Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
AI agent executes end-to-end ransomware attack via development platfor...
ICAC Commissioner attends first IAACA European regional anti-corruptio...
Research: Asian enterprises advancing AI without resilience strategies...
Penta Security Sets the Benchmark for Web Application Security, Earnin...
India bank domain registry exposed sensitive data in security lapse: e...
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      S E Asia governments targeted by cyber-espionage group

      S E Asia governments targeted by cyber-espionage group

      Tuesday, June 23, 2026, 8:00 AM Asia/Singapore | Features
    • Featured

      Rethinking network and infrastructure design for resilience

      Rethinking network and infrastructure design for resilience

      Thursday, June 18, 2026, 2:17 PM Asia/Singapore | Features
    • Featured

      Bringing cybercriminals to justice in APAC

      Bringing cybercriminals to justice in APAC

      Thursday, June 11, 2026, 10:30 AM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • AWARDS 2026
  • Directory
  • E-Learning

Select Page

Features

Cyber risk, fraud, and CX: Why banks can’t treat them separately anymore

By Victor Ng | Wednesday, May 20, 2026, 9:34 AM Asia/Singapore

Cyber risk, fraud, and CX: Why banks can’t treat them separately anymore

In the digital economy, cybersecurity and customer experience are two sides of the same cyber-risk coin…

At SAS Innovate 2026, Stu Bradley, Senior Vice President of Risk, Fraud and Compliance Solutions, SAS, spoke substantially onstage and with customers about AI in banking and finance.

After the event, I caught up with him for more insights and answers about cyber risk, fraud, customer experience (CX) and AI:

What do you see trending in the banking and finance sector, and what is driving these trends?

Stu Bradley
Senior Vice President of Risk, Fraud and Compliance Solutions, SAS

Bradley: Now that the industry has largely cleared the digital access hurdle, it is increasingly centered on decision quality. That’s a fundamentally different challenge from digital transformation alone.

In Southeast Asia, for example, more than 60% of payments are now digital. All ASEAN-10 markets have introduced national QR payment systems, and eight have already enabled cross-border QR interoperability. This level of adoption has raised the bar considerably. Customers across the region now expect financial services to be immediate, embedded and secure, thereby placing institutions under considerable pressure to deliver on all three simultaneously.

In practice, this means banks are racing to meet rising customer expectations for real-time, seamless digital experiences—from onboarding to payments to credit decisions, and across a wide range of customer journeys. That’s a tall order, particularly as most banks are still building the data and governance foundations required to support AI-powered decisioning at scale. As a result, we are seeing enterprise decisioning initiatives lead major IT rationalisation efforts within financial services, eliminating siloed infrastructure to enhance experience while reducing duplicative costs.

As it pertains to AI’s role in decisioning, SAS’ recent research with IDC found that only 11% of banks have achieved an ideal state of AI maturity, balancing trust in AI with demonstrably trustworthy AI systems. Nearly half fall into what IDC calls the “trust dilemma” – that is, either relying on AI systems that have not been fully validated or underutilizing proven AI they do not sufficiently trust. In Asia Pacific, findings show that only 4.9% of banks have reached a transformative stage.

Those tensions are driving a lot of the technology modernization we’re seeing today. BCG estimates that technology now accounts for more than 10% of bank revenues on average, with global bank IT spending projected to grow at a compound annual rate of roughly 9%.

Of course, investment alone doesn’t guarantee returns. As we saw in recent years, the generative AI hype cycle led to countless AI pilots that were never deployed. The reason is straightforward: business cases often required a GenAI label to secure budget approval, pushing it into use cases for which it was not well suited. CFOs were left asking, “Where is the ROI?” In many cases, there was none. This is particularly concerning given that the industry is now amid a similar agentic AI hype cycle.

The institutions pulling ahead are those that recognized early that governance is not a constraint on innovation but a catalyst. The proof is in the data: our research with IDC revealed that organizations with strong AI governance were 60% more likely to report double or greater returns on their AI initiatives.

In the world of digital payments and digital banking, cyber risk and fraud have been on the rise. What is SAS’ perspective on this growing concern?

