finance
monthly
Personal Finance. Money. Investing.
Contribute
Newsletter
Corporate

Below Marcin Nadolny, Head of Regional Fraud & Security Practice at SAS, explains more on the date push back and what this will mean for banks moving forward.

UK companies must be able to demonstrate that they are moving towards compliance from September 2019, but no enforcement action will be taken for 18 months. For the rest of the EU in general, the timeline is unchanged. However, national competent authorities have the flexibility to provide limited additional time to become PSD2 compliant (see the recent EBA opinion).

The big picture

But whichever country you’re in, it’s essential that companies recognise the urgency at play. In the new digital world, payment security is absolutely essential. The question now is not whether PSD2 compliance should remain at the top of the priority list. It’s how quickly companies can realistically achieve it. In a nutshell, PSD2 simultaneously massively increases the amount of financial data moving into banks’ systems while also making it mandatory that they run fraud controls on that data in real time.

As PSD2 ushers in the age of open APIs in finance, the traffic volume that payment processors will have to handle will be enormous. Consumers’ personally identifiable data will be at heightened risk, and we will observe increased malware attacks and data breaches via the newly created attack vectors. If businesses aren’t prepared for the change, it’ll be a fraudster’s paradise.

Is your organisation ready to cope with this new heavy traffic and identify fraudulent activities? It might be like finding a needle in a haystack. Fortunately, AI is coming to the rescue. Emerging technologies, such as predictive models, network analytics and anomaly detection, all have the power to increase your efficiency in finding and fighting fraud.

[ymal]

Real-time fraud detection

PSD2 is more than just a regulation. It’s the start of a major transformation for the payments industry. With the move to digital-first, open models, there’s an increased need to operate processes in real time – providing instant payments, for example – and that means that fraud prevention will need to move at the same speed.

Adequate anti-fraud protection is required by the regulation. Banks are expected to fill out certain tests as a fraud assessment, including reviewing behavioural profiles, checking known compromised devices and IDs, applying known fraud scenarios to transactions, and detecting malware signs. Analytics can help speed up detection, find suspicious behaviours and collate data points by ingesting new data sources. This builds a picture of "normal" behaviour against which banks can measure transactions.

At present, not all banks are applying all these anti-fraud measures. Some base their protection on simple rules and aren’t able to detect fraud in real time or stop transactions in progress. These abilities aren’t technically required by the regulator until PSD2 comes into effect. Real-time fraud prevention used to be a luxury – but now it’s a must-have. Banks must take the initiative to ensure they can detect fraud in process in incredibly short time frames.

Third parties enter the market

The other major change included in PSD2 is the arrival of third-party providers in the market. These nonfinancial companies, including GAFA (Google, Amazon, Facebook and Apple), e-tailers and fintechs, will be able to work as payment processors going between customers and banks. This means the banks have a much bigger traffic volume to handle and review for fraud. Legacy systems and processes simply can’t handle it.

In order to cope, banks need to have systems in place that are able to assess for fraud at huge volumes and in real time. Not only that, but transactions from third parties might come with limited contextual information. So, banks will have to enrich them with additional data on variables including digital identity, reputation and past behaviour.

AI applications will be essential to handle that ongoing enrichment at speed. Humans alone simply can’t process that level of information. So, it’s essential that banks invest in AI to augment the skills they have and lighten the load of compliance.

Managing the risk

The risk to banks posed by these growing data streams is not just in terms of payment fraud. There is also a heightened cybersecurity risk. New data flows and new payment systems present possible system back doors and new attack vectors that hackers will be quick to discover. By attacking third party infrastructure, malicious actors will be able to gain access to consumers’ personal data.

Addressing this problem is not the sole responsibility of the banks. But it highlights the level of risk associated with the increase in data volume and connectedness. Reputational damage and heavy fines are a very real possibility for institutions that don’t get their act together in time.

Compliance will require many changes to anti-fraud and customer identification processes. The technology required to handle this additional burden is out there. Banks must invest wisely and ensure they are fully equipped, whether next month or by 2021.

