SlideShare a Scribd company logo

Financial Services Technology Summit 2025

Ray Bugg, profile picture
Ray Bugg

The FS Technology Summit Technology increasingly permeates every facet of the financial services sector, from personal banking to institutional investment to payments. ​ The conference will explore the transformative impact of technology on the modern FS enterprise, examining how it can be applied to drive practical business improvement and frontline customer impact. ​ The programme will contextualise the most prominent trends that are shaping the industry, from technical advancements in Cloud, AI, Blockchain and Payments, to the regulatory impact of Consumer Duty, SDR, DORA & NIS2. ​ The Summit will bring together senior leaders from across the sector, and is geared for shared learning, collaboration and high-level networking. The FS Technology Summit will be held as a sister event to our 12th annual Fintech Summit.

Technology
Related topics:
Financial Services Overview
1 of 176
Download to read offline
1
2
3
4
5
6
7
Most read
8
9
10
11
12
13
14
Most read
15
16
17
Most read
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
Financial Services Technology Summit 2025
Headline Sponsors Co-Sponsors Drinks Reception Sponsor THANKS TO ALL OUR SPONSORS & EXHIBITORS Exhibitors
24 SEP 2025 | Edinburgh 24 SEP 2025 | Edinburgh 27 NOV 2025 | Edinburgh 10 SEP 2025 | Glasgow 5 JUN 2025 | Glasgow
24 SEP 2025 | Edinburgh The Scottish Financial Technology Awards 2025 Best Fintech Collaboration Best Use of Data/AI Best Start Up / New Entrant Climate & Environmental Impact Digital Transformation Financial Services Innovation Financial Technology Partner Fintech of the Year Outstanding Leader RegTech Innovation Social Impact Evangelist 12 Award Categories Available For Entry
#FSTechSummit Alex Radu VP Education & Evangelism Lead, Infrastructure Platforms Engineering Practices JP Morgan Chase
Engineering with AI: Balancing innovation, productivity and risks Alex Radu All views are my own and do not represent the views of my employer.
The "Are You Even Paying Attention?" Scale of AI Understanding (not an academic one, made with AI) 7 Level 1: The "Isn't AI a Chatbot?" Chum Level 2: The "Documentary Curious" Novice Level 3: The "My Phone Does That" Dabbler Level 4: The "Prompt Engineer in Training" Pro Level 5: The "Silicon Valley Unicorn Whisperer" Sage
40%
By 2030, nearly 40% of today’s skills will be obsolete, and AI is driving this shift. Source: Future of Jobs Report 2025 (WEF)
80%
By 2029, Agentic AI will autonomously resolve 80% of common customer service issues without human intervention Source: What is Agentic AI and How Will It Impact Customer Service and Support? 2025 (Gartner)
AGENDA 01 Newest AI wave 02 Engineering with AI 03 Adoption framework 12
Did you use an AI tool in the last month?
Technology that enables machines to mimic human intelligence and perform tasks like reasoning, learning, and problem-solving. For example, virtual assistants, facial recognition systems, chatbots. A branch of AI that focuses on building systems that learn from data and improve over time without being explicitly programmed. For example, product or video recommendation systems, natural language processing, fraud detection. A subset of ML that uses neural networks with many layers to process complex data like images, audio, and text. For example, autonomous vehicles, speech recognition, computer vision. A type of AI that can create new content — like text, images, audio, and code based on patterns it learned from training data using LLMs (Large Language Models) or SLMs (Small Language Models). For example, coding assistant chatbots, image and content creation solutions. AI systems with a high degree of autonomy, enabling them to make decisions, take actions, and learn from interactions to achieve specific goals, often with minimal human intervention. For example, solutions where AI has the ability to act and make decisions independently. Newest Thinking Machines Wave 14 Artificial Intelligence (AI) Machine Learning (ML) Deep Learning Generative AI Agentic AI We’re here
The process of using a trained model to generate output. Features for efficient model execution, quantization, and deployment for various environments. CPUs, general purpose processors that can be used for a wide range of tasks. GPUs, specialized processors that are designed for parallel processing, making them well-suited for the type of calculations needed for machine learning. The type of ecosystem your AI model will run in, this will influence your available choices of frameworks.For example, Python or C, C++. A framework provides tools and libraries for use with building and using LLMs. Frameworks can offer support for the pre-training, fine-tuning or inference. Training is the process of teaching a model to understand and generate data by exposing it to data that will help it generalize it to solve tasks. Training can be considered the process by which a model is first created. Stages: ● Pre-training, where the model is exposed to data - trillions of words ● Post-training, where the model is optimized ● Fine-tuning - a type of post-training for specific tasks / domains on a smaller/targeted dataset ● Quantization - reducing model size ● Testing and validation to ensure quality and safety What’s in a LLM model? 15 Inference Software ecosystem Frameworks Training Hardware Expensive and resource intensive
Here’s a few use cases: ● Efficient and clear communications or content creation (writing, editing, email/calendar management) ● Faster completion of admin, support or collaboration tasks ● Removing or automating repetitive tasks ● Code editing (suggestions, translation, improvements, testing) ● Enhanced (or existing) documentation ● Time management and note-taking ● Performing research, analysis, product discovery, solution brainstorming and new use cases are popping up everyday! So what does GenAI promise to do for us? 16 Each and every one of these is a risk and opportunity! Today Analyze Communicate Tasks Can't do (yet) Imagine Make decisions Solve problems
You go from this PDLC (product development lifecycle) workflow: What happens when you add Engineering + AI 17 Discover & Define ➔ Define Strategy & Vision ➔ User & Market Research ➔ Problem Definition ➔ Concept Generation & Prioritization Validate & Design ➔ Prototype, Experiment & User Testing ➔ UX/UI Design ➔ Tech Feasibility & MVP Measurement/Pivot ➔ Detailed Specification Development Build & Test ➔ Software/Hardware Development ➔ Testing: Quality Assurance (QA), Performance & Security and User Acceptance (UAT) Launch, Scale & Iterate ➔ Go-to-Market & Launch ➔ Insights Monitoring & Customer Feedback ➔ Analyze Usage, Identify & Prioritize Improvements ➔ Develop, Release & Scale ➔ Customer Education and Support Discover, Define, Validate & Design AI-powered tools can rapidly analyze vast customer research data, brainstorm and generate novel product concepts from it, accelerate the creation of prototypes for validated features and analysis of user testing feedback, suggest design best practices and successful patterns. Build, Test, Launch, Scale & Iterate AI can assist engineers with code generation, automate testing processes, exploring new architectural patterns, monitor product usage patterns, customer feedback, areas needing improvement or new feature opportunities. It can help create content, personalize experiences, provide targeted support, or forecasting demand and optimizing scaling strategies. To this workflow, where AI enables faster delivery, customer focus and potential for innovation: Co-creation Cross-functional reviews
Reliability, resilience & quality Security & portability Functionality, accessibility & usability What is good software?
Here’s a few use cases: ● Functionality, accessibility & usability ○ AI powered code generation, troubleshooting, research ○ Writing docs and README files ○ Suggesting CLI commands ○ Software engineers becoming product engineers ● Security & portability ○ Automated and increased testing coverage ○ Anomaly detection and notification or healing ○ Migration code rewrites ● Reliability, resilience & quality ○ Reviewing, refactoring and optimizing code ○ Reducing build and merge failures ○ Handling routine implementations or patterns ○ AI drive data monitoring and analysis to speed up identification of issues and suggest remediation or support decision-making So what does AI promise to do for Software Engineering? Reduced toil and boosted productivity! 19 Each and every one of these is a risk and opportunity!
Build trust
Build AI trust with your engineers Communicate purpose and benefits of this new way of working Demo current tools and workflows integrations or changes Start with focused toil use cases and showcase early adopter wins Emphasize data privacy and controls in terms of limitations Actively solicit and incorporate engineer feedback Team focus in adoption support and enablement
Designing your Adoption Framework whilst Navigating Risk 22 Governance and security Set out your policy and governance to ensure responsible, sustainable, ethical and secure AI use, including systems, data and risk management, measurements and compliance. Align with business outcomes, workforce and customer needs. Education and innovation Nurture for your people a culture of transparent learning, experimentation and creativity in adopting AI, using it to reduce toil and giving permission and boundaries to play within from top to bottom. Cross-functional collaboration Bring together teams and early adopters from engineering, product, compliance, legal, security and more, to test and validate use cases, oversight, and best results from across the organization. Adoption takes time, communication and purposeful enablement. Measure and iterate Measure outcomes consistently, evaluate the customer, system, delivery and team health. As the organization changes their workflow, continuously evaluate ROI, compliance and risk posture. Infrastructure Decide, test and communicate what AI platforms and tools will be used internally and the engineering, operations and costs of those. Make sure you’re building in existing workflows and tools to facilitate adoption and reduce friction. 05 01 02 03 04
23 “Failure is a manifestation of learning and exploration. If you aren’t experiencing failure, then you are making a far worse mistake: You are being driven by the desire to avoid it.” Ed Catmull, Creativity, Inc
THANK YOU
The "Are You Even Paying Attention?" Scale of AI Understanding (not an academic one, made with AI) 25 Level 1: The "Isn't AI a Chatbot?" Chum Level 2: The "Documentary Curious" Novice Level 3: The "My Phone Does That" Dabbler Level 4: The "Prompt Engineer in Training" Pro Level 5: The "Silicon Valley Unicorn Whisperer" Sage
Level 1: The "Isn't AI a Chatbot?" Chum AI Trust Level: Mostly just annoyed by unhelpful automated responses. Typical Belief: Thinks AI is exclusively those little boxes on websites that can't understand a single thing you type. Might also confuse it with autocorrect or Clippy the paperclip. Water Cooler Talk: "This new chatbot at work is so dumb, it's like, is *that* the AI everyone's talking about?" The "Are You Even Paying Attention?" Scale of AI Understanding (not an academic one, made with AI) 26
The "Are You Even Paying Attention?" Scale of AI Understanding (not an academic one, made with AI) 27 Level 2: The "Documentary Curious" Novice AI Trust Level: Worried about robot uprisings and sentient toasters. Typical Belief: Has seen a slightly alarming documentary about robots taking over the world and now views all AI with a healthy dose of suspicion. Might vaguely understand terms like "algorithm" but thinks it's some kind of ancient wizard spell. Water Cooler Talk: "Did you see that show where the AI started writing creepy poetry? We're doomed, I tell you!"
The "Are You Even Paying Attention?" Scale of AI Understanding (not an academic one, made with AI) 28 Level 3: The "My Phone Does That" Dabbler AI Trust Level: Occasionally wonders if their phone is listening to their conversations a little *too* closely. Typical Belief: Understands that AI powers some everyday conveniences like voice assistants, photo tagging, and personalized recommendations. Thinks of it as a helpful but slightly mysterious magic behind the screen. Water Cooler Talk: "Yeah, my phone's AI is pretty good at suggesting songs. Though sometimes it thinks I want to listen to whale noises after a heavy metal track."
The "Are You Even Paying Attention?" Scale of AI Understanding (not an academic one, made with AI) 29 Level 4: The "Prompt Engineer in Training" Pro AI Trust Level: Mostly worried about AI becoming *too* good and making their prompt engineering skills obsolete. Typical Belief: Has spent a significant amount of time crafting the perfect prompts for various AI tools, boasts about getting "amazing" results, and might even use terms like "large language model" in casual conversation (slightly incorrectly). Water Cooler Talk: "You just have to phrase it *exactly* right. I got ChatGPT to write my entire birthday card in the style of a Shakespearean sonnet about pizza!"
The "Are You Even Paying Attention?" Scale of AI Understanding (not an academic one, made with AI) 30 Level 5: The "Silicon Valley Unicorn Whisperer" Sage AI Trust Level: Considers themselves part of the solution (or at least the cutting edge of the problem). Typical Belief: Views current mainstream AI as child's play. Is actively tinkering with open-source models, complaining about the limitations of current GPU availability, and dreams in CUDA code. Water Cooler Talk: "Honestly, these pre-trained models are so last year. I'm trying to fine-tune a diffusion model on a dataset of abstract cat paintings, but my 3070 is really bottlenecking the whole process. If only I had those sweet, sweet Nvidia cores..."
#FSTechSummit Andy McMahon Principal AI & MLOps Engineer BARCLAYS
© 2025 Andrew P. McMahon. All Rights Reserved. Maximising the AI Opportunity Tech, Business and Customer Alignment Andy McMahon Principal AI & MLOps Engineer, Barclays FS Tech Summit May 2025
© 2025 Andrew P. McMahon. All Rights Reserved. Some thoughts from other professionals …
© 2025 Andrew P. McMahon. All Rights Reserved. Some thoughts from other professionals …
© 2025 Andrew P. McMahon. All Rights Reserved. Expectations are high … “Generative AI’s impact on productivity could add trillions of dollars in value to the global economy. Our latest research estimates that generative AI could add the equivalent of $2.6 trillion to $4.4 trillion annually across the 63 use cases we analyzed—by comparison, the United Kingdom’s entire GDP in 2021 was $3.1 trillion. This would increase the impact of all artificial intelligence by 15 to 40 percent. This estimate would roughly double if we include the impact of embedding generative AI into software that is currently used for other tasks beyond those use cases.” The economic potential of generative AI, 2023, McKinsey: https://www.mckinsey.com/capabilities/mckinsey-digital/our-insights/the-economic-potential-of- generative-ai-the-next-productivity-frontier
© 2025 Andrew P. McMahon. All Rights Reserved. Expectations are high … “Generative artificial intelligence is poised to produce $1.3 trillion in revenue — 10-12% of all technology spending — over the next eight years in hardware, software and services and more as businesses supercharge their products. … Training AI through machine learning and neural network algorithms using massive datasets (the large language model, or LLM) will be a huge market, reaching $471 billion in sales by 2032 and boosting demand for accelerators on servers and storage units at data centers. Companies will use the public cloud to deploy generative AI, benefitting hyperscalers like Meta, Microsoft, Amazon and Alphabet, with a projected CAGR of 54% to $309 billion.” Bloomberg Intelligence, Generative AI 2024 Report: https://www.bloomberg.com/professional/products/bloomberg-terminal/research/bloomberg-intelligence/download/generative-ai- 2024-report/
© 2025 Andrew P. McMahon. All Rights Reserved. AI in the enterprise - financial services
© 2025 Andrew P. McMahon. All Rights Reserved. “For JPMorganChase, 2024 was the year that continual leadership in the space started showing dividends. During the bank’s Investor Day held on May 20, Daniel Pinto (President & COO) shared the value they assigned to AI use cases was between $1 - $1.5 billion in the fields of customer personalization, trading, operational efficiencies, fraud detection, and credit decisioning. On September 10, Pinto raised the project to approximately $2 billion during the Barclays Global Finance Services conference.” Evident AI Index 2024 Key Findings Report https://evidentinsights.com/ai-index/ AI in the enterprise - financial services
© 2025 Andrew P. McMahon. All Rights Reserved. AI in the enterprise - going generative Analyse 03 ● Leverage reasoning models (or simpler) to perform E2E analysis of data ● Give v1/POC of analytical solutions Summarise 02 ● “Brief me quickly” ● Take outsized contextual information and compress (e.g lengthy documentation) Search 01 ● Augment existing retrieval capabilities (e.g intranet) ● Leverage existing organisational knowledge ● RAG (!), Semantic Search. Generate 04 ● Write copy/generate bespoke comm’s ● Synthesise new imagery and branding ● Chat (!) Translate/Transcribe 05/ 06 ● Modalities (e.g audio <-> text, text <-> image) ● Natural languages ● Technical language (e.g C++ <-> Python, Oracle <-> Postgres, Ansible <-> Terraform) Credit for the 6 patterns: Jeff McMillan, Morgan Stanley
© 2025 Andrew P. McMahon. All Rights Reserved. AI in the enterprise - going generative BCG - https://www.bcg.com/publications/2024/what-gen-ais-top-performers-do-differently
