Established by the European Commission, an Expert Group (EG) released a report on its mandated review of the application and suitability of the European legal and regulatory framework to fintech in order to identify issues that may impede the scaling-up of fintech in the EU.
The EG was asked to analyze the extent to which the current framework for financial services is technology-neutral and able to accommodate fintech innovation and whether it needs to be adapted, also with a view to making the framework future-proof. Some of the financial industry members of the EG include MunichRe, London Stock Exchange Group, ING, Tradeweb Europe, Euroclear, AXA, among others.
In the EU, technology-enabled innovation in the financial sector, or fintech, is driving the emergence of new business models, applications, processes and products. Technology-enabled financial services are provided by different types of market participant: incumbents (banks, insurers, investment firms, pension funds, financial infrastructures, etc.); big non-financial firms, (including the so-called bigtechs, such as internet search and advertising companies, device manufacturers, commercial platforms, but also telecoms operators) and by start-ups.
They design technology-enabled financial services for use on the internet and on mobile devices, combined with other recent technologies, such as cloud computing, distributed ledger or blockchain technology, or artificial intelligence (AI). The results have a lesser or greater degree of originality, some heavily resemble well-known services and products (such as mobile payments), others appear to break new ground (such as cryptoassets, initial coin offerings, or automated investment advice).
At the same time, the EG was asked to consider how financial stability, financial integrity, and consumer and investor protection can be ensured in light of the new opportunities and risks afforded by fintech.
Benefits of an accommodative framework for fintech in the EU
The potential gain to be derived from furthering the use of fintech in the EU is often described as ‘higher efficiency’. The EG divides those gains into four different aspects, in which fintech may:
- enable market participants to provide financial services at lower cost (disruption of traditional value chains; disintermediation; further automation resulting in more efficient processes);
- enable market participants to develop a broader range of products and services, thereby widening consumers’ and businesses’ choice and potentially providing them with better financing opportunities (new and better products and services such as cryptoassets, P2P/B2B lending);
- open certain products or services to consumers or businesses that were previously excluded, due to a higher degree of personalization, broader product offerings, better pricing through lower marginal cost and improved accuracy of credit scoring;
- be used to achieve more effective regulation and compliance of the relevant market players (automated reporting, data analysis, transactions monitoring). As things currently stand, such benefits cannot be realized fully by European market participants. This is, to a significant extent, due to an absent, fragmented or unclear regulatory framework.
The EG has interpreted its mandate in relation to this unused potential so as to identify obstacles to: the adoption of fintech in the EU; and the scaling-up of fintech across the single market, including with a view to enhancing the global competitiveness of the EU.
Risks and safeguards
Many of the potential risks emerging as a consequence of the use of fintech are no different from the risks caused by the provision of financial services using more traditional means. The fact that financial services are increasingly enabled by technology may increase or diminish these traditional risks:
- consumers and businesses are subject to intermediary, settlement or custody risk, exposing them to the possibility of losing assets in case of, for example, operational failure, insolvency or malpractice on the side of the custodians that keep their assets;
- consumers and businesses are exposed to principal-agent risk, i.e. the risk that their agent provides suboptimal advice or services (investment decisions, order execution);
- the market as a whole is vulnerable to systemic risk, i.e. a chain reaction of adverse market developments, such as liquidity shortages or flash crashes, that might threaten the proper functioning of the market;
- the financial market, like other areas, creates the potential for activities that contravene market integrity (e.g. market manipulation), or for criminal abuse (money laundering, tax evasion, purchase of illegal goods or services, etc.). However, the use of fintech may also create entirely new risks, for instance, where:
- decisions are taken, or functions are performed by AI-powered ‘black box’ algorithms without human intervention or which are not comprehensible to customers or supervisors;
- distributed record keeping or transaction processing blurs regulatory and legal responsibilities that were traditionally based on bilateral principal-agent relationships.
Against this background, the EG has interpreted its mandate so as to include two tasks in respect of detecting risks and proposing safeguards: clarify whether existing safeguards addressing specific risks can be applied smoothly to the new technology-based environment where it poses similar risks, or whether clarification or adaptation might be necessary; identify whether the emergence of fintech poses any entirely new risks that would necessitate new safeguards.
