Category: Resilience

Shaping the future of finance: key insights from M2020 USA.

Posted on by Leave a comment

Howard Hall, Vice President Growth at Consult Hyperion, consulting by Fime, summarizes the key discussions and insights from Money2020 USA 2025, one of the leading payments industry conferences.

Fime and Consult Hyperion was out in full force at Money 20/20 Las Vegas, with Dave Birch, Xavier Giandominici, Ben Potter and Nick Norman all on the ground. Over three packed days we met with dozens of clients, partners and industry friends, both old and new. We came away inspired by how fast the world of payments, identity and digital trust is evolving.

The era of agentic AI.

Agentic AI was everywhere this year. Dave Birch’s session, supported by leaders from Mastercard explored how intelligent, autonomous agents will reshape the way money moves and decisions get made. These aren’t just chatbots; they’re systems capable of acting on our behalf, initiating payments, verifying identity and managing risk. The question everyone is asking now is: how do we trust the agent? What are the new signals, frameworks and governance models that let us verify that an AI acting for us is doing the right thing?

This conversation dovetails perfectly with our heritage in digital identity and trust frameworks. It’s one thing to build an agent; it’s another to ensure that it’s secure, compliant and grounded in real-world identity. That’s where we come in.

Stablecoins and the future of money.

Stablecoins and tokenized money continued to capture attention across panels and side discussions. There’s a growing sense that programmable value, whether through stablecoins or digital fiat will be the natural companion to agentic AI. If agents are going to act, they’ll need a medium of exchange that is fast, programmable and secure.

We heard repeatedly that firms want help bridging the gap between experimentation and production. This is the kind of challenge Consult Hyperion thrives on combining technical insight with regulatory understanding to make the next generation of payment rails real.
Insights from dozens of client conversations.

Our one-to-one meetings revealed a lot about what’s on the minds of our clients and partners:

  • Platform resilience and optimization came up again and again — from large fintechs re-evaluating their processing infrastructure to global brands seeking help rationalizing fragmented payment systems across multiple geographies and logos.
  • Digital identity and trust frameworks were top of mind. Organizations across banking, payments and big tech are exploring how to extend KYC into the world of Know-Your-Agent (KYA) and mDL.
  • Tokenization and security continue to present both opportunity and friction. Several firms are revisiting their existing implementations and seeking a path toward scalable, interoperable solutions.
  • Go-to-market alignment remains a challenge. Many companies are looking for help in shaping adjacent services, workshop and partnership strategies are areas that were top of mind.
  • Sector-specific certification and standards are shifting. We heard updates from trusted partners working to reshape digital-identity assurance around specific industries rather than one-size-fits-all frameworks.

These conversations reaffirmed what we already know: clients value practical, implementation-level understanding of the complex ecosystems that connect identity, payments and technology.

Why this matters.

For nearly three decades, Consult Hyperion has helped organizations around the world navigate the intersection of trust, technology and financial inclusion. Whether it’s designing new tokenization schemes, building digital-identity frameworks or testing payment systems with Fime, our work sits at the core of where the industry is heading.

Money 20/20 was a reminder that we’re entering a new chapter, one where human and machine actors coexist in digital ecosystems that demand security, privacy and interoperability from the start.

Let’s continue the conversation.

If you’d like to explore how agentic AI, stablecoins or next-generation identity can be built safely and responsibly into your business, we’d love to talk. Reach out to our team and let’s turn these conference insights into real-world strategies and implementations.

How Consult Hyperion Can Help Financial Institutions Comply with DORA

Posted on by Leave a comment

The financial services landscape is evolving rapidly, with new regulations emerging every day. One of the most recent and significant developments for financial institutions in the European Union is the Digital Operational Resilience Act (DORA). Designed to ensure that financial entities are better prepared for technological disruptions and cyber threats, DORA aims to build resilience in the face of growing digital risks.