© 2025 Andrew P. McMahon. All Rights Reserved. AI in the enterprise - going generative - beware the hype! Credit: Nayur Khan, Linkedin, Mar 2025
© 2025 Andrew P. McMahon. All Rights Reserved. AI in the enterprise - going generative - beware the hype! https://www.gitclear.com/ai_assistant_code_quality_2025_research “To investigate, we will analyze the largest known database of highly structured code change data [A2]. 211 million changed lines of code, authored between January 2020 and December 2024 [A1], will be assessed on quantifiable “code quality” metrics. The data in this report contains multiple signs of eroding code quality. This is not to say that AI isn’t incredibly useful. But it is to say that the frequency of copy/pasted lines in commits grew 6% faster than our 2024 prediction. Meanwhile, the percent of commits with duplicated blocks grew even faster. Our research suggests a path by which developers can continue to generate distinct value from code assistants into the foreseeable future.”
© 2025 Andrew P. McMahon. All Rights Reserved. Building the business case 1. Define Opportunity Type Increase ● Throughput/Efficiency/ Productivity ● Volumes ● Quality ● Offerings Decrease ● Errors/Failures ● Complaints/Recalls/ Returns ● Wasted time/rework ● Complexity ● Drudgery/toil 2. Define Metrics ● Time to value (days) ● Time to resolution (hours) ● # sales per quarter ● Revenue per quarter ● # reworked records/week/worker ● # defaults ● # false positives identified ● … 3. Measure success ● Raw system data ● A/B experiments ● Surveys ● Raw financials ● SME evaluated results Rinse and Repeat!
© 2025 Andrew P. McMahon. All Rights Reserved. Building the momentum 1. Awareness Are the wider organization aware of the capabilities that exist within and outside the firm? 3. Value Generation Have you successfully executed and created real value? Did you get a healthy ROI? 2. Buy-in & Partnership Have your data experts found the areas that will accept the AI business case and work with you to execute? 03 01 02
© 2025 Andrew P. McMahon. All Rights Reserved. Momentum + feedback + innovation = success! AI COE Use Case Team Use Case Team Use Case Team Platform ● Architecture is now not as settled, we need to be nimble! ● The platforms and tooling landscapes will be augmented, new learning and capabilities required in teams. ● Use case success may be volatile as the org builds the ‘muscles’ for GenAI → could mean low success rates! ● Businesses cases for GenAI use cases will necessarily be less robust, need leaps of faith in some cases. Architecture Vector DB Prompt Hub Application DB
© 2025 Andrew P. McMahon. All Rights Reserved. Parting Thoughts …
© 2025 Andrew P. McMahon. All Rights Reserved. Data is your moat ● “Using AI” is not a differentiator ● Other “moats” include your non-AI products ● The data you have as an organisation is (relatively) unique ● The specific ways you can leverage that data is where differentiation will happen
© 2025 Andrew P. McMahon. All Rights Reserved. Let’s talk about risk …
© 2025 Andrew P. McMahon. All Rights Reserved. Operating models - XOps https://cloud.google.com/devops/state-of-devops
© 2025 Andrew P. McMahon. All Rights Reserved. Thank you!
Derek Smith Chief Product & Technology Officer ABERDEEN ADVISER #FSTechSummit
Widening Access to Advice with AI Derek Smith – Chief Product and Technology Officer
Where is the value in Financial Advice?
Why do only 8% of the UK population use Financial Advice?
What is the Gap?
How could this change, and why now? Competitive Rivalry Threat of Substitutes Buyer Power Threat of New Entrants Supplier Power
Where and how could AI disrupt this?
Let’s support more people to secure their financial future
Mari Parry Principal AI Engineer BLACKROCK #FSTechSummit
Generative AI: Where, Why, … And What’s Next
Where?
Where Has It Come From? 1940s-70s Early neural networks Turing test, artificial neuron, perceptron 1950s- Rules based natural language processing 1989 Backpropagation 1990s- Statistical natural language processing mid 1990s-2010 Cheaper storage Better hardware Internet training data 2010- Deep learning takes off 2017 Transformer 2022 Commercial large language models
Why?
Why Use Gen AI? Conversational Q&A Summarization Content generation Content extraction Content translation Code generation Sentiment analysis Research Agents
How?
Strategy for Gen AI Adoption Know your Landscape Document workflows Conduct user surveys Competitor research Identify Candidates What can Gen AI do? Where can it add value? Data handoffs Assess the ROI Time spent on activity Replacement cost Replacement value Assess the Risks Risk level and tolerance Mitigation strategies Third party risk Implement AI platform Data platform Monitor Accuracy metrics Human feedback Usage metrics
Conversational Q&A (RAG) RAG Application documents Document chunks similar to query “How do I process a claim?” “Follow these steps…” human response LLM query + prompt + chunks Vector DB embeddings
Conversation Q&A (Dynamic Content) Orchestrator 1."What is the customer's address?” "Create a report of their loan history" "Which application shows loans?" LLM with Tool Calling Enabled Customer API Loans Agent 1. User asks a query 2. LLM assigns query to tool 3. LLM generates the tool request 4. Orchestrator calls the tool 5. LLM converts the response to language 6. Response sent to user RAG Agent
Challenges and What’s Next?
Challenges/Mitigations Challenge Description Mitigation Hallucinations Lack context Not faithful to context RAG/fine-tuning Query rewrites Training cut-off date LLM data is not up-to-date RAG for static data Website/tools for dynamic Toxicity LLMs trained on internet Guardrails PII leakage PII leaked to LLM or from tool PII removal Access controls Prompt injection Malicious query included in prompt Defensive prompts Jailbreaking Subverting safety controls Query validation Explainability LLMs are “black boxes” Sources annotation Benchmarking Benchmarks are too general Custom ground truth data
What’s Coming Next?
“This material is provided for informational purposes only and is not intended to be relied upon as a forecast, research or investment advice, and is not a recommendation, offer or solicitation to buy or sell any securities or to adopt any investment strategy. The opinions expressed are subject to change at any time without notice. The information and opinions contained in this material are derived from proprietary and non- proprietary sources deemed by BlackRock to be reliable, are not necessarily all-inclusive and are not guaranteed as to accuracy. This material may not be reproduced for, disclosed to or otherwise provided in any format to any other person or entity without the prior written consent of BlackRock. ©2025 BlackRock, Inc. or its affiliates. All rights reserved. BLACKROCK is a trademark of BlackRock, Inc., or it's affiliates. All other marks are the property of their respective owners.”
Q&A
#FSTechSummit Shauna Mullin Head of Product: Direct & Advice M&G PLC
ReimaginingAdvice Digit 2025 Presented by Shauna Mullin May 2025
Contents How it all began The opportunity The beginning Defining experience Starting the clock Introductions What did we prove? May 2025 Digit 2025
Howitallbegan Number of hours of lapsed time it took to provide advice. The number of custom tasks and threads in our CRM. Every time we add one adviser to our team we have to add the amalgamation of 0.4 of a person to support them across all support activities 8 hours 1000+ 1 : 0.4 Digit 2025
53% The opportunity 53% of firms are planning substantial investment into process automation & AI. Digital transformation There’s a growing demand and expectation for personalised and tailored services without the price tag. Personalised financial planning Unprecedented opportunities to deliver smarter, faster, more cost effective services than ever before. Technology options
Cost Capability Data Thefirstjob Digit 2025 The beginning
DefiningExperience Concierge Copilot Focused Removing admin from advisers day to day Transition advice experiences Decluttered • Intuitive Digit 2025
Startingtheclock What tech were we going to use to be the brains of our operation? CRM decision Who would seamlessly integrate? Advice Tech decision Digit 2025 It was time to rethink how we managed relationships and built an ecosystem that evolved a client profile rather than one that dealt in singular interactions.
Digit 2025 The framework What core record did we need to create the framework? Framework What we do to transition static records into fliud processes? Automation How did we create an always on framework? Always on Advice Process Guardrails Client based checks Doc Gen Guardrails Ongoing Case Monitoring Triage & Checking
Whatdidweprove? We halved our people cost and designed a system that allowed us to scale. We defined a new operating model that made us more efficient to evolve our experience and cheaper to support. Layered AI within our experience. Built a copilot like experience for advisers that was driven by data and insight. Digit 2025 1. 2. 4. 3.
Thankyou Digit 2025
Philip Intallura Group Head of Quantum Technologies HSBC #FSTechSummit
PUBLIC Innovation & Ventures | Quantum Technologies Group Unlocking the Future: Quantum Computing's Transformative Impact on Financial Services FS Technology Summit 01 May 2025 Dr Philip Intallura Copyright HSBC
PUBLIC Group Emerging Technology Quantum computers promise to solve certain types of problem exponentially faster than classical computers can. They will bring about two significant changes: Copyright HSBC ▪ An end to our current approach to cybersecurity ▪ Explosion of algorithmic power for computation
PUBLIC Group Emerging Technology Motivation: value at stake US$2TN* Opportunity *Source: McKinsey Tech Monitor Report, 2024 Copyright HSBC
PUBLIC Group Emerging Technology Quantum value: FS industry predicted to unlock up to $600Bn+ by 2035 Total Corporate banking Risk and cybersecurity Retail banking Payments Asset and wealth management Investment banking Operations and finance $622Bn $190Bn $160Bn $90Bn $80Bn $80Bn $20Bn $2Bn PQC Gold Tokenisation QKD Stability Testing Collateral Optimisation Portfolio Optimisation Credit Risk Feature Selection QML for Fraud Detection QML for AML QRNG for Insurance Risk QML for Client Attrition Quantum-Secure FX Trading QMCI for Simulations QAE for Simulations Quantum Algo Trading Source: McKinsey, 2024 ESG Investments QKD Assurance MAS QKD Consortium Cryptographic Inventory Pilot Copyright HSBC
PUBLIC Group Emerging Technology Classical Trillions Core Years Motivation: potential to break Public Key Cryptography These numbers are rough estimates Quantum ~2.5 Core Days Copyright HSBC
PUBLIC Group Emerging Technology Need for security: the statistics Payments processed each year ~4.5 billion 60+ markets Number of countries and territories we serve customers 42 million Customers served through our global businesses ~£3.5 trillion Value of payments processed Copyright HSBC
PUBLIC Group Emerging Technology HSBC quantum strategy: three key pillars Strategic Partnerships Engineering Excellence Organisational Readiness Copyright HSBC
PUBLIC Group Emerging Technology Our use cases: focused on core capabilities of quantum technologies Pricing Optimisation Financial Simulations Transactional Fraud Detection Copyright HSBC
PUBLIC Group Emerging Technology Quantum threat timeline: will a quantum computer break cryptography? Source: Global Risk Institute - Quantum Threat Timeline Report 2024 Optimistic view Pessimistic view Copyright HSBC
PUBLIC Group Emerging Technology Post-Quantum Cryptography Proof-of-concept: PQC in gold tokenisation Consortia: NIST-led, EPAA Cryptographic Inventory Proof-of-concept: conducted proof-of-value trials Quantum Defence-in- Depth Proof-of-concept: Quantum Key Distribution in London, Singapore Mitigating the quantum threat : HSBC’s focus areas Copyright HSBC
PUBLIC Group Emerging Technology ▪ Conducted proof of value trials ▪ Lists cryptographic assets for remediation ▪ First step towards cryptographic agility Mitigating the quantum threat: cryptographic inventory and agility Copyright HSBC
PUBLIC Group Emerging Technology Post Quantum Cryptography (PQC) Quantum-proof encryption schemes using new quantum-safe algorithms Defence: protect the bank from future quantum attacks ▪ First bank to test PQC on Gold Tokenisation ▪ Allows quantum safe distribution ▪ Informs wider quantum-safe strategy
PUBLIC Group Emerging Technology Defence: protect the bank from future quantum attacks Quantum Key Distribution (QKD) Quantum-secure distribution of symmetric keys using information encoded on photons Data Centre, Slough HSBC 8CS, London Encrypted Data Key Key Key Distribution ▪ First bank to join BT/Toshiba UK quantum network ▪ Worlds first quantum-secure FX trade ▪ QKD network in SGP led by MAS Bloomberg article Reuters article
PUBLIC Group Emerging Technology Harvest now, decrypt later Market signals: the need for action is ramping up Quantum advancing at pace Algorithmic advances MAS ADVISORY FEB ‘24 NIST, AUGUST ’24 G7 SEP‘24 GLOBAL RISK INSTITUTE, DEC ‘24 Copyright HSBC NIST, NOVEMBER ’24 Israel NDA, FEB ’25
PUBLIC Innovation & Ventures | Quantum Technologies Group Email course: Quantum Threats for Business Leaders
PUBLIC Innovation & Ventures | Quantum Technologies Group
#FSTechSummit Charles James Head of Sales and Business Development: EMEA SALT GROUP Adam White Channel Manager UK&I & Northern Europe UTIMACO
Commercial in Confidence © Salt Group Salt Cybersecurity – Utimaco Introduction Session How to Stay Secure in a Post-Quantum World
Utimaco · Aachen, Germany · © 2025 utimaco.com Page 104  UNRESTRICTED  Our speakers Charles James Head of Sales UK and EMEA cjames@saltgroup.com.au Adam White Channel Manager UK&I Adam.White@utimaco.com
Commercial in Confidence © Salt Group Before we kick off who are Salt Cybersecurity - Salt Group: Australian Cybersecurity company operating since 2004 - Salt Cybersecurity: UK division established in 2019 - Specialises in high assurance user identity & transaction authentication - Market segment focus - Banking and Finance - Government Services - Offices in Melbourne, London, Jakarta - 30+ engineering and technical staff - Experienced technical and industry specialists - Proactive professional development programs - Global 24x7 engineering support - Consulting & Professional Services capability
Commercial in Confidence © Salt Group What do we do? - Enterprise grade server platform for authentication of user identities and transactions across all digital channels and protection of high value B2B & corporate payments - Proven @ bank-scale - Multi-factor for risk-based authentication - HSM data protected for ultimate security - Suitable for hybrid on-premise/cloud deployment Contemporary mobile security 2FA token for authentication of user identity and verification of transactions independent of delivery channel - Consistent user experience across all delivery channels - PSD2 ready - Patented in Europe and US - Independently reviewed crypto architecture - Includes Runtime App Self-Protection (RASP) - eKYC for customer identity - In-house OCR, biometric face-to-photo matching and liveness detection - DVS & alternative adjudication methods - Trust levels associated with identity attributes
Commercial in Confidence © Salt Group Safetronic Transition to Salt - Acquired the SafeSign product from the Thales and Gemalto acquisition in 2019, rebranded as Safetronic - Established a robust short-term roadmap to: - Ensure full backwards compatibility with all versions of SafeSign - Provide a clear migration path for customers on legacy SafeSign versions - Resolve critical product hygiene issues, including Java JRE updates, HSM integrations, and database compatibility - Developed a strategic long-term roadmap to : - Stay ahead of evolving industry standards, innovations, and technologies - Continuously enhance the product with relevant and compelling features - Enhanced release cadence with a commitment to quarterly product updates, significantly improving on the previous SafeSign release schedules
Commercial in Confidence © Salt Group Footprint in UK Payments ‒ Safetronic: ‒ is a digital signature middleware ‒ serves as a cryptographic messaging framework for securing and integrating diverse PKI-enabled endpoints ‒ performs real-time verification of all PKI identities/end-entities ‒ checks the digital signatures on all submissions into BACS, FPS and ICS ‒ utilises FIPS 140-2 Level 3 Hardware Security Modules ‒ is deployed at numerous participants, bureaus and hubs ‒ is fully cloud and container supported ‒ is actively developed to keep ahead of industry standards, innovations and technologies
Commercial in Confidence © Salt Group Use Case in Payments Security ‒ Hardware Security Modules mandated for payments scheme participation ‒ Hardened, tamper-resistant devices isolated from host environments ‒ Protect critical cryptographic key material and enforce polices ‒ FIPS 140 Level 3 certified ‒ Direct HSM integration with business applications is complex ‒ HSMs provide digital signing primitives only ‒ No understanding of Cryptographic Message Syntax (CMS/PKCS#7), required for digital signatures ‒ Low level libraries (PKCS#11, CNG, JCA) take time and effort to develop against ‒ Cryptographic programming expertise required to avoid inadvertent security risks ‒ Safetronic middleware ‒ Business level APIs (REST, SOAP, RMI) to PKI level services (CMS sign/verify) and generic crypto primitives ‒ Certificate status checking (IdenTrust OCSP, CRL etc..) ‒ Mutual TLS to restrict client application access ‒ Channel model separating application clients, keystores and services ‒ Optimise and consolidate expensive HSM hardware to promote application multi-tenancy ‒ On-premise, cloud, hybrid and container deployment patterns ‒ Scalable, resilient and proven in the field for over two decades
