“Many, if not most, financial institutions have been shifting to more cloud-based and modularised Banking-as-a-Service (BaaS) models and these trends will only accelerate as we need to manage risks inherent in conducting financial services via remote working environments. For example, critical capabilities such as Advisor to Client communications need to be verifiable and auditable whether they are happening inside or outside of the office and I predict regulators will be pushing financial institutions to ensure these standards become the norm rather than the exception.”
Singapore Addresses Risk in the Financial Industry
The paper seeks to create awareness amongst financial institutions on key remote working risks in the domains of technology, operations, security, fraud, staff misconduct, legal and regulatory risks. MAS encourages them to take pre-emptive measures to adopt good practices on managing risks.
Mackenzie adds, “Of course, some of the issues are difficult to solve. For example, staff accessing client data from their homes creates inherent vulnerabilities and the ways to ensure staff have suitable ‘in-home’ working environments to effectively manage these risks can be challenging and expensive. There are great opportunities for innovators to adapt solutions to solve these problems in what will undoubtedly be a growing investment area for many Financial Institutions.” The paper also examines various controls on the people and culture leveraging examples drawn from the experiences of ABS member banks to address evolving risks. For instance, FIs can implement security controls on staff infrastructure including their personal devices, verify in-person meetings against original documents, timely response strategies for recovery teams, legal risks and more.
To keep pace with the changing trends in technology deployment, risk management, and cybersecurity, MAS has been regularly working and engaging with experts to introduce guidelines, principles and best practices for financial institutions. In February, MAS issued a consultation paper proposing revisions to enhance the current requirements for enterprise risk management, investment risk management and public disclosure practices for insurers. Similarly, in January, MAS issued risk management best practice and standards to guide financial institutions in managing technology risk and maintain IT and cyber resilience.
Get insights on the technology areas in the Financial services industry that will see continued investments, as organisations get into the recovery phase.
Let us focus on the use of NLP, specifically on how it has been used by banking authorities for policy decision making during the COVID-19 crisis. AI has the potential to read and comprehend significant details from text. NLP, which is an important subset of AI, can be seen to have supported operations to stay updated with the compliance and regulatory policy shifts during this challenging period.
Use of NLP in Policy Making During COVID-19
The Financial Stability Board (FSB) coordinates at the international level, the work of national financial authorities and international standard-setting bodies in order to develop and promote the implementation of effective regulatory, supervisory and other financial sector policies. A recent FSB report delivered to G20 Finance Ministers and Central Bank Governors for their virtual meeting in October 2020 highlighted a number of AI use cases in national institutions.
We illustrate several use cases from their October report to show how NLP has been deployed specifically for the COVID-19 situation. These cases demonstrate AI aiding supervisory team in banks and in automating information extraction from regulatory documents using NLP.
De Nederlandsche Bank (DNB)
The DNB is developing an interactive reporting dashboard to provide insight for supervisors on COVID-19 related risks. The dashboard that is in development, enables supervisors to have different data views as needed (e.g. over time, by bank). Planned SupTech improvements include incorporating public COVID-19 information and/or analysing comment fields with text analysis.
Monetary Authority of Singapore (MAS)
MAS deployed automation tools using NLP to gather international news and stay abreast of COVID-19 related developments. MAS also used NLP to analyse consumer feedback on COVID-19 issues, and monitor vulnerabilities in the different customer and product segments. MAS also collected weekly data from regulated institutions to track the take-up of credit relief measures as the pandemic unfolded. Data aggregation and transformation were automated and visualised for monitoring.
US Federal Reserve Bank Board of Governors
One of the Federal Reserve Banks in the US is currently working on a project to develop an NLP tool used to analyse public websites of supervised regulated institutions to identify information on “work with your customer” programs, in response to the COVID-19 crisis.
Bank of England
The Bank developed a Policy Response Tracker using web scraping (targeted at the English versions of each authority/government website) and NLP for the extraction of key words, topics and actions taken in each jurisdiction. The tracker pulls information daily from the official COVID-19 response pages then runs it through specific criteria (e.g. user-defined keywords, metrics and risks) to sift and present a summary of the information to supervisors.
Even with its enhanced efficiencies, NLP in SupTech is still an aid to decision making and cannot replace the need for human judgement. NLP in policy decision is performing clearly defined information gathering tasks with greater efficiency and speed. But NLP cannot change the quality of the data provided, so data selection and choice are still critical to effective policy making.
