An interview with Jean-Louis Perrier, Co founder and Partner, Suricate Solution SA
Could you briefly describe your background?
I hold an MSc in Computer Science and an MBA from HEC Paris. My professional experience is mainly in ICT (Information and Communications Technology), fraud and operational risk management, and financial services.
My partners and I created Suricate Solutions in 2015 in Luxembourg, Ivory Coast and Senegal. Suricate Solutions is a social business specialised in cyber security for emerging markets, focusing on financial inclusion in Sub Saharan Africa. It includes microfinance, micro insurance, Fintech and Digital Financial Services (DFS) providers.
We have acknowledged that Financial Inclusion institutions, with their low income customers, individuals or SMEs, are very vulnerable to cybercrime, and are already targeted. They have limited resources and capabilities to recover from incidents, many of them have a strategy based on Digital Financial Services (DFS), and they usually do not share information about attacks. All these factors significantly increase risks and damages.
Suricate Solutions has launched a unique mutualised regional cyber security operation centre in Dakar (Senegal) with 10 local experts, supported by top level experts from Luxembourg. Our operations cover awareness, prevention, early detection and mitigation of cyber attacks. We plan to improve security for about 1m customers in 6 countries end of 2018.
So, we are an enabler for financial inclusion actors to securely develop their strategies, and meet growing risk management requirements from customers, regulators and investors.
What are the biggest challenges for inclusive finance in the field of cyber security?
There are no reasons that financial inclusion should be “automagically” protected from criminal hackers’ networks that have a strong motivation: money. We have identified three risks. The first risk is to MFI clients’ data privacy and deposits.
The second risk is to the sustainability of financial institutions themselves, and this could easily become systemic as central banks are now realizing.
The third one is the financing of the sector: investors have started to take the former two risks in consideration, although we believe they still have a way to go in terms of awareness and assessment.
To manage these risks efficiently, there are two key factors of success from our point of view.
Firstly, regulations and certifications alone cannot avoid intrusions and data breaches. You need a technical supervision, which is a 24×7 real time detection capability based on the different hacking models, this is the main purpose of the Security Operation Centre.
Then, you need a trusted intelligence sharing network to report and research incidents, identify attack models, and share this information and recommendations within the community. This is our second objective
How can Luxembourg and InFiNe.lu can contribute to these challenges?
Luxembourg is an important centre for inclusive finance as well as for ICT and security, and already a great contributor. We have been financially supported by Luxembourg Development Cooperation, and technically by reference security partners, the Government’s Cyber security Competence Centre (C3), the University of Luxembourg’s Interdisciplinary Centre for Security, Reliability and Trust (SnT), and the leader of cyber security Excellium Services.
We need to strengthen collaborations between the various players and initiatives both on a national and international level thanks to InFiNe.lu members and the various contributions of Luxembourg in organizations like CGAP, UNCDF, African Development Bank, EIB. For example, CGAP has recently become aware of the issue and has organized a field visit to Suricate Solutions security centre during its next annual meeting on June 1st, and we hope this event will contribute to raise interest from members to form a coalition to scale up our security centre to the continent and contribute to the secure development of inclusive finance.
Copyright: Suricate Solution SA