Commercial in Confidence © Salt Group Typical Use Case
Commercial in Confidence © Salt Group High-Assurance Cryptography made simple with Safetronic ‒ Safetronic delivers robust crypto services, abstracting complex HSM integrations and enabling rapid adoption by enterprise applications. ‒ Utimaco’s u.trust HSM combines scalable cryptographic performance with multi-tenant isolation, supporting up to 31 secure containers for diverse use cases including general-purpose cryptography, PQC, and blockchain. ‒ • Multi-tenancy to enable secure separation of application stacks within a shared HSM estate. ‒ • Post-Quantum Cryptography readiness, backed by a well-defined roadmap aligned with emerging cryptographic standards. ‒ • Proven in the field: Safetronic has powered UK national payment infrastructure for over two decades, with a focus on reliability, scalability, and operational assurance. ‒ • Designed for hybrid and cloud-first environments: deploy Safetronic alongside u.trust in physical, virtual, containerised, or cloud- hosted (u.trust as a Service) infrastructures. ‒ • Safetronic integrates natively with u.trust, bringing its enterprise-grade crypto platform to new environments without compromising on stability or operational assurance.
Creating Trust in the Digital Society Preparing for the Quantum Threat: How to Stay Secure in a Post-Quantum World
Utimaco · Aachen, Germany · © 2025 utimaco.com Page 114  UNRESTRICTED  Ashburn, USA Americas HQ Campbell (CA), USA Singapore Aylesbury, UK Milan, Italy Madrid, Spain México EMEA HQ Aachen, Germany Tel Aviv, Israel 40 years in IT security in IT Security Started in 1983 600+ highly skilled experts 130 million Euro revenue in FY 23 Diversity and internationality are the key to our success Headquarters Subsidiaries Customer and partner network 40 years in Digital Trust Solutions
Utimaco · Aachen, Germany · © 2025 utimaco.com Page 115  UNRESTRICTED  Utimaco – The Better Choice Secure your future with Utimaco's unmatched data protection, secure payments, key management with central management and control.
Utimaco · Aachen, Germany · © 2025 utimaco.com Page 116  UNRESTRICTED  Quantum Computing is Coming!
The Quantum Threat: A sufficiently scalable quantum computer would break the asymmetric cryptosystems based on RSA and elliptical curves currently in use.
Utimaco · Aachen, Germany · © 2025 utimaco.com Page 118  UNRESTRICTED  More Computing: A threat for encryption algorithms Quantum Threats to Cryptography Vulnerability of Current Algorithms Break algorithms like RSA and ECC Significantly weaken symmetric algorithms like AES Data Integrity Risks Integrity of sensitive data protected under current encryption could be compromised Leading to unauthorized access and data breaches Image Source: IBM Utilizing quantum superposition, that is, working on combinations of states simultaneously, quantum computers can solve certain problems more efficiently, posing a threat to traditional encryption methods.
Utimaco · Aachen, Germany · © 2025 utimaco.com Page 119  UNRESTRICTED  Attacker accesses sensitive, encrypted data Decrypts data with a quantum computer in the future Relevant for data with long confidentiality span Decryption Impact of Quantum Computing on Applications and Use Cases Post Quantum Challenges & Threats Store now, decrypt later Digital signatures may be broken Attacker “calculates” credentials from public information Attacker approves requests or signs documents as you Impersonation Attacker issues fake firmware Devices accept it as it is signed with a forged signature Insecure firmware updates
Utimaco · Aachen, Germany · © 2025 utimaco.com Page 120  UNRESTRICTED  Adopting quantum-safe cryptography aligns with emerging regulatory requirements and standards for advanced data protection. Ensuring that data with long lifespans, such as healthcare records and financial information, remains secure against future decryption by quantum computers. Protecting against quantum threats helps maintain the trust and integrity of digital systems, essential for businesses and governments alike. Why Quantum Safe Cryptography is Crucial Regulatory Compliance Protecting Long-Term Data Maintaining Trust and Integrity
Utimaco · Aachen, Germany · © 2025 utimaco.com Page 121  UNRESTRICTED  Shaping Tomorrow’s Cryptographic World Industry Organizations and Standardization PQC Consortium: Work Streams Interoperability, Discovery X9 Post Quantum Cryptography Committee ETSI Quantum-Safe Cryptography (QSC) Working Group PQC Working Groups PQC Consortium: PQC Workstream Federal Office for Information Security in Germany White House Roundtable, January + August 2024 And further Playing a key role in shaping the future landscape of Post Quantum Cryptography Post-Quantum Cryptography Conference PQC Roundtable at the White House, August 2024 ICMC, April 2025
Utimaco · Aachen, Germany · © 2025 utimaco.com Page 122  UNRESTRICTED  National Cyber Security Center Timelines for migration to post-quantum cryptography - NCSC.GOV.UK
Utimaco · Aachen, Germany · © 2025 utimaco.com Page 123  UNRESTRICTED  Why Crypto Agility is important Crypto Agility describes the ability of information security protocols and standards to rapidly switch between algorithms, cryptographic primitives, and crypto assets – in a secure manner! Crypto Agility Ability to easily swap algorithms/software if needed E.g. TLS handshake protocol that allows to adapt to new encryption mechanisms or algorithms Ability to replace keys at a later period Example: SW integrity – classical algorithms do not have to be exchanged now Flexibility for new Requirements Adapting to Emerging Threats Future-Proofing Security Minimizing Downtime and Costs Regulatory Compliance Maintaining Competitive Advantage
A cryptanalytical-relevant Quantum Computer is expected in 2030. How can Utimaco & Salt help you with your PQC migration?
Utimaco · Aachen, Germany · © 2025 utimaco.com Page 125  UNRESTRICTED  1 - Crypto Discovery Look beyond your use cases Utimaco solution Crypto Discovery Create a full inventory of Protocols​ Libraries​ Algorithms​ Certificates​ Keys …used in your environment Digital Signatures Key Injection Data Encryption (in the Cloud) Code Signing Certificate Issuing Public Key Infrastructure Chip and Device Personalization User and Device Authentication Firmware Updates AgileSec | Analytics
Utimaco · Aachen, Germany · © 2025 utimaco.com Page 126  UNRESTRICTED  Your partners for the entire crypto lifecycle Crypto Inventory and Remediation Protocols Libraries Algorithms Certificates Keys Sensitive keys found in the discovery can be moved to HSM Outdated certificates can be revoked Insufficient keys (e.g. too short) can be exchanged Secure and reliable key generation, management, and storage Highest Protection of Keys Create a full inventory of Analyze (and fix!) vulnerabilities and compliance gaps Crypto agile and PQC-ready Hardware Security Modules for Direct integration Fast deployment
Utimaco · Aachen, Germany · © 2025 utimaco.com Page 127  UNRESTRICTED  2 - Prioritize you use cases Conduct a risk analysis to know where to start migration Utimaco solution PQC Consultancy Crypto Agility package Investigate Evaluate Navigate Integrate Professional Services to support implementation Digital Signatures Key Injection Data Encryption (in the Cloud) Code Signing Certificate Issuing Public Key Infrastructure Chip and Device Personalization User and Device Authentication Firmware Updates 1 2 3 4 5 5 5 5 5 Utimaco & Salt PQC Consulting & Professional Services
Utimaco · Aachen, Germany · © 2025 utimaco.com Page 128  UNRESTRICTED  Includes all PQC algorithms supported by Utimaco Quantum Protect ML-KEM ML-DSA XMSS and XMSS-MT LMS and HSS Free PQC simulator for testing and evaluation 3 – Test the algorithms Easy installation Ideal for integration testing Test before buying Fully functional Shorter project evaluation Immediately available where it is needed most: In the hands of the development team Utimaco Quantum Protect Simulator Access the simulator
Utimaco · Aachen, Germany · © 2025 utimaco.com Page 129  UNRESTRICTED  u.trust General Purpose HSM Se-Series 4 – Apply high security standards Multi-tenancy with up to 31 containers Designed crypto agile FIPS 140-2 Level 3 certified (FIPS 140-3 in progress) SDK for custom implementations Free, fully functional simulator Generate PQC keys in a high-security environment! Firmware per container Config and policy per container Containerization Up to 31 containers SDK - customized Blockchain PQC General Purpose HSM (e.g. FIPS / Non-FIPS)
Utimaco · Aachen, Germany · © 2025 utimaco.com Page 130  UNRESTRICTED  Application Package for u.trust General Purpose HSM Se-Series Utimaco Quantum Protect Lattice-based module: ML-KEM & ML-DSA Hash-based module: LMS, HSS, XMSS, XMSS-MT Easy upgrade for crypto agility Integration based on PKCS #11 or custom Free, fully functional simulator Upgrade your cryptographic applications with Post Quantum Cryptography Incl. patented state handling method for stateful hash-based signatures
Utimaco · Aachen, Germany · © 2025 utimaco.com Page 131  UNRESTRICTED  ✓ Comprehensive algorithm support ✓ Lattice and hash-based algorithms (ML-KEM, ML-DSA, LMS, HSS XMSS, XMSS-MT) ✓ Continuous development (SLH-DSA on the roadmap) Prepared for Quantum-secure Use Cases – Already in Use Today Summary: PQC-ready, crypto agile HSMs Already in use today Convenient firmware extension, no hardware exchange Quantum Protect Application Package Hybrid cryptography implementation possible Crypto agile Hardware Security Module Including patent for state handling of stateful hash-based signatures
Utimaco · Aachen, Germany · © 2025 utimaco.com Page 132  UNRESTRICTED  A scalable quantum-safe strategy Build a crypto inventory Know which crypto is used where and ideally also list the software related to it (to understand where patching / replacement is necessary) Be Agile Ensure your cryptographic infrastructure is flexible and can quickly adapt to new threats and advancements in quantum computing. Act Now Proactively transition to quantum-safe algorithms as attackers are already preparing for the quantum era, and delays could result in significant vulnerabilities. Choose Scalable and Agile Solutions Select cryptographic solutions that are both scalable to handle increasing data volumes and agile to integrate new quantum-safe methods seamlessly. Gradual Implementation Adopt a phased approach to integrate quantum-safe algorithms, minimizing disruptions and allowing for smooth transitions. Hybrid Cryptographic Systems Implement hybrid systems combining classical and quantum-safe algorithms, ensuring compatibility and enhanced security against quantum threats.
Utimaco · Aachen, Germany · © 2025 utimaco.com Page 133  UNRESTRICTED  What are our customers saying…..
Salt Cybersecurity Aishling House, 6a Hayes Road, Deanshanger Milton Keynes MK19 6HW Web www.saltcybersecurity.co.uk E-Mail salt.uk@saltgroup.com.au Utimaco IS GmbH GermanusstraBe 4 52080 Aachen Germany Web utimaco.com E-Mail info@utimaco.com Thank you for your attention! Any questions? Copyright © 2024 – Utimaco GmbH and ShardSecure Utimaco® is a trademark of Utimaco GmbH. All other named trademarks are trademarks of the particular copyright holder. All rights reserved. Specifications are subject to change without notice.
Adrian Culley Head of Engineering SAFEBREACH #FSTechSummit
Reducing Adversary Advantage through Increasing Cyber Resilience * CISOs: Hack thyself. Do you catch my drift? * Reducing RIsk by Moving from Incident Response to Incident Anticipation * The Regulatory Requirements of Cyber Resilience: What it means, and Why it matters. Adrian Culley, Head of Engineering, SafeBreach EMEA Thursday 1st May 2025
Financial Services Technology Summit 2025
Financial Services Technology Summit 2025
Financial Services Technology Summit 2025
Financial Services Technology Summit 2025
Financial Services Technology Summit 2025
Financial Services Technology Summit 2025
Financial Services Technology Summit 2025
Financial Services Technology Summit 2025
Financial Services Technology Summit 2025
Financial Services Technology Summit 2025
Financial Services Technology Summit 2025
Financial Services Technology Summit 2025
Financial Services Technology Summit 2025
Financial Services Technology Summit 2025
Financial Services Technology Summit 2025
Financial Services Technology Summit 2025
Financial Services Technology Summit 2025
Questions?
Thank You
#FSTechSummit Dave Townsend CIO Technology Platform Lead LLOYDS BANKING GROUP
Think Customer, Think Colleague: Keys to Successful Financial Transformation Dave Townsend CIO, Technology Platform Lead
Agenda 01. Introduction 02. Financial Transformation Initiative 03. Customer Focus 04. Sustainability 05. Colleague and Customer 06. Achieving Transformations 07. Q&A 158
Introduction Dave Townsend CIO, Technology Platform Lead
Financial Transformation Initiative Insights from a multiyear initiative at Lloyds Banking Group, change will migrate over 4 million customers.
Customer Focused Pensions, Bonds, Endowments, ISAs are all designed to last for a long time as products. Some of these products started in the 1970’s! Some products were so unique, you may have had your own if you wore pink socks on a Thursday. The systems they were originally built on were not capable of servicing customers the way we would want and in fact the way our customers now expect. Multichannel access for customers is key. We reviewed our entire Longstanding portfolio. Understood we needed to dramatically reduce the products. Be Bold, we didn’t shy away from the massive undertaking this would be. Always think how will this benefit our customers, as a customer ourselves would we be happy with the service we were moving away from. Reduce risk. Emphasis on customer-centric approaches, enhancing engagement and service for longstanding customers to improve overall experience.
Sustainability Strategies for sustainable practices, including modernising technology infrastructure and faster implementation of changes.
✓ What was our strategy? ✓ Reduce our Products and Technical landscape to align with our commitments for Sustainability with our customers and Brand. ✓ Select a strategic partner to host and manage our Longstanding Books. ✓ Encouraging use of digital statements and enquiries. ✓ Reducing our printing requirements and transportation there of. ✓ Continue with the initial agreed target infrastructure (unless there was a security issue) ✓ Build out a comprehensive data lake of all migrated systems in GCP. ✓ We still have a long way to go in this area.
Changing from (wait for it…) Fortran, COBOL, iSeries/AS400’s, Windows 2008 or lower, Mqseries. Removing Decommissioning of Removal of over 100 end user computing applications 12 core policy Admin Systems to date (3 more to go!) 285 applications by the end of the initiative. Removed 8million lines of code from the mainframe to date
That’s approximately 345,000 kg’s! Removed Net 58 African Elephants worth of CO2 per year.
Customer and Colleague Importance of considering both customers and colleagues in transformations, enhancing digital access and simplifying products and procedures for seamless interactions and sustainable engagement. What do we mean by this? Customers are at the heart of everything we do, how can we make things as simple as possible. Colleagues, can we enable them to have better data faster to get to the helping our customers rather than wrestle processes or systems.
Achieving Large-Scale Transformations Key methods and practices, including developing operational practices and achieving process excellence through journey redesign initiatives.
Key Methods: Started as Waterfall & Transitioned to Agile at the tail end of the initiative in Lloyds. Technologies, API’s API’s KAFKA - API’s… , but also knowing when to not use them. Private Cloud, Oracle DB’s (SoR), AWS digital customer front door, GCP (SoI). Data cleansing (before migration) and Data augmentation. Workflow and new Telephony system ID&V (using voice recognition). Redesigning full e2e customer journey maps, based on the target. This is continuous…… People, Trust, Experience, Resilience and Support - our colleagues both internal and partners are the heart of everything we do.
Completed 9 migrations to date. Completed the single largest UK Life & Pensions migration in one weekend (2.3 million customers). Completed 4 Major Migrations in 2024. Migrated one of our Partner Systems from Private Cloud to AWS Public cloud in advance of migrating to the final target system. Key Achievements:
Questions
Thank you
Yanna Winter CIO GENERALI INSURANCE #FSTechSummit Rob Mossop Chief Digital Officer SWORD GROUP
UK The Path to Operational Resilience in Financial Services THE PATH TO OPERATIONAL RESILIENCE IN FINANCIAL SERVICES Rob Mossop, COO for Financial Services at Sword in conversation with Yanna Winter, CIO for Generali Insurance. UK
Ensuring Operational Resilience with our Cyber Security Services Delivering continuous resilience and compliance, adapting and evolving to the dynamic cyber security landscape. Reducing Risk Safeguarding Reputation Limiting Liability Ensuring Compliance Protecting Profitability Maintaining Customer Trust
UK The Path to Operational Resilience in Financial Services THE PATH TO OPERATIONAL RESILIENCE IN FINANCIAL SERVICES Rob Mossop, COO for Financial Services at Sword in conversation with Yanna Winter, CIO for Generali Insurance. UK
Thursday 1st May 2025 | Dynamic Earth, Edinburgh, UK #FSTechSummit
LET’S STAY CONNECTED! Join Scotland's largest technology community today.

