PK Hari Hara Subramanian, CFO, Cognizant, On Navigating FinTech Security And Regulation
In an Interview with BW CFO World, PK Hari Hara Subramanian, Whole Time Director & India CFO, Cognizant Technology Solutions, shares insights on the intersection of security, regulation and innovation in FinTech. Discover his strategies for ensuring compliance while driving seamless user experiences
With the rise of embedded finance, how can tech companies ensure their financial services offerings are secure and compliant, while still providing a seamless user experience?
Embedded Finance has already become an inevitable part of everyday lives and it is helping to reach the financial services to sectors that were underserved by traditional financial services. While Fintech is poised to grow tremendously at the global level, it is estimated that this sector will generate around $200 billion revenue just at India level by the year 2030. Such a scale of impressive growth, accompanied by ever-evolving technology and upgrades to the regulatory framework makes it extremely difficult for the Fintech sector to stay on top of the game. Adding further challenge to the mix is the concern around data privacy and cybersecurity.
If a Fintech entity must remain in business and continue to grow their portfolio, it should be willing to invest in the right areas to address all the above concerns while still being nimble to offer continued upgrades to customer experience. With the increased competition in this space, a positive customer experience would hold the key to not just staying afloat but also to staying on top. Here are some of the key initiatives that the entity should consider implementing:
Proactive alert mechanisms
Leveraging data mining and sophisticated analytics, alongside the scrutiny of various communication channels, enhances the oversight and surveillance of potential financial misconduct. Enhanced discovery tools are capable of scrutinising communications to detect specific word patterns, sentiment, and comprehension, offering substantial benefits to both wholesale and retail entities—such as in-call monitoring, control checks, and handling of grievances. Cutting-edge solutions, underpinned by data and technology, facilitate broader surveillance, expedited response, and heightened efficiency, all at a reduced expense.
Ongoing regulatory assessments
In the rapidly evolving fintech world, it is crucial to proactively assess regulatory changes to ensure compliance. By staying ahead of these changes through regular engagement with regulatory bodies, keeping abreast of global compliance trends, and understanding the impact of new regulations, fintech companies can prepare way ahead to meet an upcoming change and be ahead of the curve to beat the competition too, while maintaining highest compliance standards.
Privacy-by-design
Given the data-intensive nature of this industry, safeguarding privacy and security is of utmost importance. Compliance with data privacy laws, such as the GDPR (General Data Protection Regulations) in the European Union, DPDPA (Digital Personal Data Protection Act) in India and POPIA (Protection of Personal Information Act) in South Africa, is essential for fintech companies. They must embed these regulations into their core operations, which encompasses protecting client information, securing explicit consent for the use of data, and maintaining openness in how data is handled.
Sensitive to Security
Fintech applications are confronted with a wide spectrum of cybersecurity challenges that jeopardise the integrity of confidential user information. Right from the age-old risks of Insider threats, Phishing and insecure APIs, this has expanded (with the advent of high-end tech) to include serious data breaches, ransomware attacks and deployment of Deep fakes resulting in very serious scams and attacks that have cost billions of dollars in recent years. Consequently, fintech entities should continue to raise the bar on security through encryption, robust access controls, detailed audit logs, employee awareness & training and secure code development practices. Getting audited and preparing for certifications such as SOC 2, ISO 27001, and PCI DSS could help to understand the shortcomings and rectify them before it is too late.
Focus on the customer
FinTechs are loved mainly because of the innovative ways in which they eliminate the pains of the end-users. Such solutioning comes by understanding the customers’ financial journeys, motivations, concerns and through engagement with them to understand their pain points. Most of the brilliant solutions come up from a path-breaking idea offered by a customer, who knows the ground reality all too well but is just unable to drive the change. Hence, by embracing user-centric design principles that emphasise simplicity, convenience, and hyper-personalisation, the FinTechs can strive to make financial services intuitive and user-friendly. By providing continuous updates on the app to deliver clear, easily digestible information and helping with simple choices to the customer, FinTechs can craft beautiful user experiences that cultivate trust and loyalty.
Artificial intelligence offers immense potential for personalised financial products and fraud detection. However, there are concerns about bias in algorithms. How can FinTech companies leverage AI responsibly and ethically?
