CEOs of Mastercard & Microsoft Discuss the Digital Transformation of Financial Services

🎥 Jan 09, 2017 📺 Bank Policy Institute ⏱ 30m 👁 315684 views

Mastercard CEO Ajay Banga and Microsoft CEO Satya Nadella take the stage at the 2017 FinTech Ideas Festival in San Francisco to discuss the digital transformation of the financial services industry and what to expect next.

Watch on YouTube

About Ajaypal Banga

Ajay Banga, President of the World Bank Group, has been discussing the institution's focus on job creation and its shift toward outcome-oriented metrics. In a May 2026 investment conference, Banga described his approach to cultural transformation, stating that at Mastercard he united the company around the mission to "kill cash," and at the World Bank he reduced the corporate scorecard from 155 items to 22 output-oriented measures. He said that "a job earning is the best way to drive people's hope and dignity" and that poverty is "both a state of mind and a state of being." In an April 2026 event at the Atlantic Council, Banga argued that the old model of relying on public finances is "broken" and that the private sector must be brought in to address the challenge of 1.2 billion young people entering the workforce. He outlined a jobs agenda built on three pillars: physical and human capital infrastructure, business enabling reforms, and catalytic capital. In a March 2026 interview, Banga discussed the drivers of income inequality, stating that when interest rates stay low for a long time, "capital returns increase significantly while labor returns stagnate." He described the World Bank as "not just a money bank; it is a knowledge bank" that helps countries build municipal financing markets and primary healthcare systems. Banga also said that young people should "build their own stories based on current opportunities rather than compensating for past wrongs." He noted that the World Bank raised a record $24 billion for IDA 21, which through its AAA rating can be leveraged four times for the poorest countries.

Source: AI-verified profile updated from Ajaypal Banga's recent appearances. Browse all interviews →

Transcript (17 segments)

✨ AI-enhanced transcript with speaker attribution

Tim Pawlenty0:07

My name is Tim Pawlenty. I'm the CEO of the Financial Services Roundtable. Thank you for being here and traveling to San Francisco. Sorry for my belatedness and travel problems and challenges that I had. We are delighted that you're here. If we were going to rename this conference, we probably would rename it the Convergence Conference because as you see in this presentation, some that preceded it and some that will come. This is part about disruption. It's part about competition. But increasingly this convergence is about partnership and the spirit of this room is about how do we learn from each other? How do we have mind share from each other to the benefit of both sectors. Our next two speakers and by the way somebody once said recently the problem with instant gratification is it takes too long. And so if you hear the cadence and the tempo of the folks who are coming at this from the tech side it's a little different than perhaps what some of our financial service people are used to. But these two things are converging in ways that are going to be very exciting and beneficial for both. The next two speakers are going to advance the conversation we think in profound and very interesting and compelling ways. They're two names and leaders that you'll recognize very instantly. Satya Nadella of course is the CEO of Microsoft where he's led major projects including the company's move to cloud computing. He's also of course involved in major initiatives around augmented reality and of course cloud infrastructure and a variety of other initiatives. He is transforming and accelerating that company in very exciting and dynamic ways and he's also engaged in trying to address and solve some of the major economic and societal challenges and opportunities that we face globally as well. Of course, Ajay Banga is familiar to everybody in the room as well. He's the CEO of Mastercard. He is somebody who's well regarded not just in the financial service space but globally as a strategic and technological thinker and a very gifted speaker. Somebody we're delighted to have as our recent most immediate past chairman of the Financial Services Roundtable. One interesting side note about these two remarkable leaders is they both attended school at the Hyderabad public school system in India. They were there at different times but once Satya became the CEO of Microsoft they became friends subsequently and have been in touch with each other over the years and involved in a lot of these common issues. So we think their session and discussion is going to be very exciting. Let's welcome Satya and Ajay to the stage.

Ajaypal Banga2:32

But that's quite an introduction from Tim. And if you keep going like that, the only thing my mother would have said is that I'm strikingly handsome. But the rest of it you did pretty good on. And the only other part of our introduction you left out was that between us the average of hair is pretty good. So Satya, thank you for being here.

Satya Nadella2:52

No, absolutely. My pleasure.