More Related Content

PPTX
AI Recruitment - How Businesses Are Winning the Race for the Talent
Skyl.ai
 
PPTX
Solving the dilemma should you build or buy ai
Skyl.ai
 
PPTX
Emerging tech industry sector sessions
SupportGCI
 
PDF
Oleksii Pavlenko: The Nine Circles of Hell for AI Integrators (UA)
Lviv Startup Club
 
PPTX
AI Overview and Capabilities
AnandSRao1962
 
PPTX
Benefits of the New Product Development Process
Engine Neer
 
PPTX
AI for Customer Service - How to Improve Contact Center Efficiency with Machi...
Skyl.ai
 
PPTX
How to classify documents automatically using NLP
Skyl.ai
 
AI Recruitment - How Businesses Are Winning the Race for the Talent
Skyl.ai
 
Solving the dilemma should you build or buy ai
Skyl.ai
 
Emerging tech industry sector sessions
SupportGCI
 
Oleksii Pavlenko: The Nine Circles of Hell for AI Integrators (UA)
Lviv Startup Club
 
AI Overview and Capabilities
AnandSRao1962
 
Benefits of the New Product Development Process
Engine Neer
 
AI for Customer Service - How to Improve Contact Center Efficiency with Machi...
Skyl.ai
 
How to classify documents automatically using NLP
Skyl.ai
 

Similar to Financial Services Technology Summit 2025 (20)

PDF
Why Developers Must Adapt Beyond Technical Expertise
Nathan Smith
 
PDF
Good-to-Great with AQUENT presentation - Koen van Niekerk
Lisa Trapman
 
PPTX
AI in Software Development.pptx
Genic Solutions
 
PDF
Understanding GenAI/LLM and What is Google Offering - Felix Goh
NUS-ISS
 
PPTX
WebEnture Corporate Presentation
Rajesh Kumar
 
PDF
How to Build Your First AI Agent A Step-by-Step Guide.pdf
Lisa ward
 
PPTX
How to analyze text data for AI and ML with Named Entity Recognition
Skyl.ai
 
PPTX
test - Future of Ecommerce: How to Improve the Online Shopping Experience Usi...
Skyl.ai
 
PPTX
Technical Debt.pptx
Atish Narlawar
 
PDF
The Rise of the Robo.pdf
software pro Development
 
PPTX
Integrating AI and Machine Learning for Business Excellence by Intelisync
Intelisync
 
PPTX
AI for Customer Service: How to Improve Contact Center Efficiency with Machin...
Skyl.ai
 
PDF
Digital transformation testing.
Deepak Daniel
 
PPTX
Future of Ecommerce: How to Improve the Online Shopping Experience Using Mach...
Skyl.ai
 
PDF
Salesforce Architect Group, Frederick, United States July 2023 - Generative A...
NadinaLisbon1
 
PDF
Deep Dive into AI Development Teams
nutanpare
 
PDF
Ejyle corporate profile
Rasheed Abdul Majeeth
 
PDF
Enterprise Grade Data Labeling - Design Your Ground Truth to Scale in Produ...
Jai Natarajan
 
PPTX
AI-in-Software-Development-Revolutionizing-the-Industry
Ozias Rondon
 
PPSX
Learnmystuff - Training Catalog
praveen david jacob
 
Why Developers Must Adapt Beyond Technical Expertise
Nathan Smith
 
Good-to-Great with AQUENT presentation - Koen van Niekerk
Lisa Trapman
 
AI in Software Development.pptx
Genic Solutions
 
Understanding GenAI/LLM and What is Google Offering - Felix Goh
NUS-ISS
 
WebEnture Corporate Presentation
Rajesh Kumar
 
How to Build Your First AI Agent A Step-by-Step Guide.pdf
Lisa ward
 
How to analyze text data for AI and ML with Named Entity Recognition
Skyl.ai
 
test - Future of Ecommerce: How to Improve the Online Shopping Experience Usi...
Skyl.ai
 
Technical Debt.pptx
Atish Narlawar
 
The Rise of the Robo.pdf
software pro Development
 
Integrating AI and Machine Learning for Business Excellence by Intelisync
Intelisync
 
AI for Customer Service: How to Improve Contact Center Efficiency with Machin...
Skyl.ai
 
Digital transformation testing.
Deepak Daniel
 
Future of Ecommerce: How to Improve the Online Shopping Experience Using Mach...
Skyl.ai
 
Salesforce Architect Group, Frederick, United States July 2023 - Generative A...
NadinaLisbon1
 
Deep Dive into AI Development Teams
nutanpare
 
Ejyle corporate profile
Rasheed Abdul Majeeth
 
Enterprise Grade Data Labeling - Design Your Ground Truth to Scale in Produ...
Jai Natarajan
 
AI-in-Software-Development-Revolutionizing-the-Industry
Ozias Rondon
 
Learnmystuff - Training Catalog
praveen david jacob
 
Ad

More from Ray Bugg (20)

