This year’s theme at the ETHDenver – one of crypto’s OG annual gatherings, was “Year of the Regenerates.” This captures the core tension in Web3: the casino vs. the computer. On one side, the pump-and-dumps, meme coin frenzies, and hyper-financialisation. On the other, the cypherpunk ideals of decentralisation, open infrastructure, and a freer, fairer web.
It’s a timely moment for reflection. Crypto prices are tanking alongside global markets, Bitcoin is down, and headline scandals – like the USD1.3B hack of ByBit and millions lost by retail investors to the meme coin mania – paint a bleak picture.
But the full story isn’t just chaos and collapse. There’s real momentum beneath the noise – and a dose of optimism is exactly what the space needs right now.
ByBit: Green Shoots Amidst the Biggest Hack
The crypto market has seen renewed bearish sentiment, intensified by the USD1.5 billion ByBit hack on February 21, 2025 – the largest crypto heist to date, reportedly carried out by North Korea’s Lazarus Group. Notably, the attack’s impact was limited thanks to Copper’s Clearloop custody infrastructure, which protected user funds through its bankruptcy-remote design.
Yet despite the headline-grabbing loss, several market watchers have pointed to unexpectedly bullish signals emerging from the aftermath.
- Reduced Leverage and Market Stability. A potential silver lining is the decline in leverage across the market. With meme coin fatigue setting in, investors may be shifting toward more sustainable strategies. This could pave the way for long-term capital, especially as independent advisors begin recommending crypto and ETF products.
- Liquidity Injection from Loss Coverage. ByBit CEO Ben Zhou confirmed the company is covering 80% of the stolen funds through bridge loans. Some view this as bullish, arguing that while the stolen ETH remains on-chain, ByBit’s repurchases inject fresh liquidity into the market.
- No Bank Run and Trust in Exchanges. The lack of a bank run after the hack signals strong trust in ByBit’s solvency and response. Despite being one of the biggest heists in crypto, ByBit’s handling has been steady – prices have held, and users haven’t rushed to withdraw. That, in itself, is a positive sign. CEO Ben Zhou echoed this confidence, stating: “ByBit is solvent even if the loss isn’t recovered. All client assets are 1:1 backed.”
- Unexpected Positive Spin: Hacks as Catalysts. A contrarian view suggests that hacks, despite their damage, can drive platform evolution. This hack, for instance, could be seen as bullish – profit was extracted from value extractors, pushing ByBit to strengthen, become more anti-fragile, and reset stale positions and liquidity. The takeaway: crises can spark necessary resets and infrastructure upgrades – an unexpected upside in an otherwise negative event.
While some views may be unconventional, they underscore a maturing market better equipped to handle challenges, offering optimism for long-term recovery and growth beyond the current value and liquidity fluctuations.
Institutional Adoption Peaking Despite Bearish Sentiment
The tokenisation of real-world assets (RWAs) and the growing institutional adoption of digital assets are gaining momentum, even amid broader bearish sentiment in the crypto market. Driven by technological innovation, clearer regulations, and tangible benefits like enhanced liquidity, cost efficiency, and streamlined operations, these trends continue to evolve. Here’s an overview of the latest developments:
- Tokenisation of Real-World Assets. Despite bearish sentiment, the RWA tokenisation market is set for rapid growth. Analysts like Clearpool’s Ozean predict tokenised RWAs could hit a USD 50 billion market cap by 2025, driven by TradFi moving on-chain. Other forecasts from Standard Chartered (USD 30 trillion by 2034) and Boston Consulting Group (USD 16 trillion by 2030) highlight long-term potential, even if short-term conditions are volatile.
- Expansion of Asset Classes. Tokenisation is expanding beyond U.S. Treasuries and stablecoins to include real estate, private credit, commodities, carbon credits, and intellectual property. Real estate tokenisation, for example, is unlocking liquidity in traditionally illiquid markets, with platforms showing savings in home equity lines of credit (HELOCs) and collateralised loans. The total value locked in tokenised assets surpassed USD 176 billion in 2024, a 32% increase, with non-stablecoin assets growing 53%.
- Stablecoins as the “Killer App”. Stablecoins, pegged to assets like the U.S. dollar or treasuries, are becoming a safe haven in crypto. Their stability during market downturns has boosted their reputation as a “killer app” for blockchain, shifting focus from speculative tokens to practical, low-volatility tools. With a market cap surpassing USD 200 billion in 2025, Tether (USDT) and USD Coin (USDC) lead the way. New entrants like PayPal’s PYUSD (launched 2023) and treasury-backed stablecoins (e.g., Ondo Finance) are making waves. The “PayFi” race is on, with stablecoins integrating yield-bearing features linked to tokenised treasuries.
- Technological Advancements. Blockchain platforms are evolving, with AI driving RWA tokenisation and decentralised public infrastructure (DePIN). AI tools are enhancing risk assessment, compliance, and trading, making tokenised assets more attractive to institutions. Multi-chain technologies are improving interoperability and scalability, overcoming past limitations.
- Notable Projects and Milestones.
