Premium banking has always been about seamless service and pre-eminent asset performance. But now there’s a new factor in the premium equation: the challenge of assuring client trust in a digital age.
“Follow the money” is an old adage but one that cyber criminals take to heart still, as they target some of the world’s wealthiest private banking clients. Today, this client profile is likely to receive the kind of very personal attention they absolutely do not want: sophisticated attempts to relieve them of confidential data and large amounts of their wealth.
There’s no shortage of examples of potential threats becoming trust-damaging reality. Russia-based hackers remove 650 million pounds from U.S. banks. Qatar’s National Bank suffers a data hack that sees personal details, banks accounts and passwords compromised and ultra-high-profile individuals exposed. Family offices are regularly breached with resulting cyber-theft of personal information.
Premium banking needs first and foremost to be secure banking – that’s the foundation of trust in a digital age. The real value proposition of digital wealth management, enabling HNW individuals to flexibly and responsively access their portfolio, their investments and their asset allocation, is exciting. Making that happen with the levels of security needed to maintain trust is the fundamental challenge.
Yet, the more wallet share a successful wealth management relationship achieves, the greater the centralisation of data. In turn, we see ever increasing levels of threat to client and institution from a cybercrime-engineered breach of security.
What the digital transformation programme must not do is leave HNW and UHNW customers more exposed than they were pre-digital.
So, how can institutions ensure that wealth is safe across clients and channels? How can they adapt core infrastructure to achieve the right standards, processes and governance to deal with attacks when there is a breach? They need to start with a clear awareness of the four main driving factors of digital risk:
As Wealth Managers rapidly evolve traditional service into a new raft of digital delivery experiences, they must deal with the underlying problem of ‘old-fashioned infrastructure’.
The least satisfactory response is the piecemeal approach: introduce an attractive new app here, shore up security there, and respond reactively to the demands of regulatory compliance as they appear.
Instead, those determined to be leaders in the digital wealth economy need to adopt an enterprise-wide view of their digital risks. They need to think about the future and how they can get their whole operating model to evolve. The objective is to be truly fit for purpose in the face of an ever-growing cyber-security threat.
To provide the security needed to assure trust, wealth management leaders must leave one-off cyber-security measures behind and embrace holistic Digital Risk Management –DRM.
Holistic risk strategy will be achieved by close reference to the three key axes of trust within digital wealth management. These are:
Trust in the client: authentication and validation of clients’ digital identity and behaviours.
Trust in the channel: securing access points and data flows across all channels.
Trust in the provider: safeguarding data exchanges with external parties.
Planning and implementing within the framework provided by these axes of trust will drive a comprehensive, coherent and concrete set of defences against cyber-security threats.
Digital Risk Management and successful wealth management are set to become synonymous. However, only the joined-up approach of a truly holistic security strategy can assure client trust in a new landscape of digital wealth services and their associated cyber risks.
Download our DRM Point of View paper to find out more.
Dan Giannotti is a Managing Principal and Capco UK Wealth Management Lead. Dan brings over 12 years of experience in strategy, design and implementation of complex business and technology-enabled change in private banking and wealth management.
Roy McNamara is a Managing Principal and Capco UK Cyber-security Lead. He has over 25 years of cyber-security experience gained within global FTSE100 companies across many sectors, including financial services, government and utilities.
The content and opinions posted on this blog and any corresponding comments are the personal opinions of the original authors, not those of Capco.