Cyber security is the biggest risk to overcome to enable better partnering. Respondents report that cyber security (71%) is the most significant risk associated with partnering FinTech firms to innovate, reflecting the stringent data protection and compliance requirements the sector is subject to — and the financial and reputational cost of any lapse. Three-quarters of Innovation Leaders intend to put new service level agreements (SLAs) in place with their partners, to help mitigate these risks.
Our research findings explain why the majority of large businesses in the sector are struggling to move quickly enough — and how that can be changed. Most importantly, our findings tell us how the industry’s leaders are learning to reach hyper-speed.
- Data security is a huge hurdle that needs to be overcome for banks to feel confident about partnering with FinTech firms.
- Large banks and asset managers are fairly unanimous that greater visibility of FinTech firms’ cyber security controls, and KYC processes, would significantly improve their ability to partner with them.
- Cyber security specialists and data scientists are in high demand
What does that mean for your organisation?
Financial institutions and asset managers need to consider how to best address cyber security concerns in the context of partnering with third parties and, in particular, FinTech firms. This will require careful due diligence and controls over access to systems and the data passed to the third party. It also will require robust but practical contractual protection that sets clear expectations around security and what should happen in the event of a cyber security incident. However, this procurement and contractual rigour must be balanced against the need to engage flexibly and nimbly with innovative partners.
How can we support you?
Our team of cyber security specialists can advise on the legal and regulatory requirements surrounding cyber security preparedness and cyber security breaches. Our experience includes advising clients on:
- Information / cyber security policies and procedures and incident management plans
- Dealing with the investigation into and handling of a cyber security or data security incident
- Drafting and negotiating cyber and data security provisions in contracts
- Contracts for the provision of security related systems and services including firewall and monitoring systems and security testing services
- Dealing with IP and information theft
- Managing and advising on litigation risk arising out of a cyber security or data security incident
About the data:
On behalf of Simmons & Simmons, Longitude Research launched an online survey at the beginning of January 2017 and over a 3 month period conducted a series of independent one-on-one interviews that investigated the strategies large institutions are pursuing to accelerate their digital innovation. We have 200 responses (plus 9 in-depth interviews), from senior individuals at international banks (both investment and retail) and asset managers. Of the 200 responses 26% are from UK (London), 25% Germany (Frankfurt), 24% USA (New York) and 25% from Asia (Hong Kong and Singapore).
Find out more at simmons-simmons.com
Follow us @Simmons_LLP
Or on Linkedin