Applauds EBA initiative to perform survey of current FinTech landscape
>> See .pdf version
>> Visit WSBI-ESBG innovation hub
European Savings and Retail Banking Group (ESBG)
Rue Marie-Thérèse, 11 - B-1000 Brussels, EU Transparency Register ID 8765978796-80
1. Authorisation and registration regimes and sandboxing/innovation hub approaches
Q1: Are the issues identified by the EBA and the way forward proposed in section 4.1 relevant and complete? If not, please explain why.
First and foremost, ESBG applauds the EBA's initiative to perform a survey of the current “FinTech" (as per the BCBS definition) landscape. Even though the survey encompasses about 20% of the estimated current EU FinTech population, it provides an invaluable (and at times, chilling) snapshot of the opportunities and issues raised by the emergence of FinTech in a non-harmonized regulatory and supervisory single market environment. ESBG would recommend that such a survey be performed at regular (ideally: annual) intervals over the next years at least.
Whilst ESBG certainly agrees that further investigation is warranted, the following findings of the survey already deserve to be highlighted:
In that sense, the issues identified by the EBA in section 4.1 are relevant and complete. The remark however that “there may be reasons that justify differences in treatment" can only be accepted against the background of a call for further investigation of the FinTech landscape. Otherwise, the working assumption should remain that the same regulatory and supervisory obligations apply to the provision of same services, across the single market.
With respect to the policy approach to FinTech under national regimes, it would be very useful to see a mapping of national sandboxing regimes, innovation hubs or similar regimes with the regulatory and supervisory requirements applied by Member States: it would be difficult to understand that Member States with lax or inexistent requirements deploy an ambitious approach to sandboxing, innovation hubs or other regimes.
Furthermore ESBG recommends that, participation in potential sandboxes should not discriminate on the basis of entity size, but rather let all types of entities participate on equal terms (as e.g. is the case in the UK). Therefore, work to further assess the features of sandboxing regimes, innovation hubs and similar regimes is supported. Thus, ESBG encourages the EBA to move forward with guidelines in this area and look forward to the final report.
The proposed way forward of the EBA – activities to be implemented in 2017/2018 - is supported, as is an assessment of the merits of converting the EBA Guidelines on authorisations under PSD2 into an RTS once experience is obtained, this not only to ensure compliance but also to identify and certify that high levels of consumer and data protection are safeguarded. This assessment should also take national regulation into consideration.
2. Prudential risks and opportunities for credit institutions, payment institutions and electronic money institutions
Q2: Are the issues identified by the EBA and the way forward proposed in subsection 4.2.1 relevant and complete? If not, please explain why.
In sub-section 4.2.1 it would appear that the EBA refers to both innovative services and new market entrants when using the term “FinTech". A clear distinction is required:
Therefore, in order to provide guidance to supervisors on how to act on, understand and evaluate these new prudential risks, ESBG believes that it is essential to maintain communication with and continuously observe trends in the industry. In particular, communication between supervisors in identifying and evaluating new prudential risks stemming from new technologies would be useful to prevent regulatory arbitrage.
As through the application of new technologies, smaller non-regulated entities can potentially circumvent requirements of capital and/or liquidity and even AML/CFT controls when executing traditional bank services such as lending or payments. If these requirements are eased or prone to circumvent, this could limit society's capacity to withstand financial turbulence.
The above-mentioned arguments also imply that, in general, the global digitisation landscape should be taken into consideration by European regulators and legislators. Of importance here are market drivers and market developments, as well as the implications that global entities have with respect to the formulation, entry into force and enforceability of legislation by European authorities. Provided these remarks are taken into consideration, the proposed way forward can be supported.
Q3: What opportunities and threats arising from FinTech do you foresee for credit institutions?
The opportunities presented for incumbent credit institutions by the deployment of FinTech are generally well presented in sub-section 4.2.1 (under consideration of the remarks immediately above). Therefore, many ESBG members invest in creating a fruitful partnership with reliable FinTech in order to benefit from comparative advantages and, consequently, be able to individualise the services delivered to customers. As ESBG members have a strong focus on customer centricity and the creation of added values for customers, open banking, for instance, would provide the opportunity to combine in-house date with data which is accessible from other sources.
