Welcome to Finextra's coverage of the Swift Business Forum Ireland 2019, live from Croke Park in Dublin. The day's agenda promises to explore how Irish financial institutions can capitalise on unprecedented technological change to deliver a truly digital customer experience.
17.20: That concludes the first Swift Business Forum Ireland! Thank you very much for following our coverage here on Finextra.
17.18: Crimmins brings up Brexit, and notes that some financial institutions have moved their European headquarters from London to Ireland. D'Arcy says that he took a position that the UK is not just Ireland's nearest neighbour, but they are friends and family. He said he didn't want to be seen to be poaching companies from the UK, but rather suggested that if companies had a Brexit problem then Ireland could offer them a Brexit solution. He noted that other countries in Europe have taken a different approach to this, but he did not want to be seen to be prospering from the chaos across the Irish Sea.
17.13: D'Arcy says that older members of the financial workforce in Ireland need to be encouraged to remain within the industry by being reskilled with the new technologies that are entering the market. He adds that their experience is very important and this level of education can help retain this.
17.07: How does the 2040 plan look at financial inclusion, Crimmins asks. D'Arcy says that investment in the motorway infrastructure is one example of expansion that connects the country and opens opportunity to all. He adds the 2040 plan is to invest in the island of Ireland as a whole.
17.05: Citing Stripe, Crimmins asks what Ireland to do to retain financial start-up talent in the country. D'Arcy says that what is important is the idea, not where it is based. While Stripe is headquartered in the US, it does employ around 250 staff. This touches on the globalised nature of the world. He adds Ireland is good at ideas, but developing these ideas and entrepreneurship needs to be better in the country to bring these ideas on.
17.02: D'Arcy comments that targeting areas that you are good at is one thing, but developing other areas of financial services in the country alongside what already exists is just as important. He identifies the payments side of the industry as a key growth opportunity.
17.00: Crimmins comes back to the stage for a Q&A. She notes that Dublin has done very well in both Gaelic football and in financial services, how does this get spread around to other parts of the country? D'Arcy says that actually 45% of employees in international financial services in Ireland are outside of County Dublin. The issue he identifies is around talent.
16.55: Talent is identified by D'Arcy as a key focus for Ireland's future as a global financial hub. Education is critical to making this a reality, in terms of both skills and diversity.
16.53: D'Arcy says that AI, blockchain and other new technologies could be as revolutionary to Ireland as the internet was before. The government has established a fintech foresight group to capture the opportunity that these technologies offer, with a variety of stakeholders. He adds that the government is making 'disruptive technology' funds available to develop innovation in this area.
16.45: Russell Saunders, Managing Director at Lloyds Banking Group takes to the stage to introduce Carmel Crimmins, Specialist Editor, Top News at Reuters, who is hosting the closing keynote. D'Arcy then takes to the stage. He explains how Project Ireland will build on success enjoyed to date to extend existing business lines and new innovation.
16.40: A brief refreshment break followed the live hack session, and now attention turns to the day's closing keynote. This session is going to explore 'Project Ireland 2040 - Delivering the next generation of financial services'. The assembled delegates will hear from Michael D’Arcy TD, Minister of State at Ireland's Department of Finance.
16.18: What are the best things banks can do to defend themselves? From a monitoring perspective, it is vital that you do something, Belchamber says. Banks need to be prepared to protect themselves in the real-time environment, and establish what level of protection is suitable for you. Lancaster advises not to click on a link that looks suspicious at all, and make sure you have implemented multi-factor authentification.
16.12: Belchamber says that over time Swift will scale this service, currently most suitable for smaller banks, as well as scale the analytics in this regard.
16.02: An amount aggregation rule allows banks to target a certain amount threshold in a specific time period. This is the way to prevent the 20 x $1m fraud that Broader mentioned as a different option if the single $20m fraud could not get through. You can also look at threshold groupings including beneficiary banks.
16.00: Additional focuses can be added to these rules - controlling certain currencies, or focus on specific countries, for example. Ultimately it can be taken down to an individual BIC or group of BICs, Belchamber says.
15.58: Swift's Screening Utility hosts a payments control service that targets cyber crime. Banks can use this to control the rules they want to write to target the threat. Belchamber says the rules can cover single or multiple BICs, who gets notified if a rule is triggered, and so on. First he looks at the single payment rule. Targeting the $20m payment mentioned by Broeder, banks can use these tools to block any payment over $20m. If a payment is blocked and hasn't been looked at in a certain time period, you can also set rules to automatically abort or process the payment.
