Tag: cybersecurity

5/5 (1)

Southeast Asia’s banking sector is poised for significant digital transformation. With projected Net Interest Income reaching USD 148 billion by 2024, the market is ripe for continued growth. While traditional banks still hold a dominant position, digital players are making significant inroads. To thrive in this evolving landscape, financial institutions must adapt to rising customer expectations, stringent regulations, and the imperative for resilience. This will require a seamless collaboration between technology and business teams.

To uncover how banks in Southeast Asia are navigating this complex landscape and what it takes to succeed, Ecosystm engaged in in-depth conversations with senior banking executives and technology leaders as part of our research initiatives. Here are the highlights of the discussions with leaders across the region.  

#1 Achieving Hyper-Personalisation Through AI

As banks strive to deliver highly personalised financial services, AI-driven models are becoming increasingly essential. These models analyse customer behaviour to anticipate needs, predict future behaviour, and offer relevant services at the right time. AI-powered tools like chatbots and virtual assistants further enhance real-time customer support.

Hyper-personalisation, while promising, comes with its challenges – particularly around data privacy and security. To deliver deeply tailored services, banks must collect extensive customer information, which raises the question: how can they ensure this sensitive data remains protected?

AI projects require a delicate balance between innovation and regulatory compliance. Regulations often serve as the right set of guardrails within which banks can innovate. However, banks – especially those with cross-border operations – must establish internal guidelines that consider the regulatory landscape of multiple jurisdictions.

#2 Beyond AI: Other Emerging Technologies

AI isn’t the only emerging technology reshaping Southeast Asian banking. Banks are increasingly adopting technologies like Robotic Process Automation (RPA) and blockchain to boost efficiency and engagement. RPA is automating repetitive tasks, such as data entry and compliance checks, freeing up staff for higher-value work. CIMB in Malaysia reports seeing a 35-50% productivity increase thanks to RPA. Blockchain is being explored for secure, transparent transactions, especially cross-border payments. The Asian Development Bank successfully trialled blockchain for faster, safer bond settlements. While AR and VR are still emerging in banking, they offer potential for enhanced customer engagement. Banks are experimenting with immersive experiences like virtual branch visits and interactive financial education tools.

The convergence of these emerging technologies will drive innovation and meet the rising demand for seamless, secure, and personalised banking services in the digital age. This is particularly true for banks that have the foresight to future-proof their tech foundation as part of their ongoing modernisation efforts. Emerging technologies offer exciting opportunities to enhance customer engagement, but they shouldn’t be used merely as marketing gimmicks. The focus must be on delivering tangible benefits that improve customer outcomes.

#3 Greater Banking-Fintech Collaboration

The digital payments landscape in Southeast Asia is experiencing rapid growth, with a projected 10% increase between 2024-2028. Digital wallets and contactless payments are becoming the norm, and platforms like GrabPay, GoPay, and ShopeePay are dominating the market. These platforms not only offer convenience but also enhance financial inclusion by reaching underbanked populations in remote areas.

The rise of digital payments has significantly impacted traditional banks. To remain relevant in this increasingly cashless society, banks are collaborating with fintech companies to integrate digital payment solutions into their services. For instance, Indonesia’s Bank Mandiri collaborated with digital credit services provider Kredivo to provide customers with access to affordable and convenient credit options.

Partnerships between traditional banks and fintechs are essential for staying competitive in the digital age, especially in areas like digital payments, data analytics, and customer experience.

While these collaborations offer opportunities, they also pose challenges. Banks must invest in advanced fraud detection, AI monitoring, and robust authentication to secure digital payments. Once banks adopt a mindset of collaboration with innovators, they can leverage numerous innovations in the cybersecurity space to address these challenges.

#4 Agile Infrastructure for an Agile Business

While the banking industry is considered a pioneer in implementing digital technologies, its approach to cloud has been more cautious. While interest remained high, balancing security and regulatory concerns with cloud agility impacted the pace. Hybrid multi-cloud environments has accelerated banking cloud adoption.

Leveraging public and private clouds optimises IT costs, offering flexibility and scalability for changing business needs. Hybrid cloud allows resource adjustments for peak demand or cost reductions off-peak. Access to cloud-native services accelerates innovation, enabling rapid application development and improved competitiveness. As the industry adopts GenAI, it requires infrastructure capable of handling vast data, massive computing power, advanced security, and rapid scalability – all strengths of hybrid cloud.

Replicating critical applications and data across multiple locations ensures disaster recovery and business continuity. A multi-cloud strategy also helps avoid vendor lock-in, diversifies cloud providers, and reduces exposure to outages.

Hybrid cloud adoption offers benefits but also presents challenges for banks. Managing the environment is complex, needing coordination across platforms and skilled personnel. Ensuring data security and compliance across on-prem and public cloud infrastructure is demanding, requiring robust measures. Network latency and performance issues can arise, making careful design and optimisation crucial. Integrating on-prem systems with public cloud services is time-consuming and needs investment in tools and expertise.

#5 Cyber Measures to Promote Customer & Stakeholder Trust

The banking sector is undergoing rapid AI-driven digital transformation, focusing on areas like digital customer experiences, fraud detection, and risk assessment. However, this shift also increases cybersecurity risks, with the majority of banking technology leaders anticipate inevitable data breaches and outages.

Key challenges include expanding technology use, such as cloud adoption and AI integration, and employee-related vulnerabilities like phishing. Banks in Southeast Asia are investing heavily in modernising infrastructure, software, and cybersecurity.

Banks must update cybersecurity strategies to detect threats early, minimise damage, and prevent lateral movement within networks.

Employee training, clear security policies, and a culture of security consciousness are critical in preventing breaches.

