17 October 2017

Swift Business Forum, New York - live blog

14 June 2017  |  9883 views  |  0 New York Skyline 2

Welcome to Finextra's live coverage of the Swift Business Forum in New York. This event will focus on the key issues affecting the financial industry, including banking, payments, and securities. Cyber security will also be a hot topic, in light of the announcement of Swift's Customer Security Programme.

17.03: That concludes Merrill's presentation, and indeed the Business Forum New York for 2017. Thank you very much for following the event on our live blog. 

17.00: The hard part about incentives is that they drive behaviour. If you get the incentives wrong, you get erratic behaviour cautions Merrill.

16.57: Forcing different ways of thinking into the planning process can help create more resilient plans. Merrill says that HR encourages people to hire 'themselves', meaning there will be little deviation from the course. The slide at this time states 'Always Overhire' as this is a way to ensure you can hire diversely. This echoes a conversation in the afternoon cyber session where the question of diversity of the industry was questioned.

16.52: Almost any time you hear a story about big data, it is about big data doing magic, cautions Merrill. Most of it is hype, but not all of it is. You need to combine maths and intuition.

16.44: While you should listen to your customers, do not listen too carefully. Merrill notes that Google was allergic to focus groups, but then this changed thanks to a marketing innitiative. This started negatively effecting how the Google search results page was set up - by doubling the results on the first search page, the load time took twice as long.

16.36: It is that time of the presentation where Britney Spears appears! As part of Merrill's presentation, not in person, sadly. He recalls how when he was at Google she was the top searched term in a year, but nobody could spell her first name correctly. By noting this, Google was able to see how customers typed in, deleted and retyped a new spelling. From this, Google was able to innovate an algorithm for autocorrect suggestions in searches.

16.32: We know why we are good at business, but we do not know how we will be good tomorrow, says Merrill. It is ok to drop the ball in order to move forward.

16.26: Merrill cheers the audience by saying that, for the first time since 2008, financial services is now not the most disliked sector of Americans polled (apparently the US government now has this dubious honour). Nothing is too big to fail, warns Merrill.

16.22: Time now for the closing keynote presentation, which is going to be delivered by Douglas Merrill, former chief information officer at Google.

16.15: The SWIFT Customer Security Programme is mentioned by Pérez-Tasso, and he is encouraged by the positive action that the financial services community is taking in this regard. Cyber and compliance on one hand, and innovation on the other, are mutually reinforcing. The best approach to this is to foster a cyber mindset when innovating. Pérez-Tasso picks out the future of correspondent payments as an example for this - as to whether the industry should start from scratch or to evolve what already exists? He notes that there is not need to throw the baby out with the bathwater, but we should focus on enhancing what we have. The SWIFT gpi is given as an example - just because it uses existing rails does not mean that innovation is standing still.

16.12: Pérez-Tasso says that Silicon Valley is more a mindset than a location, and that there is a lot of commonalities between the technology industry in both the west coast and east coast of the US. He says that innovation is happening, while cyber is certainly keeping the industry's feet on the ground. By addressing both issues side by side, the opportunity exists to take our industry to the next level.

16.09: Grainger returns to note that this is the most well attended Business Forum in New York to date. Then Javier Pérez-Tasso, chief executive, Americas and UK Region at SWIFT takes to the stage to reflect upon the discussions of the day in his closing remarks.

16.02: Stephen Grainger announces that SWIFT is making a donation to Breakthrough New York, a non-profit that works to bridge the opportunity gap for children in New York. Their executive director, Rhea Wong, joins us to explain a little of what the charity does and to thank the audience.

15.45: That concludes our geopolitical conversation. Delegates from all of the breakout session streams are now heading to the main plenary room in anticipation of the closing keynote.

