Akurateco, an industry-leading provider of white-label payment software solutions based in Europe, proudly announces its recent certification as a participating processor for Google Pay. This significant milestone reaffirms Akurateco's unwavering commitment to revolutionizing payment solutions for businesses worldwide.

Google Pay stands at the forefront of mobile payment technologies, poised for exponential growth in the coming years. Projections from Statista indicate a substantial increase in Google Pay users in the United States, with over nine million new users expected between 2022 and 2026.

As a certified white-label payment gateway, Akurateco joins an elite group of payment processors authorized to support the Google Pay Application Programming Interface (API). This certification solidifies Akurateco's position as a trusted partner in facilitating seamless and secure checkout experiences across mobile apps and websites.

By integrating the Google Pay API into its platform, Akurateco empowers its clients to offer customers a frictionless payment experience, enhancing convenience and trust in the checkout process. Businesses partnering with Akurateco can effortlessly incorporate Google Pay, ensuring a streamlined payment process for their customers.

Vladimir Kuiantsev, Akurateco's CEO and Managing Partner, expressed enthusiasm for the partnership, saying:

"We are thrilled to achieve Google Pay certification, underscoring our commitment to innovation and excellence in payment solutions. With Google Pay integration, we empower businesses to offer cutting-edge payment experiences, driving growth and success in today’s dynamic marketplace."

Today, Ozone API, a global leader in the open banking sector, announces the appointment of former Virgin Money CEO, Dame Jayne-Anne Gadhia as the Chair of its Board. The appointment follows a successful Series A funding round led by Gresham House Ventures, aimed at fuelling the Ozone API’s ambitious global expansion strategy. It also comes after the company recently hired Mr Open Banking’s Eyal Sivan as General Manager for North America, to mark Ozone API’s expansion into the USA.  

Dame Jayne-Anne has enjoyed a distinguished career spanning over three decades in financial services and technology. She is celebrated for her transformative leadership at Virgin Money and her pioneering efforts in fintech innovation. Notably, she led the acquisition of Northern Rock from the UK Government nearly four years after it was nationalised, successfully integrating it into the Virgin Money Group. She went on to grow the business with the acquisition of a credit card book and the creation of a current account, leading the company to profitability and a successful sale.  

An advocate for greater diversity in the financial services industry and improved financial inclusion, Dame Jayne-Anne also founded her own money management fintech company, Snoop. Now, as she joins Ozone API’s Board as Chair, the company’s leadership team hopes to benefit from her expert guidance in supporting its mission to revolutionise open banking and finance worldwide.  

Huw Davies, Co-founder and Co-CEO of Ozone API, commented on the appointment, stating, "We are delighted to welcome Dame Jayne-Anne to Chair our Board. Her unparalleled expertise and vision will offer huge benefits to Ozone API at this pivotal point in our journey. With our recent Series A funding and Dame Jayne-Anne’s guidance, we are perfectly positioned to accelerate our growth and continue our work in revolutionising the global financial ecosystem." 

Dame Jayne-Anne also shared her excitement about her new role and the future of Ozone API, commenting, "Joining Ozone API as Chair of the Board is a tremendous honour. The company's dedication to innovation and its impressive track record in open banking are truly inspiring. I am eager to work with the talented Ozone team to drive forward their ambitious plans to accelerate open finance around the globe." 

Ozone API, with its roots in the team that pioneered open banking standards in the UK, offers a leading standards-based open API platform. It enables banks and financial institutions worldwide to harness the power of open finance, driving innovation and creating real commercial value. As the company embarks on its next phase of growth, Dame Jayne-Anne's guidance on the board and the recent strategic funding underscore Ozone API's readiness to shape the future of financial services on a global scale.

Penfold, the digital pensions provider, today announced the launch of its latest crowdfunding round, following a period of significant growth. The early access launch is now open and individuals can register for this via Penfold’s crowdfunding page, with the round opening to the general public on February 27th. Penfold’s last crowdfund in 2022 sold out just hours after going live.

Penfold is on a mission to disrupt the £8trn pensions industry, enabling more people to save for later life by providing a purpose-built platform that delivers a class-leading user experience. Penfold gives savers more control of their pensions by increasing the visibility of their savings and investments while providing fantastic customer service. 

Since its inception in 2019, Penfold’s customer base has grown to more than 62,000 savers with over £350m of assets. Building on its success in the direct-to-consumer and workplace pensions market, in 2023 the company launched the Penfold Platform, specifically designed to offer a simplified and intuitive pension processing solution for accountants.  

This round of crowdfunding is being opened to increase the company’s growth and secure its path to profitability. In addition to continuing to grow its popular workplace pension, Penfold is also aiming to make improvements to its app and further invest in its customer service capabilities for all its customers.