- BlackRock’s BUIDL Fund. Launched in March 2024, this tokenised fund became the largest of its kind, managing USD 657 million in assets by January 2025. BlackRock is also investing in tokenisation firms and exploring stablecoins, signalling a strategic shift.
- Clearpool’s Ozean. This protocol processed over USD 650 million in loans in Q4 2024, with a 51% rise in total value locked, reflecting growing traction.
- T-RIZE Group. In December 2023, the firm tokenised a USD 300 million residential project in Canada, showcasing real estate tokenisation at an institutional level.
- JPMorgan. Using its Onyx platform for blockchain-based settlements, tokenisation is now seen as a “killer app” for efficiency.
- Goldman Sachs. Its Digital Asset Platform is tokenising bonds, and repo transactions with Broadridge and J.P. Morgan total trillions monthly.
- Deutsche Bank. Joined Singapore’s Project Guardian in May 2024 to tokenise assets, reflecting institutional global interest.
- Regulatory Progress as a Catalyst. While regulatory uncertainty remains, 2025 shows promise. The potential appointment of crypto-friendly figures under a Trump administration could accelerate clarity in the U.S. Meanwhile, the Financial Action Task Force (FATF) is developing standards for tokenised RWAs, fostering cross-border adoption. Countries like Switzerland, Singapore, and Japan are already testing tokenised financial products, creating a more favourable regulatory environment.
- Institutional Sentiment and Investment Surveys. Institutional confidence is high. A BNY Mellon survey found 97% of institutional investors believe tokenisation will revolutionise asset management. EY-Parthenon research shows two-thirds of institutions are already invested in digital assets, with larger asset managers (AUM > USD 500 billion) launching tokenised funds. The Tokenised Asset Coalition found 86% of Fortune 500 executives recognise tokenisation’s benefits, with 35% actively pursuing projects.
- Bridging TradFi and DeFi. RWAs are bridging traditional and decentralised finance. Stablecoins tied to tokenised assets (e.g., treasuries) mitigate volatility, attracting cautious institutional players. Partnerships like Ripple and Archax aim to bring hundreds of millions in tokenised RWAs to the XRP Ledger, highlighting the convergence of TradFi and DeFi.
Resilience Amid Bearish Sentiments
Despite bearish market conditions driven by crypto volatility and macro pressures like inflation, institutional adoption is gaining momentum. Tokenisation offers tangible benefits – fractional ownership, 24/7 trading, and faster settlements – that solve inefficiencies in traditional systems. These advantages hold steady, regardless of market sentiment. For example, tokenised repos minimise operational errors and unlock intraday liquidity, while tokenised yields, such as treasuries, now outpace DeFi lending rates, drawing capital even in a “crypto winter.”
Regulatory fragmentation and security risks like hacking and smart contract vulnerabilities still pose challenges, while mainstream adoption, though accelerating, trails behind pilot successes.
Yet, the fundamentals remain resilient. With upcoming upgrades like Solana’s Firedancer client and Ethereum’s Pectra, blockchain infrastructure will advance. The focus for web3 builders will shift back to innovation, not token price charts. The path from meme coins to real utility may be long, but with the talent and creativity within the ecosystem, it’s far from impossible.
Home to over 60% of the global population, the Asia Pacific region is at the forefront of digital transformation – and at a turning point. The Asian Development Bank forecasts a USD 1.7T GDP boost by 2030, but only if regulation keeps pace with innovation. In 2025, that alignment is taking shape: regulators across the region are actively crafting policies and platforms to scale innovation safely and steer it toward public good. Their focus spans global AI rules, oversight of critical tech in BFSI, sustainable finance, green fintech, and frameworks for digital assets.
Here’s a look at some of the regulatory influences on the region’s BFSI organisations.
Click here to download “Greener, Smarter, Safer: BFSI’s Regulatory Agenda” as a PDF.
The Ripple Effect of Global AI Regulation on APAC Finance
The EU’s AI Act – alongside efforts by other countries such as Brazil and the UK – signals a global shift toward responsible AI. With mandates for transparency, accountability, and human oversight, the Act sets a new bar that resonates across APAC, especially in high-stakes areas like credit scoring and fraud detection.
For financial institutions in the region, ensuring auditable AI systems and maintaining high data quality will be key to compliance. But the burden of strict rules, heavy fines, and complex risk assessments may slow innovation – particularly for smaller fintechs. Global firms with a footprint in the EU also face the challenge of navigating divergent regulatory regimes, adding complexity and cost.
APAC financial institutions must strike a careful balance: safeguarding consumers while keeping innovation alive within a tightening regulatory landscape.
Stepping Up Oversight: Regulating Tech’s Role
Effective January 1, 2025, the UK has granted the Financial Conduct Authority (FCA) and Bank of England oversight of critical tech firms serving the banking sector. This underscores growing global recognition of the systemic importance of these providers.
This regulatory expansion has likely implications for major players such as AWS, Google, and Microsoft. The goal: strengthen financial stability by mitigating cyber risks and service disruptions.
As APAC regulators watch closely, a key question emerges: will similar oversight frameworks be introduced to protect the region’s increasingly interconnected financial ecosystem?
