(Editor's Note: This article is part of a series of commentaries on retail banking sectors, illustrating how technology disruption forms part of S&P Global Ratings' analysis of banks.)
S&P Global Ratings finds that, as in other banking markets, the main risk of technological disruption for retail banks in the Gulf Cooperation Council (GCC) is changes in customer preference.
This is the conclusion we drew from our four-factor analysis of a banking system's technology, regulation, industry, and preferences (TRIP), which we are incorporating in our ratings on banks in the region. Regulatory risk is low because policymakers are conscious of the extreme importance of local banking systems in the region, and the need to keep them safe from potentially disruptive unregulated competition. Technology and industry structure present a moderate risk of disruption.
The digitalization of GCC economies is still a work in progress. The adoption of big data, artificial intelligence (AI) analytics, as well as voice and facial recognitions tools, could enable a more effective and cost efficient provision of customer services. We expect some GCC bank business lines to remain protected from fintech in the medium term. These lines include corporate lending, where human added-value remains significant in the region. Therefore, even if customers' preferences continue to evolve, we think that risks to these banking systems remain contained, at least in the next two years. This is because regulators continue to protect them and the share of current activity at risk is small.
Industry Disruption Risk: Moderate
Money transfers, foreign exchange, and payment services are the most at risk
In 2018, the GCC banks we rate generated about 20% of their revenue from fees and commissions and foreign exchange gains. The latter contributed about 5% of rated GCC banks' operating revenue over the same period. Although we understand that a significant portion of this revenue involves lending and advisory activity, part of it also comes from payment services, money transfers, and currency exchange. GCC countries remain net exporters of capital. Their small populations, significant investments, and economic development have brought about a significant need to import skilled and semi-skilled staff. As a result, the populations of most GCC countries are dominated by expatriates (blue- and white-collar workers). According to the World Bank, these expatriates sent $119.3 billion back to their home countries in 2017, with India, Pakistan, Egypt, and the Philippines the main destinations (see charts 2 and 3). In our view, fintech could disrupt the money transfer operations of banks and exchange houses in the GCC. Fintech companies, by definition, focus on lowering transfer fees and reducing transfer times.
Payment services is another business line that fintech is disrupting. A closer look at fintech operations being launched in the region shows that some are developing alternative payment methods, with a focus on contactless payments and securing transactions through blockchain. That said, we expect some business lines at GCC banks to remain protected from fintech. These lines include core lending--primarily corporate and to a lesser extent retail lending. It's worth noting that on average, the top 20 customers contributed 25%-35% of total lending at the GCC banks we rate. We believe that, even more than in many developed markets, corporate lending remains relationship-based and the human added-value remains significant in the GCC--from corporate relationship managers all the way up to decision makers. Retail lending could benefit from enhanced risk analytics, which determine the credit quality of clients using advanced analytics and available data (for example, bills payment habits, and spending patterns).
Although we acknowledge that fintech might help enhance the efficiency of some banking operations, we do not think they will be significantly disrupted in the next few years. Some fintech companies in the GCC are targeting niche segments such as banking for low-income employees, microsavings, microinvestments, and youth. Others are targeting more secure transactions or even banks' compliance with regulations and internal policies. Collaboration between banks and these fintech firms could help enhance efficiency at the incumbents, allowing them to redeploy resources and staff on higher added-value transactions.
In addition, online banking penetration remains significant in the GCC. According to McKinsey, online banking penetration has reached 92% for United Arab Emirates (UAE) banks and 85% for Saudi banks. Shifting transactions from branches to online is also high on the agenda of some rated banks. For example, in Saudi Arabia, The National Commercial Bank saw 36.6% of financial transactions executed online or through its mobile application at year-end 2018 (see chart 4). In the UAE, the number of bank branches has been declining since December 2014 (see chart 5), suggesting that banks have managed to migrate some transactions to alternative channels. We think this trend will continue in the next 12-24 months, with a similar movement also starting to emerge in Saudi Arabia.
Regulation: Low Risk Of Disruption
Torn between protecting the financial system and seizing new opportunities
Authorities and regulators in the GCC are looking closely at fintech not only from the perspective of financial stability, but also from one of collaboration. Accelerators such as the Fintech Hive in the Dubai International Financial Centre (DIFC), Bahrain FinTech Bay, and Plug and Play in Abu Dhabi Global Market (ADGM), as well as regulatory "sandboxes" set up by local regulators are examples of how authorities and regulators are approaching the fintech industry. The most recent sandbox was established in late 2018 by the Central Bank of Kuwait. For Qatar and Oman, we found no public information about sandboxes.
