Payment Expert recently sat down with Sarah-Jayne, COO of ILIXIUM, as she analysed the evolution of AI and its potential impact on the threat of fraud during an economic downturn.
Having been responsible for providing the vision and strategy to achieve mission-critical reforms for Payen and ILIXIUM, she provided her perspective on why ‘AI can play a crucial role in enabling the payments industry to scale and grow’.
Payment Expert: Firstly, are you able to tell us more about your history in the industry and what your current role is?
Sarah-Jayne: The majority of my career has been focused on back-end technology, in relation to data, security, compliance and risk. I have worked for the NHS and tech companies, but my key area of expertise is payment-related businesses. As Chief Operating Officer at Payen and ILIXIUM, I’m focused on supporting our customer success and enabling growth.
My role is to get the right focus points across our key relationships and partnerships – specifically with a lens on compliance, best practices and ongoing relationship management. On a personal level, I’ve invested in building our reputation as a compliance-first organisation, reinforcing our credibility in the payment ecosystem in which we operate.
PE: What role do you believe AI can have when it comes to supporting growth and scaling for the industry?
SJ: I believe AI can play a crucial role in enabling the payments industry to scale and grow, as it provides the ability to automate many of the manual tasks involved in payments processing, as well as the capability to analyse data at scale. In terms of automation of manual roles, activity such as fraud detection, customer onboarding and reconciliation could all be done via AI.
This then frees up human resources to focus on more strategic tasks, such as customer service and product development. There is also a lot of hype around the impact AI could have on improving fraud detection as using AI allows for the analysis of large amounts of data, and helps to identify patterns of fraudulent data at mass scale. This can help to reduce fraud losses and improve customer confidence in the payments ecosystem.
AI is also already being used to help make payments more secure, through the use of biometrics, and if this was rolled out on a larger scale throughout the industry, it has the capacity to prevent fraud and protect customer data, thus improving the security of the industry as a whole.
I also see AI assisting growth and scale in the payments industry through its ability to scale its infrastructure to meet the growing demands. For example, AI, ML and technology can be used to optimise routing of payments and manage risk in real-time. This is something that we utilise at Payen and ILIXIUM to better serve our customers and reduce the risk of card declines when overseas payments are being made.
PE: What do you believe are the next steps for the growth of AI into the mainstream?
SJ: From a payment’s perspective, I think there is still a lot of work to be done to gain consumer confidence in AI. There is still something ‘unknown’ about AI and its uses and therefore, I think there is work needed to ensure trust and buy-in before it is adopted on a large scale, especially in the finance industry that has to adhere to a lot of regulations.
There is also the resistance that comes with the threat of AI taking over people’s jobs, so I think the industry needs to work out where they can redeploy some of the manual jobs that AI could take on, in order to use those human resources more effectively and in turn, get people to buy into the way in which AI can support.
When it comes to their money, people don’t want to talk to a robot when something goes wrong, so there will always be the need for human interaction and resources. I think to best utilise AI, there needs to be a focus on working with it to improve things, rather than it being seen as a replacement. There will always be a need for human touch engagement.
Measurement will also be a key factor in the success of AI deployment as businesses will be more likely to adopt these technologies as mainstream, if they can monitor where positive impact is being made. In turn, as AI becomes more powerful, it is also important to develop regulations to ensure that it is used responsibly.
Financial institutions should be transparent about how they use AI, including the data that is used to train AI models and the algorithms that are used to make decisions. This will help to ensure that consumers and regulators can understand how AI is being used and to identify any potential risks.
The European Union has adopted a number of regulations that govern the use of AI in the financial industry, including the General Data Protection Regulation (GDPR), which protects the privacy of personal data, and the Artificial Intelligence Act, which sets out principles for the development and use of AI. However, compliance and regulations will need to continually evolve as AI becomes more advanced, in order for it to be widely adopted and trusted.
PE: Can you tell us more about why compliance must be considered across the software lifecycle when it comes to implementing cybersecurity solutions?
SJ: It can be a very costly mistake if compliance is not factored in across the entire software lifecycle, as if a business builds a solution that is then torn apart at the end stage as being non-compliant, it would mean spending more time and resources going back and fixing it. Having compliance at the forefront of any software lifecycle can help to prevent any money or time being spent on builds that might have to be scrapped at a later date.
Cybersecurity is also an ongoing process that requires continuous monitoring and improvements; therefore, compliance must be considered across the software lifecycle when it comes to implementing cybersecurity solutions, to ensure it is embedded at every stage.
In the planning phase, organisations can conduct a risk assessment to identify the cybersecurity risks associated with their software development process. This assessment should identify any assets that are at risk, the threats that could pose a risk, and the vulnerabilities that could be exploited by those threats.
Next, organisations can incorporate security into the design of their software by using secure coding practices and implementing security controls, then use testing to check the software for security vulnerabilities as they develop it out, for example through penetration testing, vulnerability scanning, and code reviews. In the deployment phase, organisations can deploy the software in a secure manner by configuring the software with secure settings and protecting it from unauthorised access.
However, even once deployed it’s crucial that organisations remain vigilant and continue to monitor the software for security vulnerabilities and patch any that are found, to ensure they remain compliant. They should also regularly review their security policies and procedures to ensure that they are still effective and compliant. Ensuring that you are compliant across all these stages is essential to avoid risk to users and to avoid getting fined by regulatory bodies.
PE: Additionally, why is compliance so crucial in the midst of an economic downturn?
SJ: During an economic downturn, organisations may be more likely to cut corners in compliance to help save some money. However, this can lead to serious consequences that actually end up costing the business more in damages. If you cut corners on compliance, you can open yourself up to a wealth of issues, from data breaches that will damage your reputation and result in financial losses, through to occurring regulatory fines and penalties.
There is also the increased risk of fraud that comes during times of economic instability, be it internally or externally, as people behave differently when under financial duress. This makes it even more important that you have the correct protection in place to prevent non-compliance and fraud.
