Blog

A digital key to women’s credit: Integrating SHGs with India’s finance system

Posted on by harshita

As India deepens its journey toward inclusive growth, the next leap may lie in recognising the financial power of its women collectives. In this compelling article, Nishant Kumar, Global Lead – Startup Innovation and Acceleration at MSC, and Abhishek Varshney, Senior Lead – Partnerships at Sahamati, explore how integrating self-help group (SHG) records with the Account Aggregator framework can bridge a long-standing gap between grassroots enterprise and formal finance. Drawing on their rich experience in financial inclusion and digital innovation, they illustrate how this integration can transform SHG members from programme beneficiaries into financially visible, creditworthy individuals—unlocking access to credit, insurance, and investments, and setting the stage for a more equitable financial ecosystem.

A Digital Key to Women’s Credit: Integrating SHGs with India’s Finance System

India sits on a huge financial paradox. More than 100 million women participate in the world’s largest microfinance project through self-help groups. While self helpgroups (SHGs) receive support from the National Rural Livelihoods Mission (NRLM) and participating banks, internal transactions data history among SHGs and members remains invisible to the formal banking system. This financial data lies trapped in government databases and is missed while measuring the creditworthiness of the SHG members by banks, insurers, or FinTechs eager to serve them.

This data can be made accessible by integrating SHG records with India’s Account Aggregator (AA) framework, which promises to transform financial inclusion by shifting access to credit and services from mere program membership to performance-based criteria.

SHGs have evolved far beyond their humble origins. Today, these groups have formed sophisticated multi-tier institutions with formal governance structures: Village Organizations (VOs), which are groups of SHGs that work at the grassroots level, and Cluster-Level Federations (CLFs), which operate at the block or sub-district level. The National Rural Livelihoods Mission (NRLM) supports these institutions through its digital platform, LokOS—a management information system that records savings, loan repayments, attendance, and training metrics across more than 9 million SHGs that have collectively accessed loans worth INR 2.54 trillion.

Yet, this treasure trove of financial behavior data remains locked away. NRLM-linked banks extend loans to borrowers based on historical performance. But there is an opportunity for members to showcase their SHG history to financial institutions to access additional support if needed.

Consider Lata Devi, a weaver from rural Jharkhand. She has faithfully repaid three internal SHG loans and maintained regular savings through her SHG for years. To any lenders, she represents an excellent credit risk. To the larger financial system, she does not exist.

India’s AA framework, launched by the Reserve Bank of India (RBI), enables individuals and institutions to share their financial data across entities securely and with consent. By onboarding NRLM (via LokOS) as a financial information provider (FIP), a source of verified financial data, the SHG ecosystem could plug into this digital infrastructure.

This integration would enable consent-based data sharing between platforms that hold SHG records, such as LokOS, and those that deliver services like banks or government programs. It will bridge a critical gap in the ecosystem as paper trails turn into digital credentials that unlock formal financial access.

We return to Lata’s case here. With AA integration, she could share her SHG transaction history with a lender to secure working capital for her loom or with an insurer to enroll in an insurance plan tailored to her income cycle. She can become an independent financial actor, not just a beneficiary of group-based lending.

The benefits extend beyond individuals. Well-governed VOs and CLFs can use verified performance data to access market-based credit and diversify funds beyond government grants. This opens the road to partnerships with social impact investors and others who can now underwrite institutions based on objective metrics rather than subjective assessment.

Over time, verified SHG and federation-level performance data could be aggregated into standardized credit scores. Much like the Grameen Credit Score model, these scores would provide investors and lenders with an objective, risk-based lens to underwrite community institutions—moving beyond anecdotal assessments to data-driven trust.

Integration will require combined efforts. On the regulatory side, current AA rules restrict financial information providers to regulated entities, leaving out institutions like NRLM. A policy exception will be critical. On the technical front, group accounts demand new consent workflows, and LokOS records—often manually entered—may require stronger validation. Finally, trust must be built through privacy safeguards, opt-out choices, and robust grievance redressal. Without these, the promise of SHG–AA integration could falter.

