I hereby address you as the Vicesecretary General of the Spanish Finance House Association (ASNEF), to which 51 financial entities belong, specialising in the granting of loans for small and medium-size companies and families (of which the car and mass consumer sectors are very relevant).

As a consequence of their activity, our associates play a fundamental role in the growth and sustainability of Spain’s economy and employment.

In 2016, the total activity of ASNEF associates reached 54,846 million euros, of which 26,118 million basically represent private loans, consumer and vehicle credit, and 28,729 million represent business activities, mainly related to the financing of vehicle stocks.

In relation to family loans, of interest is the fact that more than 10 million contracts were signed in 2016.

In turn, consumer and car loans granted by ASNEF associate entities constitute approximately 45% of total family loans covered by all the financial entities supervised by the Bank of Spain.

Likewise, worthy of mention is the fact that our companies’ activity generated more than 22,500 jobs in Spain in 2016 (directly, indirectly and induced), representing 0.12% of the active population in Spain.

In the same way, the economic boost generated by loans granted by ASNEF associates in 2016 impacted Spain’s Gross Domestic Product, by approximately 2.26%.

ASNEF gladly welcomes the debate proposed by the EBA, as it confirms that both entities share a concern about FINTECH’s current situation.

The EBA study conducted in spring 2017 does nothing but confirm that the FINTECH phenomenon should be one of the EU’s working priorities in banking regulations. Some figures are particularly outstanding: 31% of FINTECH entities are not subject to any type of regulations and, in turn, a large part of their clients are consumers; the percentage of entities collecting funds from the public (11%) is also very alarming, as they are not regulated.

ASNEF believes that FINTECH as a fact requires specific and uniform regulations within the EU, immediately, according to the risks assumed by the activities in which these entities are involved. There are two reasons for this: on the one hand, consumer protection is necessary (which, as will be seen, has been weakened) and, on the other hand, an already unacceptable distortion in free competition between regulated entities and FINTECH.

As regards the first point, in countries, for instance, where credit activity is not subject to any reservation, FINTECH entities do not provide consumers with sufficient information on the terms of their financing. Likewise, their publicity is not subject to strict disclosure and surveillance rules imposed by a supervisory authority. This notwithstanding, the reputational damage resulting from this credit activity, due to non-disclosure, also affects regulated entities, which are subject to a strict regulatory and supervisory regime.

Also of interest is the fact that EU Member States regulate consumer loans in a totally different manner, to also include the FINTECH channel, and this has a very relevant impact on each country’s competition.

Thus, in France, Italy, Germany or Portugal, in order to be able to professionally loan money it is necessary to hold credit or financial entity status, authorised and registered to carry out this activity and supervised by the competent banking authority, i.e. an “activity reservation”. This is not the case in Spain and other EU countries, where any commercial entity may lend money or grant credits, without restrictions, even through entities with a capital stock of 3,000 euros.

Consequently, in those countries where an “activity reservation” does exist, FINTECH company activities do not constitute unfair competition, as they need to meet all the necessary legal requirements as credit or financial entities, regulated and supervised, such as corporate governance, solvency, capital stock, disclosure and the handling of client claims.

However, in other countries like Spain where this “activity reservation” does not exist, many FINTECH entities do not meet these legal requirements and, consequently, leave consumers unprotected, on the one hand, and, on the other, cause their activity to offer unequal levels of competition, as these requirements are not mandatory, thereby incurring unequal administrative or other costs, which also impact the price of the products offered.

This is why it is vitally important for all of Europe to follow the same “level playing field” principle, in order to compete on the market fairly and competitively.

Therefore, we consider that FINTECH as a fact encourages innovation and is consequently progressive; however, for its current development and to ensure that business traffic and the financial system are adequately secured, it is now absolutely necessary to specifically and uniformly regulate the issue within the EU.

We would like to point out the need for full harmonization in FINTECH regulations throughout the European Union, as the only way of guaranteeing a single market and cross-border activity.

Further to these comments, I would like to end this introduction by highlighting three points:

1.- The same rules of the game should apply to the same activity, irrespective of product distribution channel.
2.- FINTECH consumers must be protected.
3.- An “activity reservation” to be able to loan money throughout Europe, as is already the case in Germany, Italy, France and Portugal.
Q1: Are the issued pointed out by the EBA and the path to follow proposed in section 4.1 relevant and complete? If not, please explain why.

