BSI releases suite of best practice standards to help UK businesses

BSI, in its role as the UK National Standards Body, has made a suite of risk and business continuity standards publicly available to help British businesses navigate the challenges they face as a result of the Novel Coronavirus (COVID-19) pandemic.

The standards provide organizations with access to best practice guidance and the collective wisdom of experts on how to approach, manage and overcome some of the difficulties that thousands are facing up and down the country. The standards suite of information and guidance being made publicly available spans themes including security and resilience, supply chain continuity and crisis management.

BSI is also working with the Emergency Planning College (EPC) – part of the Cabinet Office Civil Contingencies Secretariat – to deliver best practices and expert guidance to the complimentary standards through a series of webinars, ensuring that organizations are able to learn from experts and implement the standards, as easily as possible.

Scott Steedman, Director of Standards at BSI, said: “COVID-19 has heightened awareness of the importance of being prepared, business continuity and crisis management. BSI standards contain this expert guidance and we are putting it in the hands of those who need to apply it, ensuring that industry can access easily the guidance and expertise that will help them right now. We hope that sharing these standards at no cost will help SMEs and organisations across the UK weather the economic crisis that they are facing.”

The suite of eleven risk and business continuity standards are:

1. BS EN ISO 22301 Security and resilience — Business continuity management systems — Requirements

The standard specifies requirements to implement, maintain and improve a management system to protect against, reduce the likelihood of the occurrence of, prepare for, respond to and recover from disruptions when they arise.

2. BS ISO 31000 Risk management — Guidelines

The standard provides guidelines on managing risk faced by organizations. It provides a common approach to managing any type of risk and is not industry or sector specific.

3. PD ISO/TS 22330 Guidelines for people aspects of business continuity

The standard gives guidelines for the planning and development of policies, strategies and procedures for the preparation and management of people affected by an incident.

4. PD ISO/TS 22318 Guidelines for supply chain continuity

The standard gives guidance on methods for understanding and extending the principles of Business Continuity Management embodied in ISO 22301 and ISO 22313 to the management of supplier relationships.

5. BS EN ISO 22313 Security and resilience. Business continuity management systems. Guidance on the use of ISO 22301

The standard gives guidance and recommendations for applying the requirements of the business continuity management system given in ISO 22301.

6. PD CEN/TS 17091 Crisis management: Building a strategic capability

The standard provides guidance on good practice for crisis management to help the strategic decision makers of an organization to plan, implement, establish, operate, monitor, review, maintain and continually improve a crisis management capability.

7. ISO 22316 Security and resilience. Organizational resilience. Principles and attributes

The standard provides guidance to enhance organizational resilience for any size or type of organization.

8. BS ISO 22320 Security and resilience. Emergency management. Guidelines for incident management

The standard gives guidelines for incident management, including principles that communicate the value and explain the purpose of incident management. It also covers the basic components of incident management including process and structure, which focus on roles and responsibilities, tasks and management of resources, and working together through joint direction and cooperation.

9. BS ISO 22395 Security and resilience. Community resilience. Guidelines for supporting vulnerable persons in an emergency

The standard gives guidelines for organizations to identify, involve, communicate with and support individuals who are the most vulnerable to natural and human-induced (both intentional and unintentional) emergencies. It also includes guidelines for continually improving the provision of support to vulnerable persons in an emergency.

10. BS ISO 22319 Guidelines for planning the involvement of spontaneous volunteers

The standard provides guidelines for planning the involvement of spontaneous volunteers in incident response and recovery. It is intended to help organizations to establish a plan to consider whether, how and when volunteers can provide relief to a coordinated response and recovery for all identified hazards. It helps identify issues to ensure the plan is risk-based and can be shown to prioritize the safety of the volunteers, the public they seek to assist and incident response staff.

11. BS 31100 Code of Practice for risk management

The standard gives recommendations for implementing the principles and guidelines in BS ISO 31000:2009, including the risk management framework and process. It provides a basis for understanding, developing, implementing and maintaining proportionate and effective risk management throughout an organization, in order to enhance the organization’s likelihood of achieving its objectives.

