The relationship between the risks of adopting FinTech in banks and their impact on the performance

Abstract Banks give great attention to identifying the risks of adopting FinTech and the extent of its negative impact on their business. This study aims to explore the relationship between the risks of adopting FinTech in banks and their impact on performance, where the balanced scorecard was used to measure performance. This study identifies four risks, which are the most important risks affecting FinTech in banks: systemic risks, operational risks, outsourcing risks, and cyber risks. The data was collected through a questionnaire for 263 respondents at the managerial level of bank branches in Yemen from October to December 2021. Structural equation modeling PLS-SEM and a disjoint two-stage approach were used to approve the model’s constructs. The current study proved the validity of the proposed relationship between the risks and the effect of risk variables on each other, except for the impact of outsourcing risks on cyber risks. Also, the study result is that cyber risks and operational risks of adopting FinTech have a negative impact on banks’ performance. But the outsourcing risks of the adoption of FinTech have a positive impact on banks’ performance the systemic risks do not affect banks’ performance. Therefore, this study is considered one of the rare studies that contribute to analyzing the risks of adopting FinTech in banks and its impact on performance. In addition, it gives a clear picture for decision-makers in banks to identify the dark side of FinTech adoption.


Introduction
FinTech has been met with great resonance in the field of financial business because of the significant changes it has brought about in financial services. Some researchers have even called it the FinTech revolution (Blakstad & Allen, 2018;Cortina & Schmukler, 2018;Gomber et al., 2018) due to its connection to modern digital technologies such as cloud computing, big data, artificial

PUBLIC INTEREST STATEMENT
Financial technology is a current topic that has caused a sensation in financial and banking businesses. Banks have also given great attention to these digital FinTech technologies and provide their services. The adoption of modern technologies results in risks; these risks need a deep study to know these risks and to what extent they affect business organizations. The current study presents the risks of adopting FinTech in banks, the impact of these risks on each other, and their impact on the performance of banks that adopt financial technology.
intelligence, the Internet of Things, and Blockchain and its integration into financial business and the emergence of FinTech companies and the provision of their digital financial services, which attracted many customers and banks to adopt and use them. This is due to banks' benefits when adopting FinTech technologies and providing their services. However, there are risks affecting the banks that adopt FinTech (Saleem, 2021). The subject of FinTech has received significant attention from researchers and an audience that is generally interested in it, and studies and research have been submitted about it. However, it has not been explored fully, except for a few studies and research. This includes the risks of adopting FinTech in banks and their repercussions and effects.
After an insightful reading of previous studies, the researchers observed a correlation and an effect between the risk variables. Therefore this sparked the researchers' curiosity to know the existence of a relationship or influence between the risk variables of FinTech adoption in banks. The researchers have presented a proposed relationship between the risks of adopting FinTech in banks with each other through the risk variables used in this study. The researchers proposed the impact of outsourcing risks on cyber and operational risks. They suggested the impact of cyber risks on operational and systemic risks and the impact of operational risks on systemic risks. The hypotheses for this proposal were developed and tested.
Systemic risks arise from systemic errors and problems in one bank that negatively affects the entire financial system, further affecting the real economy (Kemp, 2017). FinTech services operate on the Internet and computer networks, which may be vulnerable to cyber-attacks or technical errors that may cause a problem in the financial institution's system. It may not stop there but may affect the entire financial sector. Since the banking system is interconnected (Gu et al., 2019), this may affect financial stability significantly, the financial crisis of 2008 being an excellent example of systemic risks (Buckley et al., 2019).
Operational risk is the risk of human error or software or technical errors that may occur during the production of services, which are defined as potential errors resulting from poor internal processes and errors in systems and programs used in production operations. The Basel Committee (Supervision), B. (Basel C. on B, 2018) also clarified that operational risks represent the cost associated with internal process errors, whether from individuals or systems or external environmental events. This was confirmed (Hasan, 2019), as he clarified that operational risks are considered losses resulting from the absence of an accurate internal control system that detects errors and problems first-hand. Moreover, operational risks are considered to be one of the most important risks for customers, as they have a significant impact on their use of FinTech services (Ryu, 2018). Global risks trade finance report (Martinez, 2013) indicates that the continuous monitoring processes to verify the internal processes and the highly qualified, trained, and experienced employees can reduce operational risks.
Many banks may outsource to adopt digital FinTech technologies and services. But outsourcing may have risks (Sridharan, 2021) that must be worked on. One of the most important risks is access to important confidential data and information and intellectual assets (Supervision), B. (Basel C. on B, 2018), which may be exposed to violations or misuse. Therefore, it is necessary to identify the risks of outsourcing and its impact on the performance of banks, so this research gap will be studied in the current study. The study (Samantra et al., 2014) also clarified that outsourcing refers to dealing with information technology services or functions to achieve strategic advantages and cost benefits. While (Bahli & Rivard, 2003) defined outsourcing risks as a four-way group that includes a scenario, the probability of this scenario occurring, the consequences, and risk mitigation mechanisms, which can mitigate or help avoid the scenario's occurrence.
There are risks affecting FinTech companies and financial institutions that adopt FinTech, such as cyber threats that have emerged very quickly (Jayalath & Premaratne, 2021). It has recently been noted that the rate of cybercrime in the financial sector has increased due to the increased use of modern technology and the Internet (Panetta, 2018), which may bring Internet risks to it. This is what made the banks that provide FinTech services and the FinTech companies state readiness and alertness to prevent cyber-attacks (Najaf et al., 2020). Cebula and Young (2010) define cyber risks as "operational risks to information and technology assets that have consequences for the confidentiality, availability, or integrity of information or information systems." Cyber risks could affect the technology through three things: confidentiality, integrity, and availability (Saleem, 2021). They can be divided into three types: operational, tactical, and strategic (Mehrban et al., 2020). The increased interdependence between financial institutions (Buckley et al., 2019;Vučinić, 2020), the use of the same programs and systems (Buckley et al., 2019), the weak communication between financial institutions increase cyber risks and attract digital thieves (Mesic, 2021).
The current study looks at the relationship between adopting FinTech risks and their impact on the performance of banks in Yemen. This study determines that FinTech risks include systemic, operational, outsourcing, and cyber risks. Bank performance was measured using a balanced scorecard, which comprises four perspectives-financial perspective, customer perspective, internal operation perspective, and education and growth perspective. When reviewing literature studies, it was found that there is a lack of research on the impact of FinTech risks on bank performance when using FinTech. An academic perspective and an analytical approach are brought to the risks banks face due to FinTech adoption by identifying and analyzing the systemic, operational, outsourcing, and cyber risks associated with banks' performance. This study intends to investigate the impact of these risks of FinTech adoption on banks' performance and with each other.
The study has presented a proposed relationship between the risks of adopting FinTech in banks with each other through the risk variables used in this study. The researcher proposed the impact of outsourcing risks on cyber and operational risks and suggested the impact of cyber risks on operational and systemic risks and the impact of operational risks on systemic risks. The hypotheses for this proposal were developed and tested.
Banks are considered important economic sectors over the world including banks in Yemen. Therefore, the study of FinTech and its effects on the banking sector has attracted the interest of many researchers because of its great importance for the consumer, the banking sector, and the governments (Wonglimpiyarat, 2017).
The Motives for growth and development of FinTech in the Yemeni Banking sector: 1. 75% of the Yemeni population is younger than 30 years old. Most of mobile phone users and Internet dealers are mostly young people of this age. This is a great opportunity for banks to adopt FinTech in providing financial services. 2. More than 70% of the population of Yemen lives in the countryside, so it is very difficult for banks to be in rural areas. This makes it an opportunity for banks to adopt technological development in financial services, which saves time, effort, and cost to deal with the bank traditionally. 3. According to the 2014 Global Financial Inclusion Indicators measurement, only 6% of the ownership of bank accounts is from adults, which is a very low rate. While Yemen Socio-Economic publication (Em, n.d.,2018), estimated about 1.8 million Yemenis only have bank accounts. 4. According to (Yemen Socio-Economic (Em, n.d.,2018) there is a decrease in the number of branches of expenses, which provides one branch for every 94,496 people. It concentrates its spread in urban areas, while 70.8% of the population lives in rural areas, and this hinders the access of a large segment of people to banking services. 5. According to Internet world stats, the number of Internet users has increased from one year to another. In 2018, the number of Internet users reached 7,031,784, compared to previous years, as in 2016 is 6,700,000. All of these factors motivate the banks to adopt FinTech and can take attention to make plans to avoid or reduce the effectiveness risks of adopting FinTech in banks. This study helps decision-makers in banks to do that. Therefore, the study is considered one of the rare studies that contribute to analyzing the relationship between the risks of adopting FinTech in banks and their impact on performance. Through exploring the most critical risks of adopting FinTech in banks: systemic risks, operational risks, outsourcing risks (Saleem, 2021;Supervision), B. (Basel C. on B, 2018), cyber risks, and their impact on performance.

