"Banking Supervision – The Path Ahead" - Opening Address by Mr Ong Chong Tee, Deputy Managing Director (Financial Supervision), Monetary Authority of Singapore, at 13th Asia-Pacific High Level Meeting on Banking Supervision on 28th February 2018
Mr Agustin Carstens, General Manager, BIS
Mr Fernando Restoy, Chairman, FSI
Mr William Coen, Secretary General, BCBS
Ms Chuchi Fonacier, Chairman, EMEAP WGBS and Deputy Governor, BSP
Distinguished guests, ladies and gentlemen,
1 Good morning. My colleagues and I at the MAS are pleased to host this 13th Asia-Pacific High Level Meeting on Banking Supervision. It is also my honour to be able to offer some remarks to precede the interesting panel sessions over the next two days.
Basel III reforms
2 It has been a decade since the 2008 Global Financial Crisis. Since then, wide-ranging regulatory reforms have been formulated to further safeguard the stability and functioning of the global financial system.
- One major set of the reforms is the Basel III standards for banks; and this includes boosting capital buffers, new liquidity requirements and limiting overall leverage.
- The Financial Stability Board (FSB) also led work to address “too-big-to-fail” concerns. Global Systemically Important Banks (G-SIBs) are now subject to higher capital, more intense supervision, and resolution planning requirements.
3 The recent finalisation of the 2017 Basel III reforms complete the post-crisis banking reform agenda. The Basel Committee and global banking regulators have shifted focus to implementation of the revised standards. Given the considerable attention on the Basel III reforms, it is easy to forget that a core mandate of the Basel Committee is with respect to its work on supervisory practices.
4 So this morning, allow me to share some thoughts on three areas with respect to banking supervision:
i. The Next Phase - beyond the review on Capital and Liquidity rules;
ii. Banking Supervision as a Craft; and
iii. Supervisory Challenges and Opportunities.
The Next Phase
5 As many of us will be familiar, the Basel III framework has a second Pillar that pertains to risk management and supervision including accounting for risks not captured under Pillar 1. Indeed, the Basel Committee devotes considerable attention to various pieces of work under this Pillar, such as on stress testing, accounting standards, corporate governance and supervisory colleges. Disclosure requirements are further reviewed under Pillar 3 to foster market discipline.
6 Following the recent finalisation of Basel III, the next phase will be centred on a “full, timely and consistent” implementation globally. This is important to reduce risk of regulatory arbitrage. Every jurisdiction or region will of course be different in the degree of openness, internationalisation, and the maturity and sophistication of their banking systems. The Basel Committee has been mindful that its standards are calibrated as minimum requirements, and in limited situations, some supervisory discretions have been provided including the use of Pillar 2.
7 Risk proportionality is not a new concept in international banking rules. The Basel Committee has sought to further embed risk proportionality within its framework.
- One such example is the simplified alternative to the Standardised Approach to Market Risk, or SA-MR in short. This simplified alternative will make it easier for supervisory authorities to implement the market risk rules for less complex banks.
- For such simplified approaches to be fit-for-purpose, it has to take into account the differing conditions across a broad range of jurisdictions. This is especially so for emerging market economies with less complex banking systems. In this respect, forums such as the Basel’s Regional Consultative Group (RCG) and the Executives’ Meeting of East Asia-Pacific Central Banks (EMEAP) can be important platforms for regional regulators to continue to provide feedback or regional concerns.
- Where the outcomes from impact studies are less certain, the Basel Committee has been careful not to rush into a particular rule. One example is the treatment of sovereign risk exposures. In this case, the Basel Committee has decided to put out a discussion paper to solicit further views.
8 The Financial Stability Institute (FSI) has also recently published an insightful report on proportionality in banking regulation. The report provides a very useful overview of the proportionality approaches in different jurisdictions.
9 Another example is the Financial Stability Board’s (FSB) evaluation of effects of reforms. The initial focus is on infrastructure financing, which will be relevant to Asia given the immense infrastructure demands.
10 Asian regulators on the Basel Committee and on the FSB can help to present Asia’s perspectives at these international forums. Central banks as well as international organisations such as the International Monetary Fund (IMF) and the Asian Development Bank (ADB) should also weigh in to lend insights from their economic surveillance work. This will allow regional concerns to be sufficiently factored into the global rule-making and evaluation process.