Regulatory compliance remains a significant concern, but banks are encouraged to move beyond compliance checklists and adopt risk-based, intelligence-led strategies. AI will play a key role in automating compliance and enhancing Security Operations Centres (SOCs), allowing for faster threat detection and response. Ultimately, the BFSI sector must prioritise cybersecurity continuously based on risk, rather than solely on regulatory demands.

Breaking Down Barriers: The Role of Collaboration in Banking Transformation

Successful banking transformation hinges on a seamless collaboration between technology and business teams. By aligning strategies, fostering open communication, and encouraging cross-functional cooperation, banks can effectively leverage emerging technologies to drive innovation, enhance customer experience, and improve efficiency.

A prime example of the power of collaboration is the success of AI initiatives in addressing specific business challenges.

This user-centric approach ensures that technology addresses real business needs.

By fostering a culture of collaboration, banks can promote continuous learning, idea sharing, and innovation, ultimately driving successful transformation and long-term growth in the competitive digital landscape.

5/5 (2)

India’s digital economy is on a meteoric rise, expected to reach USD 1 trillion by 2025. This surge in digital activity is fuelling the rapid expansion of its data centre market, positioning the country as a global player. With a projected market value of USD 4.5 billion by 2025, India’s data centre industry is set to surpass traditional regional hubs like Malaysia, Hong Kong, and Singapore. 

This growth is driven by factors such as the proliferation of smartphones, internet connectivity, and digital services, generating massive amounts of data that need storage and processing. Government initiatives like Digital India and the National e-Governance Plan have promoted digitalisation, while favourable market conditions, including cost-effective infrastructure, skilled talent, and a large domestic market, make India an attractive destination for data centre investments.

As companies continue to invest, India is solidifying its role as a critical hub for Asia’s digital revolution, driving economic development and creating new opportunities for innovation and job creation.  

What is Fuelling India’s Data Centre Growth? 

India’s data centre industry is experiencing rapid growth in 2024, driven by a combination of strategic advantages and increasing demand. The country’s abundance of land and skilled workforce are key factors contributing to this boom. 

• Digitisation push. The digital revolution is fueling the need for more sophisticated data centre infrastructure. The rise of social media, online gaming, and streaming apps has created a surge in demand for faster networks, better data storage options, and increased data centre services. 
• Internet and mobile penetration. With 1.1 billion mobile phone subscribers, Indians use an average of 8.3 GB of data per month. As more people come online, businesses need to expand their data infrastructure to handle increased traffic, enhance service delivery, and support a growing digital economy. 
• Increasing tech adoption. India’s AI market is projected to reach around USD 17 billion by 2027. As businesses integrate AI, IoT, cloud, and other technologies, data centres will become instrumental in supporting the vast computational and storage requirements. 
• Government & regulatory measures. Apart from India being one of the world’s largest data consumption economies, government initiatives have also accelerated the ‘data based’ environment in the country. Additionally, states like Maharashtra, Karnataka, and Tamil Nadu have implemented favourable real estate policies that reduce the costs of setting up data centres. 

A Growing Network of Hubs 

India’s data centre landscape is rapidly evolving, with major cities and emerging hotspots vying for a piece of the pie. 

Mumbai-Navi Mumbai remains the undisputed leader, boasting a combined 39 data centres. Its strategic location with excellent submarine cable connectivity to Europe and Southeast Asia makes it a prime destination for global and domestic players. 

Bangalore, India’s IT capital, is not far behind with 29 data centres. The city’s thriving tech ecosystem and skilled talent pool make it an attractive option for businesses looking to set up data centres. 

Chennai, located on the east coast, has emerged as a crucial hub with 17 data centres. Its proximity to Southeast Asia and growing digital economy make it a strategic location. The Delhi-NCR region also plays a significant role, with 27 data centres serving the capital and surrounding areas. 

Smaller cities like Pune, Jaipur, and Patna are rapidly emerging as data centre hotspots. As businesses seek to serve a growing but distributed user base across India, these cities offer more cost-effective options. Additionally, the rise of edge data centres in these smaller cities is further decentralising the data centre landscape. 

A Competitive Market 

India ranks 13th globally in the number of operational data centres, with 138 facilities in operation and an additional 45 expected to be completed by the end of 2025. Key initiatives include:   

• AWS. AWS is investing USD 12.7 billion to establish four new data centres over the next two years. 
• Meta. Meta is set to build a small data centre, potentially focused on cache with a 10-20 MW capacity.  
• AdaniConnex. In partnership with EdgeConneX, AdaniConnex aims to develop a 1 GW network of hyperscale data centres over the next decade, all powered by 100% renewable energy. 
• Google. Google is set to build an 80-storey data centre by 2025 and is in advanced talks to acquire a 22.5-acre land parcel for its first captive data centre. 
• NTT. NTT is investing USD 241 million in a data campus, which will feature three data centres. 

Data Centres: Driving Digital India’s Success 

The Digital India initiative has transformed government services through improved online infrastructure and increased connectivity. Data centres play a pivotal role in supporting this vision by managing, storing, and processing the vast amounts of data that power essential services like Aadhaar and BharatNet. 

Aadhaar, India’s biometric ID system, relies heavily on data centres to store and process biometric information, enabling seamless identification and authentication. BharatNet, the government’s ambitious project to connect rural areas with high-speed internet, also depends on data centres to provide the necessary infrastructure and support. 

The impact of data centres on India’s digital transformation is far-reaching. Here are some key areas where data centres have made a significant contribution: 

• Enabling Remote Work and Education. Data centres have been instrumental in supporting the surge in remote work and online learning during the pandemic. By providing the necessary infrastructure and connectivity, data centres have ensured business continuity and uninterrupted education. 
• Fostering Start-Up Innovation. Data centres provide the essential infrastructure for start-ups to thrive. By offering reliable and scalable computing resources, data centres enable rapid growth and innovation, contributing to the expansion of India’s SaaS market. 
• Supporting Government Services. Data centres underpin key government initiatives, including e-governance platforms and digital identity systems. They enhance the accessibility, transparency, and efficiency of government services, bridging the urban-rural divide and improving public service delivery. 

