Technology is fundamentally reshaping how business is conducted and the way financial services operate — from the way we work, shop, socialize, spend and save. This increased digitalization of our world has in turn unleashed a raft of new risks for regulators and firms to stay on top of.

For example, customers are vulnerable to sophisticated online fraud, businesses are facing down cyberattacks, and criminal money-laundering has become fiendishly complex. 

In the financial services sector, further adaption of the regulatory approach is required to address these risks and encompass the vast range of new products and services being introduced — many of which come from companies which are not traditional banks. A greater level of protection will safeguard the stability of the whole system.

Regulators must act now to ensure banks, technology firms and, most importantly, customers can all safely benefit from the changes underway in financial services.

The New Regulatory Challenges

Competition and innovation from outside financial services has clearly benefited banking customers. For example, once one firm was able to approve loans or onboard new customers in a matter of minutes, retail banks had to find ways to dramatically reduce their own processing times. 

However, it is a delicate balancing act to ensure that regulation and supervision preserve the benefits of innovation and competition, while also protecting consumers, ensuring financial stability and safeguarding the integrity of the system from economic criminals. 

This is only going to become more difficult. As businesses have innovated, they have created products and delivery mechanisms which resemble traditional financial activities but are not currently covered by existing financial services regulations. 

Take these new and innovative services: peer-to-peer lending and e-wallets. Is peer-to-peer lending only intermediating payment transactions? Are the money balances in e-wallets equivalent to cash or deposits for consumers? The answers have not yet been universally agreed, and therefore there is also no agreement on which licences and requirements must be applied.  

Separately, firms may draw on data and dominant positions from outside the financial sector. While governed by cross-sectoral regulations (such as data or competition) these regulations may still be in development or in the process of adapting to new market circumstances. Financial regulators have established powers, rules and supervisory practices on many of these areas, but they cannot be legally enforced outside a specific financial licence.

Technology-driven change and new competition will continue to improve customer outcomes, financial inclusion, innovation and efficiency. 

Additional complexity comes from the way regulatory accountability is becoming diffused and, sometimes, confused as companies pick apart value chains. For example, payments companies from outside financial services are most interested in providing the clearing function, and in current accounts, new players often only choose to compete in the customer-facing section of the value chain. It is unclear where the overall responsibility lies for protecting the customer.

Some new entrants to the financial services arena cross multiple industries — for example, the big tech companies. As such, they can have huge volumes of data collected from all their business activities, including financial services, and use it to develop new products and services. But while financial services data is protected by regulation during its use in financial services activities, these regulations currently cannot be enforced outside this remit.  

The Way Forward

In our report ‘Big Banks, Bigger Techs?,’ we provide the first global policy analysis that explores approaches to regulating the next evolution of the market. We identified three areas for action:

Existing financial regulation: The scope of our current regulations needs to be extended to encompass all new types of activities. To do this, a common taxonomy must be defined so that there can be no confusion about what type of financial activity a company is engaging in. Similarly, it is necessary to expand the criteria that determine the activities included in financial services regulations. This should include unbundling value chains into their component parts and defining the regulatory responsibilities for each segment. 

In addition, we must find the right balance between guidance, principles and rules-based oversight and how to enhance consumer awareness of the different levels of protection they get from different products and providers. 

Cross-industry collaboration: On topics like data exchange, cybersecurity and anti-money laundering, we need to work with regulators in other sectors to strengthen policy. For example, his approach could require more cross-sector sharing of the anonymized data collected, subject to data privacy regulations, from other activities to ensure all firms have the same access to customer data for innovation and customization. 

Extending regulation into other industries: As companies from other sectors, such as technology, move in to financial services, it makes sense to rethink the boundaries for and interactions between national regulators to eliminate confusing overlaps and underlaps. This will correct inconsistencies in regulation and enforcement. For example, resiliency requirements are needed for any non-banks that perform banking activities, such as deposit taking, or any activity deemed systemically important. 

Fast-Forwarding to the Future

Technology-driven change and new competition will continue to improve customer outcomes, financial inclusion, innovation and efficiency. But these benefits will only be realized if we establish a regulatory framework that promotes the safe modernization and digitization of the financial sector. 

Policy-makers in the banking sector have, quite rightly, prioritized creating a COVID-19 response and forbearance. However, there is a clear need to now support and shape the financial sector for post-COVID economic regeneration. The disruption from the pandemic may prove to be the catalyst required to make the fundamental changes we need to embed a more effective and efficient regulatory framework.