Their task just became harder with the increased pace of change brought about by digital innovation in the banking sector. There are a number of reasons for this, and also some mitigating factors explaining why their response has not been as fast as some would have liked.
Firstly, the scope of regulation is constantly under review. As the rules have rightly tightened controls around traditional banks, the unintended consequence of opening up competition and transparency in the market is the emergence of unregulated start-ups, picking off the ‘unlicensed’ products as niche providers. Regulators have rightly focused on their primary remit of supervising the major banks.
Secondly, much of the new ground being broken in the digital innovation arena is yet to operate at scale and therefore is on the radar of, but not yet on under the supervision of, the regulator. Machine Learning, wearable payment devices, the blockchain, identity as a currency. All are emerging themes that may require more direct regulation and supervision in future.
The challenge for banks is to understand the ruleset before they plunge investment into an area that on first view is attractive, but if the cost of compliance becomes excessive will not be. Regulators will set the rules as the changes begin to stick.
Thirdly, the purpose of regulation is to offer guidelines and supervision, not to set strategy. If banks choose to use the cloud to store their data they can. Some already do. The rules are clear around data privacy, and the need to retrieve and segregate data. It is not for the regulator to define which technologies to use or how to solve the issue of delivering savings through more efficient use of storage. One potential route would be to treat these ‘commodity’ services as industry utilities, and work on a collaborative effort to drive out industry-wide cost and reflect this ultimately in lower pricing for customers. Fraud prevention would be an ideal candidate here, as banks investing in better detection and remediation systems as a collective would gain the benefit of industry aggregated data in the same way that antivirus software alerts all devices to the threat of an attack.
The regulator should support this aim, as it would offer better protection to consumers and lower industry costs through reduced losses.
Finally, regulators should collaborate actively. Not only across country borders within an industry, but across industry borders too. Data is at the heart of many of the business world’s key issues. From privacy laws to cross-border restrictions, from reporting on activities to measuring complaints. The combined experience of the commercial world’s exposure to digital innovation working together will have two profound impacts. In the first instance, it will help all industries to arrive at potential solutions more quickly through the sharing of ideas to solve common issues. Secondly, and just as importantly, it will reduce the scope for complaint among banks that they have it harder than their non-banking counterparts.
The referee may then finally get the respect it deserves.