From Innovation Hub to Innovation Culture

Speech by Nick Cook, Director of Innovation at the FCA, delivered at the 6th Central Bank Executive Summit

nick cook 1.jpg

Speaker: Nick Cook, Director of Innovation
Event: 6th Central Bank Executive Summit
Delivered: 4 June 2019
Note: this is the speech as drafted and may differ from the delivered version


  • Technology is dramatically changing the markets that we regulate — we must embrace this technology so that we can continue to regulate effectively.
  • Regulators should actively stimulate certain innovation within the market that we believe will deliver public value.
  • A challenge for regulators is how to instigate a cultural change whereby innovative thinking becomes part of our ‘business as usual’.

Today I want to talk about innovation and a change in financial services. Specifically, I want to talk about how data and technology have and are, changing the way we regulate, the ways we at the FCA have reacted to and embraced that change and how this approach has evolved over time.

Also, I’d like to speak about what I think regulators and central banks will need to look like in the near future, the actions we will need to take, the resources we will need at our disposal and the type of culture we will need to create; a culture where innovation and new ways of approaching old problems are considered business as usual, rather than being undertaken in a ring-fenced or siloed function unique and distinct from the organisation that it sits in.

Firstly, a little about my role at the FCA. Why does a regulator need a Director of Innovation and why now? The somewhat boring, operational answer, is that it is a natural next step in our innovation journey - bringing together the various innovation activities, both external and internal, that have grown and developed over time at the FCA into the one space. And that makes sense and it’s an area I’m delighted to lead.

My role is to help enable change — not only in the firms that we regulate and the markets that we oversee — but equally important at the FCA — so that we can continue to regulate effectively and achieve our objectives.

Obviously, there is a bit more to the role than that. Our CEO Andrew Bailey, recently said that regulation has traditionally been summed up by three verbs: to forbid, to require, to permit. In his view, a fourth verb should be added to this approach; to enable change — a regulator should enable change to happen that is consistent with its objectives.

This theme of change is present in our recently published business plan; a lot of which concerns itself with predicting what the future will look like, how we as a regulator have to think and act differently in anticipation of changes in the nature of firms we regulate; the pace of change of firms’ business models, consumers’ rising expectations for seamless digital services; Millenials growing preference for socially ethical products and; the emergence in our societies of generations with significantly different financial needs.

I’d therefore like to think that my role is to help enable change — not only in the firms that we regulate and the markets that we oversee — but equally importantly at the FCA — so that we can continue to regulate effectively and achieve our objectives. To protect consumers, to enhance market integrity and to promote competition.

Data and technology

The driver behind this need for change is in part the enormous and quickening pace of development and progress in the use of technology and data within financial services. The FinTech market is characterised by a number of key trends:

  • The volume of investment in technology is increasing — Global FinTech investment is running at a rate of more than $80 billion a year. RegTech spending is predicted to exceed $115 billion within the next four years.
  • Large technology companies are increasingly entering financial markets. Apple Pay is forecast to have 227 million users by 2020. Recent research indicates that 40% of consumers are open to purchasing insurance from Amazon, and 39% from Google. Alibaba’s Alipay has more than 520 million customers in China and more than 112 million in other parts of Asia. WeChat, with its 1 billion active users, processes more than 14bn payment transactions in a single day.
  • The speed of adoption is quickening – the introduction of ATMs occurred over two decades. The take-up of contactless payment was significantly quicker. Since their introduction in 2007, 108 million contactless cards have been issued in the UK. The value of contactless transactions has tripled from £653 million in 2013, to £2.3 billion last year. This trend is mirrored across the world. In 2018, WeChat added 102.5 million users in a year, while in India 1.3 billion people have been enrolled in the Aadhaar identification system used to provide access to government services, social benefits, banking and insurance.
  • Technological innovation, particularly Artificial Intelligence (AI) and Machine Learning (ML), are changing the ways firms do things — more than three quarters of insurers predict that the underwriting of non-complex risks will be undertaken entirely by AI and almost two thirds of banks expect AI to be used to design new products within the next 10 years.
  • Data, and it’s use, is growing exponentially — we are in a period of unprecedented data creation. Every day we send nearly 300 billion emails, 500 million tweets, share over 500 million photos, and make 5 billion internet searches.

