Response to discussion on Approach on financial technology (Fintech)
Go back
Yet there are financial services (TPP payment services, crowdfunding) where Fintech might directly compete with banks, and the financial industry at large needs to monitor and control risks arising from financial services offered by Fintech incomers. New actors offering financial services, might also issue their own payment instruments. Card payments are by their own nature, bank and scheme centric, and in a way or another if the banks position is challenged by Fintech, the card industry will also do.
This challenge will be stronger if the bank industry appears weakened. With this respect, SPA notes that the European Banking Authority considers that after the financial crisis the EU’s banking sector is now consolidating. If the trend is confirmed there will be multiple opportunities for banks and Fintechs to collaborate in new services without substantial changes in the market structure.
With this respect, SPA outlines that ISO TC68 has launched some preliminary work (US initiative) on the security requirements for FIAT virtual currencies. Because BIS has provided with some useful insight on virtual currencies, a common global policy coordinated with this ISO TC68 initiative could serve the objectives of the EBA.
It’s easier to collaborate in areas where banks have not an obvious business interest that when a Fintech new service might represent a threat.
Banks have not traditionally invested in developing countries lack of business case. The several success stories in mobile payment systems have been driven by Telecom Operators. Because of the lack of legacy payment systems and with uncertain financial regulation ( but this is correcting now, as more citizens become banked) , this in a privileged area for technological and commercial collaboration for low cost innovation between Fintech and Banks… or even for Fintech alone: Mobile wallets, mobile remittances, virtual currencies, microcredit, peer-to-peer lending, bill mobile payments.
Financial inclusion is also a good case to prove new regulatory approaches: by facilitating access of Fintech to the financial services market… meaning rather removing Fintech entry barriers and considering that the best protection for the unbanked citizens is to facilitate their access to cheap money. In a second step, Banks could come into the playfield and collaborate with Fintech in the consolidation of emerging financial inclusion.
Yet there are financial services (TPP payment services, crowdfunding) where Fintech might directly compete with banks, and the financial industry at large needs to monitor and control risks arising from financial services offered by Fintech incomers. New actors offering financial services, might also issue their own payment instruments. However, as mentioned there, the number of success histories is limited and a major threat for incumbent credit institutions can only come from those IT companies with global reach (GAFA), which are not certainly Fintechs.
This challenge will be stronger if the bank industry appears weakened. With this respect, SPA notes that the European Banking Authority considers that after the financial crisis the EU’s banking sector is now consolidating. If the trend is confirmed there will be multiple opportunities for banks and Fintechs to collaborate in new services without substantial changes in the market structure.
On the other hand one of the problems that FinTech’s will face is how to grant access to a large community of end-users. One obvious way is by negotiating with global technology platforms like Google and Facebook, but Fintech’s have limited deal power. With this respect, credit institutions might boost income and benefit from innovative payment and banking services provided by FinTech partners by deploying new platforms, with an end-user interface to manage the enrollment to FinTech partner services and offering an API enabling to connect FinTechs facilities to the bank platform. With such a model and by concentrating an offer of FinTech services, end-users, incumbent credit institutions and FinTechs might benefit from a range of economic and “legal” forces: economies of scale and scope, network effects, minimum switching costs, compliance with the regulatory framework guaranteed by the credit institution and financial product differentiation.
Also education in terms of awareness of the legal consequences of contractual terms and conditions when enrolling to new financial services ( what you should pay attention to) could be useful.
By their own nature, Blockchain and Distributed Ledgers Systems present vulnerabilities not fully understood yet ( malware, denial of service) including potential for money laundering (specially if anonymous transactions may take place). If the DLS has no central authority, there is no legal entity accountable for compliance with AML laws.
If a Legal Sandboxing is needed as a trade-off to help Fintech to enter the financial/ payments market, security should be excluded from any exemption regime. With regards security, financial institutions and Fintech should be subject to the same requirements, including compliance with AML/CFT..
Question 1: Are the issues identified by the EBA and the way forward proposed in section 4.1 relevant and complete? If not, please explain why.
The six areas covered by this discussion paper are all relevant and rich enough and address the impact and challenges that FinTechs bring about for the banking system and the financial regulators.Question 2: Are the issues identified by the EBA and the way forward proposed in subsection 4.2.1 relevant and complete? If not, please explain why.
The EBA analysis in section 4.2.1 is quite complete and elaborates in the risks of outsourcing of financial processing activities to FinTech. An additional risk is the higher probability of disruption of the service (business continuity) when operated by FinTech and lack of experience on for instance disaster recovery plans compared with incumbent credit institutions.Question 3: What opportunities and threats arising from FinTech do you foresee for credit institutions?
