(Build Back Better VI) Building Back Better 6 – Central Banking and Supervision in the Fast-evolving Digital Era
Thursday, Dec 02, 2021

(Build Back Better VI) Building Back Better 6 – Central Banking and Supervision in the Fast-evolving Digital Era

The Road to COP26: Central Banking and Supervision in the Fast-evolving Digital Era

Cecilia Skingsley – First Deputy Governor, Central Bank of Sweden
Juan Pablo Graf Noriega – President, National Banking and Securities

Moderated by:
Babak Abbaszadeh


Listen to the Podcast 


Watch the Webinar


Read the full transcript

Speaker 1: You're listening to a Toronto Centre podcast. Welcome. The goal of TC podcasts is to spread the knowledge and accumulated experience of global leaders, experts, and world-renowned specialists in financial supervision and regulation. In each episode, we'll delve into some of today's most pressing issues as it relates to financial supervision and regulation, the financial crisis, climate change, financial inclusion, FinTech, and much more. Enjoy this episode.

Babak: Hello everyone. Welcome to Toronto Centre, I'm Babak Abbaszadeh, the CEO, and this is our discussion on building back better, our sixth and final one in the episode. Today, we will look at how central banking and supervision are evolving in the digital era. Since our inception in 1998, Toronto center has trained more than 15,000 central bankers and supervisors from 190 countries and territories to build more stable, resilient, and inclusive financial systems. Today, these objectives are more relevant than ever. COVID-19 and its variants are continuing to have a devastating impact in developing countries. According to the World Bank's latest estimate, almost a hundred million people fell back into extreme poverty during this period. This pandemic has had a disproportionately negative impact on vulnerable populations, including poor women in cities and remote rural areas. On a more positive note, the pandemic has accelerated digitization in the financial sector, but there is no free lunch. With every opportunity comes challenges.

For example, in developing an emerging market countries, the pandemic has heightened urgency for supervisors to meet the challenges of underdeveloped digital financial services and infrastructure. This intensifies pressures on supervisors for monitoring systemic risks in the financial system and preventing cyber crime and fraud. Dealing with these supervisory issues is the subject of several Toronto Centre courses. Today, our distinguished speakers will provide us with their perspective on these interrelated challenges. We have distributed their bios to you. Juan Pablo Arango Noriega is the President of the National Banking and Securities Commission of Mexico. Cecilia Kingsley is the First Deputy Governor, Central Bank of Sweden. Welcome Juan Pablo and Cecelia, it's great to have you with us today. Toronto Centre's mission is generously supported by Global Affairs Canada, The Swedish International Development Cooperation Agency, The IMF, Jersey Overseas Aid, Comic Relief, and the USAID.

We will have three rounds of questions. I will pose alternating questions to each speaker, and then I will take questions from the audience. I encourage you to use the Q&A tab to submit your questions. Let's begin. For the first question, Juan Pablo, I want to go to you. The pandemic has accelerated adoption of financial innovation around the world, especially in Mexico. You have a very large country with a complex financial system; as a senior supervisor, in your opinion, is the adoption of new technologies in the Mexican financial system happening as you expected? I wonder if, when you're answering this question, can you also comment on, is it improving access to financial services for the poor, especially in rural and remote areas, including women? Thank you.

Juan Pablo: Thank you, Babak thank you very much for the invitation to participate in this panel. Hello, Cecilia, it's a pleasure to share the panel with you. It's been a rough time all over the place, but one of the things the pandemic has brought to us and, I guess, to many other countries is an acceleration of digital banking. We've seen important changes in indexes to banking, to FinTech and other non-bank financial institutions that it's becoming more digital. The numbers, I don't want to go through that in detail with numbers, but especially as you were asking during the last two years, the number of mobile accounts per 10,000 adults have recent 24% net nationwide, and this increase has been higher in rural localities, with a surge of 40% during the same period.

That gives you an idea of what is going on. Digitalization of financial access habits started well before. For a country such as Mexico, the broader coverage of internet services and the broad use of mobile phones and apps allowed for this acceleration to take place during the pandemic. Banks are at the heart of the financial system in Mexico, and they have been working with their main institutions in trying to give better digital services to the population as a whole. They've done very important [inaudible 00:05:49] by regulation by remote onboarding, so for that, they have been working with biometric identification technologies. They have done, also... Push a bit by their regulation. They are entering into the open banking era. They will have to share the customer's data when customers want to share the data to get better services.