For authorities, the use of SupTech could improve oversight, surveillance, and analytical capabilities. These efficiency gains and possible improvement in quality arising from automation of previously manual processes could be consideration for adoption.
Attention will be paid in 2021 to focusing on automation of processes using AI (Figure 2).
Based on a survey done by the FSB of its members (Figure 3), the majority of their respondents had a SupTech innovation or data strategy in place, with the use of such strategies growing significantly since 2016.
For more mainstream adoption, data standards and use of effective governance frameworks will be important. As seen from the FSB survey, SupTech applications are now used in reporting, data management and virtual assistance. But institutions still send the transaction data history in different reporting formats which results in a slower process of data analysing and data gathering. AI, using NLP, can help with this by streamlining data collection and data analytics. While time and cost savings are obvious benefits, the ability to identify key information (the proverbial needle in the haystack) can be a significant efficiency advantage.
Singapore FinTech Festival 2020: Infrastructure Summit
For more insights, attend the Singapore FinTech Festival 2020: Infrastructure Summit which will cover topics tied to creating infrastructure for a digital economy; and RegTech and SupTechpolicies to drive innovation and efficiencies in a co-Covid-19 world.
This follows the announcement that was made last year by the Monetary Authority of Singapore (MAS) and Infocomm Media Development Authority (IMDA); of the successful completion of phase 1 of the proof-of-concept (POC) for its Business sans Borders (BSB). BSB is meant to be a “meta-hub” connecting several SME-centric platforms (starting within the Philippines, India and Singapore) giving SMEs seamless access to a larger ecosystem of buyers, sellers, logistics service providers, financing, and digital solution providers; and allowing them to be part of the larger global marketplace. The PoC involved a collaboration with private sector partners such as GlobalLinker, Mastercard, PwC, SAP and Yellow Pages.
AMTD Aligns with the BSB Objective
Hongkong-based investment banking firm AMTD Group leads a consortium that includes Xiaomi Finance, Singapore’s SP Group, and Funding Societies, that is a contender for one of Singapore’s digital wholesale banking licenses. While announcing their bid, they had clearly stated that they aimed to focus on SMEs in the region and globally. They continue to focus on SMEs by strengthening their partner ecosystem.
Last week AMTD announced a partnership with GlobalLinker making them the preferred financial services partner on the GlobalLinker’s SME-focused platform. AMTD intends to make available their entire ecosystem to SMEs including their virtual bank in Hong Kong, Airstar and their potential digital wholesale bank consortium in Singapore (which is to be called Singa Bank). In line with Singapore’s BSB objective, the partnership will see GlobalLinker join AMTD’s network which includes Fintech companies, regional banks and enterprises – SpiderNet. SpiderNet is a cross-sector ecosystem which is continuously expanding to connect and collaborate with shareholders, government bodies, industry associations, and clients. GlobalLinker’s AI-powered SME networking platform fosters SME digitalisation and helps members and customers connect with each other and use digital solutions. AMTD will be part of this network and bring the breadth of their partner ecosystem onto GlobalLinker’s platform.
Ecosystm Principal Advisor, Dheeraj Chowdhry says, “This marks the deepening of the trend of convergence between the established industry players and the Fintechs. The inefficiency of the obsession to ‘build’ and the associated resource and cost effort has perhaps been recognised on both sides and hence the path of coexistence and synergy seems more pragmatic. Fintechs are not competing but, in fact, complementing industry players by accelerating customer adoption of new digital formats for the entire landscape.”
Such partnerships by AMTD provides a glimpse of the group’s strong focus on Singapore. In April this year, AFIN and AMTD partnered to establish the USD 36 million AMTD ASEAN-Solidarity Fund. In May, AMTD, MAS, and Singapore FinTech Association (SFA) announced the launch of a USD 4.3 million MAS-SFA-AMTD FinTech Solidarity Grant to support Singapore-based FinTech firms.
AMTD remains committed to evolving their capabilities and ecosystem to empower the SME market in Singapore and the region. AMTD Digital announced their intention of acquiring a controlling stake in PolicyPal, Singapore’s InsureTech pioneer, and CapBridge Financial, a leading private capital platform for investing in growth companies globally. They have also expressed their intentions to acquire a controlling stake in FOMO Pay, a Singapore-based QR code and digital payment solution provider.