Securing India’s Data Centre Future 

Data centres are the backbone of India’s digital transformation, fuelling economic growth, government services, innovation, remote work, and technological progress. The Indian government’s ambitious plan to invest over USD 1 billion in hyperscale data centres over the next five years underscores the country’s commitment to building a robust digital infrastructure. 

To secure the long-term success of India’s data centre industry, alignment with global standards and strategic investment are crucial. Prioritising reliability, efficiency, and sustainability will attract global providers and position India as a prime destination for digital infrastructure investments. Addressing challenges like legacy upgrades, modernisation, and cybersecurity risks will require collaboration across stakeholders, with government support and technological innovation playing key roles. 

A unified effort from central and state governments is vital to enhance competitiveness. By fostering a favourable regulatory environment and offering incentives, the government can accelerate the development of world-class data centres. As India advances digitally, data centres will be instrumental in driving economic growth, improving quality of life, and solidifying India’s status as a global digital leader. 

5/5 (2)

In my previous blogs, I outlined strategies for public sector organisations to incorporate technology into citizen services and internal processes. Building on those perspectives, let’s talk about the critical role of data in powering digital transformation across the public sector.

Effectively leveraging data is integral to delivering enhanced digital services and streamlining operations. Organisations must adopt a forward-looking roadmap that accounts for different data maturity levels – from core data foundations and emerging catalysts to future-state capabilities.

Click here to download ‘Building Resilient Public Services Through Advanced Data Management‘ as a PDF

1. Data Essentials: Establishing the Bedrock 

Data model. At the core of developing government e-services portals, strategic data modelling establishes the initial groundwork for scalable data infrastructures that can support future analytics, AI, and reporting needs. Effective data models define how information will be structured and analysed as data volumes grow. Beginning with an Entity-Relationship model, these blueprints guide the implementation of database schemas within database management systems (DBMS). This foundational approach ensures that the data infrastructure can accommodate the vast amounts of data generated by public services, crucial for maintaining public trust in government systems. 

Cloud Databases. Cloud databases provide flexible, scalable, and cost-effective storage solutions, allowing public sector organisations to handle vast amounts of data generated by public services. Data warehouses, on the other hand, are centralised repositories designed to store structured data, enabling advanced querying and reporting capabilities. This combination allows for robust data analytics and AI-driven insights, ensuring that the data infrastructure can support future growth and evolving analytical needs. 

Document management. Incorporating a document or records management system (DMS/RMS) early in the data portfolio of a government e-services portal is crucial for efficient operations. This system organises extensive paperwork and records like applications, permits, and legal documents systematically. It ensures easy storage, retrieval, and management, preventing issues with misplaced documents.  

Emerging Catalysts: Unleashing Data’s Potential 

Digital Twins. A digital twin is a sophisticated virtual model of a physical object or system. It surpasses traditional reporting methods through advanced analytics, including predictive insights and data mining. By creating detailed virtual replicas of infrastructure, utilities, and public services, digital twins allow for real-time monitoring, efficient resource management, and proactive maintenance. This holistic approach contributes to more efficient, sustainable, and livable cities, aligning with broader goals of urban development and environmental sustainability. 

Data Fabric. Data Fabric, including Data Lakes and Data Lakehouses, represents a significant leap in managing complex data environments. It ensures data is accessible for various analyses and processing needs across platforms. Data Lakes store raw data in its original format, crucial for initial data collection when future data uses are uncertain. In Cloud DB or Data Fabric setups, Data Lakes play a foundational role by storing unprocessed or semi-structured data. Data Lakehouses combine Data Lakes’ storage with data warehouses’ querying capabilities, offering flexibility, and efficiency for handling different types of data in sophisticated environments.  

Data Exchange and MOUs. Even with advanced data management technologies like data fabrics, Data Lakes, and Data Lakehouses, achieving higher maturity in digital government ecosystems often depends on establishing data-sharing agreements. Memorandums of Understanding (MoUs) exemplify these agreements, crucial for maximising efficiency and collaboration. MoUs outline terms, conditions, and protocols for sharing data beyond regulatory requirements, defining its scope, permitted uses, governance standards, and responsibilities of each party. This alignment ensures data integrity, privacy, and security while facilitating collaboration that enhances innovation and service delivery. Such agreements also pave the way for potential commercialisation of shared data resources, opening new market opportunities. 

Future-Forward Capabilities: Pioneering New Frontiers 

Data Mesh. Data Mesh is a decentralised approach to data architecture and organisational design, ideal for complex stakeholder ecosystems like digital conveyancing solutions. Unlike centralised models, Data Mesh allows each domain to manage its data independently. This fosters collaboration while ensuring secure and governed data sharing, essential for efficient conveyancing processes. Data Mesh enhances data quality and relevance by holding stakeholders directly accountable for their data, promoting integrity and adaptability to market changes. Its focus on interoperability and self-service data access enhances user satisfaction and operational efficiency, catering flexibly to diverse user needs within the conveyancing ecosystem. 

Data Embassies. A Data Embassy stores and processes data in a foreign country under the legal jurisdiction of its origin country, beneficial for digital conveyancing solutions serving international markets. This approach ensures data security and sovereignty, governed by the originating nation’s laws to uphold privacy and legal integrity in conveyancing transactions. Data Embassies enhance resilience against physical and cyber threats by distributing data across international locations, ensuring continuous operation despite disruptions. They also foster international collaboration and trust, potentially attracting more investment and participation in global real estate markets. Technologically, Data Embassies rely on advanced data centres, encryption, cybersecurity, cloud, and robust disaster recovery solutions to maintain uninterrupted conveyancing services and compliance with global standards. 

