Tag: Banks

Securing the Financial Frontier: Safeguarding Fintech APIs in the Era of Innovation

On By mehranmuslimiblogIn UncategorizedLeave a comment

In the dynamic realm of fintech, Application Programming Interfaces (APIs) serve as the backbone, enabling seamless communication and data exchange between diverse financial systems. From facilitating transactions to enhancing user experiences, APIs play a pivotal role in the interconnected world of modern finance. However, as the prevalence of APIs continues to rise, so does the risk of security threats. In this article, we delve into the significance of APIs in fintech, the surge in API attacks, and crucial strategies to fortify the security of these essential tools.

The Power of APIs in Finance:

Ever wondered how your wallet app effortlessly retrieves money from your bank account or how your credit card gains approval during an online shopping spree? APIs hold the answer. Acting as bridges between different software systems, APIs facilitate communication and data exchange. For example, a personal finance app can leverage an Open Banking API to connect with a customer’s bank, allowing it to check balances and perform various financial operations.

The API Explosion in Banking:

Research indicates a significant surge in the adoption of public APIs by banks. According to McKinsey, 75% of the top 100 global banks had made public APIs available in 2022. This demonstrates a remarkable increase, considering that only 22% had established their API platforms in 2021, with an additional 39% in progress. The shift towards API adoption suggests a growing recognition of the benefits they bring to the financial landscape.

Types of Banking APIs:

  1. Partner APIs: Designed for specific third-party companies to address common challenges collaboratively.
  2. Private APIs: Developed within banking institutions to enhance their operational efficiency and services.
  3. Open Banking APIs: Increasingly prevalent, these APIs enable banks to share data with third-party companies, fostering a more interconnected financial ecosystem.

How Fintech Benefits from Banking APIs:

  1. Cost Reduction: APIs streamline development, enabling the creation of multiple products and services with reduced costs compared to building from scratch.
  2. Regulatory Compliance: APIs assist in adhering to regulations such as GDPR and PSD2 by providing controlled access to data, ensuring privacy and security.
  3. Enhanced Customer Experience: APIs improve customer experiences by enabling the delivery of high-quality features in a timely manner, making financial services more affordable.

The Dark Side: API Security Challenges:

Despite the myriad benefits, the rise of API attacks poses a substantial threat. The Q1 2023 State of API Security by Salt Security reported a staggering 400% increase in API attacks. Various attack types include Denial-of-Service (DoS), SQL injection, XML External Entity (XXE) attacks, Cross-site Scripting (XSS), Brute force attacks, Cross-site Request Forgery (CSRF), and Man-in-the-middle (MITM) attacks.

Protecting Fintech Against API Attacks:

  1. Eliminate Business Logic Vulnerabilities: Identify and rectify business logic flaws, which are a common avenue for cybercriminals to exploit and gain unauthorized access.
  2. Use Strong Authentication and Authorization: Implement robust authentication and authorization mechanisms, such as multi-factor authentication, to secure access to APIs.
  3. Segregate Data: Break up data into different entities to prevent easy access and theft by potential attackers.
  4. Enforce TLS/SSL for API Communications: Encrypt API traffic with SSL to ensure that all data transmitted remains confidential, even if intercepted.
  5. Invest in Employee Security Awareness: Educate employees on identifying API attacks and foster a cybersecurity-aware culture within the organization.
  6. Have a Tested Contingency Plan: Prepare for potential API attacks with a well-defined and tested contingency plan to mitigate damage promptly.

As fintech continues to thrive, the security of APIs becomes paramount. Financial organizations must recognize the potential threats, adopt robust security measures, and prioritize ongoing education and preparedness. API security is not only a safeguard but also a facilitator and differentiator of innovation in the ever-evolving landscape of fintech. By embracing these strategies, the financial frontier can remain secure, ensuring a resilient foundation for the future of financial technology.

Did you like this post? Do you have any feedback? Do you have some topics you’d like me to write about? Do you have any ideas on how I could make this better? I’d love your feedback!

Feel free to reach out to me on Twitter!

Are we Staring at a FED-instigated credit crunch?

On By mehranmuslimiblogIn UncategorizedLeave a comment

A credit crunch occurs when banks significantly reduce their lending to individuals and businesses, resulting in less economic growth because people are unable to borrow as much. Typically, banks reduce their lending when central banks raise interest rates. This is because banks borrow money based on short-term interest rates set by the central bank and lend out money based on longer-term interest rates determined by the free market. When long-term interest rates are high, banks make more profit. The larger the difference between short-term and long-term interest rates, the greater the bank’s profit. Consequently, a decrease in lending leads to an economic contraction, potentially causing a recession. It is worth noting that the yield curve inversion has been deepening since 2022.

The Federal Reserve (Fed) plays a crucial role in influencing banks and financial institutions. Its monetary policies can be stringent, which has a ripple effect on banks and financial bodies. Recently, the Fed raised interest rates, making loans more expensive. The Federal Reserve justified this action due to high inflation concerns.