FinTech and performance
According to previous studies, academics utilize several metrics and models to assess the performance of banks, such as the CAMELS model, which was created in 1979 by regulatory authorities in the United States of America. The CAMELS model is divided into six dimensions: capital adequacy, asset quality, management quality, earnings, liquidity, and risk (Rozzani & Rahman, 2013). This model aids in the detection of issues before they develop. Furthermore, the PEAIS model focuses on financial performance operations such as asset protection and efficient financial structures, asset quality, rates of return and expenses, liquidity, and growth (Kasem et al., 2008), as well as the PATROL model, which is a financial performance monitoring tool that provides a detailed image of the institutions. This model consists of five parts: capital sufficiency, profitability, credit quality, organization (management), and liquidity (Brewer et al., 1994). Looking at past models, the researchers found that most of them concentrate on financial performance since they provide information about what occurred in the past. The balanced scorecard model is one of the most often used methods for assessing financial and non-financial performance in banks. It has provided performance metrics for non-financial views such as customer, internal operations, and education and growth. The balanced scorecard approach allows for translating a bank's strategic vision into more concrete objectives and indicators in measurement and a focus on the outcomes in the short term in the organization's long-term plan. So the present study adopts the balanced scorecard model.
In previous studies, when the impact of the adoption of financial technology in banks on their performance was investigated, it was found that researchers use the following procedures: 1-The rate of return on assets and the rate of return on equity, both of which indicate profitability indicators. They are regarded as quantitative metrics within indicators used to assess financial performance. These studies include (Hasaka, 2019;Ky et al., 2019;Nguyen et al., 2021;Singh et al., 2021).
According to (Kaplan, R. S., Norton, D. P., Norton, D. R., Marvin Bower Professor of Leadership Development Boston, H. B. S. & Collaborative, B. S, 2005), a balanced scorecard is a tool for measuring integrated and comprehensive organizational performance. It is the incorporation of a collection of financial and non-financial performance indicators. Through information exchanged between the four perspectives, the balanced scorecard consists of two perspectives that measure internal performance (internal operations perspective, education, and growth perspective) and two perspectives that measure external performance (financial perspective and customers' perspective).

Cyber Risks
Studies of (Saleem, 2021) and (Vučinić, 2020) show that cyber risks threaten financial institutions FinTech companies, that use modern digital technology in their business and provide their services. This is what attracts a lot of digital thieves and cybercriminals to try to breach and tamper with data. The study (Mesic, 2021) indicates that some of the various institutions linked to each other by poor means of communication make them vulnerable to cyber-attacks. While the study by (Buckley et al., 2019) shows that many institutions use the same programs, infrastructure, and cloud computing, making them more vulnerable to cyber risks. This was supported by a study by (Najaf et al., 2020), indicating that one of the possible reasons for cyber-attacks is the compatibility of FinTech companies with financial institutions in providing their services. Studies of (Buckley et al., 2019;Mehrban et al., 2020;Panetta, 2018) indicate that the use of cloud computing without a high degree of security might be one of the causes of cyber risks due to the nature of its work in obtaining services and transferring data to more than one device, which makes it an opportunity for hackers and electronic criminals to penetrate data and attack them and manipulate them. The study of (Buckley et al., 2019) also indicates that financial intermediaries might use external service providers (i.e., outsourcing) for essential functions, which may expose data to cyber risks due to its movement between external service providers and financial agents. Studies of (Giudici, 2018;Kaur et al., 2021;Panetta, 2018; Supervision), B. (Basel C. on B, 2018) also show that cyber risks affect financial institutions and FinTech companies. So the hypothesis will be as follows.