How social distancing is affecting the retail sector

Today’s ONS retail sales data shows that February was a tough month for UK retailers even before the Covid-19 shutdown in March forced all non-essential stores to close. High street retailers were feeling the impact of continued bad weather, and when compared with February 2019, it reflected the lowest year-on-year growth rate for seven years, at negative 1.6%.

A few retailers said the impact of Covid-19 had affected sales of goods shipped from China – but the full impact of the outbreak will be shown in the March figures. The situation for non-essential retailers has been greatly exacerbated by social distancing and the current shutdown, with many high street stories seeing sales plunge. Some have closed their stores for the time being, with Apple, Selfridges and Ikea just a few of the big names that are limiting activity to online-only, as discretionary spend has plummeted.

Interestingly, today’s figures highlight that just before the outbreak, textile, clothing and footwear were up on the previous three months, whilst food stores were slightly down. This has all been turned around by Covid-19, with food and grocery stores a experiencing a huge boom in sales as consumers look to stock up on non-perishables, over-the-counter medicine and household essentials, whilst food delivery has exploded.

Average supermarket spend up 16%

Recent statistics showed that the average spend per trip in supermarkets is up 16% to £22.13*, with this largely being attributed to ‘accidental stockpilers’ – or the fact that people are buying a few extra items each shop, not necessarily buying lots of the same item.

Internet sales increased by 5% in February 2020, when compared with February 2019 –a trend we expect will be reflected heavily in the statistics for March. It’s likely that online shopping will see further increases in certain areas as the public observe the government’s instructions to stay at home. Toys, electrical goods, gaming and even furniture are all expected to benefit, along with delivery and logistics companies.

The government has offered various means of support as businesses adapt and adjust – including a ‘Coronavirus job retention scheme’, business interruption loans, deferred tax payments, and a 12-month business rates holiday for all retail, hospitality and leisure businesses in England. These will be a major support for retailers at this critical time. However, they also need to think about the longer-term and start adapting their models if appropriate.

Scams on the rise with a quarter of consumers targeted

For many in the e-commerce world, social distancing may have inadvertently boosted business but will also have exposed them to greater risk. Fraudsters are exploiting the sudden demand, with a surge in online scams, whilst businesses’ manual lines of defence are impacted by staff working from home. Our own research has shown that more than one in five (22.4%) UK consumers believe they have been targeted by fraudsters, with almost a quarter of those (5.3%) succumbing to the scams.

Businesses need to be doing all they can to protect themselves and their customers from fraud and there are tools available to help them do that without impeding the customer journey. Our guide to tackling fraud in e-commerce gives retailers some helpful tips.

By Ryan Kemp, director of retail at TransUnion in the UK

Tech companies come together to fund fully-integrated CRM system – free for all UK brokers

Members of the Financial Services Tech Task Force initiative have come together to fund a free CRM system for brokers to use during the Covid-19 outbreak.

Available to all UK mortgage advisers at no cost, the offering comprises the recently launched eKeeper Lite CRM, integrated with Uinsure General Insurance and Optimus’ dynamic conveyancing panel management. These integrations build upon eKeeper’s existing client and case management, case notes, and document storage, allowing brokers to structure their client base and service through Uinsure and Optimus.

David Bennett, Commercial Director of the eKeeper Group, stated that, “eKeeper recognises that brokers need a centralised cloud-based solution to help run their businesses during these extraordinary times. Through the FS Tech Task Force scheme, the eKeeper Lite CRM system, which only launched this week, can now be extended for the duration of the Corona virus outbreak, with integrations that add demonstrable value to brokers, enabling them to service clients, even during these more challenging times.”

Uinsure’s Chief Innovation Officer, David Smith, who is providing General Insurance sourcing into eKeeper Lite, comments “Since FS Tech Task Force launched last week it’s amazing how many firms have sought help with all manner of things, from MS Teams to VOIP systems for home working. Brokerages have always adapted and evolved their businesses to meet the challenges of the market. During the Credit Crunch, protection became a lifesaver for many brokers and it will again as UK consumers, now more than ever, are looking for advice and reassurance. Through eKeeper Lite, there is now a simplified route for advisers to demonstrate that service and value, which we are proud to be funding.”