PDF
ScotSecure Cyber Security Summit 2025 Edinburgh
Ray Bugg
 
PDF
Digital Transformation Summit 2024 - Edinburgh
Ray Bugg
 
PDF
Fintech Summit 2024 - Edinburgh Sept 27th
Ray Bugg
 
PDF
ScotSecure West Summit 2024 - Glasgow 11th Sept
Ray Bugg
 
PDF
Digit Leaders 2023
Ray Bugg
 
PDF
DIGIT North 2022
Ray Bugg
 
PDF
Digital Transformation Summit 2021
Ray Bugg
 
PDF
ScotSecure 2020
Ray Bugg
 
PDF
Data Protection Scotland Summit 2019
Ray Bugg
 
PDF
DIGIT Expo 2019
Ray Bugg
 
PDF
DIGIT Expo 2019
Ray Bugg
 
PDF
Scotland's FinTech Summit 2019
Ray Bugg
 
PDF
Intelligent Automation 2019
Ray Bugg
 
PDF
DIGIT Leader 2019
Ray Bugg
 
PDF
DIgital Energy 2019
Ray Bugg
 
PDF
Scot Secure 2019 Edinburgh (Day 2)
Ray Bugg
 
PDF
Scot Secure 2019 Edinburgh (Day 1)
Ray Bugg
 
PDF
Digital Transformation Scotland 2019
Ray Bugg
 
PDF
GDPR Scotland 2018
Ray Bugg
 
PDF
Fintech 2018 Edinburgh
Ray Bugg
 
ScotSecure Cyber Security Summit 2025 Edinburgh
Ray Bugg
 
Digital Transformation Summit 2024 - Edinburgh
Ray Bugg
 
Fintech Summit 2024 - Edinburgh Sept 27th
Ray Bugg
 
ScotSecure West Summit 2024 - Glasgow 11th Sept
Ray Bugg
 
Digit Leaders 2023
Ray Bugg
 
DIGIT North 2022
Ray Bugg
 
Digital Transformation Summit 2021
Ray Bugg
 
ScotSecure 2020
Ray Bugg
 
Data Protection Scotland Summit 2019
Ray Bugg
 
DIGIT Expo 2019
Ray Bugg
 
DIGIT Expo 2019
Ray Bugg
 
Scotland's FinTech Summit 2019
Ray Bugg
 
Intelligent Automation 2019
Ray Bugg
 
DIGIT Leader 2019
Ray Bugg
 
DIgital Energy 2019
Ray Bugg
 
Scot Secure 2019 Edinburgh (Day 2)
Ray Bugg
 
Scot Secure 2019 Edinburgh (Day 1)
Ray Bugg
 
Digital Transformation Scotland 2019
Ray Bugg
 
GDPR Scotland 2018
Ray Bugg
 
Fintech 2018 Edinburgh
Ray Bugg
 
Ad

Recently uploaded (20)

PDF
Make GenAI investments go further with the Dell AI Factory - Infographic
Principled Technologies
 
PDF
The Evolution of KM Roles (Presented at Knowledge Summit Dublin 2025)
Enterprise Knowledge
 
PDF
Chapter 2 Digital Image Fundamentals.pdf
Getnet Tigabie Askale -(GM)
 
PDF
madgavkar20181017ppt McKinsey Presentation.pdf
georgschmitzdoerner
 
PDF
Test Bank, Solutions for Java How to Program, An Objects-Natural Approach, 12...
famaw19526
 
PDF
Software Development Company | KodekX
KodekX
 
PDF
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 
PDF
A Day in the Life of Location Data - Turning Where into How.pdf
Precisely
 
PDF
Accelerating Oracle Database 23ai Troubleshooting with Oracle AHF Fleet Insig...
Sandesh Rao
 
PPTX
New ThousandEyes Product Innovations: Cisco Live June 2025
ThousandEyes
 
PDF
Orbitly Pitch Deck|A Mission-Driven Platform for Side Project Collaboration (...
zz41354899
 
PDF
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
PDF
Event Presentation Google Cloud Next Extended 2025
minhtrietgect
 
PDF
SparkLabs Primer on Artificial Intelligence 2025
SparkLabs Group
 
PDF
Why Your AI & Cybersecurity Hiring Still Misses the Mark in 2025
Virtual Employee Pvt. Ltd.
 
PDF
Shreyas_Phanse_Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PDF
NewMind AI Weekly Chronicles - July'25 - Week IV
NewMind AI
 
PDF
CIFDAQ's Token Spotlight: SKY - A Forgotten Giant's Comeback?
CIFDAQ
 
PDF
How Onsite IT Support Drives Business Efficiency, Security, and Growth.pdf
Captain IT
 
PDF
Cloud-Migration-Best-Practices-A-Practical-Guide-to-AWS-Azure-and-Google-Clou...
Artjoker Software Development Company
 
Make GenAI investments go further with the Dell AI Factory - Infographic
Principled Technologies
 
The Evolution of KM Roles (Presented at Knowledge Summit Dublin 2025)
Enterprise Knowledge
 
Chapter 2 Digital Image Fundamentals.pdf
Getnet Tigabie Askale -(GM)
 
madgavkar20181017ppt McKinsey Presentation.pdf
georgschmitzdoerner
 
Test Bank, Solutions for Java How to Program, An Objects-Natural Approach, 12...
famaw19526
 
Software Development Company | KodekX
KodekX
 
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 
A Day in the Life of Location Data - Turning Where into How.pdf
Precisely
 
Accelerating Oracle Database 23ai Troubleshooting with Oracle AHF Fleet Insig...
Sandesh Rao
 
New ThousandEyes Product Innovations: Cisco Live June 2025
ThousandEyes
 
Orbitly Pitch Deck|A Mission-Driven Platform for Side Project Collaboration (...
zz41354899
 
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
Event Presentation Google Cloud Next Extended 2025
minhtrietgect
 
SparkLabs Primer on Artificial Intelligence 2025
SparkLabs Group
 
Why Your AI & Cybersecurity Hiring Still Misses the Mark in 2025
Virtual Employee Pvt. Ltd.
 
Shreyas_Phanse_Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
NewMind AI Weekly Chronicles - July'25 - Week IV
NewMind AI
 
CIFDAQ's Token Spotlight: SKY - A Forgotten Giant's Comeback?
CIFDAQ
 
How Onsite IT Support Drives Business Efficiency, Security, and Growth.pdf
Captain IT
 
Cloud-Migration-Best-Practices-A-Practical-Guide-to-AWS-Azure-and-Google-Clou...
Artjoker Software Development Company
 

