Steffen Vollert, Co-Founder & CTO at Volt,

“With at least 135m contactless cards in circulation and the technology accounting for 9.6bn payments a year, there’s no doubt that the new contactless limit brings new opportunities for many. Consumers will benefit from greater flexibility and convenience; merchants could see an increase in sales and operational efficiencies; payment service providers might experience an uptick in transaction volumes.

“However, concerns that the increased limit will make it easier for fraudsters to steal larger sums of money from cardholders are valid, and should not be disregarded. During the first six months of this year alone, contactless fraud – covering cards and mobile phones – totalled £7.6m, according to UK Finance.

“Certainly, steps are being taken in right direction to combat card fraud. After 14 March 2022, issuers in the UK will have a legal obligation to implement SCA on card transactions under the FCA’s PSD2 requirements, for example. But this doesn’t solve the issue of contactless transactions, or card fraud itself. As a result, the increased limit could accelerate growing demand for an equally fast, but more secure payment method, which can be realised via open banking. Direct account-to-account payments in real-time eliminate card fraud altogether, whilst providing a single-click checkout experience for the consumer and substantially reduced fees for the merchant. It will take time for open banking payments to become mainstream. But could the increased contactless limit be the catalyst for a transition away from card payments? Only time will tell.”

Susannah Streeter, senior investment and markets analyst, Hargreaves Lansdown

‘’Regulators have been tip-toeing round the crypto world, shouting out occasional warnings to the crowds of speculators, but we now have the firmest indication yet that they will soon be stepping in to break up the block party.

The Deputy Governor of the Bank of England Sir Jon Cunliffe clearly believes the speculation has reached such a level that a crypto time-bomb is now ticking, which could blow up in the face of the financial sector.

With unregulated crypto assets growing 200% this year alone from just under $800 billion to $2.3 trillion, and banks and hedge funds now becoming involved, the Bank of England is worried about contagion if the value of coins and tokens held deflates rapidly.

The warning from the Bank of England comes hot on the heels of a call to action from the chair of the Financial Conduct Authority, Charles Randell in September. The FCA is extremely worried about the collision between social media and the crypto world, with Kim Kardashian’s single post about a token earlier this year considered to be the biggest financial promotion in history. Now, this nervousness about how financially vulnerable younger investors are being targeted by influencers has widened to an anxiety that the crypto wild west could undermine the stability of the financial system. There has been a hesitancy until now to bring crypto currencies into the regulatory sphere because of the risk it will add more legitimacy to the currencies.

It’s clear central banks and regulators see part of the solution lies in pushing this intense interest away from thousands of coins and tokens in the crypto space, towards stable coins, pegged to fiat currencies like the dollar, but they currently only make up around 5% of crypto assets held. The Bank of International Settlements, a global forum for central banks has already set out how clearing and payments services should be applied to stable coins.

There appears to be increasing backing of recommendations made by the influential Basel Committee on Banking Supervision. If banks and other regulated financial institutions dabble in crypto, the committee is considering making them put aside enough capital to cover 100% of potential losses. Giving speculative tokens a high-risk price tag is likely to make crypto currency dealing and investment very expensive and could limit the number of new institutional entrants into the crypto world.

Regulators and central banks are walking a tricky tightrope, recognising the need to foster new decentralised payments technology but ensuring enough rules are in place to prevent runaway speculation infecting the wider financial sector. If the environment is made too cumbersome there is a risk that innovation in the fast moving world of decentralised finance could be quashed, slowing down the efficiency of operations and leaving the UK behind countries which are welcoming crypto with open arms.’’

Historically, IT and tech infrastructure at banks has never been focused on the customer. The design underpinning these labyrinthine networks was centred on the delivery of distinct outputs and functions relating to different financial products. These individual products, whether they be credit cards, current accounts, mortgages or indeed any product relating to family life and responsible adulthood as we know it, were designed to be managed in siloes.

These product-based siloes were helpful during a time when banks were just beginning to refine and expand their offerings and analyse the effectiveness and profitability of, say, home insurance versus this once ‘new-fangled’ thing called an ISA.

By contrast, data on the individual customer was (and largely still is) not easily identifiable, as customers ‘live’ in various parts of incumbent banking systems, according to how many accounts or products they hold with the bank. These disparate parts cannot ‘talk to’ eachother easily, if at all. 

