Despite significant investments in cybersecurity, customers lack trust in the banking system’s ability to protect their data.
“Trust is the bedrock of business. It transforms transactions into relationships and clients into loyal advocates.”
According to Accenture’s recent Banking Consumer Study surveying 49,000 respondents across 39 countries, 58% of banking customers are concerned about the security of their personal and financial data and the potential to be hacked when banks are offering them tailored products and services. Underlying consumers’ concern is the ability for banks to secure their data across their third parties and the broader banking ecosystem. While 81% of banking customers rate their bank as doing well or even excellent with data security, fraud protection, and privacy, their trust does not extend to other banks, technology vendors, and the broader array of banking service providers across the supply chain. According to this study, the trust in other banks and the critical providers that support the banking system drops by more than half (Figure 1).
Figure 1: Consumers’ Trust in the banking system
Source: Accenture Banking Consumer Study 2025
This represents an important gap in consumer trust for banks’ critical third parties and the banking ecosystem, as a whole. Moreover, our Guardians of Trust Survey tells us that banks need to improve their transparency about how they are securing their customers data, since only 28% believe their bank effectively communicates its cybersecurity practices[1].
Security integration trails technology adoption
While banks on average have increased investment in cybersecurity by 140% over the last two years, their reliance on external vendors and open banking frameworks introduces new risks that customers do not feel adequately protected.
Trust in banks is strong, but trust in the banking system is fragile.
Making matters worse, banks are increasingly reliant on a wide array of third parties to innovate faster. As they race to adopt new approaches in both back-office operations and customer-facing products and services, banks often prioritize speed to market over working closely with their third parties to embed cybersecurity. As banks begin to adopt AI, it is even more important to ensure that security is embedded and maintained throughout the lifecycle of AI enabled services. Out of 600 banks globally, which responded to our Guardians of Trust Survey, 83% banks report difficulties in aligning security measures with the pace of adopting technologies like generative AI.
Adding to the complexity, is the ever-increasing volume and sophistication of cyber threats, particularly the rise of AI-powered threats. Deepfakes targeting customers and employees have surged by 243% over the past year, now ranking as the most frequently observed threat by banks. These attacks, 85% of which are attributed to cybercriminals highlight the growing risks from generative AI[2].
The compliance mindset
Compounding the issue, many banks’ executive leadership approach cybersecurity as a compliance obligation rather than a strategic enabler essential for building customer trust. Moreover, while banks are subject to direct oversight by regulators, their third parties do not experience the same scrutiny. Yet, while banks outsource services, they cannot outsource the associated risks. This leaves banks with the task of doing ongoing monitoring and risk management related to activities that are outside the bank’s perimeter and not often within their direct control and visibility into the depth and breadth of risk exposure. As a result, bank management often view cybersecurity as an “essential burden” that increases costs and slows progress—despite evidence that robust security enhances efficiency and builds customer trust.
These factors collectively prevent banks from delivering what matters most to customers: transparency in how their data is protected and consistent delivery of secure, data-safe experiences across the supply chain. 74% of banking executives say they struggle to maintain digital trust in the face of rising fraud risks, and only 40% of customers say they completely trust their bank to be transparent.
Simply put, cybersecurity needs to move from the back office to the digital front door of customer engagement.
What’s at stake?
A single data breach can erode years of trust that banks painstakingly built with customers. Our research shows that 62% of customers lose confidence in their bank after a breach, and 43% choose to stop engaging altogether.
However, banks that take action to be guardians of trust, making security a cornerstone of their strategy, demonstrate how robust cybersecurity drives both trust and growth. These leaders experienced 58% fewer data breaches over the past three years and achieved 1.5 times higher customer retention rates.
Only a small subset – approximately 10% of banks surveyed – implemented the 58 cybersecurity best practices Accenture identified as essential for building customer trust. Based on Accenture research, we distilled three critical actions to enable banks to close the trust gap:
1. Proactively and transparently communicate to customers about the responsible cybersecurity practices both within the bank and across the supply chain. Ensure transparency is integrated throughout the customer lifecycle. Demonstrate how data is protected at each touchpoint and provide approaches for customers to strengthen their own security – such as providing dynamic personal cyber risk scores that help customers stay on top of their personal cyber hygiene and educating them on emerging threats like deepfakes. Embed transparent data-handling and adherence to security governance, risk and compliance standards from the start of each project.
2. Embed cyber security upfront and at the core of customer experiences with shared accountability across teams and throughout the supply chain. Over half of banks report that customers expect secure personalization and transparency across all platforms. Yet only 12% comfortably meet this demand without compromising security. In this fast-evolving technology landscape, it is critical to embed and maintain strong cybersecurity upfront and at the core of customer experiences and to share this accountability across teams. Close collaboration with technology, business teams, and third parties is essential to demonstrate that security strengthens business practices, driving customer acquisition and retention. Establish a secure digital core with robust cloud configurations, leverage new data sources for enhanced continuous monitoring of third parties using proactive threat intelligence and risk scoring, and implement adaptive authentication.
3. Empower every part of the ecosystem, including the workforce, third parties, and customers to detect and counter advanced threats like deepfakes. Everyone, from senior leaders to frontline employees, must be able and empowered to detect and counter advanced cyber threats. With 85% of deepfake attacks attributed to cybercriminals, proactive workforce empowerment is critical. Empowering employees with training and AI-driven threat detection tools can significantly reduce risks.
The stakes are clear: building trust through robust security isn’t just optional—it’s essential for customer loyalty and future growth.
Download the executive summary to learn more about the research here. If you’d like to discuss these trends, please get in touch with me.
About the Guardians of Trust 2024 Survey
To inform this research, we conducted two surveys in October 2024: a consumer survey of more than 1,400 banking consumers in 17 countries; and a banking survey of 600 banking security executives across the same 17 countries with assets above US$ 50 billion.
Countries included: Australia, Brazil, Canada, Germany, Spain, France, India, Italy, Japan, Mexico, Singapore, Saudi Arabia, South Africa, Netherlands, UAE, United Kingdom, United States
[1] All data used in the text is coming from Accenture’s Guardians of Trust 2024 Survey run in October 2024, unless stated other source.
[2] Accenture Cyber Threat Intelligence Research
