Financial News
The Balancing Act of Financial Organizations to Compete in a Technology-Driven World
Written by: Ricardo Ferreira, EMEA Field CISO, Fortinet
Digital acceleration is impacting how we work, live, and consume services. In addition, the digital evolution of Financial Services Organizations (FSOs) raises essential questions about the future of banking. One looming concern is how FSOs will compete against fintechs, including addressing the need for innovation to improve customer experience.
Adapt to changing times
The top three strategic areas outlined in the IDC Infobrief, sponsored by Fortinet, “Accelerating Transformation Through Cybersecurity in Financial Services,” highlight the core priorities for financial institutions: Trust, Security, and Resilience. So, the question is, how can FSOs lead and win through innovation while ensuring that risks do not overwhelm a traditionally risk-averse industry?
Many FSOs have begun adopting new digital business models to help them thrive in a digital-first economy. These include prioritizing investments in key areas such as data-driven security, legacy modernization, and personalized and contextual customer experiences. But for these business models to work, they will need to rely on data, analytics, and cloud platforms.
So, when we ask, “what does success look like for the future-ready bank?” we see three major themes:
- Automation and cost reduction: Automation, managed services, and cloud platforms will enable FSOs to innovate faster. Automation allows business units to integrate with the rest of the organization, build self-service, and reduce manual labor costs, such as adopting Robotic Process Automation and artificial intelligence-powered chatbots to deal with insurance claims. In investment banking, robot advisors use machine learning-powered algorithms to help retail investors make better decisions. Thanks to cloud platforms and managed services, these new products and services are economically feasible because they shift traditional CapEx to activities that create more value.
- Customer intelligence and centricity: New platforms provide data and analytics for anticipating customer needs and hyper-personalizing the customer journey. Customer data, such as investment patterns, can guide a robot advisor to recommend portfolio choices aligned to customer preference. Similarly, natural language processing can help an AI system quickly assess a customer’s issue to redirect them to the nearest branch or get the appropriate representative involved.
- New value propositions: Open banking was a massive change for banks, helping them realize the power of APIs. Building Banking as a Service (BaaS) has allowed them to develop new services and create stronger partnerships.
But what about the customer experience?
Who is not irked when reminded of their first troubled mobile banking experience, with terrible UX and lack of integration? It’s why, when some fintechs launched their online mobile banking, it was a beacon of light in a dark room. A real-world security example that everyone might remember was the usage of biometrics for accessing online mobile banking. Big brands took a long time to adopt it, and while it might seem trivial from a UX perspective, it’s leaps and bounds towards progress.
Today, traditional brands regularly launch products that emulate offerings from nimbler fintech organizations. The lesson is clear: to gain a competitive advantage, banks must focus on creating a fast, intuitive, and seamless customer experience.
Are clouds grey in banking?
These business models require the accelerated consumption of new platforms, such as cloud computing. Financial organizations must understand they can create differentiated value and increase competitiveness by using the cloud to increase their speed of innovation and accelerate the go-to-market of new services and products.
Cloud platforms also serve as a bridge to modernize financial organization workloads. CIOs want to migrate workloads cohesively while ensuring the capabilities from their on-prem solutions are still available. Major Cloud Service Providers (CSPs) have jumped at the opportunity to integrate their environments into the same control plane.
Yes, but isn’t that risky?
Regulators have flagged the concentration risk. For example, the Bank of England has highlighted it in their stability reports. The latest Financial Conduct Authority (FCA) PS21/3 rules address third-party risk and operational resilience. And the European Union has gone a big step beyond with its Digital Operational Resilience Act (DORA).
All these activities and proposals are designed to address these concerns. The European Systemic Risk Board has flagged cyber as a systemic risk to the European financial system due to the increase in cyberattacks—especially in the financial industry, which is 300 times more likely to be the target of cyberattacks. The International Monetary Fund (IMF) emphasizes that cyber events propagate risk through the entire financial system via three broad transmission channels: risk concentration, risk contagion, and erosion of confidence.
That is why cybersecurity is a priority as part of the EU’s “Europe fit for the digital decade” policy program. Programs such as EU-HYBNET, ACCORDION, and DORA for financial services ensure Europe works as a single entity by harmonizing requirements to increase resilience and protect citizens.
What can financial organizations do about it?
To start, security needs to be woven into transformation efforts to ensure that innovation and transformation are conducted securely. For this to work, security must be included from a project’s inception, not as a bolt-on after a project and its services are launched.
What about protecting financial assets?
55% of European financial organizations already use some form of zero-trust strategy for their authorization and authentication. Zero-trust shifts the traditional paradigm from the implicit trust for users and resources inside a static, network-based perimeter to an authentication model that focuses on users, assets, and resources. Zero-trust requires authentication and authorization to be performed every time access is granted to a specific resource.
How do we address the ‘weakest link’ problem?