With heavy reliance on a few core tech providers, APAC must carefully assess systemic risks and the need for regulatory safeguards in shaping its digital finance future.
Catalysing Sustainable Finance Through Regional Collaboration
APAC policymakers are translating climate ambitions into tangible action, exemplified by the collaborative FAST-P initiative between Australia and Singapore, spearheaded by the Monetary Authority of Singapore (MAS).
Australia’s USD 50 million commitment to fintech-enabled clean energy and infrastructure projects across Southeast Asia demonstrates a powerful public-private partnership driving decarbonisation through blended finance models.
This regional collaboration highlights a proactive approach to leveraging financial innovation for sustainability, setting a potential benchmark for other APAC nations.
Fostering Green Fintech Innovation Across APAC Markets
The proactive stance on sustainable finance extends to initiatives promoting green fintech startups.
Hong Kong’s upcoming Green Fintech Map and Thailand’s expanded ESG Product Platform are prime examples. By spotlighting sustainability-focused digital tools and enhancing data infrastructure and disclosure standards, these regulators aim to build investor confidence in ESG-driven fintech offerings.
This trend underscores a clear regional strategy: APAC regulators are not merely encouraging green innovation but actively cultivating ecosystems that facilitate its growth and scalability across diverse markets.
Charting the Regulatory Course for Digital Asset Growth in APAC
APAC regulators are gaining momentum in building forward-looking frameworks for the digital asset landscape. Japan’s proposal to classify crypto assets as financial products, Hong Kong’s expanded permissions for virtual asset activities, and South Korea’s gradual reintroduction of corporate crypto trading all point to a proactive regulatory shift.
Australia’s new crypto rules, including measures against debanking, and India’s clarified registration requirements for key players further reflect a region moving from cautious observation to decisive action.
Regulators are actively shaping a secure, scalable digital asset ecosystem – striking a balance between innovation, strong compliance, and consumer protection.
Ecosystm Opinion
APAC regulators are sending a clear message: innovation and oversight go hand in hand. As the region embraces a digital-first future, governments are moving beyond rule-setting to design frameworks that actively shape the balance between innovation, markets, institutions, and society.
This isn’t just about following global norms; it’s a bold step toward defining new standards that reflect APAC’s unique ambitions and the realities of digital finance.
AI has become a battleground for geopolitical competition, national resilience, and societal transformation. The stakes are no longer theoretical, and the window for action is closing fast.
In March, the U.S. escalated its efforts to shape the global technology landscape by expanding export controls on advanced AI and semiconductor technologies. Over 80 entities – more than 50 in China – were added to the export blacklist, aiming to regulate access to critical technologies. The move seeks to limit the development of high-performance computing, quantum technologies, and AI in certain regions, citing national security concerns.
As these export controls tighten, reports have surfaced of restricted chips entering China through unofficial channels, including e-commerce platforms. U.S. authorities are working to close these gaps by sanctioning new entities attempting to circumvent the restrictions. The Department of Commerce’s Bureau of Industry and Security (BIS) is also pushing for stricter Know Your Customer (KYC) regulations for cloud service providers to limit unauthorised access to GPU resources across the Asia Pacific region.
Geopolitics & the Pursuit of AI Dominance
Bipartisan consensus has emerged in Washington around the idea that leading in artificial general intelligence (AGI) is a national security imperative. If AI is destined to shape the future balance of power, the U.S. government believes it cannot afford to fall behind. This mindset has accelerated an arms-race dynamic reminiscent of the Thucydides Trap, where the fear of being overtaken compels both sides to push ahead, even if alignment and safety mechanisms are not yet in place.
China has built extensive domestic surveillance infrastructure and has access to large volumes of data that would be difficult to collect under the regulatory frameworks of many other countries. Meanwhile, major U.S. social media platforms can refine their AI models using behavioural data from a broad global user base. AI is poised to enhance governments’ ability to monitor compliance and enforce laws that were written before the digital age – laws that previously assumed enforcement would be limited by practical constraints. This raises important questions about how civil liberties may evolve when technological limitations are no longer a barrier to enforcement.
The Digital Battlefield
Cybersecurity Threat. AI is both a shield and a sword in cybersecurity. We are entering an era of algorithm-versus-algorithm warfare, where AI’s speed and adaptability will dictate who stays secure and who gets compromised. Nations are prioritising AI for cyber defence to stay ahead of state actors using AI for attacks. For example, the DARPA AI Cyber Challenge is funding tools that use AI to identify and patch vulnerabilities in real-time – essential for defending against state-sponsored threats.
Yet, a key vulnerability exists within AI labs themselves. Many of these organisations, though responsible for cutting-edge models, operate more like startups than defence institutions. This results in informal knowledge sharing, inconsistent security standards, and minimal government oversight. Despite their strategic importance, these labs lack the same protections and regulations as traditional military research facilities.
High-Risk Domains and the Proliferation of Harm. AI’s impact on high-risk domains like biotechnology and autonomous systems is raising alarms. Advanced AI tools could lower the barriers for small groups or even individuals to misuse biological data. As Anthropic CEO Dario Amodei warns, “AI will vastly increase the number of people who can cause catastrophic harm.”
