Greetings, fellow privacy professionals.
The convergence of the financial services industry and technology has given birth to a buzzword referred to as “fintech.” There are many different subindustries within fintech, where some companies and initiatives are more “fin” than tech, and some companies are more “tech” than fin. Whatever the case, we are seeing a birth of a new ecosystem filled with myriad products and services with game-changing practical implications across all facets of the economy. However, with the rapid pace of development and deployment, we have seen quite a few fintech payment services experiencing data breaches due to a lack of strong security controls in place.
Fintech is a hot topic in Asia-Pacific right now, and especially in Hong Kong, with nontraditional banking enterprises being granted virtual banking licenses. Almost a year ago, HSBC Hong Kong was criticized for their relaxed security standards for end-user access to their mobile banking services through their PayMe application. It seems the issues are still persistent in the region, as Australian banks have notified clients of a PayID data breach stemming from “client-side technical issues.” Similarly, payment gateway app Get, a popular ticketing and merchandise payment facilitator for students in Australia, revealed a breach that exposed the records of approximately 50,000 students.
These breaches have caught the eyes of regulators from Australia, Singapore, Hong Kong and more, where there have been regional developments from Singapore’s Data Protection Trustmark and the Guide to Accountability under the Personal Data Protection Act promoting awareness and engaging in open dialogue toward improving the ecosystem. One such event is the Fintech Application of Personal Data (Privacy) Ordinance and Best Practices for Fintech Firms seminar in Hong Kong, co-organized by the Office of the Privacy Commissioner for Personal Data, FinTech Association of Hong Kong and Asia Securities Industry & Financial Markets Association, where Commissioner Stephen Wong will share his insights.
On the academic front, universities in Hong Kong are also working hard to nurture the next generation of fintech talent and fill the excess demand needed to support a thriving fintech ecosystem. At Hong Kong Baptist University, School of Business, the IAPP has official content in the Master of Science (FinTech and Financial Analytics) program and will have a specific program track covering cybersecurity and data privacy. This is the first program of its kind in Asia to collaborate with the IAPP, with the goal of embedding a privacy-by-design, privacy-by-default mindset for all program graduates. The Hong Kong Polytechnic University School of Accounting and Finance has started their master program, and I was honored to be invited alongside other industry experts and leaders to reinforce our collective commitment to contribute our individual areas of expertise. Both programs will have speakers from Hong Kong and the Greater Bay Area to share industry insights and help ensure that the respective programs stay industry ready, especially in data privacy and security.
If you are in Hong Kong and would like to be part of the discussion, look out for Hong Kong FinTech week, Access Hong Kong to discuss Identity Management and Access Control and The 5th Cloud Forum where you will get expert commentary and sharing on data privacy and security matters.
I look forward to sharing more developments in this space in the next IAPP APAC Digest!
Keep safe, keep secure.
If you want to comment on this post, you need to login.