Despite the Fed increasing interest rates, banks have continued to lend to individuals and businesses even though these loans are not profitable for them. Market participants are forward-looking and anticipate that the Federal Reserve will soon start lowering interest rates in response to the situation. The expectation is that lower short-term interest rates will turn the loans recently made by banks back into profitable ventures. However, this assumption depends on individuals not withdrawing their funds from their accounts due to perceived solvency problems. Banks rely on money from depositors to provide loans, and if all depositors simultaneously attempt to withdraw their money, it can lead to a bank collapse, as seen in the case of Silicon Valley Bank.

Prior to the pandemic, US banks were required to maintain 10% of funds, but since March 2020, the balance has been zero. Furthermore, banks have also suffered from a decline in asset value due to rising interest rates, leaving them with insufficient funds to sustain withdrawals. These factors contribute to the emergence of a banking crisis.

Effects of banking crisis

People are moving money from small and medium banks into big banks. This is because big banks are perceived to be too big to fail and have a guarantee of the federal reserve.

People have started scrutinizing the balance sheets of their banks. Any bank that comes across as weak has seen its stock sell off.

People with lots of money have started moving it into Investments that earn a higher interest rate than their savings accounts. This includes various forms of U.S government debt and money market funds which invest in U.S government debt.

The reason why the interest rates on savings accounts remain so low at most banks is because raising these interest rates would eat into their profits.

When the Federal Reserve System started raising the interest rates, big banks reported losing 500 billion dollars in deposits since the start of 2023. FED data suggests that total bank deposits have fallen by more than a trillion dollars since last year. Just a week after the first bank collapsed, the deposits in the money market fund increased by $120 billion.

Small banks stand at a higher risk as they are competing with deposits made to Treasury bonds and money market funds, which at the moment give more returns.Small and medium-sized banks and small and medium-sized businesses are the ones that are going to feel the credit crunch the most.

Credit crisis

A credit crisis happens when banks don’t trust the safe collateral they’re using for loans.

If small and medium-sized banks reduce their lending to small and medium-sized businesses, then they will have a harder time finding new clients and could lose existing ones. This would lower customer deposits, which would reduce lending even more causing yet more deposit flight. Small and medium-sized banks would have to sell their assets leading to a credit crisis.

Both credit crunch and credit crisis are affected by the high interest rates set by FED. If inflation comes down fast then the FED will lower interest rates and there will be no credit crunch or credit crisis if inflation stays high however then we will see a credit crunch in the second half of the year.

The current situation reflects elements of a potential FED-instigated credit crunch, with banks reducing lending, individuals moving funds to larger banks, and small businesses facing the highest risk. The outcome will depend on the Federal Reserve’s response to inflation and whether interest rates are lowered.

Did you like this post? Do you have any feedback? Do you have some topics you’d like me to write about? Do you have any ideas on how I could make this better? I’d love your feedback!

Feel free to reach out to me on Twitter!

Are we heading to a bank crisis in the US?

On By mehranmuslimiblogIn UncategorizedLeave a comment

The fall of the Silicon Valley Bank came as a surprise to many. The Silicon Valley Bank is a 40-year-old bank in California that most venture-backed startups use. At its insolvency, it had about $209 billion in assets and was the 16th largest bank in the United States.

SVB is strong in the startup scene, and there are claims that it banked at least half of the US’s venture-backed startups.

They lured startups by offering attractive loans in return for these startups, using them as an exclusive bank. They had strong relationships with founders and VCs and offered them incentives such as attractive mortgage deals.

As is the policy, every bank must be insured. SVB was FDIC insured, but FDIC insurance only protects accounts that hold up to $250K. This did not work well for SVB as over 85% of the accounts had over $250K.

SVB faced massive growth as there was a spike in the number of deposits from 61 billion at the end of 2019 to 189 billion at the end of 2021. The increase in liquidity is due to fundraising avenues and different activities such as IPOs, venture capital investments, acquisitions, etc. That means SVB had many assets they needed to generate a return on. To generate a return while still investing in relatively safe assets, they decided to buy longer-dated securities such as treasury bonds and mortgage-backed securities. Unfortunately, this buying took place when rates were near record lows. By the end of 2022, SVB had over $120 billion in these securities versus only $74 billion in loans.

When the FED increased interest rates, it affected the VC landscape last year. There was less funding going to startups as the VC’s found it better to invest in bonds and government securities. This made deposits going to SVB decrease. This began a crisis as SVB had invested in long-term assets. SVB did not have interest rate hedges or proper risk management. Losses started piling up, and at the end of 2022, SVB had marked market losses on those securities over $15 billion, almost equivalent to its entire equity base of $16.2B. That means that if depositors want their money back, they will not have money.

They decided to compensate by making a share sale. When the news of the share sale went out, the stocks plunged. VCs then advised their companies to withdraw their funds from SVB. The startups and founders were in a scramble to withdraw funds.

Effect on Crypto

SVB collapse impacted Circle as Circle used them to bank the USDC stablecoin. UDSC is a fiat-backed stablecoin with an equivalent to the dollar. There were fears that it would fall off the hook. Circle announced that it has 3 billion out of its 40 billion reserves, about 8% of the amount.

A bank run?