15.54: Stealing money requires a smart approach, by avoiding audit controls. There's a choice of sending one message of $20m, or 20 messages of $1m. Having demonstrated how simple it is to do a hack, Broeder hands over to Roy Belchamber, Product Manager, Financial Crime Compliance at Swift to explain what they are doing to fight back against the fraudster.
15.45: With access to the bank's web server, Broader is able to get to work on modifying bank data. He finds a protected spreadsheet, and is quickly able to view the spreadsheet expressed as xml language. By doing this, he is able to find the way to remove the protection on the spreadsheet. Removing the protection, he is able to achieve his goal of modifying data, and then quickly covers his tracks so that the bank would be none the wiser.
15.41: Returning to the port scan screen, Broeder is able to use the discovered password to try to gain access the bank's server. In the live hack he hits a dead end initially, but the port scan screen offers more options to check through. He eventually finds another way in, and is able to launch a website on the bank's web server. By doing this, he is able to find an account that has sudo privileges to the bank's web server. From there, the password to this account can be cracked, allowing the hacker direct access to the bank's web server.
15.29: Getting in to the application, it turns out to be a staff directory which needs a first and last name entered to progress further. From here, it is easy to search the company on a website like LinkedIn in order to come up with names of current employees. This can quickly open the door to the backend database where information such as user ID and the means to discover the password associated with the employee found on LinkedIn.
15.24: The first thing a hacker will try when faced with a login screen is attempt some generic usernames and passwords - ADMIN and ADMIN, for example. If that doesn't work, you can look at the source code of the website, which is incredibly simple to find. Broeder talks the audience through the JavaScript this brings up, which enables him to confirm the user name and find the encoded version of the correct password. By opening a tool on his computer, he is able to translate this into a decimal. From here, you can use a standard such as ASCII [American Standard Code for Information Interchange] to try and convert it back to plain text and therefore discover the password.
15.17: Broeder's live hack will attempt to modify information and steal money, without malware or zero day exploits. He's looking for low hanging fruit, such as bad passwords. He shows how to find a bank's IP address and which ports the bank has open, in seconds.
15.15: Lancaster introduces Stefan Broeder who works as an ethical hacker for Swift's Red Team. The role of the Red Team is to act in the manner of an attacker, to find weaknesses and probe the whole system.
15.13: From a cyber perspective, the bad guys only want to attack banks, Lancaster says. They are only interested in money, and their vehicle to get that is the MT103. They spend 98-99% of their time on MT103s, he says. Each message used to be $10-20m, but now they have come downstream, targeting lower amounts and more messages. They typically transact in US dollars, while the vast majority are based in Northeast Asia, according the Swift report "Three Years After Bangladesh".
15.10: Brett Lancaster, Head of Customer Security Programme at Swift gets the session underway and puts a slide up showing the World Economic Forum's main macro threats to the economy, which has cyber attacks as the third biggest threat. He stresses that cyber criminal actors are serious and persistent threats.
15.05: 'Live hack! No FIs will be harmed in the making of this session' promise the screens around the auditorium ahead of this next session. Every delegate has also been furnished with a Swift-branded security patch that can be placed over their computer webcam. Security is clearly top of the agenda for the next hour or so.
14.41: Time now for a short refreshment break. We will be back in around 20 minutes when there is a live hack on the agenda.
14,40: There is no silver bullet for diversity, Thornton says, as there are layers of complexity. But there are things companies can do - she mentions a women in cyber security programme that Swift launched internally, saying it is important to keep the door open for continual improvement in diversity.
14.35: It is about changing mindsets and attitudes one person at a time, Karthikeyan says. If you think something is missing in your organisation, raise your voice and make it heard.
14.29: In today's complex world, ensuring that your company's decision-making is based on diverse viewpoints is the best way to succeed, Karthikeyan says.
14.26: Thornton says that unconscious bias is a huge blocker to promoting diversity. She says that the ability to question this should be educated at every level. Haugaard recalls a fintech leader who told him about the focus they had on age - not simply hiring young talent straight out of university that you may anticipate for a company of this type, but they also placed value on older workers as they wanted to bring different mindsets and experiences into their organisation.
