Disruptions & Opportunities in the Financial Sector (Address by Shri Shaktikanta Das, Governor, Reserve Bank of India - June 17, 2022 - Delivered at the Financial Express Modern BFSI Summit in Mumbai)

It is my pleasure to be here amongst such a distinguished gathering to deliver the inaugural address at the Financial Express Modern BFSI Summit. The theme of my address “Disruptions & Opportunities in the Financial Sector’ will resonate in the current context of technological innovations and fast evolving business models in the financial sector.

2. The impact of Covid-19 pandemic, the recent geo-political crisis and the all-pervasive technological innovations sweeping across economies are challenging the traditional financial intermediation processes. In my address today, I would like to focus more on the banking and the financial services space. I propose to share my thoughts on possible implications of technology on the financial services industry.

The Changing Paradigm of Banking

3. The edifice of growth and development in modern economies is built on the foundation of a vibrant, resilient and well-functioning financial sector. The core functions of the financial sector in an economy, viz. intermediation, asset price discovery, risk transfer and payments are globally undergoing a process of transformation. This is primarily driven by technological advancements. The Indian financial sector has also been a part of this churning and is adopting and propelling these transformations.

4. Over the past few years, the business of banking has witnessed a shift from traditional branch banking to digital banking. This paradigm shift has been possible due to innovations in information technology (IT), growth in mobile and internet connectivity, market-based financial intermediation, and the advent of Fintech. Financial service providers are now devising new products and services and are adopting new business models for reaching out to the target customers.

5. Improvements in technology have also enhanced the cause of financial inclusion and tech-enabled public goods delivery. Direct Benefit Transfer (DBT) through the digital mode is among the best examples of tech-enabled public goods delivery. Digital-mobile-anywhere-anytime banking is becoming the order of the day. The indigenously developed Unified Payments Interface (UPI) and Aadhaar Enabled Payment Service (AePS) have become the backbone of our retail payments system.

6. Alongside these advancements, the Reserve Bank’s regulatory approach has been realigned to support and foster such innovations. The regulatory guidelines for account aggregators and peer-to-peer lending operators are indicative of a proactive regulatory approach. An enabling framework for Regulatory Sandbox has been in place for last three years. The Reserve Bank Innovation Hub (RBIH) has also been set up by the RBI to catalyse innovations in the Fintech sector. We are now moving towards the introduction of a central bank digital currency (CBDC).

Technology as a Disruptor – Opportunities and challenges

7. With the advent of new technologies, we are witnessing a new era of disruption. Given the growing role of technology, data and network effects, there is a feeling among the banks that having an ethos of a technology company, while offering banking services, is the need of the hour. This is an area of opportunity for the banks; but there are associated challenges which need to be mitigated. Greater attention needs to be given to building customers’ trust by (i) offering products and services appropriate and fit for customer’s needs and circumstances; (ii) ensuring robust security controls, reliable and efficient delivery of services, transparency of terms and conditions to customers; and (iii) by handling customer grievances satisfactorily and building necessary awareness among customers. All of these aspects need to be factored in when financial institutions introduce or enhance technology driven products and services.

8. Talking about opportunities, it would be relevant to note that what we have seen until now could be just the tip of the iceberg. The use of artificial intelligence (AI) and machine learning (ML) to determine the creditworthiness of clients for small ticket loans by analyzing data from a wide range of traditional and non-traditional data sources, has the potential to enhance access to credit for marginalized customers. Here also it would be necessary to understand the associated risks and mitigate them suitably through various safeguards and precautions. Risks relating to cyber security, software development, limitations in transaction capacity, privacy of customer data, and data security need to be factored in. The methodology of algorithms underpinning digital financial services has to be clear, transparent, explainable and free from exclusionary biases. The credit scoring models using innovative techniques can be useful but they should be subject to a robust model governance framework. Comprehensive assessment of risks has also to be undertaken while planning to move to cloud with customer sensitive data.

9. In all these digital initiatives, the plan should also factor in those sets of customers who may not be digitally savvy and who may want to engage physically with the bank. It is, therefore, crucial that while driving various tech-enabled initiatives, the existing systems and processes do not see frequent disruptions and non-availability. We have already seen instances of the damage that disruptions in technology systems can bring and the reputation risk they carry for financial entities. A casual approach to handling technology issues even as basic as wrongful deletion of a single system file or inadequate care in patch updating often lead to financial and operational losses.

10. The IT systems and platforms are also exposed to obsolescence and require frequent upgradation. This calls for adequate investment in IT infrastructure by all financial sector entities. This is one of the important focus areas of RBI’s supervision of its regulated entities, especially the Banks and the NBFCs.

11. It has also to be recognised that human resource can turn out to be the weakest link in technology enabled financial services. There is thus a vital need for ongoing training and skill building programmes.

12. At end of the day, the bottomline is how technology improves the financial system in terms of efficiency, effectiveness, resolving bottlenecks in economic functions and provide value addition to the customers.

Collaboration between Finance and Technology Firms

13. Large technology companies (BigTech) which have entered into provision of financial services could potentially be another source of disruption to the financial system. As you would be aware, such companies, whether from e-commerce, social media and search engine platforms, ride hailing and similar businesses have started to offer financial services in a big way on their own or on behalf of others. These companies have an enormous amount of customer data which has helped them to offer tailored financial services to entities and individuals lacking credit history or collateral. Even the banks and other lenders are sometimes utilising platforms provided by fintech companies in their internal processes for credit risk assessment. Such large scale use of new methodologies in credit risk assessment can create systemic concerns like over-leverage, inadequate credit assessment, etc. Authorities and regulators have to strike a fine balance between enabling innovation and preventing systemic risks.

