Balancing growth, innovation, and trust in PHL banking

IN BRIEF:

• Philippine and Asia‑Pacific banks are prioritizing growth and upside risk management while adapting to rapid digital transformation amid rising regulatory, technological, and competitive pressures.

• Banks must balance innovation with trust by strengthening governance, cybersecurity, operational resilience, and legacy systems, while adopting technologies such as AI and blockchain.

• Long‑term success depends on future‑ready skills, adaptive leadership, and a mindset that embraces continuous change while maintaining confidence among customers, regulators, and stakeholders.

Asia-Pacific (APAC) and Philippine narratives continue to be about growth and dealing with upside or growth risks, as opposed to downside risks that would correctly describe economies that went through crises. Banks continue to update their decision-support, compliance, and risk management models in parallel with their transformation and innovation initiatives while meeting heightened expectations from regulators, customers, and investors. To navigate this complexity effectively, a focused and balanced portfolio will enable banks to drive synergies across the organization and unlock value from upside risk opportunities. This requires a shift from merely mitigating risks to actively embracing upside potential, grounded in a strong foundation of trust.

This is the second article of the Financial Regulatory Outlook series, which builds on insights from the SGV Knowledge Institute event, “Global Shifts, Local Impact: Navigating the Next Wave of Banking Regulation.”

The previous article presented insights from the EY Global Regulatory Outlook, which was issued against a backdrop of increasingly rapid technological innovation and a changing competitive landscape that is becoming more ecosystem-based and ‘friendlier’ to nontraditional players. This environment presents new risks for banks, particularly in relation to the digital world, with big-tech companies and nimbler entrants threatening profitability and making the regulatory direction less clear.

This underscores the need to create both regulatory and management frameworks that strike a balance between allowing for change and innovation while ensuring financial sector stability and protecting customers and the public.

However, innovation in banking is inherently challenging. Banks operate within complex business models, rely heavily on legacy core systems, and are subject to intense regulatory scrutiny. These challenges can be understood through recurring paradoxes that banks must continuously manage. The resulting tensions drive the need for banks to have more adaptive and resilient models.

MANAGING TECHNOLOGY RISK IN A DIGITAL‑FIRST ENVIRONMENTDigital transformation efforts will accelerate on multiple fronts during the next five years as banks continue to embrace widespread transformation programs to meet shifting customer needs, stay ahead of new competitors and achieve operational excellence.

These efforts are closely aligned with the BSP’s overarching digital transformation strategy, which encourages financial institutions to shift toward digital-first banking to improve convenience, inclusion, and efficiency. At present, major banking institutions are actively integrating artificial intelligence (AI) for fraud detection and credit scoring, as well as blockchain payment rails to streamline operations and expand access to financial services.

Despite the significant opportunities presented by digital innovation, cybersecurity and technology risks — including risks associated with the design, development, and deployment of digital systems and infrastructure — remain a top priority for banks. Bank leaders continue to be confronted with the risk-vs. opportunity paradox, particularly around AI adoption: assessing whether AI will introduce new and complex risks or strengthen the bank’s ability to identify, manage, and mitigate risk more effectively.

Recognizing both the promise and the risks of innovation, regulators have introduced measures such as the Financial Services Cyber Resilience Plan (2024-2029) to promote industry-wide coordination, enhance defenses against evolving cyberthreats, and safeguard stakeholder trust.

Balancing innovation and growth with trust, resilience, and regulatory compliance is critical to long-term success. Achieving this balance requires banks to design and adopt innovation-friendly governance frameworks, with clearly defined risk limits, accountabilities, and decision rights embedded directly into business-as-usual operations.

DUAL‑TRACK TECHNOLOGY TRANSFORMATION
Robust and reliable technology is essential to enable successful banking transformation and sustain continuous innovation and growth. However, while the adoption of new technologies is critical, core banking system disruptions are unacceptable, given the “always on, always available” nature of banking services and the sector’s reliance on uninterrupted operations to maintain customer trust, financial stability, and regulatory compliance.

