The BBA is now integrated into UK Finance. Please go to www.ukfinance.org.uk for new content and updates from UK Finance.
Material published by BBA prior to 1st July 2017 is still available on this website.
From 1 July 2017, the finance and banking industry operating in the UK will be represented by a new trade association, UK Finance. It will represent around 300 firms in the UK providing credit, banking, markets and payment-related services. The new organisation will take on most of the activities previously carried out by the Asset Based Finance Association, the British Bankers’ Association, the Council of Mortgage Lenders, Financial Fraud Action UK, Payments UK and the UK Cards Association.x
In today’s climate of unprecedented political and socio-economic change it is more imperative than ever that companies equip themselves for the uncertainty of the future. Unexpected outcomes such as the United Kingdom’s historic decision to vote for Brexit has stimulated controversy and speculation on what this means not just for the UK and the European Union, but also for the rest of the international community. Inevitably, the political debates and questions will continue to dominate for the foreseeable future, but one thing is certain: now more than ever the need for resilience in all aspects of business activity is essential for organisations to be successful in our brave new world.
This includes the fight against the ever-growing threats from Cybercrime. Whatever the circumstances, organisations need to ensure they are protected against vulnerabilities and attacks; Cyber Security must therefore still remain a top priority for Governments, businesses and individuals.
Cybercrime is estimated to cost the global economy over $400 billion per annum and it is predicted that this will rise to $2 trillion by 2019. For cyber criminals this is an increasingly lucrative and attractive low risk business as organisations struggle to keep abreast of the evolving Threat landscape. In view of this, out of necessity countries are stepping up efforts on introducing information protection regulations, more stringent data legislation and evolving compliance requirements with regards to industry governance.
One recent example is the upcoming European Union (EU) General Data Protection Regulation (GDPR), which will see harmonisation of current local data protection laws between EU Member States. Any organisation processing data, or collecting personal data, that includes that of EU citizens, will need to be compliant with the GDPR or similar ‘adequacy’ requirements and work with the nascent EU-US Privacy Shield. This means companies need to be investing and preparing themselves now if they still want to be in business with the EU and its Member States when GDPR takes effect in 2018. Governments and Regulators are also reviewing compliance-driven industry-related standards and regulations. They are especially concerned in light of some of the more spectacular data breaches that have been hitting the headlines in recent years. In the United States a heavily debated proposed Bill, the Cybersecurity Disclosure Act of 2015, would require US publicly listed companies to disclose who on their Board has cybersecurity expertise. It is also not surprising that UK MPs are now considering acting against Cyber-negligent boards.
International standards which cut across all sectors and industries, such as ISO/IEC 27001, regarding Information Security Management, introduce key risk management concepts to businesses, such as mandatory controls in a variety of areas including physical and environmental security and asset management. Compliance based standards such as the Payment Card Industry Data Security Standard (PCI DSS) – dictate a minimum level of security protection for all entities that store, process, or transmit cardholder data, ensuring there is a baseline level of good practices which companies must abide by, in order to enter and operate within the industry sector.
In today’s world, no organisation can afford to take its eye off the ball and Cyber Security should not fall down the Board’s agenda in the war of competing business priorities. Risk management and good governance are inherent in any holistic Cyber Security Strategy, and conducted effectively, provide market differentiating business enablement. Now is the time for all businesses to make sure their house is in order, and that they are not unnecessarily exposed or vulnerable to a Cyber-attack.
Templar Executives has over 10 years’ experience in providing strategic advice and holistic Cyber Security services and solutions to Governments and FTSE 100 companies; if you would like to begin a discreet conversation on what Templar can do to support your business.