Ajaypal Banga2:53

What we're going to do is we're going to go back and forth with a couple of questions for each other and we'll run through. We've got about 29 minutes left. So we'll try and run through as much as we can and in the process if we can get a couple of questions in from the audience we will. That fair? So Satya, let's start with you. You're on this journey of change. You've been CEO for close to three years. You've got that stock price up and humming again. It's 50% up from what it used to be. It's probably crossed the level it was at its peak. And the company has got a different energy. I can attest to that. Both from visiting you, but also from meeting your people. There's a whole series of things you're doing ranging from directing it in a different place to changing the culture to changing where you're putting your money and your investments. You want to walk us through a little bit about what transformation you're doing, how you're doing it, what part of it was easier, what part of it a little tougher, and we'll go from there.

Satya Nadella3:53

I mean, the one thing is that there's no part that's easy. That's probably the headline. We've been what we're now a 42-year-old company. And the thing that I have realized a lot more after becoming CEO, quite frankly before being CEO has taught me this, is two things perhaps matter the most which is having a very clear sense of purpose or mission that gives the organization real direction and then a culture that allows you to go after that mission. So, in some sense, the job's simple if you can truly get those two things right most of the time. But the challenge is, especially if you've had success, what happens is the initial concept of a service or a product that you started out with, the capability you built to go after that concept and the culture that sort of evolved all fall into amazing gear. Right? After all, you were successful. It's because your culture, your capability, and concept are all firing on all cylinders and you're doing super well. But the problem is at some point that concept you started with will run out of gas. You now need a new concept. That new concept will need new capability. And that's hard mostly because culture will not let you build that new capability. So in our case, one of the lucky breaks I would say that we got in our 41 years is we've had to deal with multiple technological changes. We got some right, some wrong. The diversity of different businesses, I mean building a 10-plus billion dollar Xbox business on one side, to nobody notices this but Bing is a $6 billion business for us, or building our enterprise business which when I started was zero and now it's multiple tens of billions of dollars for us. So the fact that we went after and built new businesses with new capability that needed new capability, new culture at least gave us the grounding that the next time you have a massive change, you got to go at it hard. But quite frankly, it's that mission and culture and growing new capability that's been where my focus has been and we feel well positioned but we don't take anything for granted.

Ajaypal Banga6:37

So you've got, I've heard you say that your principles are that you can learn it all but not know it all. Talk to us a little bit about what's behind that.

Satya Nadella6:48

It I think in a way it connects back to this idea of new businesses, new things being created, right? You won't do those if you think you know it all. But I think it's more than that. So, see, I went on this quest of what's the cultural meme that we can all talk about. I mean, all of us have lived through organizations where you have these cultural attributes you put up on a poster and it's hard to even remember what you put up on the posters and so on. And so, I said, well, how do we have this learning organization? Interestingly enough, I read a book by a lady at Stanford called Carol Dweck who's done some fantastic research and written a book called Mindset around child psychology where essentially if you take two people in school, boys or girls, and you say one of them is a know-it-all, the other one is a learn-it-all. The know-it-all even if that person starts with more innate capability the learn-it-all will ultimately do better and that's true for kids in school it's true for CEOs like me it's true for entire organizations so we've really embraced that growth mindset as at least the meme but it's actually an interesting one because sometimes some folks at Microsoft will come to me and say you know what Satya I've identified the 10 people at Microsoft who don't have a growth mindset and I'll say well that's not the idea the idea is to be comfortable with your own fixed mindset like I have to be able to show the vulnerability of saying wow I could have learned something from that customer I should have listened more from my colleagues and having that sense that we're not perfect we never will be perfect and we need to seek to listen to learn. That's I think super key if you want to have a culture that allows you to foster new capability. I think that's absolutely a necessary condition.

Ajaypal Banga8:52

So in that context, what do you think is the role that your connections back to developers and outside innovators, startups, how do you think that has enabled Microsoft to go through this journey that you're going through as compared to what you already had built into the company? Most companies of your size and scale and success in its earlier days would have said, 'I can do this. I can create it from inside. I can figure this out.' But you've embraced developers. You've embraced startups. You've embraced a bunch of things. Walk us through that a little.

Satya Nadella9:24

Yeah. The one, you know, again, I'm a big believer in these digital feedback cycles. Because the best way for any organization to stay honest and stay on your toes and in fact get on that monotonic continuous improvement cycle is to have a signal that you're reacting to with a set of metrics that you're trying to improve on. As we have shifted to the cloud, one of the big breaks we got was that impedance that existed between our technology and what our customers were facing day-to-day has completely changed. Whether it's a startup or a small business or a large business or even public sector as they move to the cloud, I'm in that continuous feedback cycle. We've always had that in our consumer businesses. I mean, Xbox Live, you know, we have the stats on it as to what's happening. How many matches did we actually help people play last night or what have you on Halo? That level of ability now we have with what I would call our enterprise business. By the way, in the financial services sector, especially in the United States, we want to get there. I mean, finally, we are getting to a place where we've got all the regulatory requirements, compliance requirements all taken care of. But in other industries, we are well on our way to having that feedback cycle. And that's what's leading us to help with the digital transformation of not only Microsoft but indirectly all of our customers too.

