Partnerships between financial services firms have flourished in recent months, opening up vast troves of valuable consumer data to financial technology companies.
But an unforeseen casualty from the advent of new data sharing techniques has been compromised data security.
The most recent data leak came from BlackRock. Earlier this month, the financial institution acknowledged it had inadvertently published the names, email addresses and other information of 20,000 advisors online. While no sensitive information was made public, industry experts and regulators, notably the SEC, have warned financial services industry to take extra precautions securing the access to client information.
State Bank of India is the financial sector leader in India was mired in controversies as its data servers in Mumbai were found to be accessible to public. State Bank which is considered to be one of the best banks having risk management teams exposed its servers vulnerable to data theft and hackers. A security researcher found the data server was not protected by a password or any kind of other security measures. The server was essentially an open book to anyone on the Internet with the right skills to grasp bank data of millions of people. The security researcher then contacted Techcrunch and gave the publication all the details.
The security researcher was able to track transaction details in real time. Regtech companies with understanding of the regulatory compliance related to cybersecurity are seen as the booming new regtech innovation. These Regulatory Technology (Regtech) companies come up with innovative methods of penetrating the servers of the banks and help the banks in managing the big data of their customers.
It was fortunate that the data was not stolen, according to the research published by a forensic accounting firm Indiaforensic, the stolen data leads to money laundering in the digital world. There are underground internet market places where this data is traded.
In the countries like India, data leakage should not only attract penalties for violation of regulatory reporting norms but should also lead to extensive and additional regulatory requirements from Reserve Bank of India.