Financial Services Technology Summit 2025

  • 2. Headline Sponsors Co-Sponsors Drinks Reception Sponsor THANKS TO ALL OUR SPONSORS & EXHIBITORS Exhibitors
  • 3. 24 SEP 2025 | Edinburgh 24 SEP 2025 | Edinburgh 27 NOV 2025 | Edinburgh 10 SEP 2025 | Glasgow 5 JUN 2025 | Glasgow
  • 4. 24 SEP 2025 | Edinburgh The Scottish Financial Technology Awards 2025 Best Fintech Collaboration Best Use of Data/AI Best Start Up / New Entrant Climate & Environmental Impact Digital Transformation Financial Services Innovation Financial Technology Partner Fintech of the Year Outstanding Leader RegTech Innovation Social Impact Evangelist 12 Award Categories Available For Entry
  • 5. #FSTechSummit Alex Radu VP Education & Evangelism Lead, Infrastructure Platforms Engineering Practices JP Morgan Chase
  • 6. Engineering with AI: Balancing innovation, productivity and risks Alex Radu All views are my own and do not represent the views of my employer.
  • 7. The "Are You Even Paying Attention?" Scale of AI Understanding (not an academic one, made with AI) 7 Level 1: The "Isn't AI a Chatbot?" Chum Level 2: The "Documentary Curious" Novice Level 3: The "My Phone Does That" Dabbler Level 4: The "Prompt Engineer in Training" Pro Level 5: The "Silicon Valley Unicorn Whisperer" Sage
  • 8. 40%
  • 9. By 2030, nearly 40% of today’s skills will be obsolete, and AI is driving this shift. Source: Future of Jobs Report 2025 (WEF)
  • 10. 80%
  • 11. By 2029, Agentic AI will autonomously resolve 80% of common customer service issues without human intervention Source: What is Agentic AI and How Will It Impact Customer Service and Support? 2025 (Gartner)
  • 12. AGENDA 01 Newest AI wave 02 Engineering with AI 03 Adoption framework 12
  • 13. Did you use an AI tool in the last month?
  • 14. Technology that enables machines to mimic human intelligence and perform tasks like reasoning, learning, and problem-solving. For example, virtual assistants, facial recognition systems, chatbots. A branch of AI that focuses on building systems that learn from data and improve over time without being explicitly programmed. For example, product or video recommendation systems, natural language processing, fraud detection. A subset of ML that uses neural networks with many layers to process complex data like images, audio, and text. For example, autonomous vehicles, speech recognition, computer vision. A type of AI that can create new content — like text, images, audio, and code based on patterns it learned from training data using LLMs (Large Language Models) or SLMs (Small Language Models). For example, coding assistant chatbots, image and content creation solutions. AI systems with a high degree of autonomy, enabling them to make decisions, take actions, and learn from interactions to achieve specific goals, often with minimal human intervention. For example, solutions where AI has the ability to act and make decisions independently. Newest Thinking Machines Wave 14 Artificial Intelligence (AI) Machine Learning (ML) Deep Learning Generative AI Agentic AI We’re here
  • 15. The process of using a trained model to generate output. Features for efficient model execution, quantization, and deployment for various environments. CPUs, general purpose processors that can be used for a wide range of tasks. GPUs, specialized processors that are designed for parallel processing, making them well-suited for the type of calculations needed for machine learning. The type of ecosystem your AI model will run in, this will influence your available choices of frameworks.For example, Python or C, C++. A framework provides tools and libraries for use with building and using LLMs. Frameworks can offer support for the pre-training, fine-tuning or inference. Training is the process of teaching a model to understand and generate data by exposing it to data that will help it generalize it to solve tasks. Training can be considered the process by which a model is first created. Stages: ● Pre-training, where the model is exposed to data - trillions of words ● Post-training, where the model is optimized ● Fine-tuning - a type of post-training for specific tasks / domains on a smaller/targeted dataset ● Quantization - reducing model size ● Testing and validation to ensure quality and safety What’s in a LLM model? 15 Inference Software ecosystem Frameworks Training Hardware Expensive and resource intensive
  • 16. Here’s a few use cases: ● Efficient and clear communications or content creation (writing, editing, email/calendar management) ● Faster completion of admin, support or collaboration tasks ● Removing or automating repetitive tasks ● Code editing (suggestions, translation, improvements, testing) ● Enhanced (or existing) documentation ● Time management and note-taking ● Performing research, analysis, product discovery, solution brainstorming and new use cases are popping up everyday! So what does GenAI promise to do for us? 16 Each and every one of these is a risk and opportunity! Today Analyze Communicate Tasks Can't do (yet) Imagine Make decisions Solve problems
  • 17. You go from this PDLC (product development lifecycle) workflow: What happens when you add Engineering + AI 17 Discover & Define ➔ Define Strategy & Vision ➔ User & Market Research ➔ Problem Definition ➔ Concept Generation & Prioritization Validate & Design ➔ Prototype, Experiment & User Testing ➔ UX/UI Design ➔ Tech Feasibility & MVP Measurement/Pivot ➔ Detailed Specification Development Build & Test ➔ Software/Hardware Development ➔ Testing: Quality Assurance (QA), Performance & Security and User Acceptance (UAT) Launch, Scale & Iterate ➔ Go-to-Market & Launch ➔ Insights Monitoring & Customer Feedback ➔ Analyze Usage, Identify & Prioritize Improvements ➔ Develop, Release & Scale ➔ Customer Education and Support Discover, Define, Validate & Design AI-powered tools can rapidly analyze vast customer research data, brainstorm and generate novel product concepts from it, accelerate the creation of prototypes for validated features and analysis of user testing feedback, suggest design best practices and successful patterns. Build, Test, Launch, Scale & Iterate AI can assist engineers with code generation, automate testing processes, exploring new architectural patterns, monitor product usage patterns, customer feedback, areas needing improvement or new feature opportunities. It can help create content, personalize experiences, provide targeted support, or forecasting demand and optimizing scaling strategies. To this workflow, where AI enables faster delivery, customer focus and potential for innovation: Co-creation Cross-functional reviews
  • 18. Reliability, resilience & quality Security & portability Functionality, accessibility & usability What is good software?
  • 19. Here’s a few use cases: ● Functionality, accessibility & usability ○ AI powered code generation, troubleshooting, research ○ Writing docs and README files ○ Suggesting CLI commands ○ Software engineers becoming product engineers ● Security & portability ○ Automated and increased testing coverage ○ Anomaly detection and notification or healing ○ Migration code rewrites ● Reliability, resilience & quality ○ Reviewing, refactoring and optimizing code ○ Reducing build and merge failures ○ Handling routine implementations or patterns ○ AI drive data monitoring and analysis to speed up identification of issues and suggest remediation or support decision-making So what does AI promise to do for Software Engineering? Reduced toil and boosted productivity! 19 Each and every one of these is a risk and opportunity!
  • 21. Build AI trust with your engineers Communicate purpose and benefits of this new way of working Demo current tools and workflows integrations or changes Start with focused toil use cases and showcase early adopter wins Emphasize data privacy and controls in terms of limitations Actively solicit and incorporate engineer feedback Team focus in adoption support and enablement
  • 22. Designing your Adoption Framework whilst Navigating Risk 22 Governance and security Set out your policy and governance to ensure responsible, sustainable, ethical and secure AI use, including systems, data and risk management, measurements and compliance. Align with business outcomes, workforce and customer needs. Education and innovation Nurture for your people a culture of transparent learning, experimentation and creativity in adopting AI, using it to reduce toil and giving permission and boundaries to play within from top to bottom. Cross-functional collaboration Bring together teams and early adopters from engineering, product, compliance, legal, security and more, to test and validate use cases, oversight, and best results from across the organization. Adoption takes time, communication and purposeful enablement. Measure and iterate Measure outcomes consistently, evaluate the customer, system, delivery and team health. As the organization changes their workflow, continuously evaluate ROI, compliance and risk posture. Infrastructure Decide, test and communicate what AI platforms and tools will be used internally and the engineering, operations and costs of those. Make sure you’re building in existing workflows and tools to facilitate adoption and reduce friction. 05 01 02 03 04
  • 23. 23 “Failure is a manifestation of learning and exploration. If you aren’t experiencing failure, then you are making a far worse mistake: You are being driven by the desire to avoid it.” Ed Catmull, Creativity, Inc
  • 25. The "Are You Even Paying Attention?" Scale of AI Understanding (not an academic one, made with AI) 25 Level 1: The "Isn't AI a Chatbot?" Chum Level 2: The "Documentary Curious" Novice Level 3: The "My Phone Does That" Dabbler Level 4: The "Prompt Engineer in Training" Pro Level 5: The "Silicon Valley Unicorn Whisperer" Sage
  • 26. Level 1: The "Isn't AI a Chatbot?" Chum AI Trust Level: Mostly just annoyed by unhelpful automated responses. Typical Belief: Thinks AI is exclusively those little boxes on websites that can't understand a single thing you type. Might also confuse it with autocorrect or Clippy the paperclip. Water Cooler Talk: "This new chatbot at work is so dumb, it's like, is *that* the AI everyone's talking about?" The "Are You Even Paying Attention?" Scale of AI Understanding (not an academic one, made with AI) 26
  • 27. The "Are You Even Paying Attention?" Scale of AI Understanding (not an academic one, made with AI) 27 Level 2: The "Documentary Curious" Novice AI Trust Level: Worried about robot uprisings and sentient toasters. Typical Belief: Has seen a slightly alarming documentary about robots taking over the world and now views all AI with a healthy dose of suspicion. Might vaguely understand terms like "algorithm" but thinks it's some kind of ancient wizard spell. Water Cooler Talk: "Did you see that show where the AI started writing creepy poetry? We're doomed, I tell you!"
  • 28. The "Are You Even Paying Attention?" Scale of AI Understanding (not an academic one, made with AI) 28 Level 3: The "My Phone Does That" Dabbler AI Trust Level: Occasionally wonders if their phone is listening to their conversations a little *too* closely. Typical Belief: Understands that AI powers some everyday conveniences like voice assistants, photo tagging, and personalized recommendations. Thinks of it as a helpful but slightly mysterious magic behind the screen. Water Cooler Talk: "Yeah, my phone's AI is pretty good at suggesting songs. Though sometimes it thinks I want to listen to whale noises after a heavy metal track."
  • 29. The "Are You Even Paying Attention?" Scale of AI Understanding (not an academic one, made with AI) 29 Level 4: The "Prompt Engineer in Training" Pro AI Trust Level: Mostly worried about AI becoming *too* good and making their prompt engineering skills obsolete. Typical Belief: Has spent a significant amount of time crafting the perfect prompts for various AI tools, boasts about getting "amazing" results, and might even use terms like "large language model" in casual conversation (slightly incorrectly). Water Cooler Talk: "You just have to phrase it *exactly* right. I got ChatGPT to write my entire birthday card in the style of a Shakespearean sonnet about pizza!"
  • 30. The "Are You Even Paying Attention?" Scale of AI Understanding (not an academic one, made with AI) 30 Level 5: The "Silicon Valley Unicorn Whisperer" Sage AI Trust Level: Considers themselves part of the solution (or at least the cutting edge of the problem). Typical Belief: Views current mainstream AI as child's play. Is actively tinkering with open-source models, complaining about the limitations of current GPU availability, and dreams in CUDA code. Water Cooler Talk: "Honestly, these pre-trained models are so last year. I'm trying to fine-tune a diffusion model on a dataset of abstract cat paintings, but my 3070 is really bottlenecking the whole process. If only I had those sweet, sweet Nvidia cores..."
  • 31. #FSTechSummit Andy McMahon Principal AI & MLOps Engineer BARCLAYS
  • 32. © 2025 Andrew P. McMahon. All Rights Reserved. Maximising the AI Opportunity Tech, Business and Customer Alignment Andy McMahon Principal AI & MLOps Engineer, Barclays FS Tech Summit May 2025
  • 33. © 2025 Andrew P. McMahon. All Rights Reserved. Some thoughts from other professionals …
  • 34. © 2025 Andrew P. McMahon. All Rights Reserved. Some thoughts from other professionals …
  • 35. © 2025 Andrew P. McMahon. All Rights Reserved. Expectations are high … “Generative AI’s impact on productivity could add trillions of dollars in value to the global economy. Our latest research estimates that generative AI could add the equivalent of $2.6 trillion to $4.4 trillion annually across the 63 use cases we analyzed—by comparison, the United Kingdom’s entire GDP in 2021 was $3.1 trillion. This would increase the impact of all artificial intelligence by 15 to 40 percent. This estimate would roughly double if we include the impact of embedding generative AI into software that is currently used for other tasks beyond those use cases.” The economic potential of generative AI, 2023, McKinsey: https://www.mckinsey.com/capabilities/mckinsey-digital/our-insights/the-economic-potential-of- generative-ai-the-next-productivity-frontier
  • 36. © 2025 Andrew P. McMahon. All Rights Reserved. Expectations are high … “Generative artificial intelligence is poised to produce $1.3 trillion in revenue — 10-12% of all technology spending — over the next eight years in hardware, software and services and more as businesses supercharge their products. … Training AI through machine learning and neural network algorithms using massive datasets (the large language model, or LLM) will be a huge market, reaching $471 billion in sales by 2032 and boosting demand for accelerators on servers and storage units at data centers. Companies will use the public cloud to deploy generative AI, benefitting hyperscalers like Meta, Microsoft, Amazon and Alphabet, with a projected CAGR of 54% to $309 billion.” Bloomberg Intelligence, Generative AI 2024 Report: https://www.bloomberg.com/professional/products/bloomberg-terminal/research/bloomberg-intelligence/download/generative-ai- 2024-report/
  • 37. © 2025 Andrew P. McMahon. All Rights Reserved. AI in the enterprise - financial services
  • 38. © 2025 Andrew P. McMahon. All Rights Reserved. “For JPMorganChase, 2024 was the year that continual leadership in the space started showing dividends. During the bank’s Investor Day held on May 20, Daniel Pinto (President & COO) shared the value they assigned to AI use cases was between $1 - $1.5 billion in the fields of customer personalization, trading, operational efficiencies, fraud detection, and credit decisioning. On September 10, Pinto raised the project to approximately $2 billion during the Barclays Global Finance Services conference.” Evident AI Index 2024 Key Findings Report https://evidentinsights.com/ai-index/ AI in the enterprise - financial services
  • 39. © 2025 Andrew P. McMahon. All Rights Reserved. AI in the enterprise - going generative Analyse 03 ● Leverage reasoning models (or simpler) to perform E2E analysis of data ● Give v1/POC of analytical solutions Summarise 02 ● “Brief me quickly” ● Take outsized contextual information and compress (e.g lengthy documentation) Search 01 ● Augment existing retrieval capabilities (e.g intranet) ● Leverage existing organisational knowledge ● RAG (!), Semantic Search. Generate 04 ● Write copy/generate bespoke comm’s ● Synthesise new imagery and branding ● Chat (!) Translate/Transcribe 05/ 06 ● Modalities (e.g audio <-> text, text <-> image) ● Natural languages ● Technical language (e.g C++ <-> Python, Oracle <-> Postgres, Ansible <-> Terraform) Credit for the 6 patterns: Jeff McMillan, Morgan Stanley
  • 40. © 2025 Andrew P. McMahon. All Rights Reserved. AI in the enterprise - going generative BCG - https://www.bcg.com/publications/2024/what-gen-ais-top-performers-do-differently
  • 41. © 2025 Andrew P. McMahon. All Rights Reserved. AI in the enterprise - going generative - beware the hype! Credit: Nayur Khan, Linkedin, Mar 2025