15.43: Will foreign banks be treated differently in the US compared to domestic banks under the current administration? Feuer says it is not that simple, but that the risks are going to rise for internationally active organisations. It is nuanced. Harmonisation as a good in of itself is coming second to issues such as advancing US economic interest. A big challenge could arise as foreign banks need to comply with US and their domestic regulations, could these differences lead to an unlevel playing field? It is a concern. Ketley points out this is not a new question and has been an issue under previous administrations and in different countries.

15.40: A question from the floor asks if the rise of crypto currencies will have an impact on financial crime. Bandman notes that it is about a year since the Ethereum hack. He says that crypto currencies will change the whole understanding of what financial crime is.

15.36: Ketley agrees with Bornebusch, with the caveat that it is difficult to understand where to sit cyber with everything else. One of the reasons for this is that cyber can be so densely technical it is not understood that well among compliance managers.

15.33: Feuer notes that it used to be the case in institutions that AML risk was dealt with in one silo, sanctions risk in another, and so on. He asks the panel if firms are integrating these responses under a single umbrella? Bornebusch says that this is absolutely the case, this is all under one roof globally at his institution. There is an immediate benefit of having an overall view of all financial crime.

15.29: Technology is critical. When a position on a country changes, how does this impact on other related compliance issues? Bornebusch says that the role of technology is important in order to provide an at-a-glance update to customers and relationship managers.

15.26: Are there specific controls banks can put in place to prepare for potential changes in sanctions or AML? Ketley says that any time there is uncertainty there is risk. Customers may jump to wrong conclusions. There needs to be a process where significant possible regulatory change forms part of the senior management discussion, and organisations then need to know how to perculate this down to the customer facing side of the business.

15.21: In areas such as anti-money laundering, Bornebusch points out that interests are aligned between the US and other countries. Catching bad financial flows and cyber criminals is in the interest of everyone bar a few bad actors.

15.15: Will there be less cooperation between national regulators around the world? The US certainly seems to be forging its own path rather than focussing on harmonisation - Feuer cites the recent withdrawl from the Paris Agreement here. Bandman says that in any international negotiation the different parties at the table may have different opinions in what is required as a satisfactory or necessary outcome. In the innovative technology space, however, he notes that regulators are often keen to share experiences and outcomes.The international negotiation arena has benefits for all regulators.

15.10: While the movement to reduce and streamline regulations is a current trend, that does not mean less of an effort for regulatory departments in banks, says Bornebusch. He expects that banks will have to step up to find the common denominator betwee different national regulatory agendas in order to manage the underlying risks. Turning to Europe, Ketley points out that nobody knows what the UK regulations in relation to the EU will look like following the completion of the Brexit process.

15.07: Bandman says we will see which changes to Dodd-Frank will be changed directly by the Treasury and which will require legislation. It is hard to predict which of these elements will make it through the political process, he cautions. It takes time and people to make changes to processes.The biggest changes may not take place until 2018.

15.03: The Trump administration has three appointments to make to the Federal Reserve Board, which will likely end with the Board having a majority of Republicans. This is in line with other appointments at regulators made by the administration. Regulations such as the Dodd-Frank act are in a position where it looks likely that changes will be made.

14.57: Unpredictability and volatility are the two key trends in geopolitics at the moment, says Feuer, citing the Brexit vote in the UK and the US presidential election in 2016. He adds to this the hung parliament in the UK general election this month, and the ousting of the centre parties from the final vote in the French elections earlier this year. Feuer says these results are a trend towards populism and nationalism.

14.54: Will there be more AML regulation in the next 3-5 years? 83% of the audience are expecting more. Then a quick poll about sanctions regulation, which again finds around 80% of the audience expecting greater regulation.

14.52: Following introductions from every panellist, we kick things off with a poll. Is your firm regulated by either banking or securities regulators? 85% of the audience say yes - the regulated sector is heavily represented in the room.

