General Information & Client Service
  • Americas: +1.212.553.1653
  • Asia: +852.3551.3077
  • China: +86.10.6319.6580
  • EMEA: +44.20.7772.5454
  • Japan: +81.3.5408.4100
Media Relations
  • New York: +1.212.553.0376
  • London: +44.20.7772.5456
  • Hong Kong: +852.3758.1350
  • Tokyo: +813.5408.4110
  • Sydney: +61.2.9270.8141
  • Mexico City: +001.888.779.5833
  • Buenos Aires: +0800.666.3506
  • São Paulo: +0800.891.2518
June 25, 2018

During the keynote address at the Symposium on Asian Banking and Finance in San Francisco, Ravi Menon, the Managing Director of MAS discussed the state of financial regulation twenty years after the global financial crisis. He addressed the audience as if he is speaking at the next Symposium in 2028 and taking stock of the evolution of financial regulation over the last 20 years. According to him, this period characterized three broad themes: fixing the fault lines that led to the global financial crisis (2006 to 2018), managing the risks posed by fintech while harnessing its benefits (2017 to 2020), and defending against systemic cyber risk (2021 to 2018).

Mr. Menon said that compared to just ten years ago (in 2018), technology has enabled supervision to become much sharper and surveillance of systemic stability more rigorous, said Mr. Menon. Three developments in recent years added new impetus to the supervision agenda:

  • The Basel Concordat II of 2024, laid the foundation for more collaborative and meaningful supervisory colleges, strengthened the functioning of the crisis management groups, and set out more clearly the responsibilities of home and host supervisors.
  • Supervision extended beyond checking on financial institutions’ risk management and internal controls to better understanding the risk culture of these organizations. Supervisors began to use data analytics, sentiment assessments, and the tools of behavioral psychology to gain insights on the culture and conduct in financial institutions. 
  • Suptech began to dramatically enhance supervisory effectiveness by the mid-2020s. The integration of regtech and suptech allowed data from financial institutions to flow directly into regulators’ databases in machine-readable formats through Application Programming Interfaces or APIs. Supervisory officers began to use automated surveillance dashboards and are able to track daily the consolidated exposures, credit quality, value-at-risk, and other indicators of the banks under their purview.

Fintech transformed the way financial services were produced, distributed, and consumed, in addition to bringing in new risks and challenges for regulators. Good progress has been made in the last 10 years in setting standards for distributed ledgers, making cloud computing services safer, and dealing with artificial intelligence. Crypto tokens are confined to specific purposes and limited ecosystems. Moreover, after several false starts and failed use cases, the underlying distributed ledger technology (DLT) started making significant inroads in the financial industry. In 2020, the Bank of Canada and Monetary Authority of Singapore successfully piloted a cross-border DLT-based system that achieved almost real-time fixed income securities trading and settlement. Under the Global Payments Accord of 2024, central banks agreed to upgrade their real-time gross settlement systems to a DLT-inspired infrastructure. This called for internationally accepted standards for DLT-based payment systems. FSB and other standard-setting bodies worked closely with the newly formed International Organization for Distributed Ledger Standards to design a supervisory framework for DLT.

Cloud computing considerably enhanced risk management. Risk assessments are now more comprehensive, more granular, and more real-time. The regulatory response to cloud computing has taken two forms. First, regulators worldwide have issued regulations or guidance on the management of outsourcing risks pertaining to cloud services. MAS and the UK FCA were among the first regulators to do so, as early as 2013. Second, the jurisdictions where the cloud service providers (CSPs) operate from have begun to exercise regulatory oversight over them. In the U.S., the Cloud Services Utility Agency, or CSUA, was formed in 2024 with the mandate of regulating CSPs, working closely with the US Federal Reserve System. Additionally, the use of artificial intelligence has swept across the financial services sector in recent years, also introducing new risks and challenges for regulators. IOSCO has since mandated that exchanges have in place mechanisms to manage extreme volatility and securities regulators have started to use artificial intelligence, to provide early warning of potentially disruptive artificial-intelligence-based trading patterns and trigger appropriate circuit-breakers. Regulators in many jurisdictions have been engaging the industry as well as the broader society on developing guidance on the responsible and ethical use of artificial intelligence and data analytics by financial institutions.

