“Bridging the gap between people and technology”

Interview with Alessandra Perrazzelli, Deputy Governor of the Banca d’Italia and Member of the Supervisory Board of the ECB, Supervision Newsletter

19 February 2025

Banca d’Italia has done a lot of work on technology. What’s the vision of the recently set SSM tech strategy for 2024-28?

The new SSM tech strategy for 2024-28 is centred around a key idea: recognising that people and technology are more closely connected than ever before. Disruptive technologies have radically transformed how we work and, in recent years, many innovative tools have been developed. Now it’s time to craft a unified strategy that bridges the gap between people and technology. Our goal is to ensure that supervisors can fully leverage the applications and data at their disposal, with technology seamlessly integrated into their everyday tasks. We also aim to consolidate IT to reinforce European banking supervision, fostering collaboration among supervisors as a unified team and using shared technology across both the ECB and the national competent authorities (NCAs).

How does Banca d’Italia’s work on suptech contribute to the broader network of European banking supervision?

Banca d’Italia, the ECB and the other European competent authorities are increasingly adopting innovative techniques and tools in their supervisory activities.

The challenges that we face, in response to both the digital transformation and the structural changes occurring in the banking sector, call for a comprehensive, well-coordinated and cooperative approach. In this vein, the SSM has adopted a cooperative approach among European supervisors (the suptech centres), where each NCA can contribute its expertise and technology, making them available to the ECB and other NCAs.

Here at Banca d’Italia, our staff contribute to the SSM projects and we’re also ready to share our suptech tools. We’ve put several tools into production to help supervisors perform their tasks. As an example, we developed an innovative tool for the fit and proper (FAP) assessment of board members and company managers, which uses artificial intelligence (AI) to analyse the members’ profiles. Another tool helps on-site inspectors write consistent reports.

I believe we’re on the right track, but we still need to step up our efforts to make it work. Together, we’ve been able to tackle many significant challenges over the past ten years. We trust that together we can continue to do so in the future.

Considering suptech, what’s in store for banks?

The emerging interest in the adoption of suptech tools isn’t limited to the teams of supervisors. The way in which supervisors can process large amounts of data remains of key interest for banks. The growing use of some tools – such as Agora, which provides a single data lake for SSM supervisors, or Heimdall, which enables a fast pre-screening of FAP applications – has the power to speed up supervisors’ work and, in turn, their responsiveness to banks. We expect significant efficiency gains for banks as well, and a potentially more targeted supervisory approach.

Let’s take the tools just mentioned. Thanks to Agora, supervisors can easily compare different datasets and benchmark their assessment of a supervised bank. Similarly Heimdall, through its automatic reading of the FAP application, can flag any potential issues to supervisors and deliver a first draft assessment; moreover, thanks to its database of historical data, peer comparisons are immediately available. In the end, all suptech tools have the same objectives: reducing the potential for human error, streamlining supervisory assessments and enhancing supervisors’ credibility. At the same time, the interaction with banks will be streamlined and more effective.

What technological innovations are you most excited about?

AI is arguably the most promising and exciting innovation in banking supervision. By analysing vast amounts of data, AI can support supervisors in assessing banks’ compliance with regulatory requirements and help develop early warning systems to detect emerging risks or vulnerabilities. To keep pace with the rapid evolution of AI and technology, it’s crucial that we continuously refine our skills, methods and tools. However, these advancements also bring new complexities that require careful consideration, particularly with regard to generative AI. While automation offers great potential, we must ensure that human expertise remains at the heart of our decision-making processes. Regardless of how advanced technology becomes, ultimate responsibility for decisions should not rest with automated systems. AI can assist and enhance our work, but it can’t replace the critical judgement and experience of supervisory authorities and skilled bankers.

The line between banks and non-bank service providers has become blurry. Is Europe still in a position to follow the the principle of “same risk, same activity, same regulation”?

The principle of “same risk, same activity, same regulation” remains central to European financial oversight, but its application is increasingly being challenged as the activities of banks and non-bank service providers often overlap.

Fintech, big tech and other non-bank entities are introducing innovative services, while posing risks similar to those of banks – including financial stability concerns and operational vulnerabilities. Yet much of this non-bank financial intermediation – particularly the most innovative aspects – often lies outside the traditional regulatory framework. It’s crucial to find the right balance, i.e. addressing risks effectively while allowing innovation to thrive and ensuring the continued provision of essential financial services.

While regulatory frameworks take time to be fully developed, supervisors cannot afford to wait for legislation to address these emerging risks. Proactive measures are critical to staying ahead of evolving market dynamics. The SSM is called on to work closely with other authorities to foster coordination and information-sharing, ensuring a consistent and effective response across the financial ecosystem. The implementation of the Markets in Crypto-Assets Regulation (MiCAR) and the Digital Operational Resilience Act (DORA) will further reshape this landscape, requiring increased collaboration.

You just mentioned the EU Regulation DORA . Will it be enough to address growing IT risks?

DORA is certainly a significant step towards the objective of harnessing the benefits of digital finance while ensuring its stability and resilience. The new Regulation aims to strengthen the digital operational resilience of the whole financial system by empowering all the actors involved in the provision of financial services and providing all financial entities with a framework for managing technological risks. However, regulation alone is never sufficient, and it needs to be accompanied by an increased awareness among all parties of the importance of these risks. Technological interconnectedness and concentration are at play, hence risk can propagate across the system through unexpected contagion channels. This calls for a joint effort, from which no one can consider themself exempt.

At ten years old, the SSM has been praised as a successful project. Is there a broader lesson from this experience for Europe?

The SSM has combined our supervisory cultures and operational experiences, fostering an unprecedented “one team spirit” approach among colleagues from the national supervisory authorities and the ECB. It has built upon the legacies of national supervisory bodies while remaining driven by a common European vision. Indeed, if we look back at the genesis of the project, we cannot forget the sense of urgency that drove us when we were building up the first network of European authorities to share powers, tools and resources.

While the creation of the SSM is surely a success story, considering the numerous achievements in its first decade, the key lesson we have learnt from the SSM is, once again, that a truly united Europe is not only possible, but also desirable. Together, we have demonstrated that our tasks and objectives, when they are pursued with a European perspective, can be achieved more effectively and efficiently, with positive consequences for all European citizens.

We often repeat that Europe is forged in times of crisis; the SSM was born as part of a more ambitious scheme, the banking union, in order to tackle the fallout of the sovereign debt crisis and the vicious circle involving the banks. Since we are living proof that Europe can make things better together, we should not wait for the next crisis. Instead, we should be proud of our achievements and be brave: let’s advance European cooperation in all the fields where we know that the longer-term benefits for citizens will outweigh the risk of losing powers or political consensus. In our restricted area of competence, i.e. banking union, this means in practice that it is time to adopt the European deposit insurance scheme (EDIS), as the technical justifications for postponing the adoption have nowadays been superseded.