At Consult Hyperion, we specialize in payment and cybersecurity, structured risk analysis, and technical due diligence. I’d like to share how our expertise in these areas can help your organization navigate the complex requirements of DORA and achieve full compliance.

Understanding the Impact of DORA on Financial Institutions

DORA sets out to harmonize the requirements for operational resilience in the financial sector across the EU. This means that financial institutions, from large banks to small fintech firms, are now required to have comprehensive risk management frameworks that can withstand a wide range of cyber incidents and operational disruptions. The regulation focuses on ICT risk management, incident reporting, operational resilience testing, and managing third-party risk, among other things.

For any financial institution, ensuring compliance with DORA is a multi-faceted challenge. The regulation is comprehensive, and failure to comply could lead to penalties, legal liabilities, and reputational damage. But this is where Consult Hyperion comes in.

How Consult Hyperion Can Help You Comply with DORA

Our team at Consult Hyperion has over 30 years of experience working with financial institutions across the globe, helping them address their cybersecurity needs, performing structured risk analyses, and providing technical due diligence on third-party vendors and systems. Here’s how we can assist you:

1. Structured Risk Analysis

Risk analysis is at the heart of DORA. Financial institutions must identify, evaluate, and mitigate a variety of risks, from cyber-attacks to system failures. At Consult Hyperion, we’ve developed a proprietary structured risk analysis (SRA) approach that not only identifies potential vulnerabilities in your organization but also assesses the likelihood and impact of those risks. We provide a clear roadmap on how to mitigate those risks to stay compliant with DORA.

We help you map out your entire digital infrastructure, identify key points of failure, and assess your operational resilience. Our team works closely with your IT, risk management, and compliance departments to ensure that you have the right systems in place to manage risks effectively.

2. Technical Due Diligence

One of the key components of DORA is ensuring that your third-party vendors and ICT service providers are compliant with the regulation. This means conducting thorough technical due diligence on all your partners, ensuring they meet the necessary standards and are not introducing any undue risks to your operations.

At Consult Hyperion, we have a wealth of experience in conducting technical due diligence across a wide range of vendors and technologies. Our assessments are thorough, covering everything from security and privacy to operational resilience and regulatory compliance. With our help, you can have confidence that your third-party relationships are solid and that they meet DORA’s stringent requirements.

3. Cybersecurity Expertise

Our expertise in cybersecurity is another critical asset for financial institutions looking to comply with DORA. We understand the intricacies of securing complex digital infrastructures, particularly in highly regulated environments like banking and financial services.

We can help you design and implement security frameworks that protect your systems and ensure the integrity of your data. Our team works closely with you, making sure that your institution remains resilient to emerging threats. Leveraging our SRA process, we ensure that your organization meets DORA’s mandated security requirements.

4. Operational Resilience Testing

Under DORA, financial institutions are required to perform regular operational resilience testing to ensure that they can withstand and recover from significant operational disruptions. Consult Hyperion’s team can help you develop and execute comprehensive testing scenarios that assess your organization’s ability to respond to various disruptions, from cyber-attacks to natural disasters.

We can help to ensure that your testing protocols are robust and aligned with the DORA guidelines.

Moving Forward with Confidence

Complying with DORA is no small task, but with the right expertise and support, your financial institution can not only meet the regulatory requirements but also enhance its overall resilience. At Consult Hyperion, we are passionate about helping our clients strengthen their digital infrastructures, mitigate risks, and build a secure foundation for future growth.

If you’re looking for expert guidance to navigate the complexities of DORA, we’re here to help. With our proven track record in security, risk analysis, and technical due diligence, we can provide the support your organization needs to stay compliant and resilient.