But this has not been restricted only to banks. It has to be said, some banks, instead of moving their main institution towards the digitalization that some banks are doing it, others bank have chosen to create sister banks within their financial conglomerates to have a digital bank, branchless banks to compete, even with the main operations. We have seen the Mexican... The variety of financial services and the origin of shareholders in the Mexican system, so why would banks from North America, Europe, and Asia working in Mexico know these things. But non-banks are also catching up, and some specific deposit-taking institutions that are not banks are also trying to do some efforts here, and substantial investments are also coming into the system. Our efforts to do this have been a campaign by our supervisory process, our regulatory process, especially in the area of onboarding, and how much operations can be made... what kind of operations can be made through digital channels?

These do not comes without risks. From operational failures of the institutions that have to be monitored quite carefully, mitigation techniques have to be taken in banks, but we have seen, of course, a lot of risk there, and also on cyber crime. That's something that has to be taken into account when people go on the digital transformation, the digital use of banking, they have to be very careful on this old work of education, so people can protect themselves from cyber crime that is also present in countries such as Mexico. I will start there, Babak, thank you.

Babak: Thank you, this is a really good overview, and you highlighted some interesting challenges, especially with the non-bank and other institutions that are not, I guess, as well-regulated. It's a challenge for all of us to try to cope with these issues. And by the way, I forgot to say, it's great to have you as our North American partner. It used to be called NAFTA and I can't keep up at what it is, but thanks. One point for our audience would be very interesting, we have participants from 55 countries, ranging all the way from Albania and Argentina to Zambia and Zimbabwe, and every letter of alphabet in between. I'm very impressed, because in most of the parts of the world, outside of the America's continent, this is already touching your late afternoon, evening and well into the night, so that's great.

Cecilia, turning over to you. It looks like you're talking to us from the jungles of Stockholm. It's a great background, I love it. Instability in the financial system disproportionately affects the middle classes and the poor. Despite advantages, financial innovations also create risks, including cyber risk that can impact financial stability. This is already a very significant risk and is likely to grow considerably as online banking and other forms of digital financial services become even more prevalent. Would you please elaborate on the key steps in mitigating the increasing cyber risks in the financial system that you and other regulators and central bankers are seized with? Thank you.

Cecilia: Well, thank you, Babak, and thank you everybody for tuning in this Friday morning, afternoon, or evening. Let me first start with saying that I think digitalization is a tremendous force, that if it's harnessed in the right way, it can create a lot of good effects to a society. What we have seen in terms of digitalization in the financial sector, it's not new. It has been going on for decades, really, and we also see that it brings significant benefits. We can see that it can increase financial inclusion, and also enhance costumer experiences of financial services of different kinds. I think we're still in the middle of a very long wave of development here when it comes to digitalization, it is still increasing in pace.

My days takes is now pretty occupied by thinking about what is going on in the payment systems and the infrastructure that support payment services in real time, and the onboarding of what's called fast payments in many countries. There are also other solutions that could enable faster and cheaper cross-border payments, which is something I could come back to, but it's certainly an area where there is so-called room for improvements when it comes to individual's ability to make cheap and faster across border payments. But as lie in your question, the developments also come with increasing risks, and it's crucial that the systems we build are built in a way that are both resilient, but also foster innovation. Central banks being the guardians of money in their respective countries, on supervisors have a very natural role to fill here as being the guardians and the leaders when it comes to getting the cybersecurity in the financial world to work.

There has been, obviously, a global increasing trend of cyber attacks. It seems to have accelerated with the COVID-19 pandemic with a higher digital adoption and the working from home arrangements in many countries and societies. How, then, to mitigate the cyber risks? Well, we first step to accept them. My colleagues and I on the executive board at the Riksbank, we have spent growing amount of hours, I would say every year and the last couple of quarters, learning about the IT systems, the IT providers and making sure that we know enough about this in order to be good managers, and having the right governance in these kind of activities. That's really the first advice I would like to give to anyone thinking about this, make sure management understands and support the need for mitigation, because it costs money, and then you have to make the sufficient investments.