Finally, Alan Young, Managing Director of Optimus, said “Bringing together best of breed products under one banner to help brokers during the outbreak is something we’re extremely keen to assist with. Too often, there is talk about how technology can enable brokers; now we’ve made this a reality where, under one platform, brokers can easily manage, quote, apply and instruct, freeing up valuable time to concentrate on supporting their client base efficiently.”

The recently launched Financial Services Tech Task Force initiative, which has brought together tech companies to support intermediaries during the Covid-19 outbreak, is providing free training on a variety of tools to help advisers.

New report on the business/economic impact of coronavirus in the UK

Dun & Bradstreet – the world’s largest business information company – has published its country insight report into the United Kingdom, which looks at the adverse effects of the coronavirus on the country’s business environment.

Dun & Bradstreet has downgraded the UK’s country risk rating by two quartiles to DB3b (a new all-time low) as the coronavirus pandemic continues to adversely impact opportunities for both traders and investors. Markus Kuger, Chief Economist at commercial data and analytics firm, Dun & Bradstreet, explains how the pandemic has drastically reduced demand in every sector and why the UK is likely to enter into a recession as a result: “Dun & Bradstreet has downgraded its country risk rating for the UK to an all-time low (Rating DB3b) in response to the adverse impact of the coronavirus pandemic on opportunities for both traders and investors. We have also adjusted the UK market environment outlook from ‘Green’ to ‘Amber’ following the lockdown measures implemented by the government, aimed at reducing the spread of the virus.

“While the measures implemented by the Prime Minister on the 23rd March have been introduced to slow the spread and minimise humanitarian damage, the economic impact of the lockdown is set to be significant. The coronavirus outbreak has drastically reduced demand in almost every sector – as well as posing supply chain risks – and threatens to lead to a considerable rise in both business failures and unemployment figures. Large parts of the economy, including hospitality, leisure, entertainment, retail (except supermarkets) and transport are now closed, while other sectors – such as manufacturing – are impacted by resourcing challenges.

“The measures implemented by the UK government to counterbalance some of the negative effects are unprecedented. But while grants, loans, loan guarantees, salary support and deferred VAT payments are aimed at reducing the economic damage, they will also lead to a significant rise in the fiscal deficit. We have therefore revised our 2020 deficit forecast to 6.5% of GDP, almost double the initial prediction.

“Considering all factors, we are also lowering our real GDP growth forecast for 2020 from 0.8% to -2.5%. While a recovery in the second half of 2020 and in 2021 seems likely, the rate of recovery will largely depend on the success of the global containment efforts. Either way, we believe the UK will almost certainly enter a technical recession in Q2 2020, and real GDP growth for the year as a whole will be the weakest since the global financial crisis when the economy contracted by 4.2% in 2009.”

Aire opens up insight service to help lenders keep pace with financial uncertainty

Aire, the credit insight service, today announced that it is offering free access to its range of real-time credit information services for a period of three months, to help lenders identify and engage with struggling consumers during the unfolding Coronavirus crisis.

With much of the country’s workforce impacted by the government’s latest measures to curb the virus, Aire estimates that the number of people in the UK missing one or more credit payments could increase from around 700,000 last year to over 2 million in 2020.

Gathered directly from the consumer, Aire provides lenders with a real-time understanding of their customers to assess them with greater accuracy. Insights include: job stability, as well as changes to income and household savings levels.

Aire enables lenders to mitigate the risk of credit delinquency, while taking into account the Government’s evolving support and expectations across the credit ecosystem. Unlike traditional credit or Open Banking data that relies on accumulated historical information, Aire provides lenders with real-time insight highlighting the immediate financial situation of their customers during this uncertainty.

To accelerate delivery, Aire’s light-touch deployment means the service can be delivered using a secure file-transfer process. Aire will also support a hosted SMS and email service, enabling lenders to proactively contact customers showing signs of financial stress.

Aneesh Varma, Founder and CEO at Aire, comments: “We’re seeing an unprecedented level of change in the market for consumers right now. Lenders are understandably stretched and struggling to build accurate pictures of their customers in real-time. Aire is here to help – providing lenders with an easier, digital method of engagement they can use at scale. We’re connecting lenders to their customers quicker, and backing this up with operational assistance to make this process painless for lenders and consumers alike.”

