Banking regulation continues to confound the idea that views about how banks should be regulated will eventually settle down to an orthodoxy broadly accepted throughout the world.

Few global banking groups ever considered that a time would come when they would face consistent systems of regulation across the world, and still less that regulators would coordinate their activities in a way that would make life easy for those groups. Legal and compliance professionals who have worked in or with the industry since long before the financial crisis of 2007 to 2009 are generally not surprised by the examples of banking regulation diverging in many jurisdictions: in some ways it marks a return to a time when there can be no certainty that governments and regulators are all facing the same way and pulling in the same direction.

Running a global banking group continues to be a tough exercise, and the possibility of further fragmentation of approaches to regulation around the world risks adding further to the cost bases of these groups. As predicted since the UK electorate voted to leave the European Union in 2016, Europe in particular looks set to become a less cost-efficient and more complex place in which to run a cross-border banking franchise. Indeed this is already the case for the banking groups that have largely completed their Brexit reorganisations, establishing or expanding EU subsidiaries. While this has stimulated banking groups to consider cost cutting and other efficiency measures in connection with their Brexit planning, in many cases these measures scarcely compensate for the inherent inefficiency of requiring additional licensed legal entities through which to conduct business in Europe.

Aside from the largely regional challenge of Brexit, this tenth edition of The Banking Regulation Review is published in the midst of a number of industry developments that are challenging regulators and banks alike in all major banking centres.

The challenges are far-reaching and have no central theme, ranging from the continuing revolution in finance stimulated by emerging technologies and the related exploitation of the value of data on the one hand, to the continual revelations of the widespread use of banks for money laundering on the other.

While it is too early to say that the remarkable global consensus that emerged about prudential regulation following the financial crisis is fracturing, it is certainly eroding around the edges, with liberalising tendencies in the United States and even in the European Union.

All of these factors make work as a legal, compliance or risk professional in the sector both more interesting and more perilous than ever before: more interesting because there is so much going on, and more perilous because there seems to be more that can go wrong within banks nowadays, from misallocation of capital to business units that struggle, to whistleblowing and money laundering problems, to catastrophic IT outages.

Money laundering issues have been particularly prominent in banking in the past year, suggesting that the industry still has a long way to go to tackle this problem. Many of the issues uncovered are legacy in nature, but the industry has much to do to convince regulators and governments that those issues will not recur.

IT problems have led to an increasingly intense debate about what can be done to improve the operational resilience of banks. This is not simply a continuation of the somewhat sterile debate about the incompatibility of many legacy banking IT systems with attempts to modernise risk management and the customer experience. Regulators have realised that operational resilience is a subject that can only be tackled effectively by making two significant changes to the way that this subject has traditionally been viewed. First, operational resilience should be considered in a holistic way, looking not only at banks' own systems but also across the whole of the financial sector at the resilience of the inter-connections between banks, financial market infrastructure and other market participants. Secondly, work on operational resilience achieves little unless it is considered with customers and other end users of services in mind. The resilience of a bank's systems is not a meaningful concept unless it delivers an acceptable level of service to customers and incorporates tolerances for the levels of inconvenience that customers may suffer in the event of extreme disruption, recognising that disruption could originate outside the bank itself.

More immediately, IT challenges in banks expose the need for effective crisis management capabilities. Recovery and resolution planning has helped some banks to develop this expertise, but has been less helpful in this respect than might have been hoped. There is no substitute for more detailed planning for crises than many banks have so far included in their recovery planning. Those who disagree with this view should consider how many banks have performed poorly when crises have hit them, and how many of those banks would have argued beforehand that their systems were adequate to cope with a range of foreseeable adverse scenarios.

Conduct risk remains high up the agenda of most banks. The final report of the Royal Commission into misconduct in the banking, superannuation and financial services industry in Australia was notable outside that country for the familiarity of almost all of its findings. Whatever the ultimate legislative and regulatory response to that report, it is a reminder that banking remains vulnerable to poor conduct unless senior management make good conduct a cornerstone of their strategy and ensure that it is embedded in the incentive arrangements for all staff who have a material influence on customer outcomes.

This edition covers 37 countries and territories in addition to our usual chapters on international initiatives and the European Union. Thanks are due to all of the authors who continue to devote time to this project despite busy schedules. There must be a feeling among many of the authors that banking regulation is a subject that will never settle down; that it will never return to being the rather duller subject that it was before it became a political issue more than 10 years ago.

Thank you also to the partners and staff of Slaughter and May in London and Hong Kong for supporting this book, and in particular to Nick Bonsall, Ben Kingsley, Peter Lake, Emily Bradley, Tolek Petch, Jocelyn Poon, Tamara Raoufi and David Shone.

Finally, the team at Law Business Research deserve as much credit for their patience this year as for their usual work as the publishers of this book. Thank you in particular to Gavin Jordan and Katie Hodgetts. The uncertainties that Brexit has thrown up have left a number of authors wondering what the best time to publish would be, before the realisation dawned that Brexit is likely to be a more protracted process than many envisaged and that therefore no one publication date would be better than any other. The other issues noted above look set to run in some form indefinitely.

Perhaps by the time the next edition of this book is published, all will be much clearer, but those of us who are endlessly fascinated by the subject of banking regulation know all too well just how unlikely that is.

Jan Putnis
Slaughter and May
April 2019