- The COVID-19 pandemic has accelerated tech disruption among U.S. banks.
- Based on our four-factor analysis of a banking system's technology, regulation, industry, and customer preferences, we believe U.S. banks must continue to heavily invest in their digital capabilities to remain competitive.
- The greatest threat could come from Big Tech companies, should they diverge from their current strategy of engaging in only limited, peripheral banking activities.
The COVID-19 pandemic has made it abundantly clear that U.S. banks' tech spending in recent years was worth it, but more will be required. S&P Global Ratings believes most U.S. banks are up for the challenge, to varying degrees. While the biggest banks are well prepared to take on the push from fintech firms and have enormous technology budgets that mitigate the risks these firms pose, smaller players face significantly greater risk of being left behind in the inexorable shift to a digital world, now accelerated by COVID-19.
At the same time, regulatory barriers to banking remain high, though they are easing as a wave of fintech firms gain banklike capabilities. Meanwhile, U.S. regulators, already at the forefront of bank capital and liquidity regulation globally, are increasingly considering how best to modernize regulations around key topics such as open banking and data privacy, which are less articulated at the federal level than they are for European peers. As regulators increase their engagement with the digital activities of banks and nonbanks, with use of new technologies (for example, cloud computing and artificial intelligence), and with the policy implications of trends such as open banking and data-sharing, we expect meaningful change could ensue.
We believe the greatest disruptive threat for banks in the medium term could come from Big Tech companies (Amazon, Apple, Google, Facebook, and Microsoft), should they diverge from their current strategy of engaging in limited, peripheral banking activities, including selective partnerships with banks.
The COVID-19 pandemic has catapulted banks' retail digital offerings into a different league as social distancing restrictions increase customers' preference for digital products. Indeed, the pandemic has enabled banks to showcase their suite of online products, validating the investment bigger banks have made in technology over the past few years, and has accelerated the closure of physical branches. Many smaller, regional banks are also responding to the clear need for scale via mergers, in part because of demand for more investments in technology.
Based on our four-factor analysis of a banking system's technology, regulation, industry, and preferences among customers (see "The Future Of Banking: Will Retail Banks Trip Over Tech Disruption?" May 14, 2019), we believe U.S. banks will have to continue to heavily invest in their digital capabilities to remain competitive with peers, keep abreast of innovations in data science and technology, and meet evolving consumer preferences. We also believe U.S. retail customers will become more demanding of digital products' functionality and innovation over the coming years. In fact, all demographic segments have opted away from traditional banking options amid social distancing.
The pandemic has also created opportunities for product simplification that enhances customers' ease of use, possibly leading to additional fee-generation opportunities for banks. For the most part, we believe these benefits are likely to be clustered among the country's largest banks, which have scale.
Preferences: Disruption Risk High
Younger generations expect consistent technological advances
Customer preferences are clearly changing rapidly in the U.S. Before COVID-19, millennials and other young adults were at the forefront of digital product demand. Now, the search for convenient virtual banking options has extended to all customers, resulting in greater convergence among older demographic segments. During the pandemic, banks with well-developed capabilities to offer feature-rich virtual interactions that do not compromise the customer experience have been among the best positioned to respond to the new challenges (see chart 2).
Cash usage in banking activities dropped substantially as demand for contactless payments grew amid social distancing and as brick-and-mortar stores closed to shift to an online-only presence. Even though we expect cash usage will increase over time relative to the troughs we observed in March-May (particularly among small businesses), we believe customers are likely to maintain meaningfully higher reliance on digital payments than they did before COVID-19.
Changing customer preferences have already transformed how some retail deposits are collected in the U.S. banking market. Digital deposits--deposits raised directly from customers by banks without a branch presence--are not new. For the last decade, a handful of "digital" banks--that is, banks without branch networks--have offered accounts directly to consumers. Well-known companies such as American Express, Discover Financial, Ally Financial Inc., Synchrony Financial, and, more recently, Goldman Sachs Group Inc. have been able to raise and accumulate significant deposits using digital platforms, offering higher rates than peers and digital convenience. In 2020, with the growth of the Fed's balance sheet, traditional deposit gathering has grown significantly as well (see chart 3). Traditional banks are also relying less on branches. As of the end of December 2020, according to SNL, there were 84,161 active bank and thrift branches in the U.S. (down 2.5% year over year). In 2020, U.S. banks and thrifts closed 3,099 branches and opened 982.