Competitiveness and sovereignty of the EU as a global standard setter
Efficiency and safety must be considered in light of the need to ensure the global competitiveness of the EU financial sector. The EU needs to keep pace with the application of new technological developments and the setting of relevant regulatory standards in the financial sector in order to remain competitive in a global financial market.
The current distribution by home region of the value of technology companies reveals the big gap that exists between the EU on the one hand (5%) and US (65%) and China (35%) on the other.
More ambitiously, the EU should take a proactive lead in responding to these developments, so that it can help shape the global technology-enabled financial market, thereby promoting its fundamental European values, such as data privacy and fair competition.
Both data protection and competition law may be perceived by some as inhibitors of a rapid uptake of fintech, notably because fast-developing non-EU financial markets operate under considerably less stringent standards than European markets.
However, if calibrated appropriately, the EG regards these areas of law, in the long run, to offer the means of protecting its values whilst not posing an undue barrier to the innovative use of technologies.
At the same time, to safeguard its own sovereignty it is vital that the EU maintains its role as one of the key global standard-setters also in relation to fintech, and the EG views opportunities for the EU to provide genuine thought leadership for the regulation of innovative technology within and beyond the financial sector.
In so doing, it is important for the EU to follow developments in other jurisdictions and engage with other regulators, supervisors and international standard-setting bodies in order to facilitate interoperability of technology across jurisdictions, in line with common standards.
Competitiveness and regulatory sovereignty in relation to technology-driven finance require a considerably more harmonized framework on the basis of existing regulatory axioms than currently exists in the EU.
Adapting existing rules to a changing market and ending the fragmentation of the EU regulatory environment are certainly not the only determining factors for the healthy and dynamic development of fintech. Other factors, which are beyond the remit of this report, include the availability of a specialized workforce, a tradition of availability of venture capital, taxation, and the fact that relevant technologies and infrastructures have for some time been concentrated in other parts of the world.
The approach at the basis of this report
Setting the right level of financial regulation and financial supervision requires addressing highly antagonistic rationales: increasing efficiency through technological innovation may put safety and protections under strain, and, conversely, a higher degree of safety often comes at a higher compliance cost.
The EG endorses the concept of technological neutrality of financial regulation and supervision, meaning that regulation and supervision should not prefer or prejudice a specific provider or technology. Technology-specific regulation would render the regulatory architecture complex and inconsistent. At the same time, regulatory and supervisory approaches should be informed by the opportunities and risks presented by new technological paradigms which can still be specifically considered, regulated and supervised. Therefore, the EG has put forward recommendations that relate to specific technologies, notably AI and DLT/blockchain.
As such, the report consists of: 30 Recommendations that embody common regulatory and supervisory themes. They are not specific to any business model or financial service or product and cut across the whole market.
The 30 recommendations can be grouped into four categories:
- the need to adapt regulation to respond to new and changed risks caused by the use of innovative technologies, such as AI and DLT, and take up any emerging opportunities with respect to regtech or suptech (supervisory technology;
- the need to remove regulatory fragmentation and ensure a level playing field between incumbents and new market entrants, both fintech start-ups and bigtech firms, across the entire EU;
- the necessity to reconcile the regulation of personal and non-personal data with the opportunities and risks offered by fintech;
- the need to consider the potential impacts of fintech from the perspective of financial inclusion and the ethical use of data.
The priorities should be:
- the explainability and interpretability of technology, especially AI, as measures to protect consumers and businesses and facilitate supervision, or to meet supervisory expectations ;
- the creation of a regulatory framework built on the principle that activities that create the same risks should be governed by the same rules, with a view to ensuring adequate regulation and supervision and maintaining a level playing field;
- the ending of regulatory fragmentation, especially in the area of customer due diligence (CDD)/know your customer (KYC), as an important step towards creating a level playing field;
- preventing unfair treatment of competing downstream services by large, vertically integrated platforms, in order to strengthen innovation and maintain consumer choices; and
- the strengthening of the framework for access to, processing and sharing of data, in order to promote innovation and competition and establish a level playing field amongst actors.
The EG stressed that the aims informing the 30 recommendations are best pursued by regulation that is neutral, in the sense that it does not differentiate between the different technologies that can potentially be used to provide a service, offer a product or perform a function, and that, moreover, international cooperation in setting relevant standards, ideally leading to interoperability, is crucial.