BISSBanner.jpg
Home
Whitepapers
Articles/Blogs
Reports
The B.I.S.S. Accreditation
Recent Accreditations
B.I.S.S. Accredited Vendors
About Us
Our Clients
B.I.S.S. Presentations
Events
Press Releases
Contact Us

Twenty Five Million Reasons Why Thales Is Important

With so many regulations pounding the doors of financial services firms it is becoming easy to just take each one in turn and follow an objective of compliance. However, this approach will miss opportunities to tackle compliance with strategic developments that will ultimately prove cheaper and more effective upon implementation. For example MiFID has a high focus on the “know your client” aspects, through the articles which concern client classifications, suitability and appropriateness, which are not too far removed from the questions required to comply with money laundering laws. How many firms have made this simple connection? How many firms are treating these regulations as individual projects, all with separate budgets? The database developments and the resulting application enhancements will not look too dissimilar on paper.

 

One of the greatest problems afflicting financial services firms today is identity theft, which regularly makes headlines, when extremely bad cases are reported, but on a more day to day level, is rife. (This risk will have been considerably increased due to the recent announcement concerning the loss of the 25 million personal records by the HMRC). Estimates vary to the value in general, of lost assets that clients face, but it is heading towards many millions and the increase in identity theft and fraud is very likely to increase dramatically as more automation is introduced into the transaction process, through market led projects emanating from MiFID in securities operations and SEPA in payments. All the benefits achieved through eliminating operational gaps and streamlining the process actually increases the risks of fraud. This is playing into the fraudster’s hands unless more resilient barriers are imposed within the frontline trenches when an account is opened. I might add this is not a case of more form filling and a reduction of service levels at the banks counters, but a plea for financial institutions to invest in software designed to protect the client’s identity. I understand that Barclaycard have recently introduced an identity theft service for their customers, for which they charge an annual fee, should they not be doing more to ensure that their customers are protected from identity theft instead of charging them to clear their name of any unwarranted bad credit ratings, which may ensue in the case of their customers identity being stolen, through gaps in their system.

 

Thales is the leading software specialists in the identity protection space and for years have been developing robust solutions that achieve high levels of protection without burdening their customers with clumsy processes or functionality. It is interesting to listen to Paul Meadowcroft the Transaction Security Director at Thales, who is frustrated by the industries lack of resolve to invest in readymade technology to help solve the identity problem. He makes the point that for “SEPA the customers are waiting for the banks to tell them what to do” the vendors are also waiting for the banks and the result is a hole in the industry’s ability to implement an existing solution. He continues that it is “the banks responsibility to protect its customers and not the vendors”. Without the banks specifications and budgets to tackle the problem the hole will remain. Thales is looking to embed their product within other vendors systems but this approach will still founder unless the banks look more seriously at the problem, there is a perfect opportunity with both MiFID and SEPA, indeed in this respect the identity problem is almost identical and could have been included in these projects.

 

SEPA in particular could create a technology climate where fraud could be made easier. Any consolidation of banks within the payments process and any operational streamlining increase the chances of fraud as there will be less systems and therefore less checks during the transactional life cycle. The solution is clear that technology to identify potential fraudulent activity needs to be incorporated. Will banks be able to take a more rounded look at these issues and invest in the appropriate solution? It is unlikely, given the way banks are planning for SEPA as Meadowcroft says “SEPA is like knitting fog” and is suffering a distinct lack of focussed planning and implementation.

 

Thales supports the Voca environment as a good solution and note that IdenTrust provided a significant contribution to the faster payments project in the UK. So there are clearly solution providers able to engage with the industry in producing successful solutions. Perhaps the “tail should wag the dog” to some effect, with vendors presenting their solutions to the regulators, arming them with information so that they know that there is no excuse for inactivity by financial services firms’.

 

It is about time the financial services firms looked strategically at regulatory changes and implemented solutions that tie together the basic requirements of client and asset protection. It really should not require regulatory pressure for banks to create a secure architecture for their client’s assets, it should be fundamental. Indeed there is a clear business opportunity for banks and other financial institutions to market the level and security of their services and operational environment. Just ask Thales about the availability of security systems after all they invented it.       

 

By Gary Wright

ã B.I.S.S. Research Ltd 2008  UK Registered Company Number:03369427  

Registered Address: 3 Northwood Gardens, Clayhall, Ilford, Essex,IG5 0AH Disclaimer 

Fasthosts powered web hosting