The chairman of HSBC has pledged to improve cyber-security at the bank to raise confidence in its ability to look after customer data.
Douglas Flint, group chairman of HSBC Holdings Plc, the parent company of HSBC Bank, gave the undertaking in his chairman's statement in the company's 2015 interim results, published this week (PDF).
Flint said that technology is rapidly changing the face of banking, allowing the storage and analysis of almost unlimited data, a development that creates both benefits and risks.
A security flaw left the details of an undisclosed number of customers of HSBC Finance Corporation in America exposed to hackers early this year, highlighting the risks that banks are facing. Data that was left exposed included names, account numbers, social security numbers and old account information.
Flint painted a picture of myriad advantages for consumers and society resulting from the bank's ability to crunch big data. “Better use of data will allow more accurate knowledge about the customer to be built, leading to improved customer segmentation and therefore less risk of mis-selling in the future. The same data, together with transaction monitoring, will enhance our ability to identify bad actors within the system, so reducing financial crime. A lower cost of delivery will flow through to lower intermediation costs for customers and allow banking services to reach communities currently under-served,” he said.
However, he conceded that the data revolution was not without risks. “The nature, scale and pace of change do, however, pose a number of public policy questions still under review as well as highlighting new risks to financial stability that need to be addressed,” he said. “The sheer scale of data to be collected and stored demands clarity over responsibility for data security and transparency over who has access to that data and for what purpose.”
In a reference to new online-only banking operations which are competing with the larger banks, with their hefty investment in retail outlets, he remarked: “Customers need to understand the value of their data so that they can assess the bargain that is being offered by non-traditional providers in return for their financial footprint. Customers also need to know in a disaggregated service model to whom they should complain if a transaction goes awry.”
In the end, it comes down to investment in security. “Finally, ever larger digital databases of financial credentials and transaction data will need best-in-class protection from cyber crime,” he said. “This will require even greater co-operation between the industry and public sector law enforcement and intelligence services than exists today.”HSBC has budgeted US$1 billion (£600 million) for IT over the next two years to streamline operations and enable it to reduce the size of its retail banking operation by 20 percent.