This urgency for oversight mirrors past technological revolutions. The rise of nuclear technology prompted global treaties and safety protocols, and the expansion of railroads drove innovations like block signalling and standardised gauges. With AI’s rapid progression, similar safety measures must be adopted quickly.
Meanwhile, AI-driven autonomous systems are growing in military applications. Drones equipped with AI for real-time navigation and target identification are increasingly deployed in conflict zones, especially where traditional systems like GPS are compromised. While these technologies promise faster, more precise operations, they also raise critical ethical questions about decision-making, accountability, and latency.
The 2024 National Security Memorandum on AI laid down initial guidelines for responsible AI use in defence. However, significant challenges remain around enforcement, transparency, and international cooperation.
AI for Intelligence and Satellite Analysis. AI also holds significant potential for national intelligence. Governments collect massive volumes of satellite imagery daily – far more than human analysts can process alone. AI models trained on geospatial data can greatly enhance the ability to detect movement, monitor infrastructure, and improve border security. Companies like ICEYE and Satellogic are advancing their computer vision capabilities to increase image processing efficiency and scale. As AI systems improve at identifying patterns and anomalies, each satellite image becomes increasingly valuable. This could drive a new era of digital intelligence, where AI capabilities become as critical as the satellites themselves.
Policy, Power, and AI Sovereignty
Around the world, governments are waking up to the importance of AI sovereignty – ensuring that critical capabilities, infrastructure, and expertise remain within national borders. In Europe, France has backed Mistral AI as a homegrown alternative to US tech giants, part of a wider ambition to reduce dependency and assert digital independence. In China, DeepSeek has gained attention for developing competitive LLMs using relatively modest compute resources, highlighting the country’s determination to lead without relying on foreign technologies.
These moves reflect a growing recognition that in the AI age, sovereignty doesn’t just mean political control – it also means control over compute, data, and talent.
In the US, the public sector is working to balance oversight with fostering innovation. Unlike the internet, the space program, or the Manhattan Project, the AI revolution was primarily initiated by the private sector, with limited state involvement. This has left the public sector in a reactive position, struggling to keep up. Government processes are inherently slow, with legislation, interagency reviews, and procurement cycles often lagging rapid technological developments. While major AI breakthroughs can happen within months, regulatory responses may take years.
To address this gap, efforts have been made to establish institutions like the AI Safety Institute and requiring labs to share their internal safety evaluations. However, since then, there has been a movement to reduce the regulatory burden on the AI sector, emphasising the importance of supporting innovation over excessive caution.
A key challenge is the need to build both policy frameworks and physical infrastructure in tandem. Advanced AI models require significant computational resources, and by extension, large amounts of energy. As countries like the US and China compete to be at the forefront of AI innovation, ensuring a reliable energy supply for AI infrastructure becomes crucial.
If data centres cannot scale quickly or if clean energy becomes too expensive, there is a risk that AI infrastructure could migrate to countries with fewer regulations and lower energy costs. Some nations are already offering incentives to attract these capabilities, raising concerns about the long-term security of critical systems. Governments will need to carefully balance sovereignty over AI infrastructure with the development of sufficient domestic electricity generation capacity, all while meeting sustainability goals. Without strong partnerships and more flexible policy mechanisms, countries may risk ceding both innovation and governance to private actors.
What Lies Ahead
AI is no longer an emerging trend – it is a cornerstone of national power. It will shape not only who leads in innovation but also who sets the rules of global engagement: in cyber conflict, intelligence gathering, economic dominance, and military deterrence. The challenge governments face is twofold. First, to maintain strategic advantage, they must ensure that AI development – across private labs, defence systems, and public infrastructure – remains both competitive and secure. Second, they must achieve this while safeguarding democratic values and civil liberties, which are often the first to erode under unchecked surveillance and automation.
This isn’t just about faster processors or smarter algorithms. It’s about determining who defines the future – how decisions are made, who has oversight, and what values are embedded in the systems that will govern our lives.
AI has already had a significant impact on the tech industry, rapidly evolving software development, data analysis, and automation. However, its potential extends into all industries – from the precision of agriculture to the intricacies of life sciences research, and the enhanced customer experiences across multiple sectors.
While we have seen the widespread adoption of AI-powered productivity tools, 2025 promises a bigger transformation. Organisations across industries will shift focus from mere innovation to quantifiable value. In sectors where AI has already shown early success, businesses will aim to scale these applications to directly impact their revenue and profitability. In others, it will accelerate research, leading to groundbreaking discoveries and innovations in the years to come. Regardless of the specific industry, one thing is certain: AI will be a driving force, reshaping business models and competitive landscapes.
Ecosystm analysts Alan Hesketh, Clay Miller, Peter Carr, Sash Mukherjee, and Steve Shipley present the top trends shaping key industries in 2025.
Click here to download ‘AI’s Impact on Industry in 2025’ as a PDF
1. GenAI Virtual Agents Will Reshape Public Sector Efficiency
Operating within highly structured, compliance-driven environments, public sector organisations are well-positioned to benefit from GenAI Agents.
