Can banks balance the opportunities and challenges of digitalisation?

Can banks balance the opportunities and challenges of digitalisation?

Wed 12 Jan 2022

The Covid-19 pandemic has amplified technology’s impact on the banking sector, helping to prove that technology now stands at the core of business sustainability for banks. In their constant search for convenience, digitally-savvy customers have pushed banks’ focus towards providing global business solutions more than ever. A new normal has emerged: an environment where banks’ physical presence is no longer a prerequisite for success.

Opportunities in a changing business environment

An expense reduction driven by decreases in branches and personnel allows banks to focus on income generation by investing in technological expertise and IT infrastructure. Such investment would enable banks to achieve sustainable cost-efficiency and provide more integrated platforms, data repositories and distribution tools across their groups. Yet, the 2020 SREP aggregated results published by the European Central Bank (ECB) show that IT investments by banks in the Eurozone are on the low side: 20% of banks have spent less than 3% of their total operating income on IT costs and only 10% of banks have used up over 15% of their operating income on IT expenses.

ECB Banking Supervision
Sources: COREP and FINREP data with reference date Q3 2020.
Note: the y-axis indicates the % of SIs out of the full sample, which is made up of 105 SIs for which an SREP 2020 assessment was conducted and data are available.

Apart from cutting costs and investing in IT resources and systems, banks could also utilise technology to digitalise their monitoring and reporting capabilities while focusing on implementing an integrated legal and IT infrastructure at group level. Such restructuring could improve their business models and give them a competitive edge.

In Europe, digitalisation offers banks the opportunity to take better advantage of the Single Market. Digital solutions could enhance the use of branches and allow further economies of scale without the requirement to establish subsidiaries in each member state. While cultural and legal differences still exist, consumer preferences have converged in past years.  As well as growing regulatory harmonisation at EU level, big tech has proven the profitability of a business model built on uniform technology-based products and services. The business environment has irrevocably changed.

Increased competition remains a challenge for banks

In recent years, financial institutions across Europe have been increasingly relying on digital platforms as a means to reach customers and market their products and services. The options for banks are either to develop their own platforms or to engage with third-party providers. This expansion of platforms is so significant that one of the European Banking Authority’s (EBA) priorities for 2022 is to help competent authorities deepen their understanding of platform-based business models. Additionally, in September 2021, the EBA published a report on the use of digital platforms in the EU.

The use of third-party service providers is steadily building up in the financial industry. There is also a notable concentration risk in banks’ reliance on relatively few providers for technology-related outsourcing such as cloud services. Cloud computing is considered a win-win for both banks and technology companies since it allows for cheaper and faster services. Yet, with so many users having access to the platform and so many entry points now in existence, there is the concern for data use and security, as well as operational failure and cyber attacks. When considering the concentration risk streaming from the limited number of technology providers, a potential failure or attack on one major player could affect numerous banks, thus leading to systemic risk. Developing an Information and Communication Technology (ICT) risk management framework remains key to managing third-party risk, including the direct oversight of ‘critical’ service providers.

While data and cyber security have been a constant challenge present on the regulators’ agenda for years, their importance has been amplified by the ongoing digitalisation process in banking. In addition, the pandemic’s push towards an increase in remote working and provision of online services has dramatically increased banks’ exposure to cyber threats and attacks. In an article in their August Supervision Newsletter, the ECB noted that while they have not seen major disruptions to the provision of banking services in 2020, there was a 54% increase in reported cyber incidents versus pre-pandemic 2019. Cyber and IT risks have been a supervisory priority for the ECB since 2019, and there is no sign of this trend diminishing now that digitalisation in banking continues to disrupt business models and increase banking consolidation in the European market.

In his last letter to shareholders, Jamie Dimon – the chairman and CEO of JP Morgan Chase and Co., stated that banks now play an increasingly smaller role in the financial system. Payments, certain forms of deposits and lending are moving to fintech and big tech firms. These giant tech firms have enormous client bases that, if properly leveraged, could give them a sizeable direct market share in banking services that would lead to concentration risks.

The fintech companies compete in specific parts of banks’ value chain; hence they are not regulated as banks. Still, big tech’s access to market share allows them to pose a significant competitive threat to players in the European payments sector with less experience in the digital domain and increase Europe’s reliance on foreign players. This brings in concerns for data privacy and sovereignty, which recently the European Commission tried to address in a legislative proposal for higher levels of harmonisation in customer due diligence and reporting suspicious transactions.

A market infrastructure in development

The potential for the financial market infrastructure and payment systems has increased significantly through the exponential growth in digital innovation. The use of distributed ledger technology (DLT) in the financial sector, for example, speeds up transactions, reducing the number of intermediaries and lowering costs. While the regulatory system is trying to contain and manage the growth of digital assets such as crypto assets and stablecoins, according to the November 2021 ECB Financial Stability Review, the market cap of stablecoins has increased from $5bn to $120bn since early 2020. In combination with the entrance of fintech and big tech companies into the financial market, these developments provide solid ground for redefining the regulatory and supervisory landscape.

Managing the regulatory landscape

In September 2020, the European Commission published the Digital Finance Package, which included digital finance and retail payments strategies, and regulatory proposals on crypto assets and digital resilience. The proposed ‘Regulation on Markets in Crypto Assets’ (MiCA) focuses on regulating out-of-scope crypto assets and their service providers in the EU and provide a single licensing regime across all member states by 2024. The package includes a pilot DLT regime for market infrastructure, which would allow market participants temporary exemptions from existing regulation to test certain distributed ledger technologies while maintaining investor protection, market integrity and financial stability.

Another critical part of the package is the Digital Operational Resilience Act (DORA) – a regulatory framework for IT providers. The goal of the regulation is to ensure the presence of necessary safeguards to mitigate cyber attacks and other risks and give EU firms the framework to withstand a wide range of ICT-related disruptions and threats. DORA requires top management to ensure the effective implementation of ICT risk management and periodically review the budget to fulfil digital operational resilience requirements. This places ICT as strategic to helping transform and develop the executive management setup to effectively deal with the challenges of digital transformation.

Balancing conflict

Digital transformation remains crucial for banks’ ability to develop business model sustainability. It has been and will continue to be a top priority for the Single Supervisory Mechanism (SSM) for the next few years. According to a recent speech by Pentti Hakkarainen, a member of the ECB’s supervisory board, there will be a focused information-gathering exercise on bank digitalisation in Europe in 2022. This exercise will help the regulator maintain an informed dialogue with the banks and closely observe digital trends in the banking sector.

The European regulators have often stated that they follow the principle of “same services, same risks, same rules”. Still, the field is presently uneven and the intensifying competition banks face from new market players creates cause for concern. The banks’ success now depends on their ability to invest and make effective use of the information technology used by their new competitors and on successfully realising economies of scale and scope. In the meantime, the legislators should develop a regulatory environment that balances the conflict between innovation, consumer protection, and financial stability.