  • 42. © 2025 Andrew P. McMahon. All Rights Reserved. AI in the enterprise - going generative - beware the hype! https://www.gitclear.com/ai_assistant_code_quality_2025_research “To investigate, we will analyze the largest known database of highly structured code change data [A2]. 211 million changed lines of code, authored between January 2020 and December 2024 [A1], will be assessed on quantifiable “code quality” metrics. The data in this report contains multiple signs of eroding code quality. This is not to say that AI isn’t incredibly useful. But it is to say that the frequency of copy/pasted lines in commits grew 6% faster than our 2024 prediction. Meanwhile, the percent of commits with duplicated blocks grew even faster. Our research suggests a path by which developers can continue to generate distinct value from code assistants into the foreseeable future.”
  • 43. © 2025 Andrew P. McMahon. All Rights Reserved. Building the business case 1. Define Opportunity Type Increase ● Throughput/Efficiency/ Productivity ● Volumes ● Quality ● Offerings Decrease ● Errors/Failures ● Complaints/Recalls/ Returns ● Wasted time/rework ● Complexity ● Drudgery/toil 2. Define Metrics ● Time to value (days) ● Time to resolution (hours) ● # sales per quarter ● Revenue per quarter ● # reworked records/week/worker ● # defaults ● # false positives identified ● … 3. Measure success ● Raw system data ● A/B experiments ● Surveys ● Raw financials ● SME evaluated results Rinse and Repeat!
  • 44. © 2025 Andrew P. McMahon. All Rights Reserved. Building the momentum 1. Awareness Are the wider organization aware of the capabilities that exist within and outside the firm? 3. Value Generation Have you successfully executed and created real value? Did you get a healthy ROI? 2. Buy-in & Partnership Have your data experts found the areas that will accept the AI business case and work with you to execute? 03 01 02
  • 45. © 2025 Andrew P. McMahon. All Rights Reserved. Momentum + feedback + innovation = success! AI COE Use Case Team Use Case Team Use Case Team Platform ● Architecture is now not as settled, we need to be nimble! ● The platforms and tooling landscapes will be augmented, new learning and capabilities required in teams. ● Use case success may be volatile as the org builds the ‘muscles’ for GenAI → could mean low success rates! ● Businesses cases for GenAI use cases will necessarily be less robust, need leaps of faith in some cases. Architecture Vector DB Prompt Hub Application DB
  • 46. © 2025 Andrew P. McMahon. All Rights Reserved. Parting Thoughts …
  • 47. © 2025 Andrew P. McMahon. All Rights Reserved. Data is your moat ● “Using AI” is not a differentiator ● Other “moats” include your non-AI products ● The data you have as an organisation is (relatively) unique ● The specific ways you can leverage that data is where differentiation will happen
  • 48. © 2025 Andrew P. McMahon. All Rights Reserved. Let’s talk about risk …
  • 49. © 2025 Andrew P. McMahon. All Rights Reserved. Operating models - XOps https://cloud.google.com/devops/state-of-devops
  • 50. © 2025 Andrew P. McMahon. All Rights Reserved. Thank you!
  • 51. Derek Smith Chief Product & Technology Officer ABERDEEN ADVISER #FSTechSummit
  • 52. Widening Access to Advice with AI Derek Smith – Chief Product and Technology Officer
  • 53. Where is the value in Financial Advice?
  • 54. Why do only 8% of the UK population use Financial Advice?
  • 55. What is the Gap?
  • 56. How could this change, and why now? Competitive Rivalry Threat of Substitutes Buyer Power Threat of New Entrants Supplier Power
  • 57. Where and how could AI disrupt this?
  • 58. Let’s support more people to secure their financial future
  • 59. Mari Parry Principal AI Engineer BLACKROCK #FSTechSummit
  • 60. Generative AI: Where, Why, … And What’s Next
  • 62. Where Has It Come From? 1940s-70s Early neural networks Turing test, artificial neuron, perceptron 1950s- Rules based natural language processing 1989 Backpropagation 1990s- Statistical natural language processing mid 1990s-2010 Cheaper storage Better hardware Internet training data 2010- Deep learning takes off 2017 Transformer 2022 Commercial large language models
  • 63. Why?
  • 65. How?
  • 66. Strategy for Gen AI Adoption Know your Landscape Document workflows Conduct user surveys Competitor research Identify Candidates What can Gen AI do? Where can it add value? Data handoffs Assess the ROI Time spent on activity Replacement cost Replacement value Assess the Risks Risk level and tolerance Mitigation strategies Third party risk Implement AI platform Data platform Monitor Accuracy metrics Human feedback Usage metrics
  • 67. Conversational Q&A (RAG) RAG Application documents Document chunks similar to query “How do I process a claim?” “Follow these steps…” human response LLM query + prompt + chunks Vector DB embeddings
  • 68. Conversation Q&A (Dynamic Content) Orchestrator 1."What is the customer's address?” "Create a report of their loan history" "Which application shows loans?" LLM with Tool Calling Enabled Customer API Loans Agent 1. User asks a query 2. LLM assigns query to tool 3. LLM generates the tool request 4. Orchestrator calls the tool 5. LLM converts the response to language 6. Response sent to user RAG Agent
  • 70. Challenges/Mitigations Challenge Description Mitigation Hallucinations Lack context Not faithful to context RAG/fine-tuning Query rewrites Training cut-off date LLM data is not up-to-date RAG for static data Website/tools for dynamic Toxicity LLMs trained on internet Guardrails PII leakage PII leaked to LLM or from tool PII removal Access controls Prompt injection Malicious query included in prompt Defensive prompts Jailbreaking Subverting safety controls Query validation Explainability LLMs are “black boxes” Sources annotation Benchmarking Benchmarks are too general Custom ground truth data
  • 72. “This material is provided for informational purposes only and is not intended to be relied upon as a forecast, research or investment advice, and is not a recommendation, offer or solicitation to buy or sell any securities or to adopt any investment strategy. The opinions expressed are subject to change at any time without notice. The information and opinions contained in this material are derived from proprietary and non- proprietary sources deemed by BlackRock to be reliable, are not necessarily all-inclusive and are not guaranteed as to accuracy. This material may not be reproduced for, disclosed to or otherwise provided in any format to any other person or entity without the prior written consent of BlackRock. ©2025 BlackRock, Inc. or its affiliates. All rights reserved. BLACKROCK is a trademark of BlackRock, Inc., or it's affiliates. All other marks are the property of their respective owners.”
  • 73. Q&A
  • 74. #FSTechSummit Shauna Mullin Head of Product: Direct & Advice M&G PLC
  • 76. Contents How it all began The opportunity The beginning Defining experience Starting the clock Introductions What did we prove? May 2025 Digit 2025
  • 77. Howitallbegan Number of hours of lapsed time it took to provide advice. The number of custom tasks and threads in our CRM. Every time we add one adviser to our team we have to add the amalgamation of 0.4 of a person to support them across all support activities 8 hours 1000+ 1 : 0.4 Digit 2025
  • 78. 53% The opportunity 53% of firms are planning substantial investment into process automation & AI. Digital transformation There’s a growing demand and expectation for personalised and tailored services without the price tag. Personalised financial planning Unprecedented opportunities to deliver smarter, faster, more cost effective services than ever before. Technology options
  • 80. DefiningExperience Concierge Copilot Focused Removing admin from advisers day to day Transition advice experiences Decluttered • Intuitive Digit 2025
  • 81. Startingtheclock What tech were we going to use to be the brains of our operation? CRM decision Who would seamlessly integrate? Advice Tech decision Digit 2025 It was time to rethink how we managed relationships and built an ecosystem that evolved a client profile rather than one that dealt in singular interactions.
  • 82. Digit 2025 The framework What core record did we need to create the framework? Framework What we do to transition static records into fliud processes? Automation How did we create an always on framework? Always on Advice Process Guardrails Client based checks Doc Gen Guardrails Ongoing Case Monitoring Triage & Checking
  • 83. Whatdidweprove? We halved our people cost and designed a system that allowed us to scale. We defined a new operating model that made us more efficient to evolve our experience and cheaper to support. Layered AI within our experience. Built a copilot like experience for advisers that was driven by data and insight. Digit 2025 1. 2. 4. 3.
  • 85. Philip Intallura Group Head of Quantum Technologies HSBC #FSTechSummit
  • 86. PUBLIC Innovation & Ventures | Quantum Technologies Group Unlocking the Future: Quantum Computing's Transformative Impact on Financial Services FS Technology Summit 01 May 2025 Dr Philip Intallura Copyright HSBC
  • 87. PUBLIC Group Emerging Technology Quantum computers promise to solve certain types of problem exponentially faster than classical computers can. They will bring about two significant changes: Copyright HSBC ▪ An end to our current approach to cybersecurity ▪ Explosion of algorithmic power for computation
  • 88. PUBLIC Group Emerging Technology Motivation: value at stake US$2TN* Opportunity *Source: McKinsey Tech Monitor Report, 2024 Copyright HSBC
  • 89. PUBLIC Group Emerging Technology Quantum value: FS industry predicted to unlock up to $600Bn+ by 2035 Total Corporate banking Risk and cybersecurity Retail banking Payments Asset and wealth management Investment banking Operations and finance $622Bn $190Bn $160Bn $90Bn $80Bn $80Bn $20Bn $2Bn PQC Gold Tokenisation QKD Stability Testing Collateral Optimisation Portfolio Optimisation Credit Risk Feature Selection QML for Fraud Detection QML for AML QRNG for Insurance Risk QML for Client Attrition Quantum-Secure FX Trading QMCI for Simulations QAE for Simulations Quantum Algo Trading Source: McKinsey, 2024 ESG Investments QKD Assurance MAS QKD Consortium Cryptographic Inventory Pilot Copyright HSBC
  • 90. PUBLIC Group Emerging Technology Classical Trillions Core Years Motivation: potential to break Public Key Cryptography These numbers are rough estimates Quantum ~2.5 Core Days Copyright HSBC
  • 91. PUBLIC Group Emerging Technology Need for security: the statistics Payments processed each year ~4.5 billion 60+ markets Number of countries and territories we serve customers 42 million Customers served through our global businesses ~£3.5 trillion Value of payments processed Copyright HSBC
  • 92. PUBLIC Group Emerging Technology HSBC quantum strategy: three key pillars Strategic Partnerships Engineering Excellence Organisational Readiness Copyright HSBC
  • 93. PUBLIC Group Emerging Technology Our use cases: focused on core capabilities of quantum technologies Pricing Optimisation Financial Simulations Transactional Fraud Detection Copyright HSBC
  • 94. PUBLIC Group Emerging Technology Quantum threat timeline: will a quantum computer break cryptography? Source: Global Risk Institute - Quantum Threat Timeline Report 2024 Optimistic view Pessimistic view Copyright HSBC
  • 95. PUBLIC Group Emerging Technology Post-Quantum Cryptography Proof-of-concept: PQC in gold tokenisation Consortia: NIST-led, EPAA Cryptographic Inventory Proof-of-concept: conducted proof-of-value trials Quantum Defence-in- Depth Proof-of-concept: Quantum Key Distribution in London, Singapore Mitigating the quantum threat : HSBC’s focus areas Copyright HSBC
  • 96. PUBLIC Group Emerging Technology ▪ Conducted proof of value trials ▪ Lists cryptographic assets for remediation ▪ First step towards cryptographic agility Mitigating the quantum threat: cryptographic inventory and agility Copyright HSBC
  • 97. PUBLIC Group Emerging Technology Post Quantum Cryptography (PQC) Quantum-proof encryption schemes using new quantum-safe algorithms Defence: protect the bank from future quantum attacks ▪ First bank to test PQC on Gold Tokenisation ▪ Allows quantum safe distribution ▪ Informs wider quantum-safe strategy
  • 98. PUBLIC Group Emerging Technology Defence: protect the bank from future quantum attacks Quantum Key Distribution (QKD) Quantum-secure distribution of symmetric keys using information encoded on photons Data Centre, Slough HSBC 8CS, London Encrypted Data Key Key Key Distribution ▪ First bank to join BT/Toshiba UK quantum network ▪ Worlds first quantum-secure FX trade ▪ QKD network in SGP led by MAS Bloomberg article Reuters article
  • 99. PUBLIC Group Emerging Technology Harvest now, decrypt later Market signals: the need for action is ramping up Quantum advancing at pace Algorithmic advances MAS ADVISORY FEB ‘24 NIST, AUGUST ’24 G7 SEP‘24 GLOBAL RISK INSTITUTE, DEC ‘24 Copyright HSBC NIST, NOVEMBER ’24 Israel NDA, FEB ’25
  • 100. PUBLIC Innovation & Ventures | Quantum Technologies Group Email course: Quantum Threats for Business Leaders
  • 101. PUBLIC Innovation & Ventures | Quantum Technologies Group
  • 102. #FSTechSummit Charles James Head of Sales and Business Development: EMEA SALT GROUP Adam White Channel Manager UK&I & Northern Europe UTIMACO
  • 103. Commercial in Confidence © Salt Group Salt Cybersecurity – Utimaco Introduction Session How to Stay Secure in a Post-Quantum World
  • 104. Utimaco · Aachen, Germany · © 2025 utimaco.com Page 104  UNRESTRICTED  Our speakers Charles James Head of Sales UK and EMEA [email protected] Adam White Channel Manager UK&I [email protected]
  • 105. Commercial in Confidence © Salt Group Before we kick off who are Salt Cybersecurity - Salt Group: Australian Cybersecurity company operating since 2004 - Salt Cybersecurity: UK division established in 2019 - Specialises in high assurance user identity & transaction authentication - Market segment focus - Banking and Finance - Government Services - Offices in Melbourne, London, Jakarta - 30+ engineering and technical staff - Experienced technical and industry specialists - Proactive professional development programs - Global 24x7 engineering support - Consulting & Professional Services capability
  • 106. Commercial in Confidence © Salt Group What do we do? - Enterprise grade server platform for authentication of user identities and transactions across all digital channels and protection of high value B2B & corporate payments - Proven @ bank-scale - Multi-factor for risk-based authentication - HSM data protected for ultimate security - Suitable for hybrid on-premise/cloud deployment Contemporary mobile security 2FA token for authentication of user identity and verification of transactions independent of delivery channel - Consistent user experience across all delivery channels - PSD2 ready - Patented in Europe and US - Independently reviewed crypto architecture - Includes Runtime App Self-Protection (RASP) - eKYC for customer identity - In-house OCR, biometric face-to-photo matching and liveness detection - DVS & alternative adjudication methods - Trust levels associated with identity attributes
  • 107. Commercial in Confidence © Salt Group Safetronic Transition to Salt - Acquired the SafeSign product from the Thales and Gemalto acquisition in 2019, rebranded as Safetronic - Established a robust short-term roadmap to: - Ensure full backwards compatibility with all versions of SafeSign - Provide a clear migration path for customers on legacy SafeSign versions - Resolve critical product hygiene issues, including Java JRE updates, HSM integrations, and database compatibility - Developed a strategic long-term roadmap to : - Stay ahead of evolving industry standards, innovations, and technologies - Continuously enhance the product with relevant and compelling features - Enhanced release cadence with a commitment to quarterly product updates, significantly improving on the previous SafeSign release schedules
  • 108. Commercial in Confidence © Salt Group Footprint in UK Payments ‒ Safetronic: ‒ is a digital signature middleware ‒ serves as a cryptographic messaging framework for securing and integrating diverse PKI-enabled endpoints ‒ performs real-time verification of all PKI identities/end-entities ‒ checks the digital signatures on all submissions into BACS, FPS and ICS ‒ utilises FIPS 140-2 Level 3 Hardware Security Modules ‒ is deployed at numerous participants, bureaus and hubs ‒ is fully cloud and container supported ‒ is actively developed to keep ahead of industry standards, innovations and technologies
  • 109. Commercial in Confidence © Salt Group Use Case in Payments Security ‒ Hardware Security Modules mandated for payments scheme participation ‒ Hardened, tamper-resistant devices isolated from host environments ‒ Protect critical cryptographic key material and enforce polices ‒ FIPS 140 Level 3 certified ‒ Direct HSM integration with business applications is complex ‒ HSMs provide digital signing primitives only ‒ No understanding of Cryptographic Message Syntax (CMS/PKCS#7), required for digital signatures ‒ Low level libraries (PKCS#11, CNG, JCA) take time and effort to develop against ‒ Cryptographic programming expertise required to avoid inadvertent security risks ‒ Safetronic middleware ‒ Business level APIs (REST, SOAP, RMI) to PKI level services (CMS sign/verify) and generic crypto primitives ‒ Certificate status checking (IdenTrust OCSP, CRL etc..) ‒ Mutual TLS to restrict client application access ‒ Channel model separating application clients, keystores and services ‒ Optimise and consolidate expensive HSM hardware to promote application multi-tenancy ‒ On-premise, cloud, hybrid and container deployment patterns ‒ Scalable, resilient and proven in the field for over two decades
