As today’s banking becomes more and more digital, clients are rapidly moving from traditional to digital channels. Islamic banks are responding to this behavioral change by adding more channels and increasing security to keep risks and client experience consistent and positive. Online banking and innovation may drive customer convenience, but may also give rise to more and new vulnerabilities. By adding new access points for criminals, we are also increasing the risk of cross-channel attacks. Cybersecurity vulnerabilities are the main cause of any form of financial crime. Whether we call it smuggling, smurfing, fraud or terrorism, it is a global problem that banks need to address and solve. FADI YAZBECK delves further.
Managing risk in financial institutions is an ongoing challenge, the impact of which affects many regions across the world, including the Middle East. The UAE is considered one of the most highly targeted countries in the world for cyberattacks, with Saudi Arabia the country with the highest email spam rate. In 2017, more than 3.6 million people within the UAE were affected by cyberattacks.
In 2018, McAfee and CSIS examined and quantified the global economic cost of cybercrime. They rated the UAE as the second-most targeted country in the world for cybercrime, costing the Emirates an estimated US$1.4 billion every year, according to McAfee’s report, ‘The Economic Impact of Cybercrime — No Slowing Down’.
Moreover, according to PwC’s ‘21st CEO Survey’, leaders in the Middle East rank fears around cyber threats higher compared to other regions, while the fear of cybercrime as a risk has risen significantly from 24% in 2017 to 40% in 2018.
The Middle East is particularly inclined to cyberattacks, as there are many companies with large amounts of liquid capital, and there is also a high number of global foreign nationals living and working with access to foreign or global networks and data.
There has also been a tendency for some countries to lag behind in upgrading cybersecurity and related technology to global standards.
At the same time, the speed of expansion of smart technologies, along with the proliferation of internet of things devices, is raising further vulnerabilities to such attacks.
Cyberattacks are not just a technology issue but also a major legal risk. Regulators are responding to this threat with new cyber and data laws. New audit powers and mandatory reporting requirements are putting businesses in the spotlight, and a serious attack could mean significant reputational and financial impact and loss of customers.
In the UAE, for example, cybercrime law has been in force since the 27th August 2012 and comprises 51 articles, most of which set out specific cybercrimes and prescribe the applicable penalty for each crime.
Still, Islamic banks should not rely on regulators to tell them what they need to do to safeguard their systems, as this is not enough to protect their business. Regulators cannot always follow the pace of technological evolution in time.
Cybercrime can result in significant losses in both revenue and reputation for Islamic banks, along with the interruption of their daily operations. From a broader perspective, it can even impact the overall digital landscape by shaking clients’ trust and confidence in conducting transactions online.
In such a challenging environment, Islamic banks need to secure their operations using the proper technology and screening tools, which will provide the necessary transparency and consistency of information and will reduce compliance costs.
The market is offering solutions to protect the Islamic banking sector from financial crime and prevent cyberattacks.
A comprehensive solution should cover fraud prevention, watch-list screening, anti-money laundering and the know-your-customer process, delivering industry-leading levels of detection with the lowest rates of false positives.
The ideal solution builds a customer’s financial behavior DNA to detect and stop suspicious transactions that deviate from normal and expected behavior.
Furthermore, the product becomes even stronger with the addition of an artificial intelligence (AI)-powered financial profiling tool.
This kind of tool can assist banks in improving the seamless and frictionless nature of their customer journeys and experience they offer by focusing their financial crime detection efforts on areas of higher risk.
AI tools can enhance detection sophistication and, by better understanding what can be considered normal for a given customer concerning their own and their peer groups’ financial behavior, reduce the need for banks to seek this additional level of verification when it is not needed.
This means that financial crime mitigation efforts, including anti-money laundering, can be focused on higher risk groups. The use of AI is an essential component in creating an intelligent Islamic bank of the future. This capability needs to be accessible to all Islamic banks, regardless of their type and size.
Improving customer journeys by creating frictionless omni-channel experiences is becoming a key priority for Islamic banks. Investment in financial mitigation capabilities that will automate their cybersecurity is becoming a must.
Islamic banks will have to enhance the protection they offer to their customers from cybersecurity and financial crime, and avoid risks of reputational damage and potentially heavy fines and large losses.
Fadi Yazbeck is the senior product manager at Temenos Islamic. He can be contacted at [email protected].