14.42: Coming up now is the compliance panel mentioned earlier. This panel is made up of Jefferey Bandman, former fintech advisor, founding director Lab CFTC at the US Commodities Futures Trading Commission; Jan Bornebusch, head of AML, Americas for Deutsche Bank; and Alan Ketley, head of AML Global Strategy, Americas Compliance at The Bank of Tokyo-Mitsubishi. Mitchell Feuer, founding principal at Rich Feuer Anderson, is on moderating duties.

14.16: Following a round of applause for the panel, delegates break to get an afternoon caffeine boost. Coming up in around half an hour our attention will move to the evolving geopolitical landscape and how this may impact compliance.

14.15: Security is not technology, it is a state of mind, says Ciminelli. Changing cultural appropriation around programming can help bring a more diverse workforce to the IT security world. McKinty adds that we also need to look at changing organisationally to look beyond the standard 9-5 mindset to open up the industry to a greater talent pool.

14.12: AI is very good at highlighting what 'normal' looks like in a network, according to Macaulay. IT needs to address the issue that the sample taken in the first place is clean, but once this has been cleared it can be used to analyse complex network traffic and highlight the normal from the abnormal.

14.07: McKinty says that institutions can take the point about retaining data and apply it to information sharing as well. If the third party you are speaking to does not require all of the information that you are sharing with them, institutions should strip those out.

14.02: Institutions keep a lot of data that they do not actually need. Jaffe says that a company he knows suffered a breach, but was not hit badly as they only keep the last four credit card numbers used. He warns that many organisations retain data that they do not need but which is of value to malevolent outside forces.

13.57: Human error can be related to emotions, state of mind such as tiredness. AI does not make these kind of errors, but it still is fallable. The main reason that AI will make errors is from how it is taught, says McKinty. Macaulay notes that while AI should mean that fewer humans are involved in the process, it should not replace the human role completely.

13.53: McKinty says that if you’re a large tier bank, you will already have the 27 controls in place. For smaller organisations, new regulations can be a burden. If it becomes a paper-based issue that takes up resources, that can be a problem. He does note that SWIFT has mapped some of the 27 controls to existing regulations, so it is not a whole new set of compliance.

13.49: Legally the future is interesting, says Jaffe. There are the SWIFT 27 controls, which institutions can apply. The counterpoint is that your company just viewed these controls as a box checking exercise. There will be a discussion to be had on how the 27 controls will impact regulators and courts in the future.

13.42: Conversation moves to artificial intelligence as a possible solution. McKinty makes the point that AI is not a panacea. It does have a role to play and can achieve things that humans cannot, but he views it as another mathematical approach to tackle a problem. It is about finding the best technique to solve specific problems. Ciminelli agrees, AI has become a buzzword so it is important to cut through the hype to understand what is possible.

13.34: Ciminelli says that the industry needs to think differently when it comes to addressing the skills shortage. Too often, IT experts spend a large part of their working week filling out spreadsheets or reports rather than tackling threats. He says that upskilling of non-IT staff can help take this burden from IT. Also the industry could be doing more to attract women into IT roles, according to Ciminelli.

13.31: Automation is a key way that the skills shortage can be addressed, says McKinty. Triaging of threat intelligence is a good example of where automation can be used to do the heavy lifting, removing manual processes and freeing up staff to analyse the results.

13.30: Macaulay notes that there is a skills shortage in IT security that creates challenges. Jaffe says that regulation is involved here, with the regulator thinking about how banks should be staffing their IT requirements. Is it possible to get someone with cyber security experience on the board of every bank? Jaffe says that regulation makes the talent challenge even harder in some circumstances.

13.25: There is so much information about the financial services industry readily available, cyber criminals are able to study and learn about organisations. McKinty also notes that cyber criminals also target low hanging fruit, simple email scams that can give them access to your system are simple and cheap to achieve. Not every cyber threat is highly sophisticated.

13.23: Jaffe says that banks he works with have two concerns in this space - the threat of hackers looking to defraud banks through wire transfers and more, and then also the threat of terrorists or hacktivists.