The SPA notes that in the past banks have shown up a great ability to pioneer and leverage their infrastructures with major IT breakthroughs. Many Fintech innovations have to do with back-office processes and it may represent an opportunity rather than a threat for banks. Thus, blockchain use cases rationalize processing by enabling cooperation between competitors. In the present context were bank direct investments are considered at risk, sharing efforts makes sense. This is one reason why many banks organized in consortiums fund Fintech research & development efforts.Yet there are financial services (TPP payment services, crowdfunding) where Fintech might directly compete with banks, and the financial industry at large needs to monitor and control risks arising from financial services offered by Fintech incomers. New actors offering financial services, might also issue their own payment instruments. Card payments are by their own nature, bank and scheme centric, and in a way or another if the banks position is challenged by Fintech, the card industry will also do.
This challenge will be stronger if the bank industry appears weakened. With this respect, SPA notes that the European Banking Authority considers that after the financial crisis the EU’s banking sector is now consolidating. If the trend is confirmed there will be multiple opportunities for banks and Fintechs to collaborate in new services without substantial changes in the market structure.
Question 4: Are the issues identified by the EBA and the way forward proposed in subsection 4.2.2 relevant and complete? If not, please explain why.
They are quite complete. Yet, the business models of PIs and EMIs are quite different, due to the very specific nature of the electronic money issuance. In particular incumbent electronic money issuers are now facing the competition of all kinds of unregulated virtual currencies. With this respect, SPA notes that back in 2003 the European Central Bank released a specification setting out security requirements for e-money. It could ne purposeful that EBA takes it over and updates these requirements as a common baseline for FIAT digital currencies.With this respect, SPA outlines that ISO TC68 has launched some preliminary work (US initiative) on the security requirements for FIAT virtual currencies. Because BIS has provided with some useful insight on virtual currencies, a common global policy coordinated with this ISO TC68 initiative could serve the objectives of the EBA.
Question 5: What opportunities and threats arising from FinTech do you foresee for payment institutions and electronic money institutions?
Payment Institutions and e-Money institutions can be considered as the “first-wave” of what is now named FinTechs. But at that time Internet growth was in crisis and innovation was in mobile technology and the only financial service was payment: mobile for Payment Institutions (PI, typ Mobile Network Operators) and electronic money (EMI, Electronic Money Institutions) payments using pre-paid cards. Actually neither of them has proved to be disruptive and their business activities remained largely local. FinTech have both a broader scope of financial services and for the particular areas where PI and EMI business model overlap they will compete with them. On the other side, there’ll be alliances between PIs, EMIs and FinTech’s to enlarge the offer of financial services offered by each one. As for the credit institutions case, PIs and EMIs might benefit of more advanced technology platforms and advanced control methods. As mentioned, many Fintech innovations have to do with back-office processes and it may represent an opportunity rather than a threat for banks. Overall, the FinTech effect of opening the financial services market to new incomers, will also benefit PI and EMIs. Benefit amplified by the PSD2 impact on any payment service provider.Question 6: Are the issues identified by the EBA and the way forward proposed in subsection 4.3.1 relevant and complete? If not, please explain why.
SPA suggests to further elaborate on 4.3.2 clause 96 , on the expansion of Fintech in a low profitability environment traditionally undeserved by the banking industry. That could represent an opportunity for credit institutions to elaborate a specific offer, or collaborate with FinTechs, in areas such as financial inclusion.It’s easier to collaborate in areas where banks have not an obvious business interest that when a Fintech new service might represent a threat.
Banks have not traditionally invested in developing countries lack of business case. The several success stories in mobile payment systems have been driven by Telecom Operators. Because of the lack of legacy payment systems and with uncertain financial regulation ( but this is correcting now, as more citizens become banked) , this in a privileged area for technological and commercial collaboration for low cost innovation between Fintech and Banks… or even for Fintech alone: Mobile wallets, mobile remittances, virtual currencies, microcredit, peer-to-peer lending, bill mobile payments.
Financial inclusion is also a good case to prove new regulatory approaches: by facilitating access of Fintech to the financial services market… meaning rather removing Fintech entry barriers and considering that the best protection for the unbanked citizens is to facilitate their access to cheap money. In a second step, Banks could come into the playfield and collaborate with Fintech in the consolidation of emerging financial inclusion.
Question 7: What are your views on the impact that the use of technology-enabled financial innovation and/or the growth in the number of FinTech providers and the volume of their business may have on the business model of incumbent credit institutions?
The Smart Payment Association (SPA) predicted that despite the Fintech buzz by 2020 the Banks will continue to hold the central role as retail payment intermediaries. Despite all the hype around new payment instruments and market incomers, the structure of the retail payment market is stable. In the last decade, only two new initiatives have actually proved successful: Paypal and Allipay in China. Yet neither of them can be considered as a Fintech.Yet there are financial services (TPP payment services, crowdfunding) where Fintech might directly compete with banks, and the financial industry at large needs to monitor and control risks arising from financial services offered by Fintech incomers. New actors offering financial services, might also issue their own payment instruments. However, as mentioned there, the number of success histories is limited and a major threat for incumbent credit institutions can only come from those IT companies with global reach (GAFA), which are not certainly Fintechs.
This challenge will be stronger if the bank industry appears weakened. With this respect, SPA notes that the European Banking Authority considers that after the financial crisis the EU’s banking sector is now consolidating. If the trend is confirmed there will be multiple opportunities for banks and Fintechs to collaborate in new services without substantial changes in the market structure.
On the other hand one of the problems that FinTech’s will face is how to grant access to a large community of end-users. One obvious way is by negotiating with global technology platforms like Google and Facebook, but Fintech’s have limited deal power. With this respect, credit institutions might boost income and benefit from innovative payment and banking services provided by FinTech partners by deploying new platforms, with an end-user interface to manage the enrollment to FinTech partner services and offering an API enabling to connect FinTechs facilities to the bank platform. With such a model and by concentrating an offer of FinTech services, end-users, incumbent credit institutions and FinTechs might benefit from a range of economic and “legal” forces: economies of scale and scope, network effects, minimum switching costs, compliance with the regulatory framework guaranteed by the credit institution and financial product differentiation.
Question 8: Are the issues identified by the EBA and the way forward proposed in subsection 4.3.2 relevant and complete? If not, please explain why.
Further analysis is required on the coexistence of these dematerialized forms of money and whether or not both existing and new players may benefit from new technology ( blockchain) in a way consistent with the protection of the end-user and preventing the misuse for financial crime purposes.Question 9: What are your views on the impact that the use of technology-enabled financial innovation and/or the growth in the number of FinTech providers and the volume of their business may have on the business models of incumbent payment or electronic money institutions?
Despite their limited success, Payment Institutions (PI) and Electronic Money Issuers (EMI) have a market and end-consumer experience lacking to FinTechs. As any other Payment Service Provider, both Pis and EMIs might benefit from technology innovation by FinTechs. The model above, where the PI and in a lesser extent the EMI, provides with a platform for access to partner FinTech services also might apply. It remains that for FinTech partnerships with PIs and EMIs is less appealing by the reduced scope of their payment activities, the legal uncertainty and limited reach. Overall we believe that partnerships of FinTechs with credit institutions may have a detrimental impact on the business models and revenue of incumbent PIs and EMIs, that may appear as legacy business. In that case, a possible strategy for PIs and EMIs is to move up and try to enlarge their offer by (1) concentrating at a cross-border and (2) granting licences as credit institutions, TPPs or a potential new legal status that new regulations ( Financial Service Directive ?) or (3) concentrating in a particular segment undeserved by FinTech and levering their existing technical infrastructures (mobile instant payments, brockering)Question 10: Are the issues identified by the EBA and the way forward proposed in subsection 4.4.1 relevant and complete? If not, please explain why.
Yes. SPA believes that the section states clearly the main issues and how to address them properly.Question 11: Are the issues identified by the EBA and the way forward proposed in subsection 4.4.2 relevant and complete? If not, please explain why.
The issues pointed out in the discussion document questions are certainly relevant. It remains that cross-border refers to transactions between members of the EU. FinTech services in lending and investement remains largely local. However overseas cross-border transactions ( eg, mobile remittances) we’ll be more complex to monitor, potentially undermining the level of protection of the end-user. The search of business volumes will drive the international cross-jurisdictions reach of local FinTechs creating legal uncertainty. In this context, the international cooperation between supervisors is essential.Question 12: As a FinTech firm, have you experienced any regulatory obstacles from a consumer protection perspective that might prevent you from providing or enabling the provision of financial services cross-border?
NA for SPA membersQuestion 13: Do you consider that further action is required on the part of the EBA to ensure that EU financial services legislation within the EBA’s scope of action is implemented consistently across the EU?
SPA considers that at present, the Regulatory Technical Standards don’t solve completely the issue of how to implement from the technical point of view the legal requirements. .But that’s not an issue specific to FinTechs but to the overall payments industry (business domain of SPA members). A solution is that standardization bodies provide with technical provisions. Now, by their limited resources, FinTechs cannot be very influent in standards-setting bodies. On the other hand there is a concern, that a too prescriptive technical standard might exclude di-facto existing technical solutions and as such come in conflict with EU competition law and/or prevent innovation which is the real “raison d’être” of FinTechs. As the question suggests, that’s probably an area for further development by the EBA.Question 14: Are the issues identified by the EBA and the way forward proposed in subsection 4.4.3 relevant and complete? If not, please explain why.
