Balancing customer experience and security has become even more critical in today’s digital banking world, but how well is that being accomplished in the region?

The pandemic has permanently changed the way we engage with our financial services providers in South-east Asia.

With more consumers embracing emerging technologies and financial services organizations pivoting to respond faster to their needs, VMware recently launched its Digital Frontiers 3.0 study that explores consumer behaviors, preferences and attitudes towards digital services and experience in 2020 to help organizations better navigate the digital-first environment today.

DigiconAsia discussed some key findings of the study with Guru Venkatachalam, Vice President and Chief Technology Officer, Asia Pacific and Japan, VMware.

Guru Venkatachalam, Vice President and Chief Technology Officer, APJ, VMware

From the study, two major hurdles in Southeast Asia for digital financial services are concerns over security and less-than-stellar customer experience on apps. What should financial service providers focus on to clear these hurdles that seem centered on the issue of trust?

Guru: Customer experience and security.

When it comes to customer experience, banks used to present a very product centric view (which is a very bank focused view) to customers. A new breed of innovative players has since turned this completely around by focusing on the customer. It was about being where the customer is – inserting the service into the moments at the right time and right place. For example, being able to make a payment seamlessly with a tap of your phone instead of going through an arduous process of signing into the bank’s mobile app and navigating through multiple screens. 

FinTechs have also innovated the ecosystem by looking at the overall customer journey and making use of new capabilities to simplify existing manual processes. In the past, you would have had to send scanned copies of physical documents via email to prove one’s identity or provide bank statements to apply for a credit card. As digital identity verification services become increasingly available, offerings on eKYC (electronic Know Your Customer) verification can now be done in a matter of minutes as compared to days or weeks earlier.

Banks continue to innovate by adopting similar approaches and in some cases, they have gone one step further by incorporating these digital capabilities in their mobile apps. Without a doubt, the banks that are most successful are the ones that are reimagining their platforms by modernizing them, moving to cloud and implementing agile architectures (like microservices). 

Trust has been a key advantage for banks all along. Besides external regulatory requirements, banks have always had a robust set of internal risk and control framework, and continuous auditing processes against these.

However, we all know how the security landscape has changed over the past few years. Incidents of cyber-attacks, massive data breaches, identity theft etc. are all too common. With this ever-evolving threat landscape in the region, financial services organizations should rethink their security approach to deliver best-in-class digital experiences and, most importantly, gain consumer trust.

Below are some steps they can consider:

  • Adopting a proactive security approach: This involves using existing infrastructure in real time—across apps, clouds, and devices—to adapt as it protects data. By learning how to use what is already there in new ways, organizations can unify security and IT teams, and prevent, detect, and respond to threats swiftly and effectively.
  • Minimizing internal threats: Often, insider security issues arise when employees get access to data that they should not—or misuse their clearances and authority. Strict role-based access to data with strong, multifactor authentication can help ensure that even the highest-ranked insiders cannot access data they don’t absolutely need.
  • Ensuring transparency on data use: At least 57% Southeast Asian consumers feel paranoid that organizations are tracking and recording what they are doing on their devices. For transparency, information needs to be prominently displayed, not buried in small text at the end of long consent statements.
  • Meeting compliance standards: Consumers generally approve of privacy laws, challenging companies not only to comply but to let customers know how. The onus is on organizations then to go beyond putting privacy safeguards in place for legal reasons only and do it for ethical reasons.

As the innovation pace picks up, financial enterprises must get developers to focus on building business functionality and delegate workloads to the right platforms to better manage other critical requirements such as security, availability, and reliability.

As we move faster towards the future of banking, modernizing existing application portfolios is a critical part of digital transformation success which will ensure financial services firms thrive in the digital age ahead.

Regulatory compliance can be a double-edged sword where innovation in banking and financial services is concerned. From your experience across the region, what are some examples where regulations are a boost for innovation (e.g. providing a solid framework for privacy, security, and trust) and some where regulations are an obstacle (e.g. wasting time and money on digital technologies that may end up on the shorter end of new regulatory requirements)?

Guru: We have some notable examples in the region where the regulators have taken a proactive approach to identifying the emerging trends in the market and provided a regulatory framework with a light touch to ensure that innovation is allowed to thrive and there are guardrails in place to protect the customers. We are seeing several examples of that. 

Regulators in several countries in the region (Singapore, Australia, Hong Kong, Malaysia and Thailand) have set up ‘regulatory sandboxes’ which allow existing financial institutions as well as FinTechs to experiment with innovative products and services in a live environment with the appropriate safeguards in place. Banks and FinTechs alike have been able to innovate in such a sandbox without having to second guess the regulations. 

We have also witnessed virtually every country in the region making great strides in encouraging FinTechs, Big Techs as well as existing banks to provide innovative financial services by granting Digital Bank licenses to several entities. 

This has been done with an appropriate level of guardrails in place (the experience of the entities with digital technologies, adequate levels of capitalization, the kind of services permitted etc.) with the aim of protecting consumers. As a result, we have already seen these new entrants making an impact in countries like Hong Kong and South Korea. 

Ongoing initiatives by the regulators like clarifying the usage of Public Cloud, encouraging the usage of Open APIs to make it easy for other financial institutions and FinTechs gain access (with the consumer’s permission) to account have all fast tracked the speed of innovation in the digital banking landscape. 

A recent example of this innovation bearing fruit is the launch of SGFinDex in Singapore, a service that permits consolidation of a consumer’s financial information and using it to provide insights that was not possible earlier. 

Of course, there would be cases where some may want the regulators to move faster, but at the end of the day, regulators have to provide financial institutions with a hotspot for innovation without compromising on the safety of the financial system and protecting the end consumers.  And this they have done admirably keeping a fine balance between innovation and safety.

How would you help South-east Asian financial institutions with the flexibility, agility and capability to cost-effectively adapt and scale as they navigate the fast-evolving digital risk and compliance landscape?

Guru: Over the last two years, many South-east Asian financial institutions have had to readily respond and adapt to a monumental shift in the digital risk and compliance landscape. With consumers demanding for better and secure digital experiences, financial institutions have to bolster their digital transformation journeys with technology tools that do not compromise on costs, resources and stringent risk and compliance management and protocols.

However, architectures are becoming distributed and increasingly multi-cloud, while modern applications will soon outnumber traditional apps. The key challenge for any CIO today will thus be to take advantage of frontier technologies including Cloud and modern applications without introducing more complexity and risk.

Our VMware team has had the opportunity to work with inspiring and leading financial institutions in the region to drive tech-powered transformation, strengthening their digital foundations and deliver any app, on any cloud, to any device. One example is DBS Bank where we have helped their developers to self-provision the infrastructure that they need within the same day and serve their customers quickly. 

For building secure applications, VMware’s Tanzu portfolio provides a platform where security is baked into the entire process using DevSecOps principles. For running the applications and accessing them securely, VMware has products that provide a Zero Trust environment. With VMware Tanzu, financial services firms can experience a faster time to market for new services and updates, improved capabilities, and customer experience.  

Through harnessing the power of partnerships, we will continue to work closely with the financial ecosystem to deliver solutions that will help them manage and distribute workloads seamlessly and modernize their IT infrastructures to scale.