13.21: An evolving trend in the cyber threat is its professionalisation, notes Ciminelli. It is an industrialisation of cyber crime. There is an arms race between the cyber criminals and the financial services industry. The criminals can evolve quickly as they do not have regulatory requirements to meet. They are also hiring professionals from the banking side for assistance.

13.15: Recharged and ready to go after lunch, the panel discussion to kick off the afternoon is called Cyber defenses: Building the next generation. This panel features Stefano Ciminelli, deputy chief information security officer with SWIFT; Peter Jaffe, senior associate at Freshfields Bruckhaus Deringer LLP; and Colin McKinty, vice president, Cyber Security Strategy, Americas at BAE Systems. The conversation will be moderated by Tyson Macaulay, chief technology officer - Cyber at BAE Systems.

12.10: Coming up after the lunch break, we will switch focus to cyber security in a panel discussion examining what the next generation of cyber defences will look like.

11.59: Halpin points out that corporate's clients now have the ability to do just in time payments - corporates need to understand what this means and banks can investigate how they can provide services around this. That brings the session to a close, and it is time for lunch here in New York.

11.55: Banks need to continue to focus on the settlement component, but what items of value beyond the settlement can banks also provide, asks Halpin. Focussing on the client experience is key. For Loftus, integrating liquidity into the payments space is important, as is integrating items such as a retail experience. What speed of delivery is required? You can price speed accordingly.

11.51: If banks can get together in places where there is friction in the cross-border payments landscape, there is an opportunity for innovation, according to Loftus. If this does not happen, she suggests that it will not be long before a fintech or third party sees an opportunity to take over the space.

11.49: A question from the floor asks how banks can speed up innovation. Watson says that this shouldn't just be a question for banks alone, industries and organisations are all part of the landscape . Collaboration is important when it comes to innovation, particularly with clients rather than working in a silo internally. What do clients want? They have to be part of the innovation conversation.

11.47: 'Competitively compliant' is a different mindset to simply being compliant, says Halpin.

11.41: What are the attributes of a product manager today? As a discipline, Watson says that large parts of it has not changed. You need to listen to the market, identify market problems and innovate solutions to solve these problems. But the part of the market you are listening to has changed, with fintechs emerging and banks needing to understand the issues of the corporate beyond the corporate treasurer. Halpin says that customer product experience is key for product managers to understand and relate to, following the fintech experience.

11.37: Banks constantly need to look at their infrastructure in order to remain nimble, says Halpin. One of the biggest change he has seen is how banks are looking for the right partner who can provide the commodity. Loftus adds that you need to also ask if you can adapt your core or do you need to rebuild a future-proofed model?

11.35: It is not just talking to the corporate treasurer of a client that can inform banks on how organisations want to connect, according to Watson. It is important to speak to heads across the business to understand this issue and requirements.

11.30: Turning to APIs, Halpin states that companies in certain industries are already far down the road with this innovation. Multinationals in Europe particularly will drive this globally, according to Halpin. Loftus says that this is another capability challenge. APIs are essential, and banks need to broaden their definition of the options clients have in the connectivity space.

11.29: Technology is an enabler to turn data into a product or service. The data is often the driving force for innovation. How can data be used to save money, aggregate transactions, eliminate paper, for example? Loftus and Watson agree that it is all about data. Banks need a strong data strategy about how they manage cash in order to be in the best place to comply with regulatory requirements.

11.25: The payment is almost a secondary item - the client needs the payment to close what they have done in terms of goods and services, says Watson. The payment should be almost invisible. Clients looks down the chain, and banks should be doing that too.

11.20: Corporates have buying and influencing power, and can actually drive banks towards standardisation, says Halpin. There are a lot of collaboration spaces that banks can be working on. Loftus says that working together can benefit banks in providing robust client offerings that compete with non-bank and fintech solutions.

11.16: Standardisation and innovation are sometimes seen as being at loggerheads. Watson says that we want to innovate and standardise at the start of a process, focussing in on the problem that the innovation is trying to solve, in order to see industry and client buy in.