Traditional banks have also responded robustly to evolving customer preferences by offering their own digital platforms. Examples abound, including Citigroup Inc., JPMorgan Chase & Co., PNC Financial Services Group Inc., and Citizens Financial Group Inc. In light of the COVID-19 pandemic, we believe more traditional banks could choose to adopt digital strategies not only to defensively protect deposit market share, but also to selectively expand deposit footprints in new regions without the expense of building branches. That said, we believe traditional banks need to be cautious about the risk that an online offering could cannibalize existing deposit channels, which could dampen margins.
Rising consumer preferences for cashless payments have generated strong volumes in electronic payments via bank-issued credit and debit cards, sending funds mainly through the open-loop networks of Visa and Mastercard or the smaller closed-loop networks of American Express and Discover. Banks collect fees from merchants when consumers use the cards they issue at the point of sale.
That said, we believe these particular shifts in consumer preferences pose a modest risk of disruption to banks. The card industry is already highly concentrated among a few large, deep-pocketed players, and the ubiquity of the card networks with consumers and merchants makes disrupting the current system difficult. Many fintech advances (such as mobile card readers, QR codes, and contactless cards) are also facilitating payments via bank cards rather than replacing them. We expect most consumer electronic payments to continue to flow between banks through the existing card networks' "rails" at least in the next few years (see "The Future Of Banking: Five Fintech Expectations For Business And Consumer Payments And The Ratings Implications On Banks And Nonbank Financial Institutions," Feb. 13, 2019).
Still, disruption risk for banks may increase over time as payment channels widen. PayPal is one example of a nonbank player with a material market position with consumers and merchants. PayPal offers its customers the option to initiate payments either via automated clearinghouse, credit card networks, or, more recently, cryptocurrency. Transactions over noncard rails can diminish the economics for banks, depriving them of fees they would have otherwise collected on card transactions. That said, in response to PayPal's person-to-person payment services, including Venmo, some large banks have launched Zelle, their own person-to-person system. Indeed, the usage of Zelle has increased significantly since the start of the pandemic.
Another area where tech disruption risk has already gained traction is mortgages. Quicken Loans (Rocket Mortgage) and others have already taken significant share from banks, partly because of sophisticated fintech platforms, facilitated by the funding they can receive through the government-sponsored enterprise market. Banks that have stayed in the mortgage business have needed to enhance their own platforms to compete, with online platforms now a significant channel for mortgage production for traditional banks.
Industry: Disruption Risk Moderate
Smallest banks are most at risk of disruption, propelling consolidation
The U.S. banking system currently has roughly 4,700 banks. Still, the largest banks, with greater than $100 billion of assets, hold roughly 72% of the system's assets as of September 2020. The largest banks offer a wide swath of products, both retail and commercial, and generate a healthy mix of net interest income and fee income. For these institutions, we consider the disruption risk to be low, since they enjoy considerable resources both in terms of financial profitability and corporate spending power.
In a report we published in 2019 (see "The Future of Banking: The Growth Of Technology And Its Impact On The U.S. Banking Sector," Feb. 13, 2019), we estimated the largest U.S. banks spent 10%-15% of their revenue on technology, some for ongoing maintenance of existing systems, but a sizable amount for innovation. We believe tech spending and digital investments will remain significant, notwithstanding revenue pressure from COVID-19.
Some banks with rich resources and technology aspirations have chosen to partner with fintech companies, mitigating the likelihood of disruption. Such partnerships can offer two-way rewards: Banks can aim to grow revenue in areas where they lack lending expertise or scale, whereas for fintech firms, the partnership can offer access to a more stable funding source, lower the cost of customer acquisition, and overcome barriers to national expansion.
But smaller banks and community banks that don't have the same resources face higher risk of digital disruption. Regulators have attempted over the past few years to trim the burden for smaller banks and ease costs somewhat, though these efforts do not fully address the technology spending gap between these and larger banks. Nor do they render a level playing field, given fintechs that operate outside the regulatory perimeter. In recent years, several regional banks have strategically opted to merge, in part because they seek to build scale to accelerate digital investments and capabilities.