Technology story so far

This dramatic change in the industry fed by these trends of rapid technology development, exponential data creation and the entry, of new large providers into financial services, poses interesting questions for regulators and central banks.

What, for example, is our opinion on technology? Its use can provide significant value to society but it can also be used, inadvertently or otherwise, to do harm. Are there certain technologies we are instinctively wary of?

Can we remain ‘technology-neutral’ in a world where technology is so embedded in the delivery of financial services and so fundamental a driver of consumer outcomes?

Should we talk solely in terms of ‘outcomes’ while remaining ‘agnostic’, or can we show a preference for certain technologies? Can we remain ‘technology-neutral’ in a world where technology is so embedded in the delivery of financial services and so fundamental a driver of consumer outcomes?

These are questions the FCA, and I suspect most colleagues in the audience are dealing with more and more. And, from my perspective, they have become more prevalent as our approach to innovation and technology has matured and evolved.

I’ll come back to these questions in a moment, but first I think it’s worthwhile describing where we started off at the FCA in encouraging innovation and where I think we are going.

When we began addressing the issue of innovation, we were very much focused on the external environment; how we could engage with the ecosystem and encourage firms to embrace new ways of doing things in the interests of consumers, helping firms with innovative business models to develop by providing bespoke regulatory support, and providing a sandbox where their ideas could be tested.

On the RegTech side of things we held TechSprints to encourage collaboration and new ideas, and we observed and supported proofs of concepts to encourage firms to think about how technology could make them more efficient at complying with regulation.

Such efforts have largely been successful in achieving the original aims we envisaged when we started out on this journey 5 years ago.

An evaluation report we published recently demonstrated some indicators of this success:

  • Nearly 700 firms have used our innovation services (sandbox, direct support, advice unit), with applications running at nearly one a day. Additionally, over 200 firms have engaged and actively participated in our TechSprints.
  • Groups of firms that have used our Innovate services have come to market and been authorised 40% faster than equivalent financial services firms.
  • Of the 47 firms that have completed sandbox testing, around 80% are operating in the market, with the necessary authorisation, and there are a further 63 in the pipeline.
  • Start-ups and large firms are actively engaged in these innovation activities.
  • Start-ups specifically, in the first cohort of the Sandbox have received over £130m of equity funding.
  • Of the 44 start-ups that tested in the first three Sandbox cohorts, almost half either received additional investment or were acquired during or after their test.

Global innovation

These numbers are encouraging but I guess the question from me (and a large part of my job is to ask) ‘What next? Now what?’

Undoubtedly, there is and remains a role for these core innovation services and functions. Clearly, they are having a desired effect in enabling new services and products to come to market in the interests of consumers, but we cannot rest and be satisfied, we must harbour and explore new ambitions and approaches.

And I think we are already showing signs of new ambitions and new approaches in three key areas.

The first area is an increasing focus on international engagement. On being a global advocate for innovation.  We have proposed and launched the Global Financial Innovation Network to help firms navigate between countries as they look to scale their new ideas.

The network now includes 35 organisations with an open invite to financial regulators and related organisations which have a commitment to supporting innovation in the interest of consumers.  The first cross-border tests involving multiple regulators in several jurisdictions will take place later this year. 

Our RegTech work is increasingly global, both in terms of international participation by firms and regulators, but also through the exporting of our TechSprint approach to other jurisdictions who are similarly interested in provoking new thoughts and ideas.

We have formal and informal knowledge sharing arrangements with the Monetary Authority of Singapore (MAS), Australian Securities & Investments Commission (ASIC), Financial Industry Regulatory Authority (FINRA), the Federal Deposit Insurance Corporation (FDIC),and we chair the International Organization of Securities Commissions (IOSCO) FinTech network. Depending on what the future brings, we will also be keen participants of the European Forum for Innovation Facilitators.

I think a natural part of the evolution of our approach has been this step from domestic to international, an area of engagement that will only grow.

Tech activism

The second ambition involves actively stimulating innovation within the market that we believe will deliver public value. Shining a light on issues where we believe innovation has the potential to deliver maximum benefits to markets, consumers and society.

In this vein, we identified GreenTech as a priority, calling for industry to develop innovative financial products and services to assist in the UK’s transition to a greener economy. We have recently announced that 9 firms have been accepted, and will receive support across the range of FCA Innovate’s services.

Another area where we have been vocal in our desire to see further innovation and progress is in anti-money laundering and financial crime. Last year we held a TechSprint to explore the role technology could play in preventing and detecting financial crime. One of the key learnings was the need for improved ways to safely and legally share data among relevant parties in order to identify and impede criminal networks.

In July this year, we will hold a second AML & Financial Crime TechSprint in London. The event will explore the potential for, nascent technologies to assist in the detection and prevention of money laundering and financial crime.

For this event we have deliberately and explicitly called out specific technologies, in this case privacy enhancing technologies such as homomorphic encryption, zero-knowledge proof and multi-party computation, that may potentially allow information and insight to be shared between financial institutions while remaining compliant with data protection and privacy laws.

We have previously seen the positive impact that publicly identifying a specific area of interest can have on technological development. In our early exploratory work into digital regulatory reporting, we found that we may have been unlikely to realise our ambitions without further investment and progress in the field of semantic data modelling technologies.
By making it known, through holding two TechSprints and various publications, that this was an area of regulatory interest, we have seen effort and investment improve the technology to the extent we are currently testing a working prototype with industry.

These are early examples of our changing approach and they will not be the only occasions or areas where we call out specific issues and problems to which we would like to see further innovation and progress. My hope is that it will be the beginning of a new way of doing things rather than an experiment; potentially having themed cohorts through our sandbox, identifying and calling out leading edge technology to engage with our industry to help tackle longstanding problems and being more tech-activist than tech-agnostic.

It seems to me untenable for regulators and central banks to not have an opinion on technology given it is so embedded in the markets we regulate. To not advocate the exploration of certain areas with certain technologies.  To not expect the adoption of new technologies and approaches, when certain outcomes in our markets are suboptimal.

There will always remain a need for us, particularly given our competition remit, to remain vendor-neutral. To not endorse particular companies or solutions.  But we must be technology-informed and we will need to have views and opinions on specific technologies.  We cannot be naïve or disinterested – we must be informed and active.

The regulator of the future

The third area of ambition is around changing ourselves as a regulator. To begin to feel and act like a regulator of the future, for the future. To instigate a cultural change within an organisation that goes beyond the creation of Innovation Divisions and Innovation Directors.

I think this is an ambition that most regulators and central banks around the world hold and are trying to achieve.  Adopting so-called ‘SupTech’ programmes to become more efficient and effective, to keep in step with the sweeping change that technology is instigating in the markets and firms that we regulate.

Some of the ways we at the FCA are doing this will be familiar to colleagues in the audience:

  • Increasing our data science resource throughout the organisation — moving it from what is currently a cottage industry to a core capability, federated across the organisation with such skills widespread and experience high rather than siloed in specific functions. 
  • Testing and exploiting new tools such as web crawling and scraping, network analytics and natural language processing — for a wide range of use cases. 
  • Seeking to improve the flow and quality of valuable public and commercial data sourced by the organisation.
  • Through our digital regulatory reporting work, we are investigating how technology can fundamentally change the interface between ourselves and regulated firms by making parts of our Handbook machine readable and executable.
  • In the longer term, bringing these data and analytics capabilities together to deliver near real-time monitoring of priority markets, to allow us to identify harm rapidly and to deter misconduct.

Bringing about this type of change is not without its challenges. The most obvious is that, unlike some other organisations looking to modernise, there is not an array of ‘off-the-shelf’ technology solutions available for regulators and central banks.

It seems untenable for regulators and central banks to not have an opinion on technology given it is so embedded in the markets we regulate.

The RegTech market isn’t fully able to service our needs at this stage. This is not a criticism of the market, like most other markets it responds to demand with supply. I don’t think we, collectively, have been sufficiently vocal about our needs and our desires to modernise and our appetite to adopt new solutions. Without this clarity, we have not and will not be identified as a meaningful and sufficiently attractive target market for the diverse players in the RegTech ecosystem.

This lack of readily-available solutions throws up a further challenge — we need to develop the solutions ourselves, in-house. This means we need access to people who can actually build these new tools and make sense of the vast amounts of data that we ingest, people who have certain skills that haven’t necessarily been sought by regulators in the past.

We can identify the skills we may need, but behaviours and attitudes are equally important.  We need data scientists and software engineers, behavioural economists, psychologists and others; and we need people who are creative, curious, enjoy solving problems and are high on both technical capabilities and social and emotional intelligence.

So, one of the most pressing questions for regulators and central banks alike is how will we attract and compete for these talented individuals? What is our value proposition?  Will we have to cope with faster turnover of staff?  And if so, how will we get those individuals to burn brightly but possibly only briefly during what may be a limited tenure with us?

We know that increasingly citizens are keen to pursue portfolio careers —  a job for life is a dying idea — we need to provide an environment and purpose that is stimulating, and harnesses the best of people's talents before they move on to other roles (possibly in regulated firms, possibly to other destinations entirely).

A further challenge is how we make this change lasting, essentially how do we make ‘innovation’ part of our DNA, our business as usual. It may seem odd for a leader of an Innovation Division to call for federating innovation capabilities rather than centralising them, but I believe we will not achieve the transformation and outcomes we desire if the innovation activities remain contained within a ring-fenced innovation functions.

We must empower and engage our wider organisation and federate new skills, capabilities and behaviours widely. For example, earlier I outlined some success measures we have recently published about our first five years of actively promoting innovation. How many of those same success measures will we publish to describe our work on promoting innovation in a further five years? Will we still be measuring certain functions, for instance, those that are essentially ways of supporting firms looking to test ideas and navigate an authorisation process.  Will those measures continue to be valid indicators of successful regulatory ‘innovation’? (Personally, I think I will have failed if they are).

Some of the things that will stand us in good stead are not so much in skills and structures but in attitude and appetite, a willingness to learn through experimentation and be curious about what is next on the horizon.

Or will and should they lose that label. Should those initiatives be moved out of the Innovation Division and described by the rather more prosaic term ‘business as usual’ or core activity? 

So ultimately, what should success look like for an innovation function within a regulator? Would the ultimate sign of success for my role mean that it doesn’t exist or need to exist in 5 years time? Will I have innovated myself out of existence? Fortunately (for me especially) I don’t think this will be the case.

But what should be the constants for innovation functions regardless of whether certain projects and initiatives eventually leave their realm? How do Innovation hubs remain relevant and unique as today’s innovations become mainstream?

For me, the things that will stand us in good stead lie not so much in skills and structures but in attitude and appetite; a willingness to learn through experimentation, to be curious about what is next on the horizon, to be comfortable with complexity and ambiguity, to engage with diverse thoughts and to bring them into our organisations; to be willing to fail fast and learn quickly, balancing ambitious moonshots with readily achievable quick wins; to grasp the bleeding edge and strive for progress, so that we become employers of choice for the new skills and people we need; so that our technological and data capabilities are respected by the honest, and feared by the nefarious.