Institutions that focus on knowing their customer – not just from a regulatory perspective, but in terms of financial impact, behaviours, and prospects – will be best placed to succeed under conditions of expedited change. This will require the operational agility to recalibrate customer personas, risk models, and channel propositions.

Regulatory Trends

Listed below are the key regulatory trends impacting the digital transformation theme, as identified by GlobalData.

Tensions between the need for regulations to move more slowly and more quickly

The European Banking Authority has postponed European Union (EU)-wide stress tests to 2021 to allow banks to prioritise operational continuity. The European Central Bank (ECB) has postponed the release of Basel III reforms from January 2022 to January 2023 due to Covid-19. Almost paradoxically, however, Covid will also necessitate much faster regulatory processes.

The speed at which transactions take place, and the quickness and intensity with which prototype technology can be taken up by large numbers of customers or employees amid Covid, can make the management of these situations difficult from a regulatory perspective. Issues can spread on an international basis very quickly, which can require greater coordination between global authorities.

Increased regulatory risk around expedited digitisation

Some banks may face breaches and fines as a result of trying to digitise too quickly with insufficient regard for the EU’s General Data Protection Regulation (GDPR), the Payment Card Industry Data Security Standard, or anti-money laundering and know your customer (KYC) requirements. Banks need to keep their fraud management up to date and adopt more machine-learning-based solutions to combat fraud in real-time.

Sudden increases in the use of artificial intelligence (AI) to deliver more personalised, anticipatory banking experiences will create heightened consent issues. Meanwhile, global bank regulations around data security, customer privacy, and ethical use of data such as GDPR are making it increasingly challenging for financial institutions to share data among entities and across borders, to design target state data flows, and to develop meaningful analysis for the purpose of transformation.

Internal compliance functions no longer fit for purpose

As regulatory bodies like the European Banking Authority have stressed, banks should pay close attention to how the shift to remote working and the potential pressure for banks to make up for lost volumes could test banks’ anti-money-laundering and market conduct practices. The Bank for International Settlements estimates 90% of all financial services employees now work from home.

Meanwhile, bank performance expectations must be revised downward as staff adjust to new working locations and routines. For key roles, such as financial advisors or loans officers, banks may need to re-evaluate the design of their compensation planning. The risk here is creating new incentives that may adversely affect customers and introduce risks to reputation.

The market will drive open banking with regulator enhancements to consolidate gains

Covid-19 is encouraging growing reliance on open banking partnerships to refine credit assessments and enable secure remote onboarding so as to protect some net interest margin. Open banking-enabled affordability assessments will likely help banks fulfil customer fair treatment initiatives. Tech firm partnerships will likely represent unique opportunities to incorporate non-traditional credit risk data points. Open banking could also represent more revenue – from new types of customers and new products – to offset digital transformation costs.

Covid-specific regulation

Lockdown impacts what is possible and necessary in both physical and digital channels. Complaints that government lending schemes left banks fearful of writing “blank cheques” will need to be resolved as banks try to rebuild balance sheets. The US has the CARES Act, while Canada has the Canada Emergency Response Benefit.

The key challenge here is that despite operating at vastly reduced capacity, relationship managers were tasked with explaining and delivering Coronavirus Business Interruption Loan Scheme funds and Bounce Back Loans to small business customers remotely via phone, email, or perhaps even video link. It’s likely that early 2021 will reveal many fraudulent Covid loans, which banks will bear great reputational risk for despite the loans being underwritten by the government.

Ongoing delays with Strong Customer Authentication

Strong Customer Authentication – which generally refers to the use of multiple factors for customer authentication, especially for remote transactions – is of critical importance amid Covid-19. It is currently a regulatory focus in the EU specifically, with the deadline for implementation of Strong Customer Authentication rules under PSD2 having passed in 2020 with parties not yet fully compliant.

The push for this type of authentication puts mobile in a strong position as a payment form factor, because in-built biometric readers allow for easier implementation of some of the faster and more efficient forms of strong authentication based on biometrics to be implemented both for proximity and remote payments.

Risk-based fintech regulation

The liability model for data sharing is complex because it may involve three or four different actors in a chain  and determining who should be responsible, how, where, and when is not straightforward. This will come into sharper focus as banks partner with a variety of less proven but perhaps more promising start-ups amid Covid time-to-market imperatives.

Ongoing political China-US trade tensions impact digital banking

In the fintech space specifically, the US blocked the acquisition of MoneyGram by a Chinese acquirer back in 2018. Most recently, Tencent-owned WeChat and TikTok have had their transaction functionality prohibited in the US starting from 20 September 2020 as per the Department of Commerce’s instructions. The US argues that TikTok and WeChat “each collects vast swathes of data from users, including network activity, location data, and browsing and search histories. This subject will be politicised, and in the near term will likely limit prospects for Chinese fintech to encroach in the US market.

This is an edited extract from the Digital Transformation in Banking – Thematic Research report produced by GlobalData Thematic Research.