The Federal Deposit Insurance Corp. (FDIC) is cognizant of the long-term threat from digital disruption and has been holding forums for small banks, focusing on emerging technologies, including new and innovative delivery channels and how to enhance customer services. Nevertheless, small banks' reliance on third-party data companies, such as Fiserv, to provide technological services leads to limited bespoke features.
In contrast with most other banking jurisdictions, competition from nonbanks is not a new occurrence for the U.S. banking industry. Entities other than banks have held about two-thirds of business and consumer credit in the U.S. in recent years, substantially higher than among global peers. Examples of such providers of credit include finance companies, insurers, mutual funds, pension funds, and government-related entities, among others.
But fintechs are a different breed of competitor and have targeted niche businesses where they can offer customers better user experiences and competitive pricing--often in areas that may be less attractive for banks because they offer less rewarding risk-adjusted returns for every dollar of capital allocated, such as mortgages, personal loans, student loans, and loans to small and medium enterprises (SMEs).
S&P Global Market Intelligence expects fintechs will continue to grow, with a projected origination growth rate of about 14% for 2019-2023 (see "2019 U.S. Digital Lending Market Report"). Companies servicing SMEs will likely grow fastest during this time. Nevertheless, according to S&P Global Market Intelligence, fintech lending was only about $220 billion as of year-end 2019, compared with $9.6 trillion for all banks. So although fintech lending is growing at a fast clip, it is still modest compared with the banks' market share.
The disruption risk for the U.S. banking industry could meaningfully increase were the Big Tech companies to directly engage in the business of banking or financial intermediation. Unlike small fintech players, these tech titans already have established, large customer bases, strong brand recognition, and the digital talent required. These companies also have strong balance sheets, with enormous investment capacity.
That said, while the tech titans have made a foray into select digital activities, such as payments (and launched digital wallets), we do not believe they have demonstrated the appetite to seek full-fledged banking licenses. Perhaps this is due to a reluctance to invite regulatory scrutiny along with its associated cost, as well as unwillingness to take on significant balance-sheet risk. Instead, these companies have opted to partner with several leading banks. For example, Apple Inc. launched its Apple Card credit card product in partnership with Goldman Sachs, and Google LLC announced a deposit product in conjunction with Citigroup Inc.
Regulation: Disruption Risk Moderate
A patchwork fintech regulatory approach compared with other jurisdictions
U.S. regulators have applied a patchwork approach to key topics related to fintech disruption, such as the issuance of new banking charters, open banking, digital data privacy, and issuance of new digital licenses. We consider regulatory disruption risk to be moderate based on our view that U.S. regulators' approach to fintech has been fragmented and somewhat less developed compared with global peers, particularly the U.K.
In the absence of a cohesive national approach, fintechs operating in the U.S. have conventionally resorted to working with various state regulators to operate. To some extent, we believe the slower pace of implementing national regulation may reflect concerns about fraud, security, and data privacy, which are currently incorporated under the umbrella of bank regulation. But the issuance of bank charters to nontraditional banks has been on the rise.
Unlike in Europe, regulations in the U.S. do not require banks to open their networks to third-party providers for data access once customers provide consent. Instead, U.S. banks have formed partnerships for data-sharing either of their own volition (such as in the case of Zelle) or have taken unique initiatives bilaterally with their clients.
That said, the Consumer Financial Protection Bureau has set the stage for renewed focus on data-sharing with some preliminary rulemaking consistent with the broad guidelines laid out in section 1033 of the Dodd-Frank Act, and we expect this topic to be a priority for the incoming Biden Administration. The agency issued advance rulemaking in October 2020 in its effort to govern data-sharing, including financial records access rights by third parties and associated risks.
Certain states have already made headway in passing more stringent data privacy regulation than is currently applicable at the federal level. For example, California enacted statewide laws that came into effect Jan. 1, 2020, that govern how businesses must handle the data privacy rights of California residents. New York is also advanced in its pursuit of legislation protecting the rights of its residents.
