According to the Financial Conduct Authority (FCA), financial services firms and banks in the UK are not reporting successful cyber attacks. Indeed, Megan Butler – director of the FCA – confirmed that banks are still not admitting the full scale of cyber attacks carried out every day.
In response to this news, cyber security expert Simon Bain from BOHH Labs, has challenged regulators and banks to adopt innovative technology such as artificial intelligence and machine learning in order to minimise the threat of cybercrime.
>See also: Cyber crime and the banking sector
Earlier this year, Nick Cook, the FCA’s head of data and information operations, said that the regulator was “still learning” how to support the adoption of automated, digitised compliance. The FCA reports that the number of successful cyber attacks has risen from 5 to 49 annually between 2014 and 2017.
Bain believes that placing confidence into newer forms of security will benefit banks greatly: “Machine learning uses a compound set of algorithms to detect patterns and predict outcomes from a large amount of data online. As such, the self-learning capabilities and ability to recognise patterns and anomalies within them, makes AI and machine learning a great tool to detect cyber security threats.”
Bains’ words ring true with Rob Grupperra, the FCA’s head of financial crime, who said that firms are trying to replace humans with AI to detect money laundering, as stated on the FCA’s website. Grupperra mentioned the positive effect such advanced technology would have on firms if they were to replace human monitoring with AI.
“We are chiefly concerned about whether these systems are effective and spot the needles in the haystack,” Grupperra said at an FCA fintech event. “Any bank hoping for a black box in the corner that will sniff out the launderers will be disappointed, but the technology has the capability to better achieve what we all want: keeping finance clean.”
Bain continued: “Increasing the use of AI can greatly minimise the risk of human error in security. As banks and regulators become more accustomed to the fact that AI is capable of handling complex tasks, we will see an increased use in them for security purposes. A wide acceptance of AI in security would relieve some of the tension between banks and the general public, and trust would begin to develop again.”
Additionally, improving bank security requires industry collaboration. As more banks rely on detection solutions, it will be important for them to share the insights they learn during the nearly constant stream of hacks they face daily.
Take virus protection – everyone shares that information publicly and within a few hours the virus is dead. Most banks do not want to disclose to the public incidents of breaches for fear of damage to their reputation and customer loyalty, but without open communication banks are not making progress when it comes to security analysis and preventing future hacks.
Some banks have started to unite behind closed doors, but the financial industry needs to create a knowledge-sharing standard. The reality is that most hackers collaborate, so banks should too.