Check against delivery.

Ladies and Gentlemen,

I would like to offer my sincere thanks for the invitation to this year’s ESE Conference here in Munich and I am looking forward to talking to you over the next 40 minutes about digitalisation in the financial sector in general and the importance of big data (BD) and artificial intelligence (AI) in particular.

Around two decades ago, then Federal President of Germany Roman Herzog talked about “laptops and lederhosen” that had formed a symbiotic relationship in the Bavarian state capital. Since then, the city has had some claim to be a pioneer of technological transformation in Germany. And indeed, many tech firms are headquartered in Munich or its immediate surroundings. Needless to say, Berlin, Hamburg and Frankfurt – and probably other cities as well – would vigorously disagree with singling out just the Bavarian capital.

But can that observation still be used for location marketing here in Munich or beyond? I have my doubts. Lederhosen are still a must.

As in the past, they are still extremely popular as a symbol of the Bavarian way of life. But the situation is rather different when it comes to laptops. Portable computers haven’t been a symbol of digital innovation for a long time now. At some point, they were supplanted by the smaller notebooks, and then came tablets, not to mention smartphones, which fit into both briefcases and ladies’ handbags. This shows how fast technological progress is racing through all our lives. And, in addition, as we will see later, innovation in financial services is not only driven by hardware, but as least as much by software and fundamental trends in IT or internet related services.

Financial undertakings, too, are unable to escape this transformation. On the contrary: the momentum of digitalisation in the industry is tremendous. And as supervisors and regulators, we must also move with the times and actively address the increasing digitalisation. What the financial markets of tomorrow will look like exactly is currently only discernible in outline, not least because digitalisation is characterised by continuous change and rapid adaptation. Let us take a closer look at three fundamental phenomena:

1. The transformation of business models and market structures
2. The impact of big data and artificial intelligence on existing regulatory and supervisory processes
3. The impact of big data and artificial intelligence on supervision itself.

How digitalisation is transforming market structures

Ladies and Gentlemen,

In the digitalised world, fewer and fewer retail customers are interested in branches and their opening hours. They expect financial services providers to deliver a level of convenience they already know from other areas of life, for example 24/7-availability and easy access to services tailored to individual customers. Many of the large online platform providers have already perfected offerings like this, offering their customers their own and third-party goods and services – customised one-stop shopping in compact ecosystems, increasingly including financial services of various kinds. Other companies can leverage these ecosystems to offer their own services, for example app developers in the app stores.

In principle, creating platforms brings benefits for everybody involved: anybody who participates in this ecosystem can specialise in the work processes they master best, gaining access to a broad customer base without any additional effort on their part. In return, they have to abide by the rules and access conditions laid down by the operator. In light of the customer consent that is normally granted, the platform operator itself also gains access time and again to very large volumes of customer data, which as we know is the new gold in the era of digitalisation. In the end, the platform operators know pretty accurately how they can optimally align their own products and prices with the needs of their customers – and of course they can and do make their data available to third parties.

In the financial sector, too, a growing number of banks and insurers – and, increasingly, non-financial firms – will position themselves as platform providers so they can offer their own and third-party products from a single source. We are already seeing how value chains in the financial market are being increasingly broken up and decentralised.

The Second Payment Services Directive PSD 2¹, which came into force at the beginning of last year, and the obligation to provide open APIs²,³, was another important game changer, clearly accelerating the process of disintermediation. However, not only market newcomers and start-ups – as some may have expected – but also the BigTechs are interested in leveraging the resulting opportunities. These technology giants, many of them operating globally, not only have the necessary expertise and capital up their sleeve; above all, they already have the necessary customer access.

This brings us to spotlight number two, namely the assumption that things could soon become very cramped at the customer interface. Some established banks and insurers could face the loss of substantial earnings potential and, in particular, first-hand knowledge about their customers where BigTechs enter their markets. Especially the smaller and medium-sized credit institutions that cannot evolve into a platform themselves run a risk of losing out.