First of all, we consider that EBA’s study on the current scenario of FINTECH entities is very enlightening; however, based on its results, we think that it requires a follow-up, through periodic updates allowing a supervision of its performance.

In relation to this study, an outstanding fact is that the percentage of FINTECH entities not regulated by domestic or EU laws is 53%; this means that such entities are largely exempt from any control and surveillance. This effect is probably the result of a decided wish to favour innovation. However, please note that this, on the one hand, goes against required consumer safety and, on the other, also contradicts non-discrimination laws, highly extolled by the authorities, allowing different agents to compete in equal terms. Any activities involving the same risks in terms of financial stability, consumer protection and the integrity of the financial system should receive the same regulatory treatment.

Sandboxes are a useful tool for progress and innovation. However, we should stress that they need to be previously regulated in non-discriminatory terms, allowing all types of entities to participate in the same conditions, and, two, regulations should guarantee the necessary consumer protection. As a result, ASNEF backs up any work to thoroughly examine the features of sandboxing, innovation centres and similar regimes, in order to establish, in this regard, a safe, common, uniform and non-discriminatory framework inside the EU.
The path proposed by the EBA is in the right direction. However, it needs to take into account the following comments.

First of all, it is highly important to note that so-called innovating services are not just provided by FINTECH entities; regulated entities have deeply transformed their structures and business model, which are now based on new technologies, present in all their operations. This notwithstanding, regulated entities are expected to compete on the market with new operators that are not subject to strict regulation and supervision, which means that the competition framework is unequal and unfair.

Specifically, these entities are not subject to minimum capital requirements derived from their risks, making them vulnerable, given the little experience that exists in the technological solutions implemented. However, this risk is readily assumed by regulated entities, which are endowed with a financial structure that is able to absorb the impact derived from these operational risks. This is why we believe it is necessary for new operators, directly operating on the market, to meet capital requirements based on the risks of the operations undertaken, in such a way as to guarantee that any potential negative impact may be undertaken, in the event of failed operations.

In turn, this exercise should also be used to consider whether excessive regulatory requirements should be relaxed in operations that do not entail a collection of deposits, where financial entities are now facing these new operators at a total competitive disadvantage, thereby curbing business growth.
Without prejudice to the opportunities derived from innovation, we need to take into account that their implementation in the field of finance entails risks in terms of stability, consumer protection and the sector’s integrity.

It is necessary for regulators and supervisors to observe digitalisation from a global perspective with respect to EU regulations. These global digital agents, through the Internet, obtain and also control a large part of consumer data; they can take advantage of any regulatory imbalance to process and use client data derived from financial entity operations. This is why we believe that there is a critical threat to consumer safety, also affecting stability in the financial sector, derived from distribution, bid data and segment platforms, given that they hold sensitive data that are indispensable in the sector.

This is why we propose that all regulators and supervisors channel their actions, considering digitalisation as a whole and also including the activity of non-financial operators, in order to develop a new framework that allows us to face any future crisis that may entail risks derived from new technologies.
Any entities carrying out payment and electronic money activities should be subject to the same security requirements as all other payment servicers. In this regard, please note that practices such as exchanged credentials and webscraping increase the risks of data infringements. Too much innovating ambition may sometimes relegate concerns on consumer protection, with the risks this entails. Consequently, we need to evaluate the potential risks of new technologies, regulating the service, not the technology behind the service. It is important to understand various technologies and to establish horizontal communications between various supervisors in order to be well aware of potential risks.
On this point, please note that operators participating on payment markets may take advantage of regulatory gaps vis-à-vis payment and electronic money institutions, which are subject to regulatory frameworks affecting the provision of their services; in addition to a clear competitive disadvantage, this puts the system’s security at risk.
In our opinion, said description should also necessarily include the risks derived from participation on the market of large technological companies, which may challenge the sector due to their high transforming potential and positioning to offer financial products. This is why we would like to insist on the risks derived from non-existing regulations for these entities, in operations that may directly impact financial markets.

