Ahmed Fessi currently serves as the Chief Transformation & Information Officer at Medius, a position he took on after Medius acquired Expensya, where he was the CIO. At Medius, he drives the organization’s efforts to continue leading the Accounts Payable market through the integration of AI capabilities. Ahmed Fessi has also held prominent roles at Ericsson and Alstom. Over the past 15 years, he has led successful teams in major transformation projects across various industries, including fintech, telecommunications, and mobility. With a robust technical background, Ahmed Fessi has concentrated on transformative initiatives involving AI, data, and cybersecurity.
We spoke with Ahmed Fessi to explore the role of AI in fintech, discussing how it serves as both a powerful enabler of innovation and a potential threat, particularly through the rise of deepfakes.
As a FinTech CIO, what is your perspective on the current landscape of FinTech, and how is AI contributing to its transformation?
The fintech sector is currently experiencing robust growth, necessitating the need to continue securing business-critical finance operations with reliable and cutting-edge technology that can provide, security, value, and efficiency.
AI serves as a powerful catalyst in this equation, enabling fintech companies to expand and enhance existing services, creating more value for the end customer. AI is a major enabler for new use cases with strong value propositions. However, AI also introduces the risk of misuse and more advanced fraud tactics such as deepfakes, requiring a careful balance of thirst for innovation with a commitment to providing safe and secure services.
What specific applications of AI do you find most impactful in FinTech, and why?
AI is transforming the fintech industry rapidly and significantly, with Medius already witnessing its game-changing applications firsthand. Today, AI helps us better analyze patterns to detect possible fraud, which is crucial in securing the operations of our customers in the accounts payable space.
At Medius, we’ve leveraged AI both to identify and address pain points as well as improve customer experience.
AI can be a double-edged sword. Could you explain the origin and impact of deepfakes in FinTech, and how you address this challenge?
Businesses across sectors have already witnessed firsthand the damage deepfake technology can cause. Convincingly false audiovisual content, often of trusted individuals, poses potential risks in identity verification. With 87% of financial professionals willing to make a payment to a supplier if called by what they believed to be their CEO or CFO, this, unfortunately, can lead to deepfake fraud wherein a finance employee is tricked by a fraudulent phone call and unknowingly follows the instructions of cybercriminals to wire millions of company dollars.
The threat of deepfake technology poses multiple challenges. Companies now need to allocate resources to reinforce their internal processes to prepare for the possibility of such attacks. Fifty-seven percent of financial professionals can independently make financial transactions without additional layers of approval. Implementing tools that utilize multi-level validation and enforce a “4-eyes-principle” and Segregation of Duties (SoD) can mitigate the risk of falling prey to deepfakes.
In short, Deepfakes can be considered today as the new “phishing”, and businesses should be equipped with the right tooling and processes to answer this challenge.
How do you balance the drive for innovation with the critical need for security and compliance in the FinTech space?
AI innovation and compliance are complementary rather than contradictory. AI regulations are not negatively impacting the possibility for usage within the fintech sector but posing protective guidelines that force companies to innovate at a higher standard. It is essential that all innovations we develop and deploy comply with existing and emerging regulations.
Certain AI applications are inherently dangerous and should be banned. For example, AI applications used to manipulate and target vulnerable populations or social rating systems that infringe fundamental rights should be outlawed.
It is crucial that we continue to innovate at the right pace, without letting regulations and compliance hinder progress. At the same time, we must ensure responsible use while respecting the privacy of our users and adhere to state-of-the-art security guidelines.
What measures should be in place to ensure customer data privacy and protect against cyber threats?
Several regulations are already in place to ensure customer data privacy is upheld whether the application is based on AI technology or not.
Security standards and frameworks, such as NIST and ISO, are evolving frameworks that continue to evolve as AI-based technologies develop. NIST recently published the Artificial Intelligence Risk Management Framework (NIST AI 100-1 – RMF 1.0) and ISO recently updated to ISO 27001 to provide more guidelines for the AI space, as well as the release of a new standard solely dedicated to AI applications, ISO 42001.
Cyberthreats will continue to present a challenge for security teams, and the updated standards will help give updated guidelines, but of course, with AI commoditization, threat actors will have access to more evolved technologies making their attacks more sophisticated.
Applying the Security By Design and the Privacy By Design principles will be key for ensuring airtight cybersecurity. With these principles, security measures are integrated into the design and development phase of technologies, rather than added on as an afterthought. This ensures security is a fundamental part of the technology’s infrastructure, crucial for seamless protection.
What trends or emerging technologies do you foresee having a significant impact on FinTech in the next 5–10 years?
The impact of AI will undoubtedly continue to grow. The commoditization of automation, personalization, and regulatory compliance will enable the development of new technologies, reaching unprecedented horizons.
Automation will aid in fast-tracking processes in fintech over the next 5-10 years. With 54% reporting that automation unlocks more time for innovative strategies, automation technologies will take the legwork out of tedious, time-intensive tasks, allowing businesses to tackle long-term planning and strategy development.
In terms of applications, we can expect to see more personalization of the service offerings enabled by AI, along with improved algorithms in the fraud detection space. This includes deepfake detection, better pattern analysis, and enhanced identity validation in KYC (Know Your Customer) and KYB (Know Your Business) processes, all accelerated by AI.
Another emerging trend is the development of a more global and structured approach to regulatory compliance, with increased compliance automation across multiple geographies and various jurisdictions. This is currently a complex challenge, and AI can significantly help fintech companies navigate in an increasingly regulated environment.
Read more:
Ensuring Data Security with Sensitivity Labeling in M365 Copilot
A Cybersecurity Reckoning: It’s Time to Demand Genuine Accountability
I am the Chief Transformation & Information Officer and joined Medius through its acquisition of Expensya in July 2023. Previously, I served as the CIO at Expensya, a leading provider of web, mobile, and smart payment-card solutions for automating spend management. Before Expensya, I held roles at Ericsson and Alstom.
