Financial technology (FinTech) companies have enjoyed considerable growth as part of the consequences of the pandemic.
A World Bank study found that most types of FinTech firms recorded strong growth in the first half of 2020 with 60 percent of the surveyed firms saying that they are planning to launch new products. This growth is projected to continue in the next few years. According to Research and Markets, the global FinTech market will grow at a CAGR of 26.87 percent for the forecast period 2020-2026.
This positive development in the FinTech field, however, has attracted the attention of cybercriminals. Users of FinTech services are becoming more wary of cyber risks. A study by independent market research firm Market Measurement presented at the Money 20/20 USA FinTech industry conference found that more than a third are highly concerned about the risks of using one-time passwords (OTP) and knowledge-based authentication (KBA).
Executives and stakeholders in the FinTech industry are alarmed by the worsening cyber attacks, that they are losing confidence over the existing security controls. In the same vein, it is logical for investors to be more cautious when it comes to FinTech.
The cybercrime problem
One of the biggest ransomware attacks in 2020-2021 involved London-based Finastra, which is among the world’s largest FinTech companies with operations in 42 countries serving more than 8,000 customers including the top 100 largest banks. Finastra survived the ransomware attack that went unnoticed for three days without paying the ransom. However, the news about the incident revealed the company’s many weaknesses.
Finastra’s cybersecurity posture reportedly leaves a lot to be desired. One security firm that conducted internet-wide scans on the company said that Finastra’s servers have been operating unpatched for a long time. This clearly made the company’s system vulnerable to various forms of cyberattacks. Additionally, the FinTech provider was using outdated VPN servers and outdated Citrix servers.
A similar ransomware attack hit Diebold Nixdorf, a retail banking tech company that controls over a third of the global ATM market. The company claims that it did not also pay any ransom, but the news of the attack already created reputational damage.
Another major cyber assault on the FinTech market is the data compromise on Travelex, a forex firm that particularly serves travelers worldwide. The company initially denied the attack but eventually had to admit it as it was forced to suspend its travel money services.
Moreover, the data breach suffered by the American stock trading platform Robinhood resulted in the exposure of the personal information of more than 7 million customers. The perpetrators of the attack are still unidentified, and it is possible that they will never be identified at all.
What is the significance of these attacks? Aside from inconveniencing or costing the victim companies, they also affect the market prices not only of the publicly traded FinTech companies but also those of other businesses that use the services or solutions provided by the affected FinTech companies.
Are FinTech stocks good investments?
Given how FinTech companies are surging, many likely have the opinion that they are good stocks to buy. However, just like how it works in all other industries, it is never a good idea to generalize a field or sector. Some will do well, while others are just not cut to be competitive enough to yield profits.
Noted certified financial planner Matthew Frankel says that “FinTech stocks are typically high-growth companies that are investing heavily in disruptive technologies, and, as a whole, they aren’t the safest places to put your money.” However, even with the wide range of risks involved in FinTech investing, it is still possible to profit from them by assessing risks for specific stocks.
Five crucial points to scrutinize stand out when it comes to FinTech stocks. These are sales growth, balance sheet and profitability, competition, cyclicality, and the network effect.
Sales growth – An obvious factor to consider, investors should keenly observe the sales figures of a FinTech company. Fast growth is good, but it should be consistent or lingering. Some firms experience immense growth in the first year or first few months, but eventually fizzle and stagnate. Growth should be consistent, sustained, and predictable to some extent.
Assets, liabilities, and profitability – The cash and debt levels of a company says a lot about its future. A company may look profitable but is deep in debt. This does not bode well for its future growth and sustained profitability. There are also firms that are not yet profitable, but they have promising technologies or systems that are worth betting on. Profitability may not be that apparent now, but the potential exists especially when the company is compared side by side with similar business models.
Competition – As mentioned, the FinTech industry is rapidly growing. Many players emerge and offer something new and promising. It is inexpedient to examine potential investments in isolation. They have to be perceived in relation to other companies and the developments in the market. The evaluation should also take competitive risks into account. Being first in the market is not a guarantee of competitiveness. It’s the track record and consistency that matters especially in view of what the different FinTech companies are offering and how they are innovating to offer something new but highly viable.
The competition factor also encapsulates the concerns for cases of cyber attacks. FinTech companies that are exposed to have been victims of ransomware, data breaches, DDoS, and other cyber assaults easily lose their credibility to handle financial transactions. Worse, they are shunned by investors if their compromised solutions are used by other companies as a crucial part of their operations.
A single attack should not be reason enough to totally dismiss a FinTech company as a possible good investment, though. Many companies manage to recover even after a costly and well-publicized security incident. SolarWinds, for example, is already recovering after the notorious attack it suffered back in 2020. This recovery takes time, but it is fair to say that cyber-attacks are not a sure death sentence to a FinTech investment.
Cyclicality – This refers to the sensitivity of a business or industry to recessions and other economic turbulences. Some FinTech companies tend to be cyclical like loan businesses, which suffer losses when the economy tumbles and creates liquidity issues among debtors. However, there are FinTech businesses that are not so cyclical or more resilient such as payment processors and forex and crypto exchanges. They are not that affected by major swings in the economy and economic activity trends. It is advisable to invest in FinTech stocks that are less cyclical.
The network effect – What is common among the most successful media platforms, online marketplaces, and social media sites? They make it easy for users to be part of their ecosystems, hence they have massive numbers of users. This is also the reason why many businesses have the habit of buying out competitors or new players that are related to their operations or business models. The network effect facilitates higher chances of success for FinTech firms as it entices more potential users or customers and supports agile and seamless expansion.
Investing in FinTech
FinTech is a bright spot amid the pandemic-stressed economic situation at present. However, not every FinTech stock is the same. Not every financial technology business model has the potential to grow and serve as profitable investments. Some are threatened and suppressed by various challenges including cyber attacks. Investors should examine possible investment options individually based on various factors including the five briefly discussed above.
Also, cyber attacks do not necessarily spell the certain end of a FinTech company, although the statistics show that many cyberattack victims eventually fold up. It is not impossible for them to recover and become more competitive in the future, so investors should not immediately cast out certain companies because of their bouts with cybercriminals. It is not fair to generalize or allow the cloud of doubt to refuse to look at opportunities and take risks when great potentials emerge.