Conclusion 

By developing a cohesive roadmap that progressively integrates cutting-edge architectures, cross-stakeholder partnerships, and avant-garde juridical models, agencies can construct a solid data ecosystem. One where information doesn’t just endure disruption, but actively facilitates organisational resilience and accelerates mission impact. Investing in an evolutionary data strategy today lays the crucial groundwork for delivering intelligent, insight-driven public services for decades to come. The time to fortify data’s transformative potential is now. 

5/5 (2)

Southeast Asia’s massive workforce – 3^rd largest globally – faces a critical upskilling gap, especially with the rise of AI. While AI adoption promises a USD 1 trillion GDP boost by 2030, unlocking this potential requires a future-proof workforce equipped with AI expertise.

Governments and technology providers are joining forces to build strong AI ecosystems, accelerating R&D and nurturing homegrown talent. It’s a tight race, but with focused investments, Southeast Asia can bridge the digital gap and turn its AI aspirations into reality.

Read on to find out how countries like Singapore, Thailand, Vietnam, and The Philippines are implementing comprehensive strategies to build AI literacy and expertise among their populations.

Download ‘Upskilling for the Future: Building AI Capabilities in Southeast Asia’ as a PDF

Big Tech Invests in AI Workforce

Southeast Asia’s tech scene heats up as Big Tech giants scramble for dominance in emerging tech adoption.

Microsoft is partnering with governments, nonprofits, and corporations across Indonesia, Malaysia, the Philippines, Thailand, and Vietnam to equip 2.5M people with AI skills by 2025. Additionally, the organisation will also train 100,000 Filipino women in AI and cybersecurity.

Singapore sets ambitious goal to triple its AI workforce by 2028. To achieve this, AWS will train 5,000 individuals annually in AI skills over the next three years.

NVIDIA has partnered with FPT Software to build an AI factory, while also championing AI education through Vietnamese schools and universities. In Malaysia, they have launched an AI sandbox to nurture 100 AI companies targeting USD 209M by 2030.

Singapore Aims to be a Global AI Hub

Singapore is doubling down on upskilling, global leadership, and building an AI-ready nation.

Singapore has launched its second National AI Strategy (NAIS 2.0)  to solidify its global AI leadership. The aim is to triple the AI talent pool to 15,000, establish AI Centres of Excellence, and accelerate public sector AI adoption. The strategy focuses on developing AI “peaks of excellence” and empowering people and businesses to use AI confidently.

In keeping with this vision, the country’s 2024 budget is set to train workers who are over 40 on in-demand skills to prepare the workforce for AI. The country will also invest USD 27M to build AI expertise, by offering 100 AI scholarships for students and attracting experts from all over the globe to collaborate with the country.

Thailand Aims for AI Independence

Thailand’s ‘Ignite Thailand’ 2030 vision focuses on  boosting innovation, R&D, and the tech workforce.

Thailand is launching the second phase of its National AI Strategy, with a USD 42M budget to develop an AI workforce and create a Thai Large Language Model (ThaiLLM). The plan aims to train 30,000 workers in sectors like tourism and finance, reducing reliance on foreign AI.

The Thai government is partnering with Microsoft to build a new data centre in Thailand, offering AI training for over 100,000 individuals and supporting the growing developer community.

Building a Digital Vietnam

Vietnam focuses on AI education, policy, and empowering women in tech.

Vietnam’s National Digital Transformation Programme aims to create a digital society by 2030, focusing on integrating AI into education and workforce training. It supports AI research through universities and looks to address challenges like addressing skill gaps, building digital infrastructure, and establishing comprehensive policies.

The Vietnamese government and UNDP launched Empower Her Tech, a digital skills initiative for female entrepreneurs, offering 10 online sessions on GenAI and no-code website creation tools.

The Philippines Gears Up for AI

The country focuses on investment, public-private partnerships, and building a tech-ready workforce.

With its strong STEM education and programming skills, the Philippines is well-positioned for an AI-driven market, allocating USD 30M for AI research and development.

The Philippine government is partnering with entities like IBPAP, Google, AWS, and Microsoft to train thousands in AI skills by 2025, offering both training and hands-on experience with cutting-edge technologies.

The strategy also funds AI research projects and partners with universities to expand AI education. Companies like KMC Teams will help establish and manage offshore AI teams, providing infrastructure and support.

5/5 (2)

Technological innovation is dramatically changing how organisations interact with modern consumers in the rapidly evolving banking, financial services, and insurance (BFSI) industry. The growing dependence on digital communication tools and platforms lies at the core of this transformation. These tools have become vital for BFSI organisations to meet the dynamic needs of today’s customers, enabling agile, responsive Sales & Support teams that can use real-time data to sustain customer engagement, ensure data security, comply with regulations, and streamline operations.

Customer Engagement Challenges in BFSI Organisations

Security Concerns. Customers in the BFSI industry are increasingly concerned about the security of their financial transactions and Personal Identifiable Information (PII). With the rise of cyber threats, customers expect robust security measures to protect their accounts and sensitive information. BFSI organisations need to continually invest in cybersecurity infrastructure and technologies to reassure customers and maintain their trust.

Customer Expectations. In the competitive landscape of the BFSI industry, customer retention and attraction are critical to sustaining profitability. Organisations must prioritise an agile approach that adapts swiftly to market changes. Central to this strategy is the delivery of personalised experiences aligned with individual preferences and needs, driven by advancements in digitalisation. To achieve this, BFSI organisations have to increase investments in AI-driven solutions to gain deep insights into customer behaviour, enabling them to accurately anticipate and meet evolving needs.

Regulatory Compliance. The industry operates in a highly regulated environment with strict compliance requirements imposed by various regulatory bodies. Ensuring compliance with constantly evolving regulations such as GDPR, PSD2, Dodd-Frank, etc., poses a significant challenge for organisations. To complicate the landscape further, institutions with cross-border operations need to consider the laws in different countries. Compliance efforts often result in additional operational complexities and costs, which can impact the overall customer experience if not managed effectively.