However, one area where U.S. regulators have made considerable progress is the complex project of real-time payments, where efforts have been concentrated for several years, and which would be especially meaningful for business-to-business payments. The FedPayments initiative is a collaboration between the Federal Reserve and private-sector players dedicated to enhancing the speed of automated clearinghouse payments by shortening the time it takes to complete a transaction. Enhancements via the FedNow Service, for example--which would enable all banks to provide safe and efficient instant payment services on a 24-hour, 365-day basis--are scheduled to release in 2023-2024.
Separately, we are also closely watching the issuance of digital banking charters. Fintechs aspiring to enter banking activities typically either seek to be industrial banks or, more recently, pursue a special Office of the Comptroller of the Currency (OCC) charter. Conventionally, fintech firms have sought bank charters via an industrial loan company (ILC)--an FDIC-insured banking charter offered by some states (for example, Utah) that allows for limited banking services and, most important, deposit collection. By law, industrial banks (banks with ILC charters) are not required to be bank holding companies regulated by the Federal Reserve, and since the Great Recession, companies have had a difficult time obtaining ILCs.
But recently we have seen some easing by regulators, with several fintech companies obtaining banking licenses via ILC charters. For example, Varo Money was the first consumer-focused fintech company to get bank charter approval from the FDIC in February 2020. Square Inc. received conditional approval in March 2020, as well as Nelnet, a student loan servicer.
Moreover, in December, the FDIC approved a final rule establishing certain conditions and supervisory standards for the parent companies of industrial banks and ILCs. The rule was largely identical to a March 31 proposal, which laid out commitments and conditions for an ILC applicant to get approval for deposit insurance as well as a change in control. The commitments included consent for the FDIC to examine the parent company, the submission of annual reports on the covered company and each subsidiary, and a pledge to "maintain the industrial bank's capital and liquidity at such levels as the FDIC deems necessary for the safe and sound operation of the industrial bank." It remains to be seen whether this will open the door for Big Tech firms.
Another path for a fintech to gain banklike abilities, without actually holding a traditional bank charter, is through a special-purpose fintech charter that the OCC introduced in 2018, aimed at articulating a national approach for lending and payments. In its original proposal, the special-purpose charter would grant fintech firms the ability to offer narrow banking services on a national scale and thereby offer a way to circumvent the patchwork of state banking regulatory approval processes. In response, the Conference of State Bank Supervisors has been focused on proposals that would streamline the state approval process, such as multistate licensing agreements. But its success has been stalled as many fintech firms weigh the pros and cons of the additional oversight. In addition, a court order in late 2019 challenged the OCC's authority to grant such a charter. To date, no fintech special-purpose charters have been issued.
Another route a fintech could take to gain a bank charter is the actual purchase of a bank. Notably, the digital lender LendingClub Corp. recently announced its purchase of Radius Bank. And in September 2020, Jiko, a fintech company that invests in government securities, bought Mid-Central Federal Savings Bank in Wadena, Minn. Figure, a fintech company that operates in the mortgage sector, applied in early November for a national bank charter, with the stipulation that it would not take FDIC-insured deposits but would take uninsured deposits of over $250,000. The absence of insured deposits would exempt the companies from Fed supervision under the Bank Holding Company Act. Several prominent private fintech companies have also launched or announced some kind of deposit or cash management products. These include well-funded startups such as SoFi, BlueVine, Robinhood Financial LLC, and Brex Inc.
Fintech firms owned by non-U.S. companies may enjoy some advantages in access to banking licenses. Non-U.S. firms may already have banking licenses in their home countries to support their funding needs. For example, German neobank N26 GmbH launched a U.S.-based service, while U.K.-based neobanks Revolut Ltd. and Monzo Bank Ltd. have announced intentions to launch U.S. products and already have banking licenses in their home country.
Although the larger fintech players have not yet pursued a bank path, in January 2021 Walmart, in partnership with Ribbit Capital, created a fintech startup with the aim of delivering a techlike financial experience to its large customer base. The ultimate extent of Walmart's entrée into banklike activities, and whether other names with large customer bases will follow, remains to be seen.
Technology: Disruption Risk Moderate
Legacy systems abound, with varying industry responses
We consider technology's disruption risk among banks to be moderate overall, but individual banks' responses to this disruption vary greatly, and the smallest banks (community banks) are at greatest risk. While the country's largest banks have the profits and the scale to allocate billions of dollars to upgrading their technology infrastructure, smaller banks are less prepared to tackle these challenges.
