Financial authorities have responded to fintech developments in various ways. Based on survey responses from 31 jurisdictions, this paper from the Financial Stability Institute provides a cross-country overview of policy responses to fintech developments.
In addition, building on the work by global standard-setting bodies and other international organizations, the paper proposes a conceptual framework through which to analyze policy responses to fintech, referred to as the “fintech tree”. The fintech tree identifies three categories: fintech activities, enabling technologies and policy enablers.
Fintech activities (eg digital banking or robo-advice) can take various forms and may be performed in different sectors of the financial industry. Enabling technologies (eg cloud computing or artificial intelligence) are those that make innovation possible in the provision of financial services and, as such, form the backbone of fintech activities. Policy enablers refer to public policy measures and initiatives (eg digital ID systems) that support the development of fintech activities and the use of enabling technologies.
The challenge for policymakers is to maximize the benefits of fintech while minimizing potential risks for the financial system. However, this is easier said than done as regulators face several challenges. Fintech developments present issues that are beyond the traditional scope of financial authorities, and the speed of innovation makes it difficult for regulators to respond in a timely manner. Also, important trade-offs may arise between different policy objectives.
Policy responses to new fintech activities take various forms. Regulatory authorities may respond to fintech activities in a number of ways. For example, authorities may put in place fintech-specific licensing regimes that require entities to go through an authorization process before they can offer their fintech services. Alternatively or complementarily, they may issue requirements that are fintech-specific, modify existing ones or even prohibit certain activities. Some authorities may take the path of explaining how the existing regulatory framework is applied to fintech business models and clarify their supervisory expectations.
Authorities pursue a range of approaches when regulating fintech activities. In the context of fintech platform financing, while most surveyed jurisdictions do not have a dedicated regulatory regime for fintech balance sheet lending, many have one for both loan and equity crowdfunding. Cryptoassets are subject to a wide array of regulatory responses, with warnings and clarifications of the regulatory treatment as the most common response. New crypto-specific licenses or authorizations are emerging in a few jurisdictions.
For enabling technologies, regulators have adjusted their existing regulations to add technology-specific elements in existing laws, regulation or guidelines. As a result of the level of market adoption, some technologies have received more attention than others. Regulators have been particularly active on application programming interfaces (APIs), cloud computing and biometric-based identification and authentication. In contrast, for artificial intelligence, machine learning and, to some extent, distributed ledger technology, authorities have not gone beyond conducting risk assessments and issuing general guidance.
Public policies that enable the provision of digital services have received much attention. Most jurisdictions have implemented digital ID systems that allow financial institutions to verify the identity of their clients. Data protection laws that allocate rights and responsibilities for accessing and sharing consumers’ data have been issued in almost all jurisdictions. Also common are national cybersecurity frameworks, supplemented by cybersecurity regulations and guidance specific for the financial sector. Several jurisdictions have adopted, or are in the process of adopting, open banking initiatives. Last, innovation facilitators have frequently been put in place, with innovation hubs as the most common form.
Policy responses to fintech may need to weigh several policy objectives. Achieving an orderly application of new technologies in the financial system will probably remain a desirable outcome of regulatory actions. At the same time, policy actions need to be consistent with the preservation of financial stability, market and financial integrity, competition and consumer protection. Furthermore, the prevention of regulatory arbitrage and the promotion of a level playing field, where appropriate, may be sought while maintaining adequate control of firms with a larger potential to generate systemic risk.