To learn more about how Consult Hyperion can support your DORA compliance journey please contact us at: https://consulthyperion.wpcomstaging.com/contact/

Brazilians wow the world of Open Banking

Posted on by Leave a comment
flag of brazil

At last week’s FDX Virtual Spring Global Summit, I received a glimpse into the huge strides being made by the Financial Data Exchange in the adoption of their data sharing API for the US market. In the context of minimal centralised regulation in the US, progress is driven by industry. This marks a substantial move away from screen scraping, which has historically been prominent in the US market. While the API approach provides value in terms of security and standardisation, many organisations still depend on screen scraping to support their business model.

Continue reading “Brazilians wow the world of Open Banking”

Biometrics on Cards

Posted on by Leave a comment

Improving Cardholder Authentication

On-card fingerprint readers have been in development for a few years now, with a number of products now in market from vendors such as Fingerprint Cards, Zwipe, Idemia and G+D.

Continue reading “Biometrics on Cards”

Safer Internet Day 2022 – It’s all about you!

Posted on by 1 Comment
person in red pants sitting on couch using macbook

For Safer Internet Day, I thought I’d bring a Mediterranean theme. As a classicist, I frequently switch between ancient and modern, applying time-tested principles to emerging technologies. Plato had it right on data protection: the price of not participating in public life is to be ruled by less able men.

Continue reading “Safer Internet Day 2022 – It’s all about you!”

Will 2022 start to drive the future of Interoperability and Inclusion?

Posted on by Leave a comment
close up shot of a calendar

Our overriding theme of this year’s Live5 is interoperability which will lead to inclusion. Whether this is in payments or transit, identity or as a generalised trend what we’re seeing is a collapsing of the barriers between silos. In some areas this is happening more quickly than in others.

Continue reading “Will 2022 start to drive the future of Interoperability and Inclusion?”

Point of Sale cyberattacks – is certification enough?

Posted on by Leave a comment
a person making a payment using a smartwatch

The biggest news in payments security in the last month concerns allegations that point of sale terminals supplied by PAX Technology have been subverted to have the capability of launching cyberattacks. Details of the allegations can be found at Krebs and Bloomberg; in response, PAX Technology has published a rebuttal.

Continue reading “Point of Sale cyberattacks – is certification enough?”

The Role of Technical Due Diligence in Investment Cycles

Posted on by Leave a comment
people discuss about graphs and rates

Have you noticed that some of the best attended events at conferences recently are the investment panels, populated by canny investors talking about where they are currently placing their funds? And so this was the case with Consult Hyperion’s recent webinar The Role of Due Diligence in Investment Cycles, featuring Jonathan Luff Co-Founder of CyLon, Europe’s leading investor in pre-seed and seed stage cyber and security technology startups. Howard Hall, Managing Director of Consult Hyperion North America, and Gary Munro, Technical Director Consult Hyperion and Dave Birch our Global Ambassador, who moderated the discussion.

Continue reading “The Role of Technical Due Diligence in Investment Cycles”

Big Tech, Financial Data … and resilience for critical infrastructure

Posted on by Leave a comment
black android smartphone showing instagram and gmail application

Victoria Saporta, BoE executive director for prudential supervision, has said recently that minimum resilience requirements should be required for the tech giants’ (and others’) hosting services, before they may process and store banking data. We strongly support these comments. We have identified this issue as one of a number of new risks arising from modern financial systems architecture, in recent Structured Risk Analyses that we have carried out for financial and retail organisations in North America, Asia-Pac and EMEA.

Continue reading “Big Tech, Financial Data … and resilience for critical infrastructure”

The changing face of payments

Posted on by 1 Comment
person paying using a bank card

EMV is at the heart of global payment card processing. As a specification it governs the processing of billions of transactions globally, with the vast majority of those flowing through the international payment schemes. As a technology it has been incredibly successful, reducing fraud levels everywhere it’s been introduced and its extension into contactless payments is now the fastest growing area of face-to-face payments. The idea that EMV might soon be obsolescent seems far-fetched, to put it mildly, but there are reasons to believe that its hegemony is under threat.

Continue reading “The changing face of payments”

Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.