Fintech
Data protection gaps in fintech
In our previous article, “Regulatory gaps in Nepalese fintech” (March 14, 2024), we discussed some regulatory gaps in fintech. In this article, we will focus on regulatory gaps mainly related to cybersecurity and data protection that Nepal Rastra Bank (NRB) needs to fill quickly. The fintech ecosystem in Nepal is growing, but remains fragile in terms of cybersecurity and data protection. The NRB Regulation should promote fintech innovation while also considering the importance of data protection and security.
Technology evolves and with it so do cyber attacks. In 2019, hackers stole nearly 18.9 million rupees from 13 Nepalese banks using ATM terminals. They spoofed the Nepal Electronic Payment Systems Limited (NEPS) link using fake cards, which allowed them to withdraw money from ATMs by independently verifying all customer information of the Nepalese bank. This incident was one of the most notable cases of cross-banking transactions via ATM hacking and could happen again. Therefore, the NRB should be aware of such incidents. The court decided to punish the perpetrators of the crime; however, since it was not a physical loot, a detailed investigation to uncover the root cause would have been an appropriate action by the central bank. Such investigations could provide insights and further strengthen the system security of such banking and financial companies and institutions in Nepal.
Article 44 of Payments and Settlement Regulations, 2077 (First Amendment, 2080) addresses the liability of payment system operators (PSOs)/payment service providers (PSPs) in the event of disputes or any other losses resulting from incidents such as cyber attacks. However, the absence of explicit guidance on the extent of liability raises concerns. For example, a PSO with a paid-up capital of 50 million rupees must be given clear guidelines on its liability in a worst-case scenario, or there must be a limit on the amount of its clients’ funds it can retain.
Furthermore, it is the right time to introduce a government guarantee fund, such as the Deposit and Credit Guarantee Fund (DCGF), to protect the public from losses resulting from data breaches and other cyber incidents. If the government had established such funds, it would have been more vigilant and strict on cybersecurity measures. This would be a win-win situation for all parties.
Additionally, there are no insurance products available in Nepal to protect businesses against any losses due to data breaches or similar security incidents. Lack of insurance coverage makes businesses vulnerable to hacks and losses. It may be appropriate for the regulator to open a path for Nepali companies to obtain cyber insurance, including from foreign companies, until Nepali insurance companies launch such products.
Similarly, article 45 of the Statute and Directive no. 3 of NRB Unified Payment Systems Directive, 2079, discusses security policies and practices for PSO/PSP. Implementing a uniform requirement for the Payment Card Industry Data Security Standard (PCI DSS) and the International Organization for Standardization (ISO) 27,000 certifications across all financial institutions involved in payment processing would ensure a foundation of data protection, mitigating the risks of cyber threats. The language of the Directive is clear: an authorized institution must adhere to PCI DSS, Europay, Mastercard and Visa (EMV), EMV Contactless Standard, etc. standards. However, a mechanism to ensure that these standards are followed is unclear. If it had been mentioned that certification like PCI DSS is mandatory, it would have made more sense since an independent third party always issues a certification.
Likewise, regulatory requirements always serve as the basis for safety, and these NRB guidelines are the minimum requirements spread throughout the industry. Furthermore, data security is not a matter of just protecting it for a certain period of time; it is a regular and ongoing activity that requires the attention of stakeholders. Likewise, if we look at the websites of most payment-related companies, except for a few big players, we don’t find much information related to their security and related certifications.
It is necessary to introduce a provision requiring each authorized institution to disclose its licenses and certifications, commitment to data security and other related matters on its website and to update it regularly to increase public awareness and invoke dialogue between stakeholders. Similarly, Article 45 of the Statute contains a provision for system audit while also mentioning a provision for an annual system audit. On the contrary, the Directive establishes that a system audit is mandatory after one year of operation and every two years when there are no changes to the existing system. These two provisions are contradictory to each other and the regulator needs to provide clarification on this matter. Two years to conduct a system audit is quite a long time, so payment-related institutions need to conduct at least an annual system audit in light of the increase in cyber threats in the current environment.
