At a Banking Seminar organized by DNB in Amsterdam, Andrea Enria of ECB examined ways to mitigate the risks posed by digitization in banking sector. He discussed the role of regulators and supervisors in dealing with the fintech-related issues and outlined the steps taken and planned by ECB in this area. While discussing the suptech benefits and initiatives, he also mentioned that automated reporting, for instance, could ease the burden on banks and allow supervisors to collect data more efficiently.
Mr. Enria began by discussing the relevant operational risks posed by digitization in the banking sector and how these risks can be mitigated. In terms of operational risks, he focused on risks posed by outdated IT systems and cyber risk, also outlining ways for banks to better deal with these risks. He highlighted that ECB has been monitoring IT and cyber risk since the early days of European banking supervision. ECB has conducted a number of in-depth reviews and frequent on-site inspections on IT risk and cyber security. ECB has also set up a cyber incident reporting process, enabling ECB to track actual incidents that might harm individual banks or the entire system. In addition, ECB holds general discussions with the national authorities and EBA on how to supervise fintech banking. As fintech is a new phenomenon, there is a chance to take a common European stance right from the start. In April, ECB will, for instance, hold a workshop on fintech supervision. This workshop will bring together many different parties, including market authorities, bank supervisors, legislators, and banks.
He added that digitization of the sector also poses systemic risks. In case each small piece of the banking value chain may be occupied by an individual player—a bank or fintech—this poses systemic risk through the resulting interconnectedness that leads to forming of complex and opaque networks. Another potential systemic issue could arise from concentration, as digital services, such as cloud computing, might be offered by just a few players. In case something goes wrong any of these players, a huge number of banks might be affected, possibly unleashing a systemic crisis. In this context, banks must build up relevant expertise and knowledge and establish adequate governance structures and proper risk management practices, which need to be adapted to the digital age.
Mr. Enria believes that regulators and supervisors are technology-neutral but not risk-neutral. However, dealing with innovation is a challenge for regulators and supervisors and they need to monitor innovation, assess any new risks, and then "tackle them head on" while adhering to the core principle of “same risk, same rules, same supervision.” One factor to focus on is the perimeter of regulation and supervision and whether this should be extended to include fintechs. He believes that the focus must be on the essence of banking—that is, taking deposits and granting loans. "This is how banks are defined in the regulation and this is what defines the perimeter." While fintechs compete with banks in parts of the value chain, they may not necessarily need to be licensed, regulated, and supervised like banks. However, he believes that these boundaries need to be monitored and adjusted at some point. The fintech companies engaging in core banking business must be treated like banks and they would first need a license. To this end, ECB has published a guide on licensing for fintechs. To supplement the guide, in 2017, it had also set up a Single Supervisory Mechanism fintech hub. This hub is a central point of contact for ECB and national supervisory authorities on all matters concerning the authorization of fintech banks; it serves as a platform for sharing information and discussing best practices.
As fintech banks might come under the scope of banking supervision, the relevant risks must be addressed. He then discussed the importance of data to the work of supervisors, which results in banks being burdened with so many reporting requirements, and outlined the way the new digital tools could help supervisors and banks. Automated reporting, for instance, could ease the burden on banks and allow supervisors to collect data more efficiently. Meanwhile, machine learning could help us to validate—and even analyze—the data. Consequently, the supervisors could then become even faster in spotting new risks and dealing with them. He then mentioned that DNB is very active in the field of supervision technology or suptech. DNB has set up an innovation lab to explore new technologies and a Chief Innovation Office to coordinate suptech initiatives. DNB has lab-tested tools such as artificial intelligence and Robotics Process Automation, including the use of neural networks to detect liquidity risk. "This work should inspire other supervisors to follow suit."
Mr. Enria added that ECB is also working on this topic and is assessing the ways in which digital tools can help it to do its job more effectively and more efficiently. Supervising banks is no exception. However, it is crucial to exchange views and share first experiences—with all stakeholders and at the global level. That’s why ECB attempts to connect with as many stakeholders as possible. In conclusion, he emphasized that he clearly sees the benefits of suptech and that the time has come to harness the opportunities offered by suptech. "I am convinced that it will become part of our toolbox—not as a substitute for supervisory judgment, but as a complement to it."
Related Link: Speech
Keywords: Europe, EU, Banking, Fintech, Regtech, Suptech, Banking Supervision, Automated Reporting, ECB
Previous ArticlePRA and FCA Host First Meeting of the Climate Financial Risk Forum
FED finalized a rule that updates capital planning requirements to reflect the new framework from 2019 that sorts large banks into categories, with requirements that are tailored to the risks of each category.
ECB published results of the quarterly lending survey conducted on 143 banks in the euro area.
ESAs published the final draft implementing technical standards on reporting of intra-group transactions and risk concentration of financial conglomerates subject to the supplementary supervision in EU.
EBA published the annual report on asset encumbrance of banks in EU.
MAS revised the guidelines that address technology and cyber risks of financial institutions, in an environment of growing use of cloud technologies, application programming interfaces, and rapid software development.
FED updated the reporting form and instructions for the FR Y-9C report on consolidated financial statements for holding companies.
EBA issued a consultation paper on the guidelines on monitoring of the threshold and other procedural aspects of the establishment of intermediate EU parent undertakings, or IPUs, as laid down in the Capital Requirements Directive.
EC published Regulation 2021/25 that addresses amendments related to the financial reporting consequences of replacement of the existing interest rate benchmarks with alternative reference rates.
BIS published a bulletin, or a note, that examines the cyber threat landscape in the context of the pandemic and discusses policies to reduce risks to financial stability.
HM Treasury, also known as HMT, has updated the table containing the list of the equivalence decisions that came into effect in UK at the end of the transition period of its withdrawal from EU.