Legacy infrastructure is an issue for many banks. Even among the largest banks, multiple acquisitions over the years have contributed to making technology systems less agile and more cumbersome. Amid competition for retail deposits, banks have focused on advancing technology in mobile banking and payments. This competition for deposits has also spurred several regional banks to offer deposit products outside their traditional retail operations. Notably, the FDIC plans to ease its definition of what it considers a brokered deposit, taking away the stigma for banks that collect deposits in a less traditional manner.
Cloud-based services have also been an important area of investment, and are now viewed as essential particularly among larger institutions. The use of a third-party cloud enables banks to scale back on tech hardware and concentrate instead on building software to better service customers. The cloud gives banks the ability to respond quickly to changing market, customer, and technological needs. Many banks are moving into a "hybrid cloud," in which the banks maintain access to proprietary data but combine this with a public cloud. This assures the banks that their own data is still protected.
We believe a significant amount of tech spending by banks will be apportioned to developing their cloud capabilities. Furthermore, the surge in remote working since the onset of the pandemic is expected to accelerate the banking sector's transition to cloud-based services. But breaches of the cloud are still a concern in terms of operational risk, as demonstrated by Capital One, which had a breach in July 2019 and had to pay $80 million in August 2020 in response to claims by the OCC that the bank failed to establish proper risk assessment procedures after it began using cloud storage technology.
Banks have also concentrated on application program interfaces (APIs)--programs that connect software and data--and how they interact with each other for internal and external purposes. APIs enable banks to serve their customers better, target and segment clients, and supplement fee revenue. Additionally, banks are deploying artificial intelligence to help reduce their expenses and detect and minimize errors from an operational risk standpoint.
Another technology banks are making use of is blockchain, a data management structure and type of "distributed ledger" that can be read and accessed by all users through individualized keys, which are essentially passwords. When users transact, they create a package of information referred to as a "block" that is chained to the prior transaction blocks through digital fingerprints. Blockchain lends itself to certain banking activities that involve multiple parties, such as real estate transactions and syndicated lending. It can help pare down backroom recordkeeping expenses and thwart the risk of cyberattacks, since it is a decentralized system. But gaining agreement and trust among parties in blockchain transactions has slowed its adoption, which only a few years back seemed as if it would gain greater traction by now. In addition, just like other technological advances, blockchain opens the door to competition and could pressure revenue streams in such banking activities as trustee functions if banks don't adapt and offer blockchain solutions.
Strong Profitability And A Competitive Mindset Position Most U.S. Banks For Success
Despite the likelihood of profitability pressures over the next couple of years due to low interest rates and elevated charge-offs related to the pandemic, S&P Global Ratings believes U.S. banks have to continue to heavily invest in their digital capabilities to remain competitive with peers and to ward off continued threats from digital disruption. Certainly, banks need to keep up with evolving customer preferences. We also expect regulators to continue to shape the financial terrain in which banks and nonbanks operate through rulemaking on important considerations such as data privacy and open banking.
Given the fast pace of technological innovation and changing preferences, no industry is immune to disruption. Whether U.S. banks can maintain their footing, only the future can tell.
- Tech Disruption In Retail Banking: COVID-19 May Accelerate Canadian Banks' Digital Transformation, Jan. 28, 2021
- Tech Disruption In Retail Banking: China's Banks Are Playing Catch-Up To Big Tech, May 14, 2019
- Tech Disruption In Retail Banking: France's Universal Banking Model Presents A Risk, May 14, 2019
- Tech Disruption In Retail Banking: German Banks Have Little Time For Digital Catch-Up, May 14, 2019
- Tech Disruption In Retail Banking: Swedish Consumers Dig Digital--And Banks Deliver, May 14, 2019
- The Future Of Banking: Will Retail Banks Trip Over Tech Disruption?, May 14, 2019
- The Future Of Banking: Five Fintech Expectations For Business And Consumer Payments And The Ratings Implications On Banks And Nonbank Financial Institutions, Feb. 13, 2019
- The U.S. Treasury's Fintech Report: Six Takeaways And The Potential Credit Implications For Nonbank Financial Institutions, Sept. 5, 2018
- The Future Of Banking: How Much Of A Threat Are Tech Titans To Global Banks?, Jan. 15, 2018
This report does not constitute a rating action.