H1:
There is a statistically significant negative impact of cyber risks on the performance of banks that adopt FinTech.

H1a-H1d:
There is a statistically significant negative impact of cyber risks on banks' performance prospectives (H1a Financial Perspective, H1b Customer Perspective, H1c Operation internal Perspective, and H1d Education and growth Perspective) adopting FinTech.

Outsourcing risks
The study of (Qin et al., 2012) shows that there are ten risks of outsourcing when adopting information technology, including the risks of maintaining the confidentiality of important strategic data and information for the organization. Studies by (Aubert et al., 2004;Hoecht & Trott, 2006) have shown that preserving data and information from leakage and security problems may cause a financial institution to lose its competitiveness. The study (Supervision), B. (Basel C. on B, 2018) indicates that outsourcing risks are more serious when global players control third parties to provide part of the digital services that banks want to adopt. The study (Lim & Thng, 2021) has noted that by outsourcing access to digital technologies to FinTech, there may be risks in accessing confidential data and information, which no other party should not be aware of.

H2:
There is a statistically significant negative impact of outsourcing risks on the performance of banks that adopt FinTech.

H2a-H2d:
There is a statistically significant negative impact of outsourcing risks on banks' performance prospectives (H2a Financial Perspectives, H2b Customer Perspectives, H2c Operation internal Perspectives, and H2d Education and growth Perspectives) adopting FinTech.

Operational risks
The study (Safeza Mohd Sapian et al., 2021) indicates that the use of FinTech in banks leads to banks' exposure to operational risks or it poses other operational challenges. While the study (Khalil & Alam, 2020) shows that banks' cooperation with FinTech companies may lead to operational risks and that there are 18 operational risk events. The study (Romanova & Kudinska, 2016) also reports that the development of FinTech adds additional risks, including an increase in operational risks. And it supports the study (Saleem, 2021), which concludes that there is a positive relationship between the development of FinTech and the perceived risks, including the operational risks, which represent (36%) of the perceived FinTech risks. In addition, the study of (M. M. Ali et al., 2021) states that customers are aware of the risks they may face from using FinTech services, such as operational risks. The study (Ryu, 2018) indicates that operational risks represent a significant obstacle for clients to use financial technology services.

H3:
There is a statistically significant negative impact of operational risks on the performance of banks that adopt FinTech.

H3a-H3d:
There is a statistically significant negative impact of operational risks on banks' performance prospectives (H3a Financial Perspective, H3b Customer Perspective, H3c Operation internal Perspective, and H3d Education and growth Perspective) adopting FinTech.

Systemic risks
The study (Zhu & Hua, 2020) indicates a positive relationship between the development of online finance and banking systemic risks. Also, FinTech is achieved via the Internet and networks, so any technical error or malicious attack may lead to systemic risks if not the failure of the entire system (Yuan & Xu, 2020). This is supported by the study of (Bu et al., 2021), which confirms that the development of FinTech increases systemic financial risks. The study (Vučinić, 2020) indicates that despite the benefits of FinTech, which helps in financial stability, it is likely that this will negatively affect systemic risks, which may undermine financial stability. While some studies have suggested that the development of FinTech is not affected by the increase in systemic risks. The study (Giudici, 2018) indicates that the digital technologies used in FinTech, such as big data, artificial intelligence, and blockchain, help manage risks more efficiently. This is done by measuring and controlling systemic risks, measuring and controlling market risks and detecting customer risks, identifying illegal activities in the crypto markets such as fraud and money laundering, and identifying operational and information technology risks. The study of (Franco et al., 2020) supports this, which shows that FinTech companies do not contribute significantly to systemic risks. Also, the study of (Buckley et al., 2019) indicates that it does not believe that systemic risks do not come from FinTech.

H4:
There is a statistically significant negative impact of systemic risks on the performance of banks that adopt FinTech.

H4a-H4d:
There is a statistically significant negative impact of systemic risks on banks' performance prospectives (H4a Financial Perspective, H4b Customer Perspective, H4c Operation internal Perspective, and H4d Education and growth Perspective) adopting FinTech.

Outsourcing risks with cyber risks
There is an influence relationship between outsourcing risks with cyber risks Where (Bouveret, 2018) clarified that the risks of outsourcing may lead to cyber risks, without any nefarious intention to do so, because cyber risks may not be through electronic attacks, but maybe when programs and technologies are updated and errors occur that lead to cyber risks. The study (Mesic, 2021) indicated that the adoption of digital programs and technologies for third parties may lead to exposure to cyber risks when several institutions are linked and the communication between them is not strong and effective at the same time, which may allow hackers to penetrate these systems. The study (Buckley et al., 2019) also indicated that when outsourcing the adoption of some digital technologies in the financial sector, third parties may look at or access company, bank, or customer data, and this may lead to the risks of their misuse by employees, and this is one of the threats Outsourcing may create a fertile environment for cyber risks. The study (Chapelle, 2019) also indicated that cyber risks, which are one of the most prominent risks in the recent period, are caused by a number of other risks, including the risks of outsourcing. Through the foregoing studies, we conclude that the risks of using external sources may contribute to cyber risks.

H5:
Outsourcing risks have a statistically significant impact on cyber risks.