These agents excel when powered LLMs tailored to sector-specific needs, informed by documented legislation, regulations, and policies. The result will be significant improvements in how governments manage rising service demands and enhance citizen interactions. From automating routine enquiries to supporting complex administrative processes, GenAI Virtual Agents will enable public sector to streamline operations without compromising compliance. Crucially, these innovations will also address jurisdictional labour and regulatory requirements, ensuring ethical and legal adherence. As GenAI technology matures, it will reshape public service delivery by combining scalability, precision, and responsiveness.
2. Healthcare Will Lead in Innovation; Lag in Adoption
In 2025, healthcare will undergo transformative innovations driven by advancements in AI, remote medicine, and biotechnology. Innovations will include personalised healthcare driven by real-time data for tailored wellness plans and preventive care, predictive AI tackling global challenges like aging populations and pandemics, virtual healthcare tools like VR therapy and chatbots enhancing accessibility, and breakthroughs in nanomedicine, digital therapeutics, and next-generation genomic sequencing.
Startups and innovators will often lead the way, driven by a desire to make an impact.
However, governments will lack the will to embrace these technologies. After significant spending on crisis management, healthcare ministries will likely hesitate to commit to fresh large-scale investments.
3. Agentic AI Will Move from Bank Credit Recommendation to Approval
Through 2024, we have seen a significant upturn in Agentic AI making credit approval recommendations, providing human credit managers with the ability to approve more loans more quickly. Yet, it was still the mantra that ‘AI recommends—humans approve.’ That will change in 2025.
AI will ‘approve’ much more and much larger credit requests.
The impact will be multi-faceted: banks will greatly enhance client access to credit, offering 24/7 availability and reducing the credit approval and origination cycle to mere seconds. This will drive increased consumer lending for high-value purchases, such as major appliances, electronics, and household goods.
4. AI-Powered Demand Forecasting Will Transform Retail
There will be a significant shift away from math-based tools to predictive AI using an organisation’s own data. This technology will empower businesses to analyse massive datasets, including sales history, market trends, and social media, to generate highly accurate demand predictions. Adding external influencing factors such as weather and events will be simplified.
The forecasts will enable companies to optimise inventory levels, minimise stockouts and overstock situations, reduce waste, and increase profitability. Early adopters are already leveraging AI to anticipate fashion trends and adjust production accordingly.
No more worrying about capturing “Demand Influencing Factors” – it will all be derived from the organisation’s data.
5. AI-Powered Custom-Tailored Insurance Will Be the New Norm
Insurers will harness real-time customer data, including behavioural patterns, lifestyle choices, and life stage indicators, to create dynamic policies that adapt to individual needs. Machine learning will process vast datasets to refine risk predictions and deliver highly personalised coverage. This will produce insurance products with unparalleled relevance and flexibility, closely aligning with each policyholder’s changing circumstances. Consumers will enjoy transparent pricing and tailored options that reflect their unique risk profiles, often resulting in cost savings. At the same time, insurers will benefit from enhanced risk assessment, reduced fraud, and increased customer satisfaction and loyalty.
This evolution will redefine the customer-insurer relationship, making insurance a more dynamic and responsive service that adjusts to life’s changes in real-time.
Southeast Asia’s banking sector is poised for significant digital transformation. With projected Net Interest Income reaching USD 148 billion by 2024, the market is ripe for continued growth. While traditional banks still hold a dominant position, digital players are making significant inroads. To thrive in this evolving landscape, financial institutions must adapt to rising customer expectations, stringent regulations, and the imperative for resilience. This will require a seamless collaboration between technology and business teams.
To uncover how banks in Southeast Asia are navigating this complex landscape and what it takes to succeed, Ecosystm engaged in in-depth conversations with senior banking executives and technology leaders as part of our research initiatives. Here are the highlights of the discussions with leaders across the region.
#1 Achieving Hyper-Personalisation Through AI
As banks strive to deliver highly personalised financial services, AI-driven models are becoming increasingly essential. These models analyse customer behaviour to anticipate needs, predict future behaviour, and offer relevant services at the right time. AI-powered tools like chatbots and virtual assistants further enhance real-time customer support.
Hyper-personalisation, while promising, comes with its challenges – particularly around data privacy and security. To deliver deeply tailored services, banks must collect extensive customer information, which raises the question: how can they ensure this sensitive data remains protected?
AI projects require a delicate balance between innovation and regulatory compliance. Regulations often serve as the right set of guardrails within which banks can innovate. However, banks – especially those with cross-border operations – must establish internal guidelines that consider the regulatory landscape of multiple jurisdictions.
#2 Beyond AI: Other Emerging Technologies
AI isn’t the only emerging technology reshaping Southeast Asian banking. Banks are increasingly adopting technologies like Robotic Process Automation (RPA) and blockchain to boost efficiency and engagement. RPA is automating repetitive tasks, such as data entry and compliance checks, freeing up staff for higher-value work. CIMB in Malaysia reports seeing a 35-50% productivity increase thanks to RPA. Blockchain is being explored for secure, transparent transactions, especially cross-border payments. The Asian Development Bank successfully trialled blockchain for faster, safer bond settlements. While AR and VR are still emerging in banking, they offer potential for enhanced customer engagement. Banks are experimenting with immersive experiences like virtual branch visits and interactive financial education tools.