The key threat from FinTech for incumbent credit institutions will though come from platforms (i.a. distribution platforms, segment platforms, data aggregation platforms) including those characterized as “GAFAs". This threat has not been identified by the EBA, and should be added. In general, this means that the global digitization landscape should be taken into consideration by regulators and legislators, with respect to both market drivers and developments, and the implications these may have with respect to the formulation, entry into force and enforceability of legislation by EU authorities.
Competition from platforms raises critical challenges for incumbent credit institutions, including strategic choices to be made between the manufacturing of products and their distribution, the management of a range of new partnerships, the protection of customer data, the allocation of product liability, and the capability to achieve scale.
As mentioned in the previous question, the regulators and supervisors need to take the global digitisation landscape into consideration with respect to the formulation, entry into force and enforceability of EU regulation. As the global digital players control a large part of the Internet and consumer data, they may take advantage of any regulatory imbalance to process and apply data in a way which banks are constrained by law to emulate. Hence, threats not only arise with the smaller innovators, but legislators also need to take larger non-banking entities into consideration so as to avoid the creations of a “lean regulation sector".
In this respect ESBG concurs with the conclusions of the World Economic Forum's recent Report “Beyond Fintech: a pragmatic assessment of disruptive potential in financial services".
However, in general, ESBG would like to highlight that it is the overall competitive landscape based on GDPR and PSD2 per se which could be regarded as threatfull.
Q4: Are the issues identified by the EBA and the way forward proposed in subsection 4.2.2 relevant and complete? If not, please explain why.
ESBG would not read paragraph 87 as representing accurately the Commission's motives in revising the PSD. As evidenced by the protracted debate over the finalization of the Regulatory Technical Standards on Strong Customer Authentication, the Commission's ambition to appear innovative may at times relegate concerns about consumer protection to secondary ranks.
Although ESBG believes that it is important to evaluate the potential risks with new technologies, ESBG also believes that it is important to regulate the service and/or product and not the technology behind the service. Therefore, it is important to have an understanding of different back-end technologies and establish horizontal communications between different supervisors to better understand potential risks.
This being said, ESBG approves the way forward proposed in sub-section 4.2.2, and is looking forward to continued dialogue, including public consultations, with the EBA on the different steps planned in the way forward.
Q5: What opportunities and threats arising from FinTech do you foresee for payment institutions and electronic money institutions?
N.A. (ESBG is replying as representative of credit institutions and associations of credit institutions).
3. The impact of FinTech on the business models of credit institutions, payment institutions and electronic money institutions
Q6: Are the issues identified by the EBA and the way forward proposed in subsection 4.3.1 relevant and complete? If not, please explain why.
Whilst ESBG can generally agree with the description provided under sub-section 4.3.1, ESBG is of the opinion that innovation should be stimulated in general and therefore ESBG would nevertheless like to stress that the focus shouldn't solely be on the impact of FinTech. Indeed, there are 4 types of innovations currently impacting notably incumbent credit institutions: certainly technological innovation, but also behavioral innovation (in the expectations and requirements of their customers, often induced by experiences from outside the financial sector), legislative innovation (although generally not in synch with either technological or behavioral innovations), and business model innovation (of new market entrants, but primarily of large technology companies, such as the platform players referred to earlier in this response – see Question 3). These 4 innovation streams have to be taken into consideration to paint a comprehensive picture of the market landscape for notably incumbent credit institutions.
To stimulate innovation and to achieve a level playing field in the area of innovation, all entities no matter their size must have the same opportunities to innovate. Here, as concluded by the EBA, less constrained new market entrants can be more agile when applying new technology that can radically change how their products or services are defined, produced and/or distributed. However, these might not possess the infrastructure and/or expertise to assess the risks connected to the development of their new products and/or services. One possibility, respecting sound business values, is that the incumbents can service the FinTech with such infrastructure in the value chain.