In turn, we believe that all agents should be granted the same opportunities to innovate. As stated by the EBA, certainly, new market participants may be more flexible when implanting new technologies that transform and create new products or services, and also innovate means of distribution. However, it is also true that this greater flexibility is a consequence of non-existing regulations as well as a lack of the necessary structure and experience to evaluate and examine the risks derived from innovation. This is why we believe it is necessary to create a regulatory framework granting all entities the same chance to innovate as, otherwise, due to the huge competition of new operators exempt from regulatory obligations, the opposite effect on the market may occur, towards deregulation and, thus, towards “shadow banking”.
It is a known fact that financial entities have very often established alliances or partnerships with new operators, which is why we consider that a regulatory approach is very important to guarantee the development of these ventures.

Traditional financial entities have valuable IT infrastructures, largely derived from regulatory requirements, which need to be modernised in order to compete in the new digital order. This requires huge investments that are not incentivised, treated as intangible assets for regulated entities, in capital deduction terms, which generates a huge competitive disadvantage over new non-regulated operators. The EBA should pay attention not only to innovation at the start of the value chain, but also to investment and continuous improvement in the infrastructures backing up products and services. Let us recall that financial entities are also liquidity providers of FINTECH entities.
The participation of new payment service operators is causing a new inequality in competition terms, as the latter are not obliged to pay in order to access client payment accounts, backed up by costly infrastructures that are exclusively maintained by financial entities.

In turn, financial entities are also bearing greater competition in the business and are being forced to become more efficient and reduce costs, whilst also offering their clients new innovating services which, through big data, improve customer experience. This is why it is necessary to generate the necessary customer trust to ensure that consent is granted to access their data, whilst also generating more client satisfaction and helping the development of new customer added value services.
In our opinion, consumer disclosure and clarity should preside all operations in the digital world. Consequently, no discrimination would be justified either based on the type or class of operator providing the consumer service. The same operation, with similar associated risks, should demand the same protection devices.

In turn and as cited by the EBA report, the complexity of business models chosen by some FINTECH entities means that clients lack essential information, such as knowing who they are entering a contract with and what is the exact liability undertaken by the various agents in the event of a breach. This would be the case, for example, of crowdfunding platforms. The absence of a global framework regulating their operation, enforceable requirements and a description and limits on liability, all generate consumer uncertainty, which needs to be resolved. It is necessary for consumers to be able to clearly identify who would be eventually liable for the loss or damage caused and in what way and manner may a complaint or claim be filed.

Digital innovation should also provide news channels through which consumers receive transparent and particularly understandable information. Please note that the extensive information that is now available is not adapted to new supports, which hinders client accessibility, legibility and understanding. An example is the relevant standardised information, in addition to complementary information, to be provided by credit entities before a loan is taken out. This means that this information needs to be adapted in the use of new technologies in order to be truly useful for clients.

We therefore believe that a new regulatory framework is necessary, adapted to new technologies used for product processing, but also bearing in mind that they should be equal for all operators, overcoming any existing discrimination, to the benefit of consumers and free competition.
In the same way as we have insisted in other issues, the principle of equal regulatory conditions, applicable to the same activities irrespective of the agents, should be necessarily applied in a uniform and equivalent manner in EU domestic laws, in order to avoid new operators that offer their services through the Internet choosing more tolerant and flexible host legislations, thereby rupturing the internal market and damaging consumer disclosure and safety.

In this regard, we consider it essential to remove all unnecessary barriers and to encourage the provision of cross-border services, guaranteeing the application of a homogenous consumer protection and activity regime within the EU.
We think it is necessary that all supervisory authorities also control any new operators, in order to guarantee that their activity meets the necessary legal requirements and that their services are accordingly authorised.