In addition to the focus on more easily quantifiable products and business units, there was a distinct lack of concern among early banking architects, with the ‘financial life’ of the customer. The ‘personas’ discussed in fancy branding workshops today were unheard of or at best, such activities were regarded as too costly and frankly unnecessary; during a time when banks’ customers had less choice.

As far as the consumer (I’m including corporate banking clients in this description) is concerned, there is a broad frustration with how banks interact with them, borne out of a misunderstanding of how banks organise – or not – customer profiles. Such frustration has contributed to the increasing popularity of neo banks such as Revolut, who hit the 10 million customer mark in February 2020. For traditional banks to keep pace with such aggressive, venture capitalist-backed growth in this sub-sector, they must achieve customer-centricity.

Banks are already mostly convinced about the importance of being or at least coming across as, more user-friendly. The real change won’t happen because of pretty wireframes and good user interface, however, but as a result of the explorations that are happening right now in order to achieve more customer-centricity within banking. This exploration is a team effort, a meeting of the minds and skills of dev teams within banks themselves, some external consultants, those with working knowledge of the original mainframe systems and beyond, to first of all analyse the incredibly complex architecture that is rendering the customer almost invisible within the ‘haystack’ of systems.

Incumbents are museums of technology

A ‘mega bank’ could have a master framework of between 30-70 core banking systems plus hundreds more sub-systems that pertain to each. While some banks have started to build customer-centric layers into this master framework, so that individual customer transactions are allowed to ‘live’ for longer, this isn’t always the solution. While this approach has improved the customer experience, the architecture became even more complex and costly and remains siloed by product.

For most banks, a single view of the customer still does not exist. Rather, customers live as fragments, scattered across their siloed systems. Again, the will to change this for better does exist, but is being hampered by outdated systems that are difficult or impossible to modify.

The journey to personalisation

The rising threat from neo banks and fintechs – many of which were built with the customer in mind from their inception, has intensified during the pandemic, which saw banks closing branches with increased veracity and accelerating their existing digital transformation processes.

We must bear in mind that these legacy systems were created with a 9-5 mindset, during a time when shops were closed early and certainly on a Sunday. The consumer of today expects much more convenience than this and any relatively new bank today will of course be built with a 24/7 mindset, for the mobile-first user.

The raw materials, such as the troves of personal data they’ve collected over time, and the will to become more customer-focused, are present among banks. So, what are the tangible steps they must take in order to cut through the current, product-focused set-up and to move the explorations to a productive conclusion?

What do banks need to do?

1. Partnering with third parties: To solve the problem of bank architecture being product-centric, more conversations need to take place between the banks themselves, developers (from both the neo and legacy eras), mathematicians, quants and the like. These partnerships will only be as impactful as the levels of trust between the banks and these groups. One breakthrough in this vein would be for tacit knowledge from legacy tech providers to be shared with banks and fintechs alike. An example of how this type of relationship works is the venture between Lloyd’s Banking Group and Thought Machine. The two are working to transfer data on 500,000 customers to a new core system and exploring the possibility of transferring all of the group’s customer data over the next few years.
2. Building new platforms: For many incumbents, one solution has been to create new, smaller platforms that operate on cloud-based systems designed to serve a specific strategic need. These platforms often operate separately from the larger institution, using their own infrastructure and deploying new technology solutions as needed. This keeps investment under control and quarantines risk to some extent.
3. The total shift to cloud: Cloud technology should be considered for upgrading bank systems as a whole, as it has the potential to transform an institution’s operational efficiency and negates the need for further investment in hardware.

Final thoughts

As banks are currently so siloed, they need to spend more time in understanding their legacy infrastructure, which can be done by hiring in-house to plug knowledge gaps, rather than rely on the protected knowledge of external consultants and transient project managers.

The goal of unification of systems as well as customer and product is more achievable than ever before, thanks to the tech and innovators at our disposal. Untangling systems to provide a better service for customers and improve personalisation is a process still in its infancy, but with a thorough approach to this current discovery phase, that haystack will certainly become a lot easier to navigate.