On the other hand, the so-called incumbents have licenses and established communications with regulators and supervisors. Moreover, they also possess infrastructure to scrutinize innovative developments through their already established compliance, risk management and legal departments. This in turn, however, constrains their ability to be as innovative as less regulated entities; since they are required to be compliant and are under constant supervision.
Furthermore, the relationships between technological innovation and regulatory and supervisory obligations deserve further analysis. Indeed, because of compliance with such obligations, incumbent credit institutions tend to introduce technological innovation in an “incremental" mode, where essentially new technology is applied to enhance the convenience or the efficiency of existing products and services without however changing neither (most of) the value chain nor the business model (at least in the short term), whereas less constrained new market entrants can often afford to apply a “transformational" mode, where the application of new technology radically changes how a product or service is defined, produced and/or distributed. One (amongst many) example can be found in the challenge faced by credit institutions seeking to adopt cloud services (in particular in a cross-border environment, even within the EU) whilst meeting existing supervisory requirements.
Hence, ESBG believes that, to achieve a level playing field whilst maximizing the innovative potential in the European economy, there is a need to create a more dynamic regulatory and supervisory environment that facilitates innovation by incumbents and FinTech. Such an environment could entail an adjustment of the current regulation to give entities, regardless of size, the same opportunity to innovate. These adjustments need to be set in dialogue with supervisors, incumbents and FinTech.
This being said, ESBG approves the way forward proposed in sub-section 4.3.1, and is looking forward to continued dialogue, including interviews and public consultations, with the EBA on the different steps planned in the way forward.
With respect to RegTech, as it is briefly referenced to in recital 96, ESBG Members understood from the public hearing that the EBA considers RegTech as a separate issue and that the EBA will address it at a later stage after the FinTech analysis has been made. ESBG believes that RegTech deserves priority so we welcome this next step; otherwise, we would like to see RegTech to be included on EBA's FinTech roadmap.
Q7: What are your views on the impact that the use of technology-enabled financial innovation and/or the growth in the number of FinTech providers and the volume of their business may have on the business model of incumbent credit institutions?
Against a general background of customer behavioral, technology and regulatory change, incumbent credit institutions are focused on finding the best solutions, including the best partners, to solving challenges and implementing these solutions as quickly and safely as possible. Thus, incumbent credit institutions generally both buy technology and build solutions, and partner with FinTech firms.
Regulators hold a key responsibility in enabling this process. On one side, as highlighted earlier in this response, regulation and supervision must enable incumbent credit institutions to deploy new technology-based products and services without any undue encumbrance, on the other side FinTech firms should be subject to the same obligations than credit institutions in this respect, in order to establish a safe foundation for partnerships, and ultimately to ensure a level playing field – in particular against the background that technology is lowering barriers to market entry, thus increasing the number of start-ups, although only a few may survive their first year.
However, a discussion of innovation also needs to take into account incremental innovation (both common systems and bank specific), i.e. innovation to enhance existing products and services without changing the business model. Therefore, it is important to distinguish between a technical innovation that leads to a new product or service and a technical innovation that improves the characteristics of current products and services.
Given the importance of this incremental innovation, it is important that the EBA and other government institutions not only focus on innovation in the front-end part of the value chain, but also create the preconditions for credit institutions to continuously invest and improve in the back-end systems. Today, based on sound business cases, incumbent credit institutions are investing in and providing the infrastructure to support the products and services provided to their customers. However, going forward, as products and services will be provided by both new and old entities the incumbents' willingness and capability to provide and invest in such infrastructure should not be taken for granted.
It is also useful to remind that it is credit institutions who provide liquidity and asset safe harbour for FinTech firms.
Additional note: global FinTech funding remained stable in 2015 and 2016 (at USD 19 billion, according to BI Intelligence report, August 2017).
Q8: Are the issues identified by the EBA and the way forward proposed in subsection 4.3.2 relevant and complete? If not, please explain why.
N.A. (ESBG is replying as representative of credit institutions and associations of credit institutions).
Q9: What are your views on the impact that the use of technology-enabled financial innovation and/or the growth in the number of FinTech providers and the volume of their business may have on the business models of incumbent payment or electronic money institutions?