Following all the relevant regulations, standards, and guidelines are also essential because they change over time as we learn more about this. Another thing we've learned in my part of the world in building resilience is to have a well-functioning cooperation and coordination among stakeholders in the financial system. It's after all, an ecosystem, and as with all ecosystem is if one unit or part gets in trouble, then it affects everybody else as well. We have quite a long history of private-public collaboration in the financial sector. There is an organization in Sweden, we call it the Financial Sector Private Public Collaboration. It's has an acronym called FSPOS, and it was founded back in the early nineties. It has a focus on exercising operational resilience. It creates exercises for the Swedish financial sector as a whole, coming up with plans, exercising different kind of attacks and different kinds of crisis is a good way to figure out where the gaps is, and over the years, the acronym FSPOS has increased its focus also on cyber attacks.

The Riksbank and the Swedish Financial Supervisory Authority is not only doing this. We are also working on a particular new cybersecurity strategy for the Swedish Financial Sector to further enhance cooperation and more clearly define roles and responsibilities among different stakeholders. The area is constantly moving, and one has to bear in mind that in case of cyber risks, also new authorities come into the play. The authorities that deal with the financial sector, such as ourselves must now learn to cooperate with authorities, also, that deal with national security and intelligence agencies. The last thing I'll say about this, one important conclusion that we have made in the Riksbank, is the importance of cooperate with other central banks. We have, for example, just taken the decision that instead of probably staying on to our known national RTGS system, or real-time gross settlement system, in the future instead moving to become a part of the Euro system's platform for settlement in payments, which is called the T2. There are several arguments for why we want to move in this direction, but in this case, what we're discussing...

PART 1 OF 4 ENDS [00:16:04]

Cecilia: ... this direction, but in this case, what we're discussing today, we think one of the reasons is that by joining the Eurosystem T2, we can then share resources with others, our neighbors in Europe, to achieve the highest possible level of cybersecurity, because it's costly and you need friends in this world. I'll stop there.

Babak: I think we all need friends and we all need a hug, [Cecilia 00:16:26], given all the challenges that are happening right now. I like the way you connected the dots, also, in terms of it's not really a developing country challenge, as I mentioned in my opening remarks, but developed jurisdictions are very much seized with these challenges, as well. So I like what you said about accepting them. So I don't know if that's the beginning of a serenity prayer, or just stops at accepting cyber risk and trying to deal with that.

Let me move to another question to you. It's another important risk referring to risks rising from fintech and the related outsourcing trend to the cloud and other associated risks. What are your views in this area? Thank you.

Cecilia: So I think first of all, outsourcing brings clear benefits. It creates efficiency. It can actually also add security because, in a sense, it's pooling our resources. This is particularly important if you are a small institution or work in a small economy that I think Sweden is. But outsourcing also bring a new set of challenges that you have to address.

First of all, you have to know what a good procurement looked like. We have learned a lot about that. We outsourced our IT service provider about eight years ago, and we recently changed from one provider to another. And each time you do these things, you have to be really good at the details on what you're buying and what you're not buying. So outsourcing is good, but know what you're buying.

And when it comes to cloud, there is a possible concentration risks here. The market for cloud services is heavily concentrated, and it is important here that supervisors work to gain an overall picture of dependencies that they have in their jurisdictions. It could be very beneficial. It is beneficial usually for individual institutions. But outsourcing to cloud services may also lead to risks on the system level. So here, supervisors need to be on alert.

Second, regulations. The supervision becomes also harder when important financial institutions outsource to cloud providers, which are very large corporations in many cases. And here, we sort of see an example of where the game is being leveled up. There has already been guidelines coming out from the BIS and the FSB. I know there is more important work coming out in this field. Also, the European Union is working on addressing the risk when it comes to cloud services. They are producing a proposal for what's called a Digital Operational Resilience Act, called the DORA. And the part of this DORA proposal is that EU will implement an oversight function of third-party providers that will become systemically important for the financial system and the European Union. And I'm a great fan in recycling. And I hope that this DORA initiative will become an oversight function. Might be something for other jurisdictions to pick up and organize, as well.

Cloud services are a type that can be, as I said, systemically important. They are not financial firms that's not subject to financial regulations. They are not supervised as financial firms. And as the use of cloud services increase, I think the importance of these providers becomes more critical for the financial system and the concentration risk for the finance sector. While current regulations stipulate that financial firms are responsible for their own outsourcing. However, they mention concentration risks in mind, I think the risk for the financial system as a whole might exceed the risk for the individual outsourcing arrangements. So I think it will make sense that systematically important third-party providers get supervised more directly.