Digital Transformation. Rapid technological advancements and changing customer preferences are driving BFSI organisations to undergo digital transformation initiatives. However, legacy systems and processes hinder their ability to innovate and adapt to digital trends quickly. Transitioning to modern, agile architectures while ensuring uninterrupted services and minimal disruption to customers is a complex undertaking for many BFSI organisations.

Customer Education and Communication. Financial products and services can be complex, and customers often require guidance to make informed decisions. Sales & Support teams in BFSI organisations struggle to effectively educate their customers about the features, benefits, and risks associated with various products. Clear and transparent communication regarding fees, terms, and conditions is essential for building trust and maintaining customer satisfaction. Balancing regulatory requirements with the need for transparent communication can be challenging.

5 Ways to Empower Sales & Support Teams in BFSI

BFSI organisations in Asia Pacific often overlook technology enablement for the empowerment of their Sales & Support and other customer engagement teams. Key measures to empower these teams include upskilling for role flexibility and offering competitive remuneration for better employee retention.

Organisations should prioritise upgrading Sales & Support tools and solutions to address the team’s key pain points.

#1 Boost Customer Engagement with Omnichannel Support

BFSI organisations need to work on a suite of API-driven solutions to create a comprehensive omnichannel presence. This enables engagement with customers via their preferred channels, such as SMS, email, voice, chat, or video. Such flexibility enhances customer satisfaction and loyalty by ensuring personalised and convenient interactions. This includes capabilities such as the ability to deploy messaging and voice services to dispatch timely account activity alerts, secure transactions with two-factor authentication, and deliver customised financial advice through chatbots or direct communications.

#2 Streamline Customer Service with AI and Virtual Assistants

Integrating AI and virtual assistants allows BFSI companies to automate standard inquiries and transactions, freeing Sales & Support teams to tackle more sophisticated customer needs. These AI tools can interpret and process natural language, facilitating conversational interactions with automated services. This boosts efficiency and shortens response times, elevating the customer engagement experience. Also, consistently integrating these virtual assistants across various channels ensures a uniform customer experience – and brand image.

#3 Enhance Security Measures and Compliance Standards

Adhering to stringent security and compliance requirements is essential for BFSI organisations. A secure platform complies with critical global and country-level standards and regulations. The voice and video communication services must include comprehensive encryption, protecting all customer interactions. There is also a need to have a suite of tools for monitoring and auditing communications to meet compliance requirements, allowing BFSI organisations to protect sensitive data while providing secure communication options.

#4 Leverage Insights for Personalised Customer Interactions

BFSI organisations must focus on aggregating, harmonising, and scrutinising customer interactions across various channels. This holistic view of customer behaviour allows for more targeted and personalised services, enhancing customer engagement and loyalty. By leveraging insights into customers’ interaction histories, preferences, and financial objectives, companies can customise their outreach and recommendations, improving upselling, cross-selling, and retention strategies.

#5 Increase Operational Efficiency with Cloud-Based Solutions

Cloud-based communication solutions offer BFSI organisations the scalability and flexibility needed to respond swiftly to market shifts and customer demands. This adaptability is vital for fostering growth in a dynamic industry. A customisable solution supports organisations in refining their operations, from automating workflows to integrating CRM systems, enabling Sales & Support teams to operate more smoothly and effectively. Cloud technology helps reduce operational expenses, elevate service quality, and spur innovation.

Digital communication and collaboration tools have the power to revolutionise BFSI, enhancing engagement, security, and efficiency. Through APIs, AI, and cloud, organisations can meet evolving market needs, driving growth and innovation. Embracing these solutions ensures competitiveness and agility in a changing landscape.

5/5 (1)

Banks, insurers, and other financial services organisations in Asia Pacific have plenty of tech challenges and opportunities including cybersecurity and data privacy management; adapting to tech and customer demands, AI and ML integration; use of big data for personalisation; and regulatory compliance across business functions and transformation journeys.

Modernisation Projects are Back on the Table

An emerging tech challenge lies in modernising, replacing, or retiring legacy platforms and systems. Many banks still rely on outdated core systems, hindering agility, innovation, and personalised customer experiences. Migrating to modern, cloud-based systems presents challenges due to complexity, cost, and potential disruptions. Insurers are evaluating key platforms amid evolving customer needs and business models; ERP and HCM systems are up for renewal; data warehouses are transforming for the AI era; even CRM and other CX platforms are being modernised as older customer data stores and models become obsolete.

For the past five years, many financial services organisations in the region have sidelined large legacy modernisation projects, opting instead to make incremental transformations around their core systems. However, it is becoming critical for them to take action to secure their long-term survival and success.

Benefits of legacy modernisation include:

• Improved operational efficiency and agility
• Enhanced customer experience and satisfaction
• Increased innovation and competitive advantage
• Reduced security risks and compliance costs
• Preparation for future technologies

However, legacy modernisation and migration initiatives carry significant risks.  For instance, TSB faced a USD 62M fine due to a failed mainframe migration, resulting in severe disruptions to branch operations and core banking functions like telephone, online, and mobile banking. The migration failure led to 225,492 complaints between 2018 and 2019, affecting all 550 branches and required TSB to pay more than USD 25M to customers through a redress program.

Modernisation Options

• Rip and Replace. Replacing the entire legacy system with a modern, cloud-based solution. While offering a clean slate and faster time to value, it’s expensive, disruptive, and carries migration risks.
• Refactoring. Rewriting key components of the legacy system with modern languages and architectures. It’s less disruptive than rip-and-replace but requires skilled developers and can still be time-consuming.
• Encapsulation. Wrapping the legacy system with a modern API layer, allowing integration with newer applications and tools. It’s quicker and cheaper than other options but doesn’t fully address underlying limitations.
• Microservices-based Modernisation. Breaking down the legacy system into smaller, independent services that can be individually modernised over time. It offers flexibility and agility but requires careful planning and execution.

