Are alternative finance providers prepared for the dangers of cyber crime?
The words “cyber crime” are enough to send a shiver down the spine of anyone involved in running a company with a significant online presence. And yet when we come to discussing the major threats faced by the alternative finance sector, hacking rarely seems to get a mention. Far more prevalent in industry discourse are mispricing, platform failure, fraud and regulatory backlash. Is the danger of cyber crime getting the airtime that it deserves?
The alternative finance sector represents a prime target for hackers. Stacks and stacks of customer data flows through the many platforms, as does an increasingly large volume of client money (much of it invested by retail investors). How resilient are these platforms to the threat of digital attack?
Of course, the issue is not confined to the alternative finance space. In PwC’s 18th Annual Global CEO Survey 2015, 79% of the bosses surveyed cited cyber threats and a lack of data security as a key threat to growth.
PwC has done a lot of work in this space over the past few years. As of February this year, the firm had performed ethical hacking duties for as many as 20 different peer-to-peer lending platforms. We hear that these tests threw up “significant findings”. PwC has repeatedly warned that a high profile incident of cyber crime within the alternative finance space is somewhat inevitable.
Fergus Lemon of PwC conceded in a past column that online financial services providers “are always going to be high priority targets for hackers due to the nature and value of the data they hold”. However, he sees the alternative finance industry’s current level of engagement with ethical hacking service providers as an encouraging sign for the future.
The alternative finance industry is still attempting to force its way irrevocably into the mainstream of financial services. The advent of the Innovative Finance ISA in the UK – set for 6 April – will be a pivotal factor in accelerating that charge. But trust is the key. The UK’s peer-to-peer sector – led by consumer lending outfit Zopa – has gone above and beyond to propagate customer trust. In the early days, Zopa was über conservative around credit assessment, and delivered positive returns to investors throughout the 2008 downturn. Funding Circle was the first platform publish its full loan book online, and seven other platforms in the UK P2P space have since followed suit. The industry’s reputation has been carefully sculpted over more than a decade. One prominent instance of cyber attack could see that reputation unraveled.
On 21 October last year, TalkTalk fell victim to a cyber attack that saw over 156,959 customer details stolen. We’ve since learnt that the incident cost the firm up to £35m. As is to be expected, the attack also resulted in a marked decline in the company’s reputation. TalkTalk’s YouGov BrandIndex score fell off of a cliff in the immediate aftermath of the incident. At so early a stage in its development, it’s unclear whether the alternative finance industry could stomach such a blow. One hopes it won't have to.