It would be recommendable for ANCs to complete a study in each territory, in order to confirm whether the FINTECH entities operating in their territory, according to their actual activity, are or not subject to prior authorisation and registration. Furthermore, based on this study, an overview may be obtained of any national exemptions and concessions implemented by the various Member States. This will allow us to evaluate the impact of these differences on consumer protection and equal conditions between financial entities and FINTECH firms.
We agree with the issues pointed out by the EBA. Current consumer protection regulations may encounter difficulties in their effective application, due to new technological operators acting in the financial field, either because they are not based in Europe or because existing regulations do not identify the agent or its liability, as already indicated. Nevertheless, if a non-regulated FINTECH entity provides financial services, it must follow the claim procedures established in the destination country, under the supervision of its national authorities. We would highly recommend a directive, applicable in the EU, to regulate consumer complaints and claims, whilst also covering the activity of non-EU entities.
We consider that the issues identified are relevant and complete. Furthermore, we fully back up the plan to remove any potential barriers in national legislations to the use of new technologies in the field of finance.
In turn, a European Commission study has revealed a weakness in consumer identification and access devices, P2P platforms, where identity documents for registration are only rarely required. These platforms should be necessarily transparent on the devices used to manage review and classification systems, allowing the client to understand their quality control system.
As already indicated, we also agree on the need to adapt pre-contractual information to new technologies and supports used, in such a way as to ensure better consumer understanding and assimilation, which is not necessarily equivalent to a certain volume of information. In turn, the need for prior information should be equally expected of all operators, without discrimination, whether or not regulated entities. In countries where the granting of credits or loans is not a “reserved activity”, there is a huge imbalance, for instance, to the detriment of consumers and free competition too, with respect to said pre-contractual information and publicity and disclosure requirements; the latter are either not imposed on non-regulated entities or, if so, are inadequately applied. Evidently, FINTECH entities use this non-regulation.
Finally, please note that the use of personal data of FINTECH platform clients does not usually include prior transparent information on how these data are subsequently used. In our opinion, conditions should be necessarily reinforced to ensure that all clients are fully informed in advance.
As indicated above, the huge amount of consumer information required by some domestic laws restricts the provision of digital services, particularly in popular supports, like mobile phones. If, in addition to prior financial information, other information is required in other regulatory fields, in the end there is a conglomerate of prior information that is hardly compatible with digital surroundings, which consumers find hard to assimilate. We consequently insist on the need to adapt it to digital surroundings, facilitating its understanding without any operator-based discrimination.

Legislation may also be reviewed, preventing the use of electronic signatures for certain financial operations, in any form, by demanding a physical presence.
We believe that effort needs to be made in order to simplify and harmonise applicable regulations in the EU, which would result in greater progress and the easy dissemination of financial education, without overruling the possibility of introducing financial and technological training in each national education programme.
We consider that training programmes are necessary to improve consumer knowledge and information; this will increase consumer protection, on the one hand, and, on the other, will guarantee the stability of the financial system, avoiding a floodgate of claims. In this regard, the public sector should encourage the dissemination of training programmes with financial institutions, without excluding their introduction in mandatory primary and secondary education, as already stated.
Although we consider the path proposed adequate, we must recall that through artificial intelligence and big data the use of alternative data sources may encourage the inclusion and access to credit of insolvent consumers and persons with no financial background.
We agree with the issues pointed out by the EBA and the path proposed. In our opinion, given the increased involvement of new technologies in financial operations, some providers will be considered critical to guarantee operating continuity. We should also consider whether these operators should also be subject to some kind of regulation and supervision.
We agree with the issues pointed out by the EBA and the path proposed.

We also believe an in-depth examination is necessary of electronic identification systems, particularly on their compatibility with EU Directive 2015/849 (AMLD), which requires reinforced diligence in distance contracts.

We consider that public registry access exclusively to meet AMLD requirements would notably increase the efficacy of prevention action; however, it will be necessary to overcome occasional obstacles established by national authorities.

Finally, we would like to point out that we fully agree with the EBA on the need to ensure that FINTECH entities are treated, in various domestic laws, as subject when providing similar services to those of the subject parties. This is why we consider it necessary to guarantee that all funds used in crowdfunding operations have a legitimate source.
The fact that FINTECH entities are not regulated and supervised, although actual financial operations are executed, generates more relaxation and flexibility; it is even possible to act somewhat anonymously, which encourages white collar crime, specifically money laundering and the financing of terrorism.

The highest risks include crowdfunding activities, market loans, virtual currency and pre-paid cards. As indicated above, crowdfunding platforms based on many contributions of funds makes it difficult, or even impossible, in the current state of affairs, to apply the necessary techniques to prevent money laundering. This is why we consider that FINTECH firms carrying out this activity should be regulated and supervised, and also consider that competition is being distorted with respect to financial entities.
All regulators and supervisors should take the global digitalisation scenario into account and, particularly, the various regulations on remote customer identification and verification, which would very decisively encourage the use of new technologies. Consequently, a harmonised and homogenous framework is necessary in the EU which, whilst implementing the ALMD Directive, establishes possible means and solutions for electronic identification.