Awareness of cyber threats and cybersecurity is an urgent need today as most occur due to human negligence. Social engineering is the most common way intruders can collect data and find loopholes in a payment system. To improve cyber risk measures, you need visibility into your organization’s risk dashboard, covering all inherent risk levels to provide a picture of what is being defended. Finally, continuous monitoring ea proactive approach Risk management is the only way against cyber attacks. The country’s payments industry is still in its infancy, and before something worse happens, all stakeholders must join forces to protect the public interest.
Lloyds Banking Group and Nationwide have joined an ÂŁ11m Series A funding round in Scottish artificial intelligence fintech Aveni.
The investment is led by Puma Private Equity with additional participation from Par Equity.
Aveni creates AI products specifically designed to streamline workflows in the financial services industry by analyzing documents and meetings across a range of operational functions, with a focus on financial advisory services and consumer compliance.
The cash injection will help fund the development of a new product, FinLLM, a large-scale language model created specifically for the financial sector in partnership with Lloyds and Nationwide.
Joseph Twigg, CEO of Aveni, explains: “The financial services industry doesn’t need AI models that can quote Shakespeare, it needs AI models that offer transparency, trust and, most importantly, fairness. The way to achieve this is to develop small, highly tuned language models, trained on financial services data, vetted by financial services experts for specific financial services use cases.
“FinLLM’s goal is to set a new standard for the controlled, responsible and ethical adoption of generative AI, outperforming all other generic models in our selected financial services use cases.”
Robin Scher, head of fintech investment at Lloyds Banking Group, says the development programme offers a “massive opportunity” for the financial services industry by streamlining operations and improving customer experience.
“We look forward to supporting Aveni’s growth as we invest in their vision of developing FinLLM together with partners. Our collaboration aims to establish Aveni as a forerunner in AI adoption in the industry, while maintaining a focus on responsible use and customer centricity,” he said.
Treasury Risk Consulting Firm White Matter Alert On Monday he announced the acquisition of a 90% stake in the fintech startup Fair payment for an undisclosed amount. The acquisition will help White Matter Advisory expand its portfolio in the area of cross-border remittance and fundraising services, a statement said. White Matter Advisory, which operates under the name SaveDesk (White Matter Advisory India Pvt Ltd), is engaged in the treasury risk advisory business. It oversees funds under management (FUM) totaling $8 billion, offering advisory services to a wide range of clients.
Improve your technology skills with high-value skills courses
| IIT Delhi | Data Science and Machine Learning Certificate Program | Visit |
| Indian School of Economics | ISB Product Management | Visit |
| MIT xPRO | MIT Technology Leadership and Innovation | Visit |
White Matter Advisory, based in Bangalore, helps companies navigate the complexities of treasury and risk management.
Fairexpay, authorised by the Reserve Bank of India (RBI) under Cohort 2 of the Liberalised Remittance Scheme (LRS) Regulatory Sandbox, boasts features such as best-in-class exchange rates, 24-hour processing times and full security compliance.
“With this acquisition, White Matter Advisory will leverage Fairexpay’s advanced technology platform and regulatory approvals to enhance its services to its clients,” the release reads.
The integration of Fairexpay’s capabilities should provide White Matter Advisory with a competitive advantage in the cross-border remittance and fundraising market, he added.
The release also states that by integrating Fairexpay’s advanced technology, White Matter Advisory aims to offer seamless and convenient cross-border payment solutions, providing customers with secure options for international money transfers.
Rakuten (Japan:4755) has released an update.
Rakuten Group, Inc. and Rakuten Bank, Ltd. announced a delay in the reorganization of Rakuten’s FinTech Business, moving the target date from October 2024 to January 2025. The delay is to allow for a more comprehensive review, taking into account regulatory, shareholder interests and the group’s optimal structure for growth. There are no anticipated changes to Rakuten Bank’s reorganization objectives, structure or listing status outside of the revised timeline.
