As FinTech has expanded, so has the desire to ensure that the field remains competitive, innovative, and responsive to consumer demands. In our response questionnaire to the European Commission’s Public Consultation on FinTech, we highlight the potential of FinTech for consumers and businesses, and note where current law works to assure innovation and consumer protection. Where new measures might be needed, a harm-based approach to regulation would be optimal both from the perspective of protecting consumers and from the perspective of encouraging adoption of this technology with all of the attendant potential benefits for consumers. Instead of focusing regulation on the technology used to conduct activity, regulators should focus on the activity itself. In doing so, regulators will remain technologically neutral.
From using Apple Pay when buying your morning coffee to crowdsourcing your business, financial technology, or FinTech, has already proven to hold great potential. Though there is no universal definition of FinTech, it often refers to any sector of the tech startup scene dealing with mobile payments, marketplace lenders, digital wealth management platforms or digital ledger technology. It can be an important driver to expand access to financial services for consumers, investors and companies, bringing greater choice and more user-friendly services, often at lower prices. The FinTech field has expanded rapidly. In 2014, global investment in FinTech reached $12 billion, up from $930 million in 2008. China and the US account for roughly 40% each of global venture capital (VC) FinTech investment with Europe accounting for about 10%.
Though the majority of FinTech firms operate in the developed world, the FinTech revolution has the transformative ability to disrupt the developing world too. For example, in 2007, Safaricom, a subsidiary of Vodafone, launched M-PESA in Kenya and several other countries. The service enables users to send and receive money as well as paying bills through their mobile phones, without the need for a bank account. Previously, the transfer of funds over long distances was extremely tedious and inefficient in countries like Kenya. M-PESA has improved the ease of transferring money and making payments on time, and now 43% of Kenya’s GDP is sent via M-PESA.
Regulators should promote the free flow of data within the EU in order to promote the development of EU-wide FinTech services. As we have noted in previous blogs and other pieces, data localization requirements are costly and could limit financial service firms from use of cloud computing services. According to this December 2016 ECIPE report, the impact of removing existing data localization measures in EU Member States, many of which are related to FinTech areas (e.g. company records, accounting and banking data), would raise GDP by 8 billion euros. Thus, banking and accounting data localization laws should be as limited as possible to promote FinTech development in the EU.
Regulatory technology, or RegTech, can facilitate compliance with financial regulatory requirements and will be an increasingly mechanism for furthering the important social goals advanced by these regulations. For example, advanced anti-money laundering tools depend for their success on access to complete and accurate data. For this reason, privacy rules should be implemented in a way that permits companies to obtain accurate and up-to-date data. In this way, consumers maintain access to high quality new services and companies can continue to offer high quality RegTech products.
Finally, alternative credit scoring should be possible under any regulatory framework. Expanding access to credit using alternative scoring measures has been proven to increase access to credit in the United States, especially to historically disadvantaged minorities and those outside of normal credit scoring systems. Moreover, providing more access to credit does not increase default rates, highlighting the benefits of alternative credit scoring for consumers and businesses. In the United States, companies remain responsible for evaluating fair lending risk and possible disproportionate adverse impacts on a protected group. Current law covers these obligations even if alternative data are used. But companies are not and should not be required to disclose the proprietary formulas and source code in the algorithms they use to enhance decision-making. Validity and accuracy of algorithms can be accomplished without this violation of intellectual property rights as they have for years in the case of traditional credit scores.
In its filing, SIIA offers the following specific recommendations:
1) Avoid overarching FinTech regulation. FinTech involves too many different activities to lend itself to overarching legislation.
2) Make reasonable interoperability mechanisms available to companies so that they can engage in cross-border data flows from the EU to jurisdictions outside the EU.
3) Promote the use of cloud computing in the EU. The Atlantic Council recommendations in the “Into the Clouds: European SMEs and the Digital Age” report are worth considering.
4) Respect algorithms for what they are, a form of intellectual property. Algorithms are expensive to develop and underpin many business models. The value added for much data consists of algorithms developed to use that data. Source code disclosure should not be required.
5) With respect to regulatory concerns regarding RegTech, the recommendations in the Atlantic Council report on “The Danger of Divergence: Transatlantic Financial Reform & the G20 Agenda” and the IIF report: “Deploying RegTech against Financial Crime” should be reviewed.
6) Consider regulatory sandboxes in the EU along the lines of the UK Financial Conduct Authority FCA sandbox.
7) Encourage privacy and cybersecurity best practices.
8) Spread knowledge of FinTech.
9) Include FinTech services in future trade agreements and economic fora such as the G20.