It's not enough for banks to admit misconduct. They've got to prevent it.

A failure to manage bank risks triggered the 2008 financial crisis, costing Americans roughly $10 trillion. The next banking crisis will likely follow from a failure to manage so-called conduct risks.

The standard method for addressing conduct-related risks in the banking sector is an exercise in what can be called applied hindsight. Meaning, misconduct is identified and inspected only after it has taken place, or is discovered to be well underway.

During the last decade, this too-little-too-late approach has led to hundreds of billions of dollars in punitive fines levied by governments and industry sector regulators, notwithstanding the billions that the banks have spent annually on governance, risk and compliance-control infrastructures.

Look no further than Wirecard’s collapse last summer after a year’s long fraud was missed by German regulators despite “hiding in plain sight,” followed by the “Fincen Files” investigation, revealing hundreds of thousands of suspicious activity reports reflecting possible illicit money flows through many of the world’s most important banks.

These events have led many to ask — yet again — why financial sector misconduct appears to be so intractable. Our answer is simple: Such misconduct persists because it is permitted to persist.

Misconduct scandals occur in every industry, but in the financial sector it has become almost commonplace. As 2020 drew to a close, conduct-related governance lapses were seen to have led to enforcement actions at several systemically significant global banks, and billions of dollars in punitive fines.

These too-big-to-fail firms are rarely prosecuted. Instead, they are forced into deferred prosecution agreements and consent orders in which the firms agree to do better going forward, and to set aside enhanced budgetary resources to fund solutions that promise more of the same — but better.

Shareholders carry these financial costs. But an erosion of faith in our essential institutions, exacerbated by these misconduct scandals, is a cost that society is made to carry.

Throwing more resources at past failed approaches to managing conduct risk is senseless, and perhaps irresponsible. But behavioral science suggests a better approach.

Most regulators have concluded that misconduct follows, in large measure, from “toxic cultures” that promote illicit self-dealing and other forms of malfeasance. Increasingly, regulators are turning their supervisory attention to such "soft stuff."

Unsure what will satisfy such regulatory inquiry, however, banks struggle to produce credible and compelling evidence that they have well-managed conduct risks. Here, predictive technologies can be of help.

Banks already invest heavily in predictive technologies that allow them to anticipate behaviors externally. This includes tools that forecast market movements — for instance, affording them some investment edge; or marketing tools that permit for "precision targeting" of the consumers most likely to respond favorably to advertised offerings.

But when asked to anticipate their own internal behavioral propensities, among teams, corporate functions and business units, these same firms regularly insist that such targeted foresight is impossible to achieve.

An intolerable air of resignation hangs over the industry as bankers often chalk up human behavior as unpredictable, resigning to a so-called "learned helplessness." But this torpidity is no longer defensible: There are tools that permit for higher standards in conduct-risk identification and mitigation.

Sifting through standard company data sets allows artificial-intelligence technologies to identify where risk management failures are most likely to appear — before they occur — and to identify where a propensity for misconduct is most likely to move, contagionlike, to permeate a firm.

When armed with such foresight, leaders can take proactive measures, and direct scarce risk management resources in a more timely, efficient and effective manner. As Einstein once said, “Intellectuals solve problems; geniuses prevent them.”

This is a time for genius. As trillions in taxpayer dollars have been funneled through the banking sector to support pandemic-strained businesses and households, there have already been abuses of these critical support programs. Popular backlash is inevitable as more abuses are discovered.

This will not just damage the industry. It will sap support for the extraordinary measures needed to get the economy growing again, and further erode public faith in capitalism and even in democracy itself. When he chaired the Financial Stability Board, then-Bank of England Gov. Mark Carney argued in 2018 that firms require a “social license” to operate. Firms must demonstrate an ability to prevent misconduct — not merely to punish it — if this social license is to be maintained.

An airline that cannot assure the safety of its aircraft is not permitted to put planes and passengers into the sky. With people’s livelihoods and the integrity of our financial system at stake, why should we permit financial institutions to exercise lesser standards of vigilance?

If bankers cannot muster the gumption to protect the interests of their customers, shareholders and the societies that host them, it’s likely governments will step in and force the issue.

Gary Cohn, Thomas Curry and James Freis contributed to this opinion article. Cohn, former president and chief operating officer of Goldman Sachs, leads the risk and governance advisory board at Starling. Curry, previously a comptroller of the currency, is a senior regulatory advisor to Starling. Freis, former director of the Financial Crimes Enforcement Network (Fincen), is a member of the risk and governance advisory board at Starling.