Cyber security - a crucial part of your firm's foundation

On 13 January 2018, the revised Payment Services Directive (PSD2) and open banking launched. But what does it mean?

For the consumer it provides them with choice, choice to share their data in a way that allows them to take advantage of the newly regulated payment initiation service (PIS) and account information service (AIS).  In practice this could look like:
  •  rounding up a customer’s purchases to the nearest pound and then investing the digital spare change; or
  •  storing consumers’ digital loyalty points, reducing the number of loyalty cards they carry around.
For the existing banks, although they must give up some of their precious customer information, they will in turn be able to consume customer information from other sources helping them build up a broader picture of their existing clients helping to understand them better.

For fintech firms, this is where the greatest business opportunities lie, to innovate and shake things up. The newly available customer information is there ready to be understood, sliced, diced, optimised or simply presented in new ways.

However, we are not there yet, even though 13 January has passed we are still on the launch pad, engines are fired up, but there is still a way to go.

Challenges around cyber security have still not been ironed out, we are currently operating in a hybrid model until the Regulatory Technical Standards on strong customer authentication and common and secure communication come into force over the next year or two.

Understanding these Regulatory Technical Standards as they go through the review process and ‘baking’ them into any products early on will ultimately save heartache (and costs!) in the long run. The upcoming General Data Protection Regulation (GDPR) also means that doing the right thing with personal information should not be an afterthought.

Trust is a term often used when discussing PSD2 and open banking. A failure of trust within a single firm, for example, loss of customer information, could easily damage this fragile new ecosystem. So for it to succeed, IT security must be part of the foundation.

Moore Stephens can help you understand and address the IT security and GDPR issues associated with PSD2. If you are developing new forms of payment service, you could potentially be eligible for R&D tax credits, which could help to fund your business operations and our experts can advise on your eligibility. Our team are also able to assist those firms who require support in achieving PSD2 compliance.

For further help and advice, please contact our IT consulting team.

Leave a comment

 Security code