Outsourcing risks with operational risks
There is an impact relationship between outsourcing risks and operational risks.
The (BCBS, 2018) study showed that when banks rely on a third party to adopt digital technologies, where the management of these technologies is controlled by third parties, the transparency of operations decreases, which increases operational risks. The study (Vučinić, 2020) also indicated that some digital technologies in the financial field, such as cloud computing, contribute to operational risks. Furthermore, these risks increase when banks use external parties to provide them with this technology. The study (Chapelle, 2019) indicated that outsourcing at times poses significant threats that may increase operational risks. Therefore, operational risks need to be focused on financial institutions, especially banks, and use external sources to adopt digital technologies.

H6:
Outsourcing risks have a statistically significant impact on operational risks.

Cyber risks with systemic risks
There is an impact relationship between cyber risks and systemic risks.
The study (Yuan & Xu, 2020) indicated that FinTech operates on the Internet and networks, and when any technical error or malicious attack occurs for any financial institution, it may affect the entire financial sector and may lead to its failure. Therefore, individual risk may affect other financial institutions and the entire financial system (Buckley et al., 2019). The study (Buckley et al., 2019) showed that cyber threats and risks are the main sources of systemic risks in the financial sector. The study (Lukonga, 2018) indicated that appropriate safeguards must be put in place for banks using digital technologies from a malicious cyber-attack that may not affect individually but may affect the banking sector as a whole. The study (Safeza Mohd Sapian et al., 2021) indicated that in the event of a cyber attack on any FinTech platform on which trade finance activities depend on, this may affect a systemic collapse of the trade finance market. From the above studies, it is clear that there is an impact relationship between cyber risks and systemic risks.
H7: Cyber risks have a statistically significant impact on operational risks.

Cyber risks with operational risks
There is an impact relationship between cyber risks and operational risks.
The research (Cebula & Young, 2010) also clarified that cyber risks are the confidentiality of data and information and that any risks in them lead to operational risks. This study also shows that the cyber risks that affected the operational risks are divided into four categories as follows: 1. People's actions 2. Failures of systems and technology 3. Failed internal processes 4. External events. Each category is divided into subcategories. The study (Saleem, 2021) reached results showing that there is a positive statistically significant relationship between FinTech and perceived risks, including cyber risks and operational risks.

Operational risks and systemic risks
Existence of an impact relationship between operational risks and systemic risks.

Collection of data
The descriptive and causal modeling tests were utilized as approaches in this study, which used a quantitative research method. For data collection, the survey approach used a questionnaire. The questionnaire had a 30-item instrument that quantified respondents' systemic risks, operational risks, outsourcing risks, and cyber risks as measures of the risks of FinTech adoption. Simultaneously, financial perspectives, customer perspectives, internal operations perspectives, and education and growth perspectives assess the banks' performance using balanced scorecard prospectives.
The research population consists of 824 questionnaires distributed to five main banks and their 206 branches in Yemen that provide FinTech payment services. About 310 questionnaires-37.6% were distributed from October to December 2021, of which 263 questionnaires-23%, were returned to be analyzed in this study depending on the size of the banks, see, table 1, 2.
Many academics at the Commerce department at Dr. Babasahab Ambedkar Marathwada University-Aurangabad, India, and professors in the Colleges of Commerce and Management at Sana'a and Thamar Universities in Yemen, assessed the questionnaire. The questionnaire was delivered to the managerial level, which included the branch manager, deputy branch manager, Customer Service Officer, and banking transaction officer. Using a stratified random sample method, the sample size dependent on stratum size was calculated for each bank since the sizes of banks vary depending on the number of branches from one bank to another. The increased number of branches allows bank services to reach more individuals.

Statistics methodology
This research paper follows the SEM model as described by (Anderson & Gerbing, 1988). It is a fantastic method for testing and estimating multivariate causal links' (Fan et al., 2016). Smart PLS 3.3.3 is used to create SEM to test the proposed model (Hair et al., 2020). PLS is used in IS research in a wide sense (Geijteman & Mevius, 2016;Urbach & Ahlemann, 2010;Henseler et al., 2016). There is no dispute regarding the spread of components that promote reasonable systemic precision (Urbach & Ahlemann, 2010). It is also a useful model utilized in complex research, with a lot of constructs and pointers (Urbach & Ahlemann, 2010;Nitzl & Chin, 2017). It includes two standard related models, the measurement and the structural models.
The repeated indicator method cannot be used in the reflective formative technique in the second order when R 2 = 1.00 and path coefficient = 0.000. It should use a disjoint two-stage technique or expand on the repeated indicator method . When using the repeated indicator strategy, the R 2 = 1.00 and the path coefficient = 0.000 in the present study, as shown in Figure 1. As a result, a disjoint two-stage approach was used for this inquiry. Furthermore, due to the second-order formative construct and the lack of equivalent indicators in lower-order reflective constructs (Becker et al., 2012), mode-B is the measuring mode (Aggarwal & Kapoor, 2021;F. F. Ali et al., 2018).
The second-order construct is not represented in the conceptual model due to the followed guidelines (Joseph F Hair et al., 2019;Sarstedt, Hair, et al., 2019). As shown in Figure 2, the disjoint two-step approach is required for estimating the measurement model without the need for a second-order construct. The second step is to compute the latent variable scores and add them to the original data file. Lower-order constructs are used to indicate second-order constructs, i.e., lower-order constructs (Becker et al., 2012). All constructs' reliability and validity are re-established before the final structural model assessment (Joseph F Hair et al., 2019;Sarstedt, Hair, et al., 2019).

