Why financial services, cybersecurity and regulatory compliance go hand in hand

Why financial services, cybersecurity and regulatory compliance go hand in hand

It’s a widely held misconception that heavily regulated industries are the least agile, and the slowest to innovate. In the financial services sector particularly, there is a tendency to see compliance and responsibility as a barrier to success, when they should be seen as the essential foundation.

The UK, rather than being a difficult place to do business for financial services firms, fosters growth with an active mix of regulators, investors and accelerators, and a government which is heavily involved in the economy. In fact, the UK’s regulator, the FCA is regarded as being one of the most forward thinking regulators in the world. It keeps a close eye on risk management and improved services, whilst encouraging competition.

A research piece by the LSE, called the Growth Commission Report, published in 2011, stated that, “Long-term investments require a stable policy environment within which investors can manage risk since returns often accrue over decades, well beyond the typical parliamentary cycle. Stability is fostered by having a predictable policy framework, where possible backed by a cross-party consensus.”

Prior to the financial crisis, it might be said that the UK had failed to provide the right conditions for long term investment and a stable economy. Deregulation in the 1970s and the introduction of electronic money hugely increased the amount of money in the economy, which steeply rose in the lead up to 2008. However, almost ten years on from the financial crisis, conditions are much improved and the FCA, Financial Policy Committee and the European Union are heavily regulating the financial services sector. The government are keeping a close rein on the economy and technology has absolutely changed the face of the industry for ever.

The rapid digital revolution has given rise to new financial services products like peer to peer lending, crowd funding and digital currencies. Financial services firms have a wealth of new market data from all manner of sources, including social media, they can use to price, target and market their products and services. Workflow and processes have been automated, bringing operational efficiencies, but for some firms, it goes further still, with automated data-driven decision making and online, customer managed investments. Established firms are investing heavily in technology to keep pace with digital first startups, who are generating huge amounts of investment, using mobile strategies to attract and keep customers in a way that is in line with their lifestyles. But all these digital services have generated massive amounts of sensitive data, which is causing firms problems in managing it. While technology enables business to be carried out globally with ease, it also means that cyber threats can come from anywhere, and when most of your business depends on digital services and the data they generate, a robust cybersecurity policy becomes as inherent and important as any of the other business functions.

It has become an enterprise wide concern. Threats can come from the inside, the outside, via any mechanism, network threats, employee weak spots, malicious links, DDoS attacks, the list goes on. As cyber criminals become increasingly more stealthy and resourceful, firms need to ensure their security is robust enough to thwart off attacks. And with cybersecurity and data protection featuring heavily on the regulators’ agendas, compliance becomes a firm-wide concern.