Welcome to Finextra's live coverage of the Swift Latin American Regional Conference 2018, in Miami. This event will focus on important issues affecting the financial industry in the region, and how the financial community can seize the opportunities that are emerging.
16.11: That brings Swift's Latin American Regional Conference to a close. Thank you very much for following all of the action across these two days on Finextra. See you next time.
16.10: Kelley closes with three big drivers for organisations. The first is keep it simple - reduce the number of solution vendors and alleviate friction between security and productivity. Secondly, be smart - speed up detection and response with automation and machine learning. Thirdly, focus on being integrated - built-in security means less to deploy and fewer agents to manage. Don't be scared, but be prepared, she concludes.
16.07: How do you manage security? Kelley notes that important questions to ask are whether you know the security state of your full estate in real-time, how easily you can configure and manage the security posture across your estate, and how you proactively improve your security practices over time. You need to learn from actual or near-data breaches and feed that back in to your security posture, she says.
16.01: The average dwell time - where an attacker sits in a network - is around four to six months, Kelley says. This is a long time, and is rather creepy! Thinking about it from another perspective, Kelley says that this gives us more time to find them. Looking for anything that is suspicious is critical.
15.59: When it comes to sensitive information, organisations need to understand where this resides. Kelley says that it is hard work to tag this data, but technology exists that can assist with this.
15.57: How much control do you have over access? Can your access control policies adapt to changing conditions, Kelley asks. Can you improve user experience and strengthen access protection? Banks also need to think how they protect user credentials.
15.54: Customers are expecting a different kind of contact with banks, Kelley says. Banks need a multi-dimensional approach, she says, through intelligence, platform and partners. Kelley says that 930 million threats are detected by Microsoft on devices every month. She says that you need to build security in to platforms. By doing this, you can eventually move a lot faster.
15.50: Cyber can be scary, Kelley says, citing ground attacks on wifi on planes. But there are foundational things that organisations can do in order to protect themselves.
15.46: Transformation through collaboration is a big theme of LARC, is this also important in cyber, Martinez asks. Kelley agrees that this is vital - criminals share information and monetise it, so those on the good side of the debate need to be open to sharing and collaborating in order to move fast.
15.44: Diversity is really important in cybersecurity, Kelley says. We need a diverse audience to discuss this problem, because it is not a purely technology issue. Different minds looking at these issue is critical. You can bring in psychologists, lawyers, people from all areas that can provide insight into motivations and goals of cyber actors.
15.41: Another key concern is being able to get through the sheer amount of data to find the needle in the haystack that is a cyber threat. Kelley says that one of the key areas of progress is on machine learning to assist humans to find and neutralise these threats.
15.39: Martinez asks Kelley what she is hearing from the wide array of CIOs and companies that she meets with. She says that internationally some of the concerns are the same - such as concern over Wannacry. But then there are regional concerns, GDPR is a huge issue in the EU, for example. She notes how the Finnish government is proud that it is highly trusted, but is very concerned about losing that. Then there are concerns around resources to battle cyber adversaries. Kelley says that finding and retaining the right people is critical for financial services.
15.35: Time now for the closing keynote presentation, titled 'driving digital transformation while minimizing risks'. The speaker for this final presentation is Diana Kelley, Cybersecurity Field CTO at Microsoft.
15.32: Juan Martinez, managing director, Latin America & the Caribbean, at Swift, takes to the stage to introduce a video on cyber crime. The video flags up the Wannacry attack as a way that nation states can impact businesses. One element of cyber attacks is to cause disruption.
15.29: Sanctions screening is a great example of where AI and machine learning can offer benefits, Acevedo says. Swift's board has approved the idea to revise its data strategy in order to benefit the community. Today, Swift uses AI in ways such as abnormal traffic detection and event analysis. Systems that are based on AI can learn by themselves. Swift plans to explore more use cases to enhance their services.
15.24: The third new technology under discussion is AI. Garcia says that there are different types of AI, including deep learning, and machine learning, for example.
15.22: Another issue Swift has identified is that banks need to invest money and time to fit DLT with their core systems - picking up on Selot's point from early about investment in core systems. Swift has a number of consortiums and innovation groups focussed on DLT. Moving forward, Acevedo says that Swift wants to explore more use cases, as well as move towards a Swift DLT platform.
