How to regulate digitalisation in the financial sector in such a way that society reaps the benefits?

24 June 2022
Knowledge Base

by Laura van Geest

The last decade has brought progress in terms of financial stability, financial wellbeing, and fair and transparent markets. However, these are not ‘safe assets’. Climate change, the destabilisation of the international political order and the normalisation of monetary policy all affect the economy, the financial sector, consumers, and society at large. Digital transformation in particular will shape the future of the financial sector and financial supervision. Will the traditional financial services companies still play an important role twenty years from now ? Or will the technological superiority of Big Tech firms make them the dominant players ? Or will we move towards an alternative world of decentralised finance ? And what are the implications for supervisors and policymakers ?

Digitalisation will continue to have a transformative effect on the economy at large and a crucial impact on the world of financial services in the long term. How are current stakeholders going to cope with the lightning pace of technological change? The well-established players in the sector (private and public) struggle to keep up due to the legacy components in their IT systems, but also because of the international war for talent on an increasingly tight and ageing labour market. Large financial institutions used to top the lists of most attractive employers, but in the last decade they have been overtaken by firms like Google, Microsoft, and Apple.

Not only have the traditional players lost their competitive edge in IT systems and human capital, but large online platforms benefit from enormous quantities of data on consumers’ behaviour and preferences falling into their lap. These data can be exploited by smart algorithms targeting specific consumer groups, and this market power increases due to the inherent network effects of these large platforms. The more consumers and suppliers are linked to a platform, the more attractive it becomes because of this very fact. This leads to winner-takes-all markets.

Extensive use of consumer data is a double-edged sword in insurance. It can help to provide feedback and contain moral hazard. But personalised pricing is a dead-end street as far as risk solidarity is concerned. Personalised differentiation of insurance premiums will in the end entail prohibitively high premiums for bad risks. Over time, as the pool shrinks, we all become a relatively bad risk. Dutch insurers have agreed on an ethical code of conduct on the use of data. However, international competitors may not honour this code.

While Big Tech firms can exploit network advantages, financial institutions feel restrained. They are heavily regulated and intensely scrutinised by financial supervisory authorities. Big Tech firms are relatively new players on the block, and regulation has not yet adapted to their business models. As a result, the playing field appears tilted. While Big Tech firms hoard and exploit consumer data, financial institutions increasingly face open data requirements. While competition authorities limit the ability of financial institutions to grow through mergers and acquisitions, Big Tech has until recently enjoyed a lot of leeway in terms of integrating horizontally and vertically. Big Tech firms are the new rulers of the universe.

These developments also present new challenges to regulators and supervisors. These technologies drive the development of whole new business models and companies, initially outside the view and mandate of supervisors. Examples are the world of DLT and crypto, outside the mandate of supervisors, or the increasing outsourcing of IT and cloud services to firms outside the financial sector, where financial regulators can only intervene indirectly (via the outsourcing contracts). Regulators do not want to stifle innovation but worry about financial stability and consumer and investor protection. Digitalisation also increases possibilities for (cross-border) cybercrime, mis-selling and consumer fraud. How to intervene, what is the proper timing, and what is the appropriate level to act at in such an international market? And how can consumers be protected against supervisory arbitrage? The same questions apply when it comes to regulation safeguarding privacy. Consumers prioritise convenience and have no qualms about sharing their data, without taking into account the repercussions for themselves and others. How can policymakers ensure that privacy does not become a luxury that citizens on a tight budget can ill afford?

Looking ahead at the next twenty years, the financial sector and its regulators and supervisors will have to face these developments head on. It is time to face the music. It is a fact that data makes the world go round. It is a fact that network effects are strong. It is a fact Big Tech delivers products that people like. It is a fact that AI and DLT can deliver cost efficiencies.

It is no use fighting these developments. The challenge is how to regulate them in such a way that we reap the benefits as a society. This means safeguarding values that we all care about, like financial stability, consumer protection, privacy, solidarity and inclusiveness. It will not be business as usual. If the economy reinvents itself, the arena of policymakers and regulators needs to reinvent itself as well. As regulators and supervisors, we tend to operate bottom up. We look at our own toolbox, at our own part of the puzzle, and take the behaviour of other regulators as a given and then try to make the best of it. Instead, we should look top down at this new puzzle, consider what instruments work best, who is best placed to wield them, and then try to ensure that we all play our part accordingly. What does this mean in practice, apart from more supervisory convergence?

More action at the EU level will be needed, more action outside the classical arena of financial regulators, and more cooperation between regulators of all stripes. Big Tech firms provide services most consumers like, and their dominant position places them in a position of power which they may abuse. Apple Pay is a case in point: consumers like it, banks provide for it. Is Apple leveraging its market power from one market to the other? Competition regulation is the more effective route here. And although the Dutch Authority for Consumers and Markets (ACM) recently set an example,
the fact is that the European Commission seems better placed to make Big Tech toe the line. The same probably holds true for enforcing the General Data Protection Regulation protecting consumer privacy, especially in the case of large online platforms operating cross-border within the EU.

Digitalisation transforming the financial sector will also transform financial supervision. Financial institutions will transform increasingly into data and IT companies, will invest even more in IT, and will hire a different type of employee to stay in the game. These changes will also affect financial supervisory authorities, who will have to adapt if they want to continue to understand the business models of financial institutions and the risks involved. Supervisors will have to become multidisciplinary, hiring data scientists and acquiring knowledge of IT risks and cyber risks. Data and new technologies also offer new solutions for dealing with the unavoidable burden of supervision. Supervisory tech and regtech provide interesting opportunities for lower administrative costs, better data protection and more efficiency.

Digitalisation is leading to an overhaul of the economy, the financial sector, and supervision. This is a fact. And it delivers important benefits to society at large, such as tailor-made products at lower costs. But only if we get the conditions right. The best way forward is not bottom up, ‘every man for himself’. It is top down, ‘united we stand’. This implies the need for more action at the EU level, more action outside the classical arena of financial regulators and more cooperation between regulators of all stripes. Currently, a lot of regulation is being developed: the Digital Operational Resilience Act, Markets in Crypto Assets Regulation, Digital Markets Act, Digital Services Act, Artificial Intelligence Act, and the Open Data Regulation. These are crucial to get the missions of financial, competition and privacy supervisors realised. Whether it will be enough, time will tell. What is very clear, though, is that financial sector regulators cannot do this alone.

Horizontal competition and privacy regulation will play a vital role in the protection of public values we all care about, like financial stability, consumer protection, privacy and solidarity. We will have to find our way in this uncharted territory in terms of technology, in terms of business developments, and in terms of policy and supervision. We will need to monitor the total picture as it develops, and decide when action is necessary, who is best placed to act, and what tool is most efficient. It is time for policymakers and regulators to face the music and look at the bigger picture.

The author Laura van Geest, is Chair of the Executive Board of the Dutch Authority for Financial Markets.



Leave a Reply

Your email address will not be published. Required fields are marked *