The fact that price comparison platforms have also understood the opportunities available to them from open banking and the trend towards platformisation on the financial markets will further intensify competition at the customer interface. It is more difficult to predict exactly how this competition will develop. One possibility would be genuine competition for market share that would be fought out between the various platforms. “Winner takes all” is another possible scenario in which the real competitive struggle ultimately transforms into the question of who can actually participate in a dominant platform and who cannot – but according to the rules of the platform provider.

As important as competition questions may be, they are not a financial regulator’s or supervisor’s home turf. I see the ball here lying primarily in the field of antitrust and competition law, and the authorities responsible for policing it. As supervisors, we should certainly ensure that no market participant is discriminated against from the outset in a platform economy, and that no concentration risks arise due to network effects. From the supervisory perspective, distorted competition constitutes a risk that can have quite significant consequences for the stability and integrity of the financial markets.

BDAI as a challenge for supervisors

Ladies and Gentlemen,

Due to an almost exponential growth of computing power and storage capability and an amazing decline in the associated cost per unit, another fundamental trend has been emerging. The keywords here are Big Data (BD) and Artificial Intelligence (AI). Continuously growing volumes of data and ever better opportunities for using them are allowing the companies to bring entirely new products, services and business models to the starting grid – and this is happening in a self-reinforcing cycle of innovation. A constantly growing number of users generates more and more data, which in turn steadily opens up new opportunities for the tech giants to profitably apply Big Data and Artificial Intelligence. As BaFin, we want to keep close tabs on such future questions as early as possible. Our report “Big data meets artificial intelligence”⁴, which we published last summer and subsequently issued for consultation, aimed to provide valuable insights into the topic.

Covering all the aspects of this around 200-page publication and the results of the consultation would, of course, need far more time than I have available today. So please allow me to address only three key and quite fundamental aspects.

The first aspect relates to the question of who we should actually be supervising in the future: people or machines, or both? Already today, insurers, for instance, are generally in a position to manage processes such as risk assessments for new business and claims processing, in particular for standardised, but increasingly also for more complex cases, without human intervention. It is obvious that it will also be possible to delegate entirely different processes and quite important decisions to computers in the future. But what happens if something goes wrong and errors are made? Can a board member say “It wasn’t us, it was the algorithm”? I say: No! Ultimate responsibility must remain with management, meaning people. That is also why we cannot accept models or algorithms if these are presented to us as black boxes. Rather, we will do everything in our power to sustain the principle of human responsibility, even and particularly when innovative technologies and solutions are used.

The next aspect I want to highlight relates to the dimension of time and specifically to the following question: How long can supervisory approvals remain valid in times of artificial intelligence and machine learning? As an example, let us take a look at the models for determining regulatory capital requirements. If driven by self-learning elements that continuously evolve, models that supervisors approve today may already look entirely different tomorrow – or literally just a few minutes later. We will therefore have to define principles that we can use to decide whether a modification already constitutes a model change in the supervisory sense. And we have to ask ourselves how much a model has to change before a bank or insurer has to get straight back to the supervisor again. This clarification process will not be easy. In particular, we will have to analyse concrete use cases in detail and exchange information regularly with everybody involved. At a very general level, for example, the question could arise of whether we should develop assessment procedures in the future in which we focus more on outputs or an output corridor. Procedures that are focused on mechanisms of action, and not, as in the past, on a static model.

The next aspect concerns the following question: Who monetises the value of data? In other words, who captures the digital gold of the financial world – the customer data? If, as I said, competition in the financial sector is hotting up and data and evaluation monopolies emerge in addition to platform operators, we will be faced with new systemic questions. What interests us most is that no new serious risks to the integrity and stability of the financial markets arise. Collective consumer protection also plays a role here. In addition, we will examine the question of who or what should be subject to what sort of supervision in the world of machine learning and Big Data. For example, will we have to supervise providers who deliver knowledge and information structurally to the financial markets although they themselves do not provide any financial services? No decisions have been made so far, but a thorough regulatory debate regarding the extent to which traditional entity based approaches need to be supplemented by activity based supervision has long since started. In my view, the toolbox of financial regulators will have to be enhanced by activity based competencies. But let me stress: I think it should enhance, but not replace, entity based supervision.