Ajaypal Banga11:00

So Satya, think through all what you just said. You've laid out four or five things that probably impact all of us in financial services and the fintech sector as you try and find ways to work together. How would you tease out what you've learned over these three years and the journey you're still on and think about how that can apply to us guys in our effort to move our companies to the next stage of growth? What do you think we can steal from you a little bit?

Satya Nadella11:24

Yeah, I mean I was watching with you as Erin was speaking. I thought he had a good framework for thinking about broadly what does it mean to rewire for digital. I would say at the highest of levels you want to ask yourself whether you have that digital feedback system right. You got to get out of this mindset of, I mean first of all you are tech companies or you have significant budgets in technology and so there's no question that you get this, you have a lot of proficiency but the thing that I would say is ask yourself the same question that I would ask myself which is how good is your digital feedback system, how good is your metrics around that feedback system and the fact that you can have some work that's going on that moves that metric. So to me that is one place I would start. Now then you say let's manifest that in all of the dimensions. Know your customer, that's a big deal for you. What are you doing to not only create new digital products but engage your customers digitally? That's a place where, for example, I met the CEO of Metro Bank in the UK. It's pretty stunning what he's done with some of the technology and the fact that he's optimizing how quickly can a bank account be opened. And that level of proficiency is what the CEO cares about. That's pretty stunning or even the Emirates National Bank, their ability to use machine learning to predict the next best option for the customer and improve their yield. That's the kind of operation or what NCR has done with even ATM machines and saying well how do we increase the uptime of ATM machines. I was just recently reading news out of India and what has happened with demonetization and ATM machine no uptime only downtime right but the uptime on ATM machines is actually a mission critical thing to be able to use digital technology on what is essentially a physical presence is hugely important. On the other side there are all the esoteric stuff that people are doing today for example even in our own case we did a pilot with Bank of America with our treasury on settlements. I had not realized this but I believe it used to take 7 days, 8 days for these cross-border settlements in our case and now we've reduced it to 5 minutes using some of the blockchain technology and of course it's got even the ability to scale with more counterparties who join there. So I think there's a broad spectrum of use cases of digital technology which you all have to ask yourself and everybody says this everyone's a digital company or a software company today the question is how good are you at it. You can't just say I have these vendors who come in and help me. You've got to ask yourself what capability have you built and in fact if anything you should evaluate people like us on our ability not to come and just give you systems but our ability to come and help you build capability whether it's AI or machine learning or even the retail experience. I know for example Erin was talking about Amazon Go just to kind of give you an example of what's happening with speech and image recognition. I mean in the last 3 years we now have human-level speech recognition capability. McDonald's took that, trained that speech recognition capability with the ambient noise of a McDonald's drive-thru and has increased the throughput of an American McDonald's drive-thru. Now, that's the kind of optimization that you can do for pretty much every business process.

Ajaypal Banga15:11

So, what you're saying is that kind of we started this out today by saying you got to design for this digital space. We're going to not try and do patchwork on it, but basically design for that by reinventing the entire experience for the end consumer by thinking through how all these tools and technologies can be used to make that more interesting and at the same time demand more from your partnerships to be able to deliver for you those kinds of features. What's next in your... in fact I was going to ask you, I know that you have spent time in the cyber security space in the Obama administration and you in fact came out of the report because one of the things that I'm very interested in is to understand even how you in the financial services space think about cyber security, how do you even think about the dimensionality of the problem?

