JWG, the regulatory think tank, has published a research paper ‘Risk control for a digitized financial sector’ which claims to identify a large systemic technology risk blind spot which regulators must take the lead in addressing.
JWG’s CEO, PJ Di Giammarino, commented, “Can a bank run its lending portfolio without loan data? Catastrophic data loss is the big risk to financial services that firms’ and regulators’ radars are just starting to register but is growing fast as the industry shifts infrastructure and data into the cloud.”
The paper, which incorporates findings from JWG’s RegTech 2.0 conference and dozens of discussions with regulators, regulated and academia builds on 10 years of research into regulation implemented since the global financial crisis. It found that cloud use had added systemic technology risks (STRs) to the financial sector. JWG notes that STRs reside off balance sheet and there is no way to quantify them – leaving the market with a large blind spot. While regulators have created discrete tick boxes for a firm’s data and IT management help understand STRs, there is no prescribed method of aggregating the risk factors.
“We believe risk measures like ‘G’ in Environmental, Social and Governance (ESG) can be used to quantify RegTech risks and create the incentives for firms to invest in safer technology,” the authors wrote. “The size of the prize is significant, and the benefits already proven in collaboration with regulators. The introduction of these standards will not be easy. For this approach to succeed, the risk experts will need to engage with the SMEs to establish standards for ‘good RegTech’. These disparate communities do not naturally sit together but can be incentivised to do so if the regulators take the lead and convene the discussion. As evidenced by COVID-19 BCP plans, STRs are real, and have been building for decades. The industry needs to move quickly to gather the right stakeholders and fast-track this discussion in advance of the Great Infrastructure Crisis (GIC)”
Moving forwards, JWG says it will frame the debate on appropriate next steps, engage the key stakeholders and help define a path for action.
Di Giammarino continued, “Regulators must bring the industry to the table to think more deeply about the value of data to their enterprise and how to account for the risks. This paper is a call to action for regulators, regulated and technology providers to debate a digital risk control framework before we find financial services embroiled in a great infrastructure crisis.”
Francis Gross, senior advisor to the European Central Bank (ECB), speaking in a personal capacity said, “In a hyper-networked world, technology itself generates risks which the current frameworks and cultures are ill-equipped to identify and address. Industry and authorities need to understand and accept that a collective problem is emerging and that we need to address it together in a comprehensive manner. Public and private sector strategies must align on common solutions, such as infrastructures, informed by further independent study. This report offers useful findings which could inform further efforts.”
Those interested in joining in are asked to contact firstname.lastname@example.org.
©The DESK 2020
TOP OF PAGE