Spaces:
Running
A newer version of the Streamlit SDK is available:
1.44.1
Pushing through undercurrents
Technology’s impact on systemic risk: A look at banking
As more financial institutions embrace digital innovation, risks emerge that could threaten the stability of the financial system. Some of these risks originate from a single sector. Either way, they could proliferate and become systemic without appropriate management.
To understand what these technology-driven risks look like, the World Economic Forum (the Forum) and Deloitte consulted over 100 financial services and technology experts in the development of a new report, Pushing through undercurrents. This group shared more specific perspectives on the forces behind technology-driven systemic risk in the banking sector. Here’s a summary of what we learned. You can learn more in the full report from the Forum, and the executive summary from Deloitte.
| How can the industry mitigate it? | Col2 |
|---|---|
| Goal Mitigation opportunities | |
| Strong security for BaaS platforms and API connectivity Properly vetted BaaS partners Institutional knowledge transfer from banks to BaaS partners | • Use input validation protocols • Apply network segmentation and access control measures • Improve due diligence on BaaS providers • Help BaaS and other fintech providers get better at risk management and compliance |
[Risk 1: Risk exposure from Banking as a Service offerings]
What could go wrong?
Banking as a service (BaaS) increasingly relies on application programming interfaces, introducing vulnerabilities that can pose risks for banks. The risk is growing because:
• Customers’ sensitive data and funds may be at risk from phishing and social engineering attacks
• Flawed APIs might provide a back door for hackers to penetrate banks’ systems
• Noncompliance with data privacy rules by BaaS providers might expose partner banks to reputational risks
This risk could become systemic if, for example, a malicious actor launches a distributed denial-of-service attack on a BaaS provider, keeping customers from accessing their accounts or making transactions.
What sectoral and regional How can the industry mitigate it? forces could amplify the risk?
Goal Mitigation opportunities
• A complex BaaS technology Strong security for • Use input validation protocols stack BaaS platforms and API
• Apply network segmentation and
connectivity
• Limited redundancy measures access control measures
• A lack of input validation, enabling attackers to upload malicious code into a bank’s Properly vetted BaaS • Improve due diligence on BaaS systems through its APIs partners providers
Institutional knowledge • Help BaaS and other fintech providers transfer from banks to BaaS get better at risk management and partners compliance
What sectoral and regional How can the industry mitigate it? forces could amplify the risk?
Goal Mitigation opportunities
^
Risk 2: Inadequate stability mechanisms for stablecoin arrangements
| How can the industry mitigate it? | Col2 |
|---|---|
| Goal Mitigation opportunities | |
| Standardization and oversight of stablecoin arrangements Investor and customer protection Transparency of capital reserves | • Requirement for anti-money laundering and “know your customer” processes for stablecoin issuers • Offer insurance coverage for stablecoin tokens • Enforce responsible marketing rules and customer education • Periodically audit and stress-test stablecoin issuers’ reserve assets |
What could go wrong?
Stablecoins mimic fiat currencies but without the backing of a central bank, heightening the probability of a run. The risk is growing because:
• Governance and regulatory gaps could perpetuate illicit activities that might threaten the integrity of the broader financial system
• The novel technologies used for minting and managing stablecoins are exposed to security risks
• The absence of a stability mechanism like deposit insurance increases the risk of a run
This risk could become systemic if, for example, a significant stablecoin issuer fails to promptly honor large customer withdrawal requests, touching off a run and eventually collapsing the stablecoin arrangement.
What sectoral and regional How can the industry mitigate it? forces could amplify the risk?
Goal Mitigation opportunities
• A less mature regulatory Standardization and oversight • Requirement for anti-money laundering environment of stablecoin arrangements and “know your customer” processes
for stablecoin issuers
• Stringent capital controls, which may encourage individuals in those jurisdictions to park their assets in global stablecoins
Investor and customer • Offer insurance coverage for stablecoin
• Unsecure systems and poorly protection tokens managed internal processes
• Enforce responsible marketing rules and customer education
Transparency of capital • Periodically audit and stress-test reserves stablecoin issuers’ reserve assets
What sectoral and regional How can the industry mitigate it? forces could amplify the risk?
Goal Mitigation opportunities
What could go wrong?
Stablecoins mimic fiat currencies but without the backing of a central bank, heightening the probability of a run. The risk is growing because:
Contacts
Neal Baumann
Financial Services Industry leader Deloitte Global [email protected]
Rob Galaski
Vice-Chair and Managing Partner Deloitte Canada [email protected]
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited (DTTL), its global network of member firms, and their related entities (collectively, the “Deloitte organization”). DTTL ( also referred to as
“Deloitte Global”) and each of its member firms and related entities are legally separate and independent entities, which cannot obligate or bind each other in respect of third parties. DTTL and each DTTL
Deloitte provides industry-leading audit and assurance, tax and legal, consulting, financial advisory, and risk advisory services to nearly 90% of the Fortune Global 500® and thousands of private
companies. Our people deliver measurable and lasting results that help reinforce public trust in capital markets, enable clients to transform and thrive, and lead the way toward a stronger economy,
a more equitable society, and a sustainable world. Building on its 175-plus year history, Deloitte spans more than 150 countries and territories. Learn how Deloitte’s approximately 415,000 people
[worldwide make an impact that matters at www.deloitte.com.](http:// www.deloitte.com)
This communication contains general information only, and none of Deloitte Touche Tohmatsu Limited (“DTTL”), its global network of member firms or their related entities (collectively, the “Deloitte
organization”) is, by means of this communication, rendering professional advice or services. Before making any decision or taking any action that may affect your finances or your business, you should
consult a qualified professional adviser. No representations, warranties or undertakings (express or implied) are given as to the accuracy or completeness of the information in this communication, and
none of DTTL, its member firms, related entities, employees or agents shall be liable or responsible for any loss or damage whatsoever arising directly or indirectly in connection with any person relying
on this communication. DTTL and each of its member firms, and their related entities, are legally separate and independent entities.
© 2023. For information, contact Deloitte Global.