14.22: What are firms doing differently to avoid a simple box ticking exercise? Karthikeyan says that age is one area that firms can have an inherent bias even if they don't realise this. Questioning inherent biases has to happen at the attitude level - it is not a question about picking numbers, it is about letting the best ideas win, she says.
14.18: Haugaard notes that diversity has to be ingrained in an organisation, it is not simply putting one woman on the board. Thornton adds that new entrants to the workplace are increasingly using diversity as a category they consider when examining the companies that they want to work for.
14.14: A top down approach to diversity is key, Karthikeyan says. You also have to coach your frontline managers, as they have the most impact on day to day working. She says that companies that train and coach these front line managers reap the rewards. This doesn't just have to be internal - you can use diversity as a measure of potential business partners and work with other companies whose diversity outlook is aligned with your own.
14.11: Hearing how women in senior management have got to where they are can help inspire other women and promote inclusion in the workplace, Thornton says. Having this level of openness can build a culture of mutual respect and mutual support.
14.08: Karthikeyan notes that diversity's benefits are understood but not necessarily measured. She cites some research from BCG that found a 19% improvement in innovation revenue that builds for the future with a diversified workforce. A second impact, measured on EBIT, saw a 9% increase for those that invested in diversity. However, while close to 97% surveyed had some programme around diversity, less than 25% of women surveyed around this said that they had noticed a difference. Diversity around policy - how you hire, for example - isn't going to create change on its own, Karthikeyan says. Rather, inclusion has to happen for this to move forward.
14.01: The benefits of gender diversity is brought up on stage, with various surveys being cited about how gender diversity at board level can promote better risk management and help avoid group think.
13.56: Haugaard is joined on stage by Sumitra Karthikeyan, Partner and Managing Director for Boston Consulting Group, Paul Dunne, Vice President with State Street Global Advisors, and Erin Thornton, Swift's Diversity & Inclusion Lead.
13.54: Time now for the next session, which will be moderated by Søren Haugaard, Head of Transaction Banking International at Danske Bank. The topic for this session is 'Transforming financial services through diversity'.
13.51: The relationship between Ireland and the UK will change, but also the UK has also had an effect on the way that countries such as France and Germany have pursued market changes within the EU. Without the UK there, this relationship will also change for Ireland, Headon says.
13.48: Where is the concept of sustainable finance going to be in the next 5-10 years? Headon recalls a presentation around climate change and migration he saw, but while the response to this seems intuitive, the challenge is around recognising this alongside the day-to-day focus on the bottom line that asset managers have. Drawing a line between the two is key.
13.41: The main issue with regulation in the capital markets isn't necessarily the volume of it, Headon says, but rather the clarity in it. There are some things that institutions in the capital markets can do themselves on this, but there is a need for industry utilities in some cases.
13.36: How will technology in the capital markets space be able to deliver on the user experience that is popular in other financial sectors? Capital markets cannot support real-time settlement, says Renyard. Where the market needs to move to is supporting real-time settlement for clients while moving to T+2 or T+1 in capital markets.
13.30: Ireland has a large customer base outside the EU, and it is about to have another large part of its customer base outside the EU, Headon notes. Renyard says there has been an evolution of roles of capital markets staff in Ireland as a result, with a lot of front office capabilities being moved here. Ireland is well placed with the building blocks to thrive in the new world of capital markets, including digital assets, tokenisation of products and driving up volumes, he notes.
13.27: Headon says that the Irish success story has been remarkable, but they have transitioned from an underdog to a market leader, which requires a new approach. He says that problem solving and customer relationships are at a premium in this sector, particularly in the centres where key clients are based.
13.23: Patel asks about Ireland as a global financial centre, and what the competitive strengths of the market are. Nolan says that Ireland has developed a speciality around investment funds, and that industry is now ripe for change, specifically with a focus on the talent pool and new technology in order to be able to bring new digital services to customers.
13.20: Renyard says that key themes in this space involve the derisking of banks, the competition in the exchange space, and collaboration between market participants.
13.18: Time now for a panel discussion, with Patel and Nolan joined on stage by Ian Headon, Senior Vice President at Northern Trust, and Nathan Renyard, Director, European Product for Cboe Europe.