The last thing I'll say about this is that we also see that big techs are coming in to the financial system, coming in some jurisdictions on quite a large and grand scale. And given the extensive reach of big tech firms, the impact of a movement into financial services could come with high speed and a large scope. And this is something that regulators carefully need to assess. The traditional answer usually is if there's same activity, it should face the same regulations. It's usually applied to financial services that sort of fall outside the scope of traditional entities.

But I am personally not sure that that approach, same activity, same regulation, is enough when it comes to big tech firms. Because not only do they have great scaling capacity, when they introduce new services, they can also be ex-ante have to meet criterias for being systemically important financial institutions, and need to be treated accordingly. Big techs can really dazzle you. So I think we who are on the public side need to think about whose interest we want to protect. And these are the things that I sort of repeat every night before I go to bed: safety, efficiency, competition, inclusion, transparency, data protection. Public goods, basically. That's what we need to maintain. Thanks.

Babak: Thank you very much, Cecilia, I'm very impressed that that's what you say before you go to bed. I think you don't want to hear what I say after a long, hard day. But very interesting insights. Thanks. [Juan Pablo 00:22:33], let me turn to you. What have financial authorities in Mexico done to foster the use of new technologies in the financial system? Considering all the risks we talked about, what have you guys done in that area?

Juan Pablo: As in many other countries, technology allowed a rapid development of new services, financial services in the industry. So Mexico decided to go for a regulation of the use of financial technologies in the system, and to review its approach to the use of technologies and service providers for banks and all these important things that Cecilia mentioned. But we enacted three years ago, a new fintech law in the country. I think it was one of the first to be introduced. And it basically provided for two new fintech entities; one for crowd funding, another one for e-wallets, electronic payment fund institutions. So we've been working hard on this, and I authorized already more than 50 fintech institutions in the country, a bit more on the electronic payments than in the crowdfunding side.

This is going to give strong incentives for competition. And some of these companies can make a difference in giving access and bank the people in Mexico to get services, especially in the area of payments, but also in the area of receiving loans through these collective financial institutions. But it doesn't stop there. Our fintech law also provides for a regime of open finance, where all the customers that want to share their financial transaction data in a secure environment can do that and obtain the benefits of other providers of financial services to do better services for people. It also goes to the part of sandboxes, so we can see what are other forms of financial services that provide with the new technologies.

So that's the part of our fintech industry that is growing quite rapidly in Mexico. Again, with a lot of investment, as already said by Cecilia, a lot of interest from smaller startups, but attracting, of course, the attention of big techs and providers of services in the cloud services and all these services that are so important. So we're nowadays looking on how to set the right balance between inclusion, the freedom of providing services with the security of data and protection of customer data.

Let me tell you also that in the field of technology, that our own institution, it's doing great efforts to modernize the way it interacts with the supervised entities. So we are using technology here. We are developing our sub tech framework to get data and to analyze data and to be able to spot emerging trends quite rapidly with the use of technology. This has been facilitated by support and working together with the United Kingdom and support from the World Bank to get specialized training of the staff and the construction of a roadmap to better equip ourselves for this challenging use of technologies and to do our regulatory and supervisory work in this area.

So I think that is the main messages here. Our fintech industry developed under strong regulatory footing framework, together with these opportunities. But also, allowing banks and accompanying banks in providing this technological service, starting from onboarding, but also, the operations on deposit taking credits and another activities. Working together with the Central Bank in Mexico for these rapid changes that we are seeing in the area of payments, where we collaborate with the Central Bank and other authorities in Mexico to see that this digitalization of payments comes fast to give a lot of opportunities to Mexicans. But also, as Cecilia was saying, on a strong basis of security and protection of data.

Babak: Thank you very much. Sounds like a very thoughtful approach and good luck to you and Mexico for a strong implementation. Cecilia, turning to you. Amongst other responsibilities, you are also chair of the Future of Payments group of the Committee on Payments and Market Infrastructure, or CPMI. What role does Central Bank Digital Currencies play in improving the digitization of payments, especially cross-border payments? Thank you.

Cecilia: Well, thank you. So that's a super interesting question. I will try to be fairly brief. So the G20 identified, what, year and a half ago, that there was room for improvement when it comes to making cross-border payments cheap and faster and transparent for individuals. So an agenda consisting of 19 building blocks were put together. 16 of these building blocks are focused around improving the current systems in many different ways. Important job are being done in this building blocks. And I was honored to chair the three last building blocks, which is looking into technologies and possible infrastructures that not yet exist on a grander scale. So it is about creating interoperable platforms. That's building block 17. It is stable coins, whether they can be used in a safe way to improve cross-border payments. And last but not least, building block 19, whether CBDC, Central Bank Digital Currencies, can play a role in a cross-border perspective.

I don't know how this will play out. We published a first report in July where you did a stock taking about current projects and looked into possible models where CBDCs can be used for cross-border payments. But our work continues and we will go deeper into these issues. So far, most of the examples we have been looking into has been more wholesale CBDC, so not accessible for individuals. But we all know, and my own country is an example that many country's Central Banks are looking into CBDC also for retail use. Meaning some kind of digital cash being a default option for those who doesn't want to, or doesn't have access or are not being let into the conventional payment system with bank accounts and the likes.

And as domestic CBDCs are being launched in various countries going forward, because I think that is something we will see, one can also start to think about how domestically used and created CBDCs could be fit into making possible for use and for cross-border transactions. And this is way ahead into the future and a lot of work around this remain. But my aim is to try to provide the G20 government sort of a roadmap, or perhaps almost like a blueprint for if the will is there, how retail CBDCs could be used also for cross-border payments. Well aware that these are-

PART 2 OF 4 ENDS [00:32:04]

Cecilia: Across border payments. We're well aware that these are questions about legislation and national decisions that every country needs to be taking. And as I said, a lot of great work is happening in the many building blocks about standards, about service levels, etc. I don't think CBDCs are the one and only solution to the cross border payment frictions that we have observed, but it's certainly an interesting issue to work with. Thank you.

Babak: Thank you very much. We certainly would love to learn more about your work at CPMI. So whenever things are available, we'd be happy to share it with our community as well. Thank you. Juan Pablo, I'm going to go to you as the last structured question. We have a number of questions from a bunch of people, and I want to get to them. So my last question to you is could you please share with us your views on KYC obligations? For those who don't know, this is the know-your-customer and opportunities for cross border payments, including for remittances in Mexico. And if you know anything about other jurisdictions, but if you could just address that a little bit. Thank you.

Juan Pablo: Thank you. I think it comes nicely after the last part of Cecelia's intervention in the name of how to use technology cross-border transactions at the retail level. So those efforts, technological efforts that Cecilia was mentioning, have to be combined with due diligence and very good work by financial institutions that will be involved in this kind of future transactions in the aim, as you put it, know your customer, know that we create safe systems, even at retail level for these transactions to take place. In the Mexican case, it's a very important having a very important source of income for the economy and a strong relationship with migrants of Mexican migrants living in North America and other parts of the world and having to make these transactions in a safe way.

So what we have been doing is to work with institutions also in this efforts that we better use technologies to work on know your customer obligations, that institutions must meet to comply with their regulation. There will be a cost on this, but this is well-paid to construct safer systems where those moments of payments are safe and approved against any threat to integrity of these systems. We are in line working in another standard setting body here, the FIFA. We are members and work together with all our colleagues to enact and guide all of our efforts worldwide to have a comprehensive set of rules and directives and guidance from PATPA on how institutions should be moving. That is at the international level, but domestically, we're working hard on how these accounts can be open when they're going to be used, especially for cross border transactions, what kind of identities can be used?

There is a very important effort here that has to be done outside the financial regulatory authorities remit with those issuing those identities that can have a strong biometric foundation so people can be identified easily when doing a transaction in their retail payment. So we're working with the ministry of finance, the ministry of foreign firms, the central bank on developing banks in Mexico to have a joint strategy that aims to reduce costs and risks related to remittances received by the families of migrants. We are working especially with a development bank so things can be moving quite fast and they get to the corners of the country where migrants send their money. So this development bank is making their efforts to have not only digital opportunities, but also as is part of our rural areas and poor areas of the country.

Also, we'll have to have some physical presence of our development bank to help these transfers to be made more easily. And we will be working with co-operatives and the other credit unions at the very base of the pyramid to work on this identification of clients. So our systems that we develop in the area of retail payment systems cross-border are safer. So this is basically what has to be done in working with the private sector here, but therefore that are being done internationally to set standards on the identification of clients at the retail level, it is very important for us to work collectively with other countries so we can understand each other when we come to this phase that says Cecilia was talking about, that the development of these retail cross-border payment systems are used effectively to get the range of very specific needs, such as in Mexico, the case of remittances.

Babak: Thank you very much. Now we're going to move to the open section. I acknowledge a number of people who have put questions. Calvin, Betty, Jose, others. We'll do our best to get to all of your questions. Let me start with a question for you, Cecilia. Your question prompted one of our viewers to say the Swedish public private partnership to test cyber security risk is amazing. Could BIS work with you to develop and share this approach with other jurisdictions to help them be ready for and address risks? What are the plans to make this a little bit more available?

Cecilia: That's an excellent question. I haven't really thought about how to do that, but I take that as an encouragement to get in touch with our colleagues at the BIS and see if we can be of any help to scale up the knowledge about how to make these arrangements. We have good experiences from it, so I think it's worth distributing.

Babak: Good. Thank you so much. And Juan, I'm going to go to a question from one of our friends and former program directors, Calvin. Hi Calvin. Calvin Johannsen. With El Salvador's use of Bitcoin, which really surprised a lot of us they decided to use it as their Fiat currency. Can you comment on angel the ripple effects in Mexico and how your supervisors are including consideration of cryptocurrency developments in their supervision work? Thank you.

Juan Pablo: Thank you. That's another important area of development also in Mexico. Our approach has been completely different, but as I said earlier in our FinTech blog, there's a special section about crypto assets. So it basically says that our financial intermediate is regulated and supervisor intermediates can operate with those crypto assets that the central bank authorized. So at the moment, there is none of those crypto assets authorized. So our financial service providers, banks, brokers of FinTech firms, and all this cannot operate in services for their clients with crypto assets up to the moment. So this has two important consequences. They can still use the technology behind the crypto assets for back office operations or even the crypto assets, but this regulation doesn't allow them to operate with their clients on buying crypto assets or nominating financial transactions in crypto assets.

I think we all know that at the moment, this is an area moving quite fast and these services do not look like they comply with the functions of money, probably some types of investments are more on the speculative area. So our approach in Mexico has been very different with this. We see a lot of volatility, lack of transparency on these systems, so as to permit that the whole financial system can get involved in this part. Of course, let's say that there will be some platforms providing the system for buying or trading with the crypto assets. Those are outside their regulatory perimeter, they can sell business in Mexico, but will not be regulated by the financial authorities. That is so far our approach. And I think until we see, and especially more that these crypto assets can work fine, we will pay attention to this.

That doesn't entail that the development of stable coins are not looking in a different way in Mexico. I was telling you that our FinTech law provides for these electronic payments, e-wallets. Those are firms, regulated firms that can distribute among their clients payment, facilities, cards, electronic payments, mobile payments. And if I was going to put it, those firms will have an investment regime with the money they get from people. People will be doing payments all through the day with their e-wallet, but that at the end of the day, their resources have to be kept safely in bank accounts. They can be kept at the central bank or invested in treasury securities. So that could give you a view that we will not be far away from this concept of a stable coin and much more conservative and regulated, that the funds collected by these firms are kept safely with an investment firm that I already described.

Babak: Thank you. Thank you. It's very thoughtful there. Cecilia, we got a congratulations from our friends in Brazil. So thanks for helping us get that. So the question is do you believe that future financial crises will spread faster and faster through the financial system due to strong digitization of markets and that supervisors or central bankers will have to come up with ever faster responses? So what's your view on that? Are we just putting ourselves in a threat mill and just chasing our tails all the time?

Cecilia: That's also an excellent question. I've learned the hard way I should try to avoid making forecasts about the future. I need to do that. As a policymaker, I need to stand for something and then I have to make my policy decisions based on that. But it's really hard to know, but just taking history as a guide, yes. When more and more things goes real time, then potentially troubles can also move faster. But that said, we have also learned a lot about how to mitigate these things, both ex-ante and also when it happens. And I like to think about the financial system. A parallel that I like is the aviation system that we have built in the world in the last 70, 80 years. Most of us are pretty happy walking into a plane and sitting down on the chair and it takes us from A to B.

And we usually have quite a faint idea or no idea at all about how it actually works, but we trust a set of complete strangers that they have done their jobs so I will be delivered safe in a safe way. And I think it's a bit like the financial system. We need on the public and the private sector side carry on to develop it because we have to, because technology moves, society moves, people's preferences changes, and then we have to be there and making it as safe and efficient as we can. We can't stop time. We can't stop the future. But what we can do is to make it as inclusive and secure and resilient as all these things I mentioned before.