15.18: Conversation moves on to DLT. Acevedo says it is key for Swift to see what is going on in the industry with blockchain. He says that Swift completed a proof of concept with blockchain this year. The PoC was about real-time visibility of accounts. When you send a message, you want to have a view of it, whether it was successfully completed or not, for example. This idea comes into its own when you consider payments going to countries where the business day is already over. The sender can clearly follow the payment.
15.10: The potential for APIs in Swift is endless, Acevedo notes. They can be deployed across content such as KYC, business intellegence, naming screening, control payment, MyStandards, and gpi version 2, for example. They should also continue to drive standardisation. If you want a history of your transactions from the past week, the APIs in Swift gpi will be able to allow you to see this.
15.07: Current Swift content that uses APIs include sanctions screening, gpi payment tracking, and with SwiftRef. Users of these services may not realise that they are using APIs, but are benefiting from the way they alow information to flow through Swift, Garcia says.
15.04: The session begins with a look at APIs. Open APIs tend to adhere to standards, they are treated more like products than code, and are documented in a standard and interactive way. Acevedo notes that there are a variety of API initiatives around the world, such as in the EU with PSD2, Open Banking in the UK, NACHA ASIG in the US, and more besides. APIs are also helping to drive real-time payments.
15.00: Time now for a SwiftLab session focussed on technology trends. The speakers on this session are Oleg Garcia, technical pre-sales expert, and Alvaro Acevedo, platform and technology expert, both from Swift.
14.58: We talk about fintechs all the time, but only 5% of fintechs are really successful, Selot says. Banks need to think carefully about where they want to invest in fintech, and to have a thorough understanding of their core execution in order to be agile and cost efficient.
14.55: Don't build a digital bank, build a bank for those raised digitally, Selot advises.
14.52: Selot says that banks need to invest in their business model before they start spending on technology. Digital capability, enabled by a technology is essential to building a new business model. Once you have the business model in mind, he says, it becomes very easy.
14.49: Every dollar that an enterprise invests in innovation will require an additional $7 in core execution, Selot says. He notes that banks are in danger of forgetting this as they rush to invest in innovation. Investment in the core has to be undertaken at the beginning of the process, or you run the risk of paying far more further down the road.
14.46: How will technologies enable transformation? Firstly, the role of the CIO has changed, as they have much better data and tools to make strategic decisions for the business. Selot says that the bank of the future will be more connected, efficient, and learned. Most of the technology being invested in at the moment include blockchain, customer experience, exposed services such as APIs, AI, IoT, quantum computing, digital applications, robotics and security.
14.39: How do banks transform themselves to be able to do this? One option is to move to a digital branded platform - Selot mentions some examples such as Scotiabank launching Tangerine, BNP Paribas launching Hello Bank! and so on. In Brazil, Bradesco has launched Next Bank, and their mission statement is to show millennials that their bank can grow and evolve with them, he notes.
14.35: Potential exists for some of the large global technology companies to enter and dominate the market. Selot notes that there are 110 million Amazon Prime subscribers around the world, while J.P. Morgan has 70 million customers. Banks are at the centre of an ecosystem. For banks to thrive in the new world, they need to become a lifestyle partner with their customers. They can do this by understanding the vast swathes of data they sit on.
14.31: Selot starts by running through some polling of millennials from a variety of sources - 33% are open to switching banks in the next 30 days, 71% would rather visit a dentist than talk to a bank, 1/3 believe that banks will not exist in 5 years, and 86% are interested in socially responsible investing. Clearly this is having a major impact on financial institutions.
14.26: With everyone now back from lunch, the afternoon session gets underway with a presentation from Amor Selot, head of Financial Services Consulting, Digital, at Fujitsu America. Selot is exploring digital technology trends that are impacting financial services.
13.18: And on that note, it is time for the lunch break. Join us again later this afternoon, with digital technology trends first up under the microscope.
13.16: Wrapping up the panel, Klasa asks what the panellists are most looking forward to seeing in the next 12 months. Srinivasan says the action on corruption has been positive, and this needs to keep happening. Gamarra agrees, saying he is very happy to be sat next to an IMF representative who is positive about Latin America. For Castellano, the strong public demand for transparency is a powerful driver. He says that political parties are struggling to keep up with that, so he will be watching how that evolves. Casillas says that financial markets are very important in the region, more than they used to be. He also flags the rise of importance in fighting corruption, and how income inequality can point to the rise or not of new populism in Latin American countries.