Bradley: The concern is legitimate. Digital banking has created enormous convenience, but it has also reshaped the economics of fraud. Transactions move in real time, financial ecosystems are increasingly interconnected, and threat actors can create and scale new schemes more quickly than ever, from wherever.

SAS’ recent fraud research with the Association of Certified Fraud Examiners (ACFE) found that three-quarters of anti-fraud professionals have seen an increase in deepfake social engineering and AI-charged consumer scams over the past two years – and 55% anticipate a significant acceleration in such threats in the future.

What is more concerning is that cybercriminals are often better resourced and less constrained than the institutions defending against them. Just 7% of surveyed fraud professionals said their organizations are more than moderately prepared to combat these AI-enabled threats.

Organized criminal groups have substantial technology budgets and are not bound by the principles of trustworthy innovation, nor do they face regulatory constraints on how quickly they can act. Financial institutions, by contrast, face tightening regulatory scrutiny even as fraud typologies continue to evolve and accelerate. The industry’s response cannot be to layer additional point solutions onto already fragmented infrastructure. Banks cannot build an effective fraud defense by asking, “What’s next?” They must instead build an architecture that is agile enough to respond to whatever comes next.

Should fraud, risk and customer experience be treated as separate domains, or should they be merged and handled as an integrated business concern?

Bradley: They should be integrated, without question. In fact, I would push back slightly on the framing, as it understates the issue. Treating these as separate domains is not just suboptimal – a siloed approach actively creates risk.

Customers do not experience their bank as a collection of functions but as a single institution. When a legitimate payment gets declined, that is not just a risk and decisioning failure, it is a customer experience failure. When fraud slips through, the reputational damage and costs land on the whole institution, not just the fraud team. When an AI-driven credit decision cannot be explained to a regulator, that’s a governance problem with simultaneous customer and compliance implications.

The conventional model of viewing technology through the lens of an organizational chart – fraud in one area, credit risk in another, compliance operating separately, and marketing doing its own thing – is outdated. Different teams make different decisions about the same customer, using different data, on different platforms, without a shared understanding of the customer relationship. This inevitably leads to IT sprawl and a fragmented customer view.

Leading institutions are instead moving towards an enterprise customer decisioning model, built on a common AI-powered architecture that supports the full customer lifecycle. Risk, fraud, compliance and sanctions, and marketing decisions all operate on shared infrastructure, using shared data to inform a unified view of the customer.

This model not only reduces IT complexity and cost, but also enables fundamentally better decision-making. A customer who appears to be a credit risk may also exhibit behavioral signals relevant to fraud. A compliance flag may have implications for customer experience. When these functions are siloed, that context is lost entirely.

The business case is compelling. Institutions adopting this model respond faster to emerging threats, deliver stronger customer experiences, and rationalise the technology sprawl that has slowed them down for years. Those that fail to modernise their decisioning landscape will ultimately face customer churn and, in time, irrelevance.

How does AI come into the equation?

Bradley: AI has a critical role to play, particularly in helping banks operate at the speed and scale that modern financial services now require. The biggest opportunity I see is using AI to connect data across what have historically been siloed functions: fraud signals informing credit decisions, behavioral patterns surfacing compliance risks, real-time transaction data shaping the customer experience in the moment.

AI is the enabler that makes integrated decisioning work at scale – but only when deployed with the right discipline and with the right guardrails, supporting trustworthy decisions. Financial services is a highly regulated industry, and strong governance, trusted data, explainability and human oversight will remain essential.

In terms of use cases, AI delivers the most value when it augments human decision-making rather than replacing it. For instance, up to 80% of an AML investigator’s time is spent collecting and organizing information. Using AI to automate this data aggregation frees up time for higher-value investigative work that requires human judgement.

The key is aligning the right AI capability with the desired business outcome. This is what separates transformative programmes from costly experiments. Banks should adopt a portfolio approach to AI rather than defaulting to whichever technology is attracting the most attention.

Generative AI, for example, is well suited to automating high-volume, labor-intensive tasks – such as summarization, data preparation and narrative generation, as in the AML example. However, it is not a universal solution. Traditional machine learning has a proven, decades-long track record in areas such as fraud detection and credit scoring.

