This paper aims to provide an overview of the experiences of some early suptech users, particularly those with key applications under development or in use, highlighting their benefits and challenges, and the implications for supervisors.
Supervisory technology (suptech) is the use of innovative technology by supervisory agencies to support supervision. It helps supervisory agencies to digitise reporting and regulatory processes, resulting in more efficient and proactive monitoring of risk and compliance at financial institutions. A number of supervisory agencies are already using innovative ways to effectively implement a risk-based approach to supervision. Now, technological progress as well as data availability offers the potential to radically improve existing supervisory tools or develop better ones through suptech applications.
Suptech is currently found in two areas of applications: data collection and data analytics. Within data collection, applications are used for supervisory reporting, data management and virtual assistance. Examples include the ability to pull data directly from banks’ IT systems, automated data validation and consolidation, and chatbots to answer consumer complaints while collecting information that could signal potential areas of concern. Within data analytics, applications are used for market surveillance, misconduct analysis as well as microprudential and macroprudential supervision. Examples include detecting insider trading activities, money laundering identification, monitoring supervised entities’ liquidity risks and forecasting housing market conditions. These applications are in different stages of development and implementation, ranging from academic research questions through proofs-ofconcept and use-cases to fully operational.
Supervisory agencies initiate and organise their suptech activities in several ways. Applications used for data collection tend to be management-initiated projects, while those used for data analytics usually start out as research questions but in a few cases may also be suggested by supervision units. A number of supervisory agencies, particularly those active in exploring data analytics applications, have recently created dedicated units. A few others leverage their existing research units. Supervisory agencies also use both internal and external resources in developing suptech applications. In addition, some are partnering with academic institutions, particularly in the area of data analytics, to keep track of the latest developments and learn how to build state-of-the art algorithms.
Expected benefits motivate supervisory agencies to use or explore suptech applications. These benefits include enhanced effectiveness, reduced costs and increased capability. Suptech applications, particularly in the area of data analytics, are seen as capable of turning risk and compliance monitoring from a backward-looking into a predictive and proactive process.
Agencies face a number of challenges in developing or using suptech applications. Some of these issues relate to computational capacity constraints, increased operational risks, including cyberrisk, data quality, finding the right talent, management support and buy-in from supervision units, and rigid rules in project management. Lack of transparency in some of the data analytics applications is also a critical issue. Hence, human intervention in the form of supervisory expertise is still viewed as indispensable in the supervisory process, particularly in further investigating the results of analyses and deciding on a course of action.
The benefits of suptech applications can extend to supervised institutions. They can lead to reduced compliance costs and contribute to enhanced risk management effectiveness. This is particularly the case for automated reporting. At the same time, however, a few supervisory agencies recognise the risk that their use of suptech might lead to market participants adjusting their behaviour in order to “game” the technology.
Supervisory agencies would be best placed to explore the potential benefits of suptech applications if they have a well defined suptech strategy. A suptech strategy should comprise the following three key elements, at a minimum: first, ambitious, but achievable, targets (eg which technology will be used, in which area of supervision, and how will it be funded); second, an assessment of today’s data availability, data quality and availability of analytical resources; and third, a step-by-step action plan on how the supervisory agency will get from the current situation to full implementation of its suptech strategy.
The experience of early suptech users yields some useful insights on how to develop such a strategy. Some specific considerations for supervisory agencies are:
-
The overall approach to supervision should adapt to the digitisation of the activities of supervised entities. As finance becomes increasingly digitised, financial supervision needs to keep up.
-
Management support is critical in exploring the opportunities and benefits of suptech. For this to happen, management needs to appreciate the potentials of suptech, while keeping in mind its limitations and risks.
-
Supervisory agencies engaged in suptech need specialised human resources. Supervisory agencies should carefully consider their strategy in attracting and retaining suptech staff, as well as in ensuring that institutional knowledge is maintained should there be a high rate of staff turnover.
-
The buy-in of supervision or enforcement units helps to fully embed suptech in supervision work. Input from supervision or enforcement units should be considered in developing suptech applications.
-
Supervisory agencies can benefit from partnerships with the academic community. To keep up with fast-moving technical developments, supervisory agencies need to explore and stay attuned to new ideas emerging in academia.
-
The use of suptech reinforces the case for further improving risk management at supervisory agencies. The increasing use of suptech exposes supervisory agencies to more risks, such as legal risk, operational risk, including cyber-risk, and reputational risk, which must be mitigated if the benefits of suptech are to be maximised.
-
As supervisory agencies can learn from each other, it is important to seek opportunities for collaboration. The key to growing or enhancing suptech capabilities is for supervisory agencies to continuously exchange knowledge and experience at a global level.
Full paper
© BIS - Bank for International Settlements
Key
Hover over the blue highlighted
text to view the acronym meaning
Hover
over these icons for more information
Comments:
No Comments for this Article