Writing about regulations related to the failure of the Titanic, Chris Berg makes an important point:
Governments find it easy to implement regulations but tedious to maintain existing ones—politicians gain little political benefit from updating old laws, only from introducing new laws.
And regulated entities tend to comply with the specifics of the regulations, not with the goal of the regulations themselves. All too often, once government takes over, what was private risk management becomes regulatory compliance.
Case in point, when the 2008 crisis happened, instead of merely changing the priorities of the Fed, OCC, SEC, FDIC, or other existing regulatory bodies, the focus instead was on creating a new regulatory agency, the Consumer Financial Protection Bureau. Debates about regulations invariably center on more or less, rather than simple changes. Meanwhile, bank executives often confuse regulatory limits and guidelines with prudence. It's hard to see how one can really have confidence that this process really makes the system more robust.