11.12: Business clients are people too! They are used to a simplified way of dealing with banking and payments in their personal lives, and therefore want this simplicity translated into their working lives as well. Loftus says that if banks can demonstrate an easier way to do something or to implement a change that can save money, clients will be receptive.

11.10: Halpin agrees that embedding the bank with the client is critical to driving innovation. Addressing the holistic payment needs of the client is important, with the corporate treasurer but also with the purchasing manager, two areas that are sometimes linked but sometimes not. Look through the eyes of the client when addressing payments innovation.

11.07: Differentiation has traditionally come from a product point of view, but today there is not much difference there, according to Watson. Client experience and expectations are the new differentiation areas. Loftus points out that clients are looking for banks to provide them with a roadmap as they go global. Simplifying the user experience is a key driver here.

11.03: Grainger kicks off precedings with an audience poll asking what the main driver of banks investing in differentiation through innovation and customer experience. Customer expectations, fintech and regulation were three options, but 'all of the above' won the majority.

10.58: The banking and payments stream session next up is titled: The customer experience: Moving beyond the payment. Moderated by SWIFT’s Stephen Grainger, our panellists are Thomas Halpin, executive vice president, global head of Payments Products at HSBC; Emma Loftus from Citi who we heard from in this morning’s plenary panel; and David Watson, chief digital officer, Global Transaction Banking and head of Corporate Cash Management Americas at Deutsche Bank. Clearly this is a popular topic as the room is packed before the session begins.

10.31: That wraps things up for the opening plenary session. We will be back with a stream session on payments at 11am.

10.30: As an industry, what should we be focussed on? If your level of investment and innovation is not increasing, that is a problem at a time of shrinking margins, says Puth. Working closely with clients is key. Jessop comments that every institution should ask themselves what their definition of innovation is. This will help guide investment and partnerships. For Loftus, innovation is not an exclusive right of non-bank providers. Banks own their client relationships and should invest in these. Blauner notes that adversaries to financial services collaborate and innovate rapidly. We have to be better than them.

10.28: Innovation rarely happens in a straight line, but when it does take off you need to be there, says Puth. Addressing crypto algorithms, Blauner says they always degrade over time, says Blauner. Resiliency is key.

10.23: Those that fail to adopt to key new technologies are set for failure, says Puth. Blauner adds that the critical risk management and due diligence has to be addressed before "the wave crests" though, as cyber criminals will always be targetting networks that have developed scale.

10.19: Loftus says that the most success in partnership with non-banks has been the power of the dumb question - addressing areas in financial services that do not make sense in this day and age is a good way to drive innovation.

10.16: The internet knows no national borders. This is a geopolitical challenge that the financial industry has to work through, says Blauner, particularly where national regulations are trying to be imposed.

10.15: New innovative startups can go into the world without regulation, and then regulation will catch up. This is a challenge for the financial services industry that exists in the regulated world, Puth comments.

10.09: Cyber threats are global, so can the cooperation between the industry be global to meet this? Puth thinks that is possible, institutions need to remain in touch with as many smart people as they can. At the same time, infrastructures have different attack surfaces, so companies also have to address where the weakest point in their own organisation is and constantly address this.

10.03: Transforming payments is about making payments smarter, according to Loftus. Payment information that is incomplete, leading to back and forth issues between banks, can look to the client that the banks cannot innovate. Finding a way to sort this issue out in the back office while presenting the client with a seamless experience is one example where collaboration between FIs can be beneficial.

10.00: Liebbrandt asks what the relationship between DLT and cyber security could be in the future. Blauner says that we don't know yet from a legal or scalability perspective of how it could work. If you think about FDIC insurance, they want to know about end of day balances rather than specific transactions. Cooperation in ways such as Sheltered Harbor, where banks use DLT to solve the problem of losing balances from a cyber attack, is an early example of how this might work.