“AMTD’s early cognizance of the need for a strong ecosystem has led the organisation to their foray into partnerships and stakes in PolicyPal, FOMO Pay and now GlobalLinker. This strengthens AMTD’s commitment to the Fintech space including stakes in AirStar Digital Bank in Hong Kong and the Digital Bank application in Singapore,” says Chowdhry. “The Fintechs in AMTD’s stable will be part of the ‘AMTD web’ associated companies cutting across geographies and accelerate the ‘Business sans Borders’ objective of MAS and IMDA.”
As a part of Techweek NZ, and working once again with the Singapore FinTech Festival, Ecosystm is delighted to launch the “Re-Imagine the Digital Economy” webinar series. For more information please visit the link 👇
The pandemic has fast demonstrated the power of being aligned to the digital economy. Ecosystm CEO Amit Gupta says, “Organisations that were digital-ready were able to manage their business continuity almost immediately in enabling a remote workforce. The transfer was almost seamless for such businesses as the teams had already imbibed the principles of remote collaboration and were already familiar with tools that enable collaboration and communication. For many of these organisations, it was almost a matter of employees packing up their work-issued laptop and heading home.”
“In addition, those that were fully digitalised were better prepared to continue not only interacting with their clients remotely but also in many cases were able to deliver their offerings to their customers through their website or mobile apps.”
Gupta also notes that Ecosystm research shows that before the COVID-19 outbreak only about 35% of SMEs considered themselves ready for the digital economy, compared to half of the large enterprises. “This needs to change – and change fast!”
Singapore’s Digital Government Blueprint
In Singapore’s Digital Government Blueprint that supports its Smart Nation vision, digitalisation is positioned as a key pillar for public service transformation. The focus for business stakeholders in this journey includes co-creating and facilitating the adoption of technologies (Figure 1).
Small and medium enterprises (SMEs) often struggle with going digital because of lack of resources – both financial and skills – and vision. In a country such as Singapore, where SMEs are estimated to account for 99% of all enterprises and 77% of employment, it is imperative that the Digital Economy vision includes a special focus on them.
Gupta says, “Despite significant incentives, there has been resistance from SMEs to go digital as it still involves time and monetary investment from them. The need to retrain and upskill their teams is also a perceived roadblock to the uptake.”
Singapore Empowering SMEs to go Digital
As the Government looks to open the economy up in a phased manner, it sees this as the right opportunity to make SMEs digital-ready. It is “seizing the moment” and has established the SG Digital Office (SDO) in an effort to enable every individual, worker and business to go digital. Initiatives include the recruitment and deployment of 1,000 Digital Ambassadors by end June to provide personalised as well as small group support to seniors and owners of local eateries, who require additional assistance to adopt digital solutions and technology.
In 2018, the Monetary Authority of Singapore (MAS) and Infocomm Media Development Authority (IMDA) had launched SGQR to unify the fragmented e-payment landscape in the country, making it compatible with 27 payment schemes. The SDO aims to drive SMEs (especially in the F&B sector) to adopt SGQR codes for e-payments. The goal is to engage 18,000 stallholders of local eateries (hawker centres, wet markets, coffee shops and industrial canteens) to have the unified e-payment solution by June 2021. Further, multiple government agencies – IMDA, National Environment Agency (NEA), Jurong Town Corporation, Housing Development Board (HDB) and Enterprise Singapore – come together to offer a bonus of SGD 300 per month over five months to encourage more F&B SMEs to adopt e-payments.
“Financial Inclusion is one of the mainstays of a progressive economy. Given the significant investment that has gone into the e-payments infrastructure by government agencies led by MAS, we are placed well compared to other nations,” says Gupta. “However, there is work to be done in certain demographics and sectors. The drive to support F&B outlets and local eateries to get on the bandwagon will be an exceptional step and will be well received by consumers.”
“There are only a handful of governments that can compare with what the Singapore Government has put in place when it comes to initiatives to drive the uptake of technology by SMEs. This current crisis may well become the catalyst for SMEs to recognise the urgency of getting digital-ready and they should use this as an opportunity to leverage the government support around technology adoption and emerge as digital-savvy organisations.”