Financial Systems on the Block for Legacy Modernisation

Data Analytics Platforms. Harnessing customer data for insights and targeted offerings is vital. Legacy data warehouses often struggle with real-time data processing and advanced analytics.

CRM Systems. Effective customer interactions require integrated CRM platforms. Outdated systems might hinder communication, personalisation, and cross-selling opportunities.

Payment Processing Systems. Legacy systems might lack support for real-time secure transactions, mobile payments, and cross-border transactions.

Core Banking Systems (CBS). The central nervous system of any bank, handling account management, transactions, and loan processing. Many Asia Pacific banks rely on aging, monolithic CBS with limited digital capabilities.

Digital Banking Platforms. While several Asia Pacific banks provide basic online banking, genuine digital transformation requires mobile-first apps with features such as instant payments, personalised financial management tools, and seamless third-party service integration.

Modernising Technical Approaches and Architectures

Numerous technical factors need to be addressed during modernisation, with decisions needing to be made upfront. Questions around data migration, testing and QA, change management, data security and development methodology (agile, waterfall or hybrid) need consideration.

Best practices in legacy migration have taught some lessons.

Adopt a data fabric platform. Many organisations find that centralising all data into a single warehouse or platform rarely justifies the time and effort invested. Businesses continually generate new data, adding sources, and updating systems. Managing data where it resides might seem complex initially. However, in the mid to longer term, this approach offers clearer benefits as it reduces the likelihood of data discrepancies, obsolescence, and governance challenges.

Focus modernisation on the customer metrics and journeys that matter. Legacy modernisation need not be an all-or-nothing initiative. While systems like mainframes may require complete replacement, even some mainframe-based software can be partially modernised to enable services for external applications and processes. Assess the potential of modernising components of existing systems rather than opting for a complete overhaul of legacy applications.

Embrace the cloud and SaaS. With the growing network of hyperscaler cloud locations and data centres, there’s likely to be a solution that enables organisations to operate in the cloud while meeting data residency requirements. Even if not available now, it could align with the timeline of a multi-year legacy modernisation project. Whenever feasible, prioritise SaaS over cloud-hosted applications to streamline management, reduce overhead, and mitigate risk.

Build for customisation for local and regional needs. Many legacy applications are highly customised, leading to inflexibility, high management costs, and complexity in integration. Today, software providers advocate minimising configuration and customisation, opting for “out-of-the-box” solutions with room for localisation. The operations in different countries may require reconfiguration due to varying regulations and competitive pressures. Architecting applications to isolate these configurations simplifies system management, facilitating continuous improvement as new services are introduced by platform providers or ISV partners.

Explore the opportunity for emerging technologies. Emerging technologies, notably AI, can significantly enhance the speed and value of new systems. In the near future, AI will automate much of the work in data migration and systems integration, reducing the need for human involvement. When humans are required, low-code or no-code tools can expedite development. Private 5G services may eliminate the need for new network builds in branches or offices. AIOps and Observability can improve system uptime at lower costs. Considering these capabilities in platform decisions and understanding the ecosystem of partners and providers can accelerate modernisation journeys and deliver value faster.

Don’t Let Analysis Paralysis Slow Down Your Journey!

Yes, there are a lot of decisions that need to be made; and yes, there is much at stake if things go wrong! However, there’s a greater risk in not taking action. Maintaining a laser-focus on the customer and business outcomes that need to be achieved will help align many decisions. Keeping the customer experience as the guiding light ensures organisations are always moving in the right direction.

5/5 (3)

“AI Guardrails” are often used as a method to not only get AI programs on track, but also as a way to accelerate AI investments. Projects and programs that fall within the guardrails should be easy to approve, govern, and manage – whereas those outside of the guardrails require further review by a governance team or approval body. The concept of guardrails is familiar to many tech businesses and are often applied in areas such as cybersecurity, digital initiatives, data analytics, governance, and management.

While guidance on implementing guardrails is common, organisations often leave the task of defining their specifics, including their components and functionalities, to their AI and data teams. To assist with this, Ecosystm has surveyed some leading AI users among our customers to get their insights on the guardrails that can provide added value.

Data Security, Governance, and Bias

• Data Assurance. Has the organisation implemented robust data collection and processing procedures to ensure data accuracy, completeness, and relevance for the purpose of the AI model? This includes addressing issues like missing values, inconsistencies, and outliers.
• Bias Analysis. Does the organisation analyse training data for potential biases – demographic, cultural and so on – that could lead to unfair or discriminatory outputs?
• Bias Mitigation. Is the organisation implementing techniques like debiasing algorithms and diverse data augmentation to mitigate bias in model training?
• Data Security. Does the organisation use strong data security measures to protect sensitive information used in training and running AI models?
• Privacy Compliance. Is the AI opportunity compliant with relevant data privacy regulations (country and industry-specific as well as international standards) when collecting, storing, and utilising data?

Model Development and Explainability

• Explainable AI. Does the model use explainable AI (XAI) techniques to understand and explain how AI models reach their decisions, fostering trust and transparency?
• Fair Algorithms. Are algorithms and models designed with fairness in mind, considering factors like equal opportunity and non-discrimination?
• Rigorous Testing. Does the organisation conduct thorough testing and validation of AI models before deployment, ensuring they perform as intended, are robust to unexpected inputs, and avoid generating harmful outputs?

AI Deployment and Monitoring

• Oversight Accountability. Has the organisation established clear roles and responsibilities for human oversight throughout the AI lifecycle, ensuring human control over critical decisions and mitigation of potential harm?
• Continuous Monitoring. Are there mechanisms to continuously monitor AI systems for performance, bias drift, and unintended consequences, addressing any issues promptly?
• Robust Safety. Can the organisation ensure AI systems are robust and safe, able to handle errors or unexpected situations without causing harm? This includes thorough testing and validation of AI models under diverse conditions before deployment.
• Transparency Disclosure. Is the organisation transparent with stakeholders about AI use, including its limitations, potential risks, and how decisions made by the system are reached?