14. The big techs also pose concerns related to competition, data protection, data sharing and operational resilience of critical services in situations where Banks and NBFCs utilise the services of big tech companies. These concerns can also materialise in sectors other than financial services. The provision of financial services through the digital channel, including lending through online platforms and mobile apps, have brought in issues relating to unfair practices, data privacy, documentation, transparency, conduct, breach of licensing conditions, etc. The Reserve Bank will soon issue suitable guidelines and measures to make the digital lending ecosystem safe and sound while enhancing customer protection and encouraging innovation.

What kind of Regulation and Supervision?

15. The need for FinTech regulation emanates from the challenges they pose to the financial system and the new risks they carry. These risks have a bearing on overall financial stability and market integrity.

16. The approach to regulation of FinTech could be by way of Activity Based Regulation wherein similar activities are treated similarly, regardless of the legal status or nature of the entity undertaking the activity. It could also be Entity Based Regulation which requires that regulations are applied to licensed entities or groups that engage in similar and specified activities, such as deposit taking, payment facilitation, lending, and securities underwriting, etc. The approach could also be an Outcome Based Regulation by setting out some basic, common and technology or business model-neutral outcomes that entities must ensure.

17. India has traditionally followed a hybrid form of regulation that combines Activity and Entity Based regulation. As a principle, the RBI has been applying comprehensive regulatory, supervisory and oversight requirements to various segments of financial sector in its domain to create an enabling ecosystem for such activities to grow in an orderly fashion. The underlying theme has always been to maintain financial stability. Going forward, the RBI will continue to finetune its regulatory and supervisory measures keeping in mind the evolving dynamics of the financial sector.

Does Regulation require collaboration with different Regulators?

18. When it comes to technology, it may transcend regulatory or national boundaries. The most relevant example in this case would be the blockchain technology. Different blockchain platforms cannot be limited to a regulator or a nation. Another example can be the case of De-centralised Finance (DeFi) in which financial applications are processed on a blockchain with limited or no involvement of centralised intermediaries. DeFi poses unique challenges to regulators as its anonymity, lack of a centralised governance body, and legal uncertainties can make the traditional approach to regulation ineffective. There is, therefore, a case for a globally coordinated regulatory approach and inter-regulatory co-ordination to enable comprehensive assessment of such activities and mitigation of their risks.

Some recent initiatives of the RBI

19. I would now like to focus on certain supervisory steps taken by the RBI recently to deal with the emerging challenges from fintech. In the specific area of cyber security, the RBI has recently conducted Phishing Simulation exercises for select Supervised Entities (SEs) to assess their email security standards and cyber security preparedness. We have also initiated the process of conducting Cyber Reconnaissance exercises this year. This will provide pre-emptive information on the cybersecurity risk vectors of SEs. Besides, Cyber Drills which are conducted periodically are being further enhanced in terms of coverage and periodicity.

20. The increasing use of technology and digital services has led to more incidents of digital frauds and customer dissatisfaction. The recommendations of the RBI Working Group on digital lending in this area are under examination for issuance of guidelines.

21. In the context of customer service, another area which is engaging the attention of the RBI is the harsh recovery methods used by certain lenders, without having adequate checks and controls over their recovery agents. We have received complaints of customers being contacted by recovery agents at odd hours, even past midnight. There are also complaints of recovery agents using foul language. Such kind of actions by recovery agents are unacceptable and pose reputational risk for the financial entities themselves. We have taken serious note of such instances and will not hesitate to take stringent action in cases where regulated entities are involved. Such complaints against unregulated entities will have to be taken up with appropriate law enforcement agencies.

22. We have recently set up of a Committee for Review of Customer Service Standards in the RBI Regulated Entities (REs) which would inter alia review the emerging and evolving needs of the customer service landscape, especially in the context of evolving digital financial products and their distribution, and suggest measures for strengthening the overall consumer protection framework.

Governance and Risk Management

23. I have often spoken about the importance of good corporate governance in banks and financial institutions. A good governance structure will have to be supported by effective risk management and compliance functions. The cost of compliance to rules and regulations should be perceived as an investment, as inadequacy in this regard can prove to be highly costly. Compliance culture should ensure adherence to not only laws, rules and regulations, but also integrity, ethics and codes of conduct.

24. The Global Financial Crisis was preceded by a wave of financial innovations related to securitisation and other innovative financial instruments. These allowed the financial system to grow at a pace that was beyond its capacity to manage, especially from the point of view of the connected risks. Given such past experience, prudence demands that introduction of innovations in the financial system should be done responsibly and in a calibrated manner, taking into account the capacity of financial entities to manage potential risks. It goes without saying that innovations which provide opportunities through high risk taking need to be managed by sound corporate governance and risk management practices within the financial institutions. The senior management and internal control mechanisms in financial institutions should also ensure that their IT systems are robust and transparent, and not open to manipulation that may camouflage the true state of affairs in the organisation.

Conclusion

25. Let me conclude by saying that we are in the midst of a technological revolution in the sphere of financial services. Technology and Innovation per se are neither destructive nor constructive. It is the use cases that present the responsible or irresponsible sides of any particular innovation or technology. Reserve Bank shall continue with its approach where innovations which provide benefits to society are encouraged without compromising the stability of the financial system.

26. The trend of technology driven changes in the financial services sector will continue in the future. Participants and players in this sector will have to strive hard to remain relevant in the ever changing economic environment by continuously improving the quality of their governance; reworking their business strategies and business models; designing products and services with the customer in mind; ensuring operational resilience and risk management; and focussing on more efficient products and services by leveraging on technology. The possibilities are immense only if we are ready to embrace them while meeting the challenges!

Thank you.