Connect with us
Finance Digest is a leading online platform for finance and business news, providing insights on banking, finance, technology, investing,trading, insurance, fintech, and more. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.


By Ben Bulpett, Identity Platform Director, EMEA, SailPoint

Banking is no longer limited to four walls of a building. In the UK, three-quarters (73%) of consumers now use digital banking channels on a weekly basis, as people grow increasingly accustomed to their ease and convenience. But this isn’t without some downsides. Mobile functionality, blockchain integration and emergence of banking-as-a-service have led to a growing number of cyber threats for organisations, but also a growing burden of compliance requirements. GDPR is reported to have generated €182 million in fines in 2020 alone – on top of evolving FCA regulations.

Ben Bulpett, Identity Platform Director, EMEA, SailPoint

However, meeting compliance requirements doesn’t have to be a cumbersome drain on time. With the right technology in place, it can mean competitive advantage – streamlining operations, driving efficiency, and closing security gaps. Key to this is the use of identity security which can automate processes and permissions in line with changing job roles and responsibilities.

High risk 

Financial services has one of the highest rates of insider data breaches, costing $14.5 million last year alone. Whether it’s a disgruntled employee acting with malicious intent, or an employee accidentally clicking on an unsuspecting link, the level of access that staff have to sensitive information within a business makes them a potential vulnerability. 

This threat is made worse given the banking sector is particularly prone to complex corporate structures and departmental siloes – all of which hinder an organisation’s visibility into different roles, responsibilities, and data access. Combined with the industry’s continued reliance on spreadsheets and manual processes for tracking data access and user identities, and you have the perfect recipe for inaccuracies and inconsistencies. 

Along with creating an auditing and reporting nightmare, this creates gaps in the system prime for exploitation by threat actors who are keen to get their hands on the industry’s lucrative assets. 

Separation of duties 

Control over access is also critical given the importance of separation of duties in banking and financial services to reduce the risk of error and fraud. No single individual can control more than one part of a transaction. For example, an employee can’t both create and pay invoices. Preventing access to one or more of these activities is crucial to preventing the misappropriation of funds

Separation of responsibilities is a well-entrenched concept, but in reality it can prove challenging. Banks typically define what roles are forbidden to overlap, but with the growing number of apps and systems, administration can grow complex and error prone. Not to mention staff moving from role to role through promotions and lateral transfers, which can result in ‘over-permissioning’ or ‘entitlement creep’. Add to the mix all the different logins for various licenses and subscriptions that different employees have access to during their time in an organisation, and the situation can quickly spiral out of control, increasingly the vulnerability of systems to exploitation. 

Identity is the new perimeter 

Getting access requirements right must be a top priority for organisations. Doing so not only means protecting against cyber threats, but meeting compliance requirements and streamlining operations. To achieve this, financial institutions must have the right technology in place that provides them with visibility over who has access to what information and when. 

Using identity security powered by AI and machine learning, processes can be automated and access granted on a need-to-know only basis according to the roles and responsibilities of individuals – no more, no less. An automated system can not only find and disable accounts of ex-employees, it can also rectify access for existing users that is no longer appropriate, depending on movements within an organisation. Critically, it means being able to uncover and mitigate against potential threats fast – such as identifying and putting a stop to out of the ordinary, suspicious behaviour, for example, an unauthorised user attempting to access sensitive files.   

This also reduces the burden of repetitive manual tasks, freeing up IT teams to focus on high-value activities rather than sorting password resets or additional data access, and subsequently provides a cost-effective solution. Automation ensures the accuracy and completeness of data sets so critical for keeping on top of compliance. 

Staying ahead of the game 

Meeting compliance requirements doesn’t have to be a headache for organisations. Through identity security, keeping on top of this can mean competitive advantage in more ways than one – protecting the enterprise perimeter, streamlining operations and ensuring all data and users are properly accounted for. 


Continue Reading

Why pay for news and opinions when you can get them for free?

       Subscribe for free now!

By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Posts