Consult Hyperion together with AllClear ID have released a report that forecasts banks to face fines totalling EUR 4.7 billion in the first three years under the new GDPR.
Furthermore, the report GDPR: Banks, Breaches and Billion Euro Fines also predicts the number of data breaches in the European financial services sector over the next three years and corresponding fines under GDPR (General Data Protection Regulation). As result, financial institutions may experience 384 data breaches with fines as high as EUR 260 million per breach.
The figures were compiled from an analysis of historic data breach figures, adjusted for the size of financial institution. GDPR sanction levels were then applied to the data. It was assumed that breaches were at the lower end of the GDPR fine scale, which is EUR 10 million or 2% of global annual turnover.
Under GDPR financial penalties for a data breach are substantial. Institutions can receive fines of up to 2% of the previous year’s global annual revenues for a first offence and 4% for repeat offences where the regulator has previously ordered remedial action. There are also possible criminal penalties for executives deemed responsible.
Furthermore, GDPR’s 72-hour breach notification requirement means managing and responding to a data breach in an open and effective manner is critical. Regulators have significant discretion in the level of penalties they can levy, and are required to take planning, customer notification and mitigation into account in the decision.
To compound the issue, new European regulations such as PSD2, ePR and AMLD4/5 will mandate institutions hold more data and make it available over open interfaces, just when data loss becomes especially dangerous.
With less than a year before GDPR goes live the report advises banks to take urgent action to meet GDPR and other legislative requirements to avoid financial and reputational loss.
A group of India-based banking companies including State Bank of India, ICICI Bank and DCB Bank has opted for Microsoft Azure as their cloud blockchain provider.
All 20 members of the BankChain consortium, which completed its KYC, AML/CTF platform testing in May 2016, will use Microsoft’s Azure blockchain to host the nodes for transactions on their distributed ledger systems.
India-based Primechain Technologies will build the first project to use Azure, which will consist of a closed, permissioned blockchain. The tool will allow clients to share know-your-customer (KYC), anti-money laundering and counter-terrorist financing data.
Several new financial and fintech entities, including JP Morgan, Emercoin and Bitshares have been added to Micrososft’s Azure cloud computing platform. The companies will use the new available blockchain technology as a ‘sandbox’ development environment where partners can interact and experiment with different technologies.
Fiserv has announced that several banks and credit unions will join Zelle, a P2P payments network from Early Warning.
Citizens Bank, Dollar Bank, First National Bank of Pennsylvania and SchoolsFirst Federal Credit Union will join the P2P network through Turnkey Service provided by Fiserv. Previously announced clients include Ally Bank, Bank of the West and BECU.
The Zelle payments network allows customers to send funds from one bank to another using only a recipient’s email address of mobile number. The Turnkey solution by Fiserv centralizes all the P2P services into a single platform.
The Digital Person-to-Person Payments in the U.S.: The Competitive Landscape report by Aite Group shows that financial institutions held 83% of the digital P2P market share in 2016, while alternative payment providers had 17%. The report has also revealed that in 2015 cash and checks were the preferred method of American consumers for P2P payments, highlight that there is room for online payments expansion.
Moneytree, the business that has been able to create a permission-based, data sharing platform, is bringing its platform to Australia.
Moneytree’s alliances with Japanese banks has positioned it to provide an open-API regime, which is in line with some the PSD-2 goals in Europe, and the Australian government’s wish for open banking in the Australian marketplace.
See the AB+F interview with Paul Chapman, Founder, Moneytree here.
Swift has announced that it has implementation plans in place with four of Australia’s major banks to implement is gpi service.
The four banks named, being Commonwealth Bank, Westpac Bank, ANZ Bank and National Australia Bank have all been reportedly signed up to go live or planning the implementation phases.
SWIFT gpi seeks to improve the customer experience in cross-border payments by increasing the speed, transparency and end-to-end tracking of cross-border payments.
Over 110 transaction banks from Europe, Asia Pacific, Africa and the Americas are already signed up to use the service and more are expected to join. Thousands of cross-border payments are today being sent using this new standard, bringing immediate benefits to gpi banks and their corporate customers.
Now live, the first phase of SWIFT gpi focuses on business-to-business payments, helping corporates grow their international business, improve supplier relationships, and achieve greater treasury efficiencies. Thanks to SWIFT gpi, corporates can today receive an enhanced payments service from their banks, with following key features:
Faster, same day use of funds*
Transparency of fees
End-to-end payments tracking
Remittance information transferred unaltered
The second phase of SWIFT gpi will enable the digital transformation of cross-border payments, by allowing banks to:
Transfer rich payment data along with the payment, including additional line item details necessary for compliance checks, in an effort to enhance the reconciliation of a payment with multiple invoices.