The Weekly Extract from Extractable is a condensed roundup of digital experience news for financial services institutions, and our take from San Francisco. Unfortunately, we have been remiss in publishing it during the past few weeks. As Robert Burns so well captured it, “The best laid schemes o’ Mice an’ Men, Gang aft a-gley.”
This week we look at the continuing discussion around and about central bank digital currencies, and the growing threat of cyberattacks and fraud brought by increased digital banking use.
Central Bank Digital Currencies
With the latest climb and drop of cryptocurrency values, there has been growing calls for governments to issue central bank digital currencies (CBDC). According to an article in Coindesk by Jamie Crawley, “Ant Group, the fintech affiliate of Alibaba Group, has revealed the extent of its work with the People’s Bank of China (PBOC) on the country’s central bank digital currency.” Tencent also disclosed that they also have been “involved in digital currency tests since February 2018.”
In response to these reports, the Fed’s chairman, Jerome Powell, noted it is “better to ‘get it right’ than be first when it comes to a developing a central bank digital currency,” per a report by Sebastian Sinclair also in Coindesk. Sinclair writes, “instead, the U.S. is biding its time to see whether a CBDC is something that would be a ‘good thing for the people that we serve’ and ensure it is the right fit for those who rely on the dollar.”
“While competition among the Fed, the ECB [European Central Bank], the PBOC, and other central banks might prove healthy, it also might lead to developments that threaten the entire international financial system.”
Krueger adds, “although a CBDC could improve financial inclusion, most experts caution that it should not be inaugurated until there are assurances that credit allocation, payments systems, financial-stability safeguards, and other aspects of the new system would function at least as smoothly as they do under the current one.”
In an article in The Block, Aislinn Keely quotes J. Christopher Giancarlo, former chairman of the Commodities Futures Trading Commission (CFTC) and co-founder of The Digital Dollar Project. “The U.S. doesn’t need to be first to the central bank digital currency, but it does need to be a leader in setting standards for the digital future of money, which is why our pilot testing collaboration with Accenture and other partners is so critical.”
Weighing the Drawbacks
Efforts by The Digital Dollar Project and the Fed aim to address the types of concerns raised by Krueger. Keely notes, “The Digital Dollar Project will work to identify and solve technical and functional requirements, as well as assess the remaining benefits and challenges for applications in both retail and wholesale use.”
“Some of the key features of cryptocurrencies like Bitcoin (BTC) — freedom of use and limited supply — won’t be offered by central bank digital currencies. At the end of the day, those are core properties that users care about.”
This past week, the Senate Banking Committee held their semiannual testimony on the Fed’s supervision. According to an article by Kollen Post in The Block, “the topic of a central bank digital currency played a prominent role” in that hearing.
The Fed’s Randal Quarles noted that the Fed is issuing a report on CBDC. The report will “determine whether a CBDC is appropriate for the United States.” Quarles is quoted saying that CBDC is “very much an open question.” However, “a broader pilot and certainly a CBDC itself is most likely to require additional authority.”
We believe the odds are that the US will eventually issue a CBDC. By the way, if you are interested in learning more about CBDCs, the Crypto exchange Kraken has prepared an excellent primer accessible here.
Cybersecurity and Fraud
Some reports show that up to 71 percent of all banking customers are now regularly using digital banking. With such high level of use, there is a continuing concern over the level of cybersecurity and fraud control methods applied to digital banking. An article in StealthLabs delves into eight important financial service cybersecurity facts and statistics.
- 70% of community banks report security as top concern
- Financial firms are 300 times more vulnerable to cyberthreats
- Just four methods account for 90% of attacks: SQL injection, Local File inclusion, Cross-Site Scripting, and OGNL Java Injection.
- The threat landscaping is expanding
- FIs have dedicated spending on cybersecurity
- Organizations are better equipped at detecting than preventing
- Daily cybersecurity alerts are overwhelming and risk becoming noise
- Employee failure to follow security protocol is a leading cause
Given these findings, it isn’t surprising that International Banker published an article that poses the question: Are banks losing the fight against fraud?
The article notes,
“some believe that too many lenders are failing to address the systematic origins of fraud properly, which, in turn, leads to more cases emerging that ultimately result in significant losses.”
They quote Amount, “a fintech company that helps financial institutions rapidly digitize their financial infrastructures, some banks are still operating the same way they did 20 years ago ‘in a very manual and analog environment’, which leaves even the highest-asset banks susceptible to high-level fraud attacks.”
AI Offers Protection and Threat
Heloise Walters, Cybersecurity Analyst Intern at TDI Security writes in Finextra that phishing and Distributed Denial-of-Service (DDoS) attacks have the highest rates in finance over all other industries. While organizations are now deploying AI to combat cybersecurity and fraud risk, the very same technology is being used to attack FIs and their customers. She writes
“Cybercriminals use AI to increase the effectiveness of their attacks. AI can be used to understand patterns in human behavior, and then convince them to compromise networks and share sensitive financial data. AI can also be used to identify new vulnerabilities in networks, devices and applications.” She adds that “as far as AI is concerned, fighting fire with fire seems to be the best way to go for financial organizations.”
Walters offers strategies to address this issue. Detection alone isn’t enough. FIs “need to be proactive in protecting their customers, their data, their networks and their operations against cybercrime.” Cooperation is also important. She writes, “sharing information on attacks and organizing attack simulations are great exercises and though, they may not stop all cyberattacks – they can make a big difference in guarding against attack and reducing detection and response times.”
As digital transformation of the banking industry continues, security will become harder and harder to manage. International Banking notes that the global trend towards Open Banking “will open up financial institutions to third parties that will access various customer data, which will only heighten their vulnerability to fraudulent activity if not adequately monitored and secured.”
Ultimately the escalating fight against cybersecurity and fraud is one that FIs will have to continue to wage. Unfortunately, we don’t usually see organizations including cybersecurity in their digital transformation roadmaps.