4. Consumer protection and retail conduct of business issues Q10: Are the issues identified by the EBA and the way forward proposed in subsection 4.4.1 relevant and complete? If not, please explain why.
Considering that consumer protection has been at the forefront of legislators' justification for introducing many dispositions in the field of retail banking in the past, and that these have significantly increased the cost of providing such services, it is essential that consumers obtain full transparency and clarity about their rights and limitations thereto when transacting with providers notably in the digital world.
Indeed, the fragmentation and recomposition of the provision of services induced by digitization creates challenges for consumers, notably with respect to service and product liability and redress. In the financial area, such challenges are compounded by the imperative of assessing the creditworthiness and sustainability of the provider, which often hinges on the precise role that this provider is playing in a given product or service value chain. At the most basic level, this would call for unambiguous identification of providers, based on (single market-wide) harmonised authorization and registration process. In order to ease understanding by consumers, a limitation to the number of categories of providers must also be considered, even when the responsibilities and liabilities of these providers would have been harmonised EU-wide. Consumers should be fully informed upfront about the party in a given product or service value chain with whom complaints and claims should be lodged (whilst – for consumer convenience – a single party may be assigned a “claim concentrator" role, it is though not acceptable that such role is performed without compensation for that party, nor without the possibility for that party to cap the risks arising from that role – PSD2 dispositions with respect to the relationship between ASPSPs and PISPs are certainly not the appropriate blueprint in this field for the future).
Generally, as highlighted earlier in this response, the complexification of the financial services value chain as well as the multiplication of partnerships call for taking another look at existing dispositions on product and service liability. Here, the digital dimension can offer supervisors, incumbents and FinTech new possibilities to provide such transparency to consumers. Hence, ESBG encourages the EBA when performing its in-depth review of EU legislation requirements, to take technical developments into account to find the right balance between consumer protection and fostering innovation.
Under these considerations, the way forward proposed in sub-section 4.4.1 is supported, and ESBG looks forward to continued dialogue, including interviews and public consultations, with the EBA on the different steps planned.
Q11: Are the issues identified by the EBA and the way forward proposed in subsection 4.4.2 relevant and complete? If not, please explain why.
The issues expressed under sub-section 4.4.2 actually tie directly into the previous sub-section. It is obvious that borders tend to fade in the provision of digital services, so that all consumer issues highlighted immediately above are only compounded.
This is why not only at least equivalent yet ideally same regulation should be extended to non-regulated FinTech firms, but also such regulation should from the onset be conceived with fostering innovation and the single market in mind, and not limited to “cross border" transactions. The cross-border provisioning of financial services also adds complexity to the consumer protection legislation differences between the EU member states and to home/host supervision.
Under these considerations, the way forward proposed in sub-section 4.4.2 is supported, and ESBG looks forward to continued dialogue, including interviews and public consultations, with the EBA on the different steps planned.
Q12: As a FinTech firm, have you experienced any regulatory obstacles from a consumer protection perspective that might prevent you from providing or enabling the provision of financial services cross-border?
Q13: Do you consider that further action is required on the part of the EBA to ensure that EU financial services legislation within the EBA's scope of action is implemented consistently across the EU?
Notably throughout the Commission's Digital Single Market initiative ESBG has been persistent in stressing the utter requirement for harmonized legislation applied throughout the EU, certainly for all matters pertaining to and affected by digitization.
Whereas that goal may not be attained with any single stroke, a useful starting contribution would be to compile an overview of the waivers and other national dispositions implemented by Member States from both a regulatory and supervisory perspective applied to the transposition of a number of EU legislations. This should serve as the basis for an assessment of the impact that these differences in transposition have for consumer protection and for the level playing field between incumbent credit institutions and FinTech firms.
Q14: Are the issues identified by the EBA and the way forward proposed in subsection 4.4.3 relevant and complete? If not, please explain why.
