Digital acceleration creating new regulatory pitfalls, says EBA chief
Rapid uptake of online services because of pandemic has created new risks that are tricky to monitor, admits EU banking watchdog.
The acceleration of digitalisation in financial services as a result of the Covid-19 pandemic has created a raft of new regulatory challenges, admits the head of Europe’s banking watchdog.
José Manuel Campa, chief executive of the European Banking Authority (EBA), was speaking at a recent online forum run by Cass Business School on monitoring misconduct in the banking sector.
“As regulators we face a large number of emerging sectors which pose financial stability concerns,” Mr Campa said, identifying the “rapid acceleration of the digitisation agenda” as a key focus and said that the EBA needs to start “building defences” against future risks.
“It's important as we enhance our fraud prevention and risk management systems that we keep up with the pace of change,” Mr Campa said. “Issues around misconduct are more salient that ever in this time of digital acceleration which has increased the challenges in tackling misconduct.
“We need to develop our toolkit further to better address these emerging challenges related to digitisation,” he said, citing additional regtech and supervisory software tools.
Online fraud on rise
The EBA is a regulatory agency of the EU and seeks to ensure banking regulations are evenly applied across the bloc. The EBA has a mandate to conduct stress tests on European banks and ensure lenders always operate in the interests of customers.
“Customers across the EU have turned to digital financial services and online and contactless payments [because of the pandemic] and digitalisation offers a lot potential benefits but we need to be on guard,” he said, citing an increase in online fraud.
Mr Campa added that it was vital that consumers understand online transaction risks, as digitisation allows a raft of new products to be launched on the market.
“Contract information must effectively highlight the risks of any financial product or service, regardless of whether the distribution channel is digital or a more traditional distribution medium,” he said.
Mr Campa said that in light of the digital shift brought about by the Covid-19 pandemic everyone, whether they are customers and institutions, needs to have an increased focus on cybersecurity.
“The tools the EBA has at its disposal are primarily legal instruments to mitigate conduct risk and enforce stringent standards that address the security of payment services across the EU,” he said.
“We’re working with national security authorities to ensure that those rules are adequately supervised and that the requirements we have developed are supervised in a way that is effective to ensure consistency across the EU.”
Big data oversight
The rise in the use of artificial intelligence-led credit scoring applications is another area of concern. “We need to ensure our approach guards against risk of unfair bias being built into the system,” Mr Campa said.
He added that with regards to big data and advanced analytics the EBA needs to ensure that there is “a strong and consistent framework for oversight and regulation to ensure ethical and secure use of data as well as the avoidance of biases”.
Risks related to digitalisation and cybersecurity are one of key challenges the EBA needs to look at going forward, Mr Campa said, adding that their characteristics can make the risks more difficult to monitor from a regulatory point of view.
“The cross-border nature and the speed at which transactions take place, and the quickness and the intensity in which prototype technology can be taken up by large numbers of customers or people in an organisation, can make the management of these situations from a regulatory supervisor perspective difficult,” he said.
“An issue can spread on an international basis very quickly, which can require more coordination with other authorities in the EU and worldwide. It’s a big challenge.
“If an organisation moves forward quickly with an activity that gets widely spread among a large part of their customer base, then it can be difficult to push back on that activity once it has been identified [which may have] unintended or detrimental consequences.”
The rise of new digital-related risks only reinforces the need for clear and universally accepted procedures to be in place, Mr Campa added.
“Institutions [across the EU] are being pushed to have proper risk management procedures and tools to assess [these new] risks. It has to go beyond a box-ticking exercise and become embedded in the culture,” Mr Campa said.
“We need to look into the future and consider on where the potential issues of misconduct will arise in the coming years.”
