In recent surveys of authorities and global financial institutions, supervisors and executives agree that digital transformation is no longer just “nice to have.”
Various surveys show that there is progress, but there is still quite some way to go. A 2019 joint survey by the Cambridge Centre for Alternative Finance (CCAF) and the World Bank found that regulatory innovation initiatives are still relatively rare. Among the sample of 111 jurisdictions, only 38 had innovation initiatives such as innovation offices or regulatory sandboxes.1
Regtech and suptech programmes were the least common regulatory innovation initiatives. Only 14% of the regulators surveyed had such a programme in operation, and a review of the key suptech technologies suggests that between 8% and 18% of jurisdictions surveyed employed each of them. Beyond the automation of existing processes, examples of suptech projects include real-time access to bank data, natural language processing of consumer complaints and fit and proper assessments for board members.2
In response to shifting market dynamics, many financial institutions are also turning to business transformation enabled by digital innovation. The Institute for International Finance has told us that of 60 global banks surveyed in 2019, around one third are actively using machine learning techniques in credit models used for credit scoring and as input for regulatory capital calculations.3 Similarly, in 2018 one third of surveyed banks were applying machine learning techniques for anti-money laundering and combating the financing of terrorism (AML/CFT) compliance purposes, such as transaction monitoring, risk assessments and customer due diligence.4
Notwithstanding this important progress, there appear to be challenges that are common to both supervisors and banks alike and speak to the heart of technological innovation in the financial sector.
Let’s start with the technology itself.
Post-Great Financial Crisis, the complexity and opacity of internal models enabled some banks to game the system, resulting in unsatisfactory levels of capital to reflect risks during the financial crisis. We also came to realise that both boards and their supervisors had little understanding of the risk parameters being used, contributing to an excessive degree of risk-weighted asset variation.5
The debates on the use of AI and machine learning and “black box” risk in decision-making therefore sound very familiar. In particular, it may be difficult for human users at financial institutions – and regulators – to grasp how outputs and decisions generated by AI and machine learning tools have been formulated and can be explained.
It may be no coincidence that banks are increasingly interested in using AI and machine learning tools to increase the efficiency, accuracy and speed of “capital optimization.”
As we now know post-crisis, the lack of transparency around these applications is problematic for institutions, their boards and supervisors if it is not possible to understand how undesired events occurred and when steps may need to be taken to prevent a recurrence.6
Current bank regulatory, supervisory and licensing frameworks generally predate the emergence of technology-enabled innovation. In some jurisdictions, prudential authorities do not have a remit for firms that are not banks, and some services previously conducted by banks are now being provided by other firms that may not be regulated by bank supervisors.
Such fintech-related changes may therefore require regulators and supervisors to leave their comfort zone and reassess their current supervisory models and resources in order to ensure continued effective oversight of the banking system. But as supervisors know, this requires concerted efforts by different agencies to approach this in tandem.
This is not only about breaking the silos of financial regulation. It is about creating a multidisciplinary dialogue with authorities regulating third-party providers (such as telecoms regulators), and with authorities confronted with comparable technological challenges. AI has the potential to challenge law enforcement in many areas. For example, financial regulators could learn a lot from the rich discussions on the use and abuse of predictive justice.7
However, other challenges are not entirely about technology.
The talent pool, resources and need for expertise are without a doubt major issues for both supervisors and banks. The demand for data scientists and engineers is higher than supply and continues to grow as both incumbents and firms build a digital infrastructure, from storage on the cloud to cyber resilience defences. And for supervisory authorities in particular, competing with the private sector and tech firms to attract them is sometimes not feasible – although authorities have good selling points to attract data scientists, such as the opportunity to work for the common good and the ability to access troves of unexploited data. To address this, fintech education, resource planning and training, and engaging with technology firms should be a focus. Shouldn’t supervisors aim at meeting the very standards they set for the industry? 8
Underlying the slow uptake may also be the fact that digital transformation requires a certain degree of uncertainty, experimentation, and a “fail fast” mindset.9 I think we can agree that these attributes do not always sit comfortably with prudent supervisors and risk-minded financial institutions. I see this clearly from my position at the BIS Innovation Hub, a laboratory nested in a respectable, 90-year old cooperative of central banks.
Many financial institutions report that collaboration and building an ecosystem of alliances and partnerships with fintechs is important to the success of digital transformation. Forming innovation partnerships can help the financial institutions to accelerate digital transformation by changing culture, mindset and technology, and it can shorten the development timeline of innovative projects by allowing the technological and regulatory processes to run in parallel rather than in a sequence.10
However, banks have reported that onboarding fintech partners often presents a major challenge as it typically comes with a long lead time. And these new and innovative partnerships often introduce new sets of risks that may exceed supervisors’ risk appetite. Lively discussions on the merits and risks of regulatory sandboxes illustrate this difficulty.
Trusted collaboration between regulatory authorities, financial institutions and external technology experts may, therefore, be necessary to foster effective regtech and suptech adoption and overcome these challenges.
By Benoît Cœuré
Head of the BIS Innovation Hub, Peterson Institute for International Finance
1. World Bank and CCAF, Regulating alternative finance: results from a global regulator survey, 2019.
2. See ECB Banking Supervision, “Exploring the potential of supervisory technology”, Supervision Newsletter, 12 August 2020.
3. Institute for International Finance, Machine learning in credit risk report, 2019.
4. Institute for International Finance, Machine learning in anti-money laundering – summary report, 2018.
5. See S Ingves, keynote speech at the Institute for Law and Finance conference on “Basel III: Are we done now?”, Goethe University, Frankfurt am Main, 29 January 2018.
6. See Financial Stability Board, Artificial intelligence and machine learning in financial services: Market developments and financial stability implications, November 2017.
7. See eg European Commission for the Efficiency of Justice (CEPEJ), European ethical charter on the use of artificial intelligence in judicial systems and their environment, Council of Europe, February 2019.
8. Such as for senior management to “continuously review the skills, competencies and training requirements to ensure that it has the right set of skills as technologies and risks evolve” and to “regularly benchmark its cyber resilience capabilities against the market to identify its gaps in terms of governance, skills, resources and tools, treating these gaps as cyber risks and addressing them accordingly” (ECB, Cyber resilience oversight expectations for financial market infrastructures, December 2018, expectations no 30 and 45).
9. See Institute of International Finance and Deloitte, Realizing the digital promise: Top nine challenges to digital transformation for financial institutions, February 2020.
See Bank for International Settlements for full speech