First of all by being suitably petrified by what it means for all of us but I think that this cyber commission which by the way had one of Satya's colleagues Peter Lee who is an ex-DARPA guy who was part of the commission and actually became friends over the course of that six-month period. The commission was set up not to look at encryption, not to look at defense as in military defense that was clearly outside of the purview. The idea was to create a group of recommendations for whichever the new administration would be to be able to hit the ground running in its first 100 days with specific things we could do to change the level of awareness and capability of cyber security in commerce. That's kind of where the briefing came from. We there were a ton of principles we put together about what we should be worrying about and what we shouldn't be worrying about. I'll give you a few of them. One was clearly that you wanted government to have a lighter touch. You wanted market forces to have the maximum impact so that you wouldn't have a heavy regulatory environment. None of us in this room are excited about heavier regulatory environments. If anything, we'd like to run the other direction from that. But knowing that we are a responsibility within a frame, within guide rails but not cloistering us. So that was the first kind of premise. The second premise was that you needed better cooperation before, during, and after a cyber event between government and the private sector. And while some strides have been made in that space, we're still kind of at nascent stages of getting that right. So, for example, if there were to be a cyber event, different law enforcement agencies have different ways of approaching an institution that goes through a cyber event. You'll have your local cops will ask you for certain kind of data. The Secret Service and the FBI will ask you for different kinds of data. Very often there's conflicts between what you can give to one versus what you can give to the other without exposing your company to litigation. That's not rocket science. It's fixable. If you don't fix that, you put companies into a rigorous bind when you're asking to cooperate with government institutions. A third one was the realization that the United States being the leader in the space has the responsibility of trying to figure out how the global rules in the space will evolve. So for companies like ours that get more than 50% of our revenue from outside of the US, the tragedy is that the way cyber security rules and laws are evolving in different parts of the world, it'll balkanize our capability to actually use scale to deliver quality and in fact they're being used in a way to create competitive barriers for us in different countries and we need to get some rules of the road. At the end of the day, if today you feel that North Korea is a complicated country that does not have our best interest at heart, we can go to public bodies. We can go to global bodies. We can introduce sanctions. We can go and say they're bad guys. In the cyber world, there's no such thing. It's the wild west. It's everybody for themselves and no one can go to somebody else to point a finger. That's being played out as we see right now in this whole electoral debate on cyber security. And the fourth principle that I found very interesting was the principle of we're only as strong as our weakest link. And I must have made this point at every single meeting. To me, the weakest links in cyber security are small business and the individual consumer. And when Erin was up here a little while ago talking about the individual consumer and introducing two-factor authentication, the fact is that we've got this stupid system today where we expect our average consumer to change their password every 30 days for every one of the things they use. Well, the average guy has 18 different things they're working on. That's 18 times 30. That's way too many passwords for you to remember. So what you do is you create simple passwords. Either password itself or 1234567 or Satya1, Satya2 or if you want to be really clever capital S, a, t, y, a, 1 or capital S, a, t, y, a, 1, hash, all of which a 5-year-old can break into with a small computer in about 5 seconds. The other little factor that banks, all of us know is that 70% of those who've opened an online banking account with us, which by the way is the majority of our consumers in the banking world, 70% of them have not changed their password from the first date that they opened their online banking room. So expecting a consumer to behave differently just because you scare the crap out of them isn't going to happen. The same is true of small business. To expect a small dentist shop to actually spend money, effort, and energy on creating some form of cyber security capability is to expect the wrong thing to happen. So I think the weakest link needs protection. And the truth is that no matter how big one of our companies is or Jamie Dimon was here a little while ago, you're here now. You're two of the largest companies who care about the space. No matter how much you spend or how much we spend or how much all the institutions in this room spend, we cannot compete with state actors in different parts of the world who have got relatively deep pockets to fight with us. And therefore having a combination of public-private work done before, during and after an event is kind of important. When you put all that together, we put a few recommendations and I'll give you a sense of some of them. The most important one to me was to fix today. So I have joint cyber defense and response exercises between the government and us and Bill Rogers is deeply involved with BITS and the organization that's part of the Financial Services Roundtable. These guys have commissioned a series of exercises between us and Treasury to see how we respond. I actually think that's really important. All of us need to do that in whichever industry we're in because learning on the fly is a really bad way to respond to a very sophisticated antagonist at the other end. The second one is to get a simple sort of thought going on the reverse Miranda equivalent. Meaning if I were to, my regulator is Treasury. If I were to go to them in advance of an event and talk to them about things that worry me, if in turn they come back and say we gotcha, that's a bad idea. So if I can go to them without the fear of retaliation, then that reverse Miranda equivalent or what stays, what happens in Vegas stays in Vegas. In this case, what I tell you is between us, let's work together to make it better as compared to use it as a way to catch me. That's going to be really important. So there were a series of those things, harmonization of different regulatory bodies and rules. Then there was a bunch of things to do with the future, the internet of things, the fact that no default passwords should be allowed. So if your refrigerator and your toaster are supposed to not be talking to each other, but they do start talking to each other. First of all, it probably was because they were default passwords all set to 0000. Second, there is no way to figure out the anomalous data that's flowing there because the refrigerator and the toaster may not have an individually identifiable IP address for you to track it down. So, we've got this internet of things coming our way and it sounds really good, but it needs a few standards to be put into place. Back to your point about standards to ensure that we get this done the right way. We kind of put into that the fact that updates and patches should become part of reality. Otherwise, if you can't update that darn fridge, not much use having it. Then of course there's the consumer's point of view. I don't know whether this fridge is better attuned for cyber security than that fridge. I have to be a geek to figure it out or I got to be Satya to figure it out. I can't do that. So, how about giving me a food nutrition label equivalent that tells a layman like me, a bit like today when I go to buy something, I know I'm getting 20% of my trans fats and 6% of my cholesterol and 8% of my sodium. Well, give me that saying this is a better grade on cyber security as a fridge than that one. So, I can know what I'm getting signed up for. Those were all part of recommendations we put in. Simple stuff, not that complicated, but they're going to need a very different way of thinking between government and the private sector. And then we got into workforce issues and how do you get the right kind of people into the workforce and into issues around global rules and global governance. But that's kind of what this panel tried to do.