Fintech Hive, for example, helps fintech companies benefit from collaboration with top executives at the DIFC over a 12-week accelerator program, while the regulatory sandboxes allow fintech companies to test their products in the real market in a restricted regulatory environment. In our view, regulators are not only focused on consumer protection, but also on safeguarding their financial systems against major potential disruption from nonregulated entities, new market players, and Big Tech. The latter's involvement in the GCC is reportedly still limited to the provision of payment services (for example, through Apple Pay, Samsung Pay, and even Alipay for some specific outlets). Due to the lack of development of broad and deep local capital markets, regulators are aware of the extreme importance of the role of the local banking systems in the GCC and the need to keep them safe from potentially disruptive competition.
Regulators have also encouraged the use of blockchain to enhance the security of transactions. Examples include the Cheque Chain system of Emirates NBD, where paper checks are protected through a unique Quick Response Code registered on the bank's blockchain. Another example is the Dubai Land Department's plan to process all real estate-related transactions through smart contracts using blockchain, in line with Dubai's vision to become paperless by 2021.
Data privacy is another area that regulators in the GCC are planning to strengthen. Qatar, Bahrain, and ADGM have already implemented or updated their data privacy laws, while DIFC and Saudi Arabia are expected to move in this direction in the near future. Consequently, we believe that the availability and use cases for data will be more limited in the region compared with China or some Northern European countries, which will make it harder for pure online companies to gain ground.
Preference: High Risk Of Disruption
Demand is expanding thanks to large expatriate and youth populations
We believe demand for fintech solutions is present and expanding, driven primarily by the lower costs for service provision and speed of execution. Fintech firms are also benefiting from the region's high smartphone penetration and 4G coverage, and top-notch physical infrastructure. The large expatriate population, particularly low-income workers, transferring money back home, represents significant demand for lower-cost and higher-speed money transfer companies. Demand is also coming from the region's youth, who are more familiar with new technologies. According to the Statistical Centre for the Cooperation Council for the Arab Countries of the Gulf, about 40% of the GCC population is under 30 years old (see chart 6), which creates significant demand for digital financial operations.
Some banks, such as Dubai-based Mashreqbank, have sought to capture this market by launching neobanks--100% digital banks that reach customers only through a mobile application or PC--and we think more will follow. At this stage, demand for lending or investment services remains rather limited in our view. Lending is still dominated by human interaction, while the distribution of investment products is still dominated by banks, which have the confidence of the general public and regulatory protection. For example, we classify four of the six GCC countries as highly supportive toward their banking systems. Moreover, banks benefit from advantages related to cost of funding, with more than 40% of total deposits noninterest-bearing at the banks that we rate.
With the increasing digitalization of the GCC economies, banks could benefit from the broader availability of data, which combined with data analytics or AI can strengthen risk management and enhance sales through more targeted marketing initiatives. It remains to be seen to what extent banks and other fintech firms will be allowed to leverage this data. The presence of large expatriate populations also means that local disruption could come from abroad. A fintech firm that launches an innovative investment solution in one country could grab the attention of nationals living in the GCC, potentially triggering an outflow of capital.
Technology: Moderate Risk Of Disruption
The digitalization of the economy is ongoing
Compared with other emerging markets and particularly the Middle East and Africa, the GCC countries enjoy a more favorable environment for fintech adoption. According to Deloitte's National ICT Index (see chart 7), which measures a variety of information and communication technology (ICT) readiness factors, GCC countries have made significant progress but lag behind some developed economies. The average National ICT Index for GCC countries stood at 62%, compared with 84% for Singapore and Finland, and 78% for South Korea, for example. At the same time, some GCC countries appear at least as ready as some major European countries. For example, Qatar is level with Germany, and the UAE is even more advanced. However, although these prerequisites are necessary, they are far from sufficient to drive the digital transformation of the economy. In the GCC, for example, broader adoption of big data, AI analytics, and cloud computing is still a work in progress.
The good news is that these technologies come under the main objectives of some GCC governments' national transformation plans, which aim to diversify their economies by moving progressively away from hydrocarbons.
