Totally digital? The future of banking business Speech delivered at the 2015 Bavarian Financial Summit "The opportunities and challenges of digitalisation for banks and insurers"

Professor Gerke
Ladies and gentlemen

Thank you very much for giving me this opportunity to lay out some ideas and challenges regarding the digitalisation of the banking industry here at the prestigious Bavarian Financial Summit as a prelude to the discussion.

1 Digitalisation of the financial industry: a better era or the seeds of the next crisis?

There is no doubt that the wave of digitalisation has walloped the banking industry and will leave no stone unturned. The percentage of bank clients in Germany who regularly bank online is now 63%.[1] Many of them have smartphones and want to be able to do their banking anywhere, anytime. The banks need to figure out their role in this new world. It would help, of course, to know which direction this wave of digitalisation is sweeping us in. Will the financial industry become totally digital? Allow me to address this question.

Digitalisation has created great expectations for the financial industry: using today's IT can make the financial system much cheaper, much faster, more customised, more flexible and more efficient. Retail customers today are able to conduct their banking business and asset planning anywhere in the world on their smartphones. And you can use online loan brokerage portals to grant loans to the Mittelstand company of your choice or obtain advice on how to invest assets from a computer algorithm. We can thus look ahead to the emergence of a more advanced financial system which better serves society at large and, in particular, retail customers in many respects - Mr Gerke, allow me to quote your expectation that the change will make transparency, security and fairness a matter of course in future.[2] Many new financial services providers are seeing a new dawn, while some banks feel threatened. I see a wealth of economic potential if the new ideas are properly implemented.

Any societal development, however, can also have its dark side. In a highly networked world, the dark side even extends as far as one's breast pocket. A security service provider has identified a new malware sample every 14 seconds for Android smartphones alone.[3] Banks are having to fend off thousands of attacks on their IT systems every day. Innovation can have sobering side effects - that's something that financial supervisors know only too well based on the experience of the past 20 years.

Digital financial technologies are certainly no exception. Whenever humans innovate, errors and unwelcome developments are possible, if not to say highly probable. The financial system is particularly vulnerable; rogue innovation can have severe consequences for society. There are therefore notable voices asserting that information technology will be at the core of a forthcoming financial crisis. Greg Medcraft, chair of the board of the International Organization of Securities Commissions (IOSCO), has predicted that the next big financial shock will come from cyber space following a succession of attacks on financial players. To be frank: I share this view.

So the wave of digitalisation can wash us up on all sorts of coasts. This means banks and supervisors need to set about charting the right route without delay. One thing I wish to state upfront: I do not believe that full digitalisation is the right destination for everyone: instead, we need to strike the right balance and seek out the right overall package which will convince society over the long term. In the following, I would like to outline what I think banks and savings banks need to do in order to survive in a digital world, and I will address the new challenges I believe regulators and supervisors of this industry will be facing.

2 Banks: finding their feet in the digital world

Banks can no longer discount digitalisation as just one of many trends they can simply sit out. Pressure is being created not only by new expectations among customers and within the industry, but also by the influx of new competitors from other industries. Having a large skyscraper and a branch network is simply no longer what it is needed to be taken seriously as a legitimate financial services provider and to be able to provide services nationwide.

Fintechs, as they are known, symbolise the attack of the "small and quick". These are hi-tech financial services firms which mostly provide just a limited range of services but are highly innovative and show huge competitive potential. Banks need to acknowledge fintech companies' great innovative power without envy. These new players have come up with all sorts of ideas: loan brokerage platforms, for instance, bring together loan-seekers and investors - through this digital platform, both sets of parties can obtain access to one another quickly and relatively inexpensively. PayPal, Google Wallet, ApplePay and others are providing innovative payment solutions. Automated investment tools are also available online for investors. Their growth has been impressive: across the globe, fintech companies are now collecting around US$1 billion per month in capital, and there are many pioneering companies, particularly in the United States.

Banks simply have to be in a state of high alert - not only because of the threat of a redistribution of profit margins, but also out of the knowledge that, in a fast-moving digital world, they could fall irrecoverably behind if they fail to respond quickly enough with competitive products. To put it differently: the banking industry cannot put their collective heads in the sand but have to rise to the challenge.