13.16: From 2008 to 2017, assets under management has shown growth, but margin contraction is real - around 2-3 BPS per annum. Nolan adds that another shift can be seen in the type of technologies being adopted - 96% from a different survey quoted believe that their asset management business would be well-served by moving to the cloud.
13.11: The research found that only a few players in the capital markets manage to truly translate scale into value, and that substantial variances exist within sectors. In asset and wealth management, size doesn't seem to matter as much to profitability, Nolan says.
13.06: Patel then invites Diane Nolan, Managing Director - Capital Markets at Accenture to the stage who is going to discuss research that her firm undertook and what this says about the capital markets today. She describes capital markets as a $1 trillion revenue business ripe for change.
13.03: The first session after lunch here at Croke Park is titled 'Globalising the Irish capital markets'. Vikesh Patel, Strategic Relationship Management at Swift, is moderating this session, and he starts by outlining that expertise in capital markets has long been associated with Irish financial services.
12.02: That concludes the conversation around collaboration. It is now time for the lunch break. We will be back at 1pm with a look at the Irish capital markets.
12.01: Where speed is important is around security, Darnley says. The quicker you can see the funds and know you've been paid, the narrower the window for fraud is. McAuliffe says that a service such as pre-validation helps with security too.
12.00: As a treasurer, what is the most important factor with payments? Darnley says that speed of payments is a given factor, but he's not looking for instant payments for its own sake. The real benefit is the transparency and traceability of the process. IATA works with over 70 banks, so being able to monitor the cost of operations is also critical. He is under pressure to deliver a cost efficient service, which is what he is looking for from his banks too. Transparency helps corporates to identify cost inefficiencies and question why these exist.
11.55: Darnley gives the example of making a large payment to an airline first thing in the morning, only to receive a call from the treasurer of that airline a few hours later questioning where the funds were. Darnley was able to speak to his bank and have a transparent view of the journey of the payment from initiation all the way through to it being credited in the airline's account. He was able to furnish the airline treasurer with this information, and suggest they speak to their bank around its notifications capability.
11.50: Everyone's interest is around delivering the best product to the end customer, with gpi being one example of this, McAuliffe says. How do banks work together on this? Hughes says that the vast majority of corporates are mostly concerned with where the money is, so the tracking capability is massively important. With corresponding banking partners, however, they are looking at the directory and seeing the SLAs that are published - they are looking for HSBC to give assurances around which routing is used if it is not the end bank of a transaction. This is helping all banks lift there game, he says, which is improving turnaround time.
11.45: Consumption of gpi information is the exciting part of the project, Hughes says. McAuliffe notes that it is all about looking at what the community can do incrementally to make life simpler and better for corporates. This lets corporates enhance their processes and banks innovate their product offerings.
11.41: Corporate solutions start by speaking to clients to understand their pain points, Hughes says. There are different ways to roll out something like gpi, for example, whether to roll it out across all markets, or roll it out deeper in specific markets. Some of the bank's clients are happy to see the 'tracker' view on the website, others prefer to see it through Swift, for example. HSBC decided to start in one country, launching in the UAE in April 2018. At that time they were offering 30 currencies out of Dubai.
11.35: Darnley says that IATA has cooperated with Swift for a number of years. partnering on the Swift for Corporates programme, using the network to transmit all of their payments. This gave them the ability to be confident in the payments reaching their airlines on time. This is the number 1 KPI for IATA treasury. Darnley says that IATA thinks of itself as a standards setter in the aviation industry, and he draws a connection with Swift playing the same role in financial services.
11.31: Back in 2017, Hughes says client issues revolved around visibility of cross-border payments. Today this is not on the worry list thanks to gpi.
11.28: Darnley says that all airline treasurers say that they want their money faster. This creates a pressure on IATA to continually refine and develop their processes and procedures.
11.25: Following the introduction, McAuliffe welcomes to the stage Stephen Darnley, Corporate Treasurer for International Air Transport Association (IATA), and Marco Hughes, Managing Director, Global Head Core Payments at HSBC, to discuss how they have been collaborating to enable transformation.
11.22: That leads perfectly into the next part of the morning programme, a panel looking at transformation through collaboration. Ryan McAuliffe, SWIFTgpi Specialist, UK, Ireland & Nordics with Swift, takes to the stage to introduce the discussion. He uses a whiskey metaphor to kick things off, remarking on how the reuse of barrels across the whiskey producing industry is used to enhance flavour profiles and potential competitors work together.