Success demands concerted action from multiple stakeholders. The NRLM and the Ministry of Rural Development can champion pilot integrations in high-performance states. Sahamati can facilitate the development of consent workflows for community-based organizations.

Financial providers should come forward to leverage the data to underwrite SHG-tailored products through structured data. Meanwhile, technology partners should build multilingual interfaces for field agents and SHG members.

India’s SHG–AA integration is not just a financial innovation, but a social innovation. It marks a transition from eligibility to accountability. For millions of women like Lata, it means moving from surviving to thriving. For India, it offers a chance to set a global benchmark in inclusive finance—demonstrating how digital infrastructure can unlock the power of community institutions at scale.

This article was first published on “The CSR Universe” on 5th Nov 2025.

29th Conference of the Parties: Expectations, outcomes, and debates around major agenda items

Posted on by harshita

This article analyzes the expectations and outcomes of COP 29 held in Baku, Azerbaijan, focusing on the new climate finance goal, adaptation progress, and loss and damage mechanisms. It highlights how negotiations often compromise justice-based priorities of developing nations, particularly on finance quality and equity. The piece underscores the urgency of restoring trust, ambition, and fairness in global climate governance to keep the 1.5°C goal alive.

This article was first published on “CPRD” on 20th September, 2025.

From data to SupTech: A phased approach for smarter regulatory transformation

Posted on by harshita

The volume of data worldwide is exploding. The IDC projects that by 2025, all the world’s data will reach a volume of 175 zettabytes or 175 billion terabytes, which would make manual supervisory processes untenable. This data comprises information stored in data centers, mobile towers, branch offices, PCs, smartphones, and IoT devices, and is collectively referred to as the datasphere.  

Today, regulators struggle to keep pace with the speed of financial data. The growing volume and complexity of data require more than manual processes. They demand robust and adaptable systems that enable smarter supervision. MSC’s Data Maturity Framework seen below provides a structured roadmap to help regulators progress from basic data collection to integrated, data-driven supervisory systems, enhancing risk detection, operational efficiency, and preparedness for future regulatory challenges. As discussed in our previous blog, SupTech begins with the creation of strong and flexible data foundations, which is a crucial first step in the effective implementation of supervisory technology. 

Foundations of a good data system  

Robust data systems are essential for effective SupTech, as they enable timely collection, secure storage, and seamless integration of high-quality data needed for proactive, risk-based supervision. Structured data supports advanced analytics, while sound governance and cybersecurity ensure compliance and protection against threats. We can evaluate the effectiveness of a good data system across multiple stages, as seen below, each of which is vital to enable scalable and intelligent SupTech deployment. 

Before we discuss the three main dimensions of data collection, standardization, and storage, we must understand that some basic pillars span every phase of the data life cycle. Data granularity, data governance, and data security and privacy are not discrete phases, but ongoing facilitators that form the foundation of how well data is gathered, processed, managed, and consumed. Granularity ensures data is detailed enough for risk-based supervision without being overwhelming. Governance frameworks provide transparent guidelines for acquisition, validation, and responsible sharing, which promotes consistency and accountability. 

Also crucial is for stakeholders to ensure data privacy and security at all maturity levels. Since supervisory data typically contains sensitive financial and consumer-level information, cybersecurity, encryption, and privacy-by-design must be present from start to finish. Regulators at all stages must ensure that these standards are met to avoid breaches, maintain confidentiality, and uphold trust. These cross-cutting foundations work in parallel with technical pillars to define the long-term effect of each SupTech endeavor. 

If institutions intend to implement SupTech effectively, they must first assess their data maturity on these pillars, identify gaps where they exist, and align their solution with both their current and future needs. 

Data collection 

As financial sector supervisors evolve from basic to intermediate and advanced data collection systems, their capabilities must keep pace. At the basic level, data is submitted by regulated entities to regulators manually via tools, such as Google Forms or MS Excel over email, which requires minimal IT skills and basic protection, such as antivirus software and password controls. 