Other AI Considerations

• Ethical Guidelines. Has the organisation developed and adhered to ethical principles for AI development and use, considering areas like privacy, fairness, accountability, and transparency?
• Legal Compliance. Has the organisation created mechanisms to stay updated on and compliant with relevant legal and regulatory frameworks governing AI development and deployment?
• Public Engagement. What mechanisms are there in place to encourage open discussion and engage with the public regarding the use of AI, addressing concerns and building trust?
• Social Responsibility. Has the organisation considered the environmental and social impact of AI systems, including energy consumption, ecological footprint, and potential societal consequences?

Implementing these guardrails requires a comprehensive approach that includes policy formulation, technical measures, and ongoing oversight. It might take a little longer to set up this capability, but in the mid to longer term, it will allow organisations to accelerate AI implementations and drive a culture of responsible AI use and deployment.

4.8/5 (6)

In the Ecosystm Predicts: Building an Agile & Resilient Organisation: Top 5 Trends in 2024​, Principal Advisor Darian Bird said, “The emergence of Generative AI combined with the maturing of deepfake technology will make it possible for malicious agents to create personalised voice and video attacks.” Darian highlighted that this democratisation of phishing, facilitated by professional-sounding prose in various languages and tones, poses a significant threat to potential victims who rely on misspellings or oddly worded appeals to detect fraud. As we see more of these attacks and social engineering attempts, it is important to improve defence mechanisms and increase awareness. 

Understanding Deepfake Technology 

The term Deepfake is a combination of the words ‘deep learning’ and ‘fake’. Deepfakes are AI-generated media, typically in the form of images, videos, or audio recordings. These synthetic content pieces are designed to appear genuine, often leading to the manipulation of faces and voices in a highly realistic manner. Deepfake technology has gained spotlight due to its potential for creating convincing yet fraudulent content that blurs the line of reality. 

Deepfake algorithms are powered by Generative Adversarial Networks (GANs) and continuously enhance synthetic content to closely resemble real data. Through iterative training on extensive datasets, these algorithms refine features such as facial expressions and voice inflections, ensuring a seamless emulation of authentic characteristics.  

Deepfakes Becoming Increasingly Convincing 

Hyper-realistic deepfakes, undetectable to the human eye and ear, have become a huge threat to the financial and technology sectors. Deepfake technology has become highly convincing, blurring the line between real and fake content. One of the early examples of a successful deepfake fraud was when a UK-based energy company lost USD 243k through a deepfake audio scam in 2019, where scammers mimicked the voice of their CEO to authorise an illegal fund transfer.  

Deepfakes have evolved from audio simulations to highly convincing video manipulations where faces and expressions are altered in real-time, making it hard to distinguish between real and fake content. In 2022, for instance, a deepfake video of Elon Musk was used in a crypto scam that resulted in a loss of about USD 2 million for US consumers. This year, a multinational company in Hong Kong lost over USD 25 million when an employee was tricked into sending money to fraudulent accounts after a deepfake video call by what appeared to be his colleagues. 

Regulatory Responses to Deepfakes 

Countries worldwide are responding to the challenges posed by deepfake technology through regulations and awareness campaigns. 

• Singapore’s Online Criminal Harms Act, that will come into effect in 2024, will empower authorities to order individuals and Internet service providers to remove or block criminal content, including deepfakes used for malicious purposes.  
• The UAE National Programme for Artificial Intelligence released a deepfake guide to educate the public about both harmful and beneficial applications of this technology. The guide categorises fake content into shallow and deep fakes, providing methods to detect deepfakes using AI-based tools, with a focus on promoting positive uses of advanced technologies. 
• The proposed EU AI Act aims to regulate them by imposing transparency requirements on creators, mandating them to disclose when content has been artificially generated or manipulated. 
• South Korea passed a law in 2020 banning the distribution of harmful deepfakes. Offenders could be sentenced to up to five years in prison or fined up to USD 43k. 
• In the US, states like California and Virginia have passed laws against deepfake pornography, while federal bills like the DEEP FAKES Accountability Act aim to mandate disclosure and counter malicious use, highlighting the diverse global efforts to address the multifaceted challenges of deepfake regulation. 

Detecting and Protecting Against Deepfakes 

Detecting deepfake becomes increasingly challenging as technology advances. Several methods are needed – sometimes in conjunction – to be able to detect a convincing deepfake. These include visual inspection that focuses on anomalies, metadata analysis to examine clues about authenticity, forensic analysis for pattern and audio examination, and machine learning that uses algorithms trained on real and fake video datasets to classify new videos.  

However, identifying deepfakes requires sophisticated technology that many organisations may not have access to. This heightens the need for robust cybersecurity measures. Deepfakes have seen an increase in convincing and successful phishing – and spear phishing – attacks and cyber leaders need to double down on cyber practices.  

Defences can no longer depend on spotting these attacks. It requires a multi-pronged approach which combines cyber technologies, incidence response, and user education.  

Preventing access to users. By employing anti-spoofing measures organisations can safeguard their email addresses from exploitation by fraudulent actors. Simultaneously, minimising access to readily available information, particularly on websites and social media, reduces the chance of spear-phishing attempts. This includes educating employees about the implications of sharing personal information and clear digital footprint policies. Implementing email filtering mechanisms, whether at the server or device level, helps intercept suspicious emails; and the filtering rules need to be constantly evaluated using techniques such as IP filtering and attachment analysis.  