Russian Railways self-service terminals use advanced Smart Engines technologies to sell tickets for long-distance trains. The integration of the Smart ID Engine software product for passport scanning into terminals simplifies the routine procedure of manually entering passenger personal data and speeds up the ticket sales process. The project of creating a network of terminals currently has more than 300 units operating on the railways of Russia and Kazakhstan. The project integrator is JSC Transinfoset. 

An AI-based software for data capture of a passenger's passport was integrated into a new generation of self-service transaction terminals (SSTT). The first samples of terminals were installed at the Leningradsky railway station in Moscow, Russia. Russian Railways plans to expand its SSTT fleet, primarily by equipping the most visited railway stations in Russia with intelligent terminals. Smart Engines is developing energy-efficient algorithms for scanning identity documents integrated into the SSTT. The high-speed Smart ID Engine detects the passenger's passport and automatically enters the data into the required form fields to issue a ticket. Thus, the passenger no longer needs to enter the passport details on his own, making the ticket buying process six times faster by reducing the time spent on the manual data entry. 

With secure and fast scanning of international passports of more than 210 countries and Russia, citizens of the Russian Federation and travelers from other countries can quickly purchase a ticket. Smart ID Engine ensures the security of document processing, simplifying entering passport data and reducing the likelihood of errors during manual filling. Flagship Smart Engines technologies are GDPR and CCPA compliant. Passenger data is extracted and analyzed in local RAM, and passenger data is not saved or transferred to third-party services.

"The accelerated deployment of contactless services and equipment for process optimization over the past years indicates its significance. Manual entry of passport data when issuing a ticket is a routine procedure. That's why the process of purchasing tickets should be as convenient as possible for Russian Railways passengers. According to our estimates, implementing the Smart ID Engine software product will increase the usability and economic return of self-service terminals", comments Alexander Galaktionov, General Director of JSC Transinfoset.

"Smart Engines is pleased to become a part of the innovative projects of Transinfoset and aims to further cooperation. The creation of new generation self-service terminals with scanning Russian and foreign passports data will mark a new stage in the ticket sales at railway stations after the automation of ticket offices using smart scanners", says Vladimir Arlazarov, CEO of Smart Engines, Ph.D.

- Three-quarters rely on traditional VPNs for remote access while a third also use zero trust as part of their remote access strategy

- Over half plan to reduce third party/contractor access to systems due to security risks

A report launched today by Menlo Security, a leader in cloud security, highlights growing concerns about securing users as the trend for hybrid and remote working is set to remain. The new report – which surveyed 500+ IT decision makers in the U.S. and the U.K., including a third at C-level – looks at attitudes to securing remote access to applications and resources and the adoption of zero trust solutions.

While most respondents (83%) say they are confident in their strategy for controlling access to applications for remote users, three-quarters are re-evaluating theirs in the wake of new ways of working and the growth in cloud application use. While half of employees are currently working remotely or adopting a hybrid approach, around two-fifths (42%) are expected to continue in 12 months’ time.

According to the findings, three-quarters (75%) of organisations continue to rely on VPNs (virtual private network) for controlling remote access to applications, which rises to 81% for organisations of 10,000+ employees. For around a third (36%) of organisations a zero trust approach also forms part of their remote access strategy.

“It seems that most businesses are confident in their remote access security, yet are still relying on a traditional and inherently insecure way of doing things using VPNs, which give access to everything on a network,” said Mark Guntrip, senior director, cybersecurity strategy at Menlo Security. “With only a third currently using zero trust network access, there’s a real opportunity to provide users with access to only those applications and resources needed to do their job. When you start to adopt this approach across everything you do then your whole security mindset changes.”

The top reason for implementing a zero trust solution is improved security, according to 60% of respondents, regardless of whether they are using it or not. One third (32%) point to ease of use, while speed of access and scalability are both more widely recognised among those already adopting a zero trust approach. Significantly, 40% of respondents believe that implementing a zero trust solution places less pressure on IT.

Despite overall confidence by global IT decision makers in the robustness of their strategy for controlling application access for remote users, Menlo Security’s research also shows that:

·         Three-quarters of respondents believe that hybrid and remote workers accessing applications on unmanaged devices poses a significant threat to their organisation’s security. Despite this, around a fifth still allow unmanaged devices – laptops, desktops and mobile devices – to connect to corporate applications and resources.

