Story image

Interview: Hitachi Vantara talks challenges of compliance in financial services

10 Oct 2018

The financial services industry is being slammed with the mounting compliance costs as new regulations are enforced.

With its solutions being utilised in the infrastructure of 70% of tier one banks around the world, Hitachi Vantara has been looking for ways technology can help ease the compliance burden.

Techday spoke to Hitachi Vantara financial services, regtech, risk and regulatory compliance affairs global head Nirvana Farhadi recently about the challenges in the industry and how companies are coping.

What is Hitachi Vantara working on with companies in financial services and compliance solutions?

This regtech sector is a new area for us.

The initiative started about three years ago with the idea of incubating solutions in the data privacy area, while we're looking at addressing solutions in the compliance and GDPR requirements within the banking and financial services sector. 

Our traditional business has been in the storage space for financial services, and we're looking to expand our portfolio and look at bridging the gap between technology and line of business within organisations - understanding how the end-to-end business works, automating processes which are manual and tactical in nature, bringing down the compliance costs, and solving their regulatory issues, be it GDPR, AML, regulator reporting, etc.  

What are some of the biggest challenges companies are facing in financial services and compliance?

There are many challenges within financial services and I think the overarching one is the amount of regulation they have been hit with since the financial services collapse.

We've seen a tsunami of regulations hitting financial service firms. 

Compliance at the end of the day is not core to their businesses, they're there to make money and help their clients and customers to have money and achieve that.

But what we have been seeing is that a lot of money has been haemorrhaged into being compliant and compliance costs have been skyrocketing with increased regulations.

Technology is advancing a lot quicker, and the incumbent banks need to be more up-to-speed but they are held back by legacy systems.

They're still running that core infrastructure and they're very brittle systems.

The new regulations and demands that are coming through the pipeline, when they hit, if they touch those legacy systems, they'll break, so what do they do and how do they keep up with the new technology advancements?

Understanding where the data lies is another challenge for these organisations. 

Currently, you see a lot of data in silos, people not knowing where it is.

The compliance officer, for example, needing a certain set of data for the regulator but no one knows where it is.

How can they have access to it? Where can they pull it from?

They have very manual, tactical processes, with no visibility, silos within organisations, legacy systems, these are a lot of challenges as well as the overbearing cost of keeping up with these regulatory changes that are coming down the line.  

Another challenge is keeping relevant as we're seeing more movers and shakers from the other industries moving into financial services like digital banks, for example, the likes of Googles, PayPals, Apple Pay - those are financial services businesses as well.

How can companies overcome these challenges?

Regtech is something that is relatively new within financial services, although it's been around in other industries for many years in healthcare and pharma - so any industry that's had some kind of regulation.

We've had the technology to help solve and automate for that but in financial services, it's relatively new. 

We’re seeing a lot of new regtech startups popping up within the industry, and Hitachi is one of the founding members of the Global Regtech Council, so we plug into the global network and that footprint and it’s an ecosystem full of different players - the vendors, the consultants, academia, banks, asset managers, exchanges, regulators, and having an open dialogue across the industry to see what are the challenges, how can we help solve them, how can we set standards, how can we harmonise across the board.

So there's a lot of activity going on in that sense in the industry and we are very much at the forefront of doing that and driving those dialogues. 

We're also trying to have the dialogue across the ecosystem with tech vendors and regulators, getting them to understand how the technology works, get their heads around the technology and test them with their regulations against that before it actually goes out as policy, so we participate in tech sprints (hackathons) which are set up by the regulator.

Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Princeton study wants to know if you have a smart home - or a spy home
The IoT research team at Princeton University wants to know how your IoT devices send and receive data not only to each other, but also to any other third parties that may be involved.
Organisations not testing incident response plans – IBM Security
Failure to test can leave organisations less prepared to effectively manage the complex processes and coordination that must take place in the wake of an attack.
65% of manufacturers run outdated operating systems – Trend Micro
The report highlights the unique triple threat facing manufacturing, including the risks associated with IT, OT and IP.