UK’s tech industry will hold strong in the coming months

The UK’s tech industry – the fastest growing sector in the UK – will maintain resilience despite the Covid-19 outbreak, according to new analysis from global recruiter Robert Walters.

In Q1 of this year, permanent job vacancies in the tech sector increased by +32.56%, and contract tech roles increased by +48.27% – when compared with the same period last year (JobFeed data).

Ahsan Iqbal, Director of Technology at Robert Walters comments on the findings: “At the moment, the tech sector has experienced a spike in demand and so – unlike other industries such as aerospace – no immediate impact has been felt regarding hiring freezes.”

Tech job vacancies are up (compared to the same period last year) in Manchester (+44.33%), Birmingham (+27.29%), Milton Keynes (+26.95%), and in London (+16.60%) (JobFeed data).

Of the new professional job roles created at the beginning of this week in the capital London (w/c 23 March), 25% of these were tech-related (Vacancy Soft data).

Projects going strong

Following the government’s postponement to the new off-payroll rules (IR35), Robert Walters experienced a spike in interest from firms seeking contractors – in particular for business-focussed or critical roles within tech.

Ahsan adds: “As digital infrastructure becomes the focal point for many internal business discussions, we do not anticipate a cancellation or slowdown in tech projects.

“In fact, there will be a revised focus on firms’ digital offering, with particular attention on improving e-comms channels through better CRM systems, upgraded website capabilities, improved security and enhanced accessibility and use of data.”

Of the new tech-related contract roles created in the last four weeks in the UK, a fifth (18%) of these were for programmers, and 13% was for consultants & specialists, and support staff.

Ahsan comments: “As pressure mounts in the coming weeks and months on IT departments to help support remote working capabilities as well as business continuity plans, firms will look to strengthen their team with contract staff who have prior experience of in-house systems and a provide a strong sense of being able to ‘hit the ground running.”

According to the Robert Walters Contractor Pay Guide, competition will increase for traditional areas including developers, data, security and cloud professionals – pushing contract rates up as much as 25-30%.

Areas of opportunity

Whilst Robert Walters analysts state that it is too early to report on any impact to hiring and long-term recruitment impact, it has been able to highlight industries that are already leading the way in the tech-sphere.

Ahsan states: “The UK was already pioneering work within healthtech and edtech, and now more than ever this will be put to the test. In addition, technology that underpins remote working – such as cloud computing, business apps, mobile tools, unified communications, project management tools, and video conferencing – will be no doubt be rapidly hiring as demand for their tools increase.

“Retailers who didn’t invest in e-commerce will be going through a difficult period right now, and will have to assess whether they have the resources to be able to enhance this for future, competitive purposes. Of the tech roles advertised in the last four weeks, 13% of these were in trade or retail.

“Other areas of opportunity will be in insurtech, supply chain and agritech – as after health these are some of the industries experiencing the highest level of demand.”

Well prepared

Ahsan Iqbal comments on how the tech sector is able to respond amid current upheaval: “The tech community is largely global – with different skillsets being used in different locations – and so professionals in the sector are quite used to using remote communication solutions in order to stay connected with their team or counterparts in other countries.

“Because of time differences, flexi-hours has always been a part of the IT culture and it is not unheard of to work 3 or 4 days a week if timings have been carefully considered to complete projects.

“In addition, video interviews and remote onboarding is not something that is new to tech professionals – especially contractors who often work away from the team – and so there will be little adjustment during this period.”

FS firms warned of cyber risks of homeworking as new figures show attacks are on the rise

Financial services firms are being warned of the cybersecurity risks of homeworking as new government figures show the number of businesses suffering breaches or attacks is on the rise again after falling for two years in a row.

The Cyber Security Breaches Survey 2020 shows that almost half of businesses (46%) had suffered incidents in the past 12 months – up from 32% the previous year – and of these, around a third (32%) were experiencing incidents at least once a week. The average cost of an incident to companies is now £3,230.

