News and resources on cyber and physical threats to banks and fintechs worldwide.

Hamish Monk

How to recover from a data breach

Hamish Monk - Writer - Finextra
UK payment firms push back on APP fraud refund plan
A Finextra Member

A Finextra member

  I think you'll find it is Bim Afolami. Also, if the average fraud is 30K, firms are unlikley to be paying out more than that in practice. Given this, the up to 415K limit will be exceptional, so there doesn't appear to be a justification for not keeping it. 
Police bust cybercrime phishing subscription network
Jamie French

Jamie French

  Love to see it! Well done to the Met, and an even bigger well done to whoever made the call to colaborate with Chainalysis, Intel 471, Microsoft, The Shadowserver Foundation and Trend Micro. That was smart!
Are fintechs destined to become banks?
Scott Hamilton

Scott Hamilton

  Very thorough analysis, and thank you Vladimir Krasik, for sharing it. I'm sure there are a few more questions still to be answered in this discussion. I am particularly wondering about the impact of the apparent dissolution of the Goldman/Apple partnership. I know it's just one example, and maybe not the best one, but will other high-flying fintech/banking partnerships grab such headlines, or scrutiny, as it has? And how will they be more fruitful for both parties? Supposedly, the bad blood is due to the link-up's reported unprofitability for Goldman and perhaps also to Apple's own discontent with the arrangement. What's next for Apple, a link with a larger, more established player in cards or retail banking? Also, I think a continuing question for many fintechs is how they get paid, i.e., if they provide 'free' services to customers, where is the revenue coming from to do so? In traditional banking models, it's from the spread between deposit and lending rates, fees for services, and in the case of credit card issuers, from interchange and related fees on purchases. You outline well how Wise and others decided that accounts and lending (cards especially) were an excellent opportunity for growth beyond their initial product offerings. For a fintech becoming a bank - and especially for its present and future investors - this may be looked at as a more stable opportunity for growing revenue as opposed to building volumes on a potentially 'teetering' or vulnerable source of income, like credit card interchange (under significant attack recently in the courts), subscription fees, advertising revenue, or sale of customer data to others.
Lloyds Bank cuts risk dept headcount
Ketharaman Swaminathan

Ketharaman Swaminathan

  Kudos to Lloyds Bank. I don't recall any other bank anywhere in the world taking such a public and explicit stance on what has always been well known in business: Mitigating risk does not pay the bills. Screening for risk is okay in loan approval, credit card authorization, and other transactional areas but too much risk sensitivity blocks strategic transformation. Most often, risk professionals lack the competence to analyze risk in the TO-BE transformed state in a rigorous manner, so they lean towards blocking the transformation as CYA strategy. Too much risk sensitivity is one big reason why banks have lagged fintechs in product and UX. I'm not saying banks should mimic fintechs' products and UX but, if that's what they want to do, downsizing risk department headcount is the way to go.
Dominique Dierks

5 common types of data breaches in the financial sector

Dominique Dierks - Content Manager - Finextra