Addressing cybersecurity in financial institution-FinTech partnerships

Partnerships between financial institutions and FinTechs must go beyond the customer value proposition and provide embedded cybersecurity at all stages of the customer journey. Open APIs present an incredible opportunity for financial institutions to acquire, engage and transact with customers as well as for FinTechs to introduce new technologies and improved customer experiences. However, both financial institutions and FinTechs must be aware of the threats presented by the modern technological world as well as their responsibilities to regulators and customers to keep sensitive information and funds safe.

Protecting against threats requires an ecosystem-wide approach to cybersecurity that includes vetting partners, granular monitoring of API usage, verification of partner systems and tokenization of sensitive customer data with a token or placeholder. Moreover, financial institutions and FinTechs must develop comprehensive security incident and event management (SIEM) capabilities that include response and notification policies and procedures. Building strong and trusted three-way (financial institution-FinTech-customer) relationships will ensure that all three can grow together, reaping the benefits of new technologies and opportunities in a safe and responsible way.