Measures
The questionnaire included four factors as independent variables in this study: systemic risks, operational risks, outsourcing risks, and cyber risks simultaneously, and four as dependent variables reflect balanced scorecard perspectives such as financial perspectives, customer perspectives, operation internal perspectives, and education and growth perspectives. The survey instrument and evaluation scales were modified to evaluate the risks of FinTech adoption on bank systemic risks (Bu et al., 2021;Vučinić, 2020), operational risks (Khalil & Alam, 2020;Safeza Mohd;Sapian et al., 2021), outsourcing risks (Lim & Thng, 2021), and cyber risks (Giudici, 2018;Kaur et al., 2021;Panetta, 2018; Supervision), B. (Basel C. on B, 2018). The qualities in the research were assessed using a five-point Likert-type scale ranging from "strongly disagree" to "strongly agree," as well as five questions on the participants' demographic information using nominal scales (Gender, Job, Years of Experience, Scientific Level, and Specialization).  Table 1 displays the demographics of the final data set, which includes 263 responses. A critical sample size of greater than 200 is adequate for statistical power in data analysis, according to (Comrey & Lee, 1992;. As a result, the 263 sample size obtained from this investigation is sufficient for data analysis. The path model is measured using a structural and measurement model. The disjoint two-stage approach is used with Mode B in this research for the second-order formative construct (Becker et al., 2012).

Descriptive statistics
The current study collected demographic information from the research sample, such as gender, job, years of experience, scientific level, and specialty. There are 263 total responders, with males accounting for 87.1 % and females accounting for 12.9 %. 41.1 % of respondents have 1-5 years of experience, 29.3 % have 6-10 years of experience, 5.9 % have 11-15 years of experience, and 24 % have more than 16 years of experience. Respondents with a bachelor's degree are (90.5 %). Accounting major for 24% of responders.

Measurement model of lower-order reflective constructs
The lower-order reflective construct measurement model was tested for reliability and validity in the first stage of the disjoint two-stage approach (Joseph F Hair Jr et al., 2021). Cronbach's alpha and composite reliability ratings were used to assess internal consistency. Table 2 displays Cronbach's alpha values for the eight lower-order structures. It is shown with a threshold of 0.7. The composite reliability ratings are greater than 0.7. the reliability is measured and considered satisfactory (Urbach & Ahlemann, 2010). Convergent validity is examined using factor loadings and AVE (average variance explained; Cooper & Schindler, 2014). When all factor loadings exceed the permissible value of 0.70, convergent validity is proven, which is illustrated in Table 3 (Field, 2013). Table 2 displays all AVE values more than the recommended threshold of 0.5 (Joseph F Hair Jr et al., 2021). Table 4 ʹs HTMT (Heterotrait-Monotrait ratio) values are lower than the suggested threshold of 0.85 (Hair Jr et al., 2020). By comparing AVE values with the square of the correlation estimates for any two risks, the research-validated a precise discriminant validity test. Systemic risks, operational risks, outsourcing risks, cyber risks, financial perspectives, customer perspectives, internal operations perspectives, and education and growth perspectives are all higher than the squared correlation estimates (see , Table 5 cross-loading). As a result, the study's model has no problems with discriminant validity.

Measurement model of higher-order formative constructs
The disjoint two-stage approach is used to generate the second-order reflective construct by summing the latent variables' scores of lower-order reflective constructs. SMART-PLS estimates it without considering the higher-order build as markers of higher-order constructs at a lower level (Becker et al., 2012). The second phase explores the second-order formative construct to develop a measurement model and conduct structural model analysis (Joseph F Hair et al., 2019;Sarstedt, Hair, et al., 2019). At this level, the second-order construct is treated as a lower-order formative construct, with multicollinearity and outer weights investigated in its measurement model (Becker et al., 2012). Table 6 displays the VIF (Variance Inflation Factor) of each indicator (formative construct; Hair, Anderson, et al., 2010). Multicollinearity influences the appraisal and significance of the formative construct's outer weights (Joseph F Hair Jr et al., 2021). Table 6 demonstrates that all VIF values are lower than the 5 cutoff levels. This study's VIF is less than 2, indicating that the outcome is more accurate. As a consequence of the research, there is no evidence of multicollinearity. The bootstrapping technique is then performed with 5,000 sub-samples to assess the importance of outer weights. The overweights are the standardized multiple regression coefficients that demonstrate the relative importance of the relevant indicator for the formative concept (Joseph F Hair Jr et al., 2021). Table 6 shows the levels and significance of the outer weights for all formative construct indicators except operation internal perspectives, which is (0.093) less than (0.1) and is not significant, and education and growth perspectives is (0.247) more than (0.1) and it is not significant. in this case based on  it should go to check factor loading if the factor loading is greater than 0.50 and its significant so don't delete it. In this study the factor loading of    operation internal perspectives is (0.552) and it's significant, education and growth perspectives is (0.510) and it's significant. So it is acceptable. This confirms the assumptions of the cognitive model of the study that the four dimensions are the variable of performance. As a consequence, the current study achieves the measurement model. The results of measurement model-cross-loadings are clear in Table 7 and 8.

Structural model
After assessing the measurement model for validity and reliability, the study proceeds to the structural model assessment, which includes hypothesis testing, R 2 , Q 2 predictive significance, effect size (f 2 ), and model fit (Memon & Rahman, 2014).

Hypotheses testing
The hypotheses in this article are evaluated using (β-value, t-value, and p-value) with a sub-sample size of 5000. The connections between the constructs are T and P values are used to identify the way coefficients, (β) values are clearly and demonstrably (i.e., at p0.05,p0.01, or p0.001) in the model that depicts the route coefficients in Figure 3. Pearson's correlation also tested the relationship between banks' risk variables of FinTech adoption.
The special indirect effect of the risk variables' relationship with performance and each other was also tested. The details of the structural model (Path coefficient of research hypothesis) are mentioned in Table 9.
The results of hypothesis testing show that there are risks that negatively affect the performance of banks that adopt FinTech, such as cyber risks and operational risks, both at the dimension level or at the level of balanced scorecard perspectives, except for the education and growth perspective for operational risks. It also showed the positive impact of outsourcing risks on performance and financial perspectives. The hypothesis testing results also showed systemic risks do not affect performance at the dimension or the balanced scorecard perspectives. Results also showed the validity of the proposal submitted on the impact of risks with each other, except the effects of outsourcing risks with cyber risks.   Pearson correlations of a proposed relationship between the risks are clear in Table 10. And the details of specific indirect effects were demonstrated in Table 11.

