COVID-19 has created a sea change across the financial services sector with respect to remote work and a push for digitisation. The financial sector experienced the most disruption, with an accelerated innovation roadmap that saw manual processes including account opening, lending applications and more become digitised.
In the push to develop online services, security was often an afterthought and bad actors took advantage of the new breach opportunities leading to a surge in systemic fraud over the course of the year. This was a key learning in 2020, and in the MEA region we are likely to see more institutions look to multi-factor authentication (MFA) with new digital technologies like facial recognition and biometrics to better identify and stop fraud. There are great opportunities ahead for the region’s banks, here are some key areas that I feel will be important in the MEA region and globally.
Intelligent Authentication will become the norm: Cybercrime has become prolific in the financial sector across the MEA region as rapid digital transformation has given malicious actors the opportunity to exploit holes in security. SIM swapping has been a huge issue, with hackers able to obtain duplicate SIM cards to receive a One Time Password (OTP) via SMS on their phones. The next focus for the regions banks is securing digital authentication. While Egypt was the first to legislate for multi-factor authentication and to forego SMS OTP, the UAE Central Bank is now encouraging everyone focus on stronger customer authentication using MFA and technology such as biometrics. Developing strategies to protect users from the inside out will be key to as the focus on digital services to access financial information continues.
Faster digital transformation is key to MEA competitiveness in global financial sector: Until the pandemic, MEA employees were office-based and customers used to visit their local bank branch for their financial activities. Now that has changed: with branches set to close, the industry’s success lies in digital transformation, touchless banking, and harnessing new technologies to drive competitive, secure, remote services. Banks need to deliver the secure access users crave combined with a seamless experience that keeps them engaged. To support them, regulation needs to move quickly to aid the delivery of cost-effective, flexible, future-proof technology.
The focus on Open Banking will grow rapidly: several Middle Eastern countries have begun initiatives aimed at digitizing payment systems and using technology to diversify their economies away from oil production. These structural changes will drive the urgent need for financial institutions, especially corporate banks and international institutions, to transform operations specific to electronic payments, identity verification, and digital anti-fraud controls. Saudi Arabia, for example, has launched a regulatory sandbox that allows international and regional financial institutions to provide innovative new solutions to customers and the Saudi Central Bank, clarified that services and products including e-wallet services, P2P transfers, purchases through QR codes, and direct international transfers through fintech companies are being tested.
Synthetic identity fraud will increase: In the coming year, synthetic identity fraud will surge, as bad actors continue to use stolen identities to open fake bank accounts. We will see more of this with the next wave of government stimulus. In fact, with more access to sensitive personal data, fraudsters have the power to perpetrate more digital fraud, create fake identities and drive up new and existing account fraud.
Data lies at the heart of effective fraud mitigation: Faced with the time pressure of having to rapidly develop their digital banking channels while securing them against increasing fraud attacks, banks deployed basic fraud monitoring rather than focus on the collection and analysis of data from multiple layers. Currently, the majority still only analyze transactional and biometrics data, rather than tracking all user actions, from session login to logout to connect all related events that could highlight hidden fraudulent activity. Those banks that harness the power of data from user activity, behavioral data, and contextual information collated from the user device will gain a competitive edge in the detection and control of complex fraud attacks.
An increasing number of banks will start to accept other forms of currency, including Bitcoin and Altcoins: Because of COVID-19 and the move toward a cashless society, banks will begin to accept other forms of currency like Bitcoin and other cryptocurrencies. COVID-19 brought on a fear of handling cash and a rise in credit card fraud, which prompted banks to begin looking into accepting alternative, safe, and secure means of currency. Although in MEA, countries such as Qatar have banned their use.
Digital identities and remote account openings will gain traction worldwide: In a bid to combat money laundering and terrorist financing, and in response to the COVID-19 pandemic, many Middle Eastern countries have enhanced their regulatory framework related to KYC standards and remote identity verification. The new guidelines issued by the Arab Monetary Fund (AMF) for Electronic Know Your Customer (e-KYC) permits remote or non-face-to-face onboarding of new banking customers.
Facial recognition will drive the greatest changes to banking regulations: As banks increasingly use facial recognition technology for Identity Verification requirements, they are housing large amounts of consumer biometric data. Standards organizations such as the National Institute of Standards and Technology (NIST) and Fast IDentity Online (FIDO) Alliance and are developing frameworks that could be adopted at the national level and would stipulate how banks protect and store their customers’ biometric data.
As digital banking evolves and greater focus is placed on adaptive authentication and risk analysis, banks will need to find the right balance between adopting innovative technology while maintaining secure services for their customers. I believe that there is already a positive shift in how financial organizations are approaching secure banking and this will continue, as they start to adopt innovative technologies such as facial recognition and digital identities to enhance the customer experience.