When it comes to property investment in the United Kingdom, Simon Nosworthy of Osbornes Law Firm believes that the housing market has already pre-adjusted for Brexit, according to The Sun. Investors who decide to pick up properties before, during or after Brexit may be grabbing bargains that they can sell for big profits when the market recovers.

While property investment in the UK is currently subject to a lot of uncertainty and has its pros and cons, there will be investors who read the property investment landscape perfectly and then make a mint.

Look at the bright side

Buying property has many advantages (capital growth over time and/or rental income), provided quality properties in good locations are chosen. The UK real estate market shifts, but savvy investors know when to get into the market and when to get out. Since prices have dipped a bit due to Brexit uncertainty, there are valuable properties available which are cheaper than they normally would be. These properties may increase in value once Brexit issues are finally resolved. Whether you’re interested in buying a home or flat and renting it out to make cash, or investing in commercial real estate, the silver lining in Brexit uncertainty is that deals are out there. If you’re interested in buying, know the risks and choose a property or properties with the utmost care.

[ymal]

Know the risks and choose carefully

To boost the odds of a successful property investment, you should examine prospective properties with a fine-tooth comb. Properties should be in locations that are in demand or growing more popular. Properties should be in good condition, and tests will be needed, as visually inspecting a property on your own isn’t enough. It’s wise to pay for surface and air inspections that determine whether mold is present. You should also pay inspectors to determine whether homes or commercial properties have other issues, such as structural defects or water damage. Mold remediation is possible and should not break the bank, but issues with structural integrity and water damage may cost a lot to fix and cut into profits when you resell.

Prepare to be patient

Short-term flips are always an option, but current real estate market conditions point to playing the long-term property investment game. Buy undervalued properties on the cheap and hang onto them, so you can make good money when you sell them once the Brexit dust settles. Rent a property while the UK adjusts to a new reality, and prepare for the future: when the market rebounds and you’ll be able to sell with great results.

The pros of UK property investment in the age of Brexit, such as lower real estate prices and the possibility of big profits in the future, are balanced by the uncertainty and risk that Brexit brings. Weigh the pros and cons before making a play in the real estate market.

Therefore, Security Assurance should be a top priority – particularly when working on transformational projects. Security Assurance needs to be baked into requirements (or Epic), design, sprint (Agile) and change activities – where the changes in risk are assessed and mitigating controls applied.

Whether the project aims to move apps into the Cloud or deliver an essential upgrade to Cloud-based business systems, transformational projects warrant special consideration for maintaining confidentiality, integrity and availability.

There is potential for a breach any time information is stored or shared – and IT project documentation frequently includes intimate network and systems details, which present an attractive target for hackers. As projects develop, the attack surface also changes and controls often get relaxed; however, tight controls should be increased and maintained throughout the entire project cycle.

However, many companies are significantly underprepared in this area – leaving them unable to adequately safeguard their systems and data.

Plan of action

In order to properly arm themselves against attacks, it is vital that managers work together with information or cybersecurity specialists to understand the Information and cyber risks associated with any given project. Once these are understood, managers can begin to create an appropriate plan to mitigate risk factors and ensure the safety of confidential data.

Appropriate measures should then be taken to fortify systems against identified risks. Security can be an enabler of and contribute to the profitability of a project – whilst also helping to control costs and minimise any negative impacts that might deflect from the ultimate project goal, in some cases.

To ensure security is always a top priority, it needs to be integrated and maintained at every level of the project. This might involve anything from limiting data access to authorised individuals only, setting up two-step verification processes and encrypting files and communications to implementing appropriate security software solutions, offering training to team members and upgrading networks and systems regularly to ensure they are utilising the latest safety features.

We take a look at three steps managers can take to minimise risks when managing IT projects…

1. Controls and requirements

Before undertaking any transformational project, it is important to have clear controls in place. Most companies will already enforce certain requirements, but project managers should also consider whether any further, more specific safety measures are needed – for example, due to the nature of the data being shared or a client’s own security preferences.

