Evolving technology and heightened regulatory standards are distinct, yet intertwined, forces shaping the future of U.S. banking. In many respects, increasing regulatory expectations are a material cause driving banks’ technology investment. For example, according to Infosys, growth of IT spending for regulatory projects, at 4% between April and Sept. 2024, is likely to outpace overall growth in IT spending.
Federal banking regulators have and continue to view operational resiliency and cybersecurity as top issues and key priorities for supervisory strategies.
As such, banks should make sure that they are adequately investing in systems and people. This is just as important for community and regional banks as it is for the global systemically important banks (GSIBs). For example, regulatory requirements and expectations for Bank Secrecy Act and anti-money laundering (BSA/AML) compliance, along with cybersecurity investments, are table stakes for banks.
Some of the key industry dynamics driving banks technology and regulatory priorities are:
- Cybersecurity
- Operational resiliency
- Climate risk
- Financial crime
- Product innovation
- Consumer and CRA compliance
An ongoing need to invest in technology and stay on top of regulatory demands are expected for banks in the digital age. But with many competing IT priorities, how are small and midsize banks keeping up? So far, this has mainly been through the use of third-party vendors for many IT solutions. While these allow smaller banks to keep pace with evolving technology and heightened regulatory expectations, a bank’s reliance on third-party technology vendors is itself garnering regulatory scrutiny and will likely require a more-nuanced approach going forward, with increasing expectations around the safety and soundness of these relationships for the bank.
In terms a growing technology spend, artificial intelligence (AI) and cybersecurity have been the main areas of focus, collectively accounting for upwards 60% of quarterly bank technology budgets, according to Infosys. Financial crime, a growing menace for banks, will require the aid of technology to combat. While the direction of travel for both technology expense and regulation is up, banks will need to make sure their technology spend really is advancing their innovation and regulatory compliance objectives.
Technology investments can be seen as a cost center, and therefore there could be a tendency to spend only what is deemed necessary. But if technology investments are disciplined, they could in fact create a competitive advantage, especially in an already competitive environment.
Data is gold in the digital age, so harnessing and protecting it should be viewed as competitive weapon. Longer term, a bank’s ability to realize efficiencies from technology through increased scale will be a critical determinant of long-term success.
Banks will need to balance technology spending and regulatory pressures, and therefore will not want to underspend nor overspend. That is why a bank with a very low and enviable efficiency ratio may be underinvesting in its future, while a bank with a very high efficiency ratio may not be spending carefully. Understanding how a bank benchmarks in terms of technology spending relative to peers and the industry should be serve as helpful guideposts.
It should be noted that while bank executives believe technology will ultimately lead to demonstrable efficiencies, the aggregate efficiency ratio of the U.S. banking system has largely hovered around 68% from 1950 to the present despite many technological advancements such as mainframes, personal computers, internet adoption and AI. What these figures do not show is that these technology advancements enabled banks to act on a scale that would not have been previously fathomable. So, while advancements have not translated into lower efficiency ratios, due to the need for ongoing technology investments, they have allowed banks to conduct increasing volumes of business. Importantly, oftentimes the main beneficiaries of technology advancements have largely been end-user customers.