Mar 19, 2021

Quantexa and Deloitte: Compliance against illicit finance

Deloitte
Quantexa
illicitfinance
Compliance
William Girling
2 min
Quantexa and Deloitte: Compliance against illicit finance
Data specialist Quantexa has partnered with Deloitte on a new global initiative to fight illicit finance, economic crime and fraud...

Citing evidence of a modern fraud epidemic that is costing the UK alone over £190bn per year, the collaboration is set to utilise Quantexa’s Contextual Decision Intelligence (CDI) platform prominently.

CDI creates a comprehensive and connected view of data by highlighting relationships between “people, places and organisations”, providing much-needed context for better, more scalable decision making.

Underpinned by entity resolution, network generation, analytics and interactive visualisation, Quantexa claims that its platform is faster, more accurate, future-proof (via open architecture), transparent, and more secure than its competitors.

The evolution of online crime monitoring

As we found in our recent article exploring digital vulnerabilities and threat remediation, COVID-19 has had a deleterious effect on cybersecurity generally. Factoring in the increased attack surface area caused by widespread digital transformation, we are living through perhaps one of the most technologically perilous times in recent memory.

Deloitte knows this and is keen to fuse its expertise with Quantexa’s technology to create an effective solution.

“Working with Quantexa, Deloitte clients are developing sustainable and future-focused contextual monitoring capabilities. CDI provides what is fast becoming the new standard for fighting illicit finance and economic crime,” said Andrew Oates, Partner. 

“Our deep economic crime subject matter expertise, combined with Quantexa’s technology and advanced analytics, enables our clients to identify trends, monitor known risks and detect new threats more effectively - it is the next evolution of illicit finance and economic crime monitoring.’

Rethinking monitoring

In January 2020, Deloitte outlined its Compliance Monitor (DCM), an infrastructural tech component for consolidating information and therefore allowing it to be monitored effectively. 

The company stresses that “people, process and technology” are the three elements of an effective compliance programme. Vishal Maria, CEO of Quantexa, makes it clear that the two are simpatico in this philosophy:

’We’re delighted to be partnering with Deloitte, whose proven global expertise in compliance and governance is the perfect fit for our CDI technology. New risks demand new technology and techniques. 

“Organisations need to rethink the use of traditional rules-based approaches to monitoring activity, which are inflexible and incapable of dealing with the complexity and scale of today’s enterprise data demands.”

Share article

Jun 11, 2021

3 security concerns for financial service providers in 2021

Cybersecurity
Fintech
financialservices
Cloud
Dominik Birgelen, CEO of onecl...
5 min
With cyberattacks on the rise and more transactions taking place digitally than ever before, financial services face challenges, says Dominik Birgelen

The financial sector has been a long-standing target for cybercriminals for a number of years.

Not only does it hold the financial details of millions of users but banks and financial organisations arguably hold more personal information than any other institution. Not only do these institutions have information on how much money you have or earn but also they can gain insight on how you spend or save this money.

The sheer amount of data that these organisations hold on each individual means that cybercriminals could obtain your money but also your identity. 

What’s more, the past year has seen a multitude of industries navigate a global pandemic, and working from home has caused additional challenges for the sector.

When the UK went into its first lockdown back in March 2020, financial institutions moved swiftly to adjust their operations. But cybercriminals also worked rapidly to take advantage of the now remote workforce that created a feeding ground for online criminal activity.

As a result, credential and identity theft have skyrocketed in the past 12 months as cybercriminals looked to exploit vulnerabilities in personal firewalls and antiviruses; using malware attacks and ransomware to target users and obtain confidential information. While the global workforce looked to navigate the new remote working environment, cybercriminals have been trying to exploit it with a number of challenges currently facing the financial sector.

Credential theft on the rise

Credential theft, whereby a cybercriminal is able to obtain a victim’s proof of identity, is not a new threat to the financial industry. In fact, from the 2021 Verizon Data Breach Investigations Report, it is stated that credentials remain one of the most sought-after data types and also the fastest data point to compromise. While the threat itself may not be something new, the environment we find ourselves currently navigating is, and cybercriminals are using this to their advantage.