Even the most robust defences can be taken down using stolen credentials, so adequate protection and measures to secure passwords are essential. For instance, team members should be required to update their passwords frequently and create strong passwords which make use of two-step verification. Controls regarding encryption and the sharing of information can also help reduce the risks of a breach and keep communications secure.

In order to control and automate the building, testing and deployment of applications, it may also be worth using a Continuous Integration or Continuous Deployment (CI/CD) pipeline to bridge the gap between development and operations teams – helping to enable fast product iterations, provide standardised feedback and remove manual errors. For example, online triage tool Asure automates the assurance process and provides project managers with a 360° view of security risks associated with change and transformation.

Security can be an enabler of and contribute to the profitability of a project – whilst also helping to control costs and minimise any negative impacts that might deflect from the ultimate project goal, in some cases.

2. Application security testing and code scanning

Advanced software plays a big part in maintaining security. Fortunately, we are now in a better position to evaluate and mitigate risk than ever before thanks to an increasing number of application security testing and code scanning tools on all systems software and infrastructure.

3. Championing security

No matter what type of project you’re working on, ensuring all team members are fully aligned and adequately trained is imperative; this is especially true when it comes to Security Assurance and managing risks. Through proper training, team members will be better equipped to identify risks and understand the measures needed to minimise them – allowing them to take responsibility for and champion security individually as well as collectively.

A crucial skill for any project manager is the ability to foresee risks. But they are not expected to be security experts. This is why it is worth seeking the help of a cybersecurity specialist to ensure project goals are met, whilst keeping systems and information secure. Security should also always be planned upfront, during the initial stages of a project, so as not to impact time and cost further down the line.

 

 Burning Tree is uncompromising when it comes to cybersecurity. Get in touch today to find out how the company can help you minimise risks through their advanced Consulting Services and Innovative Technology Solutions – so you can get on with managing all the other aspects of your project.

According to EveryCloud, cybercriminals netted $445 billion last year alone. What’s even more sobering is that 43% of cybercrimes target small businesses and their finances.

This is a worrying statistic for small businesses. All businesses take a hit if their data is breached, but larger businesses usually have a recovery plan in place. It can be a lot more difficult for smaller businesses to recover because of the costs associated with recovery.

That brings us to the point of this post – how you can protect your business from an attack.

Start with a Recovery Plan

It might seem as though we’re putting the cart in front of the horse here. That said, it’s better to plan ahead with something like this. Have a solid plan in place:

Train Your Employees

Human error is the hacker’s best friend. They’re just waiting for you or someone on your staff to make a mistake. Security awareness training conducted on a regular basis is your best defense. This training teaches you about the different threats, how to guard against them, and gives you the best practices to follow to keep your business safe.

Final Notes

If you want to mount the best defense against cybercriminals, adopting a multi-pronged, proactive approach is the best way forward. Start by securing your systems today.

44% of requests were processed after detection of an attack during an early stage, saving the client from potentially severe consequences. These are among the main findings of Kaspersky’s latest Incident Response Analytics Report.

It is often assumed that incident response is only needed in cases when damage from a cyberattack  has already occurred and there is a need for further investigation. However, analysis of multiple incident response cases which Kaspersky security specialists participated in during the 2018 shows that this offering can not only serve as investigative, but also as a tool for catching an attack during an earlier stage to prevent damage.

In 2018, 22% of IR cases were initiated after detection of potential malicious activity in the network, and an additional 22% were initiated after a malicious file was found in the network. Without any other signs of a breach, both cases may suggest that there is an ongoing attack. However, not every corporate security team may be able to tell if automated security tools have already detected and stopped malicious activity, or these were just the beginning of a larger, invisible, malicious operation in the network and external specialists are needed. As a result of incorrect assessement, malicious activity evolves into a serious cyberattack with real consequences. In 2018, 26% of investigated “late” cases were caused by infection with encryption malware, while 11% of attacks resulted in monetary theft.19% of “late” cases were a result of detecting spam from a corporate email account, detection of service unavailability or detection of a successful breach.