Babak: That's really about all we can do. Right?

Cecilia: Yes.

Babak: And especially in a world where there's an erosion of faith and trust in authority. Right? We're seeing that in so many different ways. So Jaun Pablo, let me go to you on this one. Not a question, this one, actually, I'd like to also... You're not only a supervisor, you're also a former central banker, right? So you have a very interesting vantage point. With respect to open banking, one of the most important concerns is related to information security when the information's in the hands of third party participants for whom would not be easy to reach. So what can be done about that? How to deal with it from a vantage point of view as an authority when it comes to open banking and information security and all that?

Juan Pablo: That's one of the issues that is on top of our agenda these days, Baback. It's a very challenging issue. How to protect customer's data and they have been working on that, but they got to be very careful on how they manage this information. Invest more in technology so this doesn't come to an area where operational risk is still high, but there's some technological developments that can mitigate these risks now. So that's on the part of those that have the customers' data today and-

PART 3 OF 4 ENDS [00:48:04]

Juan Pablo: Have the customer's data today, and they are missing this data. But now that this data could be shared with third parties, no, this has to be done in a very, very safe way. I don't have a precise answer to this, no, to be frank, but we're working on the standards we'll be using for this sharing of data among those that have the data and those that want to use the data and provide the data.

Together, that will also have to be dealt with financial education on the side of customers, no? Because at the same time, and as we're saying during the pandemic, because of cyber crime and those things, we were financial authorities and financial institutions principally, they were telling customers to protect their data, to keep it safe, do not share your data. But that was basically your access data to your account and all these things, no?

In open banking, for customers to benefit from these services, now the challenge is to convince people that it's good to share, that their transactions data can be seen and analyzed by others in order to make better use of those experiences of data, of transactional data to get better services.

This is at the retail level, but especially, I think where we're going to do a lot of progress and there's a lot of interest is in the area of using small and medium-sized [inaudible 00:49:48] transaction data with financial intermediaries. Here I feel more confident that the information can be protected better, better managed, no? It's not such a big amount of data. Where services can be provided with very, very good, very, very high impact, no? If small and medium-size enterprises work to get better finance and better terms, thanks to the use of this sharing of their data, I think that's an area where we want to move very fast, no?

Babak: Thank you. Cecilia, there's a question here from our courageous anonymous questionnaire. I say courageous because they wouldn't put their name down. But I think it's a good question. What initiatives are is your organization taking to train and develop your authorities, and also your Swedish supervisor through you, to deal with the need to address emerging risks from digitalization and the new technologies? Do you have special training or anything that you're trying to foresee challenges, trying to equip your people with that? Is that an active concern?

Cecilia: Yes, of course it's always an active concern that you don't like bad surprises. But digitalization has been ingrained in the Swedish society for decades. It is interesting because we moved from a world when everything was physical, and if you think about I got my first share when I was 10 or 11. It was a piece of paper, very grand product, and the ownership was sitting in that paper. Then things digitalized, and now I have an account, and I can print it out on paper, but usually I don't, because I don't have to. Ownership is now sitting in zeros and ones in the computer system. I think my shares are now sitting on a database with Euroclear. It's on a server outside Paris in France. So, just in a course of a generation, we have moved from a world where everything was on paper and was physical to hardly anything is on paper anymore. You may know that Sweden is a bit of a poster child when it comes to cash very rapidly going out of being used.

So, we have been struggling, but also seeing the possibilities in this area for a very long time. I wouldn't say that there are any particular educations or pushes in that direction. But I think the mindset is important, to acknowledge that technology is actually, if you harness it in the right way, can actually do a lot of good to society. As you do that, think about what are the stakeholders here, and strike up a conversation with the stakeholders, like we are trying to do when it comes to the question of whether cash should actually not only be phased out in line with what people in the Swedish society prefer, because it's up to the Swedish individuals, really, how much they want to use cash versus other payment methods. You should be there and provide a [inaudible 00:53:38] digital currency as a default option for those who want to be able to carry on using central bank money.

So, communicate with the stakeholders and build relationships. You find after a while that these relationships can last for decades, and then you can really do some tremendous reforms when you need it. I don't know if this was much of an answer, but it was trying to point out what sort of mindset I think you should have as you are a part, whatever, if you are the private sector or the public sector. You need to talk to the other guys across the road.