According to a leading cyber expert, the number of incidents is likely to rise still further due to the sudden increase in homeworking, posing particular risks for financial services firms. Tim Thurlings of bluedog Security Monitoring says: “These figures show that cybersecurity is an ongoing problem for businesses at the best of times. While many companies are accustomed to having some staff working remotely, the sudden switch to homeworking will have tested their contingency plans and it is clear that many are not fully prepared. Obviously firms have been doing their utmost to maintain services to customers but they now need to address any compliance issues.”

Tim outlines a number of key challenges:

  • Use of personal devices – the latest figures show that in over half of businesses (53%), staff regularly use their own laptops or other devices. This is ongoing challenge for companies which cannot be sure they are updated and secure. Tim says: “Staff bringing their own devices to work is one thing, but it is even more risky if they are using them outside the office environment as companies have even less control.”
  • Use of home internet – many companies are ‘whitelisting’ employees’ home IP address to allow them to access company systems from their home internet connection, instead of using a VPN (virtual private networks) connection which is much safer. “This means that every device connected to the network – such as the family’s mobile phones and iPads – could potentially access company data,” says Tim.
  • Photos on social media – exchanging pictures of their new workplace on social media may help keep up morale, but it can also give away valuable clues to hackers. “Home photos can provide a lot of information about the workstations, devices and operating systems people are using, giving cybercriminals valuable clues about the best ways to break in.”
  • Video conferencing – the rise in the use of systems such as Microsoft Teams and Zoom creates a number of potential problems. Even where systems are secure, there it raises privacy issues about operators’ use of data.

The latest Cyber Security Breaches Survey, which is produced by the Department for Digital, Culture, Media & Sport, shows that the nature of attacks has changed since 2017, with more businesses experiencing phishing attacks (86%), and fewer viruses or other malware (16%). They also reveal that while 88% of businesses have malware protection in place and 83% use firewalls, only 38% use cybersecurity monitoring.

Bluedog, which provides remote monitoring services, recently launched a virtual Office365 monitoring service as a low-cost way for firms to monitor threats from remote workers. Tim adds: “The figures demonstrate that traditional security measures such as firewalls and malware protection are no longer enough to stop the attackers. The majority of attacks now involve ‘social engineering’ – persuading employees to open an email or download an app. People are the weakest link, and the rise in homeworking will only exacerbate this problem.

“Companies need to take their security to the next level with 24-monitoring services, which will detect threats entering or already inside the network. This will ensure that any problems are identified and contained as quickly as possible with minimal impact on the business.”

Landbay becomes a Tech Nation’s Future Fifty company

Landbay has become one of the only mortgage lenders to ever make it into Tech Nation’s Future Fifty index of the UK’s most successful tech companies. It places Landbay firmly as one of the leading FinTech companies in the UK.

Tech Nation is the growth platform for top tech companies and their leaders. The Future Fifty programme enables a select number of the UK’s leading digital firms to come together and ‘become a UK powerhouse in the global tech economy’.

It means that Landbay will now have direct access to government through sessions with key officials and exclusive ministerial round tables. They will also take part in masterclass workshops led by global experts.

Tech Nation says that it “fuels the growth of game-changing founders, leaders and scaling companies so they can positively transform societies and economies”.

Landbay is planning to use its time as part of the Future Fifty to build on its firm foundations to grow further and become one of the leading buy-to-let lenders in the country. In the past 12 months Landbay has reached over a hundred employees, while it has past more than £0.5bn in lending. Landbay has ambitions not only to increase buy-to-let lending however but to change the way that lending is carried out. It uses cutting edge technology to streamline the lending process while also providing a bespoke, flexible service and a personal interaction with brokers.

Despite the challenging times that we now find ourselves in Landbay is on a very firm footing. As a technology driven company, Landbay has some of the most advanced systems in place. Therefore, it has been able to enable all of its staff to work from home while maintaining its service standards and service level agreements so they are as fast and effective as they ever were. Brokers can continue to access the BDMs and underwriting teams in the same way that they always could.

John Goodall, CEO of Landbay, said, “Becoming a Future Fifty company is a huge achievement and one that we are justifiably proud of. Being part of the Future Fifty can be a game changer and we intend to make the most of its growth programmes, its resources and the ministerial access it provides. We don’t only want to maximise the growth of Landbay, but to help change the shape of the whole buy-to-let industry providing brokers and borrowers with a vision of what lending could and should look like.”