“This situation indicates that in many companies there is certainly room for improvement of detection methods and incident response procedures. The earlier an organisation catches an attack, the smaller the consequences will be. But based on our experience, companies often do not pay proper attention to artifacts of serious attacks, and our incident response team often is being called when it is already too late to prevent damage. On the other hand, we see that many companies have learned how to assess signs of a serious cyberattack in their network and we were able to prevent what could have been more sever incidents. We call on other organisations to consider this as a successful case study,” said Ayman Shaaban, security expert at Kaspersky

Additional findings of the report include:

To effectively respond to incidents, Kaspersky recommends:

 

However, not all crime is conducted directly online. Some people are tricked into giving away details over the phone or are told to use their banking app to transfer money into a safe account. This multi-channel approach means that at every touchpoint, an organization must be aware that their customers could be at risk; they need to put systems and processes in place to mitigate cybercrime. 

According to a report by McAfee, the European economy is one of the worst affected areas in the world. The statistics suggest that 0.84% of Europe's GDP is affected. Looking at the UK specifically, it is estimated that the cost of cyber-crime to the UK economy is £27bn – and it is growing.

GDPR and Customer Data Breaches

One of the latest and most high-profile risks that have come to people's attention over the past 18 months are customer data breaches. Customers are increasingly aware that organizations hold a lot of their personal data and they want to be sure that it is safe. The General Data Protection Regulation was brought into place to ensure that organizations are acting responsibly when it comes to processing and storing customer data.

The financial impact of not following these guidelines, or for not having the correct systems in place, has been significant. Just months after the new regulation came into place, British Airways were one of the first companies to fall foul when 500,000 pieces of customer data were stolen, which resulted in them receiving a £183m fine.

The Financial Fallout of Cyber Crime

Before any cyber-crime has taken place, there is a significant cost to businesses that need to purchase software, implement new processes and training, and even employ new cybersecurity teams to deal with threats. For global organizations, there may also be a need to hire consultants to advise on what they need to do to keep themselves and their customers safe.

One of the consequences of cybercrime that will affect every business is the direct costs. This could be money lost by the business or by consumers. It could also be the loss of reputation to a brand. If a bank suffers a cyberattack and customers lose money, they are likely to lose confidence, which can have a huge knock-on impact on business performance and profits.

Following on from an attack, there may also be payments that need to be made. On top of losing money in an attack a business, may also need to pay out compensation, fines, and legal costs. Depending on the type and severity of the attack and the data that was lost, this can amount to millions of pounds, as demonstrated by the British Airways case.

F-Secure’s Cyber ‘Threat Landscape for the Finance Sector shows that the sophistication of adversaries targeting banks, insurance companies, assets managers and similar organizations can range from common script-kiddies to organized criminals and state-sponsored actors. And these attackers have an equally diverse set of motivations for their actions, with many seeing the finance sector as a tempting target due to its importance in national economies.

The report breaks down these motivations into three groups: data theft, data integrity and sabotage, and direct financial theft.

“This is a useful way to think about cyber threats, because it is easy to map attacker motivations across to specific businesses, and subsequently understand to what extent they apply,” says F-Secure Senior Research Analyst George Michael. “Once you understand why various threat actors might target you, then you can more accurately measure your cyber risk, and implement appropriate mitigations.”

Data integrity and sabotage – where systems are tampered with, disrupted or destroyed – is the cyber criminals’ method of choice. Ransomware and distributed denial-of-service attacks (DDoS) are among the more popular techniques used by cyber criminals to perform these attacks.

Similar attacks have been launched by state-sponsored actors in the past. But these are less common and often linked to geopolitical provocations such as public condemnation of foreign regimes, sanctions, or outright warfare.

And while North Korea has the unique distinction of being the only nation-state believed to be responsible for acts of direct financial theft, their tactics, techniques, and procedures (TTPs) have spread to other threat actors.

According to Michael, this is part of larger trend that involves adversaries offering their customizable malware strains or services-for-hire on the dark web, contributing to a rise in the adoption of more modern TTPs by attackers.