At the intermediate level, supervisors have been adopting structured digital reporting through bulk-upload web portals and traditional APIs. The Bank of Ghana implemented its ORASS platform to enable API-based reporting, as reported publicly by the central bank, while NAMFISA, Namibia’s nonbank regulator, uses its statutory ERS web portal for regulated entities. Separately, the Bank of Namibia operates its own reporting arrangements and announced an automated regulatory reporting system in 2023. These require skilled IT staff and safeguards, such as the implementation of HTTPS (to ensure secure, encrypted communications), API gateways, and audit logs. 

At the advanced level, supervisors use real-time APIs, streaming tools, such as Apache Kafka, AI and NLP platforms, such as spaCy or Amazon Comprehend, and middleware, such as MuleSoft and Apache NiFi for integration across systems. For example, the Bangko Sentral ng Pilipinas implemented a real-time API solution to improve data submission. These setups demand strong cybersecurity and legal frameworks for consent, provenance, and live supervisory oversight. 

Data standardization

Through MSC’s extensive work with several central banks, including projects in Africa and Asia, we have observed that the adoption of data standardization tools and automated validation aligns with international best practices and accelerates SupTech maturity. At the basic level, reporting relies on MS Excel templates, manual validation via macros, and email submissions, primarily supported by spreadsheet analysts and IT staff. 

In the intermediate stage, regulators shift to structured formats, such as XML or XBRL, and use schema validators and submission portals to streamline reporting. For example, the Central Bank of Ireland’s ONR platform enables firms to upload XBRL files directly, which improves accuracy and efficiency by involving schema experts and governance teams. 

At the advanced level, institutions deploy automated validation engines, NLP pipelines for unstructured document analysis (e.g. parsing audit reports), and global standards, such as ISO 20022, which have found increasing use in cross-border payment reporting frameworks. German Bundesbank’s NLP-based prospectus parser automates the interpretation of PDF documents with more than 90% accuracy.  

Institutions have also adopted the legal entity identifier (LEI) system maintained by GLEIF, alongside ISO 20022, to ensure clear entity identification in global reporting. The Bank of England mandates the inclusion of the LEI in FI-to-FI payments through its CHAPS high-value payments system, effective 1st May 2025, as publicly announced by the Bank of England. 

These advanced processes demand a skilled blend of NLP engineers, regulatory data analysts, and compliance technologists to take full advantage of automation, standards, and data intelligence in regulatory oversight. 

Data storage  

At the basic level, data is stored locally, on USB drives, shared network drives, or on-site servers, which are managed by basic IT staff and protected by simple file encryption, restricted physical access, and regular backups. These setups are low-cost but have limited resilience. 

At the intermediate level, supervisors use secure transfer protocols, such as HTTPS, SFTP, and FTPS, alongside cloud storage platforms, such as AWS S3 or Azure Blob Storage, typically managed by specialized IT teams. Institutions have been increasingly adopting cloud storage for better resilience. For example, the Bank of England has been expanding cloud usage, while the Reserve Bank of India plans to launch IFS Cloud for regulated entities.  

However, as adoption grows, central banks are concerned about the risks of storing sensitive supervisory or financial data outside national borders, particularly regarding data sovereignty, privacy, regulatory compliance, and resilience. Such concerns are significant, especially against the emergence of new technologies, such as Central Bank Digital Currencies. Many are now exploring sovereign or locally managed cloud options to address these issues. 

While many organizations are transitioning, there is no publicly available evidence confirming that any institution has completed full-scale supervisory data migration. This mirrors earlier blog: Global cloud usage remains relatively low overall. Yet, many regulators are entering the intermediate maturity phase where secure, partial cloud adoption is becoming common. This phase involves moderate costs and requires compliance with advanced security measures, such as encryption-at-rest, identifying Access Monitoring (IAM) policies, audit trails, firewalls, and Multifactor Authentication (MFA). 