Many European regulations, such as PSD2, already stipulated how consumer's complaints are to be handled. However, from a financial services perspective, if a FinTech company is un-regulated it still needs to respect and adhere to other national customer complaints requirements and should therefore be under certain supervision by national competent authorities. Thus, a pan-European guideline for consumer complaints could be a positive contribution to the non-regulated part of the industry and especially for entities acting from outside the EU.
The issues identified by the EBA under sub-section 4.4.3 are consistent with the concerns and issues raised earlier in this response. The proposed way forward is supported.
Q15: Are the issues identified by the EBA and the way forward proposed in subsection 4.4.4 relevant and complete? If not, please explain why.
The issues identified by the EBA under sub-section 4.4.4 are consistent with the concerns and issues raised earlier in this response. The proposed way forward is supported.
Q16: Are there any specific disclosure or transparency of information requirements in your national legislation that you consider to be an obstacle to digitalisation and/or that you believe may prevent FinTech firms from entering the market?
In general, there are many consumer protection legislations requiring that great amounts of information should be provided to the consumer ex-ante. Most of these regulations are at Union level and the amount of text makes it difficult to provide services on mobile devices. Here other national requirements, such as the requirement that certain contracts need to be physically signed in a bank branch, also make it more difficult to digitalise certain products and services.
Furthermore, some Member States have been or are gold plating the EU consumer protection framework and also financial market regulations making it difficult from providers from other states to use their standard offering and thus making “foreign" providers more expensive, and thus less attractive with the effect that the local market is reserved for the domestic providers.
As an example, although the Austrian ESBG member fully adheres to and supports the Austrian banking secrecy law, in some areas (e.g. data aggregation and analysis), this legislation might act as an obstacle to fully take advantage of the digital potential. Consequently, some specific exemptions to it might be worth considering.
Q17: Are the issues identified by the EBA and the way forward proposed in subsection 4.4.5 relevant and complete? If not, please explain why.
Whilst enhancing financial literacy is a general concept that can certainly be supported, notably against the background of an increasingly digital world the key recommendation would be to design legislation that is “fool-proof" by default (e.g. unfortunately neither the PSD2 nor the General Data Protection Regulation provide for a positive example in this respect). This should be achieved notably by legislators avoiding to unnecessarily fragment and complexify the provider landscape, and ensuring that harmonized conditions apply across the single market (which would also overcome the issue of language barriers It is also important that governments introduce and adapt relevant subjects, to promote digital and financial literacy, at an early stage in the national education.
Q18: Would you see the merit in having specific financial literacy programmes targeting consumers to enhance trust in digital services?
Taking into consideration the remark made immediately above, ESBG does not believe in the merit of specific, digital-focused financial literacy programmes. Financial literacy should be promoted from a channel and technology-neutral angle, whilst digital literacy (with a particular emphasis on cybersecurity aspects) is a field of its own and should be promoted by a number of stakeholders in society, including governments. Beyond financial literacy, special EU efforts should be dedicated towards increasing digital literacy. Some banks already provide digital literacy programmes but the engagement of more stakeholders should be promoted.
The remarks made in the response immediately above, with respect to the necessity for “fool-proof" legislation to the furthest extent possible, remain fully relevant as the key way to ease understanding by consumers and prevent complaints and claims. As mentioned above, it is also important that governments introduce and adapt relevant subjects at early stages within national education programmes.
Q19: Are the issues identified by the EBA and the way forward proposed in subsection 4.4.6 relevant and complete? If not, please explain why.
Investments in robo-advisors have been increasing strongly since 2014, and by 2020 the market is expected to grow by 200%. Therefore, automated financial advice is expected to ultimately lead to a growth in the number of customers reached by banks via digital tools. The objective of robo-advisors is to both reduce costs and reach new customer segments that prefer to interact through digital channels.
There are two main types of algorithms behind the notion of “robo-advisers":
In order to enhance consumer protection (and to provide a minimum set of standards to the robo-advice sector), some sort of supervision of initiative of the service will be required. Currently, many robo-advisory solutions base their profiling decisions on a very limited set of variables, and no suitability tests are undertaken, whilst customers are not able to perceive which measures each robo-adviser takes. Therefore, in order to avoid that clients perceive the same level of risk and quality of advice by robo-advisers taking different consumer protection measures, it is proposed that these services should be both supervised and rigorously compliant with MiFID II rules (for which supervision might also be needed).