“North Korea has been publicly implicated in financially-motivated attacks in over 30 countries within the last three years, so this isn’t really new information,” says Michael, “But their tactics are also being used by cyber criminals, particularly against banks. This is symbolic of a wider trend that we’ve seen in which there is an increasing overlap in the techniques used by state-sponsored groups and cyber criminals.”

In addition, understanding cyber threats relevant to specific organizations is crucial to being able to detect and respond to an attack when it occurs.

“Understanding the threat landscape is expensive and time-consuming,” says Michael. “If you don’t understand the threats to your business, you don’t stand a chance at defending yourself properly. Blindly throwing money at the problem doesn’t solve it either – we continue to see companies suffer from unsophisticated breaches despite having spent millions on security.”

These days, financial stability really sounds like an elusive subject. We indeed have bills to pay, and a life to lead. But, if we don't take a seat, analyze, and create a financial bucket list, then we risk living within the shackles of our obligations. Here are eight financial tips that can help anyone secure their financial future and enjoy financial stability.

Create a passive income

Financial stability is a result of hard and creative work. And if you want to enjoy it, then you need to get creative too. That said, we cannot always control our expenses and bills, but what we can actually control is how much income we realize. Generating more revenue to offset any financial obligations one may have been an excellent way to go. A passive income is any income you generate from a job or task you are not actively working at. There are many ways to get this done, and the most popular ones are through websites, rental properties, small online businesses, freelancing, online trading, and affiliate programs.

Live without debt

Debt is one of the many obligations capable of ruining anyone's shot at financial stability. If you are still living in debt, it is almost impossible for you to be stable financially, let alone secure your financial future. Do you have credit card debt, personal loans you are paying off, or mortgage to attend to? All of these are going to hinder you from leading a financial future and becoming stable financially. Hence, you have to be rid of any debt you may have before you look to become stable financially because, without that, financial stability will continue to elude you. There are different ways to tackle one's debt, depending on the terms and duration of the debt. From the traditional debt consolidation method to the highly effective IVA scheme, debt of any kind can be addressed and resolved.

Create a 3-month emergency fund

Whoa, that's a lot of money! Once you are done breaking the shackles of debt around you, the next thing is to start preparing for the future. And a 3-month emergency fund would be a great place to start. Emergency funds are there for the rainy days, which is why you need to have one today if you really want to enjoy financial stability. Think about it, instead of going to get a loan to deal with an unforeseen event; you can dip into your emergency funds.

Open a money market account

Preparing for the future doesn't necessarily mean preparing for the next few decades ahead; instead, your future could be tomorrow. And if you don't have a robust financial platform to rely on, you may find it absolutely difficult to attend to your existing financial obligations and emergencies. In that light, having a money market account is another vital requirement for anyone interested in experiencing financial stability. A money market account is quite similar to a standard savings account, albeit with higher returns and better access to your money. Checking with your local bank is a great way to research the ideal account for you.

Create a vacation account

The best time to visit your dream country is while you are on holiday. But how many people can fulfill this dream? And how many of those who eventually achieve this do so without getting into debt? Don't be one of them! Visit your local bank and create a separate account where you can stash little cash every month for your next vacation so that your next holiday wouldn't break the bank.

Improve your Credit and FICO Score

That you don't run a business today doesn't mean you may never be entrepreneur, and the fact that you have some cash in your emergency funds doesn't mean you will always be able to resolve every financial emergency that comes your way. Hence, it is always great to have a good Credit and FICO Score as you never can tell when you might need to obtain funds from external sources to either finance your big business idea or resolve your unforeseen emergency. Your FICO Score determines what sort of risk a future creditor is willing to take on you. Having a high, and above 700 FICO Score is quite feasible if you pay all your existing debt as at when due, keep credit card balances low, and pay your bills on time.

Have a retirement plan

Start saving for retirement today with a 401k or an IRA plan. You should talk to your financial advisor to determine which plan is best suited to your needs.