Chris Eastwood, Co-Founder at Penfold, comments: 

“Our mission is to encourage more people to save for later life by providing a simple way to access and save into their pension. More savers want a pension that they can easily use and understand, which is why we have achieved such impressive growth recently. This latest round of crowdfunding will enable us to maintain this growth while providing the capital needed to return the Penfold team to profitability. Our last crowdfunding round was a huge success and it’s fantastic to have a community of engaged investors who support our goal to get people saving more so they can have the retirement they deserve.”

Napier AI, the London-based financial crime compliance RegTech, is pleased to announce that it has received a significant investment from Crestline Investors, Inc., a US-based, credit-focused institutional alternative asset manager, to further accelerate its growth trajectory, highlighting the transformational time in the industry for know your customer (KYC) and anti-money laundering (AML) solutions.

Napier AI, headquartered in London, UK, and founded in 2015, is a provider of AI-enhanced financial crime and regulation technology compliance software providing AML solutions across the banking, payments, and wealth & asset management industries. Napier AI’s solutions are used by customers to screen, monitor and identify, criminal or suspicious activities, with the added functionality of regulatory reporting. Without these solutions, customers may be exposed to greater financial, reputational, and regulatory risk or large operational overheads.

Napier AI operates in a large industry with strong tailwinds driven by increasing regulatory and compliance requirements. Napier AI has historically driven strong topline growth without a traditional private equity sponsor or significant institutional capital. Since 2021, top-line revenue has grown at 30%+ year on year, as Napier AI has invested in its go-to-market organization and bolstered its product line via dedicated R&D.

Crestline’s investment will help to further business expansion in the coming years, enabling Napier AI to continue developing and serving financial institutions with NextGen screening and monitoring solutions, powered by explainable AI that delivers true value.

“We are pleased to deliver strong, continuous growth in a challenging market. Financial crime compliance operations and regulatory pressure continue to be large overheads for financial institutions, so there is a need to invest in NextGen AI-enhanced solutions with the benefit of trusted technology and delivery,” noted Greg Watson, CEO at Napier AI.

“We are excited to work with the Napier AI team and believe their market-leading, AI-powered technology platform is well-positioned to help financial institutions and other regulated companies excel in an environment with rapidly expanding transaction volumes and increasing regulatory requirements,” said Will Palmer, Managing Director at Crestline.

Cybersecurity is a well-known concern for all organizations, and database security is a critical subset. Successive major news stories have emphasized the damage that data breaches can cause for any company. 

The financial cost of paying data ransom is only the tip of the iceberg. Organizations can also expect to face fines and penalties for non-compliance with data privacy regulations, and higher financial losses from class-action lawsuits brought by users whose data was compromised. On top of that, the concomitant loss of trust and brand reputation can scare away customers, partners, and revenue for a long time to come. 

Database security should already be high on the list of fintech IT leadership priorities, but the rapidly evolving landscape should push it up even further. Constantly-growing data volumes, complex distributed networks that make it more challenging to maintain visibility and perimeter defenses, increasingly strict data privacy regulations, and the ongoing shortage of skilled cybersecurity personnel, all make databases more susceptible to threats. 

Database security is particularly crucial for fintechs and other financial organizations. Financial records are among the most sensitive, exceeded only by healthcare, as breaches can be especially consequential for customers. Financial services consumers have much lower tolerance for a data breach and are likely to take flight far more quickly than those of another vertical. 

Yet database security is still alarmingly weak even in fintechs, where one might expect there to be a higher degree of awareness around the vulnerabilities of databases, servers, and data access. 

Common security provisions are, alarmingly, still not a matter of course for many fintechs. These measures might include automatic lockdown and expiry for default user accounts, regular patching, military-grade encryption, credential rotation and multi-factor authentication (MFA), real-time monitoring, web app and database firewalls, frequent pen testing, and blocking public network access to data servers. 

If every fintech company did these things, a number of data breaches could have been prevented, or at least limited in their fallout. Here’s a closer look at a few serious data incidents from 2023 and the gaps in fintech database security that made them possible. 

Direct Trading Technologies

Direct Trading Technologies is an international fintech company that offers trading platforms for stocks, foreign exchange, cryptocurrencies, indices, Contracts for Difference (CFDs), and many other securities, as well as white-label services for other fintech solutions. 

You can imagine the outcry when DTT announced that it had been leaking sensitive and trading activity data over the course of six years, a cumulative data breach that put over 300,000 DTT users at serious risk of an account takeover. The breach was due to a misconfigured web server that held multiple database backups, each containing a significant amount of sensitive information about the company's users and partners. 

It’s another example of the impact that simple human error can have. Although mistakes can happen, stronger pen testing may well have revealed this error long before it was discovered and exploited by hackers. 

Revolut 

In 2023, the story broke that Revolut had experienced losses of over $20 million over the course of several months in 2022, when hackers exploited a software vulnerability in Revolut’s payment systems. 

The vulnerability affected communication between Revolut’s European and US payment systems, with the result that Revolut used money from the bank’s own funds to refund declined transactions, rather than from the user’s account. Malicious actors were able to use this loophole to steal millions from Revolut, most of which can’t be reclaimed. 

