The topic of trust marketing has come up several times. People sometimes appear to be living in a post-trust era, in which nothing and no one is beyond blame. Organizations employ stock-in-trade to build trust with their consumers, meaning that how they reach and engage our audiences must be deliberate and courteous. Their data about their prospects and customers is one of the most critical aspects of that relationship. Organizations have vast and ever-expanding data repositories to identify, analyze, engage, and convince individuals. They request that others share information with them to collaborate more successfully. Over time, a sense of trust develops.
On the other hand, the notion of “know your customer” (KYC) is at the heart of developing trusted relationships with clients and key partners in the financial services industry while also protecting the transaction’s integrity. KYC also assures that the businesses they trade with are free of corruption, bribery, and money laundering. Some of the world’s top conventional banks have been hit with the greatest regulatory fines related to a lack of KYC. However, with well-funded neobanks gaining international attention in recent years, they might quickly become entangled in the quagmire if they do not have the necessary policies and technology in place to avoid it. KYC begins with an onboarding procedure to guarantee that a potential customer is not attempting to obtain access to a company account using a false or stolen identity. Unfortunately, while neobanks use methods like KYC to develop trust and sell their brands, some concerns are causing their clients’ trust to erode.
Description of the Issue
With digitalization and the expanding usage of mobile technologies, people have seen a considerable shift in the banking and financial business in recent years. Likewise, customers are migrating away from real cash and toward digital money as they embrace digital financial services. Customers now appear to be more at ease transacting digitally than ever. Neobanks is an example of the shift where financial service providers operate digitally rather than through physical infrastructure, as traditional banks do. The Financial Derivative (2021) indicates that their services are confined to internet-only financial services that deliver cutting-edge and innovative online banking services to their internet clientele. Neobank’s benefits are comparable to typical banks’, although they are restricted to creating savings accounts, payments and money transfer services, lending, and budgeting, to mention a few. Neobanks have a different financial structure and business strategy than traditional banks, removing physical infrastructure and automating banking activities.
However, the digitalization of the banking and financial industries has presented Financial Institutions and Service Providers with significant cybersecurity risks. Wewege, Lee and Thomsett (2020) argue that it has made it easier for fraudsters to launch attacks and get unauthorized access to sensitive data. The banking industry has become more susceptible than ever before due to digitalization and technological improvements. With multiple breaches and thefts occurring each year, cybersecurity has become a key emphasis for the Banking and Financial industries worldwide (The Financial Derivative, 2021). Cybersecurity should be a primary focus for developing new financial actors such as Neobanks, which operate exclusively on a digital banking basis. While Neobanking helps overcome traditional banking issues by making services more accessible and convenient, it poses significant security risks.
According to BeVigil (2022), CloudSEK’s BeVigil, a security search engine, inspected extensively used Neobanking apps and discovered a wide range of security vulnerabilities that led to the disclosure of secrets/sensitive information, risky authorizations that jeopardized user security and tracking systems in apps that resulted in serious privacy breaches. On the other hand, Redrup (2019) argues that after well-funded neobank Judo had to hastily strengthen its defences after one of its directors fell victim to a phishing scam, cyber security experts have warned that the newest actors in the financial services industry, the neobanks, will have a difficult 18 months.
Analysis of the Causes
For organizations of all sizes, rapid technological breakthroughs have opened up vast new areas of potential and efficient resources. The internet is a significant engine of technological progress. The internet has shrunk the world by bringing far-flung objects closer together. The internet has matured into a valuable national resource that plays a crucial role in global defence. These new tools, however, have brought with them unprecedented cybersecurity risks. Cybersecurity has gotten a lot of attention in neobanks during the last decade because of its potential to protect customer data from ever-increasing cyber threats. However, as information technology advances, so do cybersecurity challenges and dangers.
Before the internet and associated technologies, criminological and psychological theories explained why people perpetrated crimes in the real world. Based on these theories, a substantial corpus of empirical studies has been performed to understand why individuals commit crimes in the real world (Akers et al., 2016). Cybersecurity studies is a comparatively recent field of study that aims to examine whether well-established ideas about criminal acts in the real world can be used to analyze cybercrimes in the virtual world utilizing the internet and associated technology.
According to Grabosky (2001), core incentives for criminal activity are universal; consequently, old theories might still be relevant since technology and the internet only provide a new outlet for similar antisocial activities. Furthermore, because many criminological theories are conceptualized as “universal,” they should be in a position to explain a wide range of delinquent actions. On the other hand, () believes that while definite real crimes have clear analogues to cybercrime, some cybercrimes may not be as effectively characterized by traditional theories since such offences need an understanding of computer/internet technology. Studies on the apparent and real attributes of the internet and associated technologies have begun to look into how these characteristics are linked to cybercrime (Lowry et al., 2016). However, most research on cybercrime has focused on whether well-known criminological or psychological theories can also justify why people commit cybercrime.