The convergence of these emerging technologies will drive innovation and meet the rising demand for seamless, secure, and personalised banking services in the digital age. This is particularly true for banks that have the foresight to future-proof their tech foundation as part of their ongoing modernisation efforts. Emerging technologies offer exciting opportunities to enhance customer engagement, but they shouldn’t be used merely as marketing gimmicks. The focus must be on delivering tangible benefits that improve customer outcomes.
#3 Greater Banking-Fintech Collaboration
The digital payments landscape in Southeast Asia is experiencing rapid growth, with a projected 10% increase between 2024-2028. Digital wallets and contactless payments are becoming the norm, and platforms like GrabPay, GoPay, and ShopeePay are dominating the market. These platforms not only offer convenience but also enhance financial inclusion by reaching underbanked populations in remote areas.
The rise of digital payments has significantly impacted traditional banks. To remain relevant in this increasingly cashless society, banks are collaborating with fintech companies to integrate digital payment solutions into their services. For instance, Indonesia’s Bank Mandiri collaborated with digital credit services provider Kredivo to provide customers with access to affordable and convenient credit options.
Partnerships between traditional banks and fintechs are essential for staying competitive in the digital age, especially in areas like digital payments, data analytics, and customer experience.
While these collaborations offer opportunities, they also pose challenges. Banks must invest in advanced fraud detection, AI monitoring, and robust authentication to secure digital payments. Once banks adopt a mindset of collaboration with innovators, they can leverage numerous innovations in the cybersecurity space to address these challenges.
#4 Agile Infrastructure for an Agile Business
While the banking industry is considered a pioneer in implementing digital technologies, its approach to cloud has been more cautious. While interest remained high, balancing security and regulatory concerns with cloud agility impacted the pace. Hybrid multi-cloud environments has accelerated banking cloud adoption.
Leveraging public and private clouds optimises IT costs, offering flexibility and scalability for changing business needs. Hybrid cloud allows resource adjustments for peak demand or cost reductions off-peak. Access to cloud-native services accelerates innovation, enabling rapid application development and improved competitiveness. As the industry adopts GenAI, it requires infrastructure capable of handling vast data, massive computing power, advanced security, and rapid scalability – all strengths of hybrid cloud.
Replicating critical applications and data across multiple locations ensures disaster recovery and business continuity. A multi-cloud strategy also helps avoid vendor lock-in, diversifies cloud providers, and reduces exposure to outages.
Hybrid cloud adoption offers benefits but also presents challenges for banks. Managing the environment is complex, needing coordination across platforms and skilled personnel. Ensuring data security and compliance across on-prem and public cloud infrastructure is demanding, requiring robust measures. Network latency and performance issues can arise, making careful design and optimisation crucial. Integrating on-prem systems with public cloud services is time-consuming and needs investment in tools and expertise.
#5 Cyber Measures to Promote Customer & Stakeholder Trust
The banking sector is undergoing rapid AI-driven digital transformation, focusing on areas like digital customer experiences, fraud detection, and risk assessment. However, this shift also increases cybersecurity risks, with the majority of banking technology leaders anticipate inevitable data breaches and outages.
Key challenges include expanding technology use, such as cloud adoption and AI integration, and employee-related vulnerabilities like phishing. Banks in Southeast Asia are investing heavily in modernising infrastructure, software, and cybersecurity.
Banks must update cybersecurity strategies to detect threats early, minimise damage, and prevent lateral movement within networks.
Employee training, clear security policies, and a culture of security consciousness are critical in preventing breaches.
Regulatory compliance remains a significant concern, but banks are encouraged to move beyond compliance checklists and adopt risk-based, intelligence-led strategies. AI will play a key role in automating compliance and enhancing Security Operations Centres (SOCs), allowing for faster threat detection and response. Ultimately, the BFSI sector must prioritise cybersecurity continuously based on risk, rather than solely on regulatory demands.
Breaking Down Barriers: The Role of Collaboration in Banking Transformation
Successful banking transformation hinges on a seamless collaboration between technology and business teams. By aligning strategies, fostering open communication, and encouraging cross-functional cooperation, banks can effectively leverage emerging technologies to drive innovation, enhance customer experience, and improve efficiency.
A prime example of the power of collaboration is the success of AI initiatives in addressing specific business challenges.
This user-centric approach ensures that technology addresses real business needs.
By fostering a culture of collaboration, banks can promote continuous learning, idea sharing, and innovation, ultimately driving successful transformation and long-term growth in the competitive digital landscape.
In the Ecosystm Predicts: Building an Agile & Resilient Organisation: Top 5 Trends in 2024, Principal Advisor Darian Bird said, “The emergence of Generative AI combined with the maturing of deepfake technology will make it possible for malicious agents to create personalised voice and video attacks.” Darian highlighted that this democratisation of phishing, facilitated by professional-sounding prose in various languages and tones, poses a significant threat to potential victims who rely on misspellings or oddly worded appeals to detect fraud. As we see more of these attacks and social engineering attempts, it is important to improve defence mechanisms and increase awareness.
