Banking regulation is a never-ending quest to balance the three major policy objectives of financial stability, consumer protection and the needs of developed economies for reliable services involving the provision and intermediation of finance. It is safe to say that the relative importance of these factors to policymakers will never be constant. Driven by events – whether political, economic or financial – governments and regulators will move their centre of focus from one objective to another as circumstances require, while continuing to pay lip service to the need to balance all three. For their part, banks have to maintain the right quantity and quality of resources to react to policy shifts and, hopefully, to ensure that they can communicate their views clearly to the authorities before those shifts take place.
But what happens when there are developments that leave everyone – governments, regulators and banks alike – unsure of how to react, or even, in some cases, unsure of whether or not there are serious concerns to address? That is what we now face with the rise of technology in banking. Is technology simply an opportunity for banks to improve their service or does it present threats to customers and ultimately to financial stability? If there are threats, do these go beyond the much-publicised cyber risks?
Starting with the opportunity, the position is not quite what many new so-called fintech banks would have you believe. Their orthodox view of the world is that large, established banks will be supplanted by nimbler upstarts, particularly those new firms that are not actually banks and are relatively unburdened by regulation (or think they are). Particularly in the area of payments, those upstarts aim to appropriate banks’ customer relationships, not by shutting banks out of payment transactions entirely, but by relegating them to mere infrastructure in payment clearing. I refer to this view as ‘orthodox’ because it ignores at least four important and fast-developing features of the way that technology is revolutionising many major, established banks:
- The ability of banks to fight back and the vast resources that large, established banks have to throw at this effort if they are minded to do so and have sufficient strategic focus to stick to the task.
- The capacity of technology to cut the costs and improve the efficiency of established banks.
- The strategy (and ability) of some banks to follow an inorganic approach to acquiring technology and new ideas; while cultural differences and other integration challenges often mean that banks do not realise the full benefits of acquiring newer technology-focused firms, if only a small proportion of these acquisitions succeed then much of the apparent hype around some start-up firms pursuing novel fintech strategies could evaporate as large, established banks become the principal means by which new ideas hatched by the founders of start-ups are put into practice.
- Legal and regulatory changes in some parts of the world to open up banking, and payment services, to increased competition and therefore innovation – particularly PSD2 in the European Union – are pushing banks to adopt new technologies and are starting to foster a more creative and entrepreneurial culture in some banks.
Commentators frequently write that banks that fail properly to capitalise on the opportunities that technologies present will fail. This has become a truism as technologies once thought to be novel – contactless payments, for example – have become commonplace in many parts of the world. In other words, new technology has become such a pervasive feature of both wholesale and retail banking in most of the world that to say that banks have to use it effectively to survive has become little different from saying that banks will fail if they don’t run their businesses effectively. That said, a proportion of banks will fail on this simple ground, and may therefore fail in business terms as others with a better understanding of the power of technology to improve and expand services and increase efficiency forge ahead. Many banks have also, so far, failed to create the right sort of creative environment in which genuinely new business ideas originate. There are a number of reasons for this that exist to varying degrees in all large banks, including complex and bureaucratic management structures, which can stifle innovation; a necessary preoccupation with legacy issues and structural reform; an understandably risk-averse approach to business development; and the opportunities that exist for talented and creative staff outside the banking sector. It would be entirely wrong, however, to assume that these issues simply cannot be overcome in any large, established banks.
So much for the opportunities; what about the threats? Cyber risk remains a very significant concern for regulators, perhaps the single most important area of bank regulatory concern worldwide at present. But there is another challenge that banks must face from technology, which is simply that more will be expected of them by regulators and customers alike once technology makes banking more transparent. So, from a front office perspective, technology does not just offer ways of providing better services to customers; it also raises their expectations, and banks will have to be ready to live up to those expectations, or they will simply lose customers. From a back-office perspective, technology is beginning to provide banks with innovative ways of understanding better the risks they have taken and their relationships with providers of funding, hedging services and other counterparties. For example, machine learning has now advanced to a level where it can provide real assistance to banks in understanding very quickly, in a very detailed way, the terms of the agreements to which they are party, how they interrelate with each other and how they would perform in a crisis. One of the lessons of the financial crisis was that recovery and resolution planning is a very resource-intensive exercise when done by means of a manual review of documents. Machine learning will eventually allow many of these review processes to be done in almost real time and for banks to verify the application of policies and procedures to documents and customer relationships as they develop, rather than retrospectively. Once these capabilities are developed to a usable level, which is likely to be in the next few years, it will not be surprising if regulators begin to expect banks to apply them. The fact that it might take a bank several months to review 100,000 documents manually will then no longer be a complete excuse for not having fairly immediate answers to regulators’ straightforward questions about the nature of the risks on a bank’s balance sheet; the bank should either know the answers or will be expected to have the means to find out quickly.
