1. Newsroom
  2. Cyberprotection: new criterion when choosing a private bank?
UBP in the press 08.10.2019

Cyberprotection: new criterion when choosing a private bank?

Cyberprotection: new criterion when choosing a private bank?

Le Temps (07.10.2019) - Private banking can never rest, and its latest challenge is to combat cybercrime.

After working hard to adapt to changes in private banking over the last 15 years – the disappearance of banking secrecy, the regulatory big bang, the introduction of Automatic Exchange of Information rules – it finally seemed that the industry could look ahead with confidence, focusing on development and digitalisation.

However, like Sisyphus, the industry can never rest, and its latest challenge is to combat cybercrime.

In fact, the challenge is not new at all, and is not confined to banking. However, it is growing all the time. In the last few years, cybersecurity has been the main concern of financial institutions’ Chief Operating Officers. According to an industry joke, there are only two categories of banks: those that have been attacked and those that haven’t yet realised they’ve been attacked.

Cybercrime, whether its aim is to misappropriate money or ruin reputations, poses considerable risks for all types of companies. But the threat is being taken particularly seriously by banks, whose business relies entirely on trust. When Tesco Bank was attacked in 2016, 40,000 accounts were compromised and half had money stolen from them. This resulted in the UK’s Financial Conduct Authority fining the bank £16.4 million for “failing to protect customers”. Since that first large-scale attack, the list of banks affected in Europe has grown to include Santander, Royal Bank of Scotland, Barclays, UniCredit, Bank of Valletta and Metro Bank.

Justified paranoia

The banking industry has entered an era of paranoia, with some justification. Web hackers have much more time and resources than their potential victims, however determined those victims might be to protect their IT systems. On the dark web, cybercrime has become an industry in its own right, with price lists, service providers and sponsors. This can be seen in the way attacks have grown in both number and sophistication. According to Forbes, in just the first half of 2019, 3,800 security breaches were made public, in which the security of 4.1 billion records was compromised.

This is the downside of the ever-more connected world that we have created. The number of potential pitfalls is increasing as technological innovation makes everything more interconnected. In the banking industry, in particular, it should not be surprising that clients want the immediacy, simplicity and efficiency now being made possible by electronic services. Yet the e-banking apps giving them that connection have themselves become a weak link in the system. Well-designed e-banking tools provide solid protection. But hackers will take advantage of any small crack, such as a delay in installing an update, to infiltrate devices.

Banks are spending increasing amounts of money to combat this multifaceted threat. They are customers of a rapidly growing cyber-resilience industry. As well as established software makers, we have seen a proliferation of new service providers, such as cyber-rating agencies that assess a company’s cyber risk on the basis of public traffic data. The resulting ratings are updated daily, forcing companies to make ongoing efforts to maintain a good score. At the moment, these cyber ratings are only accessible to institutional investors. But there is every chance that they will eventually be available to all, and will become a key criterion, like solvency indicators, that private clients take into account when selecting a bank. In the same way as banks must now provide practical evidence of their commitment to responsible investment in order to stand out, they will in future have to show objectively that they are making constant efforts to protect their own data and those of their clients. For the best banks, their cyber ratings will become a marketing tool.

Virtual Vault

Even then, to turn cybersecurity into a positive selling point, banks will have to raise awareness on an ongoing basis, both internally and externally. They must use their relationship managers’ close links with clients to make sure they are fully informed, particularly when setting up e-banking. After all, in a previous era, clients used to ask how secure a bank’s vault was. Today, therefore, it is natural that a bank should take the time to raise clients’ awareness of cyberprotection matters. Internally, as well as the need to ensure that their staff can be relied upon in order to minimise human risks, banks must raise awareness through information sessions, make regular assessments of how employees respond to “phishing” attacks (attempts to gain access to sensitive data through work e-mails), carry out penetration tests and simulate cyberattacks.

Today’s COOs are caught up in a number of technological revolutions, and most of them would admit that they need to remain humble in their efforts to combat cybercrime: no matter how effective the defences they build, it is impossible to eradicate all risk. But they also know that they cannot let down their guard when dealing with such a major challenge.

Discover our expertise

Ian Cramb
Chief Operating Officer

Convertible Bonds

Convertible bonds add convexity to your portfolio

Find out why convexity works in the short-to-long term

Watch the videos

Most read

UBP in the press 17.04.2020

Smug Money podcast: Is impact investing the answer?

Good With Money (25.03.2020) – Our Co-Manager of the Positive Impact Equity strategy Rupert Welchman discusses the importance of impact investing in the current environment.

UBP in the press 23.01.2020

UBP’s remontada

Sphere (01.2020) - At the end of June 2019, UBP's assets under management had almost risen back to the level they reached in 2007, before the financial crisis caused them to fall to CHF 65 billion by the end of 2010. Since then, UBP has doubled in size and laid the foundations for further growth.

UBP in the press 03.03.2020

Discretionary management expertise moves centre-stage

Le Temps (02.03.2020) - Institutional and discretionary asset managers are increasingly using the same decision-making tools and investment techniques.

Further reading

UBP in the press 19.05.2020

How banks are weathering the storm

Le Temps (18.05.2020) - The pressure the COVID-19 crisis has recently put on economies has been a lesson in humility, teaching us how to manage uncertainty and highlighting our weaknesses.

UBP in the press 12.05.2020

“UBP trusts in private markets, less correlated with traditional assets”

Monaco For Finance (23.04.2020) - Sérène El Masri was appointed Site Manager of UBP’s Monaco branch one year ago. Monaco For Finance spoke to her about her impressions of Monaco as a financial centre.

UBP in the press 06.05.2020

Markets may underestimate second wave of infection

Finanz und Wirtschaft (06.05.2020) - Eleanor Taylor Jolidon, Co-Head of Swiss and Global Equity at Union Bancaire Privée, endorses companies that can withstand crises and warns about too much optimism