11.17: What impact will regulation have on the fintech sector? Van der Poel says this depends on how fintechs view the regulation piece, and at some point they need to make a decision of whether they want to move into the regulated banking space or not. Hayes says he's seen a shift in how banks view fintechs in the past 5 years, from worrying about fintechs eating their lunch to a new focus on collaboration. Hayes says collaboration is crucial and has to be done in a way where all parties win and the consumer receives the biggest benefit.
11.13: Hayes asks van der Poel what role Ireland could have in the cross-border payments space. He says that Ireland is well positioned with a lot of key players in-country, noting that Brexit could help push this even further.
11.11: Despite developments being made across the payments landscape, challenges remain. Van der Poel says that incumbents, innovators and regulators should collaborate in order to overcome hurdles around integration, scalability and regulation in order that new solutions become widely accepted.
11.07: When it comes to digital currencies, van der Poel says that while banks have not been keen on unregulated crypto currencies, the development of Stable Coin - a digital currency backed by a fiat currency that provides instant finality in settlement - is very interesting. He notes that some issues still remain, the bank now has to make two FX transactions, for example, and he questions how scalable this could be, but it is an interesting development.
11.05: The good news is that fintechs entering the marketplace have sizeable investment budgets. Van der Poel notes that payments modernisation is underway. One example of this is being seen in cross-border ACH. This enables access to domestic ACH and real-time payments to provide low cost and fast payment services.
11.01: Next on stage to discuss this subject is Ad van der Poel, Head of Product Management Global Transaction Services, EMEA at Bank of America Merrill Lynch. He starts by says that corporates face challenges around the costs, traceability and transparency of payments.
10.59: Looking at Ireland, Smith says the level of challenger banks and the fintech market is not where it is in the UK, for example, but there is banking-as-a-service infrastructure that incumbents can use to build their own offering. Hayes questions how this would work if budgets are tight, but Smith notes that all banks have R&D budgets and diverting some of this into utilising the cloud infrastructure is one way forward.
10.57: Hayes returns to the stage for a chat with Smith, and asks him how banks that have existed for centuries can take advantage of APIs. Smith says that many are looking at ways to engage with fintechs and essentially build their own challenger bank for their customer base.
10.49: APIs are like conversations, Smith says, they should go two ways. When a payment comes in to Clearbank, for example, they deliver an instant notification via a webhook. Customers value the immediacy of information, he adds. Looking to the future, Smith notes that APIs are becoming increasingly important as more exist. APIs are also driving performance enhancements, enabling new scenario and use cases.
10.46: External APIs are no different, but other businesses and pieces of software can now access your information, allowing quick integration with other systems to create a rich experience. It is a way of leveraging other people's capabilities.
10.43: Smith categorises APIs in two ways - external and internal. He says the most important driver is the internal APIs - a distributed system that allows him to change components, enhance and improve them and replace them seamlessly. This allows you to be far more agile, and deliver value propositions quicker.
10.39: Hayes now invites Andrew Smith, Chief Technology Officer, ClearBank. He is here to talk about APIs - 'software talking to other software to get stuff done', as he sums it up.
10.37: So much of the regulation debate is around the legislation, but Hayes says the delegated acts are just as important. He says getting the balance of regulation right is critical, enough to foster regulation but not to over-regulate the market. There is a great opportunity to use new technologies to focus on customer-centricity, he says, which will help to re-engage the public and move the banking conversation forward.
10.30: The second discussion of the Swift Business Forum Ireland is headlined 'Delivering a fast and frictionless payment experience - Transforming Irish payments'. Brian Hayes, CEO of Banking and Payments Federation Ireland takes to the stage to introduce the topic. He highlights the issue of regulation and how this can be successfully be achieved. He says the past 10 years of EU regulation has been about reducing risk and market fragmentation.
10.09: Time now for a short refreshment break. We will be back at 10.30 for a look at how Irish banks can deliver a fast and frictionless payment experience.