  • 111. Commercial in Confidence © Salt Group High-Assurance Cryptography made simple with Safetronic ‒ Safetronic delivers robust crypto services, abstracting complex HSM integrations and enabling rapid adoption by enterprise applications. ‒ Utimaco’s u.trust HSM combines scalable cryptographic performance with multi-tenant isolation, supporting up to 31 secure containers for diverse use cases including general-purpose cryptography, PQC, and blockchain. ‒ • Multi-tenancy to enable secure separation of application stacks within a shared HSM estate. ‒ • Post-Quantum Cryptography readiness, backed by a well-defined roadmap aligned with emerging cryptographic standards. ‒ • Proven in the field: Safetronic has powered UK national payment infrastructure for over two decades, with a focus on reliability, scalability, and operational assurance. ‒ • Designed for hybrid and cloud-first environments: deploy Safetronic alongside u.trust in physical, virtual, containerised, or cloud- hosted (u.trust as a Service) infrastructures. ‒ • Safetronic integrates natively with u.trust, bringing its enterprise-grade crypto platform to new environments without compromising on stability or operational assurance.
  • 112. Creating Trust in the Digital Society Preparing for the Quantum Threat: How to Stay Secure in a Post-Quantum World
  • 113. Utimaco · Aachen, Germany · © 2025 utimaco.com Page 114  UNRESTRICTED  Ashburn, USA Americas HQ Campbell (CA), USA Singapore Aylesbury, UK Milan, Italy Madrid, Spain México EMEA HQ Aachen, Germany Tel Aviv, Israel 40 years in IT security in IT Security Started in 1983 600+ highly skilled experts 130 million Euro revenue in FY 23 Diversity and internationality are the key to our success Headquarters Subsidiaries Customer and partner network 40 years in Digital Trust Solutions
  • 114. Utimaco · Aachen, Germany · © 2025 utimaco.com Page 115  UNRESTRICTED  Utimaco – The Better Choice Secure your future with Utimaco's unmatched data protection, secure payments, key management with central management and control.
  • 115. Utimaco · Aachen, Germany · © 2025 utimaco.com Page 116  UNRESTRICTED  Quantum Computing is Coming!
  • 116. The Quantum Threat: A sufficiently scalable quantum computer would break the asymmetric cryptosystems based on RSA and elliptical curves currently in use.
  • 117. Utimaco · Aachen, Germany · © 2025 utimaco.com Page 118  UNRESTRICTED  More Computing: A threat for encryption algorithms Quantum Threats to Cryptography Vulnerability of Current Algorithms Break algorithms like RSA and ECC Significantly weaken symmetric algorithms like AES Data Integrity Risks Integrity of sensitive data protected under current encryption could be compromised Leading to unauthorized access and data breaches Image Source: IBM Utilizing quantum superposition, that is, working on combinations of states simultaneously, quantum computers can solve certain problems more efficiently, posing a threat to traditional encryption methods.
  • 118. Utimaco · Aachen, Germany · © 2025 utimaco.com Page 119  UNRESTRICTED  Attacker accesses sensitive, encrypted data Decrypts data with a quantum computer in the future Relevant for data with long confidentiality span Decryption Impact of Quantum Computing on Applications and Use Cases Post Quantum Challenges & Threats Store now, decrypt later Digital signatures may be broken Attacker “calculates” credentials from public information Attacker approves requests or signs documents as you Impersonation Attacker issues fake firmware Devices accept it as it is signed with a forged signature Insecure firmware updates
  • 119. Utimaco · Aachen, Germany · © 2025 utimaco.com Page 120  UNRESTRICTED  Adopting quantum-safe cryptography aligns with emerging regulatory requirements and standards for advanced data protection. Ensuring that data with long lifespans, such as healthcare records and financial information, remains secure against future decryption by quantum computers. Protecting against quantum threats helps maintain the trust and integrity of digital systems, essential for businesses and governments alike. Why Quantum Safe Cryptography is Crucial Regulatory Compliance Protecting Long-Term Data Maintaining Trust and Integrity
  • 120. Utimaco · Aachen, Germany · © 2025 utimaco.com Page 121  UNRESTRICTED  Shaping Tomorrow’s Cryptographic World Industry Organizations and Standardization PQC Consortium: Work Streams Interoperability, Discovery X9 Post Quantum Cryptography Committee ETSI Quantum-Safe Cryptography (QSC) Working Group PQC Working Groups PQC Consortium: PQC Workstream Federal Office for Information Security in Germany White House Roundtable, January + August 2024 And further Playing a key role in shaping the future landscape of Post Quantum Cryptography Post-Quantum Cryptography Conference PQC Roundtable at the White House, August 2024 ICMC, April 2025
  • 121. Utimaco · Aachen, Germany · © 2025 utimaco.com Page 122  UNRESTRICTED  National Cyber Security Center Timelines for migration to post-quantum cryptography - NCSC.GOV.UK
  • 122. Utimaco · Aachen, Germany · © 2025 utimaco.com Page 123  UNRESTRICTED  Why Crypto Agility is important Crypto Agility describes the ability of information security protocols and standards to rapidly switch between algorithms, cryptographic primitives, and crypto assets – in a secure manner! Crypto Agility Ability to easily swap algorithms/software if needed E.g. TLS handshake protocol that allows to adapt to new encryption mechanisms or algorithms Ability to replace keys at a later period Example: SW integrity – classical algorithms do not have to be exchanged now Flexibility for new Requirements Adapting to Emerging Threats Future-Proofing Security Minimizing Downtime and Costs Regulatory Compliance Maintaining Competitive Advantage
  • 123. A cryptanalytical-relevant Quantum Computer is expected in 2030. How can Utimaco & Salt help you with your PQC migration?
  • 124. Utimaco · Aachen, Germany · © 2025 utimaco.com Page 125  UNRESTRICTED  1 - Crypto Discovery Look beyond your use cases Utimaco solution Crypto Discovery Create a full inventory of Protocols​ Libraries​ Algorithms​ Certificates​ Keys …used in your environment Digital Signatures Key Injection Data Encryption (in the Cloud) Code Signing Certificate Issuing Public Key Infrastructure Chip and Device Personalization User and Device Authentication Firmware Updates AgileSec | Analytics
  • 125. Utimaco · Aachen, Germany · © 2025 utimaco.com Page 126  UNRESTRICTED  Your partners for the entire crypto lifecycle Crypto Inventory and Remediation Protocols Libraries Algorithms Certificates Keys Sensitive keys found in the discovery can be moved to HSM Outdated certificates can be revoked Insufficient keys (e.g. too short) can be exchanged Secure and reliable key generation, management, and storage Highest Protection of Keys Create a full inventory of Analyze (and fix!) vulnerabilities and compliance gaps Crypto agile and PQC-ready Hardware Security Modules for Direct integration Fast deployment
  • 126. Utimaco · Aachen, Germany · © 2025 utimaco.com Page 127  UNRESTRICTED  2 - Prioritize you use cases Conduct a risk analysis to know where to start migration Utimaco solution PQC Consultancy Crypto Agility package Investigate Evaluate Navigate Integrate Professional Services to support implementation Digital Signatures Key Injection Data Encryption (in the Cloud) Code Signing Certificate Issuing Public Key Infrastructure Chip and Device Personalization User and Device Authentication Firmware Updates 1 2 3 4 5 5 5 5 5 Utimaco & Salt PQC Consulting & Professional Services
  • 127. Utimaco · Aachen, Germany · © 2025 utimaco.com Page 128  UNRESTRICTED  Includes all PQC algorithms supported by Utimaco Quantum Protect ML-KEM ML-DSA XMSS and XMSS-MT LMS and HSS Free PQC simulator for testing and evaluation 3 – Test the algorithms Easy installation Ideal for integration testing Test before buying Fully functional Shorter project evaluation Immediately available where it is needed most: In the hands of the development team Utimaco Quantum Protect Simulator Access the simulator
  • 128. Utimaco · Aachen, Germany · © 2025 utimaco.com Page 129  UNRESTRICTED  u.trust General Purpose HSM Se-Series 4 – Apply high security standards Multi-tenancy with up to 31 containers Designed crypto agile FIPS 140-2 Level 3 certified (FIPS 140-3 in progress) SDK for custom implementations Free, fully functional simulator Generate PQC keys in a high-security environment! Firmware per container Config and policy per container Containerization Up to 31 containers SDK - customized Blockchain PQC General Purpose HSM (e.g. FIPS / Non-FIPS)
  • 129. Utimaco · Aachen, Germany · © 2025 utimaco.com Page 130  UNRESTRICTED  Application Package for u.trust General Purpose HSM Se-Series Utimaco Quantum Protect Lattice-based module: ML-KEM & ML-DSA Hash-based module: LMS, HSS, XMSS, XMSS-MT Easy upgrade for crypto agility Integration based on PKCS #11 or custom Free, fully functional simulator Upgrade your cryptographic applications with Post Quantum Cryptography Incl. patented state handling method for stateful hash-based signatures
  • 130. Utimaco · Aachen, Germany · © 2025 utimaco.com Page 131  UNRESTRICTED  ✓ Comprehensive algorithm support ✓ Lattice and hash-based algorithms (ML-KEM, ML-DSA, LMS, HSS XMSS, XMSS-MT) ✓ Continuous development (SLH-DSA on the roadmap) Prepared for Quantum-secure Use Cases – Already in Use Today Summary: PQC-ready, crypto agile HSMs Already in use today Convenient firmware extension, no hardware exchange Quantum Protect Application Package Hybrid cryptography implementation possible Crypto agile Hardware Security Module Including patent for state handling of stateful hash-based signatures
  • 131. Utimaco · Aachen, Germany · © 2025 utimaco.com Page 132  UNRESTRICTED  A scalable quantum-safe strategy Build a crypto inventory Know which crypto is used where and ideally also list the software related to it (to understand where patching / replacement is necessary) Be Agile Ensure your cryptographic infrastructure is flexible and can quickly adapt to new threats and advancements in quantum computing. Act Now Proactively transition to quantum-safe algorithms as attackers are already preparing for the quantum era, and delays could result in significant vulnerabilities. Choose Scalable and Agile Solutions Select cryptographic solutions that are both scalable to handle increasing data volumes and agile to integrate new quantum-safe methods seamlessly. Gradual Implementation Adopt a phased approach to integrate quantum-safe algorithms, minimizing disruptions and allowing for smooth transitions. Hybrid Cryptographic Systems Implement hybrid systems combining classical and quantum-safe algorithms, ensuring compatibility and enhanced security against quantum threats.
  • 132. Utimaco · Aachen, Germany · © 2025 utimaco.com Page 133  UNRESTRICTED  What are our customers saying…..
  • 133. Salt Cybersecurity Aishling House, 6a Hayes Road, Deanshanger Milton Keynes MK19 6HW Web www.saltcybersecurity.co.uk E-Mail [email protected] Utimaco IS GmbH GermanusstraBe 4 52080 Aachen Germany Web utimaco.com E-Mail [email protected] Thank you for your attention! Any questions? Copyright © 2024 – Utimaco GmbH and ShardSecure Utimaco® is a trademark of Utimaco GmbH. All other named trademarks are trademarks of the particular copyright holder. All rights reserved. Specifications are subject to change without notice.
  • 134. Adrian Culley Head of Engineering SAFEBREACH #FSTechSummit
  • 135. Reducing Adversary Advantage through Increasing Cyber Resilience * CISOs: Hack thyself. Do you catch my drift? * Reducing RIsk by Moving from Incident Response to Incident Anticipation * The Regulatory Requirements of Cyber Resilience: What it means, and Why it matters. Adrian Culley, Head of Engineering, SafeBreach EMEA Thursday 1st May 2025
  • 155. #FSTechSummit Dave Townsend CIO Technology Platform Lead LLOYDS BANKING GROUP
  • 156. Think Customer, Think Colleague: Keys to Successful Financial Transformation Dave Townsend CIO, Technology Platform Lead
  • 159. Financial Transformation Initiative Insights from a multiyear initiative at Lloyds Banking Group, change will migrate over 4 million customers.
  • 160. Customer Focused Pensions, Bonds, Endowments, ISAs are all designed to last for a long time as products. Some of these products started in the 1970’s! Some products were so unique, you may have had your own if you wore pink socks on a Thursday. The systems they were originally built on were not capable of servicing customers the way we would want and in fact the way our customers now expect. Multichannel access for customers is key. We reviewed our entire Longstanding portfolio. Understood we needed to dramatically reduce the products. Be Bold, we didn’t shy away from the massive undertaking this would be. Always think how will this benefit our customers, as a customer ourselves would we be happy with the service we were moving away from. Reduce risk. Emphasis on customer-centric approaches, enhancing engagement and service for longstanding customers to improve overall experience.
  • 161. Sustainability Strategies for sustainable practices, including modernising technology infrastructure and faster implementation of changes.
  • 162. ✓ What was our strategy? ✓ Reduce our Products and Technical landscape to align with our commitments for Sustainability with our customers and Brand. ✓ Select a strategic partner to host and manage our Longstanding Books. ✓ Encouraging use of digital statements and enquiries. ✓ Reducing our printing requirements and transportation there of. ✓ Continue with the initial agreed target infrastructure (unless there was a security issue) ✓ Build out a comprehensive data lake of all migrated systems in GCP. ✓ We still have a long way to go in this area.
  • 163. Changing from (wait for it…) Fortran, COBOL, iSeries/AS400’s, Windows 2008 or lower, Mqseries. Removing Decommissioning of Removal of over 100 end user computing applications 12 core policy Admin Systems to date (3 more to go!) 285 applications by the end of the initiative. Removed 8million lines of code from the mainframe to date
  • 164. That’s approximately 345,000 kg’s! Removed Net 58 African Elephants worth of CO2 per year.
  • 165. Customer and Colleague Importance of considering both customers and colleagues in transformations, enhancing digital access and simplifying products and procedures for seamless interactions and sustainable engagement. What do we mean by this? Customers are at the heart of everything we do, how can we make things as simple as possible. Colleagues, can we enable them to have better data faster to get to the helping our customers rather than wrestle processes or systems.
  • 166. Achieving Large-Scale Transformations Key methods and practices, including developing operational practices and achieving process excellence through journey redesign initiatives.
  • 167. Key Methods: Started as Waterfall & Transitioned to Agile at the tail end of the initiative in Lloyds. Technologies, API’s API’s KAFKA - API’s… , but also knowing when to not use them. Private Cloud, Oracle DB’s (SoR), AWS digital customer front door, GCP (SoI). Data cleansing (before migration) and Data augmentation. Workflow and new Telephony system ID&V (using voice recognition). Redesigning full e2e customer journey maps, based on the target. This is continuous…… People, Trust, Experience, Resilience and Support - our colleagues both internal and partners are the heart of everything we do.
  • 168. Completed 9 migrations to date. Completed the single largest UK Life & Pensions migration in one weekend (2.3 million customers). Completed 4 Major Migrations in 2024. Migrated one of our Partner Systems from Private Cloud to AWS Public cloud in advance of migrating to the final target system. Key Achievements:
  • 171. Yanna Winter CIO GENERALI INSURANCE #FSTechSummit Rob Mossop Chief Digital Officer SWORD GROUP
  • 172. UK The Path to Operational Resilience in Financial Services THE PATH TO OPERATIONAL RESILIENCE IN FINANCIAL SERVICES Rob Mossop, COO for Financial Services at Sword in conversation with Yanna Winter, CIO for Generali Insurance. UK
  • 173. Ensuring Operational Resilience with our Cyber Security Services Delivering continuous resilience and compliance, adapting and evolving to the dynamic cyber security landscape. Reducing Risk Safeguarding Reputation Limiting Liability Ensuring Compliance Protecting Profitability Maintaining Customer Trust
  • 174. UK The Path to Operational Resilience in Financial Services THE PATH TO OPERATIONAL RESILIENCE IN FINANCIAL SERVICES Rob Mossop, COO for Financial Services at Sword in conversation with Yanna Winter, CIO for Generali Insurance. UK
  • 175. Thursday 1st May 2025 | Dynamic Earth, Edinburgh, UK #FSTechSummit
  • 176. LET’S STAY CONNECTED! Join Scotland's largest technology community today.