Introduction
As the financial industry becomes more reliant on technology and data, Digital Sovereignty has become increasingly important for Financial Services CEOs. It’s a topic that has many layers, ranging from industry regulation and government policy to rapidly changing geo-political conditions, to consumer data protection and business risk management. Underpinning all of this is the need for modern, innovative technology capabilities that can keep up with the fluid digital landscape. This is a lot for financial services CEOs to think about.
In this three-part blog series, we will attempt to cover the three important digital sovereignty trends firstly discussing how geo-political events and increasing regulations are impacting sovereignty. Secondly, we’ll delve into the impact of cyber-attacks and the increasing data volumes, and finally, we’ll create an approach to leverage digital sovereignty principles.
What is Digital Sovereignty?
The World Economic Forum in the paper What is digital sovereignty and why is Europe so interested in it?, 1 describes Digital Sovereignty as “…the ability to have control over your own digital destiny – the data, hardware, and software that you rely on and create.”
Add people, process, and consumption models into the pot, and we have a recipe for cloud chaos. A simplified approach separates Digital Sovereignty into technology sovereignty, operational sovereignty, and data sovereignty. Technology sovereignty concerns are specifically where “Proprietary technology can lead to technological lock-ins and silos that threaten digital sovereignty,” 2. Operational sovereignty is concerned with transparency into the people and process aspects of the services being consumed. Finally, data sovereignty concerns are in relation to ownership, access, traceability, and residency.
The aforementioned concerns are increasing due to geo-political events, evolving data privacy regulation, increasing cyber-attacks, and threats to data confidentiality.
1. Geo-political Events and Digital Sovereignty
In 2022, there were several geo-political events that occurred including February 24th when Russia invaded Ukraine 3 and the incremental escalation of U.S.- China strategic competition4, which on top of the pandemic accelerated global fragmentation. Economies are now focusing on self-reliance, reducing vulnerabilities, and decoupling supply chains. CHIPS and the Science Act 5 are prime examples of how countries are executing these strategies. Following this we have the political risk in emerging markets, including the North Korea conflict, EU fragmentation, and so on.
Geo-political Events and the Financial Services Industry
The Financial Times published a leading article titled ‘Weaponisation of finance: how the west unleashed ‘shock and awe’ on Russia’6 and The Economist published an article titled ‘How new sanctions could cripple Russia’s economy’ The brutal logic behind measures targeting the central bank.7 The economic sanctions were adopted by the G7 and followed by other countries, however, the financial sanctions adopted signaled a break from the past by involving central banks in monetary and financial warfare.8
The financial sanctions are: (European Commission 2022)9
Select Russian banks are removed from the SWIFT messaging system. Ensuring that these banks are disconnected from the international financial system will harm their ability to operate globally.
Impose restrictive measures that will prevent the Russian Central Bank from deploying its international reserves in ways that undermine the impact of our sanctions.
Act against the people and entities who facilitate the war in Ukraine and the harmful activities of the Russian government. Specifically, we commit to taking measures to limit the sale of citizenship so-called golden passports—that let wealthy Russians connected to the Russian government become citizens of our countries and gain access to our financial systems.
The U.S. and China strategic competition is driving global fragmentation, countries are boosting self-reliance, reducing vulnerabilities, and divorcing their tech sectors. Currently considering controls on other technologies like ‘Quantum Computing’ and Artificial Intelligence, as well as a method to review investments in China. Additionally, the U.S. has legislated the CHIPS and Science Act aimed at boosting competitiveness in critical technologies.
The speed and impact of these events are accelerating and expanding due to globalisation and interconnectedness making digital sovereignty increasingly important. Financial services CEOs are revisiting their digital resilience strategies in view of the growing importance of digital sovereignty.
Key Takeaway: The Financial Services Industry should expect policymakers to prioritise the self-reliance and stability of the financial ecosystem within their nation. Digital resilience strategies, therefore, should prioritise ensuring no lock-in and evaluate the feasibility of backout/exit plans.
2. Evolving Data regulations
The factors discussed in the previous section are contributing to a substantial increase in the number of regulations, not limited to personal data, but extending to finance data like banking, credit reporting, financial, payment, tax, insurance, and accounting data.
“The number of data-localization measures in force around the world has more than doubled in four years. In 2017, 35 countries implemented 67 such barriers. Now, 62 countries have imposed 144 restrictions—and dozens more are under consideration.”10.
This rapid increase in regulations has the potential to significantly impact the cost base of financial services institutions that do not have a robust data strategy. Financial Services CEOs need to consider the growing cost of regulatory compliance and the increasing penalties for breaching these regulations in the country and region.
Data Regulations and the Financial Services Industry
As countries and jurisdictions continue to do business, there will be a growing need for data to flow easily to support all aspects of the business. One such key data transfer in the financial sector is cross-border payments. While the Financial Services Industry continues to strive toward digital transformation, data, and compliance are central to the growth and stability of national financial ecosystems. Most of the justifications and subsequent regulations stem from the prime objective of the regulators needing to protect the financial ecosystem and the public.
The diverging paths taken by different countries and jurisdictions are making cooperation and interoperability harder. The data regulations being passed and adopted are being applied to data based on type (Korea – financial services, China – industry verticals, Philippines – banking, and Australia – medical data) and classification (government-based protected, secret, and top-secret, Financial Services – highly protected, customer and personal, confidential, NIST – low impact, moderate impact, and high impact). On the other hand, policymakers are being accused of harbouring secret agendas of protectionism, national security, greater control over the internet, or some combination of these.11
Future policies must be agile and risk and outcome-based, as domestic regulators and international cooperation will never keep pace with the rate of innovation. New technologies may also achieve better outcomes and compliance than sanctions-based models.12.
CEOs in general and Financial Services CEOs do not have the luxury of certainty and will be required to make decisions based upon the constantly changing world of geopolitics and rapidly evolving regulatory landscape. The recent increase in generative AI and its regulation13 and the recent failure of Silicon Valley Bank and Signature Bank14 could lead to these factors having a far greater impact on the financial services businesses than previously envisioned.
Key Takeaway: The Financial Services Industry should expect data regulations to evolve at a faster pace, as national and international regulators get to grips with innovation and new technology. Digital Resilience strategies, therefore, should prioritise flexibility with all data decisions. The ability to adhere to regulatory requirements with minimal impact on operations and reporting, and reducing the expensive impact of noncompliance will be key.
Coming soon. Part 2. Digital Sovereignty: Why Financial Services CEOs must act now?
References
1. What is digital sovereignty and why is Europe so interested in it?, March 2021
2. Development Co-operation Report 2021: Shaping a Just Digital Transformation – Ch 26
3. February 24, 2022, Russia-Ukraine – CNN
4. US-China strategic competition unchecked is headed for disaster 7th Nov 2022 (East Asia Forum)
5. Whitehouse Fact Sheet: CHIPS and Science Act – Aug 09, 2022, & H.R.4346 – Chips and Science Act Bill PL no:117-167
7. How new sanctions could cripple Russia’s economy (The Economist 27th Feb 2022)
9. Joint Statement on further restrictive economic measures – European Commission 26th Feb 2022
12. WEF_Paths_Towards_Free_and_Trusted_Data _Flows_2020.pdf (weforum.org)
13. AI Regulation is coming – HBR.org Sept-Oct 2021
14. Bank Failures in Brief – 2023 – Federal Deposit Insurance Corporation – fdic.gov
The post <strong>Digital Sovereignty: A Critical Consideration for CEOs in the Financial Services Industry</strong> appeared first on VMware Industry Solutions.
VMware Industry Solutions
Leave A Comment
You must be logged in to post a comment