At the advanced level, organizations deploy data lakes and warehouses, supported by cataloguing tools, such as AWS Glue or Azure Purview for real-time data sync. This infrastructure, maintained by cloud architects and metadata specialists, supports enterprise-scale analytics and governance. For instance, Banco de España manages more than 850 TB of regulatory data and performs thousands of analytical queries each week for robust, AI-ready supervision. 

The growing adoption of SupTech highlights that despite significant upfront costs, the long-term benefits in resilience, scalability, and regulatory capability far outweigh initial investments. Institutions preparing for SupTech upgrades must prioritize needs assessments, gap analysis, stakeholder consultations, cost-benefit analysis, and strategic planning to ensure successful transformation. 

How digital tax reforms can transform Nigeria’s revenue challenges into fiscal successes

Posted on by harshita

Nigeria has vast developmental needs which are held back by its equally vast but untapped human, natural, and fiscal potentials. The federal government spends an average of $220 per citizen per year, one of the lowest levels of government expenditure among developing countries. In 2024, Nigeria’s total expenditure was 18.1% of GDP, well below the sub-Saharan Africa average of 22.86%. This underinvestment has direct consequences for its population: a child born in Nigeria today is expected to achieve only 36% of his or her potential productivity due to poor access to quality education and healthcare services.

Low public spending in the country is linked to its constrained revenue base and fragmented system of revenue collection. Adequate revenues allow countries to fund healthcare, education, infrastructure, and social safety nets while maintaining resilience against deficits and global shocks. A narrow fiscal space undermines these goals.

Similarly, although e-governance, including digital public infrastructure (DPI), is becoming a cornerstone of modern public administration, the government faces challenges in digitising public financial management (PFM), particularly at the sub-national level.

Progress in these areas can strengthen revenue mobilisation if leveraged effectively.

The digital opportunity in public financial management

Nigeria has made significant progress in digital public infrastructure, starting with a robust national ID system. As of June 2025, 121 million people out of a total population of 238 million were enrolled in its National Identification Number (NIN) database. This scale of digital ID registration can help expand digital service delivery, where it lags behind peers such as South Africa, Ghana, and Senegal, in the UN e-Government Development Index, including in areas like online service delivery, connectivity, and human capacity, which are conditions that foster revenue mobilisation.

The country’s tax-to-GDP ratio has remained mulishly below 10%, far short of the African average of 16%. By comparison, South Africa’s ratio stands at 26%, Ghana’s at 13%, and Kenya’s at 15%. According to the World Bank, a threshold of 15% or higher is critical for sustaining growth and reducing poverty. This underperformance leaves the government fraught with recurring oversized fiscal deficits. The government’s 2020 National Integrated Infrastructure Master Plan flagged persistent funding gaps in the energy and transport sectors. Low revenues also create macro-fiscal vulnerabilities, such as dependence on foreign exchange and rising public debts. To understand why revenue collection remains so low, it is necessary to examine the country’s direct and indirect taxation systems.

Challenges in direct and indirect taxation

Nigeria’s low tax revenue is beset by underlying impediments in direct taxation, such as low tax morale1, widespread exemptions, and a fragmented tax system. Low trust in government, perceived corruption, multiple overlapping taxes, and poorly coordinated collection agencies all dampen tax compliance. At the same time, generous incentives such as tax holidays, allowances, and exemptions continue to erode the tax base, estimated at USD 4.6 billion (≈4% of GDP) in 2021. Personal income and corporate tax collections are among the lowest in Sub-Saharan Africa at just 6–7% of GDP.

The government has made incremental gains in indirect taxation, particularly through value-added tax (VAT). Centrally collected VAT revenue has grown from 10% to 30% of total revenue despite a relatively low VAT rate of 7.5%, about half the Sub-Saharan African average of 15%. With streamlined rates, VAT could become a dependable revenue source. Yet, without addressing economic, institutional and administrative barriers, such large-scale gains will be far-fetched.