There were fears that the SVB situation would lead to a bank run, as many banks have similar structures. There are many losses from fixed-income securities, which would affect their liquidity. For fear of a bank run, many started pulling funds from their accounts as no one was sure how fragile the US banking system was. The FDIC covers only 1.3% of their deposits, while the banking system has a total of $22 trillion. That means there were high chances of a bank run.

There are up to 65000 startups affected by SVB. If they cannot access funds, it may halt their operations, such as payrolls, making employees quit.

Unfortunately, bank runs do not discriminate on who the account holders are, and it may affect up to regional banks.

Increased interest rates have affected liquidity, leading to losses in bank balance sheets.

What does the future hold?

To rescue the situation, the FDIC and FED revealed working on a fund that will backstop deposits. The treasury Federal Reserve and the FDIC announced that they would be backstopping all the deposits at SVB so that customers could access their funds. This restored banking confidence and also helped Circle to recover. That was a brilliant move by the US government as there would be a wide-scale banking crisis.

The SVB crisis indicates that the fractional Reserve banking system is structurally unstable.

Did you like this post? Do you have any feedback? Do you have some topics you’d like me to write about? Do you have any ideas on how I could make this better? I’d love your feedback!

Feel free to reach out to me on Twitter!

Can Banks Steal your Money? The rise of bank bail-ins.

On By mehranmuslimiblogIn UncategorizedLeave a comment

The financial crisis in 2008 was a game-changer in the financial industry. The housing bubble’s collapse led to bankruptcy, which affected even Wallstreet.

The U.S. treasury came in to rescue wall street by giving over 200 billion dollars in loans to hundreds of financial institutions. Even though it was a good amount, it was insufficient as it accounted for only about 30% of the total cost of bailing out the entire Financial system, which is estimated to be 700 billion dollars. Wall Street speculation was to blame though only one person went to jail, Kareem Sarah. The SEC allegedly destroyed the evidence given as part of the investigation. The bank bailouts are why Satoshi Nakamoto created bitcoin.

Financial crisis solution – Bail-ins

Politicians had a plan for new regulations. An example is the Dodd-Frank Act.

According to the Dodd-Frank Act, derivatives claims come first in the event of a financial collapse. That means that in the event of a financial crisis, derivatives debt owed by big banks will be paid off before anything else. The difference is that these debts won’t be paid off by bailouts but by bail-ins.

A bailout is when a big bank receives money from someone else to pay back its debts, while a bail-in is when a big bank uses its clients’ money to pay back its debts. It means the bank will use your deposits in accounts or money you lent it to pay debts.

Dodd-Frank Act opened the door to allowing big Banks to use their client funds to bail in themselves in a financial crisis.

The people in power had been working on alternatives to bailouts since 2008. The urgency to develop an alternative to bailouts increased after the financial crisis started to affect Europe.

In mid-2012, the IMF published a paper advocating bail-ins as the ideal alternative to bailouts. It, however, needed a ground to test out the bail-ins.

Cyprus – the testing ground

Cyprus was one of the European countries hit the hardest by the financial crisis. By the end of 2012, Cyprus was desperate for a bailout. In early 2013, the IMF and the European Union bailed Cyprus for 10 billion euros. The IMF gave Cyprus multiple conditions; one was for Cyprus’s largest bank to execute the first-ever bail-in. Almost 50 percent of all bank account balances worth more than one hundred thousand Euros were seized.

The United States was the first to legalize bail-ins in 2010. The Dodd-Frank Act pushed the U.K. to follow suit in 2013. With the financial services act, the E.U. legalized bail-ins in 2016.

Bank Bail-in laws tend to vary from country to country. Although the laws may differ, they follow the same three rules, likely because of their Collective Conformity with the FSB. The three rules are:

  1. Bank bail-ins are only allowed for banks that are deemed to be domestically or globally important.

This rule pertains to those with the most assets under management. The FSB publishes a list of globally important banks every year. There are currently 30 globally systemically important banks, with JP Morgan being noted as the highest risk.

  • Bank bail-ins do not apply to bank balances below the deposit Insurance threshold.

In the U.S., the FDIC covers 250 000 deposits. In the U.K., the FSCS covers 85 000 pounds, and in the E.U., it’s 100 000 Euros with various insurers involved. Insurance funds in the U.S. and Europe are woefully underfunded, particularly when we factor in derivative claims.

Insurers don’t have enough money to cover all Bank deposits. In the case of the FDIC, its 2021 annual report suggests that it only has around 120 billion dollars in its Insurance Fund, which is low compared to the 19 trillion dollars of Bank deposits in the U.S.

  • The third rule of bank bail-ins states that you will be given some alternative asset in exchange for your lost deposits. Alternative assets are typically shares in the bank that you bailed out.

Even though bail-ins may be a good solution for banks and financial institutions, they may be inconvenient to end users. For instance, you could temporarily lose access to your funds during a bank bail-in. Banks could put limits on their hours of operations, payments, transfers, and limits on cash withdrawals until the bail-in process is complete.

Did you like this post? Do you have any feedback? Do you have some topics you’d like me to write about? Do you have any ideas on how I could make this better? I’d love your feedback!

Feel free to reach out to me on Twitter!