The European Commission recently published the summary of contributions to its Public Consultation on FinTech. The consultation which was conducted March to June 2017 sought stakeholders’ input in order to further develop the Commission’s approach towards FinTech and was structured along four broad policy objectives:
- fostering access to financial services for consumers and businesses;
- reducing operational costs and increasing efficiency;
- increase competition by lowering barriers to entry; and
- balancing greater data sharing and transparency with data security.
The vast majority of respondents were positive about FinTech. Opportunities highlighted included access to finance, operational efficiency, cost-saving and competition. In terms of technologies, respondents particularly identified distributed ledger technology, big data analytics, AI and cloud computing.
Many respondents mentioned the promising use of FinTech for compliance purposes (“RegTech”).
In terms of risk, predominant themes were cybersecurity, use of data and money laundering. Respondents were keen to ensure a level playing field and the majority believed that technological neutrality, proportionality and integrity were the right principles to guide the EU approach to FinTech. Respondents also stressed the need for open dialogue between regulators, supervisors and firms, whether start-ups or incumbents.
The main areas for EU level action identified were:
- a clear EU framework for crowd and peer to peer financing;
- more clarity and convergence on how regulators approach licensing, outsourcing (in particular, cloud computing) and support for innovation across the EU;
- more developed interoperability and standardisation; and
- enhanced cybersecurity.
Some respondents believed that EU action could be beneficial to promote the uptake of early stage technologies (e.g. DLT, AI), other respondents advised caution against premature regulation. Almost all respondents supported the idea of an Innovation Lab established by the Commission to share practices and discuss possible regulatory concerns stemming from new technology.
While the majority of respondents favored more harmonized approaches for regulatory sandboxes at the EU level, there were diverging views.
Most industry respondents called for a harmonized approach via guidance or a legal framework.
However, authorities took a different view and preferred national initiatives or stronger coordination.
Respondents provided their views on a number of topics:
AI and big data analytics – Most respondents agreed that automated advice had great potential, but was at an early stage of development. Opinions were divided on whether common rules for oversight of automated decision making were needed. Respondents called for a technologically neutral approach, with rules applying equally to human and machine-supported decisions. In terms of the risks identified, these were associated with cybersecurity, data protection, discrimination, lack of transparency and liability issues.
Crowdfunding – Most respondents believed that national regulatory regimes hindered cross-border crowdfunding and that EU harmonisation was required. The majority proposed a pan-European framework that was simple and proportionate. A number of respondents suggested developing regulatory sandboxes with harmonised criteria. There was agreement that a high level of transparency was instrumental to ensuring credibility and development of new business models. Many supported self-regulatory initiatives, while others were of the view that this would not be sufficient.
Sensor data analytics – While respondents highlighted the benefits of sensor data analytics (particularly for insurance), key issues identified included the risks of exclusion and price discrimination, reduction of risk pooling, weak level of transparency in risk profiling, and privacy concerns.
Reduction of costs – The vast majority of respondents identified the potential of technology to reduce operational costs, (in particular, cloud, robotics and machine learning, APIs, DLT and remote identification technologies). Regtech (such as solutions concerning AML, KYC, fraud and market abuse detection and supervisory reporting) could contribute to reducing compliance costs and making internal risk management more efficient.
Cloud – Concerns were raised about the use of cloud services due to a lack of clarity about their use, a lack of harmonisation and different interpretations of rules across the EU. A significant number of respondents pointed to the need for cloud providers to adapt their offer to specific constraints of financial organisations (e.g. audit rights). To support the adoption of cloud services, some respondents were in favour of EU principles and local guidance, while others called for stronger intervention.
Distributed Ledger Techology – Respondents agreed that DLT offered opportunities to the financial services sector in many different areas. Respondents agreed that DLT was at an early stage of development and suggested that legislation may have to be adopted as proof of concepts move to full market implementation. Issues raised included compliance with GDPR and securities laws, enforceability of smart contracts, classification of tokens, liability rules, data standardisation, interoperability, scalability, understanding of regulators and governance.
Outsourcing – On outsourcing there was a disconnect between firms and regulators. Many organisations considered that the current rules on outsourcing were an obstacle to outsourcing to FinTech, whereas the majority of authorities thought that the rules were adequate.
Security – Respondents agreed that the same cybersecurity requirements should apply across the sector. Respondents called on the Commission to provide guidance on means to enhance information sharing (and compatibility with the GDPR). In terms of cybersecurity stress testing, there was broad support for more regulatory and supervisory convergence, as well as mutual recognition across jurisdictions and between regulators.