13.11: The majority of countries in Latin America have evolved and improved their record on corruption, Casillas says. It is now seen as bad behaviour, which is a cultural shift. Gamarra says there has been significant progress not only in attitudes towards corruption, but also in legal reforms. More reforms are required though, he says, such as with political funding.
13.08: On the topic of Trump, a question from the audience asks if the President can have talks with North Korea, can he have talks with Cuba? Castellano notes that this is quite a sensitive relationship.
13.06: What is the outlook for some of the smaller economies in Latin America? In Costa Rica it is clear what is needed, Srinivasan says, namely a fiscal adjustment. He says the new government there is making positive noises in this regard, and he hopes things will get better. Casillas touches on Panama, saying that some authoritarian governments have been able to migrate their money and financial subsidiaries to Panama. Gamarra agrees that Panama benefits in this way, but they face a tough conversation about immigration, particularly from Venezuela. They also have an election coming up, he notes.
13.00: The most likely scenario in Venezuela is a long-term continuation of the current situation, Gamarra says. He describes there as being no interest from the rest of the region is forcing a change there. Castellano says there may be gradual changes over time, but no abrupt changes are likely.
12.56: Gamarra says there has been a vacuum of policy in the US towards Latin America, particularly with the current regime which only has tactics and no policy. This vacuum has played in to China's hands. Overall for Latin America, this is positive he says, as it will allow Latin America stabilise. He cautions that the worker conditions and payment conditions are a challenge in this relationship with China, however.
12.54: Castellano says that macroeconomic policy convergence is very important for the region. If this can be achieved, it will benefit the trade options of the region, but there is a lot of work to do. Compliance with global regulatory standards is key, but it requires political will to get this done.
12.52: Conversation moves to China, and the rise of Chinese influence in Latin America. Srinivasan takes an upbeat note, saying that the increasing trade between Latin America and China is a positive development. He says it is also a time for Latin American leaders to look at how they can increase trade internally in the region, citing Asia Pacific as a region that does this well in a way that benefits all.
12.49: The recent tariffs from the US on Mexico will not last too long, Casillas speculates. When the US sees that they really don't do anything, they will change tack. Castellano agrees that the tariffs are just a negotiating tactic, but it could have an impact on the Pacific Alliance.
12.43: The humanitarian crisis in Venezuela impacts every country in the region, Gamarra notes. There are not the levers that other Latin American countries can use in order to bring about change in the country.
12.40: One piece of good news is that most countries in Latin America have been able to reduce their current account deficits, Castellano says. There are risks related to growth in the region, but he says that the region is relatively well prepared for this.
12.37: Srinivasan says the one thing that has changed in Latin America over the years is the institutional reforms that have happened. In Brazil, everyone knows what the roadmap is for what they need to do fiscally, but the debate focusses on the speed that this may happen. He adds that countries with large financing needs are the most vulnerable to capital flight, particularly as a result of inflationary pressures in the US and potential rate hikes. Casillas agrees that many geopolitical pressures in Latin America are tied in to this.
12.33: The gradual nature of the fiscal adjustment in Argentina is a marked change to the usual dramatic adjustments based upon crises, Castellano says. The country needs sustained growth to support this.
12.30: In Argentina, the economy appears somewhat fragile, particularly with exposure to US interest rates, Klasa says. Castellano comments that the unexpected success of the governing party in the mid-term elections gave it extra impetus to tackle a fiscal adjustment. He says that the government talking about the fiscal aspirations it has sets it apart from a country like Mexico, where fiscal responsibilities have not been discussed in the election campaign.
12.26: Turning to Mexico, Casillas points to the governing history of the front runner, who has been mayor of Mexico City in the past. That said, he hasn't commented on the financial system in the country during the campaign. Casillas says the financial sector believes that growth will likely continue between 1.5% and 2.5%.
12.23: The front runner in the Brazilian election is not allowed to compete as they are currently in jail, and Klasa asks whether this threatens to undermine the credibility of this election. Gamarra says there is a possibility of a breakdown scenario similar to that in Venezuela. However, he says the jailing could be view as a success of the institutional system of the country.
12.20: Gamarra notes that the elections in this year or two appear to be markedly different to those of the recent past. He says there are competing visions of democracy. There is a breakdown of the traditional party system in Mexico and Colombia for example, he says.
