The ongoing war in Ukraine is causing significant disruption to the political framework of Europe and the financial markets. However, the technology and business operations are holding up, as Liz Lumley discovers.
The geopolitical risk dashboard from the BlackRock Investment Institute placed a possible conflict between Russia and NATO countries at the head of its ‘Top 10 Risks by Likelihood’ list for April 2022. Other high-risk scenarios, according to BlackRock, include a major cyber attack (or attacks) that causes a sustained disruption in the operation of critical physical or digital infrastructure, as well as a global technology decoupling between the US and China. Lower down the BlackRock list is the tension in the Persian Gulf and the global climate policy gridlock.
The International Crisis Group, an independent organisation working to prevent wars and shape policies that will build a peaceful world, lists 10 global conflicts to watch in 2022. These include the war in Ukraine; civil war in Ethiopia; the ongoing disruption in Afghanistan; tensions between the US and China; tensions between the US, Israel and Iran; the worsening situation in Yemen; the ongoing conflict between Israel and Palestine; political unrest in Haiti as well as Myanmar; and the threat of Islamist militancy in Africa.
The examples above show that while geopolitical conflicts are common and ongoing, each is also unique. They can be sudden and extreme in nature — such as the Russian invasion of Ukraine — or slow burning with simmering tensions, such as the fractious relationship between the US and China.
Risk mitigation
Most global banks and international companies will have disaster recovery playbooks to serve as a guide on how to support staff, comply with global and local regulations, and maintain IT and infrastructure in the wake of extreme conditions. Use of modern technology also means that most infrastructure is maintained via networked computers and accessed via cloud platforms. Whether it be a possible European war with Russia or the unpredictability of a once-in-a-century global pandemic, these incidents have very little impact on a global organisation’s IT operational resiliency. From an IT standpoint, geopolitical conflict is most disruptive from a human perspective.
According to Péter Csányi, board member and chief digital officer at Budapest-based OTP Bank, the management is “constantly monitoring the situation in Ukraine” and have offered staff located in that country relocation to “a safe and well-equipped environment”.
“OTP Group is supporting Ukraine using all means available to us,” says Mr Csányi. “We are working under wartime conditions to keep the country’s financial infrastructure, and thereby the economy as a whole, operational. In addition to maintaining the operations of our subsidiary in Ukraine, we are contributing to the management of the crisis with the support of millions of euros, material donations, the collection of more than €1.5m worth of humanitarian donations among our clients and employees, and the accommodation and care of more than 200 refugees.”
Mr Csányi admits that there are no “rigid playbooks” on how to deal with IT risk during a geopolitical conflict as “different situations require different actions”. However, today’s flexible and accessible technology remains a key pillar of the bank’s IT resiliency and its ability to react to rapid changes and unexpected situations.
“Our digital strategy is based on IT skills and abilities instead of technologies: the ability to change, to utilise flexible infrastructure, to develop international expertise, and to enhance the efficiency of group-level processes. All these provide a solid ground for OTP Bank when it comes to high-impact changes — such as a pandemic or various geopolitical risks — both in terms of decision-making and IT solutions,” he adds.
Business continuity in wartime
As evidence of maintaining resilience during wartime, Ukraine-based tech company Relevant Software signed five new contracts in the past month, according to CEO and founder, Andrew Burak. Relevant is an international software development company that provides staff augmentation and full-cycle software development services to Fortune 500 companies and promising global start-ups.
“Today, doing business and maintaining financial stability matters a lot,” says Mr Burak. “Twenty-five percent of our Ukrainian employees moved abroad and kept working remotely. Others are safe in the western part of the country. Therefore, we continue to implement our projects and work closely with our clients without losing operational efficiency.”
While Relevant is still operational in the western part of the country, Mr Burak says that it is expanding staff numbers in its international offices to further maintain business productivity, just in case the situation in Ukraine deteriorates further. “But I am convinced that with such support from the international community, the selfless people of Ukraine will win faster than politicians and analysts predict,” he adds.
Cryptocurrencies have proven to be a great alternative way to raise funds and pay for goods quickly
Despite maintaining business continuity during wartime, Mr Burak points to unique risks and opportunities that have come to light due to the Russian invasion.
“For example, cryptocurrencies have proven to be a great alternative way to raise funds and pay for goods quickly. Therefore, fintechs needs to think about creating an infrastructure for everyday financial transactions in crypto for the future,” he says.
Mr Burak also advises risk managers to keep a close eye on sanctions that may require changes to third-party vendors. “As the sanctions list expands, they must screen third-parties, including direct partners, foreign affiliates and clients, for links to Russia, Russian oligarchs and Belarus,” he adds.
The influx of refugees in Europe which is “pushing the limits of financial instruments for all those who urgently need them, particularly for displaced citizens of Ukraine”, is a case in point. Because of the war in Ukraine, PayPal expanded the reach of its payments service functions in a few weeks — something that would usually take six to nine months, he adds.
Sri Lankan precedent
While the Ukrainian invasion is new in the European context, says Andrew Rogan, director of operational resilience policy at UK Finance, there are upheavals going on globally all the time. He points to the protests in Sri Lanka as an example.
“What is new is the way that firms are thinking about this from an outsourcing supply disruption perspective,” says Mr Rogan. “There is an awareness: ‘Yes, you are a UK bank or an American bank, but actually there are things that happen in other parts of the world that do affect us, even indirectly, that we need to account for and need to think about.’”
Mr Rogan argues that most global organisations are “cause-agnostic” when looking to maintain IT operational resiliency, even in light of the war in Ukraine, extreme weather events due to climate change and an increasing awareness of vulnerability to pandemics.
