Artificial intelligence plays a crucial part in supplying fraudsters with new tools and supplying cybersecurity defense strategies as it keeps bringing cutting-edge solutions to the fintech and financial services industries.

Due to their dual nature, fintech businesses must act quickly to keep up with cybersecurity innovations and fend off hackers who are armed with technology.

In this interview, we discuss what cybersecurity professionals need to do to keep their companies at the forefront of cyber defense innovation with Richard Grint, Managing Director of Alvarez & Marsal's Disputes and Investigations in London, and Phil Beckett, Managing Director and Leader of the firm's EMEA Disputes and Investigations practice.

Staying at the bleeding edge of cybersecurity innovation

According to Phil, the current state of cybersecurity is an ongoing arms race between attackers and defenders to determine who can obtain the upper hand.

"To make sure they are the best able to protect both their customers and their business, fintechs must stay up to date on the most recent challenges and available solutions," he adds.

"To see how things are going, one simply needs to look at how 'well' deepfakes have evolved over the last few years. Never mind how GenAI will affect the realistic and high-caliber of these strikes.

While financial institutions should continue to prioritize cybersecurity, Phil reminds us that there is currently "no silver bullet" to address the problem of fraudsters.

"To ensure that practices, procedures, and technologies are implemented to improve protection, it is a case of improving awareness, research, and knowledge," he says.

"Training and awareness are among the most frequently disregarded aspects of this, as they can be important controls in assisting in risk mitigation."

Training & Awareness: Important for both business and consumers

Not only do companies need to be mindful of the dangers that fraudsters represent, but fintechs and FIs also need to prioritize and enroll customers who have received inadequate education.

Richard continues, saying that in the past, client education was disregarded in conventional frameworks for fraud management.

"In recent years, there has been a shift in awareness among financial institutions regarding the importance of educational initiatives as a preventive fraud control measure, especially when customized for their customer base. This is due to the emergence of new fraud typologies, particularly more sophisticated APP fraud."

Consumers might not be aware of the extent of fraud in some situations, such as when it occurs beyond the KYC step, which is happening increasingly frequently.

"KYC remains a critical component of any counter fraud approach, but it's only one component of the lifecycle," according to Richard.

He goes on, "Firms need to make sure they have strong authentication controls, proper transactional controls—both preventative and detective—the capacity to conduct relevant investigations, and a functional recoveries department.

"A company will lag behind the de facto market standard if any of these elements aren't functioning well, which will make them and their clients easy targets."

Blockchain: Creating safe, immutable transaction ledgers

In order to guarantee that cybersecurity activities are scaled, which sectors of FIs are prioritised? A lot more people are realizing how blockchain and distributed ledger technology (DLT) might assist prevent fraud by keeping precise, irrefutable records.

Phil states: "DLTs and blockchains are really potent and helpful technologies that occasionally receive a poor rap because everyone equates them with cryptocurrencies and the risks that go along with them.

Nonetheless, because the underlying technology is dispersed and cannot be attacked at a single place, it is highly helpful for keeping factual data. Consequently, businesses are utilizing them for precisely this purpose.

Phil sums up by saying that other controls must be incorporated with blockchain and DLT technologies.

"DLT and blockchain are not panaceas; although they are effective at reducing certain risks, they offer no defense whatsoever against others. As a result, use and implementation must be integrated into a comprehensive control framework intended to reduce the main risks that the company confronts.