And this is due not only to fintech companies and shrinking profit margins. What are termed "disruptive technologies" are playing a decisive role here. Technologies are disruptive if they not only make individual processes more efficient but also render entire business models obsolete. Once music started to be spread over the internet as compressed files, a whole value-added chain was suddenly rendered superfluous - from the CD pressing machine to the record store. Smartphones, with their highly developed lenses, are currently putting pressure on the camera industry. The financial industry, too, needs to come to grips with these "destructive" technologies. Mobile payment methods, for instance, could erode payment structures that have evolved over years.

"Blockchain" technology is credited with having a particularly sobering impact on banks. By using the global computer network, this technology is enabling all transactions conducted in the world of finance to be documented in a presumably forgery-proof, near-real-time and, above all, decentralised manner, ie potentially without central securities depositories or banks. Any individual and any company could therefore settle money, securities or any other type of asset and liability directly with other financial market agents - thus obviating the need for the existing, unwieldy settlement infrastructure used by banks, CSDs and central banks. As a solution for the entire financial system, this technology is thus raising fundamental questions - including regulatory questions. Banks are currently researching ways of using this new technology internally, especially for cross-border transactions. The US NASDAQ stock exchange is already using blockchain technology for some of its services.

In the light of these developments, it would be criminally negligent for banks and savings banks to simply adopt a wait-and-see attitude: other industries have seen new technologies become the standard in no time at all. Examples include digital photography, the advent of smartphones and online media. Once digital technology has established a foothold, banks will no longer be able to put the genie back into the bottle. With regard to online and mobile payments, German banks have, in the meantime, seen the writing on the wall and have developed their own in-house solution, known as PayDirekt.

The frustration felt by many bank clients over the mounting negative headlines on banks in the past few years - with customers and the real economy being far removed, in many cases, from the centre of banks' interest - certainly explains some of the rush to embrace the digital newcomers. That is why fintech companies have little in common with banks: their staff do not wear ties, and their websites have been purposefully designed to be "minimalist". I therefore see the interest in fintech companies and new service providers as an indication of the beating the banking industry's image has taken in the past few years.

Digitalisation therefore highlights customers' desire for fair treatment and transparent bank services. However, even in the area of digital applications, confidence is fragile: an algorithm which acts as a financial decision-making aid needs to actually help, and not to manipulate, its user. The use of "big data" analysis makes sense only if it does not abrogate human self-responsibility. After all, confidence is not programmable.

I therefore do not wish to fan the flames of a dispute between innovative and economically promising new competitors and presumably ageing, tottering banks. On the contrary, I do not believe that the financial system can be fully broken down into individual digital processes and services. There is much more to good financial services than simply assembling a collection of clever algorithms. The financial industry needs to demonstrate broad experience with the economy and financial products and to constantly refresh its insights. And I agree with Mr Gerke that customers won't want to use a separate bank or fintech for each different financial service they need. This favours one-stop-shop banks. In addition, new business ideas need to pass the acid test first - statistically, a large percentage of new ideas end up failing.No one single digital banking business model is superior to all others, and fintech companies are not the banks' arch-enemy: cooperation is just as conceivable, and is already being actively pursued by many banks.

But at the same time, I also believe that, at the core, the banks' objective cannot be to swim as close as possible to the crest of the innovative wave. It must be in their interest instead to provide a competitive all-in-one package. This is naturally predicated on banks' boards of directors taking digitalisation seriously. However, in actual fact, I believe some banks and savings banks are not even truly aware that digitalisation even exists. And, where it is being noticed, there seems to be, in many cases, significant resistance to reform.

One thing needs to be clear, however: change is irreversible and will require banks to recognise the importance of digitalisation and develop a suitable digital strategy in response in order to remain profitable. In my eyes, an important factor is to always bear in mind customers' individual needs in order to develop sound products with long-term added value.

3 Sector supervisors: have the courage of clairvoyance

Let us now look at the new tasks for banking supervisors created by digitalisation. After all, digitalisation is also forcing supervisors to keep pace with new developments.

This does not mean an independent regulatory framework for digital financial services - after all, our overarching objective is, and remains, financial stability. What we therefore need to do is, through regulation, cover all the relevant hazards to a reliable financial system.

Our regulatory framework should therefore continue to be geared to these threats and not, say, make a distinction between analogue and digital financial services. Wherever risks to the stability of the financial market architecture arise, they have to be addressed by legal requirements - for instance, if a company grants loans on a commercial scale through an online platform.