Even though the sting continued for many months, Revolut’s security teams didn’t notice the vulnerability. It was only discovered when one of Revolut’s US-based partner banks noticed that its funds were lower than expected and alerted the company. Only then was the vulnerability spotted and closed. It’s highly likely that real-time monitoring could have detected and resolved the incident much earlier, before losses grew so high. 

Latitude Financial 

In March 2023, Australian fintech Latitude Financial notified users of an extremely serious data breach, in which hackers accessed 100,000 identification documents from one service provider and over 225,000 customer records from another. Latitude had to take its entire organization offline and stop serving customers in order to clean up its systems and restore security. 

The data breach resulted from an attack on one of its vendors which exposed the security credentials from two Latitude employees. Hackers were then able to use those credentials to log onto other service providers used for identity verification, which then gave them access to sensitive Personal Identifying Information (PII). 

Latitude could have prevented this data breach if it had encrypted PII data in storage. Using MFA instead of passwords, and restricting third-party access to sensitive data by applying stronger assessment processes, could also have avoided the incident, or at least limited its scope. 

Fiserv 

Payment processing giant Fiserv was among thousands of organizations affected by an enormous exploit of zero-day vulnerability in MOVEit file transfer technology, which is used by many fintechs and financial institutions. 

Fiserv found itself in the highly unwelcome position of having to notify its client, Michigan-headquartered Flagstar Bank, about the security incident. Flagstar, in turn, discovered that sensitive data from more than 800,000 customers had been exposed to hackers and malicious actors. 

It’s worth noting that Fiserv and Flagstar are far from being the only victims. The list exceeds 2600 organizations across numerous verticals, with data from more than 77 million people exposed as a result of the attack. If those companies had employed vulnerability scanning, they might have spotted the vulnerability before it was discovered and exploited by the ransomware group Clop, preventing such a large-scale data breach.

Database security provisions can be a matter of business life and death

As the saying goes, hindsight is 20/20. It’s easy to look back and point out the mistakes and deficiencies that led to specific data breaches. That said, when fintechs can suffer such serious ramifications from any data breach, there is no excuse not to implement every possible protection against hacking, data leaking, and unauthorized access. We hope that 2024 sees fintechs place a much brighter spotlight on database security.

BankiFi and Praetura, the Manchester-based fintech and alternative lending companies, have launched a new lending-as-a-service solution that will boost SMEs’ access to growth funding.

The first-of-its-kind platform is designed to help small businesses access capital when they may otherwise not meet the criteria for traditional high street banks. Praetura, backed by BankiFi’s tech platform, will deliver asset and invoice finance to SMEs on behalf of banks unable to support those businesses.

Many banks don't provide asset or invoice finance solutions, and those that do typically focus on larger businesses that are more likely to meet their lending criteria.

According to the Bank of England, all net growth in UK SME lending since 2017 has come from smaller banks or alternative lenders rather than traditional high street banks. Meanwhile, Praetura’s ‘Fund the Gap’ report, which surveyed more than 400 UK SMEs in 2023, revealed that almost three-fifths (59%) of UK businesses say access to capital has decreased in the last five years, with 43% reporting that it is one of the biggest challenges they face.

BankiFi and Praetura’s solution empowers traditional lenders to meet the diverse financing needs of the UK’s small businesses, with Praetura adopting the risk of the initial investment. Banks are then positioned as the go-to finance provider, with businesses referred back to the bank once they’ve grown into the eligibility criteria.

Mark Hartley, CEO and founder at BankiFi, said: “We’ve built great relationships with high street banks due to our bank-friendly distribution model and our ability to leverage the benefits of open banking. Our partnership with Praetura is the natural evolution of our existing SME payment solutions, which have focused on reducing the time SMEs spend collecting money and helping them to manage cash flow, growth and now access finance.

“The first place many businesses go to for lending is their bank. The problem is that they often don’t meet the eligibility criteria set out by the bank. In these cases, if they can't secure a loan, they often fall through the cracks and remain unserved. What we’re able to offer through our partnership with Praetura is a solution that both banks and businesses need.”

Peadar O’Reilly, CEO at Praetura Lending, added: “Praetura's initial investment in BankiFi was driven by the shared vision of addressing market gaps for SMEs. There isn't anyone in the UK that has the combined senior funding lines, specialist lending expertise and technology capability to help fund this gap for SMEs in the market. This unique partnership signals a new era for SME lending, demonstrating a commitment to innovation, collaboration and meeting the diverse needs of businesses.”

BankiFi, which has been backed by Praetura Ventures since September 2021, specialises in payment processing and financial administration services for SMEs. It has been at the forefront of reinvigorating banks' relationships with SMEs, emphasising the importance of putting banks at the heart of business. This renewed partnership further solidifies BankiFi’s commitment to closing the loop and providing a solution that aligns with demand from SMEs.