The better the question. The better the answer. The better the world works. У вас есть вопрос? У нас есть ответ. Решая сложные задачи бизнеса, мы улучшаем мир. У вас є запитання? У нас є відповідь. Вирішуючи складні завдання бізнесу, ми змінюємо світ на краще. Meilleure la question, meilleure la réponse. Pour un monde meilleur. 問題越好。答案越好。商業世界越美好。 问题越好。答案越好。商业世界越美好。

How Canadian banks can use cybersecurity in the pursuit of greater customer experience

(As originally published on LinkedIn, 10 October 2018)

The landscape for Canadian retail banks is shifting. Branch networks are shrinking and banks are on the hunt for innovative ways to add value to client relationships in the absence of face-to-face interactions. As the switch to digital platforms increases, banks need to look at how to build meaningful connections through mobile applications and digital tools. The big challenge is how to accelerate adoption, while overcoming the technological hesitance posed by some customers. If banks can’t build trust, how will they flourish in the digital era?

That’s where cybersecurity comes in. Bringing together the right project teams, while making investments in appropriate cyber resources, can play a vital role in increasing customer trust and ultimately the customer experience you provide. In doing so, there are some things to consider.

Keep customer information safe

Banks are aware they are one of the most at-risk industries facing cyber-related threats. To maintain their brand reputation requires the right protective and mitigative measures to build resiliency and prevent cyber threats from becoming reality.

Protecting customer information is top priority. If the customer doesn’t feel like their information is protected, why would they give it to you? To win and maintain the trust of customers, banks have to demonstrate dedication to preserving confidentiality and maintaining the integrity of data.

Funding cybersecurity can also create return on investment. Consider a call centre for example; a cyber strategy that mitigates account fraud and theft would reduce the call load and impact on time, loss provisions and resourcing costs. The customer is satisfied that their information is safe, while the burden on the service team is limited.

Avoid the creepiness factor

With a vast amount of personal data already digitized, consumers are becoming more aware of what information is available about them – and how businesses are using it. Imagine sharing an image of your new house on social media, and your bank reaching out about home insurance products? It’s not far-fetched. Taking privacy and cybersecurity beyond compliance can mean shifting strategy from creepy to cool.

The EY Can compliance help you compete? report outlines a few innovative data strategy options to consider, such as real-time consent, user managed access and digital personas.

Intertwine digital and security

We’ve seen that new technologies can bring a new layer of risks, so it’s important that banks focus on cybersecurity while they innovate. As disruption pushes the need for speed to get new products and services to market, accelerated timelines can sometimes override attention to protection – according to the EY Global banking outlook 2018survey.

That’s why digital and security teams need to be intertwined from the get-go. Security has traditionally been viewed as the hurdle to jump at the end of a project – which needs to stop. Cybersecurity is everyone’s responsibility. The security team should be seen as an enabler to innovation, and integrated into all facets of a project. Incorporating security into the design will be cheaper if done right from the start, rather than slowing the project or fixing issues afterwards.

Stay two steps ahead of new regulation

Banks need to understand broad trends and regulations that will impact how cyber risk governance needs to evolve. Growing cyber threats are pushing regulators around the world to hold organizations more accountable for cybersecurity, through tougher regulation and enhanced supervisory expectations.

The European Union’s General Data Protection Regulation (GDPR) is probably the most wide-reaching example of recent data protection laws. While in Canada, mandatory breach notification regulations (PIPEDA) are set to come this November and will require organizations to provide certain notifications of a breach.

In anticipation of new requirements, Canadian banks should be updating their breach strategy and response plans. Staying compliant and transparent with customers will aid in building greater customer trust and awareness.

Going above and beyond to build resiliency to protect customer information from potential threats is the key to building trust – and greater trust equals greater customer engagement.

At the end of the day, entities that maintain the greatest client trust will be able to gather the greatest amount of data. If you’ve proven to the customer that you’re resilient against cyber threats, they are more likely to use your product or service, giving you greater access to data to make strategic business decisions for a better customer experience.

How is your organization using cybersecurity to build a greater customer experience? Read more insights at


Thomas Davies

Thomas Davies

Associate Partner


+1 416 943 2013