It is also worth noting that many banks begin with automation. However, our research with IDC found that organizations focusing solely on productivity and efficiency use cases are leaving significant value untapped. Cost-saving initiatives delivered the lowest ROI of any AI objective – $1.54 per dollar invested – compared to $1.83 for customer experience improvements and $1.74 for market expansion efforts.

That is not to suggest that efficiency-focused use cases are inherently the wrong starting point. Structured correctly, early efficiency wins can build data readiness and foster governance maturity and organizational confidence. However, banks should be careful not to view productivity gains as the ceiling of AI’s potential when, in reality, they represent the floor.

Share:

PreviousAitech Awarded $63M Contract for Avionics Computing Solutions to Power India’s Light Combat Helicopter Program
NextA new resilience model for Asia

Related Posts

DevSecOps: What enterprises may be missing out

DevSecOps: What enterprises may be missing out

Monday, March 2, 2020

Increasing data breach regulatory penalties did not do the trick. What next?

Increasing data breach regulatory penalties did not do the trick. What next?

Monday, April 17, 2023

Why has increased cyber awareness in Asia not stemmed the rise of cybercrime?

Why has increased cyber awareness in Asia not stemmed the rise of cybercrime?

Friday, November 24, 2023

Cybersecurity concerns crop up with the Philippines’ third telco

Cybersecurity concerns crop up with the Philippines’ third telco

Saturday, October 5, 2019

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
previous arrow
next arrow

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Cyber threats have become more frequent and sophisticated, targeting organizations of all sizes across all …Download Whitepaper
  • Zero Trust Made Simple: Why it matters and how to get started

    Zero Trust Made Simple: Why it matters and how to get started

    Data breaches and cyberattacks are no longer limited to large, high-profile organizations.Download Whitepaper
  • Cloud Secure Edge: Remote access, better security

    Cloud Secure Edge: Remote access, better security

    ​SonicWall Cloud Secure Edge™ is a modern, cloud-native Security Service Edge (SSE) solution that addresses …Download Whitepaper
  • Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • How a Vietnamese D2C retailer built its own secure digital infrastructure

    How a Vietnamese D2C retailer built its own secure digital infrastructure

    Would your organization build your own digital infrastructure – including AI governance and cybersecurity – …Read more
  • Cyber protection for medical clinics in Singapore

    Cyber protection for medical clinics in Singapore

    As Singapore’s healthcare sector becomes increasingly digital and interconnected, clinics are facing heightened cyber risks, …Read more
  • India’s WazirX strengthens governance and digital asset security

    India’s WazirX strengthens governance and digital asset security

    Revamping its custody infrastructure using multi‑party computation tools has improved operational resilience and institutional‑grade safeguardsRead more
  • Bangladesh LGED modernizes communication while addressing data security concerns

    Bangladesh LGED modernizes communication while addressing data security concerns

    To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more

Bottom sidebar

Other News

  • ICAC Commissioner attends first IAACA European regional anti-corruption conference in Hungary

    Friday, July 3, 2026
    BUDAPEST, Hungary, July 2, 2026 …Read More »
  • Penta Security Sets the Benchmark for Web Application Security, Earning Frost & Sullivan’s 2026 South Korea Company of the Year Recognition

    Thursday, July 2, 2026
    By combining intelligent threat detection, …Read More »
  • SK shieldus Receives Frost & Sullivan’s 2026 APAC Customer Value Leadership Recognition for Excellence in Cybersecurity Services

    Monday, June 29, 2026
    The company is recognized for …Read More »
  • Global Tech Shift: Tune Talk Launches World’s First Network-Enforced Child Safety Mobile Plan, Bypassing App-Level Limitations

    Saturday, June 27, 2026
    PETALING JAYA, Malaysia, June 26, …Read More »
  • DJI Enterprise Advances Industry with New Framework for Dock as First Responder (DFR) Deployments

    Thursday, June 25, 2026
    New White Paper Outlines Best …Read More »
  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2026 CybersecAsia All Rights Reserved.