Babak: Absolutely. I mean, you were talking about a disruption. I mean, you were talking about your paper certificate shares, and now if you have shares with a discount broker, actually, you don't really own the shares. You're the beneficial owner. They own the shares. So everything is disrupted. No, your answer is actually very thoughtful there.

Let me turn to you, Juan Pablo. It's an interesting question. It's a little bit long, but indulge me, please. A significant share of the evolution in the digital era has been through destruction of the test business models and delivery channels. One of the observations around the emergence of innovative channels and business models is relative lack of appreciation for the risks relating to conduct of business, particularly in relation to the treatment of customers by the new digital entities, and in delivering through digital channels. That's the background. So how do you manage these risks while ensuring that the innovative models continue to be encouraged to drive objectives like financial inclusion?

Juan Pablo: This is a very, very, very interesting question, and I think it also hits our current situation in Mexico, Cecilia, in the sense that as I was explaining, we decided to go for our regulated FinTech industry and to put those entities that we decided that it needed to exist at the moment in Mexico to put them within our regulatory framework.

Outside, in consequence that would not be permitted. So, as part of this effort that we've been doing to create this system and authorizing new legal entities on this, we also at the same time have to go out and close down and fine and also persecute people that are doing what is now within this legal framework, what is illegal, no?

Some people thought that that was going to be easy because the technology and [inaudible 00:56:34], payments, investments, lending, and all these things could happen very easily, because all this technology allowed and hopping models from even Mexican entities or even entities outside, we saw a strong development with this. So, we said, well, now the law is enacted, and all those firms that want to continue operating, we didn't stop any firm to continue operating, now there's a clear framework and they have to approach the authority and get a license and all these things. All those that want to test something that is different from what we have here have to be very careful of what are they doing. If it is similar to what we have in law, come to the authority, let's do a testing on all of these things in a controlled environment, the so-called sandboxes, and we're doing that.

We've been less successful on that part, I must say, with the regulated framework. But unfortunately, some other people don't understand it, and that's to protect people and to conduct a business and to appreciate the importance of doing this, we have to go out and on and close down some platforms that we're not conducting, fine them and even in stronger sanctions for some people, no? That's been happening in Mexico the last two years in important manner.

Babak: Great, thank you. Cecilia. I'm going to give you the very last question and request that you please respond to it in no more than one minute, because we're coming towards the end. So, some big jurisdictions, or at least one I can think of, has rejected licensing cryptocurrencies. Do you have any thoughts on that? Is this something that governments can ban? Is that conversation happening, and what is the implication of that? Thank you.

Cecilia: So, that's going to take more than a minute, but very briefly, I think if we're living in a free world where people want to explore new technology, cryptocurrencies, crypto is certainly new technology, they want to try to make money out of it, that's probably a part of an open society. The market economy that resonates with me that that should be accepted.

But, and there's an important but in this, which is that it must not be mixed up with what I call the conventional and regulated financial system. So, it can't be a situation where people think, "Oh, well, it's about the same thing buying a cryptocurrency like having a bank account, or cryptocurrency is like having a mutual fund." It's very important, I think, that the public sector points out where are they protected as consumers as regulators, and where are you on your own? Which you basically are, if you are in the crypto world. There is no chance guarantee that what you put in is what you also will take out.

On the grander scale, I think the crypto currency world has pointed out to central banks that we are in a competitive business, central banks, that there are others who would like to provide society with money as well. That's one of the reasons why I think we have to step up and be more ambitious when it comes to making payment systems more inclusive and more competitive and cheaper and faster for people, because otherwise people are not happy with the current fiat money system. They will find other solutions. I think it's a failure for the fiat money system if people feel forced to go to crypto and the likes that in my mind doesn't really meet the criteria of what is good money. Good money is a stable store of value and it's an efficient medium of exchange, and so far, I haven't seen much of that in the crypto world. Thanks.

Babak: Thank you very much. Because it was such a complicated question, I gave you an extra minute.

I wanted to thank both of you, very articulated speakers, and I'm seeing a lot of excitement and questions from follow-up and all that from the audience. So you definitely met and exceeded our expectation. Thank you so much, and we hope to see you at future Toronto Center events and programs, and namaste. Take care. Bye.

PART 4 OF 4 ENDS [01:01:37]