Authored by Uday Tank.

Uday Tank has been working with writing challenged clients for several years. His educational background in family science and journalism has given him a broad base from which to approach many topics. He especially enjoys writing content after researching and analyzing different resources whether they are books, articles or online stuff. 

Two thirds (66%) of people rate safe and secure payments as most important in the online checkout process, with only one in ten being most concerned about speed or simplicity. Security ranked highest across all age groups, and was a particular concern for over 55s (75%) compared to just over half of 18-24 and 25-34 year olds (52% and 53% respectively).

The survey, conducted online with YouGov, also revealed a further 76% of Brits would be willing to accept a slower or less convenient checkout experience in return for greater payment security. Meanwhile, almost half (45%) said security concerns about online payment processes were the reason most likely to put them off using a particular online retailer, more so than having to create an account (14%), a confusing process (8%), or too many steps during checkout (6%).

Keith McGill, head of ID and fraud at Equifax, said: “With more than 20% of retail revenues coming from online sales*, it’s positive to see so many consumers have security front of mind when they’re at the online checkout. The latest stats from Cifas do however show an increase in identity fraud** so it’s important shoppers remain vigilant. If you have any doubts about the professionalism of a website you should always think very carefully before entering your personal or payment details.

“New European wide regulations are on the horizon which will require two stage verification for any online purchase for more than 30 euros, similar to the security checks used for online banking. While this might feel like an extra hoop to jump through, it’s an important step forward in the ongoing battle to fight fraud.”

(Source: Equifax)

Studies show that a large portion of forex traders fail. The problem is that most do not prepare adequately before starting their live trading activity.

You can increase your chances of becoming a successful trader by identifying the mistakes that most traders do and avoiding them. The following are some of the common mistakes that beginner forex traders do and our tips on how to avoid them.

Mistake 1: Not enough forex education

You will never trade successfully unless you invest in education. Many beginners start trading with a gambling mindset. However, successful forex trading requires an understanding of the global markets, trading strategies and technical and fundamental analysis. You need to know how to use financial information resources like Bloomberg or the Financial Times, charts and other tools.

Once you are confident with your knowledge you should test it with the help of the demo account. Demo trading is the best time to test different strategies. You should not start live trading until you identify a trading strategy that you feel comfortable with in the demo environment.

Mistake 2: No risk management plan

Forex trading is a high-risk venture, and it is therefore critical to have a risk management plan that factors in the amount of risk you are willing to take. Once you identify your risk appetite, you should identify trading tools to protect yourself against additional risk.

For example, you can implement a stop-loss to close trades when the prices hit your risk threshold. Likewise, you can have a 'take-profit' feature in place to lock in trades when your target price is reached. These are not the only risk management practices you can adopt and before you start trading you need to be aware of all important practices and how to use them to your advantage.

Mistake 3: not sticking to your risk management plan

You can have a trading strategy and a risk management plan, but you will achieve nothing unless you follow them. Remember that forex trading requires high discipline. Traders often ignore their risk plan when chasing losses or when they feel overconfident about a specific trade. You should learn to identify the urge to ignore your risk management plan as an emotional reaction and keep reminding yourself that emotions are the number one cause of wrong decision making in trading.

Mistake 4:  Choosing the wrong broker

Most novice traders assume that all brokers are equal.  This is not true. There are many factors that can differentiate one broker from the other and choosing the right broker has a huge impact on your success or failure in the trading world.

But if we can think of one factor that is simply crucial to check before choosing a broker it is the license. You should only work with forex brokers like Capex.com who have a license from top regulatory bodies. If a broker is not regulated by one of these bodies then it cannot be trusted and you should not work with them.

Bottom line

It is always good to learn from other people's mistakes and this is what we have tried to help you do in this article. We do hope that you learned the pits and falls of forex trading and that you will have the patience and discipline to avoid them.

Trading forex, especially with CFDs may involve a high risk and your potential losses when trading CFDs may be substantial.