According to Deterrence Theory, rather than the presence of evil, crime in society reflected weak laws (Stalans and Donner, 2018). Almost every country has criminal laws that cover a variety of cybercrimes. If formal sanctions are imposed in a consistent, harsh, and timely way, the creation and implementation of these laws should successfully prevent criminal activity. Despite this, there has been few empirical research on the impact of deterrence on cybercrime. Deterrence may be hampered by a lack of understanding of what constitutes cybercrime and the severity of the penalties for these crimes (Stalans and Donner, 2018. Most individuals are unaware of the illegality of numerous online acts and the penalties connected with certain cybercrimes, similar to the public’s lack of understanding of the severity of punishment for crimes in the physical world.
Cybercriminals are rational and hedonistic, according to Routine Activity Theory. According to Miró (2014), the possibility of committing a crime occurs when a motivated criminal, a suitable victim, and a lack of adequate supervision all come together in time and location. Although some have contested the application of regular activity theory in the context of cybersecurity, Holt and Bossler (2013) argue that the internet is conducive to the convergence of driven perpetrators and eligible targets in the absence of sufficient guardianship. On the web, many driven criminals gain knowledge of vulnerable and ideal targets through group chat or social networking sites exchanges. They may explore new inertia and important targets by hacking flawed firewalls on computer systems containing financial accounts or other unsecured and sensitive information.
When there is a lack of cyber guardianships such as password protection, Holt and Bossler (2013) argue that cyber-criminals and cyber-victims interact through networking devices and internet connections, rather than meeting in real-time and place. According to other studies, spending more time online increases the danger of consumer phishing and malware assaults (Reyns, 2013). Spending time on targeted communication such as email or Skype increases snooping cyber threats, and financial fraud. Bossler, Holt & May (2012) support this claim by asserting that, spending more time online, especially on message boards and social networking sites, and risky behaviour such as sharing passwords with friends or sharing sensitive data with strangers increases the likelihood of cybercrime.
According to the General Strain Theory, individuals may suffer strain due to failing to achieve a positively valued goal, losing favourably valued stimuli, or being exposed to undesirable stimuli Agnew (2017). When individuals are stressed, they experience negative emotions such as depression, which escalates criminal activity without pro-social coping strategies. According to Agnew (2017), people are more likely to commit a crime when stress affects crucial personal areas, when appropriate coping skills and resources are inadequate, when conventional social support is absent, and when preferences to commit crime are prevalent. In the context of cybercrime, those who are financially strapped may resort to cyber theft or phishing methods. For instance, stress and anger were associated with cyberbullying behaviour, according to Patchin and Hinduja (2011), which reinforces the theory. Persons in troubled marriages may also choose to hack into their spouse’s digital banking accounts due to the anger associated with their troubled marriages.
Critical Discussion of the Challenge
Cybersecurity is one of the most pressing concerns for neobanks today. Cyberthreats have increased in recent years, coinciding with the surge in popularity of digital banking among consumers. Banks must overcome five significant security difficulties to satisfy demand and build confidence with their customers without jeopardizing security. Sensitive data might be in danger if you don’t have a robust cybersecurity strategy. Neobanks cannot afford to hire full-time security staff because of their size and kind of operation. They rely on third parties to ensure that their security meets industry standards.
One of the primary cybersecurity challenges that Neobanks may encounter is a lack of funding and third-party dependence. Cybersecurity necessitates a significant investment. The Financial Derivative (2021) assert that since neobanks are smaller than traditional banks, they typically lack the resources to hire a full-time cybersecurity team to monitor all activity. Their inadequate cybersecurity expenditures and budgets may result in insufficient security measures, exposing them to greater danger. Neobanks, on the other hand, operate entirely online and rely primarily on third-party services to serve their consumers. As a result of the reliance on a third party, the risk exposure is substantial. If third-party providers do not have stringent Cybersecurity measures in place, security safeguards may be breached, resulting in a data breach occurrence.
The other key cybersecurity threats that neobank faces are social engineering, malware, and phishing/pharming. These are threats to obtain a user’s personal information, bank account funds, or other potentially damaging actions. Phishing is one of the most misleading security threats, including creating a fake or “spoof” website identical or almost with a similar name as the legitimate website to steal login information Park (2016). A user may be sent to a fake NeoBank website that seems identical to the actual one, after which they would be requested to submit their login credentials. After that, the user may input information such as banking usernames, passwords, and PINs, among other things. The most scary thing is that there aren’t much neobanks can do about it because the only effective treatment is to educate their customers about the risks. The rising usage of technology brings a more significant number of technological threats. Though the odds of someone’s banking information being stolen are improbable, it is still possible and more likely than if they used a traditional bank.
Critical Discussion of the Solution
Cybersecurity in digital banking is an issue that must be addressed. According to Weston and Kashyap (2021), the banking industry has grown increasingly vulnerable to cybercriminal threats as digitalization has increased. Neobanks face a significant problem in managing cybersecurity and technological risk. Although both traditional and Neobanks can be harmed by cyberattacks and a lack of system resilience, the latter is perhaps more vulnerable. Neobanks provides all of its products and services on the internet. All transactions are done at the customer’s fingertips using the banking application, the single “storefront” for the entire banking service. According to Dan (2020), a corporation must match the demands of a particular market sector while also employing the right technology, business strategy, and organizational culture to be successful. None of these, however, are as crucial as “trust-building.” While one of the primary causes of inadequate trust between Neobanks and their customers is cybersecurity, there must be a reliable cybersecurity solution that does not jeopardize the protection of consumer and financial institution data and money.