As the workforce rapidly shifted from being siloed to remote, many organisations had to roll out additional services and solutions to remain operational. However, these devices or services also gave cybercriminals additional entry points within their networks. With many organisations operating via cloud-based solutions, having access to these networks means that hackers can gain access to a multitude of sensitive data within minutes.

Alarmingly, the majority of credential theft is the result of targeted phishing or malware attacks. As many people reuse their passwords for a number of services, once a single password has been compromised they can then try to connect with another service or network. With people working remotely, educating staff on the importance of setting resilient passwords, isn’t on the agenda for many organisations and therefore leave them vulnerable due to this negligence. 

Increased AI adoption

Artificial intelligence (AI) has been a technology that has been cementing itself within many sectors for a number of years. Due to its ability to carry out repetitive and arduous tasks, organisations are beginning to see the benefits from rolling out this technology with the financial sector also taking note. A report from Deloitte revealed that 30% of financial service organisations they describe as “frontrunners” are more adept when it comes to utilising AI; using the technology to enable them to increase revenue at a faster rate than their competitors. 

What’s more, the report states that 45% of “frontrunners” invest US$5mn in AI initiatives with 70% planning to increase their spending within the next year. Yet, as AI continues to establish itself within the financial services sector, business leaders need to ensure that they have robust and resilient infrastructures in place.

With so much trust being placed on the AI to automatically manage, distribute and in some cases, duplicate data, these organisations need to ensure they have protocols in place if this technology is also targeted by hackers and cybercriminals. 

Fintechs need cloud-based security

Technology is helping to solve many of the financial sector’s challenges and protect various institutions through advancements in the digital landscape. The evolution of cloud computing, which was traditionally valued for its cost-saving capabilities, is now invested in its enablement for future innovation.

Cloud-based technologies also allow financial institutions to implement critical cybersecurity measures that prove extremely difficult to penetrate including shielded logins, disconnecting the end-user environment, and Zero Trust Architecture (ZTA).

With many organisations still working remotely and as we seemingly emerge into a new era of hybrid working, financial service providers are undoubtedly going to be providing additional solutions for their workforces to remain efficient. However, with credential theft on the rise, we can see the vulnerabilities that these expanded ecosystems present when it comes to phishing and malware attacks. 

Financial institutions can look to easily implement the offerings of cloud-based solutions via shielded logins to external partners they’re dealing with. Using an authentication service whereby the user’s logins are transported via the browser as a client, all other authentication processes are performed by backend systems.

This means an extra layer of protection is provided when coordinating third-party involvement. Additional processes in the cloud can be implemented for further security, such as dynamically generated, unique passwords and tokens that the service provider does not store, so that the login information to applications remains hidden for all other users.

More and more organisations are also embracing Zero Trust Architectures aimed at protecting modern businesses from security threats by removing the “trust” from an organisation’s network.

As a result, many are utilising identity and rights management systems powered by blockchain technology to bolster the level of security for these organisations. Using these systems, users gain self-determination over their data by means of digital authorization chains meaning it is always traceable who has accessed which data or systems when and with which authorisations and where these authorisations originate from. 

Remote workforces and data security

The past year has forced a number of sectors to rethink the way in which they operate. As remote working looks to remain on the agenda for many financial service providers, it’s imperative that they consider the sensitive nature of the data that they hold.

Additionally, with many cyber-attacks being the result of phishing or malware incidents, organisations need to first educate their staff on the importance of vigilance around protecting their credentials whilst also ensuring that they roll out the right technologies that can combat these kinds of phishing attacks. Innovative cloud-based solutions can offer a solution.

Implementing end-to-end cloud security systems provide simple yet highly effective barriers to intrusion. Sensitive data cannot afford to wait therefore investing in secure cloud solutions now will ensure the safety of your organisation’s future.

 

Share article