The Craft of Supervision
11 Rules and standards cannot replace judgment. Good supervisory instincts and technical competence are required to discover, scrutinize and evaluate key risks. This can only be done if banking supervisors do not see their role as a mere compliance function. An effective banking supervisor must be able to assess a bank’s understanding of its risks, its business practices as well as judge its corporate governance and culture.
12 The need for consistency and rigour also mean that supervisory judgment is not just an operational matter. Having formal supervisory decision-making forums is an important component of a good supervisory process. For example, in the MAS, our Banking Supervision heads come together in regular meetings to guide supervisory reviews and decisions. As an integrated supervisor, I also chair a Management Financial Supervision Meeting as well as a Regulatory Actions Meeting that oversees the broad scope of our supervisory policies and enforcement actions respectively, across banking, insurance and capital markets activities. In other words, supervisory practices require as much thought and policy considerations as the rules and regulations. This is also why exchanges with fellow regulators during supervisory colleges are very helpful and important too.
13 I have earlier mentioned that rules and regulations should be risk proportionate. This is true as well for banking supervision. It is impossible for supervisors to review and inspect all the financial institutions under our charge to a wide and deep extent given finite resources and time. This is neither feasible nor desirable.
14 It is more logical and effective to differentiate our supervisory intensity according to the risk profiles of each bank. In recent years, MAS has also moved towards greater use of thematic reviews and inspections. This means that we inspect a peer group of institutions at a time in a specific risk area. We find that such a peer group approach also facilitates better identification of vulnerabilities, and allow for industry benchmarking as well as the sharing of best practices.
15 An effective supervisory process should also involve a preparedness to take tough enforcement actions. It is a practical reality that no amount of regulations and supervisory reviews can catch all possible potential misdemeanours or excessive risk-taking. To do so, a financial regulator would have to be regularly and extensively intrusive to a point that a bank would find it hard to function. Ultimately, a bank’s Board and Management must be responsible for its business conduct and risk management.
16 Hence, it is far more effective that the supervisory process work alongside strong and effective Boards and Management in banks. If there are failings or violations that bypass our supervisory reviews, then enforcement actions must be meted out accordingly.
17 This supervisory philosophy is underscored in what is commonly described as the four lines of defence in a 2015 BIS Occasional Paper, as well as the 2015 Basel Committee’s guideline on Corporate Governance principles – that describe the roles of (a) Boards, Management and Business Units, (b) Risk and Compliance, (c) Internal as well as External Audit, and (d) the Regulator.
Challenges and Opportunities
18 Much has been reported about innovations in the FinTech space, and the disruptions brought about by technology in practically every aspect of economic and social activities.
19 Recent technological developments have also presented regulators with both new challenges and opportunities. For instance, the foray by hitherto non-regulated entities into various aspects of payments and financial services could necessitate a change from an institution-based regulatory approach towards an activity-based framework. But at the same time, this can also allow a regulator to “right-size” regulations for both traditional and evolving business models according to the risks the activity poses. I can cite two examples:
- Virtual currencies first emerged about 10 years ago. Since then, we have observed an increase in the number of initial coin (or token) offerings in Singapore. As with most financial regulators, MAS does not regulate virtual currencies. But we regulate the activities that surround virtual currencies if these pose specific risks. An example would be the Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT) requirements that we have imposed on intermediaries providing virtual currency services. We are assessing if additional regulations are required for investor protection.
- Another example is the wave of new payment services that have been enabled by new technology. Consumers are increasingly making and receiving payments through digital payment platforms, which fall outside of our existing regulatory frameworks. In recognition of the risks that these digital payment platforms can pose to the system as a whole if they are not adequately secure, MAS will be issuing a new Payment Services Bill (PSB). This will streamline the regulation of payment and remittance service providers under a single regulatory framework, and calibrated to whether an entity offer one, some or all parts of the retail payments value chain. It will also seek to enhance user protection and facilitate the adoption of electronic payments.