Impact on supervision

Ladies and Gentlemen,

When taking a closer look at the wide-ranging implications of BDAI and the platform- and data-driven business models that derive advantages from it, one thing becomes clear: the value chains on such platforms are organised on a cross-sectoral basis. For consumers, such a world initially offers very tangible benefits. Anybody who searches for a suitable product or service on a platform – and also makes use of a financial or payment service tailored to their needs – will be offered what fits them best. The customer experience will be even greater if related services aligned with the personal needs of the consumer in question are additionally offered. Whereas such offers may well be very convenient for the customers, they are definitely a hard legal nut to crack both for us as supervisors and for consumer protection agencies. Such questions, which are naturally raised by such a cross-sectoral digital platform economy, cannot be answered readily by resorting to traditional “regulatory silos” with their clearly defined responsibilities. We need to take a closer look.

If we start thinking about whether a platform economy will necessarily entail some sort of extreme market concentration, we must also ask ourselves a range of competition and antitrust questions. Moreover, supervisors and regulators must always keep an eye on whether new developments in the financial industry do not also create new risks to financial stability. As I mentioned above, the scope of financial regulation needs to be reviewed and possibly enhanced.

Other factors include aspects of data and general consumer protection that also confront the institutions to be supervised. To sum up, we can say that digitalisation may blur the differences between tech groups and financial services providers, and that we may be supervising hybrid companies at some point in the future. We must be prepared for this sort of Day X. And we will succeed in doing this best if we network at an early stage with all the authorities that are responsible for the individual areas of law concerned. This would allow us to be in a position to respond appropriately to potential new risks in good time.

AML

As a supervisor, I see new digital technologies not only as a challenge we have to face up to. They can also help us to design our work and processes more efficiently. And of course technologies like this are not new ground for us that we first have to explore. As one of the world’s largest integrated supervisory authorities, we have very concrete notions of how to make these new technologies work for us. One supervisory area where we think using BDAI will be particularly worthwhile is combating money laundering (AML). In particular when it comes to customer identification, transaction monitoring and discovering potentially fraudulent transactions, I can see an opportunity to use BDAI to further optimise our processes. How could this look in detail? For example, as part of more effective cooperation between companies and authorities in exchanging and analysing relevant financial transaction data. BaFin is not only open to this sort of partnerships, we are actively driving them forward.

But one thing is also clear: BDAI technology is not a silver bullet that will mark a great leap forward in combating criminal money laundering.

As a government authority, however, we are under an obligation to investigate how we can embrace these new digital possibilities for supervisory purposes in this increasingly high-profile area. That is why we will consider carefully how deep BDAI systems could and should be allowed to delve into the behavioural patterns of individual customers and institutions. Which is certainly a question that needs to be answered, not by a supervisory authority alone, but within a broader political debate.

Another area where we see a lot of potential to use new technologies is combating market abuse in securities supervision. The particular focus here is on curbing insider trading and market manipulation. BaFin is also active in this field and has launched the “ALMA” project – which stands for “automated alarm and market monitoring system”. What exactly is happening here? Under Article 26 of the European Markets in Financial Instruments Regulation (MiFIR)⁵, investment services enterprises that enter into transactions in financial instruments must notify us of the complete and accurate details of these transactions as quickly as possible – and at the latest by the end of the following working day.

ALMA is intended to comb through these datasets autonomously, looking for conspicuous trading participants and transactions. What is the status of preparations for this project? The models that are needed to analyse such transaction data automatically are currently being developed and tested internally at BaFin in a project group consisting of analysts, IT experts and data scientists. To detect similarities, patterns and anomalies in the trading data or the trading behaviour of market participants, methodologies from the field of data mining, such as clustering or peer group analyses, can be used. The insights thereby gained are automatically pre-evaluated with the help of rules and threshold values that reflect the experience of our analysts. Our project team follows the premise that there may not be any black boxes here either, and that the final decision as to which facts should be rated as conspicuous must of course lie in the hands of a human expert.

Ladies and Gentlemen,

As you can see, we are facing a lot of work in the era of digitalisation. Both the volume and the intensity of work may well be large, but we will face up to the challenge!

And it is precisely this type of challenge that makes our work so interesting.

Thank you for your attention. And now I am looking forward to your questions.

Footnotes: