On Wednesday, we noted that the Financial Stability Board has again surveyed the crypto-asset landscape, finding yet again that crypto-assets pose a lot of serious worries but do not yet threaten financial stability.  National regulators thus are told again to watch vigilantly for signs of real risk and then intervene.  How is not specified nor, even more importantly, is any thought given to whether regulators will be able to mitigate rapid-firing system risk if crypto-assets crumble and prove more systemic than anticipated?  Whistling on the sunny side of the street even as the U.S. stock market crashed, the FSB’s new crypto-asset policy is yet one of a series of global pronouncements about emerging risk – some deemed as very worrisome – that regulators are nonetheless told to ponder very, very seriously without doing anything much about them.  Some of this indolence is due to post-crisis confidence in big banks as bulwarks of global financial stability.  However, I suspect most of it is really the result of internal bickering, ongoing efforts to get every detail of the big-bank rules just right, and strong pressures from the sectors subject to monitoring making it even harder for hesitant regulators to intervene.  Sound familiar?  Reminds me of the commitments to monitor mortgage risk starting in about 2007 accompanied by strong assertions that the populace had nothing to worry about because the U.S. residential market was regional, not national and, in any case, the regulators had our back.

Are crypto-assets the only emerging risk that policy-makers think not ready for prime time?  One might be more sanguine if it were, but it isn’t. 

The same day the FSB reiterated its “wait-and-watch” crypto-asset policy, a top IMF official issued his worry list.  As we noted, the IMF’s financial-stability watch list is long.  In addition to fretting about externalities such as a no-deal Brexit beyond regulatory reach, the IMF has its eye on procyclicality even though much of this comes, as noted in the statement, from sustained accommodative policy that has stoked the asset-price bubbles central banks and regulators have observed with growing alarm and continuing inaction since at least 2016.  Other near-term priorities include an IMF call for new underwriting standards for non-banks even though most are beyond the reach of home and host regulators and liquidity-risk standards for asset managers on which the FSB has apparently given up after years of urging action along these lines.

And, as with the FSB, the IMF and World Bank are alarmed by cyber-security and fintech but unsure what to do about it.  In my view, the fintech risk poses particularly significant challenges.  As we noted in a recent paper, the FSB says it fears that giant platform companies could quickly become oligopolies.  Again, it says let’s just see, but what if it’s right?  The Basel Committee is busily contemplating a near-term future in which banks are disintermediated in favor of fintech, a forecast that reinforces the fears I expressed earlier this week about the structural risk embedded in the ongoing transformation of regulated financial intermediation into largely-unregulated data intermediation.  Do we really want artificial intelligence determining our financial fate?  I guess we’ll just find out, assuming nothing crashes along the way. 

Our work suggests that global and national policy-makers should do more than wait for clear signs of trouble – a breakdown at a major cloud-computing service provider is a case in point.  Massive data breaches at platform companies with their fingers on both financial and commercial data are already legion, but only talk – not action – addresses what might happen with a cyber-security breach or, worse, attack.  In any such case, it’s not just the fintechs at risk, it’s all of us who rely on them and the financial institutions increasingly inter-connected with this complex, black box, proprietary, and often-secretive sector.

Caution about heavy-handed intervention is warranted, but the hands-off approach to increasingly potent risks is going limp. Bank regulators are fond of demanding that big banks have contingency, resiliency, recovery, and resolution plans – one reason they take such confidence in bank stability under stress.  Regulators should demand the same of themselves – plan ahead for the unexpected, don’t wait for it to happen and assume it can somehow then be readily managed with a bit of market discipline and a really hard regulatory slap on the wrist.