As prepared for delivery
SCOTTSDALE, ARIZONA - Thank you for inviting me and good morning. It is a pleasure to speak at the SIFMA Operations Conference.
Technological Innovations and Financial Services
In 1984, Congress directed the Office of Technology Assessment – a congressional research office that existed from 1972 to 1995 – to publish a paper entitled The Effects of Information Technology on Financial Services Systems. The introduction of that paper states the following: “The financial service industry is markedly different from what it was at the end of the 1970’s, and the rate of change will only slow slightly during the remainder of the 1980’s. Advancing information and communication technologies are key factors that have changed the nature of financial services: the ways in which they are created, delivered, priced, received, and used.”
The paper then adds: “Rapid and dramatic change in the financial service industry will not persist indefinitely. There will be a period of stabilization, probably over the coming decade, after which the financial service industry is likely to return to a more orderly evolutionary pattern.”
Of course, the pace of technological change since 1984 has not stabilized. If anything, technological change arising from developments in computing power, telecommunication, and data storage, and its impact on the financial services industry, has been breathtaking. For example, in 1984, many of our markets still relied on open outcry and telephone transacting with paper-based back offices. Today, most trading is electronic. Indeed, many of the significant regulatory questions surrounding financial markets today – from collocation to the impact of trading algorithms on orderly markets – arise directly from the impact of advancing technology.
The same is true of safety and soundness. Our safety and soundness standards explicitly incorporate operational risk. We cannot conceive of risk management today without reliance on computer-driven models that can process large amounts of data, simulate economic conditions under assumptions we assign, and guide us to probable outcomes that can help us plan for various risks.
I believe that evolving technologies will persist in shaping financial services. Much of the impact will continue to come from computing and information technology. For instance, will cloud computing affect our payment system? Or, will social media affect the ways in which credit intermediation occurs? There is also the impact of the increasing convergence between information and communications technologies. Mobile banking, for example, is now a reality. The banner advertisements for mobile phone wallets seem ubiquitous. And then, there is biometric technology. Will biometric technology someday displace card and PIN-based verification protocols at the point of sale or online? What benefits and risks would that have?
These types of questions, of course, are relevant not only to a discussion of how financial services are provided, but also to regulatory policies. Technology – when it works as designed — undoubtedly has brought with it tremendous benefits, many of which we now simply take for granted. But no technology is fool-proof. Technology failures or disruptions have the potential to be substantial factors in market crashes, harm competition, and contribute to privacy concerns. Accordingly, policymakers need to be thinking about these important questions today as technologies are being developed.
So, let me take this opportunity to illustrate the ways in which considerations about technology matters have become central to our work at the Treasury Department.
Financial Stability, Safety and Soundness, and Infrastructure Protection
The recent financial crisis underscored the importance of focusing on financial stability. The foundations of the old regulatory system were based on outdated assumptions about the nature of financial firms, their activities, and their relationships. Our regulatory structure did not keep pace with how quickly the financial industry was evolving. In significant part, this evolution was spurred by advances in technology, which brought changes in how financial products could be conceived, designed, and priced, and how transactions could be initiated and processed.
The Dodd-Frank Act responds to this need for change by establishing a regulatory structure better equipped to address evolution of product design, business models, transaction mechanisms, and one that can more effectively assess the financial system as a whole, not simply its component parts. The Financial Stability Oversight Council, or FSOC, in which the Secretary of the Treasury participates as Chairperson, is intended to be a dynamic, forward-looking regulatory body that enhances interagency coordination and improves interagency dialogue on identifying risks to the financial stability of the United States. Attention to the impact of technology on financial stability is an important component of Treasury’s efforts as Chair of the Council.
One manner in which we engage emerging technology issues and their effect on financial stability is by working with the Office of Financial Research, or the OFR. Dodd-Frank tasks the OFR with monitoring changes in risk throughout the financial system and with supporting the Council and its member agencies on matters of data, analytics, and research.
The OFR has many important functions, including understanding and synthesizing the information financial regulators possess and receive. Markets and institutions report data to different regulatory agencies in a variety of ways. Nevertheless, before the financial crisis, there was no formal mechanism to help gather this information in a coordinated fashion, nor was the information viewed in a holistic way so as to detect threats to overall financial stability.
