Deregulation Déjà Vu: 3 Cycles Every Compliance Leader Should Remember

As a former chief compliance officer, I can’t help but realize something: I’ve seen this film before. Repeatedly, actually. And here we are, watching it again — except this time, someone’s changed the ending.

For 40 years, American banking has followed a predictable cycle: Deregulation enables innovation, innovation becomes speculation, speculation triggers collapse, collapse demands bailouts and bailouts birth stricter regulations. Then we wait a decade or two and do it all over again.

But something unprecedented is happening. For the first time in modern banking history, we’re responding to a crisis not with more oversight but with less. We’ve broken the pattern. And that should worry every compliance professional, risk manager and board member reading this.

The first act: When S&Ls discovered they could do more than mortgages

In 1980, Congress passed the Depository Institutions Deregulation and Monetary Control Act. The thrift industry, which had spent decades making simple home loans, suddenly found itself free to pursue commercial real estate, speculative land deals and junk bonds.

Here’s what happened next: Institutions with little experience in complex lending dove headfirst into markets they didn’t understand. By 1989, more than 1,000 savings and loan institutions (S&Ls) had failed, the most significant banking collapse since the Great Depression. The cleanup cost taxpayers $210 billion.

The lesson should have been obvious: When you combine deregulation with inexperience, you get disaster. Congress seemed to understand this, passing the Financial Institutions Reform, Recovery, and Enforcement Act in 1989 to rebuild the regulatory framework.

Except we forgot.

The second act: When Wall Street met Main Street

The next crisis took decades to build. Starting in the 1980s, regulators and lawmakers chipped away at the Glass-Steagall Act’s protections, which established barriers between banking, securities and insurance, keeping the system stable since 1933. The Gramm-Leach-Bliley Act of 1999 delivered the final blow.

Wall Street’s response was predictably creative. They invented mortgage-backed securities, collateralized debt obligations and credit default swaps, instruments so complex that even their creators struggled to explain them. The innovation wasn’t inherently evil; it was opaque by design. When you can’t see risk, you can’t price it. When you can’t price it, you can’t manage it.

The 2008 collapse was spectacular. Over 500 banks failed between 2008 and 2013. The housing market imploded. Taxpayers handed over $700 billion through the Troubled Asset Relief Program (TARP) to prevent complete systemic failure.

This time, Congress passed the Dodd-Frank Act. The cycle continued: deregulation, followed by excessive risk-taking, eventual crisis, taxpayer bailout and finally, stricter regulation. We were still following the script.

The third act: When we decided this time was different

Fast-forward to 2018. The Economic Growth, Regulatory Relief, and Consumer Protection Act rolled back Dodd-Frank provisions for smaller and mid-sized banks. The reasoning? These institutions posed no systemic risk.

Silicon Valley Bank, Signature Bank and First Republic would like a word.

When the crypto bubble burst and interest rates spiked in 2023, we witnessed three of the four largest bank failures in US history. These “non-systemic” institutions had loaded up on uninsured deposits, crypto exposure and fintech partnerships no one fully understood. Taxpayers paid another $40 billion to clean up the mess.

But here’s where the pattern breaks: Instead of tightening regulations, we’re loosening them further. No new laws. No restored protections. Just more deregulation.

We’ve never been here before.

Financial Services

What Policymakers Must Prioritize in the Next Decade of Financial Regulation

by Abhishek Nagesh

July 10, 2025

Technological innovation and cross-border finance are pushing 20th-century regulatory frameworks to their breaking point

Read moreDetails

Why this time really is different (and not in a good way)

Throughout my career, I’ve seen executives assume that fewer rules mean less compliance work. They’re wrong every single time. Deregulation doesn’t simplify compliance; it just fragments it.

When federal oversight retreats, states fill the vacuum. But they don’t fill it uniformly. California implements one set of rules, Texas another, New York a third. That multi-state bank that once followed one federal standard? It’s now juggling dozens of different compliance regimes. Instead of decreasing, the work multiplies.

Here’s what keeps me up at night: We’re combining this unprecedented deregulatory momentum with a technological revolution in banking. AI-driven lending, embedded finance, banking-as-a-service and crypto going mainstream are just a few of the many innovations that didn’t exist during previous cycles. We’re essentially running a massive experiment in financial system stability.

During past deregulatory periods, institutions at least had the benefit of hindsight once things went wrong. Regulations snapped back. This time, we’re accelerating past the warning signs.

What survivors do differently

The institutions that survived past crises didn’t make it because they avoided innovation. They just managed it better. They understood a fundamental truth: In deregulation, risk doesn’t disappear. It becomes harder to see.

Successful institutions follow the money. When everyone else is asking, “What can we do now that we couldn’t before?” they’re asking, “What could go wrong that couldn’t before?” They adapt policies immediately rather than letting changes pile up. Most critically, they maintain strong risk cultures when others are dismantling theirs. They recognize that compliance isn’t about checking boxes; it’s about understanding where the edges are before you fall off them.

The questions your board should ask tomorrow

If you’re sitting in a boardroom, here’s what you should be asking:

• Where are we taking risks we’ve never taken before? Not just in products and services, but in geographies, partnerships and customer segments.
• How are we funding growth? If the answer involves significant concentrations of uninsured deposits or novel funding mechanisms, dig deeper.
• What happens when state and federal requirements conflict? Do we have systems to track and reconcile different requirements?
• Are we treating AI and new technologies as efficiency tools or risk multipliers? The reality is they’re both and which one dominates will depend on your controls.

The pattern is the warning

Every major financial crisis in modern history has followed the same pattern. The S&L crisis taught us that innovation without experience kills banks. The 2008 crisis taught us that complexity without transparency kills systems. The 2023 failures taught us that concentration without diversification kills quickly.

We’ve always learned these lessons the hard way, then forgotten them just in time for the next crisis. But at least we used to respond to crises by strengthening oversight, giving the next generation of bankers guardrails to keep them from repeating past mistakes.

I’ve been in this business long enough to know that regulatory cycles are as predictable as economic ones. The pendulum always swings back. But that’s not a threat; it’s an opportunity. The question isn’t if stricter regulations will return, they certainly will. The real question is: Will your institution be ready to turn that regulatory shift into a strategic win?