Yes. SPA believes that the section states clearly the main issues and how to address them properly.Question 15: Are the issues identified by the EBA and the way forward proposed in subsection 4.4.4 relevant and complete? If not, please explain why.
Yes. SPA believes that the section states clearly the main issues and how to address them properly.Question 16: Are there any specific disclosure or transparency of information requirements in your national legislation that you consider to be an obstacle to digitalisation and/or that you believe may prevent FinTech firms from entering the market?
National Legislations for financial services in the EU countries where SPA members are located are the transposition of EU financial regulation and other cross-industry regulations (Articles 101 and 102 of the Treaty, Global Data Protection Regulation ). At present, we haven’t found any obstacle for FinTechs entering the market other than the compliance with the legal provisions set out by the existing laws themselves.Thus, requirements in terms of compliance with the Anti-Money Laundering legal framework, the compliance with the GDPR and Consumer Protection provisions as set out by the PSD2 are challenging for FinTechs unless they operate under the legal umbrella of a credit institution. Future regulation on resilience to cyberattacks will result in hard security certification requirements for payment service providers offering financial services to the end-user as most FinTechs ambition to do. This point is well explained in clause 4.2.1 of the discussion paper.Question 17: Are the issues identified by the EBA and the way forward proposed in subsection 4.4.5 relevant and complete? If not, please explain why.
Yes. SPA believes that the section states clearly the main issues and how to address them properly.Question 18: Would you see the merit in having specific financial literacy programmes targeting consumers to enhance trust in digital services?
Education ( what to do , what not to do) when accessing and using personal devices for access to financial services is no doubt necessary to overcome fears and also reduce the perimeter of attack by fraudsters.Also education in terms of awareness of the legal consequences of contractual terms and conditions when enrolling to new financial services ( what you should pay attention to) could be useful.
Question 19: Are the issues identified by the EBA and the way forward proposed in subsection 4.4.6 relevant and complete? If not, please explain why.
The issues are clearly expressed. Now the real challenge is the huge level of complexity of those algorithms using big data to profile customers, which makes them in practice impossible to evaluate. Transparence is another issue there, because such algorithms are the cornerstone for competition and therefore constitute highly confidential IP information.Question 20: Are the issues identified by the EBA and the way forward proposed in section 4.5 relevant and complete? If not, please explain why.
Yes. SPA believes that the section states clearly the main issues and how to address them properly.Question 21: Do you agree with the issues identified by the EBA and the way forward proposed in section 4.6? Are there any other issues you think the EBA should consider?
Yes. We support and encourage the EBA initiative to create a framework to evaluate how vulnerable Fintech technology may be for misuse for money laundering and financial crime purposes.Question 22: What do you think are the biggest money laundering and terrorist financing risks associated with FinTech firms? Please explain why.
FinTechs acting as TPPs and offering instant payments are more vulnerable to money laundering activities: more intermediaries in the transaction flow and fast execution times with payment finality are attractive characteristics for fraudsters. Payment Methods ( Instant Person-to-Person or Person-to Business Payments) with real-time availability of funds for the payee and subsequent transferability are more likely to be misused for financial crime purposes. It’s obvious that FinTechs operating in offshores or countries “at risk” or merely facilitating cross-border payments are more vulnerable to misuse by criminals. Credit lending platforms is another financial service at risk, specially if peer-to-peer lending services are supported.By their own nature, Blockchain and Distributed Ledgers Systems present vulnerabilities not fully understood yet ( malware, denial of service) including potential for money laundering (specially if anonymous transactions may take place). If the DLS has no central authority, there is no legal entity accountable for compliance with AML laws.
Question 23: Are there any obstacles present in your national AML/CFT legislation which would prevent (a) FinTech firms from entering the market, and (b) FinTech solutions to be used by obliged entities in their customer due diligence process? Please explain.
Same rationale than for question 16. The real limitation is the very challenging operational constraints for compliance with the AML/CFT and the fact that incumbent credit institutions have all the necessary the policies, processes and systems to control AML/CFT risks that FinTech have to build.If a Legal Sandboxing is needed as a trade-off to help Fintech to enter the financial/ payments market, security should be excluded from any exemption regime. With regards security, financial institutions and Fintech should be subject to the same requirements, including compliance with AML/CFT..