The benefits and efficiencies available through Artificial Intelligence (AI) are now very real & visible and hence every enterprise is trying to quickly adapt and adopt AI at break-neck speed. This trend is giving rise to a worry of “hasty AI adoption by the enterprises” and is one of the top risks occupying the minds of CFOs. If this continues unchecked, AI implementation projects could meet the same fate of large transformation projects – very low success rates hovering around the 30 percent mark.
Those who can successfully blend AI into their organisational fabric have to consider various aspects of the AI-led transformation to ensure that the benefits achieved through such automation would be real and sustainable. Interestingly, these factors go beyond the technical complexity and are in the realm of creating an ethical and responsible AI. We are entering a vital phase in the AI journey, wherein we may be treading in a path that we do not completely know about or have cared to understand in full detail. In a recent survey conducted by Cognizant, it was observed that only about half of the respondents said that their companies have policies & procedures in place to identify and address (AI) ethical considerations. This report also points out another danger of over optimism or a false sense of “being in control”, while the company may not have full visibility of the underlying logic in how the AI operates.
If an enterprise adopts AI without fully understanding the logic built into the system, it can make the enterprise liable for damages and negative publicity to an unimaginable extent. We have already seen a good number of examples where unacceptable bias was built into a product and the solution was being used by the enterprise without even knowing the existence of such a bias. About 99 per cent of Fortune 500 companies use an ATS (Applicant Tracking System) to filter out and shortlist probable candidates from the thousands of profiles that cloud their inboxes. The unacceptable dark side of some ATS tools was exposed in the recent past, when companies got to realise the truth behind the filtering logic – and in most cases, the companies did not approve or agree with such a bias in the first place.
In 2018, Amazon discovered that the hiring software it had been developing for four years was consistently scoring qualified female candidates lower than their male counterparts. The reason behind this discrepancy was straightforward: the AI had been trained on the company’s historical hiring data, which reflected a male-dominated tech industry. Consequently, the software exhibited a preference for male candidates over female ones. Interestingly, during the same year, auditors examining another screening tool found that it rated individuals named Jared, with a high school lacrosse background, more favourably than other applicants. Kerry McInerney, a Research Fellow at the University of Cambridge, says “AI can even perpetuate discrimination when its developers design it to do the opposite..”
Now imagine the extent of harm that can happen to the financial world if such intended or unintended bias crept into the FinTech applications, and it starts wreaking havoc by picking the wrong beneficiary or blocking the fund flow to a deserving beneficiary and so on. It could just destroy the entire economic fabric of a nation, at a speed that is unprecedented and without even anyone getting to realise what is happening or why it is happening. That is the potential threat to the FinTech world that is getting more dominated by AI tools and technologies.
The pace of technological change can be rapid. What strategies can FinTech leaders implement to ensure their teams are continuously learning and adapting to embrace new trends in financial innovation?
The popular quote attributed to Marshall Goldsmith “What Got You Here Won’t Get You There” truly underscores the need for us to stay relevant and up to date, especially in the current scenario of rapid changes in the tech world. Going back in time, the age-old Indian treasure offering enormous wisdom “Srimad Bhagavad Gita” declared very clearly the transitory nature of everything around us, though it was explained in a more philosophical sense. So, if we understand and agree with the transitory nature of things, it just becomes so much clearer & more important to continuously reinvent and reorient ourselves to remain relevant on the world stage.
If we limit this inquiry to the world of Computer programming, we will realise the stark truth of this even better. Though only about 50 popular programming languages are in use today, the history of programming languages shows us that close to about 9000 different languages have been in existence and evolved or have gone extinct. That is a stupendous number, considering the rather short period for which computers and programming has existed.
The pace of change and technological evolution has been even more pronounced in the FinTech sector. Here is an outline of what transpired in the last few years:
Transformation
Fintech has emerged as the leading edge in delivery of innovative financial services and is helping to transform the entire industry. This is facilitated by several factors including AI, Machine Learning, Big Data and Blockchain which have greatly enriched the growth of this sector.
Digitization
Extensive digitization of various processes, activities and of underlying data & documents has pushed up the pace of Fintech evolution.
Supportive Regulatory Framework
Improved engagement and attention of various stakeholders including the Regulators has contributed to the development of a more supportive and conducive regulatory framework.
Customer Preferences
Customers have been leading the charge by demanding more innovative solutions. Various Fintech products have evolved just to keep pace with their expectations and to ease their pains.