If you’ve been working in the finance sector over the past few years, you will have noticed some big changes in the world of financial supervision. A new generation of Fintech players, as well as major regulatory changes regarding GDPR, KYC and AML have meant that Financial Supervision continues to evolve in our increasingly digitalised world. Let’s take a closer look.
Today’s consumers value ease of use - and payments and online financial services are no exception. Just look at the wide range of user-friendly finance apps that have sprung up recently, offering everything from payment services, to managing savings and ‘low-bar’ investing. Consumers are loving it, as long as they feel like they can trust the technology. Traditional financial institutions are responding by shifting their focus or diversifying their products. This has led to a total shift in financial products and banking-related services.
For supervisors, this shift has resulted in a completely different supervision process. Although a bank is still a bank, there are far more financial institutions needing to be supervised these days, from fintech organisations that offer payment services and trust fund management, to insurers that have changed their scope, to clearing houses and more.
The types of data these organisations collect and process is also more diverse than ever. Twenty years ago, Financial Supervision was still being done mostly by hand. But new technologies give us more power than ever to crunch data. The recent advancements in AI could reinvent the way banks and other organisations collect and process structured and unstructured data. At the same time, new digital portals are being launched all the time, with a variety of different banks and organisations requiring access to different portals at different times.
As a result, supervisory organisations are now introducing new procedures and portals for all different types of information sharing. This has consequences for the onboarding of supervised institutions and the delegation of access rights within these firms. Due to the nature of the information that is shared, processes need to be highly secure, and risks need to be mitigated.
We see a lot of financial supervisors struggling with these new challenges. Registration and login for new portals can be inconsistent, with no real view of the external business users and no reliable login and access audit information. Who needs access rights? Do they still work in the same position? What about sharing accounts and login credentials?
Supervisory institutions require specific Identity and Access Management (IAM) technology to make sure they grant access to the right people within supervised institutions. As a result of our collaboration with the European Central Bank, Thales has been able to develop best-in-class practices on how to empower both supervisors and supervised firms. We centralised IAM for multiple portals in a single login platform. This makes monitoring and auditing access to data and portals more stable and secure. We also use strong user authentication, based on risk.
At the ECB, we were able to take IAM a step further. Thanks to the introduction of our B2B IAM functionality, we were able to reduce the administrative burden for supervisors by delegating access to supervised firms. This way, these firms are in control. They get a better user experience, and risks are mitigated thanks to a complete view on the actual users.
The European Central Bank is one of the youngest central banks in Europe. After the financial crisis in 2008, it became responsible for most of the supervision in the European banking system. The organisation had to adjust quickly, take over responsibility in the Eurozone, and keep pace with the digital changes in supervision. National central banks should adopt the same mentality, so they can perform their supervisory tasks in this rapidly changing digital world.
Read more about how we helped the European Central Bank fulfil its supervisory role and protect Europe’s financial system.