Understanding Deepfake Technology
The term Deepfake is a combination of the words ‘deep learning’ and ‘fake’. Deepfakes are AI-generated media, typically in the form of images, videos, or audio recordings. These synthetic content pieces are designed to appear genuine, often leading to the manipulation of faces and voices in a highly realistic manner. Deepfake technology has gained spotlight due to its potential for creating convincing yet fraudulent content that blurs the line of reality.
Deepfake algorithms are powered by Generative Adversarial Networks (GANs) and continuously enhance synthetic content to closely resemble real data. Through iterative training on extensive datasets, these algorithms refine features such as facial expressions and voice inflections, ensuring a seamless emulation of authentic characteristics.
Deepfakes Becoming Increasingly Convincing
Hyper-realistic deepfakes, undetectable to the human eye and ear, have become a huge threat to the financial and technology sectors. Deepfake technology has become highly convincing, blurring the line between real and fake content. One of the early examples of a successful deepfake fraud was when a UK-based energy company lost USD 243k through a deepfake audio scam in 2019, where scammers mimicked the voice of their CEO to authorise an illegal fund transfer.
Deepfakes have evolved from audio simulations to highly convincing video manipulations where faces and expressions are altered in real-time, making it hard to distinguish between real and fake content. In 2022, for instance, a deepfake video of Elon Musk was used in a crypto scam that resulted in a loss of about USD 2 million for US consumers. This year, a multinational company in Hong Kong lost over USD 25 million when an employee was tricked into sending money to fraudulent accounts after a deepfake video call by what appeared to be his colleagues.
Regulatory Responses to Deepfakes
Countries worldwide are responding to the challenges posed by deepfake technology through regulations and awareness campaigns.
- Singapore’s Online Criminal Harms Act, that will come into effect in 2024, will empower authorities to order individuals and Internet service providers to remove or block criminal content, including deepfakes used for malicious purposes.
- The UAE National Programme for Artificial Intelligence released a deepfake guide to educate the public about both harmful and beneficial applications of this technology. The guide categorises fake content into shallow and deep fakes, providing methods to detect deepfakes using AI-based tools, with a focus on promoting positive uses of advanced technologies.
- The proposed EU AI Act aims to regulate them by imposing transparency requirements on creators, mandating them to disclose when content has been artificially generated or manipulated.
- South Korea passed a law in 2020 banning the distribution of harmful deepfakes. Offenders could be sentenced to up to five years in prison or fined up to USD 43k.
- In the US, states like California and Virginia have passed laws against deepfake pornography, while federal bills like the DEEP FAKES Accountability Act aim to mandate disclosure and counter malicious use, highlighting the diverse global efforts to address the multifaceted challenges of deepfake regulation.
Detecting and Protecting Against Deepfakes
Detecting deepfake becomes increasingly challenging as technology advances. Several methods are needed – sometimes in conjunction – to be able to detect a convincing deepfake. These include visual inspection that focuses on anomalies, metadata analysis to examine clues about authenticity, forensic analysis for pattern and audio examination, and machine learning that uses algorithms trained on real and fake video datasets to classify new videos.
However, identifying deepfakes requires sophisticated technology that many organisations may not have access to. This heightens the need for robust cybersecurity measures. Deepfakes have seen an increase in convincing and successful phishing – and spear phishing – attacks and cyber leaders need to double down on cyber practices.
Defences can no longer depend on spotting these attacks. It requires a multi-pronged approach which combines cyber technologies, incidence response, and user education.
Preventing access to users. By employing anti-spoofing measures organisations can safeguard their email addresses from exploitation by fraudulent actors. Simultaneously, minimising access to readily available information, particularly on websites and social media, reduces the chance of spear-phishing attempts. This includes educating employees about the implications of sharing personal information and clear digital footprint policies. Implementing email filtering mechanisms, whether at the server or device level, helps intercept suspicious emails; and the filtering rules need to be constantly evaluated using techniques such as IP filtering and attachment analysis.
Employee awareness and reporting. There are many ways that organisations can increase awareness in employees starting from regular training sessions to attack simulations. The usefulness of these sessions is often questioned as sometimes they are merely aimed at ticking off a compliance box. Security leaders should aim to make it easier for employees to recognise these attacks by familiarising them with standard processes and implementing verification measures for important email requests. This should be strengthened by a culture of reporting without any individual blame.
Securing against malware. Malware is often distributed through these attacks, making it crucial to ensure devices are well-configured and equipped with effective endpoint defences to prevent malware installation, even if users inadvertently click on suspicious links. Specific defences may include disabling macros and limiting administrator privileges to prevent accidental malware installation. Strengthening authentication and authorisation processes is also important, with measures such as multi-factor authentication, password managers, and alternative authentication methods like biometrics or smart cards. Zero trust and least privilege policies help protect organisation data and assets.
Detection and Response. A robust security logging system is crucial, either through off-the shelf monitoring tools, managed services, or dedicated teams for monitoring. What is more important is that the monitoring capabilities are regularly updated. Additionally, having a well-defined incident response can swiftly mitigate post-incident harm post-incident. This requires clear procedures for various incident types and designated personnel for executing them, such as initiating password resets or removing malware. Organisations should ensure that users are informed about reporting procedures, considering potential communication challenges in the event of device compromise.