As the world becomes increasingly digital, security solutions must become more sophisticated and complicated. They also need to be updated regularly. Neobanks can overcome cybersecurity concerns by implementing adequate solutions and complying with industry best practices. Constantly educating clients about changing risk exposure and maintaining compliance with industry standards (PCI DSS) will go a long way toward protecting the environment and digital company operations. As a result, Neobanks should seek advice from industry professionals before implementing Cybersecurity measures that do not jeopardize the security of customers and the institution’s data and cash. Additionally, Neobanks must use a risk management strategy that combines the ease and convenience of digital platforms and mobile apps with data security, cybersecurity measures, and a highly robust IT infrastructure. Virtual banks can provide creative, dependable, and secure banking services to all of their clients by building trust via cutting-edge technologies for IT delivery and cyberdefense.
Because of the more dynamic business environment of a Neobank, control break testing must be performed more frequently than in a traditional retail bank. Besides, data encryption, safe configuration, timely patching, and a highly robust system design are all required. Risk management, on the other hand, is a shared duty. According to Corander (2021), process owners must be aware of and adhere to the bank’s risk limits. To guarantee individual accountability, a positive risk culture should be formed, including career-related benefits for individuals. Frequent system snapshots, encrypted data transport, and regular patching and review are essential for maintaining a reliable and secure IT environment.
Neobanks throughout the world provide cost-effectiveness, personalization, and a wide range of banking and financial services, all under one roof. Financial inclusion and banking service bundling work together to make banking services more accessible to persons who would not otherwise have access to them. On the other hand, cyberattacks are getting more widespread and sophisticated every year. Consumers are increasingly using the internet for everything from shopping to bill payments. As a result, Neobanks will need to further up their security. Customer security is no longer as easy as using complicated passwords. As a result, in today’s digital banking world, Neobanks must remain at the forefront of cybersecurity advances. Nevertheless, the ability of neobanks to create trust with their customers will depend primarily on how they handle the challenge of cybersecurity.
Admin, 2021. Understanding the cybersecurity challenges faced by Neobanks. Finance Derivative. Available at: https://www.financederivative.com/understanding-the-cybersecurity-challenges-faced-by-neobanks/ [Accessed April 8, 2022].
Agnew, R., 2017. General strain theory. Preventing crime and violence, pp.21-30.
Akers, R.L., 2013. Criminological theories: Introduction and evaluation. Routledge.
BeVigil, 2022. The surge of cybersecurity challenges in Neobanking. BeVigil Blog. Available at: https://bevigil.com/blog/growing-surge-of-cybersecurity-challenges-in-neobanking/ [Accessed April 8, 2022].
Bossler, A.M., Holt, T.J. and May, D.C., 2012. Predicting online harassment victimization among a juvenile population. Youth & society, 44(4), pp.500-523.
Corander, B., 2021. Neobanks: Challenges, Risks and Opportunities.
Dan, LFJSE, 2020. Cybersecurity Awareness and Digital Skills on Readiness For Change in Digital Banking.
Holt, T.J. and Bossler, A.M., 2013. Examining the relationship between routine activities and malware infection indicators. Journal of Contemporary Criminal Justice, 29(4), pp.420-436.
Lowry, P.B., Zhang, J., Wang, C. and Siponen, M., 2016. Why do adults engage in cyberbullying on social media? An integration of online disinhibition and deindividuation effects with the social structure and social learning model. Information Systems Research, 27(4), pp.962-986.
Miró, F., 2014. Routine activity theory. The encyclopedia of theoretical criminology, pp.1-7.
Park, D.W., 2016. Analysis of Phising, Pharming and Smishing Spam Mail Trend and Techniques from Other Countries. International Information Institute (Tokyo). Information, 19(3), p.895.
Patchin, J.W. and Hinduja, S., 2011. Traditional and nontraditional bullying among youth: A test of general strain theory. Youth & society, 43(2), pp.727-751
Redrup, Y., 2019. Neobanks face cyber security struggle to match Big Banks. Australian Financial Review. Available at: https://www.afr.com/technology/neobanks-face-cyber-security-struggle-to-match-big-banks-20190208-h1b06y [Accessed April 8, 2022].
Reyns, BW, 2013. Online routines and identity theft victimization: Further expanding routine activity theory beyond direct-contact offenses. Journal of Research in Crime and Delinquency, 50(2), pp.216-238.
Stalans, L.J. and Donner, C.M., 2018. Explaining why cybercrime occurs: Criminological and psychological theories. In Cyber Criminology (pp. 25-45). Springer, Cham.
Weston, M. and Kashyap, R., 2021. The cyber arms race: How can CISOs win?. Journal of Digital Banking, 6(1), pp.83-95.
Wewege, L., Lee, J. and Thomsett, M.C., 2020. Disruptions and digital banking trends. Journal of Applied Finance and Banking, 10(6), pp.15-56.