While people are an organization’s most critical asset, they are also the primary source of data breaches and network compromise. Organizations must be prepared for a loss of control if their workforce is not educated on cyber awareness. Some large financial organizations have created partnerships with e-learning portals and vendors to provide tailored courses using nudges and financial instruments to reskill the workforce with new technologies. Similarly, financial organizations must plan to mitigate the rampant cybersecurity skills shortage, which will impact 90% of organizations by 2025, resulting in delays in the transformational journey.
What can we do?
Digital acceleration is essential for competing in today’s financial marketplace. However, it doesn’t come without risk. First, ensure employees are trained and reskilled in the organization’s technologies. Second, share data with industry peers to learn best practices and identify potential issues. Transaction Monitoring Netherlands (TMNL) is an excellent example of transaction data sharing to mitigate Anti-Money Laundering (AML).
Finally, work with vendors and partners committed to cross-vendor openness and integration. When vendors work together across the threat landscape, the sum of their products is greater than the individual parts, deepening your level of cyber protection.
Financial
MultiBank Group and Khabib Nurmagomedov Launch an Exclusive Worldwide Multi-Billion-Dollar Joint Venture to Build the World’s First Regulated Tokenized Sports Ecosystem
Multibank Group, the financial derivatives institution, has entered into an exclusive worldwide multi-billion-dollar joint venture with global sports icon and undefeated UFC champion Khabib Nurmagomedov (29-0) to create a first-of-its-kind regulated ecosystem connecting global finance, sports and technology.
The partnership will culminate in the creation of a multi-billion-dollar joint venture, MultiBank Khabib LLC, uniting two global powerhouses: MultiBank Group, a leader in regulated financial excellence, and Khabib Nurmagomedov, undefeated in the octagon and whose influence extends far beyond sport. The company will operate from MultiBank Group’s headquarters in Dubai, building a worldwide network of high-end sports ventures and real-world digital assets. This structure fulfills the vision of MultiBank Group Founder and Chairman, Naser Taher, for an exclusive global joint venture, granting MultiBank exclusive rights to develop and promote projects under the Khabib Nurmagomedov brand name, including the development of 30 state of the art Khabib gyms, Gameplan and Eagle FC brands.
The entire venture is backed by MultiBank Group’s regulated digital ecosystem and powered by its cornerstone $MBG Token being the driving force behind its expanding portfolio of real-world-asset (RWA) technologies and initiatives.
Naser Taher, Founder and Chairman of MultiBank Group, stated: “From the UAE, we are shaping a new blueprint for the business of sport through the regulated tokenization of real-world sports assets (RWSA). Together with Khabib Nurmagomedov, and powered by our ecosystem token, $MBG, we are uniting finance and athletics into a single transparent, technology-driven ecosystem — one built on trust, innovation, and the strength of the MultiBank framework. This initiative proudly aligns with the UAE’s vision of becoming a global hub for digital asset innovation and world-class sports.”
Khabib Nurmagomedov added: “This partnership with MultiBank Group is built on shared values of strength, respect, and discipline. Together with Multibank, we are building real global opportunities that go beyond sport, empowering athletes, and fans through a regulated and innovative digital ecosystem. This is only the beginning.”
Financial
Edenred UAE strengthens market leadership with financially inclusive payroll solutions, C3Pay serving 2.5 million users
Edenred, a leading digital platform for services and specific purpose payments and the undisputed market leader in salary processing and financial inclusion for the underbanked in the UAE, continues to reinforce its leading position in payroll card solutions, value-added financial services, and compliance-first innovation under the leadership of newly appointed Managing Director Claudio Di Zanni.
As the first company authorised by the Central Bank of the UAE to process WPS salaries, Edenred UAE has long positioned financial inclusion as the foundation of its offer in UAE — ensuring that access to financial services isn’t an added benefit, but a guaranteed outcome of getting paid.
Trusted by both large enterprises and a growing base of SMEs, the backbone of the UAE economy, Edenred UAE now serves more than 15,000 corporate clients, 2.5 million cardholders, and partners with over 10 banks and 20 financial institutions. Demand has been strong in sectors such as manufacturing, construction, and facility management—where reliability and seamless execution are critical.
Edenred UAE salary cards, C3Pay, powered by RAKBANK and part of the Mastercard network, can be used globally. A key driver of Edenred’s adoption success is its unmatched expertise in on-site training at worker accommodations, which helps large enterprises efficiently onboard thousands of employees. This ensures that workers understand how to activate their cards, utilise app features, and engage with key financial tools.

Claudio Di Zanni, Managing Director, Edenred Middle East, said: “Edenred UAE has set the benchmark for payroll and financial access in the region with digital innovative solutions, great ambitions and internationally committed teams. Our ambition now is to extend that lead by deepening trust with our clients, scaling services that matter to end users, and ensuring full compliance in a fast-evolving regulatory landscape. With unmatched reach, an expanding client base, and a proven model for financial inclusion, we are ready to shape the next phase of the region’s salary card ecosystem — developing its full potential and contributing to giving workers who were previously excluded from the financial system a secure, transparent, and dignified way to manage their money.”
