• Institutions need to gear themselves towards emerging trends of accelerated contactless payments, development of ecosystem and super apps
• Banks are increasingly shifting to SaaS model
• Banks need to invest in infrastructure, people as well as processes to improve their cyber defence

The pandemic has not only accelerated the adoption of digitisation but also highlighted the glaring gaps in financial technology infrastructure, automation and cyber defence that need to be bridged with speed. Raja Gopalakrishnan shares his perspective on evolving industry trends and how banks need to rethink their technology proposition.

Below is the edited transcript of the interview:

Institutions need to gear themselves towards emerging trends of accelerated contactless payments, development of ecosystem and super apps

Neeti Aggarwal (NA): What do you see as the top emerging trends in technology innovation among financial institutions this year especially as an aftermath of the pandemic?

Raja Gopalakrishnan (RG): The pandemic has been a huge driver of so many behavioural changes. So, there's definitely been a seismic shift in the way consumers have been looking at payments. There is more movement towards contactless, less cash, less physical exchange, even when you are doing card transactions at point of sale, you prefer to be contactless so that you don't have to put your PIN in. 

The adoption of contactless across Asia has accelerated dramatically. And this is a seismic shift. This is here to stay. That's one. Two is we are seeing more of an ecosystem being built out. Where you see tech giants, card companies, financial institutions, banks, merchants, corporates of all kinds coming together and partnering together to create and invest in developing the next generation of contactless and mobile payments. That is also driven by a parallel upsurge in things like IoT (internet of things). You are going to see all of these things start to come together smart devices, IoT, contactless, next gen payments. 

From a grassroots perspective is how do you make contactless really get more broad based? You are seeing a lot of countries in Asia now starting to embrace proprietary QR codes as well as standardised QR codes. That's one of the big drivers. Markets such as Thailand, Singapore, Sri Lanka, Philippines, Malaysia, India, and Hong Kong, are all embracing this. And then the last trend which is starting from China, but it's starting to radiate outwards and accelerate, is really the rise of the super app.  In China, we saw super apps bringing together the entire ecosystem, for starting out as social or moving to shopping, logistics, financial services, payments and basically, lifestyle journeys. Those tech giants are radiating out of China into the Asian as well as Western hemisphere driven by the Chinese diaspora. But then you're also starting to see a lot of other players wanting to make the move towards super apps. 

Banks are increasingly shifting to SaaS model

NA: How are banks geared towards these new changes? What kind of changes do banks need in the technology infrastructure to be able to compete with tech giants as well as come up to speed in terms of new services that are emerging in payments?

RG: Traditionally, banks, when they looked at technology and software, the trend in the banking industry has been to own the software. These are called on-prem software kind of transactions, versus the industries today moving to a much more platform-based SaaS (software as a service) model. SaaS is cloud native. It's multi-tenant. It's active, hot, in the cloud, it's dispersed, and it's usually done on new technologies. 

Banks have the ability to step into this level of competitiveness when they are offering financial products to consumers and businesses. How are they going to do that? Obviously, the biggest challenge for banks is the legacy systems and technology debt. 

Technology debt that is related to, if they're still using mainframes, now there's a certain type of structure there. If they are using software which is a couple of generations back, you need to have the people, the processes, the political will to be able to drive towards making these changes. So that's one large challenge that banks face, some banks are taking it head on, while others are obviously lagging behind. 

More banks are moving towards a SaaS pay-as-you-consume kind of a model. 

NA: Some banks in the past have been wary of shifting their mission critical systems onto clouds. Is that something that you are still seeing in the industry? What type of clouds are they adopting - public, private, hybrid and what is the trend that you are seeing in terms of shifting their systems to cloud?

RG: There's three types like you said, there's public, private and hybrid. So you've covered the gamut. The issue is the understanding of the cloud infrastructure versus a legacy data centre infrastructure is still not being completely broad-based. When a lot of people say they don't want to put their mission critical applications on the cloud, there's also a sense of do they know everything that the cloud can do. Because today, the kind of investments, and you think of the cloud it's coming, there are basically three large cloud providers and all three are the giants in the industry. They're investing so much in cloud infrastructure, that today, they're doing the heavy lifting for you. Rather than you have to take a data centre, run the data centre. A bank shouldn't be running a data centre. A bank needs to be outsourcing the data centre or embracing the cloud and within the cloud, you can get private, hybrid public sections, all of the above. 

Obviously, there's got to be a whole lot of education in terms of what the cloud can do. And more importantly, what's your transition path? Right, from physical infrastructure to the cloud. And that's what the focus has to be. So that would be my advice to businesses as they look to leapfrog into next gen.

Banks need to invest in infrastructure, people as well as processes to improve their cyber defence

NA: Cyber and data security remain key concerns and despite continued efforts, the attacks continue and data leaks happen. What do you think is the biggest challenge that banks are still grappling with and what technologies are proving to be more effective in managing these threats?

RG:  Banks have cybersecurity foundation in place for many years. Firewalls, anti-virus, anti-malware, all of that has been in place. But now you're having to take a more proactive approach because hackers are getting more sophisticated. Obviously banks, institutions and governments have to step up in terms of fending off the cyberattacks. So in all key areas that they're focused on is taking a more proactive approach with things like machine learning, AI,  which can help continue to do monitoring of bank systems and programmes to real time forensic analysis. But the hackers are getting more sophisticated, too. Over 90% of attacks are bots. They're just cyber bots, they will continue to keep checking for penetration, they have been programmed otherwise no one can physically do those number of hacking attempts. You've got to keep building and strengthening as it goes. Banks have to detect significant irregularities in the networks or behaviours as they happen. But you also need to do early detection, you got to be proactive to start mitigating all of this stuff. Containerisation is going to help drive that. Distributed Ledger Technology (DLT) is being looked at as a technology for many years to become mainstream now. It's just being used with a few limited use cases right now. But DLT is one area that can help become much more secure. Tokenisation and anonymisation of data all that helps in creating different ways of making sure that even if the hackers do get through, the data is masked. 

We are also starting to see greater collaboration between banks and corporate nation states to share cyber intelligence, build the next generation cybersecurity infrastructure. Every large corporation now has InfoSec officers, privacy officers. So, there's a whole lot of focus and work on it. It's not just technology. It is infrastructure, people, processes, collaboration, as well as money that organisations have to spend to continue to keep shoring up defences.

NA: Thank you very much