The OFR has the mission and authority, for the first time, to help bring all of this information together so as to allow the regulators, through the FSOC, to review and analyze trends and to determine if there are emerging threats to the financial system. Specifically, the OFR is charged with: developing tools for measuring and monitoring risk at the system level; collecting market and financial firm data and providing these data to the Council; and, standardizing the types and formats of data reported.
The OFR has begun its coordination efforts on data reporting through an inventory project designed to catalogue and understand the existing data currently collected by FSOC member agencies. OFR is reviewing this inventory of data not for the purpose of reinventing the wheel, but to avoid duplication of effort by the regulatory agencies. If data are already being reported to one agency, there should be no need for it to be reported twice using a different format or under different requirements. By the same token, if there are gaps in our understanding, the OFR will identify them and propose ways to address those gaps.
A critically significant function is the OFR’s responsibility for proposing data standards. We live in an age where the volume of data is increasing at astounding rates. Some estimates suggest that 2.5 quintillion bytes of new data are created each day. The increased availability of data offers many positive elements: it can help firms improve their risk management by mining for trends in the data and enhance their consumer service by individualizing services. But, vast, unstructured amounts of data can bog down the daily operations of financial institutions and, even worse, cause systems breakdowns.
To avoid such breakdowns, we need standardized data. The OFR has the explicit mission to promote and develop standards to achieve quality data that firms can rely on. As many of you know, the OFR is working with policymakers, regulators, and the private sector to establish a global standard for assigning unique identifiers to parties to financial transactions. This project is called the Legal Entity Identifier, or LEI. SIFMA, GRMA and many of you in this room have played an integral part in moving this project forward. The LEI will allow for a better understanding of true exposures and counterparty risks across the financial system.
Standardized data can help financial institutions better assess future risks and plan for those eventualities, whether they arise from various macro-economic scenarios or problems with a particular counterparty. Standardized data can also assist with internal controls and improve firms’ ability to spot employee misconduct ranging from insider trading to violations of operational guidelines. So it is not surprising that Congress also conferred upon the OFR the explicit responsibility to develop financial risk management best practices.
Both promoting data standards and avoiding duplication in data collection are two examples of how government policies can benefit everyone and help the private sector be more efficient. Another critical role for government and the OFR is to develop means to protect data from misuse. While identifying macro-trends across the data may be a key risk management tool, it is important appropriately to safeguard confidentiality of information and anonymity.
Finally, let me turn to the Treasury’s Office of Critical Infrastructure Protection and Compliance Policy. This office is leading efforts to preserve and enhance the resiliency of the financial infrastructure against man-made threats such as cyber-attacks and terrorism, and natural disasters such as hurricanes and earthquakes. To this end, it facilitates the sharing of information among financial institutions, among the financial and non-financial regulators, and between the private and public sectors.
The financial services sector has been at the forefront of developing highly advanced, resilient systems infrastructure. I commend the work many of you sitting here today have done in this regard. As you all know, however, the pace of technological change requires constant vigilance with respect to systems breakdown and compromise. There is no need for me to recount for you the many well-publicized instances of operations failure. They range from malfunctions from within our systems, such as the Flash Crash of 2010, to intentional attacks from the outside. Our markets and systems are increasingly interconnected. As the Flash Crash illustrated, an incident in one entity or market – whether caused by faulty algorithms, lack of capacity, or data corruption – can affect multiple entities throughout the sector.
Our financial institutions, markets, utilities, and their service providers invest substantial sums of money every year toward cyber-security, disaster preparedness, and other resiliency programs. Likewise, financial authorities are also involved and actively monitoring trends in and threats to the system. At Treasury, we focus not only on preventive measures to mitigate risk, but also on robust inter-agency incident management. It is important to continue and to expand this partnership between the government and the private sector. To this end, for example, we are currently working on the National Strategy for Trusted Identities in Cyberspace (NSTIC) – an Obama Administration initiative to work collaboratively with the private sector, advocacy groups, public sector agencies, and other organizations to improve the privacy, security, and convenience of sensitive online transactions.
Access, Consumer Protection, and Financial Capability
Advances in technology are also woven into the fabric of our work and thinking on consumer-related issues.