|Primary Credit Analysts:||Stuart Plesser, New York + 1 (212) 438 6870;|
|Devi Aurora, New York + 1 (212) 438 3055;|
|Secondary Contact:||Brendan Browne, CFA, New York + 1 (212) 438 7399;|
No content (including ratings, credit-related analyses and data, valuations, model, software or other application or output therefrom) or any part thereof (Content) may be modified, reverse engineered, reproduced or distributed in any form by any means, or stored in a database or retrieval system, without the prior written permission of Standard & Poor’s Financial Services LLC or its affiliates (collectively, S&P). The Content shall not be used for any unlawful or unauthorized purposes. S&P and any third-party providers, as well as their directors, officers, shareholders, employees or agents (collectively S&P Parties) do not guarantee the accuracy, completeness, timeliness or availability of the Content. S&P Parties are not responsible for any errors or omissions (negligent or otherwise), regardless of the cause, for the results obtained from the use of the Content, or for the security or maintenance of any data input by the user. The Content is provided on an “as is” basis. S&P PARTIES DISCLAIM ANY AND ALL EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, ANY WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OR USE, FREEDOM FROM BUGS, SOFTWARE ERRORS OR DEFECTS, THAT THE CONTENT’S FUNCTIONING WILL BE UNINTERRUPTED OR THAT THE CONTENT WILL OPERATE WITH ANY SOFTWARE OR HARDWARE CONFIGURATION. In no event shall S&P Parties be liable to any party for any direct, indirect, incidental, exemplary, compensatory, punitive, special or consequential damages, costs, expenses, legal fees, or losses (including, without limitation, lost income or lost profits and opportunity costs or losses caused by negligence) in connection with any use of the Content even if advised of the possibility of such damages.
Credit-related and other analyses, including ratings, and statements in the Content are statements of opinion as of the date they are expressed and not statements of fact. S&P’s opinions, analyses and rating acknowledgment decisions (described below) are not recommendations to purchase, hold, or sell any securities or to make any investment decisions, and do not address the suitability of any security. S&P assumes no obligation to update the Content following publication in any form or format. The Content should not be relied on and is not a substitute for the skill, judgment and experience of the user, its management, employees, advisors and/or clients when making investment and other business decisions. S&P does not act as a fiduciary or an investment advisor except where registered as such. While S&P has obtained information from sources it believes to be reliable, S&P does not perform an audit and undertakes no duty of due diligence or independent verification of any information it receives. Rating-related publications may be published for a variety of reasons that are not necessarily dependent on action by rating committees, including, but not limited to, the publication of a periodic update on a credit rating and related analyses.
To the extent that regulatory authorities allow a rating agency to acknowledge in one jurisdiction a rating issued in another jurisdiction for certain regulatory purposes, S&P reserves the right to assign, withdraw or suspend such acknowledgment at any time and in its sole discretion. S&P Parties disclaim any duty whatsoever arising out of the assignment, withdrawal or suspension of an acknowledgment as well as any liability for any damage alleged to have been suffered on account thereof.
S&P keeps certain activities of its business units separate from each other in order to preserve the independence and objectivity of their respective activities. As a result, certain business units of S&P may have information that is not available to other S&P business units. S&P has established policies and procedures to maintain the confidentiality of certain non-public information received in connection with each analytical process.
S&P may receive compensation for its ratings and certain analyses, normally from issuers or underwriters of securities or from obligors. S&P reserves the right to disseminate its opinions and analyses. S&P's public ratings and analyses are made available on its Web sites, www.standardandpoors.com (free of charge), and www.ratingsdirect.com and www.globalcreditportal.com (subscription), and may be distributed through other means, including via S&P publications and third-party redistributors. Additional information about our ratings fees is available at www.standardandpoors.com/usratingsfees.
Any Passwords/user IDs issued by S&P to users are single user-dedicated and may ONLY be used by the individual to whom they have been assigned. No sharing of passwords/user IDs and no simultaneous access via the same password/user ID is permitted. To reprint, translate, or use the data or information other than as provided herein, contact S&P Global Ratings, Client Services, 55 Water Street, New York, NY 10041; (1) 212-438-7280 or by e-mail to: firstname.lastname@example.org.