Conclusion
The rise of deepfakes has brought forward the need for a collaborative approach. Policymakers, technology companies, and the public must work together to address the challenges posed by deepfakes. This collaboration is crucial for making better detection technologies, establishing stronger laws, and raising awareness on media literacy.
Ecosystm research reveals a stark reality: 75% of technology leaders in Financial Services anticipate data breaches.
Given the sector’s regulatory environment, data breaches carry substantial financial implications, emphasising the critical importance of giving precedence to cybersecurity. This is compelling a fresh cyber strategy focused on early threat detection and reduction of attack impact.
Read on to find out how tech leaders are building a culture of cyber-resilience, re-evaluating their cyber policies, and adopting technologies that keep them one step ahead of their adversaries.
Download ‘Cyber-Resilience in Finance: People, Policy & Technology’ as a PDF
As an industry, the tech sector tends to jump on keywords and terms – and sometimes reshapes their meaning and intention. “Sustainable” is one of those terms. Technology vendors are selling (allegedly!) “sustainable software/hardware/services/solutions” – in fact, the focus on “green” or “zero carbon” or “recycled” or “circular economy” is increasing exponentially at the moment. And that is good news – as I mentioned in my previous post, we need to significantly reduce greenhouse gas emissions if we want a future for our kids. But there is a significant disconnect between the way tech vendors use the word “sustainable” and the way it is used in boardrooms and senior management teams of their clients.
Defining Sustainability
For organisations, Sustainability is a broad business goal – in fact for many, it is the over-arching goal. A sustainable organisation operates in a way that balances economic, social, and environmental (ESG) considerations. Rather than focusing solely on profits, a sustainable organisation aims to meet the needs of the present without compromising the ability of future generations to meet their own needs.
This is what building a “Sustainable Organisation” typically involves:
Economic Sustainability. The organisation must be financially stable and operate in a manner that ensures long-term economic viability. It doesn’t just focus on short-term profits but invests in long-term growth and resilience.
Social Sustainability. This involves the organisation’s responsibility to its employees, stakeholders, and the wider community. A sustainable organisation will promote fair labour practices, invest in employee well-being, foster diversity and inclusion, and engage in ethical decision-making. It often involves community engagement and initiatives that support societal growth and well-being.
Environmental Sustainability. This facet includes the responsible use of natural resources and minimising negative impacts on the environment. A sustainable organisation seeks to reduce its carbon footprint, minimise waste, enhance energy efficiency, and often supports or initiates activities that promote environmental conservation.
Governance and Ethical Considerations. Sustainable organisations tend to have transparent and responsible governance. They follow ethical business practices, comply with laws and regulations, and foster a culture of integrity and accountability.
Security and Resilience. Sustainable organisations have the ability to thwart bad actors – and in the situation that they are breached, to recover from these breaches quickly and safely. Sustainable organisations can survive cybersecurity incidents and continue to operate when breaches occur, with the least impact.
Long-Term Focus. Sustainability often requires a long-term perspective. By looking beyond immediate gains and considering the long-term impact of decisions, a sustainable organisation can better align its strategies with broader societal goals.
Stakeholder Engagement. Understanding and addressing the needs and concerns of different stakeholders (including employees, customers, suppliers, communities, and shareholders) is key to sustainability. This includes open communication and collaboration with these groups to foster relationships based on trust and mutual benefit.
Adaptation and Innovation. The organisation is not static and recognises the need for continual improvement and adaptation. This might include innovation in products, services, or processes to meet evolving sustainability standards and societal expectations.
Alignment with the United Nations’ Sustainable Development Goals (UNSDGs). Many sustainable organisations align their strategies and operations with the UNSDGs which provide a global framework for addressing sustainability challenges.
Organisations Appreciate Precise Messaging
A sustainable organisation is one that integrates economic, social, and environmental considerations into all aspects of its operations. It goes beyond mere compliance with laws to actively pursue positive impacts on people and the planet, maintaining a balance that ensures long-term success and resilience.
These factors are all top of mind when business leaders, boards and government agencies use the word “sustainable”. Helping organisations meet their emission reduction targets is a good starting point – but it is a long way from all businesses need to become sustainable organisations.
Tech providers need to reconsider their use of the term “sustainable” – unless their solution or service is helping organisations meet all of the features outlined above. Using specific language would be favoured by most customers – telling them how the solution will help them reduce greenhouse gas emissions, meet compliance requirements for CO2 and/or waste reduction, and save money on electricity and/or management costs – these are all likely to get the sale over the line faster than a broad “sustainability” messaging will.
The ongoing Ecosystm State of ESG Study throws up some interesting data about organisations in Asia Pacific.
We see ESG more firmly entrenched in organisational strategies; organisations leading with Social and Governance initiatives that are easily integrated within their CSR policies; and supply chain partners driving change.
Download ‘Sustainable Asia Pacific: The ESG Growth Story’ as a PDF