For Financial Institutions, Managing Risk Requires a Revamped IT Strategy

The lines between financial and technology companies increasingly are overlapping. One of the latest examples is the Apple Card, the technology giant’s credit card offering, which launched in March. For the effort, described as “a credit card designed for iPhone,” Apple is partnering with Goldman Sachs and Mastercard.

Throughout the public announcement about the card, privacy and security were major themes emphasized by the Cupertino, Calif.-based company. Apple noted that “every purchase is secure because it is authorized with Face ID or Touch ID and a one-time unique dynamic security code.”

To that end, it should come as no surprise that, according to a new survey published by Deloitte and the Financial Services Information Sharing and Analysis Center, financial institutions are proceeding just as cautiously. Such organizations spend roughly $2,300 per full-time employee on cybersecurity each year — roughly 10 percent of their technology budgets, the survey finds.

Julie Bernard, a principal with Deloitte Risk and Financial Advisory and the insurance sector leader for the company’s Cyber Risk Services, said in a statement that as companies continue to expand, so does the need to get security right.

“The reality of ‘cyber everywhere’ is taking hold as organizations are working quickly to understand what that means for operations, innovation and beyond — and the stakes have never been higher for getting it right,” she said.

MORE FROM BIZTECH: Here's what banks and credit unions need to know about email security.

Cybersecurity Is a Growing Risk for Financial Institutions

According to a second Deloitte survey published earlier this year, two-thirds of respondents called cybersecurity one of three risks that would increase the most in importance for their business over the next two years. Half of all respondents believe their organizations to be “extremely” or “very” effective at managing cyberthreats.

“Regulators across the globe are beginning to address the risks that cyberattacks could pose to the financial system as a whole,” Deloitte Risk and Financial Advisory Cyber Risk Services Leader Ed Powers said in a statement. “Given the increasing interconnections among financial institutions, their technology partners and financial markets around the world, good cyber governance and oversight is imperative to the ability to respond and recover effectively when a threat is detected or an attack is realized.”

The survey also pointed out, however, that new technologies are at the heart of risk management programs. Notably, 48 percent of financial services executives surveyed said they intend to leverage new solutions, including cloud computing, analytics and robotic process automation to modernize their risk infrastructures.

“Digital technologies have the potential to fundamentally re-engineer virtually every aspect of risk management,” Edward Hida, the survey’s author, said in a statement. “Financial institutions are now at the early stages of this transformation of their risk management functions.”

Excitement Abounds for Emerging Technologies

In a blog post accompanying the second Deloitte survey, Hida says that such new technologies have the potential to dramatically impact the efficiency and effectiveness of risk management.

“Much of this opportunity is still to be realized,” he says. “Relatively few institutions reported applying some of these emerging technologies to risk management.”

Hida added that the survey respondents are optimistic about how such solutions will enhance their risk management as well as other efforts going forward.

“Although adoption is currently fairly low, respondents believed that emerging technologies will deliver very large benefits or large benefits in many areas such as increasing operational efficiency/reducing error rates, enhancing risk analysis and detection and improving timely reporting,” he says.