security

2020 NASAA Fintech And Cyber Security Symposium – A Download Of Key Comments – Technology – United States – Mondaq News Alerts


On October 27, the North American Securities Administrators
Association1 held its 2020
symposium on Fintech and Cybersecurity. A key theme of the
symposium was the impact that the pandemic has had on fintech,
cybersecurity, and regulating the financial markets – given
that regulators and securities industry professionals are largely
working from home. The panelists also discussed new technological
innovations that are likely to impact both the fintech industry and
cybersecurity.

Kavita Jain, previously a Director in FINRA’s Office of
Innovation and now the Deputy Associate Director of Innovation
Policy at the Federal Reserve Board, delivered the keynote address.
She started the symposium discussing the role of regulators in
fostering innovation in the financial services industry. Jain noted
the traditional role of banking regulators is to ensure that banks
control for risk. Because innovation necessarily involves new risk,
regulators need to be prepared to monitor the new types of risk
that innovation can introduce. Failing to keep up with innovation
can be a type of risk. Jain commented that regulators can
facilitate responsible innovation in the financial industry by
engaging with key stakeholders, collaborating with other
regulators, and providing regulatory clarity.

The keynote address was followed by four panel discussions.

The first panel, “Algorithms Make the World Go
‘Round,” reviewed some technological advancements in the
financial industry. Shawnna Hoffman, the Global Blockchain Offering
leader at IBM Watson Health, discussed the advent of quantum
computing and the impact that it will likely have. Quantum
computing, which will make computers exponentially more powerful
than they are now, evokes a need for quantum encryption. While less
than 1% of enterprises budgeted for quantum computing projects in
2017, it was predicted that more than 20% of global enterprises
will budget for it in 2023. Usman Ahmed, Head of Global Policy and
Research at PayPal, emphasized the important role that fintech
companies have in providing access to the economy. During the
pandemic, fintech lenders were able to efficiently and safely
onboard new customers, which allowed many small businesses to
access Paycheck Protection Program loans that they would not have
been able access to through traditional lenders. In discussing the
characteristics of fintech companies, Dan Gorfine, Founder and CEO
of Gattaca Horizons LLC, emphasized speed, access, and
“disintermediation” of traditional processes, noting that
regulators historically have regulated through intermediaries, like
banks and brokerages. The panel also discussed the digital dollar
project, which is exploring the potential for a digital based
currency backed by a central bank (Central Bank Digital Currency -
CBDC). Panelists noted that a tokenized dollar could help solve
some issues exposed by the pandemic, like tens of millions of
people awaiting paper checks from the government, while needing to
pay creditors whose bills are automated.

Read More   Cisco releases guides for incident responders handling hacked Cisco gear - ZDNet

The second panel explored how artificial intelligence (AI) is
transforming the financial services industry. While the ability of
AI to recognize complex patterns unrecognizable to humans can be a
powerful tool in the industry, it call also have pitfalls. The
second panel discussed how AI that is premised on partial or
outdated data can potentially lead to data bias. Jake van der Laan,
with the New Brunswick Financial & Consumer Services
Commission, discussed the importance of ensuring that any AI models
are thoroughly vetted and continually tested once they are
implemented. Firms using AI systems need to ensure that there are
guardrails built into the system. FINRA’s White Paper on Artificial Intelligence in the Securities
Industry, in June of 2019, provides some good guidelines in
implementing AI. The International Organization of Securities
Commissions (IOSCO) and the European Securities and Markets
Authority (ESMA) have also published white papers on AI.
Each of these guides provides best practices with AI that are
helpful to consider and implement.

The third panel, “Technology as a Sword and Shield,”
discussed how technology can be used to both perpetrate and defend
against cyber attacks. For example, while AI is used to monitor
transactions and detect fraud, in the hands of the wrong person, it
can be used to enhance phishing scams. The panel emphasized the
importance of continually auditing and testing technology used to
combat cyber attacks. Ruth Hill Bro, the Co-Chair of the ABA’s
Cybersecurity Legal Task Force, said that the volume and
sophistication of cyber attacks continue to grow – and in some
instances are exacerbated by the pandemic, given the need for
millions of people to work from home. The greatest weapon against
threats like ransomware, phishing, and malware is a “culture
of awareness,” since people are often the weakest link in a
firm’s cybersecurity program.

Read More   GAO Highlights Key Tech Security Efforts—and Gaps—at DOD, Confirming Major Government Role - JD Supra

The last panel of the day focused on “Cyber Challenges
During a Challenging Time,” emphasizing the impact that the
pandemic has had on regulating the financial markets and on cyber
security. Dave Kelley, FINRA’s Director of Member Supervision
Specialist Programs – Cybersecurity, said that phishing remains the
number one issue during the pandemic. They have also seen an
increase in the number of imposter websites popping up on the
Internet. Thus, while regulators are regulating from home,
fraudsters are continuing to scheme from home unabated. Professor
Tonya Evans, who is an expert in cryptocurrency and blockchain,
noted that with the pandemic there has been an increased reliance
on technology. Ransomeware continues to be a big issue – as is
blackmail. In both schemes, the perpetrators often demand payment
in cryptocurrency, since the payment cannot be retrieved once it
has been transmitted. Dr. Lorrie Cranor, Professor of Computer
Science, Engineering and Public Policy at Carnegie Mellon, closed
the panel by discussing steps people can take to better secure data
in their remote workspaces – such as never using a password twice
and using two-factor authentication.

Footnote

1. NASAA is a voluntary association whose membership
consists of 67 state, provincial, and territorial securities
administrators in the 50 states, the District of Columbia, Puerto
Rico, the U.S. Virgin Islands, Canada, and Mexico.

The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.



READ SOURCE

Leave a Reply

This website uses cookies. By continuing to use this site, you accept our use of cookies.