The Personal Investment & Financial Advice Association (PIMFA)
Yes. The Personal Investment Management & Financial Advice Association (“PIMFA”) was created on 1 June 2017 by the merger between the Wealth Management Association (“WMA”) and the Association of Personal Financial Advisers (“APFA”). PIMFA’s members (numbering over 2,080 full and associate members) cover a broad spectrum of investment firms offering wealth management, investment and personal financial advice, and execution services. Our response is therefore mainly based on our experience of the application of Fintech to investment, rather than banking, credit or payment, services. That said, a number of our member firms are the wealth management arms of some of the UK’s largest banks, and are actively applying Fintech to their distribution channels and products.
Broadly speaking, yes.
We believe that Fintech has the power to deliver ‘win/win’ solutions; a positive for firms in enabling them to reduce the cost of delivering products and in offering greater consumer and product choice, on the one hand; and, on the other hand, for users/consumers of investment and other financial services facilitating their access to these products, and enabling a more streamlined, safe and rapid process for their purchase. Many institutions still suffer from archaic legacy IT systems, and Fintech presents an opportunity to modernise or by-pass these systems.
Among the threats are poorly developed and explained products; inconsistencies (e.g. legal, regulatory) between the treatment of remote and face-to-face transactions, and the risk of regulatory arbitrage between different product ranges and sectors. We also believe that new systems can display vulnerabilities, particularly in the form of cyber risks; when an innovative system is created, it can come with flaws so the firm also needs to invest in ways to secure it.
No further comment.
While the application of Fintech is growing rapidly, Fintech-facilitated solutions still only represent a small proportion of the overall business of credit institutions. An example are internet only banks. Even where new Fintech-providers are challenging incumbents, there is scope for the latter to enter into collaborative arrangements with Fintech providers, who lack the clientele base or scale to penetrate the market on their own. As mentioned in our response to question 3, Fintech also represents an opportunity for incumbent firms to modernise, and even extend their product range, reducing both their cost base, and benefitting their clientele.
While the credit institutions’ clientele is changing from a technology neutral one (embracing both face-to-face and online applications) to a more digital native one, institutions still have to cater for both types, meaning that business models should evolve more gradually. This is not a one-way process, and there will still be room for traditional delivery mechanisms such as branches, and face-to-face contact. And this is true in the investment/wealth management space as well. In our experience, even those clients/users who are more inclined to use full digital services would prefer to interact with a human when it comes to important decisions such as investing - that is why hybrid models are considered more attractive than digital-only solutions.
We suspect that this particular segment of the market is changing rapidly and will continue to change, under the impetus of (i) PSD II; and (ii) novel payment applications such as Apple Pay. Hand-held payment applications have proved particularly popular, as an alternative to cards and cash, extending the drift towards an electronic wallet, as have contactless cards (where payments below the £30 threshold in the UK are increasing rapidly and have proved particularly popular). This is a good example of incumbents partnering with Fintech providers, in order to maintain a hold over customer data, and retain their market share.
Yes. Cross-sectoral regulatory coherence and a repartition of responsibilities/roles between home and host authorities are particularly key.
We are not a Fintech firm, but note that, in the investment space, the main obstacles can also come from the inconsistent application of EU rules in Member States. In the investment space, examples include the KIID under the Prospectuses Directive. We also suggest that fragmentation can be caused by national legislation applicable to Fintechs wanting to offer their products and services across Europe.
Yes, particularly in relation to consumer protection.
Yes. There particularly exists a lack of understanding/knowledge of cross-border redress mechanisms.
No. The use of regulatory sandboxes also enables the firms’ products to be tested, ahead of launch, and in the UK context, we do not believe that such requirements act as an obstacle. At the EU level, however, we note that there are some Mifid requirements that do not help digitalisation e.g. statements can be delivered through digital means only if the firm can prove that the client has accessed the webpage. This is expensive, it makes paper a better, cheaper option.
Yes. However, we caution that the impact of Fintech is something of a double-edged sword. On the one hand, Fintech applications and their descriptions can empower clients’ understanding through simpler explanation of products, processes; on the other hand, those without access to a computer or the internet may be disadvantaged or face a reduction in consumer choice, potentially ending up with an inferior product. Education therefore is key.
These should be encouraged by regulators, but should be driven by industry-wide initiatives.
Broadly speaking yes, but we would add that that regulators have a role to play in the robustness and planned outcomes arising from the use of algorithms or AI. Understanding, and regular review, of a firms' algorithms and other AI processes is key. It is important that not only the firm understands where and how artificial processes are driving its client base (including inclusion/exclusion), but also that it should be able to explain to its clients, and regulators, how these work. Similarly, we believe that it is important that regulators/supervisors develop the expertise to understand and evaluate these processes. We draw here the analogy with banking supervisors being required to analyse and approve firms’ models in the use of the Internal Ratings Approach in the CRR and Basel III frameworks. In addition, algorithmic trading is regulated in MiFID II, and automated profiling is regulated by the GDPR.
We suggest that firms should share with their regulators the main features/parameters of their algorithms, potentially including some generic requirements, namely:
- What is the main thrust/aim of the algorithm/AI process?
- What products does the algorithm/AI process prioritise?
- How often is the algorithm/AI process changed?
- What does the firm do if the algorithm/AI process clearly does not deliver an acceptable outcome for the client?
Broadly speaking, yes, but we would add that one further facet might be where the application of Fintech leads to some element of outsourcing or offshoring of a critical function. In this case, we would suggest that this application might mean that the usual checks and balances in respect of critical service providers might include the reliability/robustness of the technology, and what could be done to mitigate its failure, or how to replace it. We would anticipate this as being part of any (enhanced) sectoral framework, such as in the BRRD/SRM or the CPMI-IOSCO Principles for Critical Market Infrastructures.
Fully digitalised business models have an inherent risk in that there is never face-to-face contact between the firm and the customer, therefore these businesses are more at risk of being abused by criminals and need to ensure that they manage customer risk – KYC- appropriately. AML rules may not be interpreted in the same way across Europe which could enhance the risk of regulatory arbitrage and push the less transparent online businesses towards more lenient jurisdictions. And then this could lead to potential distribution across Europe to the detriment of consumers.
Fintechs, especially new entrants to the market, may carry risk of being abused because they are new and may need education and support from competent authorities to help them comply with AML and CTF requirements. As to firms offering automated AML/CTF services, their challenge is to keep up to date and ensure that their solution is fully compliant at all times.
The UK operates in a technology neutral environment, so there are not, per se, legal barriers to digital businesses operating within its boundaries, provided they are compliant with applicable laws and regulations including AML and data protection.