Banks operate within highly complex and interconnected environments, often reinforced by legacy core banking systems that are deeply embedded in critical business processes. Beyond managing vast volumes of sensitive customer and transaction data, important business services depend on legacy platforms, layered architectures, and extensive policy frameworks. These interdependencies heighten the risk that system changes, upgrades, or migrations may disrupt critical services, making transformation initiatives particularly challenging.

Philippine banks are increasingly adopting a dual-track approach to technology transformation, balancing the need to protect mission‑critical legacy systems while simultaneously deploying new digital capabilities.

Under this model, banks deploy new digital tools to enhance existing systems through familiar channels and interfaces, minimizing disruptions to day-to-day operations and reducing change risks for both customers and employees. Similarly, legacy technology can be “wrapped” with new features, functionality, and AI-based user experiences without exposing the institution to the operational and regulatory risks of full system replacement — a key consideration in the Philippine regulatory environment.

BUILDING FUTURE‑READY TALENT
As technologies continue to evolve at pace, banks must ensure their talent keeps up to sustain transformation momentum. People are at the core of successful transformation; hence, banks need to continuously upskill their workforce to adopt emerging technologies.

According to the Global Bank Risk Management Survey 2024, the APAC region faces the most significant challenges in attracting and retaining cybersecurity talent. Digital growth across the region is accelerating faster than talent development, resulting in a widening skills gap. In the Philippines and other emerging markets, there is a strong foundation of technical talent, but capability gaps remain due to limited exposure to advanced cybersecurity roles, enterprise-scale environments, and governance, risk, and regulatory frameworks.

Over the next five years, risk professionals anticipate the need for more specialized skill sets across both the first and second lines of defense to address increasingly complex and fast-evolving risks. Bank leaders must therefore proactively define the skills required for the future and implement a deliberate strategy to develop and acquire these capabilities while continuing to retain and strengthen expert talent in core areas.

Workforce shifts are inevitable. As AI tools increasingly meet basic analytical needs and automate routine tasks associated with traditional risks, teams are expected to move from today’s pyramid (with more workers in junior roles) to tomorrow’s diamond shapes (with more senior-level specialists with stronger judgment, domain expertise, and decision-making capabilities).

As this transition accelerates, leaders must also address widespread concerns about AI’s potential to replace jobs. Successfully navigating this shift will require clear communication, targeted upskilling, and a strong focus on redeploying talent toward higher-value activities.

DRIVING ORGANIZATIONAL ADAPTABILITY
While technology enables transformation, its success in financial institutions ultimately depends on people and effective leadership. While investments in digital platforms, cybersecurity tools, AI, and data analytics are critical, their impact will remain limited unless organizational culture, leadership behaviors, and ways of working evolve in parallel. Transformation success ultimately lies in how people think, act, and collaborate.

As Philippine regulations increasingly focus on technology risk, cyber resilience, data governance, ESG, and AI, the ability of banks to adapt is being tested beyond traditional compliance capabilities. Meeting these demands requires not only new tools and frameworks, but also greater agility, judgment, and cross-functional collaboration across the organization.

To succeed, leaders must enable people to work adaptively, experiment creatively and think differently. People and teams may need convincing that continuous improvement is a requirement for long-term success and that while change is difficult, its long-term benefits far outweigh the short-term disruption it creates.

SUSTAINABLE GROWTH THROUGH TRUSTED INNOVATION
As banks continue to pursue growth through rapid digital innovation, maintaining trust and resilience is more critical than ever. The industry’s path forward will be shaped by how effectively it manages the inherent paradoxes of innovation: adopting new technologies while protecting mission-critical systems, building future-ready skills while retaining core expertise, and driving continuous change without eroding confidence among customers, regulators, and stakeholders.

By adopting adaptive operating models, innovation-friendly risk frameworks, and a mindset that treats change as constant, banks can unlock upside opportunities while reinforcing long-term trust from stakeholders.

This article is for general information only and is not a substitute for professional advice where the facts and circumstances warrant. The views and opinions expressed above are those of the authors and do not necessarily represent the views of SGV & Co.

Charisse Rossielin Y. Cruz is a Business Consulting Partner and the Insurance Sector Deputy Leader, and Eleonor L. Camot is a Financial Services Consulting Senior Director, both of SGV & Co.