Cybersecurity is the biggest risk to overcome to enable better partnering. Respondents report that cybersecurity (71%) is the most significant risk associated with partnering FinTech firms to innovate, reflecting the stringent data protection and compliance requirements the sector is subject to — and the financial and reputational cost of any lapse. Three-quarters of Innovation Leaders intend to put new service level agreements (SLAs) in place with their partners, to help mitigate these risks.
Our research findings explain why the majority of large businesses in the sector are struggling to move quickly enough — and how that can be changed. Most importantly, our findings tell us how the industry’s leaders are learning to reach hyper-speed.
- Data security is a huge hurdle that needs to be overcome for banks to feel confident about partnering with FinTech firms.
- Large banks and asset managers are fairly unanimous that greater visibility of FinTech firms’ cybersecurity controls, and KYC processes, would significantly improve their ability to partner with them.
- Cybersecurity specialists and data scientists are in high demand
What does that mean for your organisation?
Financial institutions and asset managers need to consider how to best address cybersecurity concerns in the context of partnering with third parties and, in particular, FinTech firms. This will require careful due diligence and controls over access to systems and the data passed to the third party. It also will require robust but practical contractual protection that sets clear expectations around security and what should happen in the event of a cybersecurity incident. However, this procurement and contractual rigour must be balanced against the need to engage flexibly and nimbly with innovative partners.
How can we support you?
Our team of cybersecurity specialists can advise on the legal and regulatory requirements surrounding cybersecurity preparedness and cybersecurity breaches. Our experience includes advising clients on:
- Information / cybersecurity policies and procedures and incident management plans
- Dealing with the investigation into and handling of a cybersecurity or data security incident
- Drafting and negotiating cyber and data security provisions in contracts
- Contracts for the provision of security related systems and services including firewall and monitoring systems and security testing services
- Dealing with IP and information theft
- Managing and advising on litigation risk arising out of a cybersecurity or data security incident
About the data:
On behalf of Simmons & Simmons, Longitude Research launched an online survey at the beginning of January 2017 and over a 3 month period conducted a series of independent one-on-one interviews that investigated the strategies large institutions are pursuing to accelerate their digital innovation. We have 200 responses (plus 9 in-depth interviews), from senior individuals at international banks (both investment and retail) and asset managers. Of the 200 responses 26% are from UK (London), 25% Germany (Frankfurt), 24% USA (New York) and 25% from Asia (Hong Kong and Singapore).
Find out more at simmons-simmons.com
Follow us @Simmons_LLP
Or on Linkedin