Beyond rates and exemptions, the structure of tax administration itself poses challenges. The fragmented responsibilities of federal and sub-national bodies weaken enforcement. Limited institutional capacity, fragile taxpayer databases, and governance challenges impede progress. The situation is compounded by a large informal economy, which accounts for over 90% of employment, much of which operates outside the tax net. Invariably, a promising revenue mobilisation strategy should be part of a broader development strategy for the country.

Nigeria’s tax system is structured under a federal framework. Revenue collection responsibilities are divided among the federal, state, and local governments. The Federal Inland Revenue Service (FIRS) administers major national taxes, such as the company income tax and petroleum profit tax, while the Nigeria Customs Service collects customs and excise duties. The State Internal Revenue Services (SIRS) collect taxes such as personal income tax at the state level. These are calculated using the pay-as-you earn (PAYE) method and direct assessment. SIRS also collect capital gains tax for individuals and business premises levies. Local governments collect market fees, tenement rates, and licensing fees for small business operators.

Centrally, the Joint Tax Board (JTB), a cross-government tax body, has collaborated with the FIRS to develop the national taxpayer identification number (TIN) system. However, many tax administration processes, especially at the sub-national level, are still partially digitised. These processes rely heavily on manual and siloed data handling, which undermine accuracy, efficiency, and transparency.

The following are the main challenges in Nigeria’s taxation process:

Fragmented digital systems: Revenue authorities lack a unified, interconnected digital infrastructure. This leads to data silos and fragmented services. Fragmentation prevents seamless information sharing and coordination as authorities expend extra resources to identify taxpayers and enforce compliance.

Manual approval and verification of tax calculation: Manual processes to approve and verify digital IDs and payment receipts, among others, result in delays, errors, and administrative burdens for revenue authorities.

Lack of standardisation and data observability: Tax collection is opaque, and receipts are not standardised. The process involves discretionary assessments or waivers, while online portals or public notice boards are underutilised. This erodes public trust and discourages voluntary compliance.

Varied levels of automation: Revenue authorities have different automation levels, whichcontribute to inconsistent and inaccurate tax collection. These differences lead to poor data management, sharing, and reporting across states.

Non-standardised taxpayer identification number (TIN) generation: Authorities generate and manage TINs inconsistently. This creates duplicate TIN records and limits the accuracy of taxpayer profiles.

Variations in level and type of digital financial inclusion: Low digital financial inclusion limits Nigeria’s revenue potential. Many adults still lack formal financial access, which leads to cash based, informal transactions. This creates haphazard audit trails and complicates effective taxation.

Emerging reform effort to strengthen revenue mobilisation

The Nigerian government has started implementing reforms to strengthen the tax system. The country seeks to boost its tax-to-GDP ratio to 18% by 2026. In July 2023, President Bola Ahmed Tinubu inaugurated a Fiscal Policy and Tax Reform Committee, which has introduced measures to increase the tax-to-GDP ratio, including a set of legislative reforms that will transform the operating environment at both the federal and sub-national levels. The committee also seeks to modernise revenue administration and combat leakages using technology and data intelligence.

On 26 June 2025, four (4) Tax Reform Bills were signed into law by the President, including the Nigeria Tax Act (NTA), the Nigeria Tax Administration Act (NTAA), the Nigeria Revenue Service Act (NRSA) and the Joint Revenue Board Act (JRBA). These changes have been regarded as one of the most comprehensive tax reforms in Nigeria’s history.

The country requires technological advancements, alongside a parallel digital drive at the state level, to achieve the ambitious tax target by 2026. In June 2024, the Nigeria Governors’ Forum (NGF) entered into a partnership with MSC (MicroSave Consulting) under NGF’s Digital Domestic Resource Mobilisation (DDRM) initiative to help states adopt digital public infrastructure (DPI) or DPI-based digital tools as a pathway to digital tax reforms.

The initiative assessed the 36 Nigerian states on their digital maturity, digital PFM ecosystem, and the readiness of their revenue administration systems to adopt digital tax reforms. The assessment was informed by four principles of Digital Public Financial Management: a single source of truth, just-in-time strategy, observability, and de-monopolising access to public resources.

