | Issue 11

percent of the U.K.’s FSTE 350 said they received detailed reports from management on cyber risk, up from 21 percent the previous year, according to a 2017 survey by the U.K. government. Yet most companies say they receive lesser updates with either “some information” (53 percent) or “very little insight” (7 percent). A lack of defined, widely understood terminology and processes can lead to ad hoc approaches to cyber risk reporting. In a recent web cast hosted by the Association of Certified Professional Accountants (the unified voice of the AICPA and CIMA), security firm founder Robert Herjavec said board members who oversee cybersecurity initiatives have often approached risk mitigation like “people building houses, but not knowing what they want the house to look like until it’s built.” What’s needed is a blueprint. And that’s what we had in mind when we developed a cybersecurity risk management reporting framework2 last year. It offers a common language to describe the extent and effectiveness of a company’s cybersecurity efforts, and it’s flexible enough to apply to any type of organisation in any part of the world. Our cybersecurity risk management reporting framework is designed to create uniformity with criteria that supports a standard way of doing things. This means an


Susan S. Coffey CPA CGMA

organisation’s management can use the criteria to describe its cyber risk program to stakeholders, including detailed information about the nature of the business, data that might be at potential risk, cybersecurity objectives, and details about risk governance and risk assessment. The second aspect is to develop control criteria. Management can use the criteria to evaluate whether the organisation is effectively meeting its cybersecurity objectives. Public accountants, meanwhile, can use the control criteria when engaged to provide advisory services involving cybersecurity or to perform a System and Organization Controls (SOC) for Cybersecurity examination engagement.

Voluntary and market-driven, the framework is designed to help all organisations build a more coherent approach to cybersecurity risk management and to communicate those activities clearly to stakeholders. This information, combined with the public accountant’s opinion on the effectiveness of management’s efforts, will increase those stakeholders’ confidence in the organisation’s due care and diligence in managing cyber risk. As cyber-attacks continue to rise in the coming years – in the UK and around the world, the accountancy profession can play a key role in building trust, order and assurance into cyber risk reporting. The framework can be a critical tool in that process.

Susan S. Coffey, CPA, CGMA, is executive vice president for public practice at the Association for International Certified Professional Accountants. For more information about the cybersecurity framework, visit the Association’s SOC for Cybersecurity1 page.


“SOC for Cybersecurity.” AICPA, assuranceadvisoryservices/aicpacybersecurityinitiative.html. “SOC for Cybersecurity: Information for Organizations.” AICPA,

2 cybersecurityfororganizations.html.

Issue 11 | 135


Technology in The developing role Banking: of biometrics In the past, technology that could identify us by our biometric data was something we only saw in sciencefiction: from facial recognition technology used in Star Trek, to Marty McFly using his fingerprint to authenticate payments in Back to the Future. But over the last few years, developments in technology have demonstrated a world in which our face, voice, eyes and fingerprints can be used to identify and authenticate us. With huge strides being made in biometric technologies, the end of the PIN and password could soon become a reality. Fingerprint authentication is already very common when unlocking our smartphones, while services like ApplePay and SamsungPay have allowed early adopters to pay for things just by tapping their thumb on their phone. But soon biometrics could be the way to secure other proximity payment methods, online/eCommerce payments and a wide range of financial

136 | Issue 10

applications. What’s more, the latest open banking initiatives and new regulatory frameworks, such as PSD2, are set to increase the pressure on financial institutions to ensure robust protection of customer data and funds. In addressing these challenges, biometrics can play a central role in the quest to combine security with usability. Card Payments Since Apple introduced the fingerprint sensor into the iPhone, some consumers have been enjoying the convenience and security of using their fingerprint to authenticate their payments. Now steps are already being taken to trial biometrics in card payments. One such development is the recent introduction of the biometric EMV card with fingerprint recognition technology. This replaces the traditional PIN code which, along with passwords, could become an outdated form of verification in the next few years.

Passwords are frustrating for the consumer; they’re easily forgotten, and we have too many to keep track of. Having your fingerprint linked to your bank card is not only convenient, but it provides a feeling of personal security that’s embedded into the payment method. As user data is stored on the card, not on a central database, customer details are protected if the bank was to suffer a cyber-attack. Likewise, if the card was to become lost or stolen, users can be safe in the knowledge that their fingerprint cannot be replicated. While the card is currently in trial stages, this is an indication of how biometrics can transform our financial services in the years to come. But it’s not just about making payments. Biometric technology will have a major role to play in verifying user’s identities, enabling a new era of Open Banking and helping to prevent fraud.


