The increasingly prominent role of large technology firms (big techs) in the financial sector has raised questions about their inner workings and regulation.
Big tech business models are characterized by strong internal and external interdependencies. Intragroup dependencies arise from the common use by big tech entities of a general payment infrastructure, technological platforms and applications; and from sharing data and insights derived from those data across the services they provide. External interconnections arise from partnerships of big tech entities with financial institutions to provide financial services. The financial services industry and regional big techs have come to heavily rely on technological services provided by global big techs, such as data analytics and cloud computing.
Big tech interdependencies come with specific risks, in particular to operational resilience, and may require the development of specific entity-based rules for big tech operations in the financial sector. In the meantime, authorities are searching for interim solutions to counter potential financial stability risks.
This paper assesses the interdependencies inherent in big tech business models based on publicly available information on Alibaba, Amazon, Grab, Jumia, Mercado Libre and Rakuten. It outlines the regulatory implications of how big techs provide financial services and the tools financial authorities have at their disposal now to address related risks.
In concluding policy remarks, researchers wrote that:
- Addressing interdependencies risks requires the development of specific entity-based rules for big tech operations in the financial sector: These rules could take the form of a new regulatory framework that allows authorities to control risks emerging from the combination of financial and nonfinancial activities. As a foundation, this framework should follow an entity-based approach and impose requirements at the group level, including on strengthening operational resilience; and
- In the short term, authorities can rely on an indirect approach to mitigate the financial stability risks posed by interdependencies. There are a number of options available to them. One is to identify risks stemming from interdependencies for regulated financial entities that are members of big tech groups and evaluate potential risk mitigants. Another is to assess these entities’ ability, and those of other regulated financial entities that partner with big techs or depend on their services, to withstand and mitigate disruptive events, including cyber attacks, and take measures to further strengthen operational resilience if needed. Yet another option for authorities is to ramp up their monitoring efforts in relation to critical third-party service providers and, depending on the regulatory framework, use direct oversight powers over them. In exploring these options, authorities can benefit from sharing information on their regulatory approaches and supervisory practices with each other.