Much of this would suggest that the adoption of new technology may ultimately have more profound effects on large banks than post-crisis structural reform. Apart from customer services, I would expect these effects to manifest themselves in reductions in staff numbers, particularly in front-office roles, risk management and compliance. It is apparent that even the most sophisticated and well-resourced banking regulators around the world are still behind the curve in realising the true impact of these developments: just as the banks have an enormous challenge in devising profitable and prudent ways of applying technology, regulators have an almost equal challenge in understanding the risks as well as the benefits.
Away from technology, the past year has failed to produce the destructive earthquake in international regulatory initiatives that some commentators predicted following the election of Donald Trump as President of the United States. Nevertheless, further and deeper international regulatory cooperation now looks significantly less likely than it did two years ago and regulators should be trying to work out what this will mean in a future banking crisis. For their part, the Basel Committee on Banking Supervision and other international organisations that promulgate bank regulatory reform will no doubt be wary of proposing ideas that do not receive widespread support from major banking jurisdictions.
In Europe, the preparations that banks are making for the UK’s departure from the European Union in 2019 continue apace, even as the progress towards a political agreement and related transitional arrangements remains, at the time of writing, slow and fraught with difficulty. Almost whatever the nature of this agreement, the legal and regulatory barriers to cross-border banking and securities business that will be erected between the United Kingdom and the European Union when, as currently planned, the UK leaves the EU single market, are expected to make Europe as a whole a more expensive region for global banks. As a result, many of these banks are reconsidering their participation in certain less profitable business lines and some geographical markets in Europe. It remains to be seen whether smaller EU banks with a domestic or a regional focus can capitalise on these developments. Meanwhile, attempts to strengthen and deepen the eurozone’s banking union continue, albeit very slowly. The move of some business from London to mainland Europe as a result of Brexit is unlikely to achieve the natural desire of many European politicians and central bankers for the eurozone to have its own, genuinely global financial centre.
In Asia it remains, as ever, as foolish as it is difficult to generalise about developments across such a diverse and fast developing region. However, the continuing growth of wealth management services is still of great interest to many banks in the region and beyond. It remains to be seen whether all the most important bank regulators in the region can keep up with understanding and monitoring the increased risks associated with this development, from investor protection to money laundering.
In the United States, we saw tangible proposals for regulatory reform during 2017, although at the time of writing it is not yet clear what the outcome will be.
This ninth edition of The Banking Regulation Review contains chapters provided by authors in 35 countries and territories in March and April 2018, as well as the usual chapters on International Initiatives and an overview of the European Union.
My thanks go once again to the authors, who thankfully find this subject sufficiently interesting and profitable both to continue to advise clients on it as well as to write about it in their spare time. However, I remain conscious of the fact that spare time has been in very short supply to many of the authors during the past year, and I am therefore very grateful for their dedication in contributing to this book.
The team at Law Business Research have continued to tolerate the work schedules of the authors, and more particularly the editor, with their usual compassion, tolerance and sympathy, and to apply their usual high standard of professionalism to the production of this book. I would like to thank them for once again making this process look easy when it is anything but.
Thank you also to the partners and staff at Slaughter and May in London and Hong Kong for indulging the project that this book is, and for seeing value in it. Particular thanks are due this year to Ben Kingsley, Nick Bonsall, Peter Lake, Emily Bradley, Tim Fosh, Emily Garside, Tolek Petch, Jocelyn Poon, David Shone and Moonar Tsoi.
Slaughter and May