PSD2 and Open Banking Multifactor authentication will soon be a requirement of industry regulation. A crucial element of the impending PSD2 regulation, and something that’s critical to the Open Banking scheme that’s just launched in the UK, is the need for banks to provide ‘Strong Customer Authentication’ (SCA) to protect users against external threats whilst not compromising their experience. Banks will need to verify an identity using at least two different authenticators. The regulation states this as ‘something you have’, ‘something you know’ and ‘something you are’, which could be translated as your device, your PIN number and a biometric feature. Since the introduction of fingerprint readers into phones, several leading banks integrated the technology into their apps. Now, the multifactor authentication requirements of PSD2 mean that all remaining European banks should at least be considering doing the same. By supporting the use of biometric authentication via

a mobile device – whether fingerprint or other methods such as facial recognition – banks can provide a solution that combines security with usability, creating a better user experience. Most two factor (2FA) techniques currently send a special code to the user’s mobile phone to use in conjunction with a password. But just as someone could steal their password, a hacker could intercept a text, or spy on the phone. In comparison, a request to provide biometric information on a mobile device is much more secure. It’s also a much more convenient, seamless process when compared to the card readers and hardware tokens many banks still use to provide an additional security layer – where customers not only have to carry another device with them, but also end up manually copying one-time passwords to gain access.

Issue 10 | 137

EMEA BANKING Behavioural biometrics There is also a role for biometrics in fraud prevention, but rather than use physiological characteristics like a fingerprint, banks can look at how consumers behave on a mobile app or website. These patterns include the way the user moves a mouse, types on a keyboard or swipes a mobile screen. We all have distinctive ways of interacting with our devices, clearly distinguishable from the behaviour of a bot. By combining machine learning, artificial intelligence, and behavioural biometric authentication it’s possible to intelligently and automatically identify any unusual behaviour, requesting an additional layer of authentication if necessary.

Banks must acknowledge that implementing biometrics as part of a wider authentication process is the key to balancing security and convenience. Once they do, this is where the opportunity for further innovation lies. It provides banks with the differentiator which they need to maintain a competitive edge and deliver on the promises of open banking in a convenient way. And while fingerprint recognition is the most common use today, we’re already seeing major strides in other biometric identifiers, from facial recognition in the new generation of iPhones, to voice or eye analysis. Clearly, biometric technology is no longer out-of-reach and represents a new reality for security in banking. The revolution was kick-started by the introduction of fingerprint recognition into our phones and is moving into a new stage with the development of biometric EMV cards. Banks must be brave and disassociate themselves with legacy systems of authentication, as well as recognise that biometric technology helps construct the perfect balance between improved security and an uncompromising user experience.

Emilie Casteran Head of Digital Strategy, Banking and Payment Gemalto

138 | Issue 10

Your support keeps pushing us to the top.

BMO has been named Best Forex Provider – North America/China* for the eighth straight year. You can count on our team of experts for winning solutions that help you achieve your FX goals.

*Global Banking and Finance Review Awards, 2011-2018. BMO Capital Markets is a trade name used by BMO Financial Group for the wholesale banking businesses of Bank of Montreal, BMO Harris Bank N.A. (member FDIC), Bank of Montreal Ireland p.l.c, and Bank of Montreal (China) Co. Ltd and the institutional broker dealer businesses of BMO Capital Markets Corp. (Member SIPC) in the U.S., and BMO Capital Markets Limited (authorised and regulated by the Financial Conduct Authority) in Europe and Australia. “BMO (M-Bar roundel symbol)” is a registered trademark of Bank of Montreal, used under license. ® Registered trademark of Bank of Montreal in the United States, Canada and elsewhere. ™ Trademark of Bank of Montreal in the United States and Canada.

Global Banking and Finance Review Magazine - Business & Financial Magazines  

Global Banking & Finance Review is a leading financial portal and Print Magazine offering News, Analysis, Opinion, Reviews, Interviews & Vid...

Global Banking and Finance Review Magazine - Business & Financial Magazines  

Global Banking & Finance Review is a leading financial portal and Print Magazine offering News, Analysis, Opinion, Reviews, Interviews & Vid...