 

Without this integrity – and constant striving for health - a market risks becoming a venue for market manipulation, insider trading and other undetected criminal behaviour. Catherine Moss, corporate Partner at Shakespeare Martineau, explains for Finance Monthly.

Preventing behaviours amounting to market abuse, and tackling a lack of awareness of risk, has been central to the regulators’ quest for fairness for a number of years. So, following on from the July 2016 introduction of the Market Abuse Regulation (MAR), how is the UK faring and with a further review by the European Securities and Markets Authority (ESMA), what does the future hold?

Markets are driven, and develop depth, through pricing; and prices are – and have always been – vulnerable to manipulation. MAR, and its previous manifestations, were designed to identify behaviours which manipulated markets, or which allowed people to buy securities or commodities on a privileged basis with information which was not generally available to other trading parties.

The UK has had a legal framework around insider dealing and market abuse for a number of years. However, the introduction of MAR in 2016 formed a further part of a Europe-wide attempt at greater harmonisation, in response to scandals which came to light in the financial crisis and the greater complexity of the financial markets and emergence of alternative trading platforms. In the move towards a more congruent, European-wide, regime encompassing not only securities trading but trading in fixed income and commodity markets and related benchmarks, did the EU fulfil its markets’ needs? Leaving aside the question as to whether the latter could ever be achievable given the myriad trading venues now available, have market participants found the legislation fit for purpose?

The upcoming review of MAR will be undertaken by ESMA, looking into how well the regulations and directives are being implemented, whether the regime should be broadened, whether cross-market order book surveillance should be made subject to an EU framework; and, suggesting purposeful legislative amendments. Consideration is to be given to extending the regime to the foreign exchange markets. In addition, aspects of MAR which are still - unhelpfully - subject to specialist debate as to their scope, for example buybacks, insider lists and managers’ transactions, are to be further considered by ESMA.

At its simplest, there is a need to balance the desire of a company to access public money and trade its securities on a public platform against the requirement to adhere to the rules which apply to that market and its participants. It is crucial to the health of a market to ensure that information which may unfairly disadvantage other parties is not only managed securely but released in accordance with that market’s rules. Julia Hoggett, Director of Market Oversight at the FCA, put it starkly: “The life blood of all well-functioning markets is the timely dissemination of information, without which effective price formation cannot take place. The malignant form of that same life blood is the misuse or inappropriate dissemination of that information.”

However, as companies and their advisers know, market abuse legislation - whether EU or local - has been traditionally quite complicated and tricky to comply with. As the recent survey results from the Quoted Companies Alliance (QCA) demonstrates, issuers and their advisers have exhibited a broad range of responses to legislation which is meant to direct efforts to maximum harmonisation. However, these requires additional processes and procedures to be put in place, understood and adhered to.

Lack of certainty as to the MAR requirements, for example, on the duration of closed periods, is striking. The FCA has quite rightly observed that “awareness is not present in all market participants.”  Given the FCA’s stated objective of making effective compliance with MAR a state of mind - at least amongst the community it regulates - it must be asked how this is to be achieved within the current, or future, legislative framework where achieving certainty as to the meaning of the legislation appears difficult.

Clearly, with the introduction of any new regulation, some companies and issuers adapt faster than others, particularly if they are larger and better resourced. It is obvious from the QCA’s survey results, however, that many smaller and mid-size issuers are still navigating MAR’s complex requirements hesitantly. But more worryingly, it can be seen from the pattern -and lack - of regulatory announcements that some issuers, particularly in less obvious and well-policed trading venues, seem not to have recognised the breadth of its application. Education clearly is key and greater regulatory and market promotion of the constraints which issuers are to work within is to be encouraged.

With the introduction of any new regulation, some companies and issuers adapt faster than others, particularly if they are larger and better resourced.

So, what should be done to ensure that the requirements of MAR become part of an issuers “state of mind”? Effective regulatory response can seem sometimes to be limited to the publication of extensive decision notices which are picked over by advisers, keen to ensure that practical examples of poor behaviour, or the failure of systems, can be relayed as precautionary horror stories to their clients.