Edenred UAE remains the reference in payroll solutions, as it continues to scale high-impact services, deepen banking partnerships, and reinforce its role as the benchmark for secure, compliant, and ethical financial access in the UAE and beyond. With a sharpened focus on innovation and strengthened leadership, it is entering a new chapter of platform excellence as the backbone of financial access for the UAE’s workforce.
Financial
Dhruva urges UAE firms to focus on data sovereignty in e-Invoicing transition
The 2026 mandate is an opportunity for businesses to align compliance with stronger data governance standards
With the UAE’s mandatory eInvoicing framework set to launch in 2026, Dhruva urges taxpayers to move beyond data residency considerations and focus on the critical issue of data sovereignty when selecting accredited service providers (ASPs). When adopting any cloud solution, it’s crucial to take the UAE National Cloud Security Policy into consideration, which provides a comprehensive checklist for cloud customers. This policy details necessary arrangements with cloud service providers, outlines contract requirements and sets cloud security requirements and enforcement measures.Dhruva is a leading tax advisory firm specializing in VAT, corporate tax, transfer pricing, and international taxation in the Middle East.
The eInvoicing rollout, based on the OpenPeppol five-corner model, will route all business-to-business (B2B) and business-to-government (B2G) invoices through ASPs that validate, exchange, and report tax-relevant data directly to the Federal Tax Authority (FTA). This shift makes the question of where data lives and who ultimately controls it – a matter of legal, operational, and financial consequence.

Commenting on the development, Nimish Goel, Partner and Head of GCC, Dhruva Consultants, said: “Businesses cannot afford to mix data residency with sovereignty. Hosting tax data within UAE data centres is necessary, but it does not, by itself, guarantee compliance or protection. True sovereignty means that encryption keys, administrative controls, and audit logs remain fully under UAE jurisdiction and cannot be accessed by foreign authorities. For taxpayers, this distinction is not technical—it is a fundamental risk-management decision.”
Dhruva highlights that this distinction is becoming urgent for three reasons. First, the UAE has enacted a robust Federal Data Protection Law (PDPL) and sector-specific rules that demand explicit safeguards on cross-border data flows. Second, with eInvoicing deadlines approaching, taxpayers must evaluate how each provider’s hosting model aligns with UAE data hosting requirements, sovereignty and National Cloud Security Policy laws. Finally, the operational reality is that migrating data and applications between clouds is not seamless. Factors such as data gravity, proprietary platforms, and audit trail integrity make switching providers slow, risky, and expensive.
“E-invoicing will not only redefine how businesses transact with government authorities, but also how they safeguard their most sensitive tax and financial records,” Goel added. “Companies need to recognise that the choice of ASP is a long-term strategic decision. The location of the cloud operator, the jurisdiction under which they fall, and the location of their control plane and encryption keys all impact compliance and data security far more than the physical location of the server rack.”
Dhruva advises taxpayers to approach ASP selection with a structured due-diligence process aligned with the policy for cloud customers in the UAE. This policy covers key domains such as governance, data location and sovereignty, interoperability, security incident and access management, data confidentiality, architecture and infrastructure companies should ensure that all storage, backups, and logs are held within UAE borders, that operational control and key management remain in UAE jurisdiction, and that providers comply with the UAE’s Peppol interoperability standard. Audit logs should be immutable, recovery sites must be located in the country, and exit strategies need to be documented and tested, with transparency on egress costs.
“Taxpayers cannot treat this as a simple IT procurement,” Goel emphasized. “It is a compliance and sovereignty choice that will determine their risk exposure for years to come. The time to ask these questions is now—before companies find themselves locked into providers that may not meet their future regulatory and operational needs.”
-
Tech News1 year agoDenodo Bolsters Executive Team by Hiring Christophe Culine as its Chief Revenue Officer
-
VAR6 months agoMicrosoft Launches New Surface Copilot+ PCs for Business
-
Tech Interviews2 years agoNavigating the Cybersecurity Landscape in Hybrid Work Environments
-
Tech News3 months agoNothing Launches flagship Nothing Phone (3) and Headphone (1) in theme with the Iconic Museum of the Future in Dubai
-
Tech News2 years agoBrighton College Abu Dhabi and Brighton College Al Ain Donate 954 IT Devices in Support of ‘Donate Your Own Device’ Campaign
-
Editorial11 months agoCelebrating UAE National Day: A Legacy of Leadership and Technological Innovation
-
VAR1 year agoSamsung Galaxy Z Fold6 vs Google Pixel 9 Pro Fold: Clash Of The Folding Phenoms
-
Cover Story8 months agoUnifonic Leading the Future of AI-Driven Customer Engagement



