Banks’ rising use of AI, cloud technologies, and blockchain challenge traditional notions of risk and risk management, according to a new research paper from industry lobby group UK Finance and financial services strategy company, Parker Fitzgerald.
The paper warns that financial regulators already force banks to hold more capital if they are exposed to greater risk. The increased use of cloud-based data storage, and experimental applications of AI and blockchain, could constitute higher risk, it says.
Regulators are unsure how these disruptive technologies may impact risk assessment and management within the industry, and this may oblige banks to hold more capital.
“This process should consider both how to achieve a consistent treatment internationally and also how capital charges could be evolved to place greater emphasis on the effective management of technology and cyber risks,” says the paper.
Symbiotic relationships
“The future relationship between ‘fin’ and ‘tech’ will be one of symbiosis,” according to Parker Fitzgerald. “But this symbiotic relationship between financial and technology sectors will bring to the fore non-financial risks, such as technology risk, cybersecurity, data privacy, and digital conduct.
“Financial stability concerns are now emerging from the technology sector. The speed of technology advancement and the market concentration among technology providers pose systemic threats to the financial industry.
“Technology advancement accelerates the speed at which risks could spread across the financial system. The Flash Crash in 2010 was an example of this: triggered by an automated algorithmic trade, US stocks and futures markets saw a 10 percent fall in market value in a matter of minutes, only to recover hours later.”
Too much power in too few hands
The increased concentration of power in the hands of small numbers of enterprise cloud providers, such as Amazon Web Services, Microsoft, and Google, is of particular concern, says the paper. Any of these companies may decide to launch banking and financial services of their own, based on their knowledge of banks’ use of their platforms.
“This dynamic based on collaboration may well give way to a more competitive relationship in the future,” it explains.
“Opportunities and risks brought about by FinTech also call for a rethink of financial regulations,” adds Parker Fitzgerald. “Greater global coordination and standardisation are required, particularly in overcoming hurdles to data sharing across jurisdictions and solving the contradictions between existing regulations.
“The former is key to sustaining the digital reinvention in banking and to enabling global banks to harness the power of technologies that are borderless in nature. The latter should focus on the compatibility between regulations on the prudent use of data – e.g. GDPR – and those promoting competition and market entry, e.g. PSD2, Open Banking.”
Rising stakes
The paper has been published just a week after Poland became the first country to move banking records en masse onto blockchain.
Biuro Informacji Kredytowej (BIK), the largest credit bureau in Central and Eastern Europe, has partnered with distributed ledger specialist Billon to deploy a blockchain system for storing and securing access to over 140 million credit records, relating to 1.2 million businesses and 24 million citizens in Poland.
BIK is owned by the largest banks in the country, including PKO Bank Polski, mBank, ING, BGZ BNP Paribas, Santander, and Citi. Billon’s technology is designed to exchange money and data simultaneously, and relies on national currencies rather than the issue of cryptocurrency tokens.
Also last week, Clipper Coin Capital (CCC) launched in Hong Kong, positioning its three services – its ClipperX cryptocurrency rating agency, ClipperX IB investment bank, and ClipperX Capital crypto broker/dealer – as new intermediaries in a parallel financial system based on cryptocurrencies and blockchain.
Internet of Business says
The legal and regulatory system has always run some distance behind the disruptive force of new technologies. For example – although timely in the wake of the Facebook/Cambridge Analytica scandal – the EU’s incoming GDPR comes a quarter century after the first wave of ecommerce, and 20 years after the foundation of Google.
What is clear, however, is that regulators and policymakers are now more aware of the challenges to both legacy business models and to traditional concepts of regulation and risk.
For example, in February, speakers at the Westminster eForum event on UK AI policy warned that AI is challenging fundamental legal principles, such as liability – as evidenced by the two fatalities in March involving cars running autonomously or using driver-assistance technologies.