The Financial Stability Institute released a report on innovative technology in financial supervision (suptech) based on the experience of early users. Suptech helps supervisory agencies to digitize reporting and regulatory processes, resulting in more efficient and proactive monitoring of risk and compliance at financial institutions. A number of supervisory agencies are already using innovative ways to effectively implement a risk-based approach to supervision. Now, technological progress, as well as data availability, offers the potential to radically improve existing supervisory tools or develop better ones through suptech applications.
Suptech is currently found in two areas of applications: data collection and data analytics. Within data collection, applications are used for supervisory reporting, data management and virtual assistance. Examples include the ability to pull data directly from banks’ IT systems, automated data validation and consolidation, and chatbots to answer consumer complaints while collecting information that could signal potential areas of concern. Within data analytics, applications are used for market surveillance, misconduct analysis as well as microprudential and macroprudential supervision.
Examples include detecting insider trading activities, money laundering identification, monitoring supervised entities’ liquidity risks and forecasting housing market conditions. These applications are in different stages of development and implementation, ranging from academic research questions through proofs-of-concept and use-cases to fully operational.
Supervisory agencies initiate and organize their suptech activities in several ways. Applications used for data collection tend to be management-initiated projects, while those used for data analytics usually start out as research questions but in a few cases may also be suggested by supervision
units. A number of supervisory agencies, particularly those active in exploring data analytics applications, have recently created dedicated units. A few others leverage their existing research units.
Supervisory agencies also use both internal and external resources in developing suptech applications. In addition, some are partnering with academic institutions, particularly in the area of data analytics, to keep track of the latest developments and learn how to build state-of-the art algorithms.
Expected benefits motivate supervisory agencies to use or explore suptech applications. These benefits include enhanced effectiveness, reduced costs and increased capability. Suptech
applications, particularly in the area of data analytics, are seen as capable of turning risk and compliance monitoring from a backward-looking into a predictive and proactive process.
Agencies face a number of challenges in developing or using suptech applications. Some of these issues relate to computational capacity constraints, increased operational risks, including cyber risk, data quality, finding the right talent, management support and buy-in from supervision units, and rigid rules in project management. Lack of transparency in some of the data analytics applications is also a critical issue. Hence, human intervention in the form of supervisory expertise is still viewed as indispensable in the supervisory process, particularly in further investigating the results of analyses and deciding on a course of action.
The experience of early suptech users, as discussed here, yields some useful insights on how to develop such a strategy. Some specific considerations for supervisory agencies are:
(a) The overall approach to supervision should adapt to the digitization of the activities of supervised entities. As finance becomes increasingly digitized, financial supervision needs to keep up.
(b) Management support is critical in exploring the opportunities and benefits of suptech. For this to happen, management needs to appreciate the potentials of suptech, while keeping in mind its limitations and risks.
(c) Supervisory agencies engaged in suptech need specialized human resources. Supervisory agencies should carefully consider their strategy in attracting and retaining suptech staff, as well as in ensuring that institutional knowledge is maintained should there be a high rate of staff turnover.
(d) The buy-in of supervision or enforcement units helps to fully embed suptech in supervision work. Input from supervision or enforcement units should be considered in developing suptech applications.
(e) Supervisory agencies can benefit from partnerships with the academic community. To keep up with fast-moving technical developments, supervisory agencies need to explore and stay attuned to new ideas emerging in academia.
(f) The use of suptech reinforces the case for further improving risk management at supervisory agencies. The increasing use of suptech exposes supervisory agencies to more risks, such as legal risk, operational risk, including cyber-risk, and reputational risk, which must be mitigated if the benefits of suptech are maximized.
(g) As supervisory agencies can learn from each other, it is important to seek opportunities for collaboration. The key to growing or enhancing suptech capabilities for supervisory agencies to continuously exchange knowledge and experience at a global level.