9.55: Innovation and forming partnerships with those that can help them innovate is the key way that CLS can look at a successful future, according to Puth. It is a balance between maintaining what the organisation provides as a core service while also delivering innovation.

9.52: Partnership between banks and fintechs is the only way to move forward with blockchain and distributed ledger technology to become a key rail for moving assets, according to Jessop. The operational expertise, scale and networks that banks offer is important for fintechs.

9.47: Loftus comments that it is up to banks to innovate. They should be asking questions about how and where they can innovate in ways that support and protect clients. Banks also have a responsibility to think of new technologies, how these can be integrated into the banking infrastructure while at the same time creating a simple user experience for the client.

9.45: Really good cyber security programmes live on intellgence. Information sharing helps everyone have a good understanding of the threat, while strong attestation helps organisations boost their understanding of their own capabilities. These two strands together provide a powerful tool to stand against cyber fraud, says Blauner.

9.42: Blauner opens by saying that in security terms, things have not changed so much, rather there has been an acceleration. Bad guys used to be a small group of experts, now they are basically contractors that can be hired from the laptop of the leading actor.

9.36: Our first panel of the day is introduced, with the topic of 'Innovating for tomorrow, securing today'. Our panellists are Charles Blauner, global head of information security, Citi; Emma Loftus, managing director, head of Global Payments, FX and Channels, J.P. Morgan Treasury Services; Tom Jessop, President, Chain; and David Puth, CEO at CLS. The panel is moderated by Gottfried Liebbrandt, SWIFT’s CEO.

9.32: Applause for Shah as he leaves the stage, with our host for the day, Stephen Grainger, Head of North America at SWIFT, taking his place.  

9.30: Self attestation needs to be completed by the end of 2017. Beyond that, SWIFT will share the information of those that have not completed the attestation process. SWIFT will provide sessions in hundreds of countries in multiple locations covering 30,000 bankers to provide education around this process. Again, Shah makes the point that those who act now will gain competitive advantage.

9.25: The Payments Control Service from SWIFT allows customers to screen messages according to their parameters, so they can discover suspicious activity before transmission, according to Shah.

9.22: Those banks that organise themselves to provide enhanced security, not only for themselves but also for their clients will gain a competitive advantage. Shah points out the role that SWIFT's KYC Registry can play in ensuring that banks and their clients in the fight against fraud.

9.18: Yawar Shah takes to the stage and promises to turn up the heat on what is already a humid summer day in New York City. He describes how cyber crime and fraud have become more sophisticated in the recent year, targetting data as well as money. Protections are more important than ever, which is why SWIFT has introduced its Customer Security Programme, explains Shah.

9.15: Technology, regulation and cyber crime are all mentioned in an introductory video, that asks how we can work together as a community to overcome such challenges.

9.05: Welcome to Finextra's live blog from Swift's Business Forum New York 2017. The attendees are filing in to the plenary room in anticipation of the opening remarks from Swift's Chairman, Yawar Shah.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related blogs

Create a blog about this story (membership required)
visit www.innotribe.comvisit www.vasco.comRegister now

Top topics

Most viewed Most shared
Ripple looks to drive bank adoption with $300m XRP rebate programmeRipple looks to drive bank adoption with $...
14740 views comments | 12 tweets | 3 linkedin
Swift positive on blockchain, but big challenges remainSwift positive on blockchain, but big chal...
8114 views comments | 15 tweets | 21 linkedin
hands typing furiouslyHow artificial intelligence can deliver a...
7371 views 0 | 7 tweets | 9 linkedin
satelliteGates Foundation backs Ripple collaboratio...
6683 views comments | 13 tweets | 7 linkedin
Ex-PayPal boss Thompson backs Canadian fintech Payment RailsEx-PayPal boss Thompson backs Canadian fin...
6055 views comments | 10 tweets | 12 linkedin

Featured job

to £70K base, £105K ote, benefits
London, UK

Find your next job