Test of correlations of a proposed relationship between the risks
There is a relationship between the four risk variables which was tested by the Pearson Relationship Test, shown in table (10), and it is evident from the following table: There is a significant relationship between the outsourcing risks and the operational risks with a value of (0.241), as well as a significant relationship between cyber risks and operational risks with a value of (0.220). The results showed that the cyber and operational risks have a significant relationship with the systemic risks with the values of (0.614) and (0.404) respectively. While there is no significant relationship between outsourcing risks with cyber and systemic risks, the correlation value is (0.055) and (0.056), respectively. This result reinforces the validity of the proposed relationship between the risk, except for the relationship between outsourcing and cyber risks.   Table (11) presents the special indirect relationship of the risk variables. It shows that there is a significant impact of cyber risks on operational risks, which in turn affects performance negatively and systemic risks positively in an indirect relationship. where the value of beta is (−0.040), T value is (−2.042), and P value is (0.041), and beta is (0.059), T value is (3.100), and P value is (0.002) respectively. This result supports the validity of Hypothesis No. 7,8 that cyber risks affect operational and systemic risks directly and indirectly.

Test of specific indirect effects of a proposed relationship between the risks
Also, it shows that there is a significant impact of outsourcing risks on operational risks, which in turn affect performance negatively and systemic risks positively in an indirect relationship. where the value of beta is (−0.045), T value is (−2.298), and P value is (0.022), beta is (0.066), T value is (3.536), and P value is (0.000) respectively. This result supports the validity of Hypothesis No. 6, 9 that outsourcing risks affect operational and systemic risks directly and indirectly. These results support the hypotheses (6,7,8,9) and the results of the correlation of risks, which confirmed all these tests on the validity of a proposed relationship between the risks except for the impact and relationship of outsourcing risks with cyber risks.

Assessing (R 2 ) and predictive relevance Q 2
This research requires measuring the (R 2 ) predictive relevance of Q 2 and R-Square to the variation in the dependant variable (DV) that free factor/s (IVs) clarity. According to (Fan et al., 2016), the dependent variable is 0.253, explaining the effect of the independent variables, as indicated in Table 8 and Figure 3. PLS 3ʹs careless technique is utilized to assess Q 2ʹ s predictive significance. Q 2 has a cut-off point larger than zero, suggesting that the model's purpose is predictive (Joe F Joe F Hair et al., 2011). According to Table 8, the Q 2 value of FinTech adoption is 0.101 >0. The predictive supporting relevance of the model is to the latent endogenous variables. Q 2 : Predictive relevance blindfolding is used to produce cross-validated redundancy metrics for each component, resulting in Q 2 estimates larger than zero, demonstrating that the exogenous structures have predictive value for the endogenous construct under consideration (Joe F Joe F Hair et al., 2011). The details of R square & Q square are included in Table 12.

Assessing the model fit
The model fit is calculated as the last step. The following methods are used to test model fit in PLS:

The model's Goodness of Fit (GoF):
Through the Goodness of Fit, (Joe F Hair et al., 2011) demonstrate how well the chosen model replicates the observed covariance structure among the marker items (GoF). The current research created the file as a broad fraction of the model, namely the estimate and underlying PLS models. The model's forecast execution is a single estimate (Vinzi et al., 2010). In PLS, there is no measure of global fit. However, scientists suggest a global GoF defined as the mathematical mean of both the normal of AVE and the normal of R2 for endogenous (Tenenhaus et al., 2005), as calculated using the simultaneous equation: GoF ¼ ffi ffi ffi ffi ffi ffi ffi ffi ffi ffi ffi ffi ffi ffi ffi ffi ffi ffi ffi ffi ffi ffi ffi ffi ffi ffi ffi The GoF requirements are as follows: Not fit, small, medium, or large have by (Wetzels et al., 2009): GoF 0.1 indicates that there is no fit, GoF between 0.1 and 0.25 indicates a small fit, GoF between 0.25 and 0.36 indicates a medium fit, and GoF more than 0.36 indicates a large fit. The current research comprises GoF = 0.426, which is more than 0.36 and reflects a high value.

Standardized root mean square residual (SRMR)
(SRMR) is determined using a cut-off estimate of less than or equal to 0.08 (Henseler et al., 2016). Using PLS 3, the SRMR in this study is 0.046, which means that the model is acceptable.