·         While the majority (79%) of respondents have a security strategy in place for remote access by third parties and contractors, there are growing concerns about the risks they present, with just over half (53%) planning to reduce or limit third party/contractor access to systems and resources over the next 12­–18 months.

Menlo’s Mark Guntrip adds: “As the internet becomes the new corporate network, controlling user access to private applications has become more important than ever. Organisations need to evolve their thinking from providing connectivity to the entire network to segmenting access by each individual application. The right zero trust approach will ensure seamless access between users and the applications they are authorised to use, while all other applications are invisible, preventing lateral discovery across the network.”

Menlo Private Access

Menlo Security has a clientless-first approach to implementing Zero Trust Network Access, enabling organisations to secure access to applications from all devices – including managed, unmanaged and mobile devices. This approach minimises the workload on IT and security for deployment, while maximising the security posture of the company. The clientless-first approach can be augmented with a client for use cases that specifically require client-based access.

Unlike many ZTNA solutions that cannot monitor traffic being sent and received between an end user and a controlled application, Menlo Private Access ensures that security policy is always enforced by remaining inline between the end user and protected applications; utilising our Elastic Isolation Core as a control point to prevent sensitive data loss and stop potential malware from reaching the endpoint.

 Contis, the European leader in Banking-as-a-Service (BaaS), today announced it will be launching variable contactless limits for consumers, driving more flexibility, security, and payments possibilities for everyone.

The move comes as the joint HM Treasury and FCA decision to increase the contactless threshold from £45 to £100 rolls out across the UK today. This means that any customer of a business leveraging Contis’ BaaS innovative solutions will soon have full control at their fingertips by setting their own contactless payment threshold.

Peter Cox, Chair and Founder at Contis, comments: “By introducing contactless limit controls for individual accounts, we’re giving customers the autonomy to set their own comfort level and stay in control of their money. This is particularly powerful when looking at parental control of linked accounts for children, or linked cards for carers shopping for the vulnerable, for example.”

In July 2021, Contis announced they were joining forces with Solarisbank to become the undisputed pan-European BaaS leader following the former’s series D funding round, raising €190million and valuing the company at €1.4bn.

“As the leading BaaS provider in Europe, we are bringing this functionality to businesses big and small. From the fintech start up to the multinational card issuer, we’re enabling our client base to deliver cutting edge payments technology solutions to their customers,” Cox adds.

The Financial Conduct Authority (FCA) has issued new guidance to companies operating a remote or hybrid working model.

The new directive states that firms will be evaluated by us on a case-by-case basis and should be able to prove that the lack of a centralised location or remote working does not or is unlikely to affect the company’s ability to meet the threshold for the for the regulated activities it has or will have permission for.

The guidance states that companies should be careful to ensure that remote working does not affect the ability of the firm to oversee its functions, cause detriment to consumers, damage the integrity of the market, increase financial crime or reduce competition.

Other advice contained in the proposals include the need for companies to have the necessary planning in place. Recommendations include firms need to ensure they have the systems and controls, including the necessary IT functionality, to support the above factors being in place, and these systems are robust. Additionally, companies are told they should also ensure they have considered any data, cyber and security risks, particularly as staff may transport confidential material and laptops more frequently in a hybrid arrangement. 

Companies are also warned to consider the full legal implications for your business of this type of arrangement and how key functions will be performed, overseen and based. Firms are also advised to manage systems and controls effectively, including digital capabilities such as the ability to access records/systems, whether the firm in question relies on physical documents and what arrangements have been made for their security and access. 

Responding to the guidance, technology expert Sridhar Iyengar, Managing Director, Zoho Europe, said, “The FCA is right to warn financial services firms about the risks associated with hybrid working, particularly around challenges such as regulatory requirements, data compliance and accountability. The Covid-19 pandemic has forced through many positive changes in terms of working practices, yet far too many companies still lack the training & assessment of personnel and the IT infrastructure and systems to ensure complete compliance.

“Moving forward, organisations seeking to build a truly safe and secure hybrid working culture must look towards operating systems that can offer key applications to manage everything from collaboration and finance, to analytics and customer engagement. This will bring a new level of safety and security to remote working, helping to keep companies compliant in line with FCA standards,” added Iyengar.