States used an Intelligent Revenue Authority (IRA) index to understand the extent of their revenue systems’ digital readiness. The index is informed by MSC’s in-house smart payments tool, which is designed to reduce friction in payment processing and administrative burden for governments. A complementary Digital Public Infrastructure (DPI) Index was also designed to assess their enabling environment (policy, skills and infrastructure availability), foundational building blocks (digital IDs, payment and data sharing systems), and delivery of public services (service platforms and sector initiatives).

The results provide the first comprehensive analysis of the digital capacity and readiness of the 36 states and the Federal Capital Territory (FCT), their maturity levels (low, medium, or high), and actions to advance and meet their revenue goals.

Customised roadmaps were also developed and distributed to the states through multi-stakeholder dialogues with their IT ministries, revenue authorities and governors. States have been advised to adopt context-specific digital tools that are secure, scalable and interoperable.

This blog was first published on “Nigeria Governor’ Forum” on 4th November 2025.

SupTech starts with data: Building strong and flexible data foundations

Posted on by harshita

“Regulator blames lack of timely data reporting for recent multi-million-dollar losses in the banking sector.”  

This stark headline on HSBC’s GBP-57.4 million fine reveals an unpalatable reality: Even the world’s major banks, equipped with advanced systems, can suffer costly outcomes due to gaps in data accuracy and reporting. Failure to properly identify eligible customer deposits has exposed significant weaknesses in data handling, which has led to heavy regulatory penalties and hurt customer trust. 

Such challenges multiply in developing or underdeveloped countries that have weaker data infrastructure and less mature supervisory technologies. Here, the risks compound and make financial stability even harder to safeguard.  

This is precisely where supervisory technology, or SupTech, can emerge as a panacea. It uses analytics to transform messy, incomplete data into clear, actionable insights that help regulators and firms spot threats and manipulations faster than traditional, manual methods. 

A leading example is Singapore’s Monetary Authority, which developed “Apollo,” an AI-powered system that analyzes vast volumes of trading data to detect subtle patterns of market manipulation that humans often miss. Apollo learns from expert investigators, which allows regulators to focus on the riskiest cases and illustrates how AI-driven SupTech reshapes market supervision. However, even the most advanced solutions depend fundamentally on high-quality data. Without timely, consistent, and complete data, these tools cannot yield reliable insights. 

For regulators, especially in emerging markets, strong and adaptable data systems are imperative and serve as the very foundation of effective, future-ready financial supervision that can prevent crises and protect markets. 

Global adoption: Steady progress but uneven readiness 

While SupTech adoption is increasing worldwide, progress remains uneven. MSC’s work with regulators across Asia-Pacific and Africa shows that while many authorities are interested, their level of readiness varies. A Cambridge SupTech Lab’s 2024 survey shows that 75% of advanced economy regulators and 58% of emerging market authorities now use one or more SupTech or RegTech tools, a gap that has narrowed from 25% in 2023 to 17% in 2024. But behind these encouraging numbers lies a deeper challenge, the unequal readiness of data systems that underpin SupTech initiatives. 

MSC’s country-based studies reveal that many lower-income nations are still in a transitional stage of digital supervision, where some automation exists but manual processes continue to dominate. In the Pacific region, for example, several central banks have launched pilot dashboards for data analysis, but much of the input still comes from manual submissions and non-standard templates. This limits both scalability and consistency. 

Our diagnostics also show that weak digital infrastructure, inconsistent data definitions, and unclear data governance frameworks are often bigger obstacles than funding. In short, the adoption of SupTech tools does not always mean being ready for them. In this context, “ready” refers to the availability of robust data foundations, including clarity, consistency, quality, and  governance of data. Many regulators may have access to these systems but lack the data foundations needed to use them effectively or expand them sustainably. 

Robust and integrated data systems are the foundation upon which effective SupTech supervision is built, powering automation, real-time oversight, and risk-based actions as shown below.

