Technology is crucial in helping banks conform with the explosion of regulatory and reporting requirements and in helping supervisors monitor the financial system, but it also harbours some new risks. 

One source of concern is over the fragmented approaches taken by central banks towards developing supervisory technology. By contrast, the global banks can muster IT resources that outmatch those of almost any supervisor and have armies of vendors geared to their needs. 

This inevitably raises the prospect of new forms of regulatory arbitrage. 

“The risk of regulatory arbitrage increases as you get closer to the technological frontier,” says Benoît Cœuré, head of the BIS (Bank for International Settlements) Innovation Hub in an interview with Global Risk Regulator

Big banks could reverse engineer supervisors’ algorithms to better game them or devise their own more powerful algorithms. “It is certainly something supervisors should understand and monitor,” says Mr Cœuré, adding that cooperation between supervisors is important to mitigate this risk. 

A more familiar risk is around artificial intelligence. Often these programmes are driven by complex mathematical algorithms that few understand with potentially unpredictable consequences. Mr Cœuré notes that this is reminiscent of the complex risk models used by banks to construct fiendishly complex financial products, which nobody fully understood and then wreaked havoc during the 2007-9 global financial crisis. 

He notes that the likes of the Basel Committee on Banking Supervision and the Financial Stability Board are cognisant of these issues. Supervisors already have experience with analysing and curbing the use of complex mathematically-driven bank internal models for assessing risk.

“Something that will be very important here is governance. It is about making sure that there are internal processes in banks all the way up to the board so that people are on top of the technology,” Mr Cœuré explains. 

More modest ambitions 

Suptech may one day enable supervisors to quickly detect looming financial crises and then eliminate them before they emerge. 

But central bankers currently have more modest ambitions. Namely it is to do their tasks more quickly, frequently, efficiently and to reduce the compliance burden on regulated firms. They also want to extract more value from the vast quantities of data they collect from the industry. 

“Central banks have done a lot of that basic work. Now, many central banks are in a position to start taking much more advantage of these data sets than they have done before,” says Kimmo Soramäki, founder and CEO at Financial Network Analytics, explaining that they are increasingly able to regularly generate reports rather than on an ad hoc basis. 

Pentti Hakkarainen, a member of the supervisory board of the European Central Bank (ECB), told Global Risk Regulator that suptech could be crucial in detecting some potentially detrimental developments. 

“We need a tool that can analyse this information, recognise outliers and retrieve different information,” says Mr Hakkarainen. Indeed, the ECB has some 20 suptech projects with a big focus on natural language processing and advanced data analytics. Examples of their use include helping to make fit and proper assessments of senior bankers through to understanding the interconnections within bank ownership structures. 

But there is some scepticism over the promise of suptech. “These projects [by central banks] are quite limited in scope,” says Rodrigo Zepeda, co-founder and managing director at Storm-7 Consulting, warning that they will not result in a great leap forward within the next five years due to too many operational challenges and budget constraints. 

He explains that a lot of these projects tend to be particular to individual central banks as each has their own constraints and impetuses. 

Nonetheless, Mr Hakkarainen is confident that the ECB has an edge here given the Single Supervisory Mechanism incorporates the central banks of 19 eurozone countries. He says the SSM already uses modern technology and best practices. 

This is based on a longer article published in Global Risk Regulator on Sept 2 called: Fragmented approaches undermine the promise of suptech