5/5 (2) In his blog, The Cybercrime Pandemic, Ecosystm Principal Advisor, Andrew Milroy says, “Remote working has reached unprecedented levels as organisations try hard to keep going. This is massively expanding the attack surface for cybercriminals, weakening security and leading to a cybercrime pandemic. Hacking activity and phishing, inspired by the COVID-19 crisis, are growing rapidly.” Remote working has seen an increase in adoption of cloud applications and collaborative tools, and organisations and governments are having to re-think their risk management programs.
We are seeing the market respond to this need and May saw initiatives from governments and enterprises on strengthening risk management practices and standards. Tech vendors have also stepped up their game, strengthening their Cybersecurity offerings.
Market Consolidation through M&As Continues
The Cybersecurity market is extremely fragmented and is ripe for consolidation. The last couple of years has seen some consolidation of the market, especially through acquisitions by larger platform players (wishing to provide an end-to-end solution) and private equity firms (who have a better view of the Cybersecurity start-up ecosystem). Cybersecurity providers continue to acquire niche providers to strengthen their end-to-end offering and respond to market requirements.
As organisations cope with remote working, network security, threat identification and identity and access management are becoming important. CyberArk acquired Identity as a Service provider Idaptive to work on an AI-based identity solution. The acquisition expands its identity management offerings across hybrid and multi-cloud environments. Quick Heal invested in Singapore-based Ray, a start-up specialising in next-gen wireless and network technology. This would benefit Quick Heal in building a safe, secure, and seamless digital experience for users. This investment also shows Quick Heal’s strategy of investing in disruptive technologies to maintain its market presence and to develop a full-fledged integrated solution beneficial for its users.
Another interesting deal was Venafi acquiring Jetstack. Jetstack’s open-source Kubernetes certificate manager controller – cert-manager – with a thriving developer community of over 200 contributors, has been used by many global organisations as the go-to tool for using certificates in the Kubernetes space. The community has provided feedback through design discussion, user experience reports, code and documentation contributions as well as serving as a source for free community support. The partnership will see Venafi’s Machine Identity Protection having cloud-native capabilities. The deal came a day after VMware announced its intent to acquire Octarine to extend VMware’s Intrinsic Security Capabilities for Containers and Kubernetes and integrate Octarine’s technology to VMware’s Carbon Black, a security company which VMware bought last year.
Cybersecurity vendors are not the only ones that are acquiring niche Cybersecurity providers. In the wake of a rapid increase in user base and a surge in traffic, that exposed it to cyber-attacks (including the ‘zoombombing’ incidents), Zoom acquired secure messaging service Keybase, a secure messaging and file-sharing service to enhance their security and to build end-to-end encryption capability to strengthen their overall security posture.
Governments actively working on their Cyber Standards
Governments are forging ahead with digital transformation, providing better citizen services and better protection of citizen data. This has been especially important in the way they have had to manage the COVID-19 crisis – introducing restrictions fast, keeping citizens in the loop and often accessing citizens’ health and location data to contain the disaster. Various security guidelines and initiatives were announced by governments across the globe, to ensure that citizen data was being managed and used securely and to instil trust in citizens so that they would be willing to share their data.
Singapore, following its Smart Nation initiative, introduced a set of enhanced data security measures for public sector. There have been a few high-profile data breaches (especially in the public healthcare sector) in the last couple of years and the Government rolled out a common security framework for public agencies and their officials making them all accountable to a common code of practice. Measures include clarifying the roles and responsibilities of public officers involved in managing data security, and mandating that top public sector leadership be accountable for creating a strong organisational data security regime. The Government has also empowered citizens to raise a flag against unauthorised data disclosures through a simple incident report form available on Singapore’s Smart Nation Website.
While governments will continue to strengthen their Cybersecurity standards, the truth is Cybersecurity breaches often happen because of employee actions – sometimes deliberate, but often out of unawareness of the risks. As remote working becomes a norm for more organisations, there is a need for greater awareness amongst employees and Cybersecurity caution should become part of the organisational culture.
Technology providers, including Cybersecurity vendors, continue to evolve their offerings and several innovations were reported in May. Futuristic initiatives such as these show that technology vendors are aware of the acute need to build AI-based cyber solutions to stay ahead of cybercriminals.
