How Financial Industry Digital Transformation Streamlines Cyber Security and Compliance

This is the conclusion of our three-part series with Resolute Technology Solutions’ President, Rod De Vos. In part-one, we discussed how wealth management firms are using process automation and artificial intelligence to control costs. In part-two, Rod showed how financial institutions are leveraging data to advance client interests as well as efforts being made to enhance user experience for the client. Part-three concludes with highlighting the key pillars to a successful digital transformation, i.e. cybersecurity and regulatory compliance.

Mitigate Digital Transformation Risks by Integrating Strong Cybersecurity Measures

Interviewer: So I’d like to pivot the conversation of course we’ve talked about using existing data and the customer experience. We’ve covered the trends of process automation leading to AI platforms in some Canadian companies that are already on the cutting-edge of the wealth management digital transformation.

Of course, since the financial crisis of 2008 there’s also been a move towards greater cybersecurity for wealth management firms and I’m wondering have seen any trends around there? Is there anything that you could speak to across your experience?

Rod De Vos: So as wealth management moves toward more digital services being available online, in step with that is security. More layers of security are required to lock that down so that you don’t have the wrong people looking at your accounts. As more goes digital, there’s a massive increase in cyber crimes. It’s expected to rise to six trillion dollars annually by 2021. It’s like 86% of financial services firms are planning to spend more time and resources on cybersecurity in this coming year.

So firms, they’re spending dollars on, basically, broader defense models. With new and ever expanding devices having access to it, including voice-activated ones having to interpret your words in terms of what they should provide you in terms of information.Simple example: we don’t want Alexa telling our account balances to the wrong people.

When a cyber crime happens and someone hacks into getting access to information that they shouldn’t, it can be loss of operational productivity for a firm. For a client it can be loss of identity or identity theft. It could be a long point to recovery if it’s a virus or ransomware. You could lose your ability for business continuity to move to a recovery site. It could be loss of trust in your brand, i.e. the fact that you’ve been hacked.

Thus, firms are spending a fair bit of money on additional ways to strengthen their cyber securities capabilities in order to prevent attacks. They’re going beyond traditional means such as stronger firewalls, network security, anti-virus, etc, and they’re investing in machine learning, biometrics, and to some degree behavioral analytics of mining your data again to determine: would this person really be signing on from two different points in the world at the same time to look at their accounts? Those are just examples.

Interviewer: It’s interesting that you bring up some of the potential losses as a result of compromised cybersecurity. There’s a loss of productivity and potential for bankruptcy, which are of course massive hits. What exactly are the series of steps that a financial services firm needs to start taking right now in order to ensure that they’re protected from cyber threats? Is it potentially people problems and gaps within the way that people are working? Is it technology gaps? Or is it a holistic approach that needs to be taken across the board and there’s actually no single gap?

Rod De Vos: It’s holistic. It’s like anything, so you’re never really [completely] safe. You’re only safe because you’ve protected yourself from what’s available today that you know of. The next virus or the next cyber attack emerges and the software, firewall or antivirus that you’re using may not be up-to-date to defend against those new threats. Its a good idea to use a vulnerability assessment to scan your websites, networks, and apps for any gaps in your security. 

In other words, you constantly have to patch. You constantly update your virus remediation. You constantly do ethical hacks against your own environment to make sure you’re safe. But a lot of it occurs in training your staff for what to watch out for. You involve your customers in the process with two-factor identification (2FA) and enable them to ensure that they are who they are by only things that they know in order for them to access their financial information online.

So it’s a number of processes, from training, actions and technology. But it’s constant, it doesn’t stay fixed. It’s not like I’ve installed a brand new firewall and I’m safe now. It’s an ongoing holistic practice of making sure your environment is protected and your security processes and practices are kept up to date.

Shield Your Business from Breaches and Attacks
Contact Resolute Today!

Ensuring Continued Compliance with Regulatory Demands

Achieving Compliance whilst Controlling Costs

Interviewer: Some of the previous trends we’ve talked about are really about optimizing costs and reducing costs. It seems, of course, that cybersecurity investments are going to be a cost center and are going to drive up the costs of administration and managing customer information and IT in general. Are there any other trends within wealth management that you see driving up costs along those same lines?

Rod De Vos: Yeah, the costs drivers going forward that are increasing for wealth management is also the regulatory role. Trying to keep up with the change in regulations.

