ThinkableWhat is this?

Banking Regulation

Why the Rules That Govern Banks Were Written in the Aftermath of Catastrophe

Every major piece of banking regulation ever written was essentially a letter from the past to the future, saying: we did not see this coming, and we cannot let it happen again.

The Idea

Banking regulation is not a steady, rational project of designing safe systems from first principles. It is almost entirely reactive — a patchwork of rules, each one stitched on after a crisis exposed a gap the previous set of rules had missed. Understanding this reveals something uncomfortable: regulators are always, structurally, fighting the last war. The core problem is that banks do something genuinely strange. They take in short-term deposits — money people expect to access any time — and lend it out long-term, in mortgages and business loans that won't be repaid for decades. This 'maturity transformation' is enormously useful for an economy, but it creates an inherent fragility. If enough depositors want their money back at once, no bank can survive, because the assets are locked away. This is the logic behind a bank run, and it is not irrational panic — it is entirely rational, which makes it almost impossible to stop once it starts. So regulators try to prevent the panic from beginning. They require banks to hold capital buffers — a cushion of their own money, not borrowed from depositors — so that losses can be absorbed without collapse. They impose liquidity rules, demanding banks keep enough easy-to-sell assets to survive a sudden rush for the exits. And crucially, most countries have deposit insurance: a government-backed guarantee that if the bank fails, your savings up to a certain amount are safe. That last tool is arguably the most powerful, because it removes the rational incentive to panic in the first place.

In the World

The 2008 financial crisis is the most instructive recent example of regulation lagging reality — but the detail that often gets lost is precisely where the gap opened. For decades, regulators had focused on the traditional banking system: deposit-taking institutions governed by rules on capital and liquidity. What they had not fully accounted for was the vast 'shadow banking' system that had grown up alongside it — investment vehicles, money market funds, and complex instruments that performed bank-like functions without being classified as banks, and therefore without being subject to bank-like rules. When Lehman Brothers collapsed in September 2008, it triggered a freeze in this shadow system. The Reserve Primary Fund, a US money market fund, 'broke the buck' — its share price fell below the guaranteed value — because it held Lehman debt. Within hours, institutions across the world were pulling money out of similar funds, and the entire short-term lending market through which banks and corporations fund their daily operations began to seize up. Governments had to step in with guarantees that dwarfed the formal deposit insurance schemes, because the contagion had spread through channels nobody had thought to regulate. The regulatory response — the Dodd-Frank Act in the US, Basel III internationally — was enormous. But critics noted, not unfairly, that it was largely designed to prevent 2008 from happening again, not to prevent whatever comes next.

Why It Matters

This pattern — crisis, revelation, new rules, repeat — is not a failure of regulators as individuals. It reflects something deeper about complex systems: they generate risks that are only visible in hindsight, after the structure of incentives has already exploited every gap. For anyone trying to make sense of the financial world, grasping this changes how you read the news. When a bank wobbles, ask not just what went wrong but what rule was absent, and why. When new regulation is announced, ask what the last disaster looked like and whether this response addresses the right lessons. It also reframes what 'safe' means in a banking system. No framework ever makes banks perfectly safe — it makes them safer in the ways the previous crisis revealed. The residual risk lives in whatever comes next, in corners of the system that are currently thriving precisely because nobody has had cause to look at them closely yet. That is not a counsel of despair. Regulation genuinely works: the basic deposit-insurance architecture has prevented the casual, routine bank panics that plagued earlier eras. But it is worth understanding that financial stability is less a solved problem than an ongoing negotiation between rule-makers and the relentless creativity of a system searching for yield.

A Question to Ponder

If banking regulation is always written to prevent the previous crisis, is there any way to build a system that anticipates the next one — or does the act of identifying a risk simply push it somewhere else?

Get a new one of these every morning.

Start learning with Thinkable
One topic like this, every day.Start free