Discussions
Cyber Risks (H1). The results for the effects cyber risks on performance (β = −0.439, p = 0.000). The results indicate significant negative path coefficients signifying the influence between cyber risks and banks' performance. That means when the cyber risks increase, the banks' performance decrease. These risks give disasters to banks, such as data and information penetration and their manipulation. It comes from cybercriminals and hackers. This could be by hacking and penetrating customer data and infringing on their privacy when conducting their financial transactions via the Internet or it could be through security threats that may be exposed to banking systems. A large amount of implicit data may be subject to violations when providing FinTech services through banks, such as customer account numbers, financial transaction numbers, monetary amounts, financial fees, and other financial data.
The results of the hypothesis (H1a-H1d) show a significant negative influence on (Financial, Customer, Internal Operation, and Education and Growth) Perspectives by cyber risks. Thus, cyber risks are considered the most risks affecting the performance of banks.
Outsourcing Risks (H2). A significant positive effect is found between outsourcing risks with banks' performance (H2) as a result (β = 0.155, p = 0.046). The result appears to argue this hypothesis. As a result, there is a positive significant effect of outsourcing risks on the banks' performance. This explains that outsourcing risks represented in accessing bank data, information and secrets, represent a strong incentive to take the necessary precautions and prepare to avoid these risks and make the most of outsourcing to use FinTech techniques and provide competitive digital services. To confirm this result, personal interviews were also conducted with the same research sample. Interviews were conducted with 10 branch managers from different banks. Their answers indicated that banks had not faced any risks when outsourcing so far, especially in confidentiality and privacy of data. This is because they deal with well-known companies and they executed strict contracts and penal conditions. This supports the findings of this study. Moreover, outsourcing the development of demolition and adopting high technologies brings a lot of advantages, which directly impact performance. Banks may be attracting experts in FinTech techniques who work to follow up the work and pay attention to any risks to data confidentiality or other methods to ensure that. In this method, these risks can be avoided, and the maximum benefit from outsourcing benefits the banks and positively affects their performance. The study of (Qin et al., 2012) rejects the risks of outsourcing represented in "the theft of the unique intellectual assets of the organization and confidential data by the provider." This supports the findings of the current study on the risks of outsourcing.
The results of the hypothesis (H2a-H2b) show a significant positive effect on the financial perspective; this shows the impact of utilizing direct outsourcing on the financial perspective. Moreover, this result indicates the capabilities of financial technology and its impact on the financial perspective of performance through outsourcing the adoption of FinTech.
Operational Risks (H3). The hypothesis explores the influence of operational risks proposed performance of banks. The results of the hypothesis (β = −0.194, p = 0.003). There is a significant negative effect of operational risks on the banks' performance. That means when the banks control and avoid the operational risk, the performance will increase. This explains that banks face operational risks during the adoption of FinTech, which is represented by: technical or digital errors that may occur to bank systems during work, whether operational mistakes by bank employees or due to the modernity of digital technologies and services. Errors that may occur by technicians and engineers. Errors may occur during the conduct of financial operations for clients via digital technologies. These errors, which pose risks during the operations of FinTech services in banks, whether by customers or employees, have a negative impact on the performance of banks.
The results of the hypothesis (H3a-H3b) display a significant negative effect on all dimensions of the balanced scorecard, except the Education and growth perspective by operational risks. This shows the impact of negative operational risks on most of the balanced scorecard perspectives, which indicates the importance of managing operational risks when adopting FinTech in banks.
Systemic Risks (H4). The results for the factor systemic risks indicate that it is insignificant at (p,0.05). The hypotheses (H4) are rejected and show no significant effect of the systemic risks on banks' performance. This shows that the systemic risks, which represent the risks of information technology, and software technologies in the banking business, do not affect the performance of banks. The rejection of this hypothesis can be explained by the fact that the digital technologies of FinTech are recent digital developments when used by banks that may increase the risks of information technology. Still, the necessary and expected preparations may be ready to avoid these risks, which may not affect the performance of banks. Also, digital technologies such as Blockchain have a high technology to maintain data confidentiality and help not penetrate it. Artificial intelligence techniques help in detecting and identifying risks and finding the expected risks, as well as in big data technology that analyzes data and helps detect any data or information that may lead to risks to the organization.

Outsourcing risks with Cyber risks (H5):
The results for the hypotheses systemic risks indicate that it is insignificant at (p,0.05). And the Pearson Correlation value is (0.055) and insignificant which means there is no correlation. The hypotheses (H5) are rejected and show no significant effect of outsourcing risks on cyber risks. This result is indicated by the studies (Bouveret, 2018;Buckley et al., 2019;Chapelle, 2019;Mesic, 2021). The risks of outsourcing may not lead to cyber risks when third parties update software and technologies. An unintended error may occur that leads to cyber risks when third parties have access to bank data, or when financial institutions are linked, and the communication between them is weak. These possibilities may not occur as financial institutions operate contracts with strict third parties and set penal conditions for breaching any contract clause. So third parties try not to leave any loophole allowing cyber risks. This reassures decisionmakers about outsourcing. This may explain why this hypothesis is not accepted.
Outsourcing risks with Operational risks (H6): The hypothesis explores the influence of outsourcing risks and proposed operational risks. The results of the hypothesis (β = 0.233, T = 4.334, p =0.000), and the Pearson Correlation value is (0.241) and (0.000) significant that means there is correlation. There is a significant positive effect of outsourcing risks on operational risks. When banks adopt digital FinTech technologies from third parties, these technologies work on the banks' operating systems as these technologies work to provide digital financial services or develop the banking system, which is done through outsourcing. Therefore, any risks that occur when outsourcing increase the operational risks. Third parties may control the management of these technologies, the transparency of operations decreases, and thus the possibility of operational risks increases, which is what the study indicated (BCBS, 2018). Some digital technologies provided by third parties work mainly on the operating systems of banks, such as cloud computing, which poses a direct danger to the operating systems at a high rate. And this is indicated by a study (Vučinić, 2020); therefore, any risks of outsourcing this technology increase operational risks. Thus, outsourcing risks positively impact operational risks, meaning that the greater the risks of outsourcing, the greater the occurrence of operational risks.

Cyber risks with Operational risks (H7):
The results for the effects of cyber risks on operational risks (β = 0.209, p = 0.000). The results indicate significant positive path coefficients signifying the influence between cyber risks and banks' operational risks. The Pearson Correlation value is (0.220) and (0.000) significant that means there is correlation. This hypothesis is accepted. Hackers and cybercriminals work to penetrate the systems of financial institutions, manipulate confidential data and information, and carry out their crimes. Thus, cyber risks are mainly affected by the operating systems of financial institutions, meaning that cyber risks affect operational risks. The study (Cebula & Young, 2010) indicated that cyber risks are considered operational risks, as they significantly impact data and information availability, which leads to operational risks. This is the reason behind the positive impact of cyber risks on operational risks, meaning that the higher the cyber risks, the higher the operational risks.

Cyber risks with Systemic risks (H8):
The results for the effects of cyber risks on systemic risks (β = 0.553, p = 0.000). The results indicate significant positive path coefficients signifying the influence between cyber risks and banks' systemic risks. The Pearson Correlation value is (0.614) and (0.000) significant that means there is correlation. FinTech technologies and digital services operate via the Internet, which may raise cyber risks through technical or digital error or electronic violations and attacks on any financial institution. It may affect a financial institution and the entire financial sector. The financial institutions work together and cooperate in providing financial services. Some financial institutions are connected by networks or otherwise. Some financial institutions have effective communication with each other. When an electronic penetration or attack occurs for one financial institution, it may affect the rest directly or indirectly and even affect the entire financial sector. It increases the systemic risk. Therefore, cyber risks positively impact systemic risks, meaning that the greater the cyber risks may increase the occurrence of systemic risks. The result of this hypothesis supports what some studies have indicated, such as those of (Safeza Mohd Sapian et al., 2021;Yuan & Xu, 2020).