But, without paying attention to digital change, we cannot supervise the banking industry in a risk-appropriate manner. Wherever new risks are potentially created by digitalisation, we therefore need to respond in a sensitive manner; regulatory and supervisory practice therefore need to adapt. Upheaval in the financial industry caused by, for instance, murky securitisations of mortgages or high-frequency trading, teach us that supervisors need to look at innovation and financial trends early on with a critical eye and in a forward-looking manner - there will be no getting around this in future.

A major threat lies in looking at innovations mainly in terms of profits, whereas the background services or long-term impacts are often ignored. We cannot afford such myopia. We therefore demand that banks' boards of directors fully understand the risks of their bank's business model and that responsibilities are clearly laid out. Even if, for instance, IT services and servers are outsourced, the bank still needs to bear responsibility, in the form of an audit trail for supervisors, for the security and availability of data.

There are additional and, in some cases, completely new threats, not only in the area of IT security but also in areas such as data protection, manipulation of behaviour by computers or cluster risk caused by algorithms. We need to deal with a host of new issues which are constantly cropping up: how well can crowdfunding and peer-to-peer lending, for instance, support the economy in a slump? What systemic risks lurk in algorithms if they are widely used to aid customers' decisions?

I am firmly convinced that there should not be a race for total digitalisation; instead, the goal should be to deliver benefits for all which continue to be perceived as such ten years down the line. We need to address the specific problem areas affecting the digital financial world from the outset so that digital banking will justify the upfront confidence and even sceptical consumers can be convinced for the right reasons.

One particular challenge here is that we can by no means be sure that we already know all the problems that lie ahead in the digital world. These "unknown unknowns" - risks that cannot even be named - first need to be staked out on the charts of regulators and supervisors.

Prime examples are to be found among cyberattacks and IT risks. Advances in these areas have been very rapid over the past few years - not just in terms of the methods of attack but also in terms of how they are organised economically. Attacks have become extremely professional in the meantime: in some cases, we can even say that hacking has become an industry. Not only are black markets for data being created, but there are even markets with a division of labour:[4] specialists, for instance, can be hired to attack a bank's network. This development will continue, simply because more and more valuables are now digital - such as account balances, credit card information or service availability. It must therefore be clear to us that we have to prepare for new types of attacks and many completely new types of risk. These threats are impossible to eradicate entirely; all that can be done is to fight them adequately.     

In the light of what I have just said, I also have something to say to my fellow supervisors and regulators. We need to be ready to "think outside the box", to go beyond our experience and think in entirely new dimensions.

I therefore demand that regulators be required to think proactively. This means, first, that no topic should be off-limits to us supervisors. We cannot assume that all new risks will fit into the existing categories of rules and supervisory practices. We need, second, to identify and understand new trends and developments in order to obtain a picture of potential risks in good time. Those who, for instance, neither know nor understand the aforementioned concept of a "blockchain" will not be able to keep up. Therefore, even though there are enough regulatory and supervisory issues to keep us busy, we need to have the courage to address even those topics which have not yet demonstrably caused a crisis. To be quite frank: I am calling for an entrepreneurial approach to supervision.      

4 Conclusion

Totally digital or not: at the end of the day, we should judge the financial system in terms of how well it serves people and the real economy. I urgently encourage banks and savings banks to help shape digitalisation by offering innovative and sound products. This will require a spirit of entrepreneurship which does not respond half-heartedly and aimlessly to change but embraces it as an opportunity. Banks and savings banks will therefore need to reinvent themselves to some degree. By this, I do not mean dressing up old business ideas in fashionable new attire but business models which make the banking sector more stable and resilient over the long term and which are unfailingly centred on the needs of customers.

Regulators and supervisors need, more than ever, to have the courage of clairvoyance. Digital innovation is not an end in itself and is not immune to unwelcome developments. It is precisely because we cannot see into the future that we must not allow ourselves to hide behind our current regulatory and supervisory standards. Responsibility for effective banking supervision means looking at new ideas and developments without prejudice - especially in times of radical change.

I now look forward to the discussion.


Footnotes:

[1] Roland Berger (2015), Digital Revolution in Retail Banking.

[2] BearingPoint (2015), 7 digital questions for banks.

[3] G-Data (2015), Mobile Malware Report Q2/2015.

[4] Cybercrime-as-a-service.