Why strong data systems matter 

SupTech begins with technology, but its true power depends on data, and that is where the foundation for effective supervision is built. Strong data systems sit at the heart of every effective supervisory function. They process high-frequency granular information automatically, detect risks the moment they surface, and give supervisors the confidence to act based on hard evidence. They ensure that every regulated entity reports consistently and comparably, and that sensitive information is stored securely while remaining accessible to those who need it. 

Table 1: Varying data requirements of supervisory functions 

Core challenge: Weak data foundations 

Across less digitally mature markets, MSC’s data maturity assessments have identified three interlinked gaps that frequently delay SupTech transformation. Figures based on MSC’s data are derived from direct surveys of Pacific Island regulators conducted in 2023 as part of our data maturity assessment work. Cambridge figures are cited for global context. While these overlap with global patterns described in the Cambridge SupTech Lab’s work, our regional evidence provides sharper insights into their practical consequences.  

Data quality gaps 

Manual and spreadsheet-based reporting still dominate. MSC’s Pacific SupTech readiness survey (2025) found that one-third of regulators rely on manual submissions. This finding echoes Cambridge’s 2023 global trend, which shows more than half of authorities still handle manual data and nearly three-quarters validate it manually. These overlapping findings underscore how poor-quality and manual data weakens supervisory confidence and delays risk detection. 

Lack of standardization 

MSC’s diagnostics across small islands and low-income economies show that few regulators have consistent taxonomies or standardized data dictionaries across departments. While only 14% of regulators globally report full data standardization, the figure drops even lower, below 10%, in smaller jurisdictions that depend on legacy reporting formats. The absence of common definitions forces supervisors to clean and reconcile data after submission, which slows decision-making, undermines cross-entity comparisons and systemic risk analysis, and makes it inefficient or impossible. As a result, any SupTech solution built on this data risks being weakened. 

Infrastructure constraints 

Even as some authorities explore cloud-based SupTech pilots, in-house or private server storage still accounts for more than half of supervisory data systems in the Pacific, as per MSC’s research. This reliance on in-house systems protects confidentiality but creates silos that block data sharing and integration with modern analytics tools.  

While Cambridge reports low global adoption of cloud storage (31.5%), MSC’s Pacific survey reveals a significant and continued dependence on in-house and private servers across the region, which sometimes exceeds 50% in individual countries. These regional figures may appear to contradict global studies, but they are consistent when viewed in terms of maturity. Many jurisdictions remain at the transitional stage, where cloud experimentation has begun, but full adoption is still limited. 

Why a direct jump to SupTech is risky 

The temptation to invest in the latest tools is understandable. MSC’s research, supported by findings from CCAF and OECD, shows that technological investments often underperform when built without solid data foundations. Ineffective systems yield unreliable results, exhaust critical institutional resources, and heighten exposure to operational and reputational vulnerabilities. In the absence of dependable data, even the most advanced SupTech initiatives can turn into costly trials. 

Therefore, the data shows that before regulators allocate funds to advanced SupTech platforms or infrastructure, they should follow a gradual, capability-based strategy aligned with the maturity of their data ecosystems. The gradual implementation of SupTech solutions promotes smoother implementation, enhances value realization, and prevents costly setbacks. Without this foundation, institutions risk pouring resources into advanced technologies without addressing core weaknesses in data systems, which would ultimately drain institutional capacity and weaken the stability of the financial system. 

In our next blog, we will explore the building blocks of effective data systems and MSC’s framework, which defines what constitutes basic, intermediate, and advanced maturity levels, and showcase how central banks use these stages to implement scalable and future-ready SupTech solutions.

Advancing financial supervision: Best practices in SupTech and RegTech

Posted on by Adityaraj

The report explores how SupTech and RegTech are modernizing financial supervision through automation, analytics, and AI to improve compliance, risk management, and consumer protection. The report draws on global case studies, from the Bank of England to Rwanda and the Philippines, to illustrate practical innovations that strengthen regulatory efficiency and inclusion.

It also presents a five-step adoption framework and strategies to address challenges, such as data privacy, legacy systems, and resource constraints, to promote resilient, technology-enabled regulatory ecosystems.