Operational risks and Systemic risks (9):
The results for the effects of cyber risks on systemic risks (β = 0.282, p = 0.000). The results indicate significant positive path coefficients signifying the influence between cyber risks and banks' systemic risks. The Pearson Correlation value is (0.404) and (0.000) significant that means there is correlation. Operational operations are mainly related to the systems of financial institutions, so the operational risks affect the systems of financial institutions. The financial institutions are closely related to each other. When one financial institution is affected by operational risks, it may affect the rest of the financial institutions, and thus systemic risks increase. This explains that operational risks have a positive impact on systemic risks.

Conclusions
The current study proved the validity of the proposed relationship between the risk variables on each other, except for the impact of outsourcing risks on cyber risks. The results showed an impact and relationship of cyber risks on operational and systemic risks, an impact of outsourcing risks on operational risks, and an impact of operational risks on systemic risks.
The study concluded that there is a significant negative impact of cyber risks on the performance of banks adopting FinTech. Cyber risks ranked first and most affected the banks' performance, among other variables. It was found that it affects all four performance perspectives negatively. This indicates the high impact of cyber risks on performance in general and on all perspectives.
The study also found a significant negative impact of operational risks on the performance of FinTech banks. The results revealed that all performance perspectives were negatively affected by operational risks, except for education and growth.
As for the outsourcing risks, they turned out to have a significant positive impact on the performance of the banks. This result shows that outsourcing risks put banks in a state of readiness, caution, and full vigilance to avoid any risks that threaten them by outsourcing when adopting FinTech. This enhances the maximum benefits of outsourcing, which increases performance positively. The study found that it had a positive impact on the financial perspective.
As for the impact of the systemic risks of adopting FinTech on the performance of banks, it was found that there is no impact on the performance of banks. The impact of systemic risks on performance perspectives was tested, and it was found that there was no impact on the four perspectives.

Limitations and future research
This study succeeded in achieving its objectives, but there are some limitations as follows: This study used primary data (questionnaires and interviews). Future studies can use the variables of this study, use secondary data, and know the difference between the current study and the study through secondary data. This study also used cyber, operational, systemic, and outsourcing risks; therefore, future studies can identify other risks for adopting FinTech and know the extent of their impact on the performance of the banks that adopt FinTech, such as (strategic risks, money laundering risks, terrorist financing, and other risks). In addition, future studies can study the systemic risks of adopting FinTech in banks as an integrated and broad study and know the extent of its impact on banks' performance. Future studies also can examine outsourcing for adopting FinTech in banks comprehensively and deeply and then identify its impact on performance, especially in less developed countries. Thus, this suggests future studies examining the impact of outsourcing risks on cyber risks when FinTech is widely and deeply adopted in banks.

Appendix A Constructs
Indicator and item Source Balanced scorecard Financial Perspective

Fin_Per1
The bank's adoption of financial technology leads to an increase in market share. (Owusu & Liu, 2017) Fin_Per2 The Bank seeks by adopting FinTech services to reduce costs to a minimum.

Fin_Per3
The bank's adoption of financial technology leads to higher profits from year to year.

Fin_Per4
The bank's adoption of financial technology leads to maximizing shareholders' wealth.

Fin_Per5
The bank seeks by providing financial technology services to achieve higher productivity and thus increase profits.

Customer Perspective Cus_Per1
The bank seeks to improve the quality of its services to meet the wishes and needs of customers. (Owusu & Liu, 2017) Cus_Per2 The Bank treats complaints submitted by customers with great care.

Cus_Per3
The bank lowers the price of the service provided compared to the competitive market price.

Cus_Per4
The bank aims to increase the number of customers from year to year.

Cus_Per5
The Bank seeks to retain existing customers by responding to their needs. Internal Operation Perspectives

Ope_Per1
The bank reduces the time to complete the work. (Owusu & Liu, 2017) Ope_Per2 The Bank seeks to make optimal use of the available resources.

Ope_Per3
The bank works to reduce routine and inappropriate repetition at work.

Ope_Per4
The bank trends to digital technology to get rid of paperwork.

Ope_Per5
The bank seeks to increase the level of quality of services.
Education and growth perspective

Edu_Per1
The Bank is keen to hold qualitative training courses for its employees to keep pace with the era of digital technology. (Owusu & Liu, 2017) Edu_Per2 The Bank is keen to update the technology used constantly.

Edu_Per3
The Bank seeks to develop employees' skills and improve the use of modern technologies according to the era of digital technology.

Edu_Per4
The bank is keen to continue to develop its creativity and to reserve a higher place among banks.

Edu_Per5
The Bank is constantly improving and developing its services. (Continued)

(Continued)
Cyber Risks Cyb_Risk1 The banking system is exposed to threats and security breaches when adopting financial technology services through mobile applications. (Kaur et al., 2021) Cyb_Risk2 The banking system is exposed to penetrations and security threats when adopting financial technology services via online platforms.

Cyb_Risk3
The banking system is exposed to large amounts of implicit data for violations when adopting financial technology techniques such as (customer account numbers, financial operations, financial charges … and others) Operational Risks Opr_Risk1 Banks face the risks of maintaining the privacy of customer data when using mobile financial technology services.

Opr_Risk2
Banks face the risks of maintaining information security and data confidentiality in providing financial technology services to customers via mobile phones.

Opr_Risk3
Banks need to take the necessary precautions and measures when adopting financial technology to combat potential cybercrimes.

Outsourcing Risks Out_Risk1
The bank's use of outsourcing to provide FinTech services leads to risks in maintaining the confidentiality of the Bank's data and information.

Out_Risk2
The bank's use of outsourcing to implement FinTech services leads to the risks of maintaining data privacy. (Continued)