Thus, the benefits that the mobilization of artificial intelligence by financial service providers will bring will not be constrained by adverse reactions of an uninformed public or over-zealous legislators. A range of actions from financial service providers could usually complement the approach described above and assuage such concerns upfront:
5. The impact of FinTech on the resolution of financial firms Q20: Are the issues identified by the EBA and the way forward proposed in section 4.5 relevant and complete? If not, please explain why.The issues identified by the EBA would call for the following comments:
6. The impact of FinTech on AML/CFT
Q21: Do you agree with the issues identified by the EBA and the way forward proposed in section 4.6? Are there any other issues you think the EBA should consider?
This question epitomizes a number of the issues highlighted earlier in this response. A few principles – often quoted by policy makers and legislators, yet quite imperfectly transposed until now – should be reaffirmed:
With these considerations, the proposed way forward is supported.
Q22: What do you think are the biggest money laundering and terrorist financing risks associated with FinTech firms? Please explain why.
It is obvious that both new technology and FinTech firms act as an appealing beehive for fraudsters and terrorists, in particular in activities such as crowdfunding, marketplace lending, virtual currencies, and prepaid cards. This is due mostly to the lax regulatory and supervisory environment of these activities applicable to new market entrants, combined with the possibility in some activities to maintaining a certain level of anonymity.
Q23: Are there any obstacles present in your national AML/CFT legislation which would prevent (a) FinTech firms from entering the market, and (b) FinTech solutions to be used by obliged entities in their customer due diligence process? Please explain.
Technologies that help a correct and secure identification of customers both remotely or in person could greatly help the usability of financial services and ease processes within the banks. The regulators and supervisors need to take the global digitization landscape into consideration in particular regarding regulations on remote identification and verification of customers. FinTech players are also blocked by innovative approaches (e.g. Artificial Intelligence/Machine Learning methods to improve AML Monitoring, etc.), which are at times unknown to the regulator and therefore not accepted. Therefore, enhancing know-how and regulatory guidelines for innovative approaches in the RegTech area is recommended as the current national AML/CFT legislation and framework could imply obstacles for such FinTech solutions as the requirements of identity proofing and verification are, to a large extent, excluding the possibilities of new technologies.
The requirements are also phrased to leave room for interpretation regarding identity proofing and verification that could lead to inconsistent implementation and approach to new technologies between the banks. One requirement for identification and verification is the address of the customer that cannot be considered called for or even fulfilled regarding certain technical solutions.
A harmonized European framework regarding the prevention of money laundering and terrorism financing to ensure the consistent application of the 4th and the upcoming 5th Anti-Money Laundering directives is necessary for the acceptance of the means for identifying customers remain in the Member States and for the European banks to have the same possibilities to accept new technologies and new customers, especially in a cross-border non face-to-face scenario.
About ESBG (European Savings and Retail Banking Group)
The European Savings and Retail Banking Group is a Brussels-based association that helps its member savings and retail banks thrive, focus on providing service to local communities and boost SMEs. ESBG brings together nearly 1000 savings and retail banks in 21 European countries that believe in a common identity for policy in Europe. Its members represent one of the largest European retail banking networks, comprising one-third of the retail banking market in the European Union, with 190 million customers, more than 60,000 outlets, total assets of €7.1 trillion, non-bank deposits of €3.5 trillion, and non-bank loans of €3.7 trillion. ESBG members come together to agree on and promote common positions on relevant regulatory or supervisory matters. Learn more about ESBG at www.wsbi-esbg.org.
European Savings and Retail Banking Group – aisbl
Rue Marie-Thérèse, 11 ￭ B-1000 Brussels ￭ Tel: +32 2 211 11 11 ￭ Fax : +32 2 211 11 99
Info@wsbi-esbg.org ￭ www.wsbi-esbg.org
Published by ESBG. November 2017.
>> See .pdf version
>> Visit WSBI-ESBG innovation hub