10.05: How do incumbents take on new challenger banks in Ireland? Atak says the focus is on making systems agile, combined with thinking like a fintech. Buckley notes that challengers are a cause for concern, and agility is absolutely vital for incumbents. Breen adds that challengers are winning on the platform of convenience, but that incumbents still have the upper hand when it comes to trust. She says that incumbents need to focus on the customer experience in order to compete, with relevant services key to creating a positive future
9.59: Digital identity is a key innovation that would support the overall digitisation agenda, Buckley says. He talks about visiting Denmark and seeing how it operates there, with people not just using this in their bank interactions but also with government and more. He adds that this could be introduced with baby steps, it doesn't have to be a big bang. Breen notes that Denmark has also used mobile pay as a way to create new mechanisms for efficient payments, cutting the cash used in the economy and removing cheques. She says that sometimes being slower to adopt new innovations can be a positive, as it allows these countries to identify key breakthroughs, such as those in Denmark, that they can target.
9.53: AIB has industrialised customer feedback, Buckley says. He adds that a challenge for all banks is getting innovation in a pipeline that enables them to get products out quickly to customers for feedback but in a safe manner. Atak adds that Citi is focussed on getting concepts out to their corporate clients as soon as possible, with a focus on questioning if they are building the right solutions at the right time for the right clients. She adds that co-creation between the bank and the client is critical in this regard.
9.47: A cultural transformation in banking is required to foster innovation, Atak says. This cannot just come from an innovation lab with a relatively small staff, it has to be a bank-wide push. She adds that the financial crisis led to banks losing some of their innovation muscle, and this needs to be built up again. Breen says that banks must adopt open banking strategies as a priority, embracing innovation to address competition.
9.44: The concept of faster payments is raised, as Kemp notes that this has not advanced as far along as it could have in Ireland. Buckley says that there are constraints, such as the overall regulatory burden, which has taken a lot of the investment budgets of institutions. Breen says there are early shoots of optimism for Irish banks collaborating on instant payments, following a very challenging 10 years of economic challenge and regulatory initiatives.
9.40: Buckley says that Irish banks are now in a place where they look to collaborate with each other, but that this in foundational infrastructure, and could also be with banks from different countries. Breen adds that the innovative environment is also bringing new competitors and challenges to the banking industry, citing big tech companies as one example. Atak notes that Swift is a great example of industry collaboration.
9.37: Kemp says that something observed through the Swift community is the increased willingness of institutions to collaborate. Atak adds that if you think about PSD2 and open banking driven by regulators, it is reshaping the entire financial services industry. With prices in payments coming down, for example, they are becoming a commodity - leading to banks not only partnering with fintechs but also with each other in some areas.
9.34: The spirit of PSD2 is about opening financial services to new competition. Buckley says that a possible unintended consequence of this is that the regulation of third-party providers (TPPs) has made it far easier for institutions such as AIB to work with regulated TPPs.
9.31: Buckley reflects that Ireland is probably about 4 out of 10 on its journey to a digital economy. For Breen, it is closer to 3 out of 10 as she sees that the first steps have only recently been taken. Atak says that countries need to learn from each other, driven by a focus on customer expectations. She adds that corporate demands are increasingly reflecting consumer demands.
9.27: Breen comments that open banking, PSD2 and SEPA Instant Payments are catalysts for the Irish banks, forcing innovation, competition and customer-centric solutions.
9.25: Following some brief introductions of the panellists, Kemp asks where Ireland is in its digitalisation journey. Breen notes that Ireland is a little bit behind some other markets - citing Australia and the UK. She says that the challenging economic environment has caused this, but that there are green shoots of recovery visible today.
9.20: With the event housekeeping complete, Kemp welcomes the opening panel participants to the stage - Recie Breen, Head of Customer Innovation at Bank of Ireland, Niall Buckley, Head of Digital Ecosystems from AIB Group, and Gulru Atak, Global Head of Treasury & Trade Solutions Innovation for Citi.
09.10: Cate Kemp, Head of UK, Ireland and Nordics at Swift, takes to the stage to deliver some welcoming remarks to the assembled delegates. She comments that the financial industry is in unchartered territory. Customer demands and regulatory innovation are driving competition in the marketplace, while financial crime threats evolve at a tremendous pace, using the same technologies that financial institutions are using to innovate with.
08.00: Welcome to Finextra's live coverage of the Swift Business Forum Ireland. We are reporting from Dublin's famous Croke Park, and the event will be getting underway in around an hour.