Herbert Smith Freehills' latest Global Bank Review: The Data Game highlights the banking industry's challenge to fully commercialise big data while complying with increasing legal, regulatory and political scrutiny.
"With so much data available from online trading, payments and transactions, banks have been enthusiastic adopters of data-driven technologies," said Herbert Smith Freehills partner Hannah Cassidy. "But they need to be mindful and plan for potential issues and risks with each new opportunity or novel use of data."
Regulators are also responding to the big data revolution by requesting that same data to track misconduct, creating an increasingly complex regulatory landscape.
Herbert Smith Freehills partner Cameron Hanson commented, “The cyber, technological and operational risks created by the collection, storage and use of big data are the subject of increasing scrutiny from the entire spectrum of regulators, including prudential, conduct and privacy regulators.
“In an era of increasing individual accountability, it is crucial that Boards and senior management are able to demonstrate that they have taken appropriate steps to identify, understand and then manage or mitigate those risks.”
The report explains the main issues for banks when exploiting big data and other new technologies:
- regulators are increasingly demanding data to track the actions of individual bank employees, particularly data related to disciplinary actions, client complaints and whistleblowing.
- competition law authorities are turning their attention to banking; banks should consider this very different regulatory oversight in all their business activities.
- banks need to be aware of discrepancies in, and differences between, regulators' advice, requirements and regimes across jurisdictions.
- boards need to add cyber, technology and data risks to their agendas, their understanding and their monitoring.
- many institutions run the risk of being underinsured, as the cost and complexity of data and tech-related issues increases.
- financial institutions are struggling to manage the increase in simultaneous cross-border investigations by regulators.
- audit and inspection rights and restrictions on sub-contracting must now form the central part of agreements between financial institutions and their IT vendors.