We believe big data, AI analytics, and voice and facial recognition tools could enable more effective and cost-efficient customer profiling, enhance marketing to new customers, and improve risk management and fraud detection at GCC banks.
This report does not constitute a rating action.
|Primary Credit Analyst:||Mohamed Damak, Dubai (971) 4-372-7153;|
|Secondary Contact:||Dhruv Roy, Dubai (44) 20-7176-6709;|
No content (including ratings, credit-related analyses and data, valuations, model, software or other application or output therefrom) or any part thereof (Content) may be modified, reverse engineered, reproduced or distributed in any form by any means, or stored in a database or retrieval system, without the prior written permission of Standard & Poor’s Financial Services LLC or its affiliates (collectively, S&P). The Content shall not be used for any unlawful or unauthorized purposes. S&P and any third-party providers, as well as their directors, officers, shareholders, employees or agents (collectively S&P Parties) do not guarantee the accuracy, completeness, timeliness or availability of the Content. S&P Parties are not responsible for any errors or omissions (negligent or otherwise), regardless of the cause, for the results obtained from the use of the Content, or for the security or maintenance of any data input by the user. The Content is provided on an “as is” basis. S&P PARTIES DISCLAIM ANY AND ALL EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, ANY WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OR USE, FREEDOM FROM BUGS, SOFTWARE ERRORS OR DEFECTS, THAT THE CONTENT’S FUNCTIONING WILL BE UNINTERRUPTED OR THAT THE CONTENT WILL OPERATE WITH ANY SOFTWARE OR HARDWARE CONFIGURATION. In no event shall S&P Parties be liable to any party for any direct, indirect, incidental, exemplary, compensatory, punitive, special or consequential damages, costs, expenses, legal fees, or losses (including, without limitation, lost income or lost profits and opportunity costs or losses caused by negligence) in connection with any use of the Content even if advised of the possibility of such damages.
Credit-related and other analyses, including ratings, and statements in the Content are statements of opinion as of the date they are expressed and not statements of fact. S&P’s opinions, analyses and rating acknowledgment decisions (described below) are not recommendations to purchase, hold, or sell any securities or to make any investment decisions, and do not address the suitability of any security. S&P assumes no obligation to update the Content following publication in any form or format. The Content should not be relied on and is not a substitute for the skill, judgment and experience of the user, its management, employees, advisors and/or clients when making investment and other business decisions. S&P does not act as a fiduciary or an investment advisor except where registered as such. While S&P has obtained information from sources it believes to be reliable, S&P does not perform an audit and undertakes no duty of due diligence or independent verification of any information it receives. Rating-related publications may be published for a variety of reasons that are not necessarily dependent on action by rating committees, including, but not limited to, the publication of a periodic update on a credit rating and related analyses.
To the extent that regulatory authorities allow a rating agency to acknowledge in one jurisdiction a rating issued in another jurisdiction for certain regulatory purposes, S&P reserves the right to assign, withdraw or suspend such acknowledgment at any time and in its sole discretion. S&P Parties disclaim any duty whatsoever arising out of the assignment, withdrawal or suspension of an acknowledgment as well as any liability for any damage alleged to have been suffered on account thereof.
S&P keeps certain activities of its business units separate from each other in order to preserve the independence and objectivity of their respective activities. As a result, certain business units of S&P may have information that is not available to other S&P business units. S&P has established policies and procedures to maintain the confidentiality of certain non-public information received in connection with each analytical process.
S&P may receive compensation for its ratings and certain analyses, normally from issuers or underwriters of securities or from obligors. S&P reserves the right to disseminate its opinions and analyses. S&P's public ratings and analyses are made available on its Web sites, www.standardandpoors.com (free of charge), and www.ratingsdirect.com and www.globalcreditportal.com (subscription), and may be distributed through other means, including via S&P publications and third-party redistributors. Additional information about our ratings fees is available at www.standardandpoors.com/usratingsfees.
Any Passwords/user IDs issued by S&P to users are single user-dedicated and may ONLY be used by the individual to whom they have been assigned. No sharing of passwords/user IDs and no simultaneous access via the same password/user ID is permitted. To reprint, translate, or use the data or information other than as provided herein, contact S&P Global Ratings, Client Services, 55 Water Street, New York, NY 10041; (1) 212-438-7280 or by e-mail to: email@example.com.