The obvious security fix—patching—is stymied by the industry’s aggressive push for normalization. This is accomplished through lobbying and also through regulatory capture: the common tendency for a regulatory agency to become dominated by the industry it is regulating, and to begin functioning in ways that benefit the industry rather than the public interest. The banking industry also does this by hacking the legislative process itself. The financial services industry spent $7.4 billion on lobbying between 1998 and 2016, with banks alone spending at least $1.2 billion.