For more insights on JP:4755 stock, check out TipRanks Stock Analysis Page.
You are reading Entrepreneur India, an international franchise of Entrepreneur Media.
White Matter Advisory, which operates under the name SaveDesk in India, has announced that it is acquiring a 90% stake in fintech startup Fairexpay for an undisclosed amount.
This strategic move aims to strengthen White Matter Advisory’s portfolio in cross-border remittance and fundraising services.
By integrating Fairexpay’s advanced technology, White Matter Advisory aims to offer seamless and convenient cross-border payment solutions, providing customers with secure options for international money transfers.
White Matter Advisory, known for its treasury risk advisory services, manages funds under management (FUM) totaling USD 8 billion.
Founded by Bhaskar Saravana, Saurabh Jain, Kranthi Reddy and Piuesh Daga, White Matter Advisory helps companies effectively manage the complexities of treasury and risk management.
The SaveDesk platform offering includes a SaaS-based FX market data platform with real-time feeds for over 100 currencies, bank cost optimization services, customized treasury risk management solutions, and compliance guidance for the Foreign Exchange Management Act (FEMA) and other trade regulations.
Fairexpay is a global aggregation platform offering competitive currency exchange rates from numerous exchange partners worldwide. Catering to both private and corporate customers, Fairexpay provides seamless money transfer solutions for education, travel and immigration, as well as simplifying cross-border payments via API and white-label solutions for businesses. Key features include competitive currency exchange rates, 24-hour processing times, extensive currency coverage of over 30 currencies in more than 200 countries, and secure, RBI-compliant transactions.
“Trump’s BTC strategy will cause a huge price explosion” – Mark Yusko
“President Trump has opened the floodgates! Millions of people will buy BTC in 2025” – Brian Armstrong
💎 Hidden gem warning: $ fatty of Fatbot could be the 80x winner of Q1! 🤑
Jeff Booth: This is Trump’s BTC strategy no one’s talking about”
Larry Lepard – The impending bubble burst will be absolutely huge for Bitcoin
Switchboard Revolutionizes DeFi with New Oracle Aggregator
Fintech unicorn Zeta launches credit as a UPI-linked service for banks
đź‘€ Lido prepares its response to the recovery boom
Latest Business News Live Updates Today, July 11, 2024
Is Zypto Wallet a Reliable Choice for DeFi Users?
“Trump’s BTC strategy will cause a huge price explosion” – Mark Yusko
“President Trump has opened the floodgates! Millions of people will buy BTC in 2025” – Brian Armstrong
💎 Hidden gem warning: $ fatty of Fatbot could be the 80x winner of Q1! 🤑
Jeff Booth: This is Trump’s BTC strategy no one’s talking about”
Larry Lepard – The impending bubble burst will be absolutely huge for Bitcoin
-
DeFi6 months agoSwitchboard Revolutionizes DeFi with New Oracle Aggregator
-
Fintech9 months agoFintech unicorn Zeta launches credit as a UPI-linked service for banks
-
DeFi9 months agođź‘€ Lido prepares its response to the recovery boom
-
News7 months agoLatest Business News Live Updates Today, July 11, 2024
-
DeFi6 months agoIs Zypto Wallet a Reliable Choice for DeFi Users?
-
Fintech6 months agoFinTech LIVE New York: Mastercard and the Power of Partnership
-
News8 months agoSalesforce Q1 2025 Earnings Report (CRM)
-
DeFi6 months agoEthena downplays danger of letting traders use USDe to back risky bets – DL News
-
News9 months agoThink Finance Loan Repayment Scam Victims to Get $384 Million
-
ETFs9 months agoGold ETFs see first outing after March 2023 at â‚ą396 cr on profit booking
-
Videos9 months ago“We will enter the ‘banana zone’ in 2 WEEKS! Cryptocurrency prices will quadruple!” – Raoul Pal
-
Videos9 months agoPREPARE! Millions of People Will Buy Bitcoin When the “ULTIMATE COLLAPSE” Begins in 2024 – Larry Lepard