Furthermore, the Global Cyber Crisis has laid bare the cyber vulnerabilities. The cyber attack that brought down the 20th largest bank in the world with a Tier 1 capital adequacy ratio of 16% revealed significant gaps in the global regulatory regime for technology risk. FSB and standard-setting bodies swung into action and, in 2025, produced a two-track set of reforms to deal with cyber risk, which is essentially borderless. First, FSB’s Cyber Security Standards, building on its Cyber Lexicon of 2018, established a minimum level of cyber hygiene for internationally active financial institutions. Second, the Basel Committee and IOSCO developed core principles and practice guides for prompt information sharing on cyber incidents and cyber threat intelligence among banks and securities firms, respectively. Global platforms were put in place to facilitate information sharing among central banks and regulators to counter cross-border cyber threats of the kind that triggered the Global Cyber Crisis. He concluded that, although financial system is more robust and resilient than it was 20 years ago, cyber risk has now moved to the front of the regulatory agenda. While the landscape has evolved and the nature of threats to financial stability has changed, the core principles of sound regulation remain evergreen.

Keywords: International, Singapore, Banking, Securities, Insurance, PMI, Regtech, Suptech, Fintech, MAS

Related Insights

BCBS Finds Liquidity Risk Management Principles Remain Fit for Purpose

BCBS completed a review of its 2008 Principles for sound liquidity risk management and supervision. The review confirmed that the principles remain fit for purpose.

January 17, 2019 WebPage Regulatory News

HKMA Urges Local Banks to Start Working on FRTB Implementation

HKMA announced that it plans to issue a consultation paper on the new market risk standard in the second quarter of 2019.

January 17, 2019 WebPage Regulatory News

EBA Finalizes Guidelines for High-Risk Exposures Under CRR

EBA published the final guidelines on the specification of types of exposures to be associated with high risk under the Capital Requirements Regulation (CRR). The guidelines are intended to facilitate a higher degree of comparability in terms of the current practices in identifying high-risk exposures.

January 17, 2019 WebPage Regulatory News

MAS Guidelines on Risk Mitigation Requirements for OTC Derivatives

MAS published guidelines on risk mitigation requirements for non-centrally cleared over-the-counter (OTC) derivatives contracts.

January 17, 2019 WebPage Regulatory News

BoE Publishes the Schedule for Statistical Reporting for 2019

BoE published the updated schedule for statistical reporting for 2019. The reporting institutions use the online statistical data application (OSCA) to submit statistical data to BoE.

January 16, 2019 WebPage Regulatory News

PRA Delays Final Direction on Reporting of Private Securitizations

PRA and FCA have delayed the issuance of final direction, including the final template, on reporting of private securitizations, from January 15, 2019 to the end of January 2019.

January 15, 2019 WebPage Regulatory News

SNB Updates Forms on Supervisory Reporting for Banks

SNB published Version 1.7 of reporting forms (AUR_U, AUR_UEA, AUR_UES, AURH_U, AUR_K, AUR_KEA, and AURH_K) and the related documentation for supervisory reporting on an individual and consolidated basis.

January 15, 2019 WebPage Regulatory News

BCBS Finalizes Market Risk Capital Framework and Work Program for 2019

BCBS published the final framework for market risk capital requirements and its work program for 2019. Also published was an explanatory note to provide a non-technical description of the overall market risk framework, the changes that have been incorporated into in this version of the framework and impact of the framework.

January 14, 2019 WebPage Regulatory News

EBA Single Rulebook Q&A: First Update for January 2019

EBA published answers to 13 questions under the Single Rulebook question and answer (Q&A) updates for this week.

January 11, 2019 WebPage Regulatory News

PRA Proposes to Amend Supervisory Statement on Credit Risk Mitigation

PRA published the consultation paper CP1/19 that is proposing changes to the supervisory statement (SS17/13) on credit risk mitigation.

January 10, 2019 WebPage Regulatory News
RESULTS 1 - 10 OF 2473