Harnessing analytics in the fight against fraud

In the past, the fight against fraud has been a bit hit-and-miss. It has relied on auditors to identify patterns of behaviour that just didn’t quite fit. They often only detected problems months after the event. And then organisations had to claw back stolen funds through legal processes.

In a world where transactions happen in under a second, however, this is no longer acceptable. We need to be able to detect fraud immediately, if not before it happens. Customers want safe and protected data that is not vulnerable to identity theft through company systems. But they still want to be able to pay online and in seconds. The stakes are high, but fortunately new tools and techniques in fraud analytics are enabling companies to stay ahead of fraud.

Trusting machines to do the work

Machines are much better than humans at processing large data sets. They are able to examine large numbers of transactions and recognise thousands of fraud patterns instead of the few captured by creating rules. On the other hand, fraudsters have become adept at finding loopholes. Whatever rules you set, it is likely that they will be able to get ahead of them. But what if your system was able to think for itself, at least to a certain extent?

New approaches to fraud prevention combine rules-based systems with machine learning and artificial intelligence-based fraud detection systems. These hybrid systems are able to detect and recognise thousands of fraud patterns and learn from the data. Automated analytical-based fraud detection systems can reveal novel fraud patterns and identify organised crime more consistently, efficiently and quickly. This makes them a good investment for businesses across a wide range of sectors, including public sector, insurance, banking, and even healthcare or telecommunications.

How, though, can you harness analytics as a tool in your fight against fraud?

Identifying needs and solutions

The first step is to identify which options you need. Probably the best way to do this is through a series of company-wide workshops with the fraud analytics experts to determine what analytics you need, which data to include and techniques to use, and what results to report. They can also identify the ideal combination of rules-based and AI/ML approaches to detect fraud as early as possible.

Companies looking towards advanced analytics for fraud detection will need to make a number of decisions. They will need to optimise existing scenario threshold tuning, explore big data, develop and interpret machine learning models for fraud, discover relevant information in text data, and prioritise and auto-route alerts. There may be industry-specific decisions to make, too, such as automating damage analysis through image recognition in the insurance sector. By automating these areas, companies can both significantly reduce human effort – reducing costs – and improve their fraud detection and prevention.

Benefits of an analytical approach to fraud detection and prevention

Companies that are already using an analytical approach for fraud prevention have reported several important benefits. First, the quality of referrals for further investigation is better. Investigators also have a much clearer idea of why the referral has been made, which improves the efficiency of investigation. Analytics also improves investigation efficiency by reducing the number of both false positives (that is, alerts that turn out not to be fraud) and false negatives (failure to spot actual frauds). This improves customer experience and reduces risk to the company.

Analytics makes it possible to uncover complex or organised fraud that rules-based systems would miss. Companies can group together customers and accounts with similar behaviors, and then set risk-based thresholds appropriate for each scenario.

There are several sector-specific benefits too. For example, insurance firms can identify fraudulent claims faster to prevent improper payments from going out. Claims investigation is likely to be more consistent because claims are scored through technology, algorithms and analytics, rather than by people. Finally, it becomes possible to shorten the claims process through automated damage analysis. It is no wonder that organizations across a wide range of sectors are placing analytics at the heart of their anti-fraud strategy.

By Anna Lykourina, EMEA Fraud Analytics Expert at SAS

Commenting on the FTSE100 rising to its highest level for nearly two weeks

Commenting on the FTSE100 rising to its highest level since Friday 13th March, Mike Owens, Global Sales Trader at Saxo Markets, said: “A mixture of factors playing into the strong move higher that we’ve seen on the FTSE and for global equity markets more generally. Firstly, the agreement from the US Senate on a $2 trillion Coronavirus stimulus package which the market sees as a key needed support and secondly, equities were looking extremely oversold at their levels on Monday evening which justified a bounce technically. Lastly, investors seem to be dusting themselves off and taking the opportunity to pick up stocks at beaten up prices as the most heavily sold off companies gain the most.”