FinTech and Cybersecurity

FinTech is a growing industry. Its success lies in offering alternatives to conventional financial solutions through cryptocurrencies, online loans, and robo-advisors. Though it’s a rich tapestry of services that make up the FinTech world, they’re united by one challenge: cyber security. Its unfettered growth on online platforms makes this industry uniquely vulnerable to security breaches.

Regulations can’t keep up with advancements.

The innovations of the fintech world are happening at lightspeed and few competitors can keep up — including regulating bodies. Part of the fintech platform’s success relies on this rapid pace. Unlike their slow and laborious counterpart in the country’s biggest banks, startups can adapt and change on a dime to evolve alongside its users’ needs and expectations.

They’re quick and flexible partly because they aren’t subject to the same regulatory rules as traditional financial services. The household brands of Chase and Bank of America are subject to the Basel Accord, a supervisory mandate that ensures sustainable growth for conventional institutions. There are no such regulations controlling the way FinTech startups conduct their business.

Good governance is profitable for most startups. Security that protects customers from breaches is a selling point — one that appeals to security-minded individuals worried how their personal banking information will be handled by relatively new and unknown companies. Proof that they’re taking the appropriate steps to defend its customers is just as important as the other features that set FinTech startups apart from their traditional counterparts.

But as the gap between startups and financial regulations widen, there grows a risk for careless entrepreneurs to sidestep security altogether. As of yet, no official legislature is stopping them. These companies could prioritise getting to market as fast as possible, even if that means they have to sacrifice cyber security in order to do so.

Some FinTechs follow a self-regulatory framework

While many champions of FinTech believe strict regulations would stifle the innovation powering the industry, others are already employing a self-regulatory framework to their platforms, so they can ensure risk-management and data privacy.

In collecting and storing personal information, client-facing FinTech companies have to protect their customers first and foremost.The challenge then is the way they protect this data. Though they’re disrupting traditional financial channels, many of them have adopted bank-level security measures and fine-tuned them for their digital platforms.

State-licensed lenders, like MoneyKey for example, use industry standard secure socket layer (SSL) encryption and Verified Site Certificates to encrypt any information transmitted between customers and their servers. Acorns, a FinTech company that automates savings, is protected by SIPC insurance and 256-bit SSL encryption. Meanwhile, Chime, a FIDC-insured online banking service, uses 128-bit AES encryption similar to the security used by the US’ biggest banks.

Perhaps not for altruistic reasons

Failure to offer these security measures promises imminent failure for careless FinTech companies. The very nature of their convenient, online platforms makes it easy for its customers to leave. And, don’t forget, these companies service a plugged-in population who, with a few taps of their fingers, can leave an online review. Enough bad reviews can tarnish the company’s reputation.

Potential customers shopping for mobile banks or direct lenders won’t click on a company if reviews warn them not to. When public trust in a startup wanes, it directly affects its bottom line.

Though they may not be held to the same regulations as traditional banks, they must follow privacy laws. If they don’t, they can suffer costly legal issues.

(an excerpt from longer text on: 
https://www.information-age.com/cyber-security-challenges-emerging-fintech-startups-123471506/)