12.16: The risk of protectionism and trade wars is relevant to Latin America due to NAFTA. Then there is uncertainty related to US tax reforms. Srinivasan also notes that with elections in six or seven countries in Latin America, with a risk of populism, as well as the focus on Venezuela and how the election there may have repercussions for the region.
12.14: Klasa frames the discussion in the context of various elections in Mexico, Brazil, and Colombia among others, as well as the moves towards a trade war by the US that will have regional implications for Latin America. Srinivasan opens by saying that economic growth is anticipated in the region in 2018 and 2019. Inflation has fallen sharply, allowing central banks to cut rates which has boosted investment. However, the long-term picture is less rosy, he cautions.
12.08: The panel discussing Latin America's geopolitical climate is comprised of Gabriel Casillas, investor relations officer and chief economist, managing director at Banorte; Martin Castellano, head of Latin America Research with the Institute of International Finance; Eduardo A. Gamarra, Political Science and International Relations professor at Florida International University; and Krishna Srinivasan, deputy director of Western Hemisphere Department for the International Monetary Fund. The moderator is Adrienne Klasa, development finance editor with The Banker.
11.32: Time now for a short break. When we return, there will be a panel discussion on Latin America's geopolitical climate and its impact on the financial services.
11.30: Training is vital so that everyone in an organisation understands threats and responses to cyber. Padilla says that the community needs to collaborate, share and report what is happening in order to build industry knowledge.
11.27: Financial institutions need to share knowledge of threats among each other and also with law enforcement, Contreras says. Confidence in the system is vital for this to be successful. Padilla says that governments have a lot to do in this regards, but so do regulators in order to see successful results.
11.23: Most institutions are not applying everything they could be doing, Contreras says. Implementation takes time and money, and it is a long journey to get secure. Padilla says organisations should do a risk analysis of any vendors they work with, identify the risk criteria that could affect you, and carry out an ethical hacking test to see where the vulnerabilities lie.
11.18: What tools are required to be cyber secure? Padilla says the tools don't have to be expensive or from a certain brand. Data analytics have a key role to play here. She gives the example of a free tool that is available for data analytics. Protection of the network perimeter and similar defence tactics can be expensive, but they can be complimented by these less expensive options. Contreras says that cyber security tools can be like a Ferrari, expensive and good looking but if you don't know how to drive you are going to have problems.
11.14: Tackling cyber security can not be done in siloes, Contreras cautions. He says that the financial services industry is maturing in this regard, but there is still work to be done. Financial services are being supported in partnership with regulators in different countries - he cites a recent example in Colombia in this regard. Information sharing can help to strengthen the industry.
11.11: The level of awareness is lacking, creating a major gap that can be exploited by malevolent external forces, Contreras says. The important thing is to do this based on experience, Padilla notes. She says that five years ago they conducted a hacking drill that found 33% of the organisation had a virtually identical password, including people that ran the company database as well as senior management. When Padilla took this information to the president, he said that he wanted a similar report every month from then on. This had a positive result, as that number of 33% trended down, eventually to 0%.
11.05: Padilla shares an experience from about three weeks ago in Colombia. There was a national crisis drill, and one of the main outcomes was just how clear it is that there is a lack of knowledge about cyber attacks in senior management of companies. Contreras agrees, saying that awareness is vital at every level of business and society.
11.00: The theme of cyber security continues on the next panel discussion. Moderator Cecilia Tornaghi, managing editor of LatinFinance, is joined by Belisario Contreras, cyber security program manager (Inter-American Committee against Terrorism) at the Organization of American States; and Nelcy Martinez Padilla, director of Information Security and Cybersecurity at the Colombian Stock Exchange.
10.54: The third way that hackers can get in is through web application-focussed attacks. There are ways through APIs to access systems illegally, Johnson says. The easier you make it for your customers, vendors and clients to interact with you, the easier you make it for external threats to get in.
10.52: Talking to the organisations they work with, Johnson says that most organisations focussed on the external threat but overlook internal threats. Are all employees happy all of the time? No, they are not, and they need monitoring. Segmenting and controlling what happens within your organisation is vital - think about what access people need, and then block everything else, he advises. it is not that you don't trust your users, but you don't trust the external hackers that could take over and appear as your users.