20 Regulations should not stifle innovation. The reality is that innovations will always move ahead of rules. The key is in understanding whether a particular innovation or new business model is simply a regulatory arbitrage. If so, we should deal with that directly such as by bringing that activity within the regulatory ambit or even banning it altogether. Another consideration is whether an innovative business model while purposeful will create incoherence or inconsistency of treatment. In such a case, a review of that regulatory policy may be necessary. There is no one-size-fits-all supervisory answer. It simply means that as regulators, we need to keep abreast with technological developments. Only then, can we exercise thoughtful judgment. The fact that many financial regulators including the MAS have allowed regulatory sandboxes to be set up highlights a preparedness to allow innovative financial models to first be tested within defined parameters.
Harnessing technology to strengthen supervision
21 There is a growing area of technology use that will be directly relevant to financial supervision – Regulatory Technology (or RegTech). This is the use of advanced technology systems and algorithms to enhance risk management and regulatory compliance.
22 Many financial institutions have embraced RegTech, such as:
- Predictive analytics being used in stress testing;
- Artificial Intelligence and Machine Learning-powered systems to identify money laundering risks; and
- Cognitive computing and behavioural algorithms to detect suspicious trading and possible misconduct.
23 On the supervisor’s end, the MAS is developing our own ‘SupTech’ to improve and sharpen our surveillance and analytical capabilities. Since about a year ago, we have set up a dedicated unit for SupTech within our Data Analytics Group.
24 The aim is to make greater use of technology and “smart tools” to guide our financial surveillance and supervision functions. To do so, building the infrastructure for our data analytics projects is important. We are putting in place an MAS Private Cloud. This will serve as the foundation to provide computing power to all data analytics projects in MAS. There are a number of ongoing system-enhancement projects around data storage, accessibility and usability. But importantly to fully benefit from the insights of a broader set of high-frequency real-time data, in both structured and unstructured formats, our supervisors will also need to acquire strong digital fluency in various data analytics and visualisation tools.
25 Only then can we harness the full computational capabilities from better data analytics to sharpen our surveillance and understanding of different risks, and to support more effective decision-making. There is also a nascent area that MAS is studying together with an industry grouping. This relates to data ethics such as on fair and transparent use of data by financial institutions. I am sure this will be a discussion topic in future forums.
Managing cyber threats
26 Given the technological developments in the financial services sector, a key priority area for regulators must be the work on Cybersecurity. To do this well, regulators will have to work in close partnership with financial institutions, law enforcement agencies, sector agencies such as in telecommunications and power, as well as fellow regulators given the often cross-border nature of cyber threats.
- To further foster the exchange of cyber intelligence in the region, MAS collaborated with the Financial Services – Information Sharing & Analysis Centre (FS-ISAC) to establish an APAC Regional Intelligence and Analysis Centre. This centre in Singapore provides 24/7 coverage of actionable intelligence and resources to respond to incidents.
- MAS also implemented a 24/7 Sectoral Security Operations Centre (SOC) to obtain information from intelligence sources on cyber threat targeting our financial sector.
- We have partnered the Association of Banks in Singapore (ABS) to update MAS’ Technology Risk Management Guidelines.
- Also in partnership with the ABS, we are in the process of establishing guidelines for “red-teaming” to enhance cyber security testing.
27 I know that this theme of technology will feature prominently over these two days. Such mutual sharing and learning will be an important aspect of regulatory up-levelling.
Integrity and Conduct
28 Last but not least, let me wrap up my remarks by highlighting the importance of strong integrity and proper conduct in the financial industry. No amount of regulatory reforms or supervision can assure a stable financial system if the culture and conduct of firms and individuals are flawed. Around the business complexities of different firms, the core should be the same – a business culture centred on doing right and doing good.
29 MAS will be stepping up our supervisory reviews on various aspects of risk governance and culture in financial institutions. Recently, we conducted a culture and conduct survey among a number of the key institutions. Based on the survey responses, we are carrying out dialogues to ascertain commonalities and differences in industry practices. We are sharing our supervisory experiences with other regulators to learn from one another. From these, we hope to provide the broader industry with our observations on best practices and areas for improvement.
30 I have probably spoken longer than I should. I think this only goes to show the many areas of supervision which the different panels will no doubt delve further into. May I wish everyone a most fruitful and interesting meeting. I do hope that all visitors in this meeting will also be able to set aside a little time to enjoy Singapore’s lively sights and sounds.