Employee awareness and reporting. There are many ways that organisations can increase awareness in employees starting from regular training sessions to attack simulations. The usefulness of these sessions is often questioned as sometimes they are merely aimed at ticking off a compliance box. Security leaders should aim to make it easier for employees to recognise these attacks by familiarising them with standard processes and implementing verification measures for important email requests. This should be strengthened by a culture of reporting without any individual blame. 

Securing against malware. Malware is often distributed through these attacks, making it crucial to ensure devices are well-configured and equipped with effective endpoint defences to prevent malware installation, even if users inadvertently click on suspicious links. Specific defences may include disabling macros and limiting administrator privileges to prevent accidental malware installation. Strengthening authentication and authorisation processes is also important, with measures such as multi-factor authentication, password managers, and alternative authentication methods like biometrics or smart cards. Zero trust and least privilege policies help protect organisation data and assets.   

Detection and Response. A robust security logging system is crucial, either through off-the shelf monitoring tools, managed services, or dedicated teams for monitoring. What is more important is that the monitoring capabilities are regularly updated. Additionally, having a well-defined incident response can swiftly mitigate post-incident harm post-incident. This requires clear procedures for various incident types and designated personnel for executing them, such as initiating password resets or removing malware. Organisations should ensure that users are informed about reporting procedures, considering potential communication challenges in the event of device compromise. 

Conclusion 

The rise of deepfakes has brought forward the need for a collaborative approach. Policymakers, technology companies, and the public must work together to address the challenges posed by deepfakes. This collaboration is crucial for making better detection technologies, establishing stronger laws, and raising awareness on media literacy. 

5/5 (3)

2024 and 2025 are looking good for IT services providers – particularly in Asia Pacific. All types of providers – from IT consultants to managed services VARs and systems integrators – will benefit from a few converging events.

However, amidst increasing demand, service providers are also challenged with cost control measures imposed in organisations – and this is heightened by the challenge of finding and retaining their best people as competition for skills intensifies. Providers that service mid-market clients might find it hard to compete and grow without significant process automation to compensate for the higher employee costs.

Why Organisations are Opting for IT Service

• Organisations are seeking further cost reductions. Managed services providers will see more opportunities to take cost and complexity out of organisation’s IT functions. The focus in 2024 will be less on “managing” services and more on “transforming” them using ML, AI, and automation to reduce cost and improve value.
• Big app upgrades are back on the agenda. SAP is going above and beyond to incentivise their customers and partners to migrate their on-premises and hyperscale hosted instances to true cloud ERP. Initiatives such as Rise with SAP have been further expanded and improved to accelerate the transition. Salesforce customers are also looking to streamline their deployments while also taking advantage of the new AI and data capabilities. But many of these projects will still be complex and time-consuming.
• Cloud deployments are getting more complex. For many organisations, the simple cloud migrations are done. This is the stage of replatforming, retiring, and refactoring applications to take advantage of public and hybrid cloud capabilities. These are not simple lift and shift – or switch to SaaS – engagements.  
• AI will drive a greater need for process improvement and transformation. This will happen along with associated change management and training programs. While it is still early days for GenAI, before the end of 2024, many organisations will move beyond experimentation to department or enterprise wide GenAI initiatives.
• Increasing cybersecurity and data governance demands will prolong the security skill shortage. More organisations will turn to managed security services providers and cybersecurity consultants to help them develop their strategy and response to the rising threat levels.

Choosing the Right Cost Model for IT Services

Buyers of IT services must implement strict cost-control measures and consider various approaches to align costs with business and customer outcomes, including different cost models:

Fixed-Price Contracts. These contracts set a firm price for the entire project or specific deliverables. Ideal when project scope is clear, they offer budget certainty upfront but demand detailed specifications, potentially leading to higher initial quotes due to the provider assuming more risk.

Time and Materials (T&M) Contracts with Caps. Payment is based on actual time and materials used, with negotiated caps to prevent budget overruns. Combining flexibility with cost predictability, this model offers some control over total expenses.

Performance-Based Pricing. Fees are tied to service provider performance, incentivising achievement of specific KPIs or milestones. This aligns provider interests with client goals, potentially resulting in cost savings and improved service quality.

Retainer Agreements with Scope Limits. Recurring fees are paid for ongoing services, with defined limits on work scope or hours within a given period. This arrangement ensures resource availability while containing expenses, particularly suitable for ongoing support services.

Other Strategies for Cost Efficiency and Effective Management

Technology leaders should also consider implementing some of the following strategies:

Phased Payments. Structuring payments in phases, tied to the completion of project milestones, helps manage cash flow and provides a financial incentive for the service provider to meet deadlines and deliverables. It also allows for regular financial reviews and adjustments if the project scope changes.

Cost Transparency and Itemisation. Detailed billing that itemises the costs of labour, materials, and other expenses provides transparency to verify charges, track spending against the budget, and identify areas for potential savings.

Volume Discounts and Negotiated Rates. Negotiating volume discounts or preferential rates for long-term or large-scale engagements, makes providers to offer reduced rates for a commitment to a certain volume of work or an extended contract duration.

Utilisation of Shared Services or Cloud Solutions. Opting for shared or cloud-based solutions where feasible, offers economies of scale and reduces the need for expensive, dedicated infrastructure and resources.

Regular Review and Adjustment. Conducting regular reviews of the services and expenses with the provider to ensure alignment with the budget and objectives, prepares organisations to adjust the scope, renegotiate terms, or implement cost-saving measures as needed.

Exit Strategy. Planning an exit strategy that include provisions for contract termination, transition services, protects an organisation in case the partnership needs to be dissolved.

Conclusion

Many businesses swing between insourcing and outsourcing technology capabilities – with the recent trend moving towards insourcing development and outsourcing infrastructure to the public cloud. But 2024 will see demand for all types of IT services across nearly every geography and industry. Tech services providers can bring significant value to your business – but improved management, monitoring, and governance will ensure that this value is delivered at a fair cost.