Satya Nadella25:05

Just two things to add on to it based on everything at least we are seeing, we are learning. The one thing that I've realized is for each of us to really measure our cyber security readiness with one simple thing which is what's our operational security posture. Someone described this the best to me, it's like going to the gym right you just can't get better by watching others you got to get there every day yourself and so it's really the amount you put in. And it's not about well let me protect myself. It's more about like how are you able to detect and respond and what's your readiness for it? And it's got to really be a CEO level piece. It just can't be a discussion I have in the board. Now there in lies the issue which is that operational security posture. In fact, in our case, quite frankly, this is another place where, for example, I think both Google and us, we put up whatever that Sony movie, I forget the movie that the North Koreans didn't like for a while. So, we put it up, and we didn't know what the heck's going to happen, right? I mean, but the one fascinating thing is the amount of DOS attacks we got that Christmas got us all. In fact, we shared that was the one time where there was very good cooperation across our tech industry and our ability to black hole some of the DOS attacks became better. That type of operational security posture combined with the good folks sharing is going to be absolutely critical.

Ajaypal Banga26:45

I agree. And I'm glad that the recommendations that you're pushing are really taking us in that direction but we'll have to just get that next level and it can't be done just in the US and this is a place where we got to be very very careful that this is actually, it's those global rules of engagement, global rules, those are the hardest to get done. We're going to have to figure that out. Right, we've got about a minute and a half left and I'm just wondering if we got a question from the audience maybe that we can get at Satya. Somebody here with a question, sir?

Satya Nadella27:25

Yeah, I mean repeat the question. Yeah, the question was about our cognitive services capabilities and how they apply to financial services. Now the thing that we want to do and we have done is take essentially the state-of-the-art in whether it's speech recognition or text understanding or computer vision and make it available as commodity building blocks and the key word being commodity so that you can use it within the context of your business processes that are most mission critical and create value. I actually kind of want to demystify a little bit of what is cognitive services so that they're just developer services for everybody and to give you, I mean that McDonald's case I gave you was who would have thought that wow the state-of-the-art speech recognition but not just state-of-the-art speech recognition but the capability to train it for the ambient noise of your mission critical process is what we want to have the tools chain for. Uber uses for example our computer vision tech for driver safety and you can imagine all the places that you may want to have that kind of identification technology in order to have safety and ID capabilities or text, same thing. The one place where I'm seeing tremendous interest is in some of the bot work and the natural language work that we have done beyond voice in the insurance industry. Turns out there are many many business processes that you are experts in more so than I where you actually want to guide the user through it whether it's on the sales side or after sales or customer service where even regulation really dictates that you actually conform to a particular dialogue. That's a place where I'm seeing a lot of action in terms of people building these bots that have real natural language understanding and more importantly multi-turn dialogue understanding and so we have many pilots going on with many many customers but the idea that speech, vision, text, things like being able to do natural language dialogue applying it to customer service, those are the places that I would say we have cognitive capability that's just available to you. And the key, at least for me, is to make sure that these things are helping you build AI in because if you want to be successful to compete against whatever Facebook Pay or Amazon Bank or what have you, you need that same capability. And that's at least our business model to enable you to do that.

Tim Pawlenty29:59

Guys, I'm sorry we're out of time. We could have kept going. I had a whole series of questions still prepped for him, but we're done. Thank you so much, Satya. Thank you so much. Thank you for being here. Thank you.