The regulatory environment is changing towards improving investor protection. In which case, you’ve got to change your software in order to keep up or you have to use third-party software as another option to integrate with your environment, to assess any regulatory anomalies that you’re seeing and to make sure you’re on side.

The third option, of course, is if you can’t change your legacy systems – if it’s too expensive to change your legacy systems to stay in touch with the regulatory environment or in compliance with them – then you see a trend in wealth management firms to outsource their mid-office or back-office functions.

Interviewer: Now one thing you had spoken about was the integration of third-party tools that could just automate a lot of the process of compliance. Of course, that’s one way of securing yourself from some of these costs as they are increasing. Is it just as easy as isolating a third-party platform, and plugging it into your system and you’re in compliance at a fixed cost? Or is there more involved in being able to automate some of your compliance?

Rod De Vos: No, there’s a lot more involved. Essentially it’s like doing an audit of how you’re managing your clients money, be it process-wise, data-wise or systems-wise. The software has to run against the data that’s in your platform. So it needs to be tightly integrated.

It’s not flexible in that: “I just install this product and I’m good to go and compliant”. It doesn’t work that way. So, it will report things that could be offside, in which case they all have to be explored and investigated. They’re not immediately fixed. Staying in touch with the regulatory environment and being compliant is, again, like the other things we’ve talked about: it’s people, process, and technology. It’s all three and the need for integration.

The Optimal Starting Point for a Financial Firm’s Digital Transformation

Interviewer: So we’ve covered six high-level trends right now that are happening at a technology side for the wealth management industry in 2018. We’ve got the move toward more process automation, which once fully-realized allows the adoption of AI. Some financial institutions are certainly already there.

We have a greater increase in use of data and using that data for greater regulatory compliance and portfolio rebalancing. Leveraging that data to enhance the customer experience through integrating various channel options, both through automation and of course through the omnichannel engagement and being predictive on the financial products to recommend.

Finally, we have some cost-center trends covering the increased need for cybersecurity and to protect yourself while not overspending on cybersecurity and ballooning the cost of IT. Finally, being in compliance with financial regulations that have emerged following the 2008 recession.

Need to Align Your IT Governance, Compliance, and Risk Management with Your Industry?
Request a Free Consultation with Resolute to Get Started!

With these six trends, in your experience, which one is the major driver of discussion at an IT side where institutions are coming to and they’re looking assistance? Or are they all equally distributed across the industry?

Rod De Vos: From a risk perspective you should approach it from the last two: cybersecurity and regulatory compliance are top of mind to most wealth management firms’ boards.    

Cybersecurity is a huge thing on the minds of board members these days in terms of making sure that identity theft and the like are taken seriously. It’s for their clients protection of information.

More automation and better use of data are really powerful things but without cybersecurity and being able to be compliant you won’t be able to operate at all. Because AI and sometimes the use of data is hard for their intangibles to the end investor. The tangible things that they see value in right away is the user experience. So in other words, the customer experience.

Interviewer: Although a lot of these earlier trends are customer-facing and enhance that customer experience and make your financial institution much more enticing and delightful to work with, you don’t want to start going down that path until you’ve locked down your cybersecurity across the board and you have that process either outsourced or automated with full confidence that you can take the step into process automation.

Rod De Vos: They’re all important I’d say, yeah but obviously from a managing risk perspective those two are key: making sure that your data is secure and making sure you’re compliant.

User experience, again, would be next but it also involves the use of mining your data. So it’s a combination of those two.

Interviewer: That’s incredible. Well I think we’ve certainly explored six major trends with plenty of discussion points around them. Certainly appreciate your time and I look forward to coming back and meeting you in the future to discuss some of the additional ways that financial institutions can look at exploring these trends and how the financial industry can make these financial services business technology investments in each of the six trends.


Resolute Technology Solutions offers IT Security Services to shield your critical IT environment from harm. From assessing the state of your vulnerabilities to providing day-to-day security functions, our team is equipped to ensure that your business remains fully operational. To learn how we can begin reinforcing your security requirements, contact us.

IT wealth management



Get Service Pricing

Want to get price ranges for a specific service? Fill out this quick form.

Do You Have a Comprehensive Disaster Recovery Strategy?

Download our DR Readiness guide to see if your business can recover key data in case of an emergency.