The European Banking Authority (EBA) published a report on the recent trends of BD&AA (big data and advanced analytics) in the banking sector and on the key considerations in the development, implementation and adoption of BD&AA. While the EBA warned on areas to address, it stopped short of recommending new regulations, deeming the existing framework sufficient.
A data-driven approach is emerging across the financial sector, affecting institutions’ business strategies, risks and operations with respective changes in the mindset and culture still in progress. The EBA Report focuses on BD&AA techniques, such as machine learning, that goes beyond the traditional business intelligence, to discover deeper insights, make predictions, or generate recommendations through different types and sources of data.
Through its ongoing interaction with the relevant stakeholders and by using its innovation monitoring tools, the EBA observed a fast-growing interest in the use of BD&AA solutions with two out of three EU credit institutions already having such solutions in production.
All functions across institutions might benefit from BD&AA applications as they could improve existing services from an efficiency, productivity and cost-saving perspective or create new business opportunities. In general, most institutions are currently using simpler algorithms, leveraging on their core banking data. However, the current landscape can evolve in a rapid pace in the next few years.
Data management, technological infrastructure, analytics methodology, organization and governance are the four key pillars identified by the EBA to support the rollout of advanced analytics, along with the following “elements of trust” that need to be properly and sufficiently addressed:
- Ethics
- Explainability and interpretability
- Fairness and avoidance of bias
- Traceability and auditability
- Data protection
- Data quality
- Security
- Consumer protection
At the same time, the EBA is of the view that additional efforts are needed to ensure that BD&AA solutions respect and integrate these “elements of trust”. Towards meeting this objective, a risk-based approach could apply on certain “elements of trust” depending on the impact of each BD&AA application. For example, stricter requirements may apply on the “explainability” element when there is a potential impact on business continuity or potential harm to the customer.
“Having in mind the four key pillars for the development, implementation and adoption of BD&AA, the existing regulatory framework is deemed sufficient (at this stage) in the areas of ICT, security and governance. Possible steps could focus in particular on data management and ethical aspects, as these appear to be the prevailing areas with a potential need for direction,” according to the EBA report.