BankThink

Bankers must confront security risk of remote work

The near-overnight shift to hybrid work in 2020 was challenging for all organizations, and the world’s financial institutions were no exception. However, financial services organizations have been remarkably resilient compared to other industries. A global survey of more than 1,000 C-suite leaders categorized 26% of financial services organizations as leaders in operational resilience, more than any other industry observed. Even so, workplace and productivity were cited as major areas of upheaval for financial services organizations, as nearly all employees shifted to remote working.

So, what are those top resiliency leaders — the 26% of financial services organizations that have mastered operational risk management — doing right? The banks that have successfully stayed resilient and mitigated risk amidst the pandemic are focused on three key areas: the cybersecurity challenges brought on by remote work, utilizing engaged employees to combat risk and integrating data to optimize workflows.

A newly dispersed workforce illuminates the critical cybersecurity challenges facing financial services organizations: employees previously centralized within one network are now accessing sensitive information remotely through different connections. In response, companies have raced to fortify their systems against new vulnerabilities from opportunistic bad actors — and the cybersecurity responsibilities fall almost exclusively to IT teams.

The laptop, which has always been considered a high-risk end point, is now joined by an ever-increasing list of other vulnerabilities, from outdated wireless router firmware to other exploitable devices like cameras and smart speakers. IT teams must even consider implementing edge-case policies, such as forbidding employees from sharing their wireless networks with their neighbors. Communicating these policies is already challenging in an in-person environment; hybrid work complicates it tenfold.

The sheer number of vulnerabilities has put a premium on being able to monitor risk across functions in real time. This not only reduces the overall cost of compliance; it also allows IT teams to respond to breaches with greater speed and efficacy.

Employees are any organization’s greatest asset — and this is especially true in the case of safeguarding data. While a hybrid workforce presents a new set of risk factors, remote employees are not inherently a liability. In 2021, security threats are omnipresent, and virtually all employees — at all levels, across a variety of organizations — could be susceptible. The way an organization’s risk management strategy is communicated is paramount: employees throughout every department, from payroll to customer support, must be made aware of potential threats and encouraged to be vigilant for vulnerabilities. For banks and other financial institutions, this responsibility is imbued with higher stakes and even greater meaning: employees handle customers’ most prized assets — their money.

Leading banks have found ways to keep employees informed of risks and educate them on practices that put customers' assets, and those of the organization, in jeopardy. These resiliency leaders have established processes for spotting and flagging potential dangers in their existing workflows. In this model, it’s not just IT or risk departments that practice vigilance, but the entire organization. Risk management is top of mind for all employees, and it’s built into every workflow.

Approaching risk management and digital transformation from a people perspective is critical. Take Standard Chartered Bank, for example, which launched a new HR platform to a remote workforce during the pandemic. The platform was designed to be adaptable to the real-world realities of bank operations, including risk and regulations. It supports more than 160 custom HR services and provides 138 automated services that use digital workflows to manage tasks such as forms, letters and case creation. By replacing obsolete technology and transforming the HR portal using employee insights, research and testing, organizations can better engage employees. Resilient organizations build their infrastructure with employees in mind. These banks ultimately increase their chances of catching and remediating a potential threat before it balloons into an issue that affects both the company and its customers.

The digital acceleration sparked by the pandemic demands a continuous flow of data between disparate departments and operations. Employee hot desk systems need to connect with compliance; IT security teams need full visibility into the entire network of third-party vendors. Suddenly, with the prevalence of digital transactions, it’s not just tellers who need access to customer information at the drop of a hat.

Organizations realize this is a priority. Close to half of financial services companies are already taking steps now, or are planning to modernize IT platforms and ensure compliance, according to recent ServiceNow data on operational resiliency. While that number is impressive in comparison to other industries, the urgency for financial firms cannot be overstressed, especially when sensitive customer data, customer loyalty and the customer experience remain at stake. In the era of remote work, it’s important to remember that the efforts banks have made to implement new workflows to safeguard against data breaches and IT security concerns should apply regardless of where the workforce is located.

The steps that banks have taken to turbocharge digital transformation sparked by the pandemic will continue paying dividends long after most companies are back in the office — even if it's only part time. Potentially even more wide-reaching are the impacts these approaches will have on customers.

While the financial services world has been forced to embrace a kind of proactivity that many found uncomfortable and challenging during the pandemic, adapting to these risks now will improve customer loyalty and retention in the future. Industry-leading banks are leaning into the challenge and taking the new world of hybrid work as an opportunity to think about how processes, technology and digital workflows can be reimagined to better serve the organization, its employees and its customers.

For reprint and licensing requests for this article, click here.
Bank technology Workplace culture Change management
MORE FROM AMERICAN BANKER