We try to look a little bit ahead to see what is actually coming. And that's, first of all, to understand the markets also so we may make the right strategic changes before things become a regulation. But also, we try to engage with regulators at an early stage. Most it's trying to, let's say, educate them and so try to explain how we do things because things in the payment business becomes more and more technical. And just being, let's say a lawyer or an economist it's really not enough. It's insufficient today because you really need to understand how you parse and simplify defenses. So this is a change where you need to know a lot of this. That's why we try to educate the regulators, but otherwise what we do is whenever we hear about new regulation, we try to get an ownership from one of our, let's say, internal sponsors in the bank. It's usually one of the business units who gets the ownership of that regulation. And then we start analyzing what's the impact, and then drill down from there from the higher requirements, and then to find what products are affected, how do we need to change them, et cetera. But we also, next to that, because this is the compliance part, we have to comply no matter what within regulation. But also we try now and this sort of a change in terms of the bank that's been happening for the last couple of years. and we actually now try also to use the new opportunities that the regulation provides us, or actually we try to look for new opportunities with the regulation and see, can this bring in new business opportunities, or can we do better services to our customers. But those are let's say, what we call business opportunities track which are run in parallel with the compliance projects. Also something that takes a lot of time to change some mindset internally in the bank. And we don't only do it gradually because this is something, I mean, for hundreds of years banking business have been in one way and suddenly we have to do it differently. And again, not many sees the big advantage in this. So again its not something that been welcomed with open arms. But again, as I said, it's here we have to do it right away. We have to embrace it because it's not going to go away. And this is where we then try to say, look at the opportunities. We have a lot of other possibilities now that we didn't have before. There's someone who can provide services we are not capable of doing. So then turn that into an advantage. But it's a process, I would say, and it takes a lot of time. There's one new regulation that comes into force next year in May. That's the general data protection regulation which is right now, I would say, the mother of all projects at least in internal investment bank. It really puts everyone and not only banks but all companies who have more than one employees, they are suddenly responsible for the customer's data. And they are liable in case something goes wrong in a much more hard way than it is today. That's also going to impact the way people can access their data going forward, and how they can also download their data because- so that's a huge one. Another one that's coming is a- well it's not really defined yet, but when completed, it will be that, but it will be more and more email, anti-money laundering, and more and more KYC as well. Because we do see more and more, unfortunately, crime and financial crime and also terrorist financing that goes on not from outside of Europe to Europe, but also inside of Europe. So this is all something that's going to change a little bit in the payment business where we need to have more information from customers even though they just need to transfer money to their uncle in a different part of the country. This is going to be cumbersome for everyone, but that's definitely a huge impact. I think with all the regulation we have now, you can always ask, do we have sufficient regulation? Are there any holes? In some ways I would actually say that we do have a hole now in terms of terrorist finance tracking. Because the current regulation is exempting all payments within Europe and we have these reporting agreements also with the US and others. But again it's only on payments going out from Europe or into Europe. And that's sort of missing, I would say, at least from a security point of view because you can still finance an operation, unfortunately, from within Europe. So that's something that needs to change. Other things is when we move into the more of the virtual currency area. Virtual currencies are now being regulated a little bit, at least wallet providers and also exchanges of virtual currencies have to do KYC and email. Again this is sort of the first step into that area but you only regulate Europe. So I can still use my Nigerian wallet provider if I want to use bitcoins going forward and be anonymous. But one thing is you get value inside the cryptocurrency area, and you check then when you get value in or value out. But once these network grows, then you actually might not need to get money out of it. And there there's no tracking at all. And generally, you would also say if these virtual currency economies become too substantial, then there are a lot of things like statistics, et cetera that is lost. So the government cannot really measure the financial activity in the country anymore. So they don't know if they should do, let's say, a more aggressive financial and fiscal policy or a more defensive one. So there are a lot of these things that are yet to come. It's not an issue yet but it is coming.