Security specialist Tim Sadler, CEO of Tessian said, “A hybrid working model brings with it huge benefits in terms of employee wellbeing, cost saving and flexibility, but also substantial cyber risks. The FCA is right to raise awareness of the need for companies to carefully consider how they manage remote working operations to ensure they remain compliant at all times. As well as ensuring the right security systems are in place, it’s essential that staff are fully trained about the risks posed in terms of data security around incorrectly addressed email correspondence as well as external threats like phishing emails, ransomware attacks. Financial services organisations manage valuable and critical data, and it’s so important that they do not allow flexible working practices to put them at risk of a breach.”

Cyber expert Chris Ross, SVP International at Barracuda Networks said, “Hybrid working brings with it many security challenges, particularly for firms operating within the financial services sector, so this guidance from the FCA is a welcome step for helping businesses reduce risk. With ransomware attacks on the rise, keeping companies fully aware of their regulatory responsibilities when managing remote working models is an essential step, alongside the necessary security systems and training for staff.

Ross continued, “Our recent research has shown that 81% of IT leaders admitted that their organisation had suffered a security breach in the last 12 months. Worryingly, companies operating a remote or hybrid working model had a substantially higher breach rate, at 85% compared to office-based businesses where the figure was 65%. Worse still, three quarters of those surveyed stated that they had been the victim of at least one ransomware attack. It’s therefore vital that all companies operating hybrid working models remain compliant and acutely aware of potential security risks at all times.”

 Bitcoin Latinum, the secure next-generation, insured, asset-backed cryptocurrency with high transaction processing capacity, is announcing a partnership with GK8, a blockchain cybersecurity company that offers financial institutions and cryptocurrency projects a self-managed end-to-end custodial platform for blockchain-based digital assets.

The rise of crypto enthusiasm has encouraged hackers to target blockchains, exchanges, and wallets with increasingly sophisticated attacks in hopes of cashing in. Some of the most recent high-profile incidents include the attack on Liquid, Japan’s top exchange, which lost almost $100 million, and $600 million worth of digital assets from Poly Network. As more funds gravitate toward crypto, the price tags of successful attacks on its supporting infrastructure will likely only grow.

To protect its ecosystem, Bitcoin Latinum will integrate GK8’s proprietary regulation-compliant solution, using it to store its own coins and, potentially, offering its custody to its retail and institutional investors. GK8’s fresh approach to securing digital assets offers both Cold Vault and MPC functionality, along with built-in support for DeFi integration and coin staking. Its proprietary MPC solution allows for dozens of automatic co-signers, while most other available options support up to three, making GK8’s platform the most secure choice for high-frequency transactions in the market. It is also the most scalable MPC on the market, enabling thousands of automatic transactions per second.

The solution also incorporates the world’s first true air-gapped Cold Vault that enables GK8’s clients to create, sign, and send secure blockchain transactions with no internet connectivity, hence eliminating all potential cyber attack vectors. GK8 customers currently manage over $10 billion worth of digital assets through its end-to-end solution.

“Security is one of the key concerns for both private investors and institutions entering the crypto world,” said Lior Lamesh, CEO and Co-Founder of GK8. “Our solution empowers custodians to grant the maximum level of protection for digital assets under their management while enjoying the versatility that comes with smart contract support. We are thrilled to expand our portfolio and join forces with Bitcoin Latinum as it works to advance the Bitcoin ecosystem into the financial mainstream.”

The partnership comes as Bitcoin Latinum prepares to have its token listed on DigiFinex exchange in late October under LTNM ticker. Built as an open-architecture cryptocurrency, LTNM is a greener, faster, and more secure version of Bitcoin, and is poised to revolutionize digital transactions. The Bitcoin Latinum algorithm and infrastructure break barriers and speed limits that have prevented some virtual currencies from achieving practical, real-time use. Furthermore, Bitcoin Latinum looks to reduce the cost of a Bitcoin transaction from dollars to pennies for on-chain transactions.

Dr. Donald Basile, CEO of Monsoon Blockchain Corporation, the lead developer of Bitcoin Latinum on behalf of the Bitcoin Latinum Foundation, stated: “We are very excited to partner with GK8, A pioneer in the blockchain cybersecurity space. This partnership works to strengthen LTNM’s robust security protocols, and elevates Bitcoin Latinum’s global positioning in the world of digital assets - powering its mass adoption for retail transactions.”