10.48: The second most common way that hackers get in is through network-focused attacks. Despite firewalls, attackers can compromise one computer inside the network, and effectively become that user on the network. Johnson describes how on one project his company had attacked a bank using this method, had got onto the intranet and searched the word 'password', which garnered around 60,000 results. Information on passwords to the banking systems and more were easily discovered this way.
10.42: Johnson says that he has never failed to hack in to a company that he has been hired to attack. He notes that this is not because he is a genius, but rather it is so easy to do. There are three main attacks that companies fall for, the first of which is user-focused attacks. These are not advanced, it is because a user in the company falls for a fake email, website or wifi network. He says that the only way to prevent this type of attack is through education.
10.36: Security is important, but it is not why companies are in business. Security is a cost, which is where the problem is, Johnson says. There are two reasons why security issues exist. The first of which is that we are overwhelmed, nobody has enough resources to comprehensively cover this. The second reason is that most people don't understand the 'why' behind the attacks, he says.
10.32: Time now for a presentation focussed on security exploits and vulnerabilities around the globe, from Kevin Johnson, founder and chief executive officer at Secure Ideas. Johnson describes his role as breaking into companies, stealing stuff, and then telling them how he did it. The important thing here, he stresses, is that he is doing this with permission.
10.28: What role does government play in financial inclusion? Speaking for the regulators, Jean-Louis says that the Caribbean is a little different as it is a collection of currencies and smaller countries. She explains there is not much interconnectivity in the region, but this is an area they want to work on. She says they are looking for ways to be more connected within the region, rather than having to go to the US when trying to facilitate trade between two Latin American countries.
10.24: Registered mobile money accounts grew 9.13% between 2016 and 2017, Jean-Louis says. Mobile wallets offer fast and secure payment options when compare with traditional financial institutions. But challenges exist. Technology and infrastructure in the region need to catch up with the demands of customers in the region.
10.22: Fintechs offer easily accessible solutions, that are personalised, Jean-Louis says. There are benefits to society from fintechs, accelerating financial inclusion, connecting millions of people in remote areas to the financial system through their mobile phones, and enable international money transfers, for example.
10.18: The next speaker is Georgette Jean-Louis, director general and board member at the Central Bank of Haïti. She begins by saying that as a central banker, growth is her main goal. Financial inclusion is an important pillar of this. She cites Norway's 100% financial conclusion, and compares this to Latin America and the Caribbean's rate of 51%. But in the past two years, the region has experienced a boom in fintech start-up companies. She says they are changing the rules of banking and are more customer friendly.
10.14: Blanco asks Camus how the company deals with data privacy. Camus says that they are built to a European standard - they don't do anything without the consent of the user.
10.11: Destácame profiles people to understand their financial health. Camus says the company's roadmap for the future is a financial ladder, helping people go step by step from the position of a negative credit history to eventually becoming banked. There are two tools the company is using, one of which is utility payment behaviour allows the company to build a proprietary credit score for a person. Second, they offer graduating loans - perhaps of US$100-200 - which gives people the opportunity to build or rebuild their credit history.
10.04: 250 million people in Latin America are unbanked, Camus says. He says the lack of information available on these people makes it hard for banks to identify them or their credit data. Destácame tackles this issue by gathering the data on the people, with their consent of course, which they can then share with them. It allows the people to understand their data and transfer this to the bank, which makes opening an account much easier. The company has operations in Chile and Mexico, In Chile, Destácame hs 600,000 users, and 200,000 in Mexico.
10.00: Blanco introduces the opening session of the day, which is looking at fintechs supporting financial inclusion in Latin America. This session will be delivered in a Ted talk-style, and the first presenter is Jorge Camus, co-founder of Destácame, a digital financial management platform.
9.54: Today's opening remarks come from Ignacio Blanco, Swift's deputy head for Latin America & the Caribbean. He makes the point that financial inclusion doesn't have to be on the fringes of technological innovation. Blanco also notes the upcoming elections in Latin America and how these may change the landscape for financial services in the region.
9.15: Good morning from Miami and welcome to Finextra's live coverage from the second day of Swift's Latin American Regional Conference. Topics on the agenda today include financial inclusion, cyber security, and geopolitics in the region. Proceedings will be getting underway in around 20 minutes, so you have time to catch up on yesterday's highlights if you missed them.