Samsung introduced a new secure element (SE) Cybersecurity chip to protect mobile devices against security threats. The chip received an Evaluation Assurance Level (EAL) 6+ certification from CC EAL – a technology security evaluation agency which certifies IT products security on a scale of EAL0 to EAL7. Further applications of the chip could include securing e-passports, crypto hardware wallets and mobile devices based on standalone hardware-level security. Samsung also introduced a new smartphone in which Samsung is using a chipset from SK Telecom with quantum-crypto technology. This involves Quantum Random Number Generator (QRNG) to enhance the security of applications and services instead of using normal random number generators. The technology uses LED and CMOS sensor to capture quantum randomness and produce unpredictable strings and patterns which are difficult to hack. This is in line with what we are seeing in the findings of an Ecosystm business pulse study to gauge how organisations are prioritising their IT investments to adapt to the New Normal. 36% of organisations in the Asia Pacific region invested significantly in Mobile Security is a response to the COVID-19 crisis.
The same study reveals that nearly 40% of organisations in the region have also increased investments in Threat Analysis & Intelligence. At the Southern Methodist University in Texas, engineers at Darwin Deason Institute for Cybersecurity have created a software to detect and prevent ransomware threats before they can occur. Their detection method known as sensor-based ransomware detection can even spot new ransomware attacks and terminates the encryption process without relying on the signature of past infections. The university has filed a patent for this technique with the US Patent and Trademark Office.
Microsoft and Intel are working on a project called STAMINA (static malware-as-image network analysis). The project involves a new deep learning approach that converts malware into grayscale images to scan the text and structural patterns specific to malware. This works by converting a file’s binary form into a stream of raw pixel data (1D) which is later converted into a photo (2D) to feed into image analysis algorithms based on a pre-trained deep neural network to scan and classify images as clean or infected.
Click below for more data on organisations’ Cybersecurity priorities and investments
Following the announcement, in August 2019, MAS invited applications for 2 digital full banks (DFBs) aimed primarily at retail banking, and 3 digital wholesale banks (DWBs) primarily for SMEs and other non-retail segments. While DFB licenses are restricted to Singapore based companies (including foreign joint ventures with a Singapore entity and headquarters), DWB licenses have no such restrictions, opening the market to overseas players.
Applicants for the New Digital Bank License
MAS announced on January 7, 2020, that it had received 21 applications (7 for DFB and 14 for DWB licenses). A list of applicants has not been made available, and confirmation of application has typically come from the applicants themselves. The licences will be issued in mid-2020 with the commencement of business expected about a year later.
The race for the digital bank license in Singapore has seen several non-banking contenders. MAS has mentioned that applicants will be selected based on their market reputation, a proven track record, financial strength, innovative business models, and a commitment to develop the skills of the Singaporean workforce. The contenders who have announced their applications cover a wide range – from the Sea Group (whose eCommerce site, Shoppee has a strong presence in Singapore) to the Enigma Group (a financial organisation based in the UK). Here are some organisations that may well be ahead of the race:
“From the nature of consortium of bidders for DFBs and DFWs in Singapore, we can safely anticipate that the financial ecosystems will be aligned very closely with certain consumer demographics that make up the core target segments. As an example, Razer will be in a position to meet the specific needs of the millennial consumer base,” adds Gupta. “In saying that, it will also be important to evaluate how digital banks deal with educating consumers on wealth creation offerings and financial literacy, which is currently being achieved through personal touchpoints by the traditional banks.”
Singapore has emerged as one of the global leaders in fintech due largely to the maturity of the technology infrastructure, the banking sector and data compliance laws, as well as the tech-savviness of its citizens. The buzz created in the market when MAS announced the initiative last year is partly because a successful implementation in Singapore carries weight globally, especially in the relatively untapped Southeast Asian market.
Singapore also collaborates with the countries in the region empowering them with talent development and co-creation of fintech solutions. Initiatives such as the ASEAN Financial Innovation Network (AFIN) further promote fintech adoption through its open-architecture platform. Several countries in the region will take inspiration from Singapore and evaluate digital banks as a means to better financial inclusion. Thailand’s central bank has already indicated its interest in digital banks, prompted by the Singapore and Hong Kong initiatives.
Talking specifically about the competition in the Singapore financial industry, Gupta says, “Unlike some of the other markets, traditional banks in Singapore will continue to offer competing digital offerings as local banks such as DBS have been very savvy in building their digital offerings over the years. If their digital innovation keeps evolving at the pace they have been setting in recent years, they will present very stiff competitive barriers to the new digital bank entrants, especially given their ability to continue offering personalised service and touchpoints, coupled with compelling digital offerings.”