In a bid to offer its retail and institutional investors the highest possible security, Bitcoin Latinum will combine the benefits of GK8’s end-to-end custody solution with a robust insurance policy to protect LTNM holders.

Bitcoin Latinum has chosen one of the world’s leading insurance brokers and risk advisers to arrange a comprehensive insurance program for Bitcoin Latinum. The insurance coverage will protect Bitcoin Latinum holders in case of external theft and internal collusion, potentially up to the full value of their holdings. With this insurance coverage, Bitcoin Latinum will become the world’s largest insured digital asset.

Atom bank, the Durham-based fintech, is celebrating hitting £1bn in lending to SMEs. 

The milestone, which was reached on 15 October, includes all completions originated through Atom’s own secured lending and also the bank’s ongoing partnership with Funding Circle to provide unsecured loans to UK SMEs. 

This latest milestone comes after the UK’s first app-based bank reached several other significant customer and commercial highpoints. 

Edward Twiddy, Chief Customer Officer at Atom bank, said: “It’s been a really successful year for Atom, delivering our first month of operating profit in June, surpassing the £3bn mark in mortgage lending in July and reaching £1bn of deposits into Atom’s Instant Saver product too. 

“We were delighted to have made the 1,000th secured loan to an SME customer earlier this summer and now, passing the £1bn mark in SME lending is another significant milestone that we can check off. Combined with our long-established delivery of excellent customer satisfaction indicators we are showing that good banking and profit are one and the same; a core truth that we will take forward as we continue to grow and prepare for IPO.” 

An established business lender since 2016, Atom has most recently been an important part of both the Coronavirus Business Interruption Loan Scheme and now the Recovery Loan Scheme for businesses, offering new-to-bank and existing customers access to lending both before, throughout and now as we emerge from the pandemic. 

Continuing to be one of the highest ranked UK banks, Atom provides fast, transparent and good value customer experiences, with a Trustpilot rating of 4.6 and a Net Promoter Score for business lending of +88. 

• Employees at Shawbrook Bank select PAPYRUS as their chosen charity for 2021/22
• Shawbrook partners with PAPYRUS at a time when the charity’s lifesaving support is needed more than ever due to Covid-19
• The bank’s initial £10k donation will be boosted by colleague-inspired fundraising and volunteering events throughout the year

Shawbrook Bank has announced its employee chosen charity partner for 2021/22 as PAPYRUS, a charity dedicated to the prevention of young suicide. 

Following a staff vote, the specialist bank will raise vital funds for PAPYRUS throughout 2021-22. To launch the partnership, Shawbrook has donated £10k to the charity, which will be topped up throughout the year via employee fundraising.

Ged Flynn, Chief Executive of the charity PAPYRUS Prevention of Young Suicide, said:   

"PAPYRUS is delighted to be partnering with Shawbrook Bank and welcomes the company’s valuable support. By working together we will raise greater awareness of the vital support which is available and engage with young people who are struggling with their self-esteem and self-worth.

“Money raised by Shawbrook Bank and its staff will help to pay for potentially life-saving calls, texts and emails to our confidential HOPELINEUK service, which offers support and advice to young people who are struggling and anyone who is worried about a young person who may be having thoughts of suicide.   

“Fundraising also helps PAPYRUS to engage with local communities and volunteers in suicide prevention projects and supports the training we deliver to individuals and groups.

“Suicide is the biggest killer of young people in the UK and we must reduce the number of young people who take their own lives by breaking down the stigma around suicide and equipping people with the skills to recognise and respond to suicidal behaviour.”

“Together we must continue giving hope to young people who are struggling with life.”

Richard Armstrong, Group Head of Marketing at Shawbrook Bank, who heads up Shawbrook’s social impact activities, said:

“Our people have chosen to support PAPYRUS at a time when the charity’s advice, information and support is needed more than ever due to the devasting impact the pandemic has had on young people’s mental health.

“We’re looking forward to actively supporting PAPYRUS over the next 12 months, both by getting involved with an inspiring programme of PAPYRUS events as well coordinating our own calendar of fundraising activity. 

 “Shawbrook is extremely proud to support PAPYRUS in its lifesaving work.”