“It’s how a firm really gets their heads around their supply chain and the supply chains of their outsources — where their key vulnerabilities are in various jurisdictions — and what strategies they’ve got in place to mitigate that,” he says. The idea of a service provision is at the centre of most bank’s playbooks to mitigate against IT operational risk, continue to serve customers and recover from any disruption, he adds.
Mr Rogan cites the 2011 London riots as an example. “At that time, and I remember quite clearly, there was so much information out there about these roving mobs of youngsters that were just charging around the place and setting everything on fire,” he says. Firms came to UK Finance for advice on whether they should send staff home from offices in Canary Wharf and the City of London. The industry body gathered a group of UK firms together to sort through information about the riots, and compare rumours circulating on social media with trusted news and the Metropolitan Police. This helped them cut through the noise and develop suitable responses.
“Firms have their own internal playbooks and strategies,” he says. “But they’re constantly looking to test their reaction against those of their peers, [partly] to understand if they’re out of mainstream alignment, but also [to find out] if somebody else knows something that they don’t, which could result in a significant disruption or a problem for staff.”
Supporting architecture
Generally, maintaining business and IT operations during a conflict is made possible through the use of flexible architecture, networked computing and cloud delivery, leaving support for staff as the most complicated and messy part of any conflict response plan. However, the threat of cyber attacks remains a constant issue and becomes even more precedent during extreme events.
In its recent report called ‘In the crosshairs: organisations and nation-state cyber threats’, cyber security firm Trellix identified banking as one of the leading targets for nation-state attacks, with organisations seeing significant risk from Russia and China. It also found that 45% of banking and financial services organisations suspect that a Russian-backed adversary was behind a past cyber incident they faced.
Fabien Rech, vice-president for Europe, the Middle East and Africa at Trellix, comments that he has seen an increase in the request for patches and increased security from banks who are anticipating an uptick in Russian-based hacker activity as a result of the war in Ukraine. However, while he says that most banks employ a mature and well-equipped cyber security strategy, many organisations are fatigued and under pressure right now.
Coming out of what Mr Rech calls “the Covid period”, resources are already stretched. Having to immediately move into the crisis in Ukraine has left many security teams fatigued, he adds. “There is a need to make sure we move to automation orchestration to give some space to the talent, because they are under pressure,” he says.
Mr Rech advises that awareness and educational training for employees is vital to detecting and protecting against cyber threats. “Unfortunately for us, the good old times where we provide a shield or something like that are gone,” he says. “It’s really making sure you do your best to protect and to defend yourself and, in parallel, making sure you have a plan so that you can react really quickly in case something else comes in.”
Probing for weakness
According to Corey Hamilton, financial services security partner at IBM, cyber fraudsters take advantage of events such as the Covid pandemic or the invasion of Ukraine to infiltrate organisations.
Organisations need to be on alert that attackers will certainly push phishing messages that are titled or focused around helping Ukraine, or supporting a cause and preying on banking staff
“Phishing is still one of the most effective initial attack vectors. Organisations need to be on alert that attackers will certainly push phishing messages that are titled or focused around helping Ukraine, or supporting a cause and preying on banking staff,” he says. “It’s kind of similar to when Covid-19 started: attackers will leverage the current situation — anything that will pull at the heartstrings of staff to get them to click on a link.”
Cyber criminals are also becoming more sophisticated. “Unfortunately, we are seeing that the criminals have pivoted; we’re seeing a significant increase in Linux-based malware — this type of code will be actionable in cloud environments that were previously not impacted,” says Mr Hamilton. Many banks have moved towards these hybrid cloud environments, he adds.
No matter what the crisis, whether it be a natural disaster, a cyber attack or war, most banks have a business continuity plan, which will usually include protecting staff, says Mr Hamilton. After staff are protected, either through relocation or reallocation of resources, the next step is protecting the central business processes, such as a datacentre that may be located in a war zone.
“When it comes to the actual protection of that data, if you’ve got a datacentre that is exercising disaster recovery, you certainly don’t want to get in a position where that data could be compromised,” says Mr Hamilton. If that is the case, decisions could be made to make the data corrupted or inoperable, he adds.
According to Shanker Ramamurthy, managing partner for global banking and financial markets at IBM, 45 of the top 50 global banks rely on an IBM mainframe.
“In the context of Ukraine, the safety and security of IBM is at the heart of all the decisions that we make,” says Mr Ramamurthy. “We’ve been in constant contact with our local teams to provide relocation assistance, financial support, and any other forms of direct engagement that they might need, and many of [IBM’s staff] in Ukraine — and their families — have been [safely relocated to neighbouring countries] at IBM’s expense.”
As a global tech provider with such a wide range of financial clients, IBM has been at the forefront of many geopolitical and natural disasters over the decades.
“When September 11 happened, I was right there, looking as the second plane hit the World Trade Center,” says Mr Ramamurthy. “IBM was supporting many of the financial institutions in the region. We have to do all the things in the human dimension, not just the technology back-up and support dimension, to ensure that resiliency was maintained and the business was able to move forward.”
He also cites the recent floods in India, which called on tech providers like IBM to do “all sorts of heroic things” to ensure there was “absolutely no downtime for our clients”.
The ongoing war in Ukraine is causing significant disruption to the political framework of Europe and the financial markets. However, the technology and business operations are holding up.
“What’s happening in Ukraine is significant, and businesses are having to consider the sanctions that have occurred [against] Russia,” says Mr Rogan. “That hasn’t resulted in an operational disruption, so much as a market and financial disruption; whereas climate change, earthquakes, pandemics and protests against [governments] do actually often have a more tangible impact on the way that firms and countries can provide services.”