Through the Office of Financial Education and Financial Access, Treasury is following developments in the area of mobile financial services with great interest. The mobile payments “ecosystem” has evolved dramatically over the past few years, tracking the explosion in popularity of mobile phones, especially mobile smart phones, and tablets. A number of companies are making significant investments in the space. Some industry observers claim that we may be near a point at which we could see a significant transformation of the existing payments system.
As with any potentially significant transformation of a business, we have to continue thinking about a series of possible public policy questions. Will non-financial entities such as wireless carriers and technology companies play a significant part in mobile banking? If so, what role will they play and what consequences would that have? What kinds of implications will the introduction of new actors and practices have on operational risk issues, such as systems security, reliability, and safety and soundness, not only of individual institutions but of the banking and payments systems as a whole?
There are also traditional consumer protection matters: how will mobile banking and payments address privacy and identity? Finally, there are financial stability considerations. How will an emerging banking and payments system affect the safety and soundness of the financial system as a whole? What will the future market look like in terms of a competitive landscape? As institutions adapt to the new technologies and business models, we will gain more insight into these, and other, important questions.
Technology advances also permeate the conversation on financial education and can influence the way in which consumers interact with the financial system. Once again, the mobile phone, and particularly the smart phone, has great potential to affect the provision of financial services: almost 85 percent of adults in the U.S. use mobile phones, and over 35 percent of adults use smart phones.
This technology has penetrated all communities, not simply higher-income consumers. These devices can be powerful tools to help consumers make informed financial decisions. For example, applications exist to help individuals manage their spending and to achieve their financial goals. One application allows customers to check their spending against preset budgets. Other tools provide consumers with daily balance alerts and warnings when monthly spending limits are about to be surpassed. There are also new applications that prompt and enable consumers to make real-time savings decisions. Leveraging technology to deliver timely, personalized financial information and advice is a powerful way to help families move towards financial security.
Finally, I would like to pause for a couple of minutes on the concept of smart disclosure. This is where financial capability and the increased availability of data converge to empower all of us who use the financial services system. Smart disclosure refers to the disclosure of information by government and business in machine-readable data formats, so that innovators can create new kinds of data-driven services, such as interactive tools that help individuals to navigate important financial decisions. Examples include the SEC’s new XBRL disclosure system for public company financials and mutual fund risk and return information.
Smart disclosure also refers to enabling consumers to access their own personal data and share that information with third parties of their choosing, in order to enable new kinds of services. For example, many banks allow customers to download their bank account transactions, so that customers can upload that data into services such as tax-planning software.
Treasury is working to promote smart disclosure for financial consumers. The IRS has announced plans to enable taxpayers to send electronic copies of prior-year tax information to authorized third parties, such as banks, which will be able to use this data to underwrite loans more efficiently. We hope to be announcing more in the area of smart disclosure in the coming months.
Although rules and regulations sometimes call for development of technologies to improve reporting, recordkeeping, and transparency requirements, we should conceive of the new technologies as investments, not burdens. We live, and will continue to live, in a world that is both empowered and protected by technology. Our understanding of business and economic activities improve from our ability to manipulate and analyze ever larger amounts of data.
Of course, government authorities need to be thoughtful about the information that they legitimately need to improve their regulatory oversight. They need to be thoughtful about which public disclosures will truly make markets function better and help protect investors. But, it seems short-sighted simply to dismiss technology-based requirements as a burden.
Once again, history can be our guide. The Securities Act of 1933 and the Securities Exchange Act of 1934 imposed on public companies significant new recordkeeping, reporting, and disclosure requirements. In private practice, I participated in preparing some of these reporting and disclosure documents, thus I know first-hand the effort required for their preparation. Those same statutes, however, have led to the public disclosure of critical information that has made our markets the most liquid, transparent and trusted markets in the world. This is yet another way in which smart regulation can improve markets and spur the U.S.’s innovation economy.
We are thinking critically about technology matters at Treasury because government can play a role in bringing together the creative energy of technology companies, which represent the spirit of the U.S. economy, with the financial sector, which long ago adopted that spirit of innovation in technology. There is increasing synergy between the two sectors. As exciting as this synergy is, we must remain mindful of potential risks. We therefore look forward to working with all of you to continue building and maintaining the public’s trust in our financial system.