Many issuers seek regular training sessions with their advisers or company secretaries and become more confident as the reporting and transactional cycle demands their attention. Others find it difficult to engage in the processes required. Some, however, are not well-served by the advisers operating in the market and sector within which they trade. The FCA appears keen to seek to educate all issuers but, inevitably, issuers are still tripping up as they fail to understand, or to take advice on, the requirements of the regulatory framework within which they operate.

Whilst the ESMA review of MAR is unlikely to change the regime substantively, some regulatory time should be devoted to tailoring it more expressly to an issuer’s needs and securing a greater measure of awareness. Whilst the regulatory burden is unlikely to be lessened, clarity of approach together with greater support from markets and trading platforms as to the implications of MAR to their issuers would be welcome.

Refinitiv, one of the world’s largest providers of financial markets data and infrastructure, has published its second annual financial crime report today. Innovation and the fight against financial crime: How data and technology can turn the tide highlights that almost three-quarters (72%) of organisations have been victims of financial crime over the past 12 months with a lax approach to due diligence checks when onboarding new customers, suppliers and partners cited as creating an environment in which criminal activity can thrive. This wake-up call has led to 59% of companies adopting new technologies to plug compliance gaps.

In its 2018 report, Refinitiv outlined that $1.45 trillion of aggregate turnover is lost as a result of financial crime. This year’s report shows that the cost could indeed be much greater. Only 62% of the 3,000 compliance managers Refinitiv surveyed across 24 geographies claimed that financial crimes were reported internally, and just 60% said that they were reported to the relevant external organization.

Over the next year, companies are intending to spend on average 51% more to mitigate the crisis. The increased investment emphasises the priority placed on fighting financial crime in 2019 and reflects the amount of pressure respondents are under to be more innovative to both reduce risk and costs.

According to the report, an overwhelming majority of respondents (97%) believe that technology can significantly help with financial crime prevention with cloud-based data and technology the top choice, followed by AI and Machine Learning tools. Technology-driven solutions, such as Artificial Intelligence and Machine Learning, are already allowing businesses to implement processes and check up to millions of customer and third-party relationships, more quickly and efficiently.

Phil Cotter, Managing Director of the Risk business at Refinitiv, said the results showed that businesses need to do more to invest in technology to address the problem: “It is clear from the results of this report that businesses exposed to financial crime threats need to maximize their use of technology and future collaboration could prove key to realising the potential of innovation, particularly between tech companies, governments and financial institutions.

“Significant advancements in technology, facilitated by innovations such as AI, ML and cloud computing, are already under way. These technologies are enabling intelligence to be gathered from vast and often disparate data sets which together with rapid advances in data science, are transforming the approach to compliance, streamlining processes such as Know Your Customer (KYC) and helping to uncover previously hidden patterns and networks of potential financial crime activity.”

While the report focuses on the many emerging technologies coming on stream in the fight against financial crime, it also urges organisations not to overlook another vital form of innovation – collaboration. Just over eight in 10 (81%) respondents said that there is some sort of existing partnership or taskforce  in their country to combat financial crime. 86% believe that the benefits of sharing information within such a partnership organization outweighs any possible risks.

In 2018, Refinitiv partnered with the World Economic Forum and Europol to form a global Coalition to Fight Financial Crime. The Coalition is working with law enforcement agencies, advocacy groups, and NGOs to address the societal costs and risks that financial crime poses to the integrity of the global financial system.

About Finance Monthly

Universal Media logo
Finance Monthly is a comprehensive website tailored for individuals seeking insights into the world of consumer finance and money management. It offers news, commentary, and in-depth analysis on topics crucial to personal financial management and decision-making. Whether you're interested in budgeting, investing, or understanding market trends, Finance Monthly provides valuable information to help you navigate the financial aspects of everyday life.
© 2024 Finance Monthly - All Rights Reserved.
News Illustration

Get our free monthly FM email

Subscribe to Finance Monthly and Get the Latest Finance News, Opinion and Insight Direct to you every month.
chevron-right-circle linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram