Regulating Financial Innovation: Fintech and the Information Deficit (EBI Studies in Banking and Capital Markets Law) 3031329708, 9783031329708

Citation preview

EBI STUDIES IN BANKING AND CAPITAL MARKETS LAW

Regulating Financial Innovation Fintech and the Information Deficit

Christopher Ruof

EBI Studies in Banking and Capital Markets Law

Series Editors Danny Busch, Financial Law Centre (FLC), Radboud University Nijmegen, Nijmegen, The Netherlands Christos V. Gortsos, National and Kapodistrian University of Athens, Athens, Greece Antonella Sciarrone Alibrandi, Università Cattolica del Sacro Cuore, Milan, Milano, Italy

Editorial Board (All members of the EBI Academic Board) Dariusz Adamski, University of Wroclaw Filippo Annunziata, Bocconi University Jens-Hinrich Binder, University of Tübingen William Blair, Queen Mary University of London Concetta Brescia Morra, University of Roma Tre Blanaid Clarke, Trinity College Dublin, Law School Veerle Colaert, KU Leuven University Guido Ferrarini, University of Genoa Seraina Grünewald, Radboud University Nijmegen Christos Hadjiemmanuil, University of Piraeus Bart Joosen, Free University Amsterdam Marco Lamandini, University of Bologna Rosa Lastra, Queen Mary University of London Edgar Löw, Frankfurt School of Finance & Management Luis Morais, University of Lisbon, Law School Peter O. Mülbert, University of Mainz David Ramos Muñoz, University Carlos III of Madrid Andre Prüm, University of Luxembourg Juana Pulgar Ezquerra, Complutense University of Madrid Georg Ringe, University of Hamburg Rolf Sethe, University of Zürich Michele Siri, University of Genoa Eddy Wymeersch, University of Ghent

General Series Editors (all members of the EBI Academic Board) Danny Busch, Financial Law Centre (FLC), Radboud University Nijmegen, Nijmegen, The Netherlands Christos V. Gortsos, National and Kapodistrian University of Athens, Athens, Greece Antonella Sciarrone Alibrandi, Università Cattolica del Sacro Cuore, Milan, Italy The European Banking Institute The European Banking Institute based in Frankfurt is an international centre for banking studies resulting from the joint venture of Europe’s preeminent academic institutions which have decided to share and coordinate their commitments and structure their research activities in order to provide the highest quality legal, economic and accounting studies in the field of banking regulation, banking supervision and banking resolution in Europe. The European Banking Institute is structured to promote the dialogue between scholars, regulators, supervisors, industry representatives and advisors in relation to issues concerning the regulation and supervision of financial institutions and financial markets from a legal, economic and any other related viewpoint. As of May 2021, the Academic Members of the European Banking Institute are the following: Universiteit van Amsterdam, University of Antwerp, University of Piraeus, Alma Mater Studiorum–Università di Bologna, Universität Bonn, Academia de Studii Economice din Bucures, ti (ASE), Trinity College Dublin, University of Edinburgh, Goethe-Universität, Universiteit Gent, University of Helsinki, Universiteit Leiden, KU Leuven University, Universidade Católica Portuguesa, Universidade de Lisboa, University of Ljubljana, Queen Mary University of London, Université du Luxembourg, Universidad Autónoma Madrid, Universidad Carlos III de Madrid, Universidad Complutense, Madrid, Johannes Gutenberg University Mainz, University of Malta, Università Cattolica del Sacro Cuore, University of Cyprus, Radboud Universiteit, BI Norwegian Business School, Université Panthéon - Sorbonne (Paris 1), Université Panthéon-Assas (Paris 2), University of Stockholm, University of Tartu, University of Vienna, University of Wrocław, Universität Zürich. Supervisory Board of the European Banking Institute: Thomas Gstaedtner, President of the Supervisory Board of the European Banking Institute Enrico Leone, Chancellor of the European Banking Institute European Banking Institute e.V. TechQuartier (POLLUX), Platz der Einheit 2 60327 Frankfurt am Main, Germany Website: www.ebi-europa.eu

Christopher Ruof

Regulating Financial Innovation Fintech and the Information Deficit

Christopher Ruof Hamburg, Germany

ISSN 2730-9088 ISSN 2730-9096 (electronic) EBI Studies in Banking and Capital Markets Law ISBN 978-3-031-32970-8 ISBN 978-3-031-32971-5 (eBook) https://doi.org/10.1007/978-3-031-32971-5 © The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 This work is subject to copyright. All rights are solely and exclusively licensed by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. The publisher, the authors, and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors give a warranty, expressed or implied, with respect to the material contained herein or for any errors or omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in published maps and institutional affiliations. Cover illustration: teekid This Palgrave Macmillan imprint is published by the registered company Springer Nature Switzerland AG The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland

Preface

This book has been accepted as a Ph.D. thesis at the University of Hamburg, Faculty of law, and successfully been defended on February 22, 2023. While already a countless number of books and articles have been written about fintech, this book goes beyond the typical analyses in the field and seeks to add a new perspective to the debate. It examines fintech systematically against the background of the inherent information deficit prevalent in financial regulation and asks how the newest manifestation of financial innovation exacerbates pre-existing problems. The findings of this study cumulate in a regulatory proposal that ultimately seeks to make the regulatory structure more stable and future-proof. A special thank goes to my supervisor, Prof. Dr. Wolf-Georg Ringe, for his excellent guidance and support throughout the whole process. I would also like to thank Prof. Dr. Roland Broemel for fruitful discussions and the timely completion of the second opinion on the thesis. The study has been written during my time as a research associate at the Institute of Law & Economics in Hamburg as well as during a research stay at Cornell University and while being a member and scholarship holder of the Albrecht Mendelssohn Bartholdy Graduate School of Law. I am grateful to each for their support.

v

vi

PREFACE

The biggest thank you goes to my parents for their unwavering patience and support and last but not least to Noura Maziak for bearing with me, constant invaluable advice and innumerable hours of vigorous proof-reading. Hamburg, Germany

Christopher Ruof

Contents

1 3 5 5

1

Introduction 1 The Aim and Contribution of This Book 2 Limitations 3 Course of the Study

2

Foundations of Financial Regulation 1 Financial Markets and Financial Intermediaries 1.1 Direct Finance 1.2 Indirect Finance 2 Regulation of Financial Markets 2.1 The Concept of Regulation 2.2 Regulation in the Financial Sector

9 9 11 13 16 16 22

3

The Information Problem and Regulatory Failure 1 The Information Challenge in Financial Regulation 1.1 The Information Deficit 1.2 The Role of Complexity 1.3 Addressing the Information Deficit 2 Regulatory Failure 2.1 Regulatory Capture 2.2 Crises-driven Regulation 2.3 Regulatory Forbearance 3 Result: Regulation—A Losing Game?

43 44 46 53 57 60 61 63 65 66

vii

viii

CONTENTS

4

An Introduction to Financial Innovation 1 The Role and Meaning of Innovation 2 Innovation and Regulatory Dialectic 2.1 The Industry Side of the Game 2.2 The Regulator’s Side of the Game 2.3 The ‘Pacing Problem’ 3 A Primer to Financial Innovation 3.1 Financial Innovation: A Chequered History 3.2 Defining and Classifying Financial Innovation 3.3 The Distinct Nature of Financial Innovation 3.4 Drivers of Financial Innovation 3.5 Assessing Financial Innovation: Implications so Far

69 70 72 73 76 77 80 80 82 88 91 97

5

Fintech—What’s New About It (and What Isn’t)? 1 The Term Fintech and What Is Captured by It 2 Fintech Drivers 2.1 Supply-Side Drivers of Fintech 2.2 Demand-Side Drivers of Fintech 2.3 Regulation as a Driver of Fintech 2.4 Contextualization of Fintech Drivers 3 New Fintech Business Models 3.1 Payment, Clearing, and Settlement 3.2 Deposit, Lending, and Capital Raising 3.3 Asset Management and Financial Advice 3.4 Market Support Services 4 Same Same, but Different: Distinctive Features of Fintech 4.1 New Field of Actors 4.2 New Pace of Innovation

105 106 109 110 112 115 119 120 121 124 127 129 137 138 149

6

Digital Disruption: Structural Shifts Under Fintech 1 Introduction to the Analysis 2 Decentralization 2.1 Decentralization of the Playing Field 2.2 Decentralization of Activity 2.3 Decentralized Technology 3 Automation 3.1 Automation of Front-Office Activity 3.2 Automation in the Back Office 3.3 Shifting Gravity: From Human-Driven to Algorithmic Finance

153 154 156 157 162 166 168 170 173 175

CONTENTS

4

5 7

8

9

Datafication 4.1 The Three Vs 4.2 The Data-Induced Shift of the Sector Conclusion

ix

177 178 183 185

The Information Problem Under Fintech 1 The Fintech Complexity 1.1 New Opaque Market Structures 1.2 Technological Sophistication and Specialization 1.3 Speed and Size-Induced Complexity 2 Information Deficit Under Fintech 2.1 Fintech and the Widening Information Gap 2.2 Fintech and Unknown Information 3 Summary of Findings and Some Real-World Indicators 4 Regulatory Implications 4.1 Fintech Challenging Traditional Style and Architecture of Financial Regulation 4.2 Fintech and Regulatory Failure

187 188 188 191 196 200 200 206 210 212

Conceptualizing a Regulatory Response to Fintech 1 The Point of Departure 2 A New Regulatory Approach: Rethinking the Public–private Divide 2.1 Three Guiding Principles Underwriting a New Structure: Experimentation, Participation, and Decentralization 2.2 Flexibility 2.3 Harness Technology 2.4 Risks and Challenges of the New Approach 2.5 The New Approach in Light of the Regulatory Objectives

219 220

Analysing the Current Menu of Fintech Regulation 1 Context and Goal of the Analysis 2 Innovation Hubs/Facilitators 2.1 Concept 2.2 Case Study: The EU Innovation Hub Landscape 2.3 Assessment 3 Fintech Sandboxes 3.1 The Regulatory Sandbox

283 284 285 285 288 292 296 297

213 216

223

225 249 259 265 278

x

CONTENTS

4

10

11

3.2 Umbrella Sandbox Supervisory Technology (Suptech) 4.1 Infrastructure Suptech 4.2 Suptech Tools: Machine-Readable and Executable Regulation

A Reg- and Suptech Platform for Fintech (Policy Proposal) 1 Recapturing the Findings so Far 2 Overhauling the Architecture of Financial Regulation 3 Optimizing and Expanding the Regulatory Toolkit 3.1 Optimizing the Regulatory Sandbox 3.2 Adding Specialized and Thematic Experimentation Spaces to the regulator’s Toolkit 3.3 Summary—Spoilt for Choice 3.4 Implications for the Information Gap and Regulator’s Mandate 4 Necessary Structural Changes to the Regulator 4.1 More Discretion for the Regulator 4.2 Resource Requirements for the New Approach 4.3 A Cultural Change Inside the Regulator 5 Remaining Risks and Limitations Summary and Conclusion 1 Financial Regulation and Its Inherent Information Problem 2 Financial Innovation and Its Contribution to the Problem 3 Fintech as the Current Manifestation of Financial Innovation 4 Digital Disruption: Structural Shifts by Fintech 5 Informational Implications of the Structural Shifts 6 Three Guiding Principles – the Intellectual Foundation of a New Approach 7 Two Necessary Conditions

314 317 320 325 335 335 338 345 346

352 357 359 360 361 362 365 368 375 375 377 380 382 384 386 387

CONTENTS

8 9

Current Regulatory Approaches to Fintech The Proposal

xi

389 391

Bibliography

395

Index

431

List of Figures

Chapter 2 Fig. 1

Direct and indirect finance (Source Author [adapted from Mishkin (n 2) p. 16 Fig. 2.1])

11

Chapter 4 Fig. 1

Information cycle in the regulatory process (Source Author)

103

Chapter 5 Fig. 1 Fig. 2

Fintech as the current episode in the trajectory financial innovation (Source Author) Different types of players on the finance-technology spectrum (Source Author)

108 146

Chapter 6 Fig. 1

Traditional structure of banking ecosystem vs structure under fintech. Under the fintech model, incumbent banks outsource back-office (BO) functions to small specialized TPPs while neo-banks have their back-office run largely by these TPPs. At the same time, neo-banks offer BO services to small fintech players, which (in some cases) provide their (front office, FO) service through the neo-bank as part of the bank’s product portfolio (Source Author)

160

xiii

xiv

LIST OF FIGURES

Fig. 2

Originator and distributor level in the financial services ecosystem. On the originator level small, specialized players create services which are distributed through distributors, in some cases as integrated parts of their portfolio, in others as an external service. At the same time, players on both levels utilize specialized TPPs for back-office functions (Source Author)

164

Chapter 8 Fig. 1

Components of the PPP model. The PPP model is made of three guiding principles (Experimentation, participation, and decentralization). The light blue layer shows the necessary preconditions/enablers for the PPP model, while the outermost layer captures necessary safeguards (Source Author)

226

Chapter 10 Fig. 1

Fig. 2

The new architecture in context to the information cycle in financial regulation (see original Figure 2 in Chapter 4) (Source author) Overview of the core elements of the new proposal. Part a shows the ecosystem on the regulatory platform. Part b illustrates the key changes to the regulatory approach. Notably, the status quo is only exemplary and not referring to an existing regulator in a specific jurisdiction. Part c lists the main structural changes that need to take place within the regulatory agencies (Source author)

344

353

List of Tables

Chapter 2 Table 1

Regulatory goals and market failures

32

Chapter 3 Table 1 Table 2

Resources of selected financial regulators compared to the size of the respective financial sector they oversee Resources of selected financial institutions measured in assets and number of employees

51 51

Chapter 10 Table 1

Comparison of tools to offer remedies for the information challenge under fintech

337

xv

CHAPTER 1

Introduction

‘Is fintech something new under the sun?’1 That is the question that occupies the minds of many legal scholars, economists, policymakers, and not at least what motivated the author of this study. Yet at a fundamental level, the answer depends on the perspective to the phenomenon—are we looking at the functions of specific fintech services, the way these functions are provided, or looking at the risks that fintech applications pose? These are just a small number of examples, where depending on the perspective the respondent has, the answer might turn out differently. Here, the study seeks to broaden the analytical lens and introduce a new perspective to the debate around fintech. In order to achieve this, it will go beyond the common focus on the piecemeal revision of specific regulations or the risks of specific fintech applications. Rather, it analyses the fintech phenomenon through an informational lens, meaning that it focuses on the information dynamics between the regulator and the private sector and seeks to answer what changes occur against this background. On this basis, it explores the implications and difficulties fintech

1 Mark Carney, ‘The Promise of Fintech—Something New Under the Sun’ (Deutsche Bundesbank G20 Conference on “Digitising Finance, Financial Inclusion and Financial Literacy”, Wiesbaden, 25 January 2017).

© The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 C. Ruof, Regulating Financial Innovation, EBI Studies in Banking and Capital Markets Law, https://doi.org/10.1007/978-3-031-32971-5_1

1

2

C. RUOF

brings for the regulator’s task of collecting, producing, processing, and acting upon information. Before doing so, however, it is necessary to zoom out a bit. Fintech, the most recent marriage between finance and information technology, stands as the current phase of long reaching history of financial innovation—born out of a ‘perfect storm’ of conditions in the aftermath of the Great Financial Crisis and drawing the attention of investors, regulators, and the media ever since. It encompasses a wide-ranging universe of services, digital assets, technologies, and infrastructures that promise faster, cheaper, and more convenient transacting. Thereby—so the narrative goes—it enables a wider swath of the world’s population to enter the world of digital finance—often by bypassing the traditional intermediary structure.2 Examples include the easier and cheaper providence of credit and loans, accessible investment advice to low-income consumers, or banking and payment services that require no more than an app on a smartphone. From crowdfunding over robo advisors to Bitcoin, financial technology firms promise to either ‘revolutionize’ or ‘disrupt’ the status quo of the financial services industry. They all have in common that they rely on arcane, but vitally important enabling technologies: The emergence of smartphones, the ubiquity of the internet, availability of high-speed computing, advances in cryptography, and innovations in artificial intelligence and machine learning. Big and small technology companies are entering the market providing these services, significantly diversifying the financial services market landscape, and putting competitive pressure on incumbent institutions. The COVID-19 pandemic gave an additional boost to the sector, as demand for digital financial service solution rose. This was later, in 2021, paired with an unprecedented surge in funding that flowed into fintech, and ‘tech’ more broadly. It is no surprise that the emergence of these novel services and technologies in the financial sector pose a wide spectrum of legal and regulatory challenges. Underlying most of these issues though is a deeper tension between innovation and regulation, which is the inherent information gap between regulators and the market. Put simply, when an innovation is introduced to the market, the regulator lacks information about it—the very basis of effective regulation. As a consequence, the regulator is always following the market, facing the constant challenge to 2 Also, Saule Omarova, ‘Technology v Technocracy: Fintech as a Regulatory Challenge’ (2020) 6 Journal of Financial Regulation 75, 75.

1

INTRODUCTION

3

keep pace with it. At the core of this dynamic is the fundamental division of roles, where the private sector actively innovates, continuously yielding new products and services while the public sector (i.e. the regulator) stays reactive, analysing the market activity and responding with given instruments. This creates an inherent lag between the time a product or a service hits the market and the response from the regulator. However, the larger this lag becomes, the greater the risks it creates. More specifically, a lag of a certain size that persists over some time can cause the sector to continuously detach itself from its regulation and result in a prevailing ‘regulatory mismatch’. To prevent this from happening, the regulator must collect and process dispersed information, a task that is subject to Hayekian concerns.

1

The Aim and Contribution of This Book

Because of the significance of the regulatory mismatch surrounding fintech, this study seeks to look into the fintech phenomenon from an informational perspective. Its goal—going beyond the transactional perspective—is to explore the deeper, systemic shifts associated with fintech that bear implications for the information gap and the regulatory lag. It is based on the notion that information is the lifeblood of regulation or at least effective regulation.3 In the financial sector, the consequences of informational failure and a resulting regulatory mismatch were vividly showcased by the events following the Great Financial Crisis of 2007/08 (GFC). While its emergence was the result of a confluence of circumstances, a cause included the lack of knowledge of regulators about interconnections in the sector and the corresponding systemic risks. Already in the early days of the Crisis, the then Governor of the FED recognized that ‘there’s an information problem in the markets’.4 Similar calls were made by Ben Bernanke, who identified an ‘informational deficit’

3 This phrasing is taken from Sean Gailmard and John W Patty, Learning While Governing: Expertise and Accountability in the Executive Branch (The University of Chicago Press 2013) 1. 4 ‘Transcript of the Conference Call of the Federal Open Market Committee on August 16, 2007’ 30 (statement of Frederik Mishkin).

4

C. RUOF

in the markets that contributed to the emergence of the Crisis.5 A more recent event that can similarly be connected to informational failure is the collapse of the German flagship fintech company ‘Wirecard’, where the competent regulator BaFin dramatically failed to look through the complex (and fraudulent) structure of the company.6 This particular incident of ‘informational failure’ in the end cost investors billions and hurt the reputation and credibility of Germany as a financial centre. Just less than a year later, the collapse of the UK-based financial services company Greensill Capital sent shockwaves through the global financial system. Similarly, regulators were kept largely in the dark about activities of the company while that had been building up massive exposures and become a source of systemic risk.7 The later collapse of a wide range of crypto players, most prominently the fall of FTX in November 2022, exposed vulnerabilities relating to multifunction crypto-asset intermediaries which caught many—including regulators—by surprise. These are just some of the most prominent examples that showcase the risks of a regulator left behind the curve as well as underpin the importance of an informed and potent regulator. Henceforth, this study seeks to contribute to the discourse around fintech by adding a (so far broadly neglected) informational perspective. Its main contribution is fourfold: First, it develops a conceptual framework for analysing the above-described information problem. Second, it identifies the key structural shifts that fintech brings to the sector and applies this conceptual framework to assess their informational implications. Third, it develops a number of high-level principles that a regulatory structure should be built on to effectively cope with the informational challenges brought by fintech. And last, it turns to the regulatory practice and analyses several key regulatory innovations against that background, before proposing its own concept, which it terms a ‘regulatory platform’ approach.

5 ‘Transcript of the Meeting of the Federal Open Market Committee on April 29–30, 2008’ 18 (statement of Ben Bernanke). 6 Olaf Storbeck and Guy Chazan, ‘Wirecard Scandal Leaves German Regulators under Fire’ Financial Times (24 June 2020). https://www.ft.com/content/f62f7f56-3d45492c-ae88-172948d21eb8. 7 Tom Braithwaite, ‘Billions at Stake and No One Knows Who Takes the Hit: When Is Greensill a Systemic Risk?’ Financial Times (12 March 2021). https://www.ft.com/con tent/811b1211-3135-4622-a81f-4bcbda568823.

1

2

INTRODUCTION

5

Limitations

At the same time, the subject of this study is limited in several ways. First, by nature, the subject of the study is broad and is located on a high level of abstraction. As a result, it leaves aside a number of more specific, yet undoubtedly important topics in the discourse around fintech, such as data privacy, cybersecurity or consumer or investor fraud protection. Second, it does not engage in the comprehensive discussion about the (social) desirability of certain fintech applications or fintech more generally. Third, it focuses on financial innovation in the financial services market and excluding developments in the capital markets. Such exclusion entails the worrisome resurgence of securities products such as the increasingly popular Collateralized Loan Obligations (CLOs) and similar products of financial engineering. Last, the purpose of this study is to examine the fintech phenomenon from the informational lens and thereby add a new perspective to the debate. However, as a result, it has inherent blind-spots to other perspectives and acknowledges that other commentators might decide that differing perspectives and criteria hold priority, and that trade-offs likely exist between implications for regulatory reform from other perspectives and those found in this study.

3

Course of the Study

The body of this study is structured in three main parts. The first one (i.e. Chapters 2–4) introduces the core themes of this study, the financial system, regulation, information, innovation, and the interplay among them. It begins by laying the foundation for the later analysis, describing the key structural elements of the financial system. It makes the distinction between direct and indirect finance and—regarding the latter—explains the role of financial intermediaries which improve the functioning of the financial system and ‘completing’ financial markets. Following that, it introduces a key subject of the study—regulation. After briefly discussing the nature and history of regulation, the study reaches the first intersection between regulation and information, discussing the general role and significance of information in the regulatory process. This role is then further detailed in the example of typical strategies deployed by financial regulators. The main contribution of the first part, however, is the development of a conceptual framework for analysing the information problem that is inherent to financial regulation. To keep up with developments in

6

C. RUOF

the market, the regulator must collect or produce information, process this information and finally translate it into regulatory output. Regarding the collection and processing of information, private market participants regularly have certain inherent advantages, which lays the foundation for the imminent information gap. The collection and the production of information are two different paths to enhance the information level of the regulator, which both entail their own risks and shortcomings. In the financial sector, collecting and processing information is particularly difficult, given its high level of complexity. Chapter 3 further elaborates on the main components of complexity and shows its relationship to the information deficit. Ultimately, Chapter 4 explores another key subject in the study, namely (financial) innovation and its interplay with regulation. Such exploration includes the discussion on differing definitions and classifications of financial innovation found in legal and economic literature, and the development of three key considerations for application during financial innovation assessment. Subsequently, the study will distinguish financial innovation from innovation in other areas and what are its main drivers. Finally, Chapter 4 will connect the theme of financial innovation to that of regulation by discussing their mutual implications and examine how both elements feed into the information deficit. The phenomenon of fintech will be at the heart of the second core part of this that consists of Chapters 5–8. Chapter 5 begins with a brief exploration of the term fintech and defines what fintech is supposed to encompass in this study. Next, the chapter assesses the main drivers of fintech. Here, the analysis follows the structure of the financial innovation analysis beforehand in Chapter 4, allowing the identification of similarities and differences between fintech and previous eras of financial innovation. That is followed by a sectoral analysis, capturing the major fintech trends in the sectors of (1) payments, clearing and settlement, (2) deposit, lending and capital raising, (3) investment management, and (4) market support and infrastructure services. This analysis is set against the background of the classic functions that intermediaries play in these sectors respectively. The fintech trends are supported by examples and data on their growth rates and dissemination. The differences of fintech to previous eras of financial innovation are explored in further depth in the succeeding part where the focus is set on two key features that distinguish fintech from previous financial innovation eras—namely fintech’s pace of innovation and the new diversity of players in the market. With regard to the latter, the study presents the main types of players that

1

INTRODUCTION

7

are now active in the market and their respective features and aspirations. Subsequently, the core of this part will be the structural analysis of fintech in Chapter 6 and the corresponding informational implications in Chapter 7. It leaves the micro-level of specific fintech applications and views fintech as a structural phenomenon, analysing how it affects the fundamental dynamics of the financial sector. It identifies and describes three key shifts, which are (1) decentralization, (2) automation, and (3) datafication. These shifts, while mainly a product of the high prevalence and interaction of the above-identified features of fintech, are a transformative process that takes place more slowly and less visibly. They are of utmost importance from a regulatory perspective. Chapter 7 closes the second part with discussing the regulatory implications stemming from the decentralization, automation, and datafication of the sector with a particular focus to their potential effects on the information deficit. The chapter further explores how ongoing shifts increasingly exert pressure on the existing system of financial regulation and the assumptions underlying it, ultimately preparing the ground for regulatory failure. The third and last core part embarks upon the quest for a regulatory solution. It argues that financial regulation needs to reform itself from a solely reactive role into a forward-looking, proactive exercise. Consequently, the traditional public-private divide needs to be reassessed. Chapter 8 hence advocates for a new regulatory approach that is based on a more cooperative model of the public-private relationship (or a form of a ‘Public-Private Partnership’ (PPP)) in the regulatory process with the primary objective to increase the level of information on the regulator’s side and better enable it to quickly and effectively act upon information. For this purpose, the chapter develops a number of principles that the new approach should be built on. The first three of those principles are highlevel principles with the primary goal of improving the information basis of the financial regulator. They are a response to the shifts in the sector and are to a certain extent mirroring them. The first of them, experimentation, constitutes the key principle as it is supposed to be the main driver of information production, hence increasing the information level on the side of the regulator. The second high-level principle is on the improvement in private actors’ participation per the regulatory process, thereby drawing dispersed information into the state apparatus. The third and last high-level principle is decentralization. On one level, it represents an acknowledgement of the resource constraints of the regulator, which is supposed to be resolved by cautiously tapping on the capacity

8

C. RUOF

of the private sector. At the same time, it advocates for a decentralized regulatory structure, enhancing access to local knowledge in the market. Having established the intellectual foundation of the new regulatory approach through these high-level principles, the chapter continues by outlining two practical requirements that are central to its success. These comprise flexibility for the regulator such that an increased use of principles as opposed to rules is highlighted and the incorporation of state-of-the-art technology in the regulatory process. Subsequently, Chapter 8 discusses potential challenges in the implementation of highlevel principles and practical requirements could bring—in particular new or amplified sources of regulatory failure—and suggest safeguards to mitigate such risk. Subsequently, Chapter 10 turns from theory to practice, analysing the key regulatory responses to fintech against the backdrop of the afore-developed principles. Thereby, how and to what extent these initiatives are likely to constitute a remedy for informational challenges brought by fintech is addressed. The initiatives subject to analysis in this chapter can be put in three categories, namely (1) innovation hubs, (2) fintech sandboxes, and (3) suptech. Chapter 10 concludes the book by integrating this information to present a new concrete regulatory proposal. It suggests a platform-based regulatory approach, on which industry participants, as well as the regulator, can engage in experimentation, while the regulator can observe activity in and outcome of these experimentations in real time. It consists of a redesign of the regulatory architecture and an extension of the regulatory toolkit, which are jointly supposed to significantly improve the information level of the regulatory as well as its ability to efficiently and timely act upon new information. The chapter concludes with necessary structural changes to financial regulation this approach would imply and remaining risks and challenges that need to be considered in its implementation.

CHAPTER 2

Foundations of Financial Regulation

This chapter introduces one of the core themes of this study: financial regulation. It not only explores each theme individually but also delves into the relationship between them. In order to explore the phenomenon of fintech, it also provides a basic introduction to the financial market and how financial regulation and financial innovation as two reciprocal forces interact in it. The introduction begins with a brief overview on the functions of the financial market and how private intermediaries interact within the market. It continues with a short description of the reasons for regulation in general, which is followed by a more comprehensive synopsis of the key components of financial regulation, including its traditional goals, strategies, and architecture and modes which embed it.

1 Financial Markets and Financial Intermediaries In this part, a brief overview on the functions of the financial market and how private intermediaries interact within the market is presented. This will ultimately aid in better understanding the emergence of fintech and allow the reader to contextualize specific fintech applications.

© The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 C. Ruof, Regulating Financial Innovation, EBI Studies in Banking and Capital Markets Law, https://doi.org/10.1007/978-3-031-32971-5_2

9

10

C. RUOF

Such an overview of the basic functions of the financial system provides the foundation for an understanding and assessment of the current developments in the financial sector. These basic functions that are described in this subsection have remained relatively stable in the past—even in light of revolutionary changes and ongoing innovation which let institutions, structures, and markets disappear.1 Whether this stability still holds in the face of fintech is discussed later in this study. The purpose of this present subsection is not to describe all elements, components, and players in detail, but rather to give a sufficient understanding of the financial system’s functions to allow for assessment on how these are performed by current fintech innovations. Intrinsically, the financial system’s core economic function rests in channelling funds from savers to borrowers. While savers have gathered a surplus by spending less than they have, borrowers have a shortage of funds and hence a demand for capital. Ideally, the borrowers and the savers enter into a mutually beneficial transaction, in which the surplus is given to the borrower in exchange for dividends or interest paid periodically or at the date of the redemption. In classic economic scholarship, the parties on both ends comprise households, firms, and governments.2 Households are commonly the principal savers lending money, whereas businesses and governments are usually in the position of the borrower. The significance of a functioning financial system for a vital real economy has been shown by a considerable number of studies connecting a well-functioning financial system to economic growth.3 The channelling of capital from savers to borrowers can happen in two ways: either (1) directly through the financial market (‘direct finance’) or (2) through an intermediary that connects savers with borrowers (‘indirect finance’).4 Figure 1 offers an illustration of the working of 1 Robert C Merton, ‘Financial Innovation and the Management and Regulation of Financial Institutions’ (1995) 19 Journal of Banking & Finance 461, 461ff. 2 See, e.g., Frederic S Mishkin, The Economics of Money, Banking, and Financial Markets (11th edition, Pearson 2016) 68ff. The significance given to the respective parties, however, often differs among commentators. 3 See for instance Asli Demirgüç-Kunt and Ross Levine, ‘Finance, Financial Sector Policies, and Long-Run Growth’ (World Bank Development Research Group 2008) Policy Research Working Paper 4469 with further references at 14ff. 4 Mishkin (n 2) 69. The same distinction is also used by Jakob de Haan, Dirk Schoenmaker and Peter Wierts, Financial Markets and Institutions: A European Perspective (4th edition, Cambridge University Press 2020) 6ff.

2

FOUNDATIONS OF FINANCIAL REGULATION

11

Fig. 1 Direct and indirect finance (Source Author [adapted from Mishkin (n 2) p. 16 Fig. 2.1])

the financial system and the flow of capital through direct and indirect finance. While fintech activity occurs predominantly in indirect finance, a short overview of direct finance is still necessary since activity in the one part of the system often drives repercussions in the other.5 1.1

Direct Finance

In direct finance, the market brings buyers and sellers of financial instruments (such as bonds or shares) together without an intermediary. After being sold by the issuer for the first time, the instruments can subsequently be traded in ‘secondary markets’.6 Like in other markets, 5 See, e.g., p. 138ff. 6 A secondary market is a financial market in which financial instruments that have

already been issued can be resold. They can be organized as exchanges or over-the-counter (OTC) markets.

12

C. RUOF

established prices ensure that demand equates with available supply. The price that a saver is willing to pay for a financial instrument depends on expectations of its future returns. Returns comprise of two elements: future interest or dividend payments and capital appreciation on instrument value.7 The availability of information on future returns is thus critical for determining the instrument’s price. Only when all relevant information is incorporated in the price can the financial market achieve full efficiency. According to the Efficient Capital Market Hypothesis (ECMH), first introduced by the economist Eugene Fama,8 three types of information are potentially relevant to the setting of the price. These comprise the information reflected by historic prices (past performance), all information available for the public, e.g. from reports or market disclosures, and last, all kinds of information including information specific to ‘insiders’.9 ,10 Since Fama’s first paper was published, there has been extensive writing on the various aspects of ECMH. Despite several criticisms, not at least in the aftermath of the 2007/2008 financial crisis,11 the ECMH remains the default view of financial economics12 and continues 7 John Armour and others, Principles of Financial Regulation (First edition, Oxford University Press 2016) 111f. 8 See Eugene F Fama, ‘The Behavior of Stock-Market Prices’ (1965) 38 The Journal of Business 34 or Burton G Malkiel and Eugene F Fama, ‘Efficient Capital Markets: A Review of Theory and Empirical Work’ (1970) 25 The Journal of Finance 383. For a later discussion, see, e.g., Burton G Malkiel, ‘The Efficient Market Hypothesis and Its Critics’ (2003) 17 Journal of Economic Perspectives 59. 9 Insiders are those investors that have access to certain information, before it becomes public. Those can be in especially people working for or being affiliated with the borrower. 10 The ECMH exists in three forms, in each of which different types of information are said to be incorporated in the price of a financial instrument: in its ‘weak’ form, only past movements are incorporated, according to the ‘semi-strong’ form all public information, and in its ‘strong’ form, all kinds of information are reflected in the price. For the ground-laying article Malkiel and Fama (n 8). 11 See for instance Ray Ball, ‘The Global Financial Crisis and the Efficient Market Hypothesis: What Have We Learned?’ (2009) 21 Journal of Applied Corporate Finance 8 or for a more general criticism, see Robert J Shiller, Finance and the Good Society (Princeton University Press 2013). On a different viewpoint, see, e.g., Ronald J Gilson and Reinier Kraakman, ‘Market Efficiency After the Financial Crisis: It’s Still a Matter of Information Costs’ (2014) 100 Virginia Law Review 313. 12 See a.o. Niamh Moloney and others, ‘The Evolution of Theory and Method in Law and Finance’ in Niamh Moloney, Eilís Ferran and Jennifer Payne (eds), The Oxford Handbook of Financial Regulation (Oxford University Press 2015) 14 or Mishkin (n 2) 195ff.

2

FOUNDATIONS OF FINANCIAL REGULATION

13

to display the predominant understanding of how the financial market works. However, in instances when the market alone cannot achieve an optimal outcome, intermediaries are introduced. 1.2

Indirect Finance

Indirect finance involves intermediaries that stand between the borrower and the saver during the transfer of funds (financial intermediation). The intermediary traditionally acts by borrowing funds from savers which are used to make loans to the borrower. The role of intermediation is to provide a financial system with functions which are not (sufficiently) performed by the financial market.13 Foremost, financial intermediaries provide a payment system through which secure transactions across the entire economy can take place.14 Second, executing borrowing, or lending on its own involves high transaction costs. Such transaction costs include, for instance, the time spent finding a fitting borrower/saver and the time and money spent on negotiating an agreement. Financial intermediaries can substantially reduce these transaction costs because they have developed expertise and can take advantage of economies of scale and scope. Another reason for the existence of financial intermediaries in financial markets is due to the common situation where one party has more information than the other. Such information asymmetry can create adverse selection15 exante and a moral hazard problem16 ex-post. Financial intermediaries can meaningfully reduce those costs and thereby improve resource allocation. Another service provided by financial intermediaries is facilitating trading, diversification, and management of risk. In such a role, arguably, the intermediary no longer acts solely as an ‘agent’ anymore to alleviate

13 That is, because of prohibitively high transaction costs, individuals are not able to perform these tasks on their own. 14 See, e.g., Mishkin (n 2) 79ff. or Haan, Schoenmaker and Wierts (n 4) 3ff. 15 See George A Akerlof, ‘The Market for “Lemons”: Quality Uncertainty and the

Market Mechanism’ (1970) 84 The Quarterly Journal of Economics 488. 16 For example, Mark V Pauly, ‘The Economics of Moral Hazard: Comment’ (1968) 58 The American Economic Review 351 or Bengt Holmstrom, ‘Moral Hazard and Observability’ (1979) 10 The Bell Journal of Economics 74.

14

C. RUOF

market imperfections,17 but also acts as an independent market participant that creates financial products and adds value for the client—for instance—the transformation and management of risk.18 Some of the most important categories of risk include market risk, credit risk, liquidity risk, and operational risk. Risk management and measurement is another key function of financial intermediaries. Pooling investments provide the possibility for small(er) investors to diversify their investments and thereby make them less exposed to certain individual risks. The size of financial intermediaries not least often allows for use of sophisticated risk measurement methods and technologies that would be unaffordable to the individual investor. Liquidity is inter alia facilitated by way of maturity transformation, that is, by financial intermediaries transforming long-term investments into liquid, short-term assets.19 In performing these functions, intermediaries can be broadly put into three categories: depository institutions (banks), investment intermediaries, and contractual savings institutions. First and foremost, the bank acts as an intermediary between savers and borrowers.20 In doing so, banks conduct maturity transformation but also perform a risk management function and reduce transaction costs resulting from selecting and monitoring. They also diversify investments across a large number of borrowers in order to manage uncertainties and reduce risks. Importantly, banks also provide payment services that allow people and businesses to transact with each other—the plumbing of our financial system. Investment intermediaries encompass primarily all kinds of funds, such as mutual funds, money market funds, or hedge funds. They invest the capital of (mostly retail) investors in publicly traded securities. Investing through an investment intermediary has three main benefits for the investor: They let them benefit from diversification, they

17 In the view of the traditional theory of financial intermediation, this was the central role of financial intermediaries. See for instance Franklin Allen and Anthony M Santomero, ‘The Theory of Financial Intermediation’ (1997) 21 Journal of Banking & Finance 1461 with a comprehensive overview of the literature on intermediation theory. 18 See, e.g., Bert Scholtens and Dick van Wensveen, ‘A Critique on the Theory of Financial Intermediation’ (2000) 24 Journal of Banking & Finance 1243. 19 Armour and others (n 7) 277f. 20 Armour and others (n 7) 28ff. or Gary Gorton and Andrew Winton, ‘Financial

Intermediation’, Handbook of the Economics of Finance, vol 1 (Elsevier 2003).

2

FOUNDATIONS OF FINANCIAL REGULATION

15

choose the investment based on superior expertise, and they can execute investments at lower costs.21 Last, contractual savings institutions (e.g. insurance companies or pension funds) are intermediaries that acquire funds at periodic intervals on a contractual basis and thereby also perform asset management functions.22 Since they can predict their payment duties with relatively high accuracy, they are not so much constrained by liquidity issues in their investment activity. As a consequence, they tend to invest primarily in long-term assets, such as corporate bonds or mortgages. In reality, the degree to which the function of the financial is performed via direct or indirect finance differs among jurisdictions. Globally, the USA and UK are considered to be the classic market-based economies, with companies relying primarily on the stock and bond market for financing their investments.23 In the EU24 and several important growth markets, much less capital is channelled through the stock market with correspondingly more being intermediated by banks.25 The causes for these differences are manifold and include historical differences, development of regulation, or differences in how pension provisions for retirees are structured.26 Notably, over time, the financial sector and its structure underwent numerous changes. For example, the traditional model in which banks hold loans until they are repaid was increasingly replaced by the ‘originate and distribute’ model due to securitization.27 This was also one of the reasons that led to

21 Armour and others (n 7) 36f. 22 Mishkin (n 2) 86. 23 Ross Levine, ‘Bank-Based or Market-Based Financial Systems: Which Is Better?’ (2002) 11 Journal of Financial Intermediation 398, 399 with further references. 24 With respect to differences among EU Member States, Bijlsma and Zwart conducted a comprehensive study concluding that significant differences exist among the EU Member States. Among others, the Netherlands, UK, Belgium and France were categorized as market-based countries, while, for example, Germany, Austria, Denmark, Italy and Spain fall into the category of bank-based countries. 25 On the classification, see, e.g., Julien Allard and Rodolphe Blavy, ‘Market Phoenixes and Banking Ducks Are Recoveries Faster in Market-Based Financial Systems?’ (IMF 2011) 8ff. 26 Comprehensively, ibid. 27 Haan, Schoenmaker and Wierts (n 4) 31f.

16

C. RUOF

the emergence of the shadow banking system.28 In addition, the boundaries between direct and indirect finance have been blurred: Financial intermediaries such as banks have become more reliant on the financial market. Banks raise funds from the money market where they lend and borrow from each other and from bond markets in which banks step in the position of the borrower and raise funds from investors.29 What changes fintech brings to this system will be a core question of this book.

2

Regulation of Financial Markets

Having outlined and formed the basics of the financial system—the object of the analysis of this study—here, we turn to the subject of the study, regulation. First, this section will abstractly define regulation and describe its raison d’être primarily from a political economy perspective. Subsequently, the section introduces the topic of financial regulation and provides an outline of its traditional goals, strategies, and architecture and modes which embed it. This will establish the conceptual framework for the analysis in Chapter 5. 2.1

The Concept of Regulation

The previous part has sketched the function of the financial system, which broadly can be described as a supporting one to the real economy. In this context, private institutions intermediate and thereby improve as well as enable the financial system in performing its function. In this picture, however, the state so far has been left out. In the traditional public-private divide, whereas it is mostly the role of the market to produce economic growth and wealth, the state’s function on the other hand is broadly to set the rules for the market and prevent and correct undesirable outcomes. For this purpose, the state introduces regulation. This part will further discuss the concept of regulation in a general context, defining the term, 28 The definition of shadow banking is a subject of ongoing debate. However, at its core, it can be described as an intermediation regime that resides in the capital markets and serves many of the economic functions traditionally fulfilled by banks. See Kathryn Judge, ‘Information Gaps and Shadow Banking’ (2017) 103 Virginia Law Review 411, 414 with further references. 29 Armour and others (n 7) 47f. and Allen and Santomero (n 17) 1474.

2

FOUNDATIONS OF FINANCIAL REGULATION

17

explaining its common justification, and ultimately showing the significance of information for the outcome and success of regulation. The latter will introduce the core problem that this study is dedicated to and lay the ground for the analytical framework that will be presented in Chapter 3. 2.1.1 What Is Regulation? First and foremost: What is regulation? The Oxford English Dictionary defines regulation as ‘a rule or directive made and maintained by an authority’. Through this definition, regulation is nothing more than a subspecies of law. However, other definitions make out law as the subspecies of regulation, encompassing also other means of exercising the state power on actors beyond the law.30 However, these definitions all lack a central element, the exercise of influence on someone’s behaviour.31 Hence, the OECD definition of regulation is used throughout this study. It defines that regulation ‘[…] involves the establishment of rules or principles and associated mechanisms and systems that: (i) seek, through various means of influence, to affect or control the behaviour and actions of entities and individuals, with the overall objective of achieving desired outcomes; or (ii) directly specify rights or outcomes for entities and individuals.’32 But what makes such influence necessary? The attempt to steer someone’s behaviour in a certain direction (not least with the use of force or coercion) necessarily displays an infringement of this person’s freedom, triggering the need for a justification. In the following text, I will review the key economic theories on regulation and their justification. These theories continue to re-emerge in subsequent chapters when relevant.

30 For a comparable approach to the term, see Cristie Ford, Innovation and the State: Finance, Regulation, and Justice (Cambridge University Press 2017) 10 with further references. 31 Against that background, the definition used by Julia Black appears to be more useful, describing it as ‘the intentional activity of attempting to control, order or influence the behaviour of others.’ See Julia Black, ‘Critical Reflections on Regulation’ (2002) 27 Australian Journal of Legal Philosophy 1, 25. 32 OECD, ‘Policy Framework for Effective and Efficient Financial Regulation: General Guidance and High-Level Checklist’ (2010) 2009 OECD Journal: Financial Market Trends 267, 292.

18

C. RUOF

According to the classic theory of regulation, i.e. the public interest theory, regulation seeks to protect and benefit the society at large.33 It is based on two assumptions: ‘unhindered markets often fail because of the problems of monopoly or externality’ and ‘governments are benign and capable of correcting these market failures’ with regulation.34 Put differently, whenever the market does not deliver an optimal outcome, the government should step in and—by means of regulation—correct the error and achieve the desirable outcome. The public interest theory has become the cornerstone of modern economics and prevailed until the 1960s when the Chicago School of Law and Economics35 launched its attack on it. Members of that school of thought criticized the theory in three intellectual steps36 : They argue that, first, markets and private orderings can remedy most market failures without government intervention. Second, in the few instances where markets might not work perfectly, private litigation can confront conflicts between market participants. And ultimately, they argue that even if markets cannot solve all problems perfectly, government regulators are incompetent, captured, and corrupt and therefore of no help.37 The Chicago critique provided a new perspective on the role of the government, shifting the public-private divide more in favour of the private sector. Over the following years, the influence of the Chicago school grew and grasped a significant impact on public policy in the 1970s and 1980s.38 33 The origins of the public interest theory are mostly attributed to the works of Pigou. See in particular Arthur C Pigou, The Economics of Welfare (Fourth edition, reprinted, Palgrave Macmillan 2013), originally published in 1920. 34 See Andrei Shleifer, ‘Understanding Regulation’ (2005) 11 European Financial Management 439, 440. 35 Among the most prominent scholars of that school were, e.g. Coase (see esp. RH Coase, ‘The Problem of Social Cost’ (1960) 3 The Journal of Law and Economics (1), Stigler (e.g. George J Stigler, ‘The Theory of Economic Regulation’ (1971) 2 The Bell Journal of Economics and Management Science (3), and Posner (e.g. Richard A Posner, ‘Theories of Economic Regulation’ (1974) 5 The Bell Journal of Economics and Management Science 335). 36 See also Shleifer ‘Understanding Regulation’ (n 34) 440. 37 This claim was mainly supported with instances of (pervasive) regulatory failure. On

examples of regulatory failure, see below at p. 63ff. 38 Andrei Shleifer, ‘The Age of Milton Friedman’ (2009) 47 Journal of Economic Literature 123.

2

FOUNDATIONS OF FINANCIAL REGULATION

19

Yet, the Chicago school itself was also criticized. Among the most prominent critiques, Andrei Shleifer expressed significant concerns confronting its two latter assumptions. First, Shleifer noted that placing excessive confidence on private orderings neglects the possibility of private enforcement degenerating into anarchy, leveraged by those in stronger social positions. Second, Shleifer thought that the Chicago School and its followers have given too much leeway to courts, avoiding the possibility that courts might act in a biased, inconsistent, and uniformed manner. Moreover, he argued that at the empirical level, the Chicago school failed to account for a richer, benign, and regulated modern society.39 Consequently, more recent concepts stepped away from a black and white view of regulation and considered it more as a trade-off between the costs of (often imperfect) government intervention and the costs of disorder, i.e. private expropriation.40 Newer concepts thus view regulation as a spectrum with deregulation on the one end and government control on the other.41 Both extremes of this spectrum, complete deregulation, i.e. a state of disorder, and full government control, i.e. a dictatorship, involve social costs. In the state of disorder, private agents harm other (by stealing, overcharging, cheating, imposing external costs, etc.). In a dictatorship on the other hand, the government would impose such costs on private agents. While there are certainly numerous other stages along the spectrum, the point of this concept is to illustrate the trade-off between social losses from disorder and government intervention. In principle, social costs associated with government intervention can be avoided wherever good conduct is delivered through market discipline. However, whenever market discipline is weak at handling disorder, a case can be made for (some form of) government intervention. If no form of government intervention is able to control the disorder, the ultima ratio measure is government ownership. The latter is for instance often argued

39 See Shleifer ‘Understanding Regulation’ (n 34) 441. 40 For example, Simeon Djankov and others, ‘The New Comparative Economics’

(2003) 31 Journal of Comparative Economics 595. 41 Shleifer, ‘Understanding Regulation’ (n 38) 443f.

20

C. RUOF

to be the case with prisons, as risks of mistreatment could otherwise be too high.42 In reality, of course, the great majority of cases are located somewhere closer to the centre of the spectrum, combining elements of free market with some form of government intervention. Distinct from the question of the necessity of regulation are the requirements for governments to effectively regulate. According to Hood et al., regulation requires three fundamental pillars: First, the government needs some capacity for information-gathering or monitoring to produce knowledge about the system. Second, there must be some power to set standards to differentiate between preferred and less preferred states of the system. Finally, the government needs to be able to modify the behaviour of agents in order to change the state of the system.43 In other words, good regulation first requires effective gathering and processing of information and in a subsequent step requires power, strategies, and tools to efficiently translate into a desirable regulatory outcome. The requirement of standard-setting, being probably the most discussed one among Hood et al.’s requirements, covers different ways and approaches in which standards are set (e.g. detailed, ‘bright-line’, static, dynamic, or in the form of rules and principles). Behaviour modification on the other hand deals with the implementation of these standards, which can also be achieved through various strategies, such as fines, license revocations, but also public pressure or market forces. The first requirement though, information gathering and the production of knowledge, which is often neglected in writings about regulation, will be the focus of this study. 2.1.2 Information in Regulation Information is the foundation and lifeblood of (good) regulation. It is crucial for determining if, when, and how to make a regulatory intervention, and thereby making regulation the application of information

42 See Oliver Hart, Andrei Shleifer and Robert W Vishny, ‘The Proper Scope of Government: Theory and an Application to Prisons’ (1997) 112 The Quarterly Journal of Economics 1127. 43 See Christopher Hood, Henry Rothstein and Robert Baldwin, The Government of Risk: Understanding Risk Regulation Regimes (Oxford University Press 2001) 23ff.

2

FOUNDATIONS OF FINANCIAL REGULATION

21

for the public good.44 Without having sufficient knowledge about the phenomenon that is to be regulated, for example its social and economic effects, no effective standards can be set. Standards built on insufficient knowledge are often costly for targeted companies and can lead to suboptimal outcomes, the correction of which can imply additional costs. Opposite to having incomplete information, if regulators possessed all the relevant knowledge on the object of regulation as well as the means to influence industry behaviour, the remaining task of regulating would merely be more than an exercise of logic. As anticipated however, reality is far more complicated. The real-life complexity derives from decentralized nature of information—an idea that is above all attributable to Hayek.45 According to him, knowledge never exists in concentrated or integrated form, but rather as incomplete and often contradictory bits dispersed among countless individuals.46 In the Hayekian philosophy, so to speak, the planner (here the regulator) will consequently have to base his planning (i.e. to regulate) on knowledge which, in the first place, is not in his possession but rather distributed among numerous and often unknown individuals. Further complicating the situation, the dispersed knowledge is of tacit nature and therefore cannot be effectively aggregated.47 From this, Hayek and his followers conclude that regulators cannot know enough to do anything beyond further worsening the situation.48 They suffer from an inevitable lack of information, which is the cause for the multiple failures of plans and the omnipresence of adverse side effects of numerous regulations. Consequently, the best the state could do is to maximize individual freedom. For several reasons—that will be further discussed below—this, however, does not work for the financial sector. Instead, ways have to be found

44 See Mark Fenwick, Wulf A. Kaal and Erik PM Vermeulen, ‘Regulation Tomorrow: What Happens When Technology Is Faster Than the Law?’ (2017) 6 American University Business Law Review 561, 571. 45 Friedrich A Hayek, ‘The Use of Knowledge in Society’ (1945) 35 The American Economic Review 519. 46 Ibid. 519. 47 This dilemma is often by followers of Hayek referred to as the ‘knowledge problem’.

See, e.g., Daniel B Klein, Knowledge and Coordination: A Liberal Interpretation (Oxford University Press 2013). 48 Ford, Innovation and the State (n 30) 130, also setting this school of thought in context to other ones.

22

C. RUOF

to aggregate and make use of the dispersed information.49 While the information problem presumably cannot be fully eliminated, the aim should be to reduce it as much as possible.50 This involves the search for a mechanism of conveying the dispersed knowledge to the planner in order to put him in the position to produce sound regulation. In performing that task, the regulator51 first needs to identify the relevant actors possessing the knowledge and the relevant knowledge (e.g. scientific or ‘unorganized’ knowledge52 ) for a given context and avoid other irrelevant information. Next, the regulator needs to ascertain the best way to gather that information. Once the information is gathered, it must be efficiently processed by the regulator. Having (1) identified, (2) gathered, and processed the information, the regulator is in the position to introduce effective and sound regulation that furthers its goals, constituting the last step of the regulatory process. Therein, the regulator needs to translate the collected, gathered, and processed information into welldesigned regulation53 or, in other words, act upon the information.54 This cycle can be designed in numerous ways, for instance in an iterative regulatory style, by collaborating with the relevant actors, or in a one-way top-down approach.55 2.2

Regulation in the Financial Sector

Here, this chapter begins reviewing reasons and justifications for regulation specific to the financial sector. It presents examples of traditional market failures in the financial sector that make a case for government intervention. Continuing with the common objectives of financial regulation, I will show how those regulatory objectives relate to those identified 49 This will be one of the key subjects of Chapters 8 and 10 of this book. 50 Cass R Sunstein, ‘Cost-Benefit Analysis and the Knowledge Problem’ [2014] SSRN

Electronic Journal

http://www.ssrn.com/abstract=2508965 6f.

51 The term ‘regulator’ as used here refers to regulatory agencies, i.e. administrative

offices with primary responsibility for the design, promulgation, and enforcement of regulation (similarly Eric J Pan, ‘Understanding Financial Regulation’ (2011) 4 Utah Law Journal 1897, 1909). 52 Hayek (n 45) 521. 53 This can here also mean interpretation of current regulation. 54 These steps form a central part of the framework for the analysis in this book. 55 Those mechanisms will be discussed in greater detail in Chapter 8.

2

FOUNDATIONS OF FINANCIAL REGULATION

23

market failures and are intended to prevent them. Subsequently, I will give an overview of the common strategies pursued by regulators to meet their regulatory objectives, followed by an outline of prevalent architecture and styles of financial regulation. 2.2.1 Reasons for Regulation of the Financial Sector Before diving into the topic of financial regulation, it should first be clarified what the term encompasses. Throughout this study, I will use a broad understanding of financial regulation, which generally comprises both, the process of rulemaking as well as the supervision and enforcement of rules,56 since these functions often cannot clearly be distinguished.57 When in some contexts only a specific element, such as supervision or the process of rulemaking, is referred to, the more specific terminology will be used. The most abstract purpose of financial regulation is to make markets function better than they would in the absence of it. The standard measure for the functioning of a market used by economists is efficiency. Efficiency is achieved when capital is allocated to where it is valued the most.58 As aforementioned, in the basic public-private division of powers, the control over the substantive decision on the allocation of capital in the market (and the means thereto) lies with private actors.59 In certain cases however, the (free) market is not able to yield such outcomes. Such inability is described as a ‘market failure’ and forms the basis for government intervention.60 Hence, whenever the market fails to achieve

56 Similarly, Donald C Langevoort, ‘Structuring Securities Regulation in the European Union: Lessons from the U.S. Experience’ in Guido Ferrarini and Eddy Wymeersch (eds), Investor Protection in Europe (Oxford University Press 2006) 488; Pan (n 51) 1901. For a distinction between these terms, see, e.g., Eddie Wymeersch, ‘The Future of Financial Regulation and Supervision in Europe’ (2005) 42 Common Market Law Review 987. 57 This is for instance the case with principles-based regulation, where the regulator is given broad(er) discretion in ‘enforcing’ them. Here, the process of applying and monitoring the principle itself substantially contains elements of rule-creation. Principlesbased regulation will be further discussed in Chapter 8, Sect. 2. 58 Armour and others (n 7) 53. 59 For a critical discussion of this paradigm, see Robert C Hockett and Saule T

Omarova, ‘The Finance Franchise’ (2017) 102 Cornell Law Review 1143. 60 Armour and others (n 7) 51f.

24

C. RUOF

an efficient outcome—following the traditional public interest theory61 — there is a case for the government to correct that failure, ideally without affecting the core intermediation and resource allocation function of the financial sector.62 Besides, the role of financial regulation is also to provide ‘public goods’, which is compared to the corrective function more protective or paternalistic in nature.63 Nonetheless, as regulation is costly,64 the intervention should ultimately only be made if the benefits would presumably be greater than the costs of remedying the deficiency.65 Thus, financial regulation is not only identifying the need for government intervention,66 but also identifying the (most) suitable and appropriate remedy which then needs to be translated into a rule or standard67 influencing the behaviour68 of the agent in the desired way. The nature of the complexity of such a task is evident by the fact that the financial sector belongs to the most heavily regulated industries in the overall economy.69 This is not alleviated by the reach of financial regulation to diverse interests, from an individual, political, or economic level, or as part of the functioning of the economic system. In such a financial sector, traditionally, economic theory identifies three main types of market failures: These are (1) negative externalities, (2) information asymmetries, and (3) competitive distortions/market power.70

61 See above at p. 29ff. 62 Mads Tønnesson Andenæs and Iris HY Chiu, The Foundations and Future of

Financial Regulation: Governance for Responsibility (Routledge 2014) 5. 63 Andenæs and Chiu (n 62) 4. 64 Costs arise especially in the process of designing the regulation, as well as in the

form of compliance costs for the regulated actors. 65 Armour and others (n 7) 52. 66 The process of identification can broadly be associated with that of information-

gathering in the dialectic of Hood, Rothstein and Baldwin (n 43). 67 This would relate to the process of standard setting described above at 26f. 68 Referring to the category of behaviour modification (see p. 26f.). 69 Richard Scott Carnell, Jonathan R Macey and Geoffrey P Miller, The Law of Financial Institutions (Fifth edition, Wolters Kluwer Law & Business 2013) 53. 70 See Haan, Schoenmaker and Wierts (n 4) 380f. or BIS Joint Forum, ‘Review of the Differentiated Nature and Scope of Financial Regulation—Key Issues and Recommendations’ (January 2010) 85.

2

FOUNDATIONS OF FINANCIAL REGULATION

25

(1) Negative externalities arise when an institution takes actions that impose costs on other parties for which that person is not (fully) charged. In the financial sector, systemic risk is a classic example of a negative externality and arguably the most important one.71 In particular, financial institutions do not take into account the negative effects of their failure on other institutions or the economy as a whole, because they lack the incentive to do so.72 For instance, due to the interconnection of financial institutions and markets, the bankruptcy of one institution can lead to the failure of a sound institution.73 Furthermore, the failure of financial institutions can jeopardize the payment system, negatively affecting the real economy by making transactions impossible or difficult to process.74 This essential role of the payment system for instance constitutes one of the main for the heavy regulation of banks providing this infrastructure.75 There are numerous other instances, in which negative externalities can occur which are not presented at this stage.76 These externalities if not addressed share a common capacity to cause the market to fail and result in financial and economic crises. (2) Information asymmetries arise because customers are generally less informed than financial institutions they interact with. This is to be distinguished from the information asymmetry that financial intermediaries are supposed to reduce (in particular in the relationship of borrower and lender). Asymmetric information with financial intermediaries can occur for the following reasons77 : First, due to resource constraints, customers are not able to properly assess the safety and soundness of a financial institution. Also, consumers are much less informed about financial products on the market,

71 For a useful discussion of the term of systemic risk, including different definitions of systemic risk, see Steven L Schwarcz, ‘Systemic Risk’ (2008) 97 Georgetown Law Journal 193, 196ff. 72 Ibid. 204. 73 Haan, Schoenmaker and Wierts (n 4) 380. 74 See Armour and others (n 7) 57. 75 Armour and others (n 7) 282f. 76 For a more comprehensive enumeration, see, e.g., BIS Joint Forum (n 74) 86. 77 See Haan, Schoenmaker and Wierts (n 4) 380f. and Armour and others (n 7) 55.

26

C. RUOF

which they then buy from intermediaries, making them vulnerable to miss-selling. Because financial products and services are credence goods,78 they are particularly prone to information asymmetries. This information asymmetry can lead to adverse selection ex-ante (i.e. riskier financial institutions being the ones appealing the most to customers) and moral hazard ex-post (i.e. financial institutions increasing the risk of their activities after having contracted customers), both potential sources of market failure.79 Therefore, the second justification for government intervention in the financial market is the need to reduce information asymmetries between market participants. This in turn also reduces systemic risk and enhances market efficiency, as more information symmetry fosters investors’ confidence, and thus reduces the probability of informational contagion and increases participation in the financial market.80 (3) Distortions in competition: Competitive markets rely on the existence of a large number of small companies, easy flow of firms in and out of the market, and well-informed decisions by the consumer and the capacity of the consumer to easily switch between suppliers of products and services.81 If these conditions are not met, the market cannot unfold its (full) efficiency properties. In an imperfect market (e.g. a monopoly or an oligopoly), firms can charge prices above the level that would prevail under (perfect) competition and exercise market power pushing competitors out and further entrench their market position. In such an instance, the market might reach a dramatic standstill making the case for the government involvement to ensure the conditions for effective and fair competition in the market are met.

78 As opposed to ‘search goods’ or ‘experience goods’, the quality of ‘credence goods’ cannot unequivocally be assessed. For more information, see Armour and others (n 7) 56f. 79 For a comprehensive overview of literature on (the effect of) information asymmetries in the financial sector, see, e.g., Sudipto Bhattacharya and Anjan V Thakor, ‘Contemporary Banking Theory’ (1993) 3 Journal of Financial Intermediation 2 or; Eric Van Damme, ‘Banking: A Survey of Recent Microeconomic Theory’ (1994) 10 Oxford Review of Economic Policy 14. 80 Reducing in systemic risk is also mentioned by BIS The Joint Forum, ‘Review of the Differentiated Nature and Scope of Financial Regulation (January 2010), p. 88. 81 Armour and others (n 7) 60.

2

FOUNDATIONS OF FINANCIAL REGULATION

27

In addition to the above-listed classic failures, certain other imperfections in the financial market can also lead to market failure.82 First, there are certain services financial intermediaries provide that everyone benefits from, even if not having paid for or contributed to it (public goods). Examples include the provision of liquidity, the payments system which allows parties to undertake transactions, and importantly, financial stability. The economic problem with public goods that may lead to a market failure is that people can enjoy them without paying (‘freeriding’), which leads to a shortage of funding for the good and ultimately to the under-provision of that good.83 This is where the role of regulators emerges, ensuring the provision of that public good, for which there are different ways.84 Second, over the last decades, several imperfections have been identified which can be associated with the field of behavioural economics or behavioural finance. While traditionally (and also so far in this study) it has been assumed that parties act in relation to the information that is available to them, several studies have shown that investors partly do not respond in the same manner.85 Despite owning accurate information, their beliefs about the service/product may be distorted for reasons including herd mentality, loss aversion, rules of thumb, or cognitive limitations. Irrational beliefs are not just able to harm the individual holding that belief but can also lead to a broader misallocation of resources which poses major challenges for financial regulation. Evidence on systemic irrationality which is not removed by arbitrage and which potentially causing inefficient pricing and allocation of resources has also increasingly put the ECMH into question.86 These irrationalities (and weaknesses of the 82 Ibid. 55ff. 83 Ibid. 59. 84 For example Paul A Samuelson, ‘The Pure Theory of Public Expenditure’ (1954) 36 The Review of Economics and Statistics 387. 85 Most prominently, Thomas Gilovich, Dale Griffin and Daniel Kahneman (eds), Heuristics and Biases: The Psychology of Intuitive Judgment (1st edition, Cambridge University Press 2002); Daniel Kahneman, Thinking, Fast and Slow (1st edition, Farrar, Straus and Giroux 2011); or Cass R Sunstein, ‘Empirically Informed Regulation’ 78 University of Chicago Law Review 1349. 86 Generally and including a critique on the ECMH see Andrei Shleifer, Inefficient Markets: An Introduction to Behavioral Finance (Repr, Oxford University Press 2009); For one of the earliest contributions, see Fischer Black, ‘Noise’ (1986) 41 The Journal of Finance 528.

28

C. RUOF

ECMH) have not least been exposed in the dotcom collapse and the GFC where irrational behaviour took centre-stage.87 In sum, financial markets are (particularly) prone to fail and therefore do not produce desirable outcomes without any government intervention. Because of this, Hayek’s views on information cannot be directly applied to financial regulation.88 Without intervention, markets do fail, as shown by several historic events. Furthermore, the implications of such failures are vast. This is especially true with a growing financial sector, where the repercussions to the real economy grow each crisis, rendering the costs of failure massive. For this reason, well-informed and soundly designed financial regulation is of the utmost importance. 2.2.2 Goals and Objectives of Financial Regulation Previously, having outlined the deficits of the market that prompt the necessity for their regulation, this coming section will describe what regulation seeks to achieve, how these goals relate to the market failures described above, and ultimately how they interact with each other. As stated above, the foremost purpose of financial regulation is to improve the functioning of the financial system, primarily through the rectification of market failures. This broader purpose translates into a number of regulatory objectives, which are subject to change over time as well as jurisdictions. A recent change, for example, happened after the crisis, where an increasing focus was put on protecting the taxpayers from having to cover the banks’ losses. Also in the academic literature, leading authors set out regulatory objectives in different ways, with different emphases.89 In the following text, however, I will give an overview of the three core objectives, which can substantially be found in most textbooks, policy recommendations, or else.90 These are (1) investor 87 FSA, ‘The Turner Review: A Regulatory Response to the Global Banking Crisis’ (March 2009); on the case of the dotcom bubble, e.g. Robert J Shiller, Irrational Exuberance (3rd edition, Princeton University Press 2016). 88 Notably, this is a simplified account of Hayek, as also he was in favour for some regulation in some contexts, such as competition policy. 89 The differences in objectives of financial regulation often reflect different narratives of financial regulation. For an overview, see, e.g., Andenæs and Chiu (n 62) 16. 90 Certainly, there are a number of other important objectives for financial regulation, such as the prevention of financial crime or pursuing distributional ends, which at this point, however, do not have to be dealt with. Here, of importance is the provision of an overview on which the later, more detailed analysis can be built.

2

FOUNDATIONS OF FINANCIAL REGULATION

29

protection; (2) financial stability; and (3) promotion of systemic efficiency and competition.91 (1) The protection of investors92 refers to interventions by public regulation to correct certain market failures, especially information asymmetry and agency problems. Information asymmetries, for example, arise in the context of the issuance of securities.93 Without enough information, the (potential) investor would be unable to properly assess the risk that he is taking, ultimately leading up to an adverse selection problem. Another case of information asymmetry can arise where a financial firm makes investment choices for a client. Here, the client might be badly informed about the actions the firm is making with their money. Importantly, this type of information asymmetry gives rise to agency costs, i.e. losses associated with hidden actions of the firm.94 Agency costs generally arise with financial intermediaries against which clients have financial claims. Intermediaries commonly provide a wide range of services, such as depository service, investment execution, advice, and portfolio management. Hence, they are in a principalagent relationship vis-a-vis their clients. Here, regulation seeks to control for that agency problem and protect those who rely on the intermediary by preventing abuse of its superior knowledge and the trust that clients put in it.95 Secondly, there is a role for regulation to protect consumers not only in regard to information asymmetry but also from the exploitation of their biases.96 In the end, the

91 Comparable objectives are for instance be identified by Armour and others (n 7) 61ff or OECD (n 32) 17. 92 The term ‘investors’ is used in a broad sense to encompass all kinds parties contracting with financial institutions, i.e. customers, borrowers, policyholders, investors, and other users of the financial system. 93 Armour and others (n 7) 62. 94 On the problem of agency costs, see, e.g., Michael C Jensen and William H Meck-

ling, ‘Theory of the Firm: Managerial Behavior, Agency Costs and Ownership Structure’ (1976) 3 Journal of Financial Economics 305. 95 Andenæs and Chiu (n 62) 25f. 96 See also Armour and others (n 7) 64 In this sense, the term ‘consumers’ encompasses

more individuals acting in their personal capacity, therefore the retail market, and rather

30

C. RUOF

protection of those parties is not only the correction of market failures, but also defending the confidence in those intermediaries, or more generally in the financial system as a whole—a precondition for its functioning.97 (2) Ensuring financial (and systemic) stability is mainly concerned with the reduction of systemic risk and the protection of the economy as a whole from spill-over effects of the financial sector. Such stability is reached by making the financial system resilient to external shocks and systemic breakdowns. Systemic risk is mostly imposed by an initial shock to one or several financial institutions that transmit to other firms, resulting in an amplification of the initial shock, which can ultimately spiral down to the real economy.98 The mechanism by which the initial shock can be transmitted may be contagion, similar asset exposure, investment strategies, or else. Financial stability as a public good is inherently underprovided and therefore has to be supplied by the regulator.99 The objective of financial stability gained greater attention in the recent decade, as the GFC not only shook up the financial world but also induced an array of changes in its regulation. One shift in financial regulation that could be witnessed was in the priority of financial regulators from investor protection to financial stability, affecting both, regulation and supervision.100 That is, prior to the crisis, there was the widespread belief that addressing the risk of individual failure of a

excludes sophisticated investors. For more information on consumer finance generally and the problems associated therewith, see ibid., Chapter 9. 97 See, e.g., Eddy Wymeersch, ‘Objectives of Financial Regulation and Their Implementation in the European Union’ in Veerle Colaert, Danny Busch and Thomas Incalza (eds), European Financial Regulation Levelling the Cross-Sectoral Playing Field (Bloomsbury Hart Publishing 2019) 39f. 98 See, e.g., Pawel Smaga, ‘The Concept of Systemic Risk’ (London School of Economics and Political Science, LSE Library 2014) 61,214 https://ideas.repec.org/ p/ehl/lserod/61214.html 9ff. 99 For a more detailed description of financial stability as a public good, David S Bieri, ‘Regulation and Financial Stability in the Age of Turbulence’ in Robert W Kolb, Lessons from the Financial Crisis (John Wiley & Sons, Inc 2011) 327. 100 For example, Samuel G Hanson, Anil K Kashyap and Jeremy C Stein, ‘A Macroprudential Approach to Financial Regulation’ (2011) 25 Journal of Economic Perspectives 3. More comprehensively Xavier Freixas, Luc Laeven and José-Luis Peydró, Systemic Risk, Crises, and Macroprudential Regulation (MIT Press 2015).

2

FOUNDATIONS OF FINANCIAL REGULATION

31

financial institution and protecting the users of the financial system were also adequate to protect the financial system as a whole.101 In other words, the perception was that the goals of ensuring financial stability and the protection of investors, and the stability of individual institutions were almost fully aligned. The GFC, however, proved this assumption wrong (later dubbed the ‘composition fallacy’102 ) and highlighted the importance of systemic risk as a distinct concern and—correspondingly—made financial stability a key regulatory objective. Consequently, there is now a greater willingness to pay attention to the wider effects of transactions and interconnections.103 (3) Promoting market efficiency and competition Another objective of financial regulation is to promote and facilitate the efficiency of the financial system. Promoting market efficiency includes the regulator strengthening ‘informational efficiency’, which leads to more accurate pricing, greater participation of investors in the financial market, and ultimately improved liquidity.104 Fostering trust and confidence in the market and its institutions as a precondition for a well-functioning market is another important concern pursued under this objective. Moreover, financial regulation is concerned with the promotion of competition. Conditions for (perfect) competition include inter alia the ease at which firms can enter and exit the market, a level playing field, the capacity for firms to provide identical products between which consumers can freely choose from, that firms are price-takers,

101 See Peter O Mülbert, ‘Managing Risk in the Financial System’ in Niamh Moloney, Eilís Ferran and Jennifer Payne (eds), The Oxford Handbook of Financial Regulation (Oxford University Press 2015) 367f. See also now Bank of England Act 1998 (UK) (as amended by the Banking Act 2009 and the Financial Services Act 2012), s 2A; Financial Services and Markets Act 2000 (UK) (as amended by the Financial Services Act 2012), s 2B(3). 102 Markus Konrad Brunnermeier and others (eds), The Fundamental Principles of Financial Regulation (Centre for Economic Policy Research 2009) 11; or Jacek Osinski ´ Seal, Katharine and Lex Hoogduin, Macroprudential and Microprudential Policies Toward Cohabitation (IMF 2013) 5. 103 Andenæs and Chiu (n 62) 19. 104 Armour and others (n 7) 67.

32

C. RUOF

and that each firm has a small share of the total market.105 Whereas in most cases active competition policy lies within the mandate of a special agency responsible for broadly all sectors of the economy, there are also some financial regulators which were given explicit competition mandates for the financial services industry.106 Table 1 gives a short (and simplified) summary of the abovedescribed goals and how they are responding to a respective market failure. (4) Interplay of the regulatory goals The pursuit of the above-stated principles is always a balancing act involving trade-offs due to tension or conflict between principles. This forces the regulator to prioritize one objective over the other in a certain situation. Such a task is often difficult. The following will describe some of the trade-offs involved in such a task. As stated above, ensuring vital competition requires low barriers to entry as well as the possibility for non-performing firms to exit the market. Low barriers to entry, however, can potentially pose a Table 1

Regulatory goals and market failures

Regulation goal

Market failure

Investor protection

1. 2. 3. 1. 2.

Financial Stability

Systemic efficiency and competition

Information asymmetry Principal-agent problem Behavioural biases of consumers Externalities (Underprovision of) Financial stability as a public good 1. Distortions in competition 2. preconditions for the functioning of the market

105 Comprehensively on the conditions for competition, see George J Stigler, ‘Perfect Competition, Historically Contemplated’ (1957) 65 Journal of Political Economy 1. 106 That is for example the case with the FCA, which was given an objective to promote effective competition in consumers’ interests in regulated financial services and even a duty to do so as long as it is compatible with meeting their objectives to protect consumers and enhance market integrity (see, e.g., FCA, ‘FCA Mission: Our Approach to Competition’ (2017) https://www.fca.org.uk/publication/corporate/our-approach-competition. pdf.). In contrast to that, in the EU, active competition policy lies exclusively with designated national competition agencies as well as the EC.

2

FOUNDATIONS OF FINANCIAL REGULATION

33

threat for investors (and potentially also for financial stability107 ), which is why most services in the financial sector need a license to conduct business. Such a license is meant to ensure a certain quality and soundness of the firm, yet the less stringent the licensing process for financial firms is, the more—potentially harmful— companies are able to enter the market. The reason for this is that (different from some other sectors) the process of filtering out bad firms cannot be wholly trusted to the forces of market competition.108 Also, an easy exit is far from straightforward in the financial sector. As financial institutions are often interconnected and the failure of one poses externalities for other (healthy) ones,109 market exits are always a critical issue. Moreover, more competition usually means less profit for institutions, putting pressure on their balance sheets. This can incentivize them to engage in more risky activities and ultimately increase risk of failure.110 Moreover, increased competition can encourage firms to focus on aspects most salient to customers, while cutting costs on hidden issues, which can also be also detrimental of the investor.111 The objectives of financial stability and investor protection on the other hand can coexist, even overlap, but also sometimes conflict with each other. For instance, strict regulatory requirements for firms to ensure their soundness and stability may— especially in bad times—jeopardize the stability of the system as a whole, as it may stop financial firms from providing credit to the economy. Second, every kind of regulation seeking to reduce individual risk of the individual firm tends to make firms overall move uniformly, reducing diversity in the financial system. This

107 Mülbert (n 101) 396. 108 For instance, an investment intermediary not rarely holds a significant share of its

client’s savings for his or her pension. A failure of that firm (and correspondingly a loss of all assets) would hence have catastrophic consequences for the client. 109 As described in greater detail in Sect. 2.2.2 of this chapter. 110 For more on this, see, e.g., Sebastian de-Ramon, William Francis and Michael

Straughan, ‘Bank Competition and Stability in the United Kingdom’, Bank of England Staff Working Paper No. 748 (2018); comprehensively Xavier Vives, Competition and Stability in Banking: The Role of Regulation and Competition Policy (Princeton University Press 2016). 111 Armour and others (n 7) 72.

34

C. RUOF

would lead to highly correlated risk exposures, consequently exacerbating systemic risk.112 The same goes for restricting firms from selling certain kinds of assets in order to protect investors.113 Ultimately putting a strong focus on the individual soundness of firms increases market barriers, which cements the market share and systemic significance of big financial institutions. Those institutions are precisely the ones, whose failure has drastic consequences for the whole economy, and which are—due to their systemic relevance—considered ‘too big to fail’. Hence, the pursuance of regulatory objectives is no straightforward task, rather a balancing act of trade-offs and normative decisions on priorities. 2.2.3 Architecture of Financial Regulation The subject of regulatory architecture concerns the important question of allocation of regulatory power. For example, the question concerning allocation of regulation can address which institution is responsible for what task(s) within the public sphere. There are two main dimensions of allocation, which need to be separated: The first and highest dimension (1) concerns the allocation between the executive and the legislative branch of the government, more specifically the parliament and the regulatory agency. The second dimension (2) deals with models of horizontal allocation. This can include the allocation among different regulatory agencies. The first dimension touches on the important question about how financial regulation is made. Theoretically, the allocation of tasks between the branches of government is clear: The legislative, as the democratically legitimated branch, is passing the rules that the executive is supposed to supervise and enforce. Yet, for good reasons, this highly simplified description is not fully reflective of reality. While this applies to other regulated sectors as well, such disconnect is especially evident in financial regulation. In such instances, the legislature typically delegates rulemaking power to the executive, whereas the exact degree of delegation highly varies among jurisdictions and sectors. The reasons for this structure in financial regulation and other regulated industries are manifold: 112 Mülbert (n 101) 395. 113 Armour and others (n 7) 71.

2

FOUNDATIONS OF FINANCIAL REGULATION

35

While law-making in the parliament typically takes a relatively long time, the process of agency rulemaking is typically shorter and therefore more responsive to new events. Moreover, regulators typically possess a greater level of expertise in their field making them capable of creating sound rules and at the same time are more independent from political and electoral pressure.114 These benefits, however, come at the cost of legitimacy: The more the regulator is allowed to make substantial decisions and design the rules, the less they can actually be traced back to the democratically elected parliament and ultimately to the vote of the people.115 Delegation does not only come in the form of providing explicit rulemaking powers. The legislative can also formulate rules more broadly, providing space for the regulator to ‘fill them with life’.116 Today, in most jurisdictions, the legislative rule framework forms the backbone of financial regulation.117 Since the creation of the Basel Committee on Banking Supervision (BCBS) in the mid-1970s,118 regulatory rules increasingly originate at an international level before they are implemented in the individual jurisdictions.119 While the allocation 114 Cass R Sunstein, ‘The Most Knowledgeable Branch’ (2016) 164 University of Pennsylvania Law Review 1607 or Jeffrey E Shuren, ‘The Modern Regulatory Administrative State: A Response to Changing Circumstances’ (2001) 38 Harvard Journal on Legislation 291, 292. This is by far no definite list of reasons—however, it is at this stage not necessary to go into the details of the background behind delegation. Essentially, this subject underlies several topics this book is concerned with and will accordingly be taken up at these points. 115 Stavros Gadinis, ‘From Independence to Politics in Financial Regulation’ (2013) 101 California Law Review 327, 380ff with further references. 116 That is the case in so-called principles-based regulatory regimes. See below in Sect. 2.2.4 of this chapter and further in Chapter 8, Sect. 2.2). 117 See, e.g., Dan Awrey and Kathryn Judge, ‘Why Financial Regulation Keeps Falling Short’ (2020) 61 Boston College Law Review 2295, 16ff for the US, Wymeersch (n 97) 6ff for the EU, and for a general overview, Armour and others (n 7) 538ff. 118 The Basel Committee on Banking Supervision is a committee of banking supervisory authorities that was established by the central bank governors of the G10 and now comprises 45 institutions from 28 jurisdictions. It is the primary global standard setter for the prudential regulation of banks and provides a forum for regular cooperation on banking supervisory matters. See BCBS, ‘History of the Basel Committee’ https://www. bis.org/bcbs/history.htm. 119 For a more detailed description of the BCSB and other international institutions involved in the making of the law, see, e.g., For a more detailed description of the different roles played by these organizations, see Chris J Brummer, ‘How International Financial Law Works (and How It Doesn’t)’ (2010) 99 Georgetown Law Journal 257 In

36

C. RUOF

of power between the legislative and executive branch in financial regulation has undergone many changes over the past, in the period after the GFC the trajectory of financial regulation broadly has been one towards producing more detailed rules by the legislative branch, which— in tendency—has left regulators with less discretion in implementing these rules or make own ones.120 In summary, the role of the regulator traditionally is to implement, supervise, and enforce rules as well as to, in varying extents, make rules. Historically, this task was fulfilled by multiple agencies within a jurisdiction, the structure of which reflected the structure of the domestic financial services industry.121 The two most common models that had been widely adopted were an institutional122 or a functional123 one, whereby some jurisdictions also opted for a mixture of both.124 Accordingly, several regulators typically covered different parts of the financial system. Those regulators also generally acted independently from each other, often resulting in conflicting goals and little big picture—perspective on the system as a whole and its risks.125 Not least, more recently, as a response to these issues some jurisdictions opted for an objectives-based structure—allocating responsibility of agencies according to regulatory objectives.126 Other jurisdictions in turn adopted an integrated model

the case of the EU, the EC and EP are predominantly responsible for passing financial regulation, which then accordingly are the ones putting international standards in legal text, before it is applied/implemented in the Member States. 120 For a comprehensive analysis of the development, implementation, evolution, and effectiveness of postcrisis regulatory reforms and their implications, see Ross P Buckley, Emilios Avgouleas and Douglas W Arner, Reconceptualising Global Finance and Its Regulation (Cambridge University Press 2016). 121 Armour and others (n 7) 584f. 122 An institutional model allocates responsibility on the basis of the legal category

into which a firm has been allotted—that is, ‘banks’, ‘securities dealers’, or ‘insurance companies’. 123 A functional model allocates responsibility on the basis of the type of business activity, irrespective of the type of institution. 124 Armour and others (n 7) 598f. 125 Clive Bruilt, ‘The Rationale for a Single National Financial Services Regulator’, FSA

Occasional Paper No 2 (1999) 12–17. 126 This included e.g. the Netherlands and Australia. Armour and others (n 7) 598f. See Group of Thirty, The Structure of Financial Supervision: Approaches and Challenges in a Global Marketplace (Group of Thirty 2008) 30f.

2

FOUNDATIONS OF FINANCIAL REGULATION

37

under which a single agency is responsible for covering all sectors and objectives of financial regulation.127 Notwithstanding these substantial differences in regard of the architecture that existed before prior to 2007, in the course of the Great Financial Crisis (GFC) regulatory failures came to light everywhere.128 While this could suggest a certain degree of insignificance of the question of allocation of responsibility among agencies,129 the GFC was yet followed by a widespread overhaul of regulatory architectures.130 What the reforms of architecture largely had in common was the recognition that—irrespective of the chosen model— financial stability should be given priority and is also best achieved in a distinct authority.131 The novelty of this is that it introduced a hierarchy in the allocation of responsibilities among regulators. 2.2.4 Styles/Modes of Financial Regulation Aside from the differences in architecture, another distinction can be drawn with respect to the styles or modes of financial regulation. These styles vary in how they rule the relationship between the state and the market. More specifically, they can be located at different places along a spectrum of control and freedom132 : Regulators either impose rules backed by (strong) sanctions or entrust market participants with the 127 This includes e.g. the UK, Germany or Japan. See, e.g., Martin Cihák and Richard Podpiera, ‘Isone Watchdog Better Than Three? International Experience with Integrated Financial Sector Supervision’ (2006) 06 IMF Working Papers 1. 128 See Armour and others (n 7) 606 with further details. 129 Somewhat arguing for second-order relevance of the regulatory architecture, e.g.

Eilís Ferran, ‘Institutional Design: The Choices for National Systems’ in Niamh Moloney, Eilís Ferran and Jennifer Payne (eds), The Oxford Handbook of Financial Regulation (Oxford University Press 2015) 98f. For the opposite view, see, e.g., Jennifer G Hill, ‘Why Did Australia Fare so Well in the Global Financial Crisis?’ in Eilis Ferran and others (eds), The Regulatory Aftermath of the Global Financial Crisis (Cambridge University Press 2012). 130 The USA added two new objective-based regulators (the FSOC and the CFPB), and the UK exchanged its integrated regulator for an objective-based division (i.e. between the FCA and the PRA), still largely reflecting institutional or functional allocation of responsibilities. Meanwhile, the EU shifted regulatory power to the EU level, introducing (three) new authorities, allocating responsibilities broadly along institutional lines (i.e. ESMA, EBA and EIOPA). For a more detailed overview of regulatory architecture of the USA, UK and EU, see Armour and others (n 7) 538ff. 131 For further information, see ibid. 608ff. or Mülbert (n 101). 132 See also above at p. 26.

38

C. RUOF

control of their activity.133 Located on the control end of the spectrum is the classic command and control style of regulation which generally describes the exercise of influence by imposing rules backed by criminal sanctions.134 In this regime, the roles between government and private actors are clearly allocated: The regulator is in charge of the public good and intervenes where and when necessary (i.e. correcting market failures), while private market participants may pursue profits and innovate within the given framework. On the other side of the spectrum lie self-regulatory regimes which delegate rule-production and sometimes enforcement to market participants.135 The process of self-regulation, however, usually is constrained by a regulatory authority such as statutory rules, oversight of adherence of rules, approval or (co-) draft of rules, or public enforcement.136 While following the financial crisis, self-regulation has been described as a model ‘in retreat’,137 most regulatory regimes after the GFC can be placed rather on the command and control side of the spectrum.138 There are also a number of regulatory styles that land towards the centre of the spectrum.139 This includes what is commonly referred to as ‘management-based regulation’, ‘meta-regulation’, or ‘enforced self-regulation’.140 Under these more centrist styles, regulators do not prescribe how regulatees should comply but require them to develop their own systems for compliance and to demonstrate that compliance to 133 For example, Robert Baldwin, Martin Cave and Martin Lodge (eds), ‘MetaRegulation and Self-Regulation’ in Cary Coglianese and Evan Mendelson, The Oxford Handbook of Regulation (Oxford University Press 2010). 134 See generally, Robert Baldwin, Martin Cave and Martin Lodge, Understanding Regulation: Theory, Strategy, and Practice (2nd edition, Oxford University Press 2012) 106ff. 135 Ibid or in the context of financial regulation Armour and others (n 7) 545ff. 136 Baldwin, Cave and Lodge (n 134) 138. 137 Ferran (n 129) 110. 138 See also Eva Micheler and Anna Whaley, ‘Regulatory Technology: Replacing Law

with Computer Code’ (2020) 21 European Business Organization Law Review 349, 367; or Chen-Yun Tsang, ‘Balancing the Governance of the Modern Financial Ecosystem: A New Governance Perspective and Implications for Market Discipline’ (2018) 40 Houston Journal for International Law 531, 573. 139 For a broad overview an the different approaches, see Ford (n 30) 101ff. 140 For example, Joanna Gray and Jenny Hamilton, Implementing Financial Regulation:

Theory and Practice. (Wiley 2006) or John Braithwaite, Regulatory Capitalism: How It Works, Ideas for Making It Work Better (Edward Elgar 2008).

2

FOUNDATIONS OF FINANCIAL REGULATION

39

the regulator. Hence, the role of regulators ceases to be primarily about checking compliance with rules and becomes more about encouraging the industry or facility to put in place their own processes.141 While the market-based end of the spectrum is typically associated with the potential for greater efficiency and expertise, it raises (severe) incentive problems and comes with a lack of legitimacy.142 Another key distinction in financial regulation is that between rules and principles. Also, this distinction follows along a spectrum,143 ranging from the highest level of abstraction (principle) to policing every conceivable case individually (rule).144 Principles in comparison with rules identify the outcomes regulators hope to achieve rather than prescribing details on achieving them.145 Rules-based regulatory regimes are typically operating in a command and control style. Principles on the other hand need to be filled with content and applied to the individual case—a task typically done by the regulator. However, in the process of determining the content of the principle, the regulated party as well as other stakeholders can play a role by giving input and thereby contribute to its evolvement. The final judgement, however, regularly lies with the regulator. Consequently, principles-based regimes characteristically confer more responsibility for the public interest to private market actors. They

141 See Julia Black, ‘Regulatory Styles and Supervisory Strategies’ in Niamh Moloney and others (eds), The Oxford Handbook of Financial Regulation (Oxford University Press 2015) 227 or (in the context of environmental law); Neil Gunningham, ‘Environment Law, Regulation and Governance: Shifting Architectures’ (2009) 21 Journal of Environmental Law 179, 190f. 142 Armour and others (n 7) 546. 143 See, e.g., Joseph Raz, ‘Legal Principles and the Limits of Law’ (1972) 81 Yale

Law Journal 823, 838 or Lawrence Cunningham, ‘A Prescription to Retire the Rhetoric of ‘Principles-Based Systems’ in Corporate Law, Securities Regulation and Accounting’ (2007) 60 Vanderbilt Law Review 1409. According to Dworkin though, rules and principles are two opposites, so that something is either a principle or a rule. See Ronald Dworkin, Taking Rights Seriously (Harvard University Press 1977) 24. 144 Cunningham (n 143) 1411. There are different approaches to distinguishing rules from principles, which is however not of relevance at this place. The rules-principles will be taken up again below in Chapter 8, Sect. 2.2). 145 FSA, ‘Principles-Based Regulation—Focusing on the Outcomes That Matter’ (23 April 2007). For instance, principle 3 of the FCA Handbook states that, ‘A firm must take reasonable care to organise and control its affairs responsibly and effectively, with adequate risk management systems’ (See https://www.handbook.fca.org.uk/handbook/ PRIN/2/1.html?date=2016-10-03).

40

C. RUOF

also imply a corresponding power transfer from the legislative to the executive. Whereas in the case of rules-based regimes, the desired behaviour is determined ex-ante by the rulemaker. This differs from principle-driven regimes where it is often determined ex-post by the regulator (and to a certain extent by market participants) whether the behaviour was in line with the principle.146 Where exactly major jurisdictions locate along the rules-principles spectrum is subject to constant change. Principles-based regulation was popular before the GFC, with among others the UK’s FSA147 and the Australian ASIC148 adopting such a regime.149 However, in the aftermath of the Crisis, principles-based regimes were considered as having been too ‘light touch’ and therefore significantly contributing to the emergence of the GFC.150 As a consequence, those jurisdictions/regulators which had pursued a principles-based approach now shifted more towards a rule-based approach. More broadly, a general trend towards increased granularity of rules can be observed.151 To a large extent, these shifts can be attributed to the phenomenon of ‘regulatory competition’ between financial centres where lawmakers/regulators compete with one another in the regulatory framework they offer in order to attract business to

146 Louis Kaplow, ‘Rules Versus Standards: An Economic Analysis’ (1992) 42 Duke Law Journal 557. 147 The Financial Services Agency (FSA) was the agency accountable for the regulation of the financial services industry in the UK until it was abolished in 2013 due to its weak performance before and during the GFC. Its responsibilities were divided between (first and foremost) the FCA as well as the Prudential Regulation Authority (PRA) and the Bank of England. 148 The Australian Securities and Investment Commission (ASIC) is the financial services regulator in Australia. 149 See, e.g., Julia Black, ‘The Rise, Fall and Fate of Principles Based Regulation’ [2010] LSE Legal Studies Working Paper No. 17/2010. 150 This will be discussed further below at p. 236f. 151 Examples include the MiFID 2 framework in the EU, which was 5 times as long as

its predecessor, the US Dodd-Franck act with nearly 850 pages being one of the largest reform bills in history, while in the UK the prudential rulebook for banks ballooned from roughly 400,000 words in 2007 to well over 720,000 in 2017. See Karel Lannoo, ‘New Market Conduct Rules for Financial Intermediaries: Will Complexity Bring Transparency?’ (2017) 5f; or Zahid Amadxarif and others, ‘The Language of Rules: Textual Complexity in Banking Reforms’ (Bank of England 2019) 834 21ff.

2

FOUNDATIONS OF FINANCIAL REGULATION

41

their jurisdiction.152 While regulatory competition can yield innovative and more efficient types of regulation, it also bares the risk of leading to a ‘race to the bottom’, resulting in irresponsibly lose regulatory standards.

152 Comprehensively on the phenomenon of regulatory competition as well as in the context of resolution regimes for financial institutions, see Wolf-Georg Ringe, ‘Regulatory Competition in Global Financial Markets—The Case for a Special Resolution Regime’ 1 Annals of Corporate Governance 175.

CHAPTER 3

The Information Problem and Regulatory Failure

After having described the purpose, strategies, and architecture of financial regulation in the previous chapter, this chapter will explain why—in reality—this goal is often missed. While there are several forms of regulatory failure, this part will explicitly focus on the information problem. In brief, it concerns the problem that without sufficient and reliable information, regulation is likely to be flawed and lead to undesirable outcomes. This makes the collection and processing of information a key challenge for regulators. This chapter develops a conceptual framework for analysing the information problem, whereby it distinguishes between different stages of information in the process of regulation, namely the collection and processing of information and the (subsequent) acting upon the information, that is the regulatory output. The ‘problem’ of a pertaining deficit of information is conceptualized in three different dimensions, namely information gaps , unknown information, and Knightian uncertainty (or ‘unknown unknowns ’). Also, it outlines ways that regulators typically have at their disposal to address the problem, i.e. to increase their information level. Subsequently, it outlines other types of regulatory which are particularly prevalent in financial regulation.

© The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 C. Ruof, Regulating Financial Innovation, EBI Studies in Banking and Capital Markets Law, https://doi.org/10.1007/978-3-031-32971-5_3

43

44

C. RUOF

This chapter provides the conceptual framework, against which the fintech phenomenon (Chapter 7) and the design of a regulatory response to it (Chapters 8–10) will be analysed.

1

The Information Challenge in Financial Regulation

The importance of information in the process of regulation generally has already been described in Chapter 2. Without sufficient and reliable information, regulation is likely to be flawed and lead to undesirable outcomes. In the financial sector, this can manifest in factual deregulation which gives rise to excessive risk-taking by financial institutions or even widespread fraud. Given the size and the significance of the sector in all major economies, the consequence of this can be dramatic. These consequences have been exemplified vividly by the past financial crisis.1 Meanwhile, regulating under a severe lack of information can arguably yield even worse outcomes than no regulation at all. Such a failure can be seen when costs associated with regulation exceed the benefits.2 Conceptually, the role of information in the process of regulation is threefold3 : (1) Information needs to be collected or produced (Ic), (2) the regulator needs to process that information (Ip), and (3) ultimately, the information needs to be put to fruition, i.e. be translated into regulatory output (act upon information, Iau). The first two elements of that process, lc and lp, determine the knowledge level of the regulator or (inversely) the information deficit.4 In the conception of Hood et al., they form the basis of the first requirement for effective regulation—production of knowledge about the system—while the translation of information into regulatory output mainly falls into the second of Hood’s requirements (i.e. setting standards to make the distinction between preferred 1 For example, Patrice Ollivaud and David Turner, ‘The Effect of the Global Financial Crisis on OECD Potential Output’ (2015) Volume 2014. According to their estimate, among the 19 OECD countries which experienced a banking crisis over the period 2007– 11 the median loss in potential output in 2014 was about 5½%. 2 See above at p. 25. 3 See above at p. 26f. 4 The term ‘informational deficit’ has been also by Ben Barnanke when revisiting the

causes of the GFC. See ‘Transcript of the Meeting of the Federal Open Market Committee on April 29–30, 2008’ (n 5 in Chapter 1) 18 (statement of Ben Barnanke).

3

THE INFORMATION PROBLEM AND REGULATORY FAILURE

45

and less preferred states of the system).5 At this stage, the focus will lie on the collection/ production and processing of information (Ic and Ip).6 The quantity and quality of information that needs to be gathered and processed become evident when looking at the above-described strategies of financial regulation: Entry regulation requires the regulator7 to know ex-ante what risks are typically associated with what type of product or service while conduct regulation necessitates extensive knowledge about specific firm activities including business and transactions with consumers and counterparties, or how firms manage the funds they hold. Disclosure regulation moreover requires the regulator to assess the reliability of disclosed information and also the means to process the constant inflow of large amounts of new information. This is of particular importance since the purpose of disclosure is not only to support the functioning of the market but also constitutes a channel through which the regulator collects information about the entity—informing the regulation thereof. Microprudential regulation in turn requires the regulator to be informed about the specific risk profiles of each institution, including a firm’s business model, financial position, internal systems, controls and processes, and its exposure to other market participants. Meanwhile, for macroprudential regulation, the regulator needs information on systemic risks, namely on interconnections and dependencies between market participants, the emergence of new critical players or infrastructures, and, more broadly, structural developments in the sector. Assessing the impact on competition further requires the regulator to have information about the structure and dynamics of the sector. Shortcomings in these elements create an information deficit on the side of the regulator. Collected and processed information subsequently constitutes the basis for the third element—acting upon information. The ability to effectively act upon information concerns the capacity, effectiveness, and timeliness of the regulator to incorporate new information into its regulatory practice; be it in the interpretation of rules, the formulation of new principles, 5 See above at p. 26. 6 The third element will be dealt with further in Chapter 4. 7 Throughout this book, the financial regulator is treated as one actor, which is a

necessary simplification for the purpose of the analysis. Certainly, the regulator is not a homogenous institution, with numerous idiosyncrasies on the individual employee level. For an analysis of that level, see Matthew C Stephenson, ‘Information Acquisition and Institutional Design’ (2011) 124 Harvard Law Review 1422.

46

C. RUOF

or just in communication to respective market participants. That includes newly identified risks being addressed before they materialize and regulation needing to be adapted to new structures and developments that might otherwise evolve outside of it. Meanwhile, utilizing new information should also go in the opposite direction: The regulator should in a timely fashion be able to target and change over-inclusive regulation, outdated as well as unproportional regulation. If these three elements are not ensured, the sector will keep detaching itself from regulatory structure and approaches creating a fundamental mismatch between the market and its regulation (regulatory mismatch, RM ).8 Such a regulatory mismatch, in turn, jeopardizes the fulfilment of each of the regulatory objectives and lays the ground for systematic regulatory failures and financial and economic crises.9 Hence, regulatory mismatch is a function of the information level/ deficit (which is a product of the information gathering and processing capacity) and the ability to effectively act upon information. This translates to: Equation 1: Regulatory mismatch (RM) as a product of information cost (Ic), information processing capacity (Ip) and the ability to effectively to act upon information (Iau). R M = (I cx I p)x I au

1.1

The Information Deficit

As aforementioned, the information deficit is a function of two elements: first, the production and collection of information, and second, the capacity to process it. The processing capacity is in turn determined by

8 This three step process can in a comparable fashion also be found at Pan (n 51 in Chapter 2) 1913; see Awrey and Judge (n 117 in Chapter 2) on the issue of regulatory mismatch. 9 To a significant extent, the lack of information and data was one of the causes for the GFC, as the regulators were caught off-guard by their lack of knowledge about certain market activities and interparty relationships. See, e.g., Michael S Barr, ‘The Financial Crisis and the Path of Reform’ (2012) 29 Yale Journal on Regulation 91, 99f; US Department of the Treasury, ‘Office of Financial Research 2012 Annual Report’ (2012) 4 stating that ‘the lack of high-quality, consistent, and accessible data was a key source of risk’.

3

THE INFORMATION PROBLEM AND REGULATORY FAILURE

47

the individual capacity of actors to process the information, i.e. to decipher and interpret it, including the objective and subjective constraints they face in that context. To a certain degree, every regulator in every sector of the industry suffers from an inherent information deficit.10 That means, the regulator is never in possession of all the information necessary to make the best possible decision. In order to get a better understanding of the origins of the information deficit, this part will distinguish between three distinct forms of informational failure that together constitute the information deficit (see Eq. 2). These forms are the information gap (IG), the unknown information (UI), and Knightian uncertainty (or unknown unknowns; KU ).11 Equation 2: Information deficit as result of an information gap (IG), unknown information (UI) and Knightian uncertainty (KU) I D = IG + U I + KU 1.1.1 The Information Gap The first dimension of the information deficit is the information gap (IG) between the regulator (R) and the market (M).12 More specifically, it describes the asymmetry between the information available on the side of the regulator vis-à-vis the information private market participants possess.13 At this point, ‘the market’ refers to the sum of information that all private market participants possess together. This is to be distinguished 10 See Sunstein, ‘Cost-Benefit Analysis and the Knowledge Problem’ (n 50 in Chapter 2); or Adrian Vermeule, ‘Local and Global Knowledge in the Administrative State’ in David Dyzenhaus and Thomas Poole (eds), Law, Liberty and State (Cambridge University Press 2013). 11 A comparable differentiation is made by Kathryn Judge, ‘Information Gaps and Shadow Banking’ (2017) 103 Virginia Law Review 411, 448f. 12 This dimension of the information is also discussed at (among others) Henry TC Hu, ‘Swaps, the Modern Process of Financial Innovation and the Vulnerability of a Regulatory Paradigm’ (1989) 138 University of Pennsylvania Law Review 333; Dan Awrey, ‘Regulating Financial Innovation: A More Principles-Based Alternative?’ (2010) 5 Brooklyn Journal of Corporate, Financial & Commercial Law 273; Judge, ‘Information Gaps and Shadow Banking’ (n 11). 13 Hence, this is strictly to be separated from the information gap between financial institutions and their customers that constitutes a potential source for market failure and triggers a need for regulatory intervention. See above in Chapter 2, Sect. 2.2).

48

C. RUOF

to the information between the regulator and individual private market participants which can look significantly different in each individual case. To some extent, the information gap is inherent to the nature of financial regulation and regulation in general. It is rooted in the fact that information is dispersed in the market through countless individuals with no single person or institution possessing all relevant information.14 More importantly, there is an inevitable ‘informational lag’ built into the system.15 Information predominantly originates in the market, as financial institutions typically invent the product or service, giving market participants an inherent advantage over the regulator. The regulator must then become aware of its existence and subsequently obtain or generate relevant information about it.16 Hence, market participants are naturally much closer to the source of information, or—in Hayek’s words—possess much better information about ‘particular circumstances of time and place’.17 Additionally, private actors generally have an advantage as to how information diffuses. One way of which is through the movement of personnel.18 While there are continuous moves from one institution to the other, movement that crosses the public-private border is less regular.19 Furthermore, the financial sector entails certain characteristics that complicate the task of gathering and processing information. Most importantly, it is extremely complex and dynamic20 which affects the expenses for actors in connection with searching, gathering, and making sense of information (information costs,21 Icost ). These costs affect the task of

14 See above sec 27f. 15 Hu (n 12) 405f. 16 See also Hu (n 40) 405f with further references to historic examples on the

informational lag in the financial sector. 17 Hayek (n 49 in Chapter 2) 521. 18 See Hu (n 12) 408ff with further references. 19 Certainly, the degree to which this difference exists varies highly depending on

jurisdiction and market sector. Notably, this is simply to say that this form of movement is only less common, yet existing, which itself is the source for a different type of problem (namely creating the risk for regulatory capture, see p. 65f. 20 This will be explained with in further detail below at p. 58f. and 185ff. 21 On information costs in the level of the individual employee at the regulator, see

Stephenson (n 7) 1430.

3

THE INFORMATION PROBLEM AND REGULATORY FAILURE

49

the regulator in, e.g. detecting undesirable conduct or identifying and monitoring risks in the market. While information costs normally occur for all market participants (including regulators), the capacity to process and make sense of this information differs (information processing capacity (Ipc)). More specifically, information once collected or produced is often still raw and needs to be deciphered and contextualized. This for instance includes assessments on risk implications of the use of a new technology as well as how to manage/ mitigate those risks. It also involves identifying the likelihood and size of a (potential) risk in various conceivable scenarios. Equation 3: Information gap (IG) between regulator (R) and the market (M). The information gap is depended on the information cost (Icost) and the difference between the information processing capacity of market participants (Ipc (M)) and that of the regulator (Ipc(R)). Notably, this leaves aside the inherent information advantage private participants have.   I pc(M) I G(R, M) = I cost x I pc(R) The means to perform these tasks can significantly differ between market participants and regulators. The size of that difference between market participants and regulators is determined by several factors, such as economies of scale in the collection and analysis of information, inhouse expertise or technology, and the availability of resources which can be devoted to gathering and processing information. While from the regulator’s perspective information cost is mostly22 exogenous, to a large extent the capacity can be influenced and improved but is de facto constrained by the regulator’s budget. Historically, the asymmetry in information processing capacity between regulators and market participants in the financial sector has typically been large.23 On a general level, Tables 1 and 2 illustrate this inequality by comparing the resources and

22 Mostly, because to a certain extent the regulator can also influence the broader information landscape in the market. See below at p. 73ff. 23 It is however important to note that of course the individual capacity among private market participants highly varies, a phenomenon that becomes even more prevalent under fintech (see below at p. 192ff.).

50

C. RUOF

number of employees of regulators to the general depth of the respective financial market24 as well as to the number of employees and assets of a major financial institution headquartered in the respective jurisdiction for the year 2011.25 The larger size of financial institutions enables them to devote far greater resources to the collection and processing of information.26 For instance, they are able to always have in place the stateof-the-art technology and employ more and higher-skilled people.27 This means that in the financial market information is not only difficult to collect and understand but also that market actors have an inherent (see above) and competitive advantage at gathering and processing information.28 In other words: While complexity and dynamism are creating an information challenge for regulators, resource asymmetries and proximity to the source of information turn this to a gap between the regulator and market participants, which, according to a past statement by a senior Bank of England official, is ‘too great for normal communication’.29 1.1.2 Unknown Information While it is (typically) implicit in the notion of the information asymmetry that someone in fact has the information, there are instances where information is simply not there.30 This dimension of the information deficit captures the lack of information, which is yet unproduced, i.e. not in the possession of any actor. 24 The financial market depth captures the sum of domestic deposit bank assets, domestic bonds, and domestic stock market capitalization. 25 The year 2011 has been chosen due to the availability of comparable data points. While the specific numbers are subject to change over time, the numbers provided in Tables 3a. and 3b are indicative of the differing dimensions between the public and the private sphere. 26 See Armour and others (n 7 in Chapter 2) 83. 27 See Armour and others (n 7 in Chapter 2) 83 comparing the number of employers

of Barclays and the UK regulator by that time. 28 This however is to be separated from the question of how and to what extend private market actors are actually using this advantage, which inter alia is dependent on their respective incentives. 29 Simon Brady, ‘The Ref Gets Rough’ EUROMONEY (April 1992) 25(quoting Richard Farrant, senior Bank of England official). 30 Meaning not one individual or the sum of all individuals in the market.

3

THE INFORMATION PROBLEM AND REGULATORY FAILURE

51

Table 1 Resources of selected financial regulators compared to the size of the respective financial sector they oversee

Financial system depth (in $tn) Financial regulators’ budget (in $bn) Financial regulators’ employees

UK

USA

Germany

Switzerland

8.4 0.8 3439

42.0 5.6 22,027

7.3 0.2 2151

4.0 0.1 396

Source Armour and others (n 7 in Chapter 2) 536 using data from Financial regulators’ annual reports for 2011/12 and World Bank, Global Financial Development 2010

Table 2 Resources of selected financial institutions measured in assets and number of employees

Assets (in $tn) Employees

Barclays

Citigroup

Deutsche Bank

UBS

2.5 149,700

1.9 226,000

2.8 100,996

1.5 64,820

Source Armour and others (n 7 in Chapter 2) 82 using data from Financial regulators’ annual reports for 2011/12 and World Bank, Global Financial Development 2010

Even private actors lack information about certain (esp. future) events or risks. Such a lack of information can occur as acquiring knowledge and information is also costly for private actors and in some instances, it might seem rational for them to not make those expenses.31 Systemic information often falls into this category, as it is typically very costly to acquire and process while generally not yielding many (immediate) benefits or returns for the individual institution.32 The costs of acquisition of systemic information is driven by the need of structural analysis and a good overview of the whole sector. The focus of information production in most institutions on the other hand is mostly a transactional one. Hence, systemic

31 See Gilson and Kraakman (n 11 in Chapter 2); Dan Awrey, ‘Complexity, Innovation, and the Regulation of Modern Financial Markets’ (2012) 2 Harvard Business Law Review 235, 252f. 32 See also Henry TC Hu, ‘Misunderstood Derivatives: The Causes of Informational Failure and the Promise of Regulatory Incrementalism’ (1993) 102 The Yale Law Journal 1457, 1486f. and 1502f.

52

C. RUOF

information is often under-produced by private entities.33 Besides, underproduction information, especially for certain types of risks, can be caused by cognitive biases such as threshold effects where private parties tend to ignore low probability catastrophic events.34 The unknown information that results thereof exacerbates the information deficit and further complicates the regulator’s work. That is because regulators here do not have (potential) entities to “simply” draw the information from but must produce the knowledge from scratch. However, in contrast to the next category—Knightian uncertainty—unknown information can be reduced with (targeted) measures to produce new information in the area where it is lacking. 1.1.3 Knightian Uncertainty In a highly dynamic environment, however, there are also uncertainties (primarily in the form of future events) that do not fit into the category of unknown information because they are unknowable.35 This type of information is captured by ‘Knightian uncertainty’ or ‘unknown unknowns’.36 Since 1921, Frank Knight argued that fundamental uncertainty is inherent and inevitable in any attempt to capture a phenomenon that is dynamic rather than static.37

33 See also Judge (n 12) 449f. 34 See, e.g., Hu (n 32) 1481ff. and 1488ff. 35 See Katharina Pistor, ‘A Legal Theory of Finance’ (2013) 41 Journal of Comparative

Economics 315, 316. 36 “Unknown unknowns” is a phrase from a response often former US Secretary of Defence gave at a DoD news briefing in the context of the alleged existence of certain weapons in Iraq. See Department of Defence, ‘News Briefing - Secretary Rumsfeld and Gen. Myer’ (2002) News Transcript. 37 Frank Knight, Risk, Uncertainty, and Profit (Hart, Schaffner and Marx; Houghton Mifflin 1921) 12. Knight’s definition of uncertainty is also well captured by what former Bank of England Governor Mervyn King termed radical uncertainty, referring to future states for which a probability cannot be assigned because they are simply not imaginable. See Mervyn A King, The End of Alchemy: Money, Banking, and the Future of the Global Economy (Norton paperback, WW Norton & Company 2017).

3

THE INFORMATION PROBLEM AND REGULATORY FAILURE

53

Knight distinguished that regulators are simply not able—irrespective of their ability to gather information from the market—to anticipate and subsequently address all (future) risks in the financial system. Knightian uncertainty therefore describes a world where we do not know about the type of risks we face, let alone be able to attach a probability to them. In such an environment, even the most informed regulator is prone to make errors.38 1.2

The Role of Complexity

The informational challenge is made more pronounced by the fact that the financial sector is extremely complex.39 As mentioned above, this complexity (COM ) produces information costs which makes it one of the main contributors to the information deficit and ultimately to regulatory mismatch (see Eq. 4). This section will further elaborate on the concept of complexity and outline its main drivers and sources in the context of the financial services sector. This will form the framework for the later analysis of the fintech phenomenon and its impact on the information deficit. The Cambridge Dictionary defines complexity as ‘the state of having many parts and being difficult to understand and find an answer to’.40 While grammatically the definition could be read as consisting of two separate elements, at least in the financial sector there is a clear causal link from the first to the second. That is, in the context of the financial market, this definition could be translated to it consisting of many idiosyncratic features that render it difficult to understand. Complexity does not only exist (individually) in these idiosyncratic features but also in their interconnections. This aspect is captured by the use of the term in complexity 38 Another key distinction was that between uncertainty and the concept of risk, that as opposed to uncertainty is susceptible to measurement and hence to elimination. This distinction however is not relevant for this book. For a comprehensive summary and interpretation of Knights distinction, see, e.g., Geoffrey TF Brooke, ‘Uncertainty, Profit and Entrepreneurial Action: Frank Knight’s Contribution Reconsidered’ (2010) 32 Journal of the History of Economic Thought 221. 39 Steven L Schwarcz, ‘Regulating Complexity in Financial Markets’ (2009) 87 Washington University Law Review 211; Awrey, ‘Complexity’ (n 31). 40 See https://dictionary.cambridge.org/dictionary/english/complexity. For a more extensive discussion of the meaning of the term ‘complexity’, see, e.g., Melanie Mitchell, Complexity: A Guided Tour (Oxford University Press 2011).

54

C. RUOF

science, according to which the financial services sector is a complex adaptive system, which is both, complex in the features, number, and diversity of its components and complex in the interactions of its components.41 The complexity in the interactions of the components is what—according to complexity science—differentiates complexity from complicatedness.42 Whereas in a complicated world, the single components still maintain a certain level of independence, complexity arises when interdependencies between those become important. Both definitions are in a way useful for the purpose the term is supposed to fulfil in this study. Here, complexity will be used as an umbrella term capturing the individual components and features of the financial sector as well as the interactions thereof, which render it difficult to understand. This also implies that the term is dynamic in nature and not limited to a conclusive list of certain aspects. The understanding of complexity as used here also shows clearly the connection to the information deficit: The idiosyncratic features of the specific components of the sector and their interactions determine the information cost for regulators (and also other market participants). The higher the information cost, the more difficult it becomes for regulators to effectively collect and process the information. This automatically leads to a growing information deficit and—adding the resource asymmetry and information advantage of (the other) market actors—typically also a widening gap between regulators and market actors. The exact impact of complexity on the information is therefore closely linked to the asymmetry in information processing capacity. There are numerous reasons, why complexity is such an enormous challenge in the financial sector. Throughout this study, I will regularly return to the notion of complexity (and the corresponding information deficit). The following paragraph will provide a brief overview of the main

41 See JB Ruhl, ‘Managing Systemic Risk in Legal Systems’ (2014) 89 Indiana Law Journal 559 with further sources. This notion of complexity goes back to Herbert Simon, describing a complex system as ‘one made up of a large number of parts that interact in a nonsimple way’ (Herbert A Simon, ‘The Architecture of Complexity’ [1962] 106 Proceedings of the American Philosophical Society 467). More recently, Hilary Allen has used the notion of complex adaptive systems to describe the modern payment system Hilary Allen, ‘Payments Failure’ (2021) 62 Boston College Law Review 453. 42 John H Miller and Scott E Page, Complex Adaptive Systems: An Introduction to Computational Models of Social Life (Princeton University Press 2007) 9.

3

THE INFORMATION PROBLEM AND REGULATORY FAILURE

55

drivers of complexity (C refers to drivers of complexity; C1, C2,…Cn) in the financial system.43 One element that is continuously increasing the complexity of the financial is its sheer size. Since the era of ‘financialization’,44 financial markets have grown immensely. This growth has been fuelled by advances in technology, increasing demand for new types of financial products and services, rent-seeking of financial institutions, as well as changes in the regulatory environment. As of today, the size of the financial system in major jurisdictions trumps the size of the economy many times over.45 Such growth of the financial system went hand in hand with growth of the individual institutions participating in it.46 This has several implications for the financial system’s complexity. First, and most obviously, with the increasing scale of financial institutions, their internal structure and organization became complex and hence harder to comprehend.47 In addition, such internal structures put the private sector in a much better position to grasp the complexity, as they can devote far greater resources to understanding regulation than regulators can.48 Thus, the growing size of institutions not only affects information costs but also feeds into the information gap by exacerbating the asymmetry in information processing capacity. Innovation is another main (and arguably the most important) contributor to the complexity of the financial market.49 The emergence of new products and players on the market, with each potentially a different risk profile, generates an overwhelming volume of data, increasing the amount as well as the opacity of information. Fast innovation cycles and the creativity of the private sector turn state-of-the-art knowledge quickly outdated. 43 A comparable enumeration of drivers of complexity can be found at Awrey, ‘Complexity’ (n 31). 44 For example, Alessandro Vercelli, ‘Financialization in a Long-Run Perspective’ (2013) 42 International Journal of Political Economy 19. 45 Armour and others (n 7 in Chapter 2) 82, table 4.1. 46 A report on the assets of the 100 largest financial institutions can be found

at https://pages.marketintelligence.spglobal.com/SM-Global-Bank-Ranking-Content-req uest-Global.html. 47 Armour and others (n 7 in Chapter 2) 83. 48 Ibid. 49 See below at p. 73ff.

56

C. RUOF

Moreover, the widespread use and importance of technology in financial services is another feature rendering the sector difficult to understand. Ever new and ever more sophisticated models are being applied by financial firms which have to be understood by regulators. As technological developments do not stop at the financial sector, technical expertise is increasingly an indispensable requirement in the skillset of regulators. Another driver of complexity is the opacity of the sector, including its players and services. With regard to the players, this for instance stems from the number of players, their internal structure, and the lack of transparency thereabout.50 At the same time, the number of players and services and the diversity among them generate an overwhelming volume of different data points on a daily basis that are of importance for regulators. While in theory available, this data is often highly difficult to acquire, analyse, and filter.51 The more of data is generated, the denser the information thicket, the harder to gather, process, and make sense of all the relevant information. Also, the process of increasing integration of (global) financial markets has generated complex interlinkages between markets and different financial institutions. This interconnectedness makes it more difficult for regulators (and for private actors themselves) to make accurate judgements where risks lie. Further fuelling the complexity of the financial system and exacerbating the information deficit is the reflexive relationship between regulation and regulated actors. As regulators are not just observers of the system but also participants, in their attempts to regulate they alter the behaviour of those who they seek to control. All this renders it increasingly difficult for regulators to keep track of regulated actors and collect and process the information they possess. In sum, these characteristics of the financial sector make complexity one of

50 The most common examples of the lack of transparency include the investors, holdings, and trading strategies of hedge funds. See, e.g., Willa E Gibson, ‘Is Hedge Fund Regulation Necessary?’ (2000) 73 Temple Law Review 681. Awrey, ‘Complexity’ (n 31) 252. 51 Awrey, ‘Complexity’ (n 31) 252.

3

THE INFORMATION PROBLEM AND REGULATORY FAILURE

57

the main causes of the information deficit and, as Steven Schwarzc put it, ‘the greatest financial market challenge of the future’.52 Equation 4 : Information gap (IG) between the regulator (R) and the market (M) as depended on the information cost (Icost) and the difference between the information processing capacity of market participants (Ipc (M)) and that of the regulator (Ipc(R)). In contrast to Eq. 3, Icost here is depicted as a sum of complexity (Com) and other sources of information cost (Icost(x)). Complexity in turn is driven by multiple factors, displayed as C1-Cn.   I pc(M) I G(R, M) = I cost(Com(C1 + C2 + C3 . . . + Cn) + I cost(x))x I pc(R)

1.3

Addressing the Information Deficit

Primarily, there are two options conceivable for the regulator to enhance their information level and thereby reduce the information gap between them and the market. Namely, regulators can either produce information or collect information from market participants. First, the regulator can enhance their own production of information.53 Production of information would require the regulator to ramp up existing mechanisms of in-house information production including market observation, internal research, deliberation with other stakeholders, or experimentation.54 On the one hand, this path of reducing the information gap is able to ensure a high-quality standard of the information that is generated. The information is first-hand, as the production process is fully taking place in-house and hence under the direct purview of the regulator. That means there is barely any room for information framed or skewed in a certain direction while the incentive for 52 Schwarcz (n 39) 213. However, it is worth noting that Schwarcz’s work on complexity mostly focuses on the financial product market. His statements are however also applicable to financial system as a whole. 53 On means to enhance the production of information on the micro-level, that is on the level of the individual employee, see Stephenson (n 7). 54 See also Peter Conti-Brown and David A Wishnik, ‘Technocratic Pragmatism, Bureaucratic Expertise, and the Federal Reserve’ (2021) 130 Yale Law Journal 636, 645ff. outlining four ways for regulators to develop expertise.

58

C. RUOF

misinformation or deliberate/strategic omissions remains low. Over time, employees of the regulator are likely to become better at producing information while at the same time improving their overall knowledge of the sector. Such improvement in information production and knowledge standards would mean economies of scale in information production as well as strengthening the in-house expertise of the regulator. On the other hand, in-house production is typically very costly, and with regard to some type of information close to unfeasible. As most (relevant) information is by nature created in the market, the production of (then often that very same) information would incur high costs for the regulator—relative to the entity of origin—as it is typically rather far away from the private market activity generating the information. Beyond that, information production is not only more costly for the regulator, but the regulator would be often producing information that already exists, rendering the expenditure rather socially wasteful. Not least, some information is so closely connected to the individual market participant that a production thereof without the cooperation of that market participant can be close to impossible. In sum, the regulator may produce information in-house when putting a lot of weight on the quality and trustworthiness of the information. Also, when it comes to systemic information, the regulator might be in a better place to produce it than (most) market participants. Second, the regulator can draw information from the market, i.e. collect information that has already been produced by others. This includes (esp.) information from the very actors it seeks to regulate, but also such information produced by other possible stakeholders. This path has the obvious benefit of avoiding the double-production of information. It is much more efficient in the sense that information is being produced where it originates and then transported to the regulator. Drawing information from market participants is often much less costly than the in-house production of the information by the regulator. Such costeffectiveness is especially true for all firm-specific information and local information, including firms’ business lines, assets, liabilities, customers, third-party relationships, business operations, personnel, and internal processes, systems, and controls. Local information can for instance be collected from reports by the firms through individual communication channels or publicly available records. It can also be gathered via requests for specific information, examinations, and on-site inspections conducted

3

THE INFORMATION PROBLEM AND REGULATORY FAILURE

59

by the regulator.55 Part of such a process is also the decision about what kind of information is relevant and worth being processed. Conversely to the benefit of in-house-produced information, the regulator does not have full control and oversight over the production process, making it more dependent on the external source. This dependence risks turning into lethargy within the regulator, if employees rely too much on the given information, making (also costly) control mechanisms necessary. While this path typically has efficiency advantages when it comes to granular information, this does not necessarily apply to broader, systemic information. In that context, the individual regulated entities might lack the birds-eye view that the regulator has. Perhaps even more importantly, private actors typically already lack an incentive to produce systemic information in the first place, as their motivation is primarily to protect themselves, not the system as a whole.56 Hence, the path of collecting information is more well suited for granular and local information that is otherwise costly or at all hard to get. However, quality controls have to be put in place. The common denominator of the former two paths is that they both seek to increase the information level on the side of the regulator. At the same time, they leave the information-generating activity itself mostly untouched. Another path of addressing the information gap, however, could be for the regulator to reduce complexity. For example, the regulator could slow down innovation activity.57 Assuming a given information level on the regulator’s side, mitigating complexity—simply speaking—would have the effect of (a) reducing the overall information deficit and (b) reducing the absolute size of the information gap between the regulator and individual market participants.58 Depending on the concrete mechanism in use for reducing complexity, even a reduction

55 Armour and others (n 7 in Chapter 2) 581. 56 In particular, Schwarcz (n 71 in Chapter 2) 206. 57 This can take place, e.g. in the form structural reforms, which are for instance advocated for by Omarova, ‘Technology v Technocracy’ (n 2 in Chapter 1). 58 At the same time, the relative size of the gap stays roughly the same. That is, while information costs and the general amount of (relevant) information decreases, the information processing capacity of the private market actors also remains constant.

60

C. RUOF

in relative terms could be achieved.59 Generally speaking, the temptation of taking such a path would lie in the improvements it can bring without requiring (major) changes within the regulator. Rather, it tackles the information generation itself—slowing down its pace and dynamics in the sector more generally. While the mechanisms themselves would typically not be costly, the long-term social costs would presumably be high. Slowing down information-generating activity necessarily means also slowing down innovation and economic activity. And as it is arguably not possible to determine ex-ante the social desirability of an innovation, ‘good’ and ‘bad’ innovation would equally be affected. Given these highly interventional effects, this path—as opposed to addressing the information deficit by collecting or producing information—is rather to be seen as a second-best solution and will not be further explored in this study.

2

Regulatory Failure

As stated above, according to the traditional public interest theory, regulation seeks to protect and benefit society at large. Driven by their public service ethos, regulators would identify market failures and correct them—in accordance with their regulatory objectives—in the best possible manner. Yet, in the real world, decisions made by regulators often do not match this assumption. In his seminal work from 1971, George Stigler—one of the key leaders of the Chicago school60 —was the first to offer a theoretical concept explaining the wedge between regulatory objectives and actual regulatory outcomes.61 Whereas prior to that, regulation had generally been seen as a policy pursued by benevolent officials acting in the public interest, Stigler asserted that regulators are far from benevolent. He showed how to think about regulation in terms of an 59 That could, for example, be the case, if the policy in question has a reducing effect on the size of private market actors, as the information gap is typically particularly prevalent vis-à-vis big private entities. 60 See also above 25f. 61 Stigler (n 35 in Chapter 2). Stigler’s work, often considered as a founding paper

for the political economy of regulation, was highly influential and played a key role in shifting the professional centre of gravity towards scepticism about the social utility of regulation. For a recent, more critical discussion of his work, see Chris Carrigan and Cary Coglianese, ‘George J. Stigler, “The Theory of Economic Regulation”’ in Martin Lodge, Edward C Page and Steven J Balla (eds), The Oxford Handbook of Classics in Public Policy and Administration (Oxford University Press 2015).

3

THE INFORMATION PROBLEM AND REGULATORY FAILURE

61

exchange between regulators and private sector actors and of the outcome of the regulatory process as a product of supply and demand.62 In his theory, policymakers and regulators supply desired regulation (i.e. not one that intends to correct market failures, but instead benefits the industry, e.g. by protecting it from new competitors), for which they get various forms of payments (bribes, campaign contributions, job opportunities, etc.) in exchange from those they regulate. Although this concept offers— in addition to the aforementioned information problem—an important explanation for various forms of regulatory failure (including the ones described below), it also is far from being the only one. Other reasons for failure may include the regulator’s ideology, bad ideas or narrow objectives.63 Ultimately, regulators are also humans and therefore fallible, making them susceptible to the common types of biases in designing and enforcing regulation.64 In the following, this subsection will describe some of the most important cases of regulatory failure that drive a wedge between the actual decision of the regulator and the pursuance of the theoretical regulatory objectives. Understanding the causes of those outcomes is vital for the design of a new proposal, which is what this study intends. 2.1

Regulatory Capture

Regulatory capture is a problem often highlighted in the context of financial regulation and has re-gained prominence as a result of the financial crisis.65 Generally, it refers to the process where the regulated industry exercises influence on their regulator in pursuit of their self-interest, typically at the expense of the society as a whole.66 This influence can take 62 On the subsequent work building on Stigler’s concept, both theoretical and empirical, see, e.g., Sam Peltzman, ‘George Stigler’s Contribution to the Economic Analysis of Regulation’ (1993) 101 Journal of Political Economy 818, 825. 63 Andrei Shleifer, ‘George Stigler’s Paper on Regulation and the Rise of Political Economy’ (ProMarket, 28 April 2021) https://www.promarket.org/2021/04/28/geo rge-stiglers-regulation-political-economy-capture/. 64 These questions are subject to the field of behavioural science, which will not in depth be dealt with in this study. For an overview on the literature of biases and heuristics in the context of financial regulation, see, e.g., Ford (n 30 in Chapter 2) 183ff. and 207ff. 65 See Deniz Igan and Thomas Lambert, ‘Bank Lobbying: Regulatory Capture and Beyond’ (2019) WP/19/171. 66 Stigler (n 35 in Chapter 2).

62

C. RUOF

place in numerous forms. The most obvious one, and accordingly termed ‘hard capture’, is financial donations.67 Transforming money into political capital can take place in the form of (illegal) bribes, something assumed to not be a major concern in most jurisdictions with developed financial markets. More prevalent are political campaign contributions68 particularly in jurisdictions where political campaigns are highly dependent on huge financial contributions from the private sector. It is not hard to imagine that in these instances big donors could be acting beyond altruistic means and—due to the dependence of the politicians—can gain a certain degree of leverage through their contributions.69 The channels of ‘soft’ capture on the other hand are more subtle but not less influential. For example, mere sympathy can have a significant influence on policy decisions. Such sympathy can be the result of continuous interaction between regulators and regulated actors, previous experience in the industry, prolonged exposure to industry perspective, or, not least, simple admiration.70 Probably, the most well-known embodiment of soft capture is the so-called revolving door phenomenon, referring to movement of high-level employees from public-sector jobs to private sector jobs and vice versa.71 Finally and perhaps most importantly, the industry can exert influence on regulators by shaping the intellectual environment in which regulation takes place and policy decisions are made72 : As described above, financial firms commonly have far more resources to deploy than their counterpart on the public side.73 They possess significant advantages in terms of expertise and human capital which are necessary to collect and process the information. Regulators, on the other hand, typically face constraints in those areas. This asymmetry makes it appear tempting for regulators to borrow some of 67 Armour and others (n 7 in Chapter 2) 560f. 68 It has to be noted that, certainly, the actual goal of such contributions individually

is not and cannot be known. 69 Armour and others (n 7 in Chapter 2) 560f. 70 See also Iris HY Chiu, ‘A Rational Regulatory Strategy for Governing Financial

Innovation’ (2017) 8 European Journal of Risk Regulation 743, 763 or Andenæs and Chiu (n 62 in Chapter 2) 73ff. 71 See, e.g., Daniel C Hardy, ‘Regulatory Capture in Banking’ (IMF Monetary and Financial Systems Department 2006) WP/06/34. 72 Armour and others (n 7 in Chapter 2) 561f. 73 See also above at p. 53f. and in particular tables 1 and 2.

3

THE INFORMATION PROBLEM AND REGULATORY FAILURE

63

industry’s capacity. Adding to that, the severe information asymmetry of regulators vis-à-vis the industry gives financial firms significant power to control information.74 While regulators can oblige institutions to produce and disclose information, the volume and complexity of it make them depend on the regulated actors to collect, aggregate and present it in an understandable manner. As a result, firms are well-positioned to bias the information in a way to advance their self-interest. Industry also produces knowledge aside from the regulatory dialogue, e.g. in the form of research publications or market analyses issued by their research departments.75 These are (allegedly) often supposed to create a narrative that again furthers their interest. Often claims made therein are to advocate free markets and deregulation, while regulation is rather associated with anti-innovation and economic stagnation.76 Ultimately, information and resource asymmetry provide opportunities for firms to control information and frame narratives in a way that furthers their interests while simultaneously making regulators depend on them in their own and most essential roles. 2.2

Crises-driven Regulation

The most significant changes in financial regulation are always introduced in response to crises.77 While in ‘normal times’ the stake of the public in financial regulation is typically too small and too diffuse to compete 74 Armour and others (n 7 in Chapter 2). 75 Ibid. 561. 76 See, e.g., John C Coffee Jr, ‘The Political Economy of Dodd-Frank: Why Financial Reform Tends to Be Frustrated and Systemic Risk Perpetuated’ (2012) 97 Cornell Law Review 1019 gives a concrete example of how the US industry fostered the belief that a large (and preferably unregulated) financial sector was beneficial for the whole society Simon Johnson and James Kwak, 13 Bankers: The Wall Street Takeover and the next Financial Meltdown (1st edn, Pantheon Books 2010). The same problem viewed from a different perspective can be found at Roberta Romano, ‘Regulating in the Dark and a Postscript Assessment of the Iron Law of Financial Regulation’ (2014) 43 Hofstra Law Review 25. 77 See Erik F Gerding, Law, Bubbles, and Financial Regulation (Routledge 2016);

Stuart Banner, Anglo-American Securities Regulation: Cultural and Political Roots, 1690– 1860 (1st edn, Cambridge University Press 1998) 257; or Coffee Jr (n 76). This pattern in financial regulation is consistent with findings from political science on policy agendas generally. See for instance John W Kingdon, Agendas, Alternatives, and Public Policies (2nd edn, Longman 2011).

64

C. RUOF

with demands from the industry,78 during or following a scandal or a crisis, the public at large becomes concerned about financial regulation, resulting in greater and more mobilized demand for regulatory reform.79 This public demand exerts pressure on policymakers and can therefore become an effective counterweight to the disproportional influence of the financial industry. However, legislation or regulation responding to populist concerns (i.e. those of the ordinary person from the street) is not necessarily what would actually be required to improve the financial system and its resilience. In fact, it might not (yet) be clear to anyone what the required steps would be. At the same time, the public usually not only demands regulators/ policymakers to ‘do something’, but to do it quickly, even though they might not yet have assessed the cause of the crisis.80 The legislature, in seeking re-election, is, however, likely to respond to the demand and introduce highly visible, though superficial, or counterproductive reforms to simply showcase the fact they are doing ‘something’.81 Rulemaking thus takes place in an environment that creates a sense of urgency and may not permit a proper evaluation of the crisis’ causes as well as the possible consequences of the reform. Moreover, even assuming well-informed regulation, the process of designing the regulatory reform (especially in this setting) can be flawed for several reasons. First, the reform is likely to be backwards-looking, aiming at yesterday’s perceived problems, rather than tomorrows, and thereby divert resources away from identifying and responding to new risks.82 The lack of data then sometimes leads to a regulatory response that is a ‘version of the “Maginot Line” that responds to the last crisis, not the next one’.83 Even in this aspect, the perception of regulators can be flawed as in hindsight it is often difficult to assess what really went wrong before, as—retrospectively—outcomes appear highly predictable (referred to as the ‘hindsight

78 That is also the reason why, according to Stigler, the prototypical result of this competition is the triumph of the industry interests over those of the consumer. See Stigler (n 35 in Chapter 2) 10f. 79 E.g. Coffee Jr (n 76) 1023f, 1029ff. 80 Romano (n 76) 29. 81 Ibid. 28ff. and Armour and others (n 7 in Chapter 2) 536. 82 Romano (n 76) 27; Armour and others (n 7 in Chapter 2) 536. 83 Ford, Innovation and the State (n 30 in Chapter 2) 184.

3

THE INFORMATION PROBLEM AND REGULATORY FAILURE

65

bias’84 ). This can ex-post create the impression of a level of certainty that simply was not present ex-ante and suggests that one could easily do better in avoiding risk next time.85 In contrast to the situation after a crisis occurred, in economically good times, regulation86 is often inactive, which can be attested to the status quo bias.87 Closely related to that, as soon as a crisis or scandal fates from the public agenda—be it as society has recovered or simply due to the passage of time—the narrative is likely to be dominated by industry again.88 Because of this, post-crisis reforms can be eroded either because of implementation or due to the silent repeal of reforms. Such a rulemaking process of reform following a financial crisis and the inevitable relaxation, retraction, and revision of the reform thereafter has been termed behaviour of crisis-driven regulation as having a ‘regulatory sine curve’.89 2.3

Regulatory Forbearance

In contrast to crisis-driven regulation, Regulatory Forbearance refers to failure by regulators to take timely and appropriate action at an individual institution in order to reduce risks for customers or investors.90 That means, regardless of being sufficiently informed and staffed, regulators take a too lenient approach towards market participants. While being less visible, forbearance arguably has played at least some role in

84 Ibid. 183 with further references. 85 Ibid. 211. 86 Here especially referring to the legislative part. Inactivity on the executive (i.e. regulator’s) side mostly falls under regulatory forbearance dealt with in the subsequent part. 87 Ford, Innovation and the State (n 30 in Chapter 2) 210. On the status quo bias generally, William Samuelson and Richard Zeckhauser, ‘Status Quo Bias in Decision Making’ (1988) 1 Journal of Risk and Uncertainty 7. 88 Coffee Jr (n 76) 1029ff. 89 Ibid 1029. 90 Carnell, Macey and Miller (n 69 in Chapter 2) 234.

66

C. RUOF

many crises.91 As forbearance is taking place at the executive, a necessary requirement for it is a certain degree of discretion for regulators. Aside from being the product of a Stiglerian exchange (see above), the reasons for forbearance can be quite diverse: The resolution of an institution, which is under the supervision of a respective regulator, can be perceived as a failure of that agency. Regulators also might desire avoiding confrontations with politicians they are accountable to or on the employee level with their respective supervisors, a result of putting firms on a tootight leash. Notably, forbearance can also have sound reasons, i.e. where regulators legitimately believe that given some more time the problem will be solved by the institution/market, or that in a specific case the costs of a regulatory intervention exceed its benefits.92

3

Result: Regulation---A Losing Game?

In this subsection, I provided some explanations for why financial regulation in practice is far from its theoretical ideal. First and foremost, the disconnect between the practice and theory comes from lack of information. The lack of information often leads to uninformed decisions made by regulators and subsequent suboptimal outcomes. On the other hand, even in the presence of adequate information, self-interested behaviour or human fallibility can produce inefficient regulatory outcomes. Does this mean—as suggested by the Chicago school—that regulators are necessarily uninformed as well as ‘incompetent, captured and corrupt’ and therefore should not interfere with the market?93 The simple answer is no. As shown in Chapter 2, Sect. 2.2), the financial market can produce a number of market failures itself. History has already shown the magnitude of costs market failures impose on the society as a whole. One recent illustrative example was the decision to not regulate the OTC

91 See, e.g., Edward J Kane, ‘Financial Regulation and Market Forces’ (1991) 127 Swiss Journal of Economics and Statistics 325; Edward J Kane, ‘DANGERS OF CAPITAL FORBEARANCE: THE CASE OF THE FSLIC AND “ZOMBIE” S&Ls’ (1987) 5 Contemporary Economic Policy 77. 92 See also Armour and others (n 7 in Chapter 2) 564f. 93 There are also more recent contributions advocating for a laissez-faire approach in

the financial sector. See, e.g., Kevin Dowd, ‘The Case for Financial Laissez-Faire’ (1996) 106 The Economic Journal 679.

3

THE INFORMATION PROBLEM AND REGULATORY FAILURE

67

derivative market which ultimately was a significant contributor to the outbreak of the GFC.94 This financial crisis (like many others before) showcased the catastrophic effects that a market and regulatory failure in the financial market can have: In the USA alone, 3.6 million jobs were lost alone in 2008 as an immediate effect of the crisis.95 By 2018, a study by the Federal Reserve Board has found, the crisis cost every single American approximately 70.000 USD.96 Worse still, these numbers do not capture any harm for European households or emerging market economies, let alone effects on the mental and physical health of workers and their families.97 Even if the practical implementation of regulation deviates from the theoretical ideal, it does not undermine its usefulness. Quite the opposite: The theory provides the essential basis for understanding the purpose of regulation and the optimal direction in which it should be heading. In other words, it is supposed to incrementally guide the way of the practice and inform its constant adaption. Not less important, those failures have to be considered in the process of designing the architecture and framework of financial regulation. Ultimately, this is also what provides its value for this study—to provide a recommendation for a new framework one needs to not only be aware of the theoretical foundations that inform financial regulation but also understand the practical limitations to which it is subject. In the second core part of this study, we will see how these challenges take shape in the current era and what this implies for the regulatory framework. 94 The decision to not regulate this market was made at the highest level, among others by former Treasury Secretary Robert Rubin and FED Board Chair Alan Greenspan. See US Treasury Department, ‘Joint Statement by Treasury Secretary Robert Rubin, Federal Reserve Board Chairman Alan Greenspan and Securities and Exchange Commissioner Arthur Levitt’ (1998) https://www.treasury.gov/press-center/press-releases/Pages/rr2 426.aspx. This decision has however been corrected across jurisdictions. 95 See Financial Crisis Inquiry Commission, ‘The Financial Crisis Inquiry Report: Final Report of the National Commission on the Causes of the Financial and Economic Crisis in the United States’ (2011) 390 also outlining further immediate effects of the crisis. 96 Regis Barnichon, Christian Matthes and Alexander Ziegenbein, ‘The Financial Crisis at 10: Will We Ever Recover?’ (2018) Federal Reserve Bank of San Francisco Economic Letter. 97 See also these aspects being brought up by Janet L Yellen, ‘A Painfully Slow Recovery for America’s Workers: Causes, Implications, and the Federal Reserve’s Response’ (2013) Speech at the ‘A Trans-Atlantic Agenda for Shared Prosperity’ conference https://www. federalreserve.gov/newsevents/speech/yellen20130211a.htm.

CHAPTER 4

An Introduction to Financial Innovation

Having introduced the core subject of this study—financial regulation— this chapter will provide an introduction to the object of the study, financial innovation. This section will lay the foundation for the analysis of fintech as the current embodiment of financial innovation and the core theme of this study. It will start by discussing the term of innovation in a general context and touch upon its function in society before introducing the interplay between regulation and innovation. It will explain how innovation and regulation are not operating in isolation but stand in a reciprocal relationship to each other, which is referred to as ‘regulatory dialectic’ and is yet another source of regulatory mismatch. The following introduction to financial innovation in particular is to provide the reader an understanding of the background against which fintech emerged and in which context it could flourish. Subsequently, this chapter will discuss in greater detail the special case of financial innovation, first defining the term and discussing different notions of it and promptly followed by outlining its special features and drivers. Financial innovation, of which fintech is the latest embodiment, has a longstanding and ambivalent history, which this chapter briefly illustrates. This allows to at a later stage test the similarities and peculiarities that fintech exhibits compared to previous eras of financial innovation.

© The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 C. Ruof, Regulating Financial Innovation, EBI Studies in Banking and Capital Markets Law, https://doi.org/10.1007/978-3-031-32971-5_4

69

70

C. RUOF

Last, this chapter puts financial innovation into the context of the aforedeveloped concept of the information deficit and draws implication for the regulation of innovation. This exercise will later be repeated in a more concrete and comprehensive form in the analysis of fintech enabling to identify its key informational and ultimately regulatory challenges (see Chapters 6 and 7).

1

The Role and Meaning of Innovation

There is no common definition of what falls under innovation.1 Depending on the field of study, focus of the research, the time of the publication, or the respective author, the term can have various meanings. The root of the term is derived from the Latin word ‘novare’, which means new. Given this, the most straightforward and broadest definition would be ‘the introduction of something new’, precisely the definition provided by Webster’s Collegiate Dictionary.2 Most commonly, innovation is referred to as the application and diffusion of a new idea, while sometimes also including the act of invention.3 In economic terms, it can be described as a novel match between a need and a solution.4 In reality, it usually takes place as the introduction of more effective or utterly new5 products, services, processes, or business models to the market. It is unpredictable in nature. Each innovation occurs in its own particular set of circumstances resulting from a collective process whose outcomes are not known when it begins. It is not at least this exact dynamic uncertainty that makes innovation difficult to be captured by

1 Attempts in that direction have however been made. See e.g. Fred Gault, ‘Defining and Measuring Innovation in All Sectors of the Economy’ (2018) 47 Research Policy 617. 2 Merriam-Webster, ‘Definition of INNOVATION’, https://www.merriam-webster. com/dictionary/innovation. 3 See e.g. Peter Tufano, ‘Financial Innovation’ in George M Constantinides, Milton Harris and René M Stulz (eds), Handbook of the Economics of Finance, vol 1 (Elsevier 2003); Excluding the stage of inventing are for instance Ford, Innovation and the State (n 30 in Chapter 2) 13; Mark Dodgson and David Gann, Innovation: A Very Short Introduction (2nd edn, Oxford University Press 2018) 13. 4 Christian Terwiesch and Karl T Ulrich, Innovation Tournaments: Creating and Selecting Exceptional Opportunities (Harvard Business Press 2009). 5 This distinction refers to the separation between incremental and radical innovation, which will be explained below.

4

AN INTRODUCTION TO FINANCIAL INNOVATION

71

a whole-encompassing definition.6 Furthermore, when defining innovation, it is important to adopt a neutral perspective to it and not embrace it as something inherently ‘good’.7 This is worth noting, as there is often a tendency of romanticizing innovation since the connotation and the conversations around it seem to be highly positive.8 Innovation however is no virtue unto itself, and its merits cannot be assumed to outweigh attended risks. At the same time, there is no need to blindly condemn innovation. Every ideological position is likely to influence the regulatory response in a certain direction, which tries to be avoided in the course of this study. To fully capture the dynamics of innovation while concurrently maintaining a neutral stance towards it, innovation throughout this study is used to refer to an ongoing process of change, whereby new institutions, techniques, products, and markets are created.9 Innovation maintains a highly important role in modern societies. One of the first economists to lay innovation in the centre of his studies was Joseph Schumpeter.10 In his renowned book ‘The Theory of Economic Development’ released in 1911, he argued that the basis of a healthy economy lay in dynamic imbalance caused by innovation rather than imbalance and optimization—as traditional economics by then would suggest.11 In other words, profit and growth can not only be derived from the alteration of price and cost avoidances but also and even primarily from the radical replacement of goods and services. Innovation such a radical sense exemplifies his notion of ‘creative destruction’, i.e. the process of replacing old and weak economic structures or firms with new ones, which—in his view—is the essential fact of capitalism.12 This dynamic of change puts firms under constant competitive pressure to innovate and improve—or otherwise be replaced by a more innovative 6 See also Dodgson and Gann (n 3) 28. 7 Ford (n 30 in Chapter 2) 8f. or 143. 8 Ibid. 8f. who is looking at the collocates (i.e. words that appear next to or close to the root word) of innovation in academic literature. 9 A comparable definition is used by Awrey, ‘Complexity’ (n 31 in Chapter 3) 259. 10 See Joseph A Schumpeter, The Theory of Economic Development: An Inquiry into

Profits, Capital, Credit, Interest, and the Business Cycle (Harvard University Press 1911) or Joseph A Schumpeter, Capitalism, Socialism and Democracy (Harper & Brothers 1942). 11 Schumpeter, The Theory of Economic Development (n 10). 12 Schumpeter, Capitalism, Socialism and Democracy (n 10) 81ff.

72

C. RUOF

competitor. And yet, such a threat is not the sole driver of innovation by firms. Capitalist systems offer great rewards for successful innovations in the form of making the innovator (potentially very) rich. In the words of Schumpeter himself, innovation ‘offers the carrot of spectacular reward or the stick of destitution’.13 Innovation however does not only reward the innovator but can also bear significant benefits for society.14 Putting aside the specific forms those positive spill-overs can have,15 there is a clear link between innovation and economic growth.16 As the engine of economic growth, the process of innovation is an inherent part of a profit-maximizing economy and has contributed significantly to the prosperity of capitalist economies. However, as private innovation occurs for self-interested reasons,17 it may not always be at everyone’s benefit and can involve trade-offs.18 Furthermore, the label innovation can also be used for the purpose of exploitation, deception, or other socially wasteful activities.19

2

Innovation and Regulatory Dialectic

As already touched upon above, the behaviour of market actors and regulation are not two forces that evolve independently of each other. Rather, they are two strongly interlinked parts of a dynamic system. Regulation stimulates innovation in intentional as well as unintentional ways. At the same time, innovation generates regulation, which is meant to address it. 13 Ibid. 87. 14 Some even argue, no major innovation has provided only benefits for the innovator,

see William J Baumol, The Free-Market Innovation Machine: Analyzing the Growth Miracle of Capitalism (Princeton University Press 2002) 5. This however neglects taking into account the negative effects that innovation can also have. 15 For a more detailed overview, see, e.g., Brett M Frischmann and Mark A Lemley, ‘Spillovers’ (2007) 107 Columbia Law Review 257. 16 For instance, Baumol (n 14). Certainly, there is a dispute about the exact contribution of innovation, which is however not of relevance to the subject of this book. 17 That is, as mentioned above, in promise of the potential reward as well as in view of the threat of distinction. 18 This is particularly acute in the field of financial innovation, which will be discussed further at p. 79ff. 19 A manifestation of innovation as a mean for deception is e.g. regulatory arbitrage, which will be dealt with below.

4

AN INTRODUCTION TO FINANCIAL INNOVATION

73

This dynamic nature is often conceptualized in a framework called ‘regulatory dialectic’.20 The term ‘dialectic’ comes from the field of philosophy and is meant to describe a process driven by the tension between two opposing forces. In the field of regulation, this translates to a strategic game in which the actors (regulators and regulated firms) react to each other—each within their respective possibilities—in creative ways.21 More specifically, market participants take into account existing regulation when they innovate or innovate even primarily in response to new regulations. Regulators, on the other hand, react to innovation by amending the regulatory framework prompting further innovation.22 This game not only has a strong impact on the informational dynamics, especially by being a major driver of complexity but also significantly complicates the third element in the regulatory process, i.e. translating information into regulatory output. The latter stems from the fact that it makes it harder to estimate how to reach the desired state by regulation and what the potential effects of a new regulation are. In the following subsections, I will briefly outline how those two forces can feed into each other and provide brief examples for illustration. A more detailed picture will be given in Sect. 3.4 of this chapter when looking at the concrete interplay between financial innovation and regulation. 2.1

The Industry Side of the Game

Broadly, regulation can trigger innovation in three different ways: First, it can purposefully create incentives to influence innovation in a (socially desirable) direction. Second, as regulation imposes costs on the regulated actors, they tend to alter their behaviour in order to reduce such costs. And last, regulation can have unintended side effects on innovative behaviour of firms in areas that outwardly have no direct connection to the problem that the regulation was made to address. The first form is for instances prevalent in environmental regulation. For example, subsidies for certain product types, as well as taxes or 20 The term was coined by Edward J Kane, ‘Interaction of Financial and Regulatory Innovation’ (1988) 78 The American Economic Review 328, 332f. 21 Ibid. 333. 22 It is worth mentioning that also other factors contribute the emergence of innovation

as well as regulation. For the sake of this book however, it is not necessary to describe them any further.

74

C. RUOF

limitations on the use of specific materials, steer innovation efforts in a particular direction. A contemporary example would be the EU emission reduction targets for cars.23 Those laws mandate car producers to incrementally reduce their fleet-wide average emission of new passenger cars. In case of non-compliance, the respective car manufacturer faces ‘excess emission premiums’ for each car registered, which can amount to significant sums.24 Clearly, this regulation intends to encourage innovation away from fossil-fuelled towards emission-free cars. The second version is a bit less straightforward and more ambiguous in its effects. Regulation regularly imposes costs on its addressees. This is particularly the case, where regulation is made to address externalities by internalizing the (social) costs to the activity of the regulated firm. This runs counter the interest of the firm, which is (primarily) to maximize its profits for the shareholders.25 There are now two basic ways, both involving innovation, in which the firm can respond to the regulation and reduce the costs that have been imposed on them by regulation26 : Firstly, the firm can (in line with the regulation) reduce the social costs of their activity. While this often involves significant costs, it can also be de facto limited, e.g. by lack of means for reducing the external costs of the activity. The second way is to restructure the regulated activity or product in a way so that it no longer falls in the scope of that regulation.27 This way is what is commonly referred to as ‘regulatory arbitrage’.28 It is 23 See https://ec.europa.eu/clima/policies/transport/vehicles/cars_en. 24 See for instance, ‘Large Carmakers Including Volkswagen, FCA Could Face 2021

EU Emissions Fines: Study’ Reuters (26 June 2019), https://www.reuters.com/article/ us-carmaker-fines-idUSKCN1TR0B9, projecting penalties of e.g. more than 2bn USD in the case of Volkswagen. 25 The longstanding debate whether the firm has further obligations, other than to its

shareholders is not relevant here and hence will not be discussed. For a critical perspective, see, e.g., Lynn A Stout, The Shareholder Value Myth: How Putting Shareholders First Harms Investors, Corporations, and the Public (1st edn, Berrett-Koehler 2012). 26 Armour and others (n 7 in Chapter 2) 84. 27 As in that case, the intended effect of the regulation gets nullified, this strategy is

seen as detrimental and tries to be prevented by regulators. However, market participants may also engage in that kind of activity to avoid inefficient rules, for example unnecessarily restricting (e.g. because they are outdated) value-creating products or services. Financial innovation so motivated can be beneficial to society. See also Armour and others (n 7 in Chapter 2) 11ff. 28 More generally, the term ‘regulatory arbitrage’ refers to actions by private actors designed to exploit gaps or differences within or between different regulations, ultimately

4

AN INTRODUCTION TO FINANCIAL INNOVATION

75

caused by a substitution effect, where increases in regulatory compliance costs induce the supply of unregulated substitutes.29 By redesigning an existing product or service without changing its risk profile, regulatory arbitrage exploits the gap between the economic substance of a transaction and its legal or regulatory treatment.30 This can result in a repetitive game of regulation, avoidance, and re-regulation. In the dialectical view, regulation becomes re-regulation, the shape of which is determined by the precise history of prior re-regulatory problems.31 The practice of regulatory arbitrage can be illustrated by an example for the car industry. In the 1970s, the US federal government authorized the Environmental Protection Agency (EPA) to significantly tighten the standards for fuel efficiency and air pollution of cars.32 The regulations that followed, however, did not (only) lead to greater fuel efficiency of cars, but also generated a huge market for a new type of car, the SUV.33 The reason for that was that SUVs are mounted on truck chassis rather than car chassis and therefore are not subject to those new regulations.34 That way car producers could effectively avoid stricter standards by redesigning their product, rather than reducing the social costs as the new regulations had intended to do. Lastly, regulation can also trigger innovation in other, not anticipated areas. As regulation always constitutes an intervention in the market, it necessarily changes its current dynamics. That can for instance imply

with the intention of either reducing costs or capturing profits. See Frank Partnoy, ‘Financial Derivatives and the Costs of Regulatory Arbitrage’, 22 J. CORP. L. 211, 211 n.1 (1997). 29 John W Bagby and Nizan G Packin, ‘RegTech and Predictive Lawmaking: Closing the RegLag Between Prospective Regulated Activity and Regulation Prospective Regulated Activity and Regulation’ (2021) 10 Michigan Business & Entrepreneurial Law Review 127, 154f. 30 See Victor Fleischer, ‘Regulatory Arbitrage’ (2010) 89 Texas Law Review 227, 230. 31 Kane, ‘Interaction of Financial and Regulatory Innovation’ (n 20) 332. 32 Most importantly, in 1970 the Congress passed the Clean Air, regulating pollution from cars and other forms of transportation. See EPA, ‘History of Reducing Air Pollution from Transportation in the United States’, https://www.epa.gov/transportation-air-pollut ion-and-climate-change/accomplishments-and-success-air-pollution-transportation. 33 See Hiroko Tabuchi, ‘The World Is Embracing S.U.V.s. That’s Bad News for the Climate.’ The New York Times (3 March 2018), https://www.nytimes.com/2018/03/ 03/climate/suv-sales-global-climate.html. 34 Ford (n 30 in Chapter 2) 49 with further reference.

76

C. RUOF

demand shifts, which then can create new externalities or—more generally—undesirable effects.35 Furthermore, in highly regulated areas, the process of identifying relevant regulations and installing a proper compliance system can be quite costly. Here innovation can also take place to reduce those costs by improving compliance mechanisms.36 2.2

The Regulator’s Side of the Game

The dynamics between regulation and innovation can also go in the opposite direction. When an innovative product or service hits the market, the regulator faces the decision of how to deal with it.37 This goes beyond the question of regulation or deregulation. It involves numerous tradeoffs that the regulator has to consider and any action the regulator is taking affects the balance within these trade-offs. When confronted with a changing environment, inaction can de facto change a regulatory regime even if not in form but in substance.38 After all, doing nothing can imply the choice to allow the regime to erode as the past rules fail to maintain the normative judgements struck at the time they were made. Taking action on the other hand can take various shapes, each involving different considerations. The regulator can respond to new market phenomena by simply applying the existing regime to it. The use of an existing regime is only desirable if the baseline principles of the regulatory regime are met and the application of it does not impose unnecessary costs on the firms, while in the worst case not addressing the new risks associated with the phenomenon. Meanwhile, introducing new regulations typically involves significant time and resource expenditures and does not guarantee against possible unsatisfying outcomes.39 Responding to innovation in the market can also involve more fundamental questions. New phenomena and changes in the environment may cast doubt on the original rationales or undermine the capacity of the 35 That is for instance often the case with regulations on capital requirements of financial institutions. 36 So the case with ‘Regtech’ (see below at p. 129ff.). 37 Assuming the scenario here that applying the existing regulation to the innovation

is not straightforward. 38 Kathryn Judge, ‘Regulation and Deregulation: The Baseline Challenge’ (2018) 104 Virginia Law Review 101, 111 and 114f. 39 See above on regulatory failure at 64ff.

4

AN INTRODUCTION TO FINANCIAL INNOVATION

77

given approach to accomplish desired aims. More specifically, innovation can even require a rebalancing of objectives or a redesign of the regulatory approach, if the underlying reasons for those have become myriad.40 2.3

The ‘Pacing Problem’

Also important from an informational perspective, an inherent problem that is closely connected to regulatory dialectic is the so-called ‘pacing problem’.41 It describes the phenomenon that innovation develops faster than regulation—especially evident in environments with fast innovation cycles.42 Innovation, be it by ‘disrupting’ the environment or paving its way more secretly through the cracks of existing structures, constitutes the foremost driver of change.43 Given that, by altering the environment, innovation can cause a ‘lag’ between regulatory rules and newly arising unanticipated facts and features forming another source of regulatory mismatch.44 The pacing problem in the context of innovation is an issue rooted in the nature of the public–private divide. While the private sector innovates, the state regulates the private sector for the

40 On these questions and their significance, see also Judge, ‘Regulation and Deregulation: The Baseline Challenge’ (n 38). 41 See Braden R Allenby, in Gary Elvin Marchant, Braden R Allenby and Joseph R Herkert (eds), Growing Gap Between Emerging Technologies and Legal-ethiCal Oversight: The Pacing Problem (Springer 2011); Wulf A. Kaal, ‘Dynamic Regulation for Innovation’ in Mark Fenwick and others (eds), Perspectives in Law, Business & Innovation (Springer 2016). 42 Allenby (n 41) 3; Fenwick, Kaal and Vermeulen (n 44 in Chapter 2) 568. 43 Bagby and Packin (n 29) 151. 44 There is an extensive body of literature of this phenomenon in the broader context of legal rules, often referred to as ‘law lag’ or ‘legal lag’. It describes a situation where existing legal provisions are inadequate to deal with rapid changes, especially driven by information and communication technology. See e.g. Carla L Reyes, ‘Moving Beyond Bitcoin to an Endogenous Theory of Decentralized Ledger Technology Regulation: An Initial Proposal’ (2016) 61 Villanova Law Review 191, 202 explaining law lag in the context of distributed ledger technology and its regulation]; Thomas R McLean, ‘The Offshoring of American Medicine: Scope, Economic Issues and Legal Liabilities’ (2005] 14 Annals of Health Law 205, 254 (discussing things that tend to limit the legal lag time associated with telemedicine technology and usages]; Michael Rustad, ‘Cybertorts and Legal Lag: An Empirical Analysis’ (2003] 13 Southern California Interdisciplinary Law Journa 77, 77f.

78

C. RUOF

public good.45 This divide by nature puts the private sector in the lead, while the regulator remains in a reactive position. It also implies that regulation necessarily predates innovation, creating uncertainty regarding the applicability (and permissibility) of new phenomena.46 While regulation does—depending on the style and design—exhibit a certain level of openness, innovation can render existing regulation obsolete for different reasons. Namely, innovation can change the conduct of the regulated activity itself, the underlying facts and assumptions of the regulation, or innovation can alter the costs of enforcing and violating the regulation in place.47 For these reasons, innovation poses an inherent challenge for the task of regulation and justifies the centre stage it should be given in the design of regulation.48 However, the extent of the problem is not only dependent on the innovation activity in the private sector but also on several factors determining the responsiveness of the public side. For instance, these factors include the agility and the openness of the regulatory framework, resources on the side of the regulator, and the speed of the adaption process for regulation.49 This inherent problem in regulation is further enhanced by private actors actively extending the lag by intentionally avoiding, skirting, or frustrating regulation.50 Worse still, the larger the ‘lag’ grows, the harder and more costly it can become for the regulator to act, as market participants will evolve around the new phenomenon as it becomes more entrenched. History is not shy of examples illustrating the problem of regulation/law predating technology. One early example dates back to mid of the nineteenth century and concerns the introduction of the railroad

45 See above 29ff. 46 Lyria Bennett Moses, ‘Recurring Dilemmas: The Law’s Race to Keep Up With

Technological Change’ (2007) 7 Journal of Law, Technology & Policy 239, 253f. 47 Ibid. 265f. 48 This claim has also been made by other commentators, such as Lyria Bennett Moses,

‘How to Think About Law, Regulation and Technology: Problems with “Technology” as a Regulatory Target’ (2013) 5 Law, Innovation and Technology 1; Ford, Innovation and the State (n 30 in Chapter 2). 49 Allenby (n 29) 21ff. giving reasons for (the size of) the pacing problem or Kristin N Johnson, ‘Things Fall Apart: Regulating The Credit Default Swaps Commons’ (2011) 82 University of Colorado Law Review 167, 240f on the slowness of the administrative rulemaking process as a source of the lag. 50 Bagby and Packin (n 29) 152f.

4

AN INTRODUCTION TO FINANCIAL INNOVATION

79

system in the USA.51 Back then, the railroad industry raised a variety of new problems, in particular surrounding questions of property and legal liability.52 As there was no law answering these questions, courts reacted by trying to fit the new phenomenon into the current framework. This ultimately led to the question whether railways should be treated analogous to highways or private property. The answer to that question affected the nature of liability for damage when animals were injured.53 Other historic instances which illustrated similar dilemmas included the introduction of the telegraph,54 or the creation of software.55 A more contemporary one is put forward by Wulf A. Kaal, which is that of selfdriving cars. In that context, Kaal sees regulation as lagging behind on three key issues. First, driverless cars generate enormous amounts of data creating a lag in data security and privacy. Second, there’s a lag in regulations for safeguarding the communication between cars and protecting users against security threats such as ‘car-hacking’. Third there’s the lag on how to handle the constant emergence of innovation that is emerging based on the data that has been generated by driverless cars.56 Furthermore, while the regulator is addressing these issues, concurrently, new different issues arise, once again challenging the regulatory status quo. These examples provide only an overview of the interplay of and dynamics between regulation and innovation. How these dynamics are shaped in the financial sector, and, more particularly, in the current era of financial innovation, will be the object of analysis in Chapter 5.

51 Ford, Innovation and the State (n 30 in Chapter 2) 173; Moses (n 46) 253 ff. 52 Moses (n 46) 253 f. 53 Ibid. 254. 54 Gregory N Mandel, Legal Evolution in Response to Technological Change, vol 1

(Roger Brownsword, Eloise Scotford and Karen Yeung eds, Oxford University Press 2016) 3. 55 Moses (n 46) 254 ff. 56 Erik PM Vermeulen and Wulf A Kaal, ‘How to Regulate Disruptive Innovation:

From Facts to Data’ 57 Jurimetrics: The Journal of Law, Science, and Technology 169, 175f.

80

C. RUOF

3

A Primer to Financial Innovation

Coming closer to the core of this study, this part dives deeper into innovation in the financial sector. Before coming to the current era of financial innovation, i.e. the ‘era of fintech’, I will first define financial innovation and discuss a different approach to categorizing it. The subsequent description of the key characteristics and drivers of financial innovation will allow for the contextualization of current fintech developments. These particularities pose significant challenges for the regulator and further underscore the importance and pervasiveness of information gathering and processing as well as responsiveness of the regulatory framework—a key topic of discussion. The section then concludes by drawing implications from the particularities of financial innovation for the information deficit and financial regulation more generally. 3.1

Financial Innovation: A Chequered History

Financial innovation is as old as the industry itself. It can be dated back as early as 3000 BC with the introduction of commodity money in Mesopotamia, early forms of banking, personal loans, interest and contingency claims.57 To the foremost ancient innovations, which still defines our daily lives to this date, belongs certainly the invention of metallic coins to store value and record debt.58 Much later in its history, through the emergence of stock exchanges, the invention of stock companies and the ensuing flourishing of stock trading, financial innovation played an essential enabling role in the industrial revolution.59 In the nineteenth century, the introduction of the telegraph to commercial use and the laying of the first transatlantic cable provided the basis for a major wave of financial innovation. For instance, it allowed for rapid transmission payments and

57 See e.g. Franklin Allen and Douglas Gale, Financial Innovation and Risk Sharing (MIT Press 1994). 58 See in general, Glyn Davies, A History of Money: From Ancient Times to the Present Day (3rd edn, University of Wales Press 2002). 59 See e.g. Charles More, Understanding the Industrial Revolution (Routledge 2000)

36.

4

AN INTRODUCTION TO FINANCIAL INNOVATION

81

transactions around the world.60 In the 1950s, the world saw the introduction of the first credit cards which would revolutionize the world of consumption.61 Credit cards have not only become a means of payment but also a source of credit, allowing customers to borrow and pay at the same time. The launch of the ATM in 1967 simplified life for millions of people. It allowed the consumer to avoid a trip to the bank, the need to do so within hours of operation, and a burdensome drive to a bank. The ATM introduced 24/7 availability of cash. Moreover, by eliminating the need for tellers to dispense cash, take deposits and the like, ATMs improved productivity in the banking sector itself. The period of financial innovation that followed, from the mid-1960s to the mid-1980s, was what Merton Miller described as a unique one in American financial history.62 Whereas the latter examples were clearly visible (and beneficial) for consumers, this period was particularly marked by the introduction of financial products to the wholesale market. Products such as different types of options, bonds, funds, and swaps emerged on the market.63 At the same time, the entry of ‘securitization’ into mainstream finance had a huge impact on the financial markets, allowing financial institutions to reduce risks and generate higher profits.64 By 1992, Miller saw the world confronted with an unprecedented wave that would not be matched in the future and predicted a surge of financial innovation.65 Only a few years later, however, one could already refute his hypothesis.66 This brief historic introduction is certainly not extensive but provides an idea about the significance of financial innovation in the economy and the daily lives of people. It however also draws an overly bright picture

60 Douglas W Arner, Jànos N Barberis and Ross P Buckley, ‘The Evolution of Fintech: A New Post-Crisis Paradigm?’ (2016) 47 Georgetown Journal of International Law Journal 1271, 1278. 61 Jerry W Markham, A Financial History of the United States (ME Sharpe 2002) 306. 62 Merton H Miller, ‘Financial Innovation: The Last Twenty Years and the Next’ (1986)

21 The Journal of Financial and Quantitative Analysis 459. 63 A non-extinctive list can be found at ibid. 64 Neil Fligstein and Adam Goldstein, ‘The Anatomy of the Mortgage Securitization

Crisis’ in Michael Lounsbury and Paul M Hirsch (eds), Markets on trial, Part A (1., Emerald 2010). 65 Merton H Miller, ‘Financial Innovation: Achievements and Prospects’ (1992) 4 Journal of Applied Corporate Finance 4. 66 So done in e.g. Tufano (n 3).

82

C. RUOF

of financial innovation, which needs to be put into perspective. That is, the history of financial innovation was also marked by a large number of high-scale frauds and financial crises that had severe consequences on the real economy. These included most prominently the so-called ‘South Sea Bubble’ during the years of the ‘railroad mania’,67 the stock market crash of 1929, and most recently the Great Financial Crisis of 2008.68 Between the crises, numerous other scandals like the Enron scandal took place. A frequent contributor or enabler in such scandals: financial innovation. The recent financial crises however also brought a change in the perception towards financial innovation. Whereas before the crisis, financial innovation was mostly heralded (which had also largely been manifested in the regulation thereof), in its aftermath the pendulum swung rather to the other side, blaming post-crises innovations to be exploitative, rentseeking, and without any broader economic purpose and ultimately one of the roots of the Great Financial Crisis.69 This view not least became apparent in public quotes by officials as well as industry insiders and defines the tone that is widely prevalent in the famous ‘Turner review’, which analysed the causes of the crisis.70 3.2

Defining and Classifying Financial Innovation

But what exactly is financial innovation and what makes it ‘special’? Commonly, it is described as the act of creating and diffusion of new financial instruments, technologies, institutions, services, and even markets.71 As mentioned before, the financial sector performs the main function of channelling funds from investors to savers to borrowers, whereby financial intermediaries perform a facilitative function (see Fig. 1 67 See for the South Sea Bubble and an insightful account of stock market frauds during the ‘railway mania’: Edward Chancellor, Devil Take the Hindmost: A History of Financial Speculation (1st edn, Farrar, Straus, Giroux 1999). 68 For the role of financial innovation in the 2008 GFC, see Gilson and Kraakman (n 11 in Chapter 2) 353; Mark J Roe, ‘The Derivatives Market’s Payment Priorities as Financial Crisis Accelerator’ (2011) 63 Stanford Law Review 539, 549ff. 69 E.g. Nigel Jenkinson, Adrian Penalver and Nicholas Vause, ‘Financial Innovation: What Have We Learnt?’ (Bank of England 2008). 70 FSA (n 87 in Chapter 2). 71 Haan, Schoenmaker and Wierts (n 4 in Chapter 2) 231; Tufano (n 36) 310f.

4

AN INTRODUCTION TO FINANCIAL INNOVATION

83

in Chapter 2). In its most fundamental understanding, financial innovation ‘improves’ those functions, i.e. aims for providing them more efficiently. However, as aforementioned, the effects and purposes of financial innovation is often not as unambiguous and can also be socially wasteful.72 Apart from the dichotomy of ‘good’ and ‘bad’ innovation, there are numerous other taxonomies to categorize particular innovations.73 These categories serve different purposes, ranging from distinguishing between the level of change brought by the innovation to mere epistemological reasons. In the following, I will briefly outline the most prominent dichotomies. Subsequently, I will outline an abstract matrix to analyse particular innovations from a more practical perspective. 3.2.1 ‘Good’ and ‘Bad’ Innovation ‘The ATM has been the only useful innovation in banking for the past 20 years’ is a famous quote by the former chairman of the FED Paul Volcker and neatly reflects the (changed) view on financial innovation after the GFC.74 Unsurprisingly, it is not as simple as this quote might suggest—quite the opposite: The dichotomy of good (i.e. socially desirable/welfare-enhancing) and bad (i.e. socially detrimental/social welfare lowering) innovations is perhaps the most relevant but at the same time the most difficult and controversial one. Despite the general contribution of innovations to the level of prosperity in a lot of societies, general claims about the beneficial impact of financial innovations must be approached with caution. One main problem with the dichotomy of good and bad is the relative lack of empirical evidence. In a literature review from Frame and White in 2004, the authors were only able to identify 39 actual empirical studies on financial innovation,75 and even fewer which additionally focused on the

72 See above, p. 79ff. 73 A useful figure providing a generally applicable overview can be found at Uta Wehn

and Carlos Montalvo, ‘Exploring the Dynamics of Water Innovation: Foundations for Water Innovation Studies’ (2018) 171 The Dynamics of Water Innovation S1, S6. 74 See e.g. ‘Meet the True Star of Financial Innovation—The Humble ATM’ Financial Times (22 June 2017), https://www.ft.com/content/052f9310-5738-11e7-80b6-9bfa4c 1f83d2. 75 See W Scott Frame and Lawrence J White, ‘Empirical Studies of Financial Innovation: Lots of Talk, Little Action?’ (2004) 42 Journal of Economic Literature 116.

84

C. RUOF

social-welfare effects of certain innovations. In more recent studies, financial innovations are characterized as neither good nor bad, but contain a mixture of elements. After all, aggregate social welfare is particularly hard to measure in the case of financial innovations, as many of its consequences appear in the form of (positive as well as negative) externalities.76 While the ex-post evaluation of particular financial innovation faces—as we see—many difficulties, an ex-ante determination about its social benefits is an impossible undertaking.77 First, it is arguably impossible to predict how a certain innovation will evolve and to whom it will reap what benefits and what (third) parties might end up worse-off. Not least important, the costs and benefits of innovations change over time. With securitization for example, the benefits occurred rather earlier while increasing rent-seeking behaviour and apparent systemic risk came later. Other innovations seem to work in the opposite direction: they lay fallow or impose costs in the short term but have the potential to improve social welfare long term.78 Not least, in which direction a particular innovation evolves can be based on (even more) unpredictable changes in the environment around it. Against this backdrop, the notion that one can reliably distinguish ‘good’ innovation from ‘bad’ innovation is misguided. And from a regulatory perspective, this ultimately is not the task. In a market-based economy, the market decides which innovation succeeds and which one fails. In that process, the regulator—without making an overall judgement about the particular innovation—monitors and mitigates the risks of each innovation, while leaving its ultimate fate to the market. That is why financial innovation has to be framed neutrally as a process of change and not as something inherently positive (or negative).79

76 See Josh Lerner and Peter Tufano, ‘The Consequences of Financial Innovation: A Counterfactual Research Agenda’ (2011) 3 Annual Review of Financial Economics 41, 46f.; On the methodologies that seek to engage in the exercise of measuring nonetheless, see Tufano (n 3) 328. Another issue when it comes to this distinction is how we want to measure ‘good’ and ‘bad’, which is a question of political priorities. 77 See also Tufano (n 3) 329 or Ford, Innovation and the State (n 30 in Chapter 2) 98, 141. 78 Ford, Innovation and the State (n 30 in Chapter 2) 98. 79 See also Awrey, ‘Complexity’ (n 31 in Chapter 3) 259.

4

AN INTRODUCTION TO FINANCIAL INNOVATION

85

3.2.2 ‘Incremental’ and ‘Radical’ Innovation A distinction that is regularly made in innovation scholarship is between ‘radical’ and ‘incremental’ innovation.80 This distinction was coined by Christopher Freeman and Luc Soete to describe how much of a change from the status quo a particular product or service innovation represented.81 The distinction is primarily made to describe how much of a change from the status quo a particular product or service innovation represents. Whereas incremental innovations encompass small improvements on existing products or services, radical innovations change their nature.82 Yet, there is no clear consensus on the distinction between the two categories which already lessens their practical utility.83 A related category often used by business scholars is that of ‘disruptive’ innovation, which is mostly exchangeable with ‘radical’, except for that it puts a greater emphasis on the impact of its business environment.84 From a regulatory perspective, disruptive or radical innovations often enjoy greater attention, as they are typically more transformative and pose more fundamental challenges to the regulatory framework.85 That is, they are more likely to change the assumptions underlying the existing framework and thereby more quickly create regulatory mismatches.86 At the same time, the importance of incremental innovation should not be understated. Since it is often radical innovation attracting the bulk of attention, incremental innovation flies under the radar, making its effects less visible and understudied.87 Similarly, it typically evolves slower than radical innovation, which makes it seem more benign in terms of its implications, creating a tendency to underestimate it.88 80 E.g. Christopher Freeman, ‘The Economics of Technical Change’ (1994) 18 Cambridge Journal of Economics 463, 474ff. 81 Christopher Freeman and Luc Soete, The Economics of Industrial Innovation (3rd edn, MIT Press 1997). 82 Ford, Innovation and the State (n 30 in Chapter 2) 149. 83 Ibid. 166 for some diverse interpretations. 84 E.g. Michael L Tushman and Philip Anderson, ‘Technological Discontinuities and Organizational Environments’ (1986) 31 Administrative Science Quarterly 439. 85 Similarly Ford, Innovation and the State (n 30 in Chapter 2) 171. 86 The impact of an innovation on other market players that is commonly emphasized

in the context of ‘disruptive innovation’ is of lesser concern. 87 Ford, Innovation and the State (n 30 in Chapter 2) 207ff. 88 Ibid. 207f., 210.

86

C. RUOF

Furthermore, innovations with the purpose of regulatory arbitrage for instance are never disruptive, however of great regulatory importance. Overall, the dichotomy of ‘radical’ and ‘incremental’ innovation can be useful in certain (theoretical) contexts but should not be a guiding theme in the process of regulation. Rather, the attention should lie on the innovation’s function, risk, and impact on the regulatory framework and its effect on regulatory capacity. 3.2.3 ‘Product’ and ‘Process’ Innovation Financial innovations are also often divided into product or process innovations.89 Product innovations mostly refer to innovations providing a solution to an unattended need in the market and/or to differentiate from competitors. It captures for instance new types of derivatives, securities, and pooled investment products.90 Process innovation is often aimed at increasing the efficiency in the production process and is often associated with technological change. They are typified by new means of distributing financial products, processing, or pricing transactions.91 However, because product and process innovation are often linked, this differentiation is also far from being clear.92 Similar to the distinction between incremental and radical/disruptive innovation, there are no universal implications that come with either a process or product innovation. Hence, this differentiation might make sense in certain theoretical contexts, but of lesser practical relevance. 3.2.4

Three Key Considerations When Assessing Financial Innovation For regulation, it is of the upmost importance to understand the innovation from a technological and functional perspective and to identify

89 E.g. OECD and Statistical Office of the European Communities, Oslo Manual: Guidelines for Collecting and Interpreting Innovation Data (3rd edn, OECD 2005), https://www.oecd-ilibrary.org/science-and-technology/oslo-manual_978 9264013100-en; or Marius Meeus and Charles Edquist, ‘Introduction to Part I: Product and Process Innovation’ in Marius Meeus and Jerald Hage (eds), Innovation, Science, and Institutional Change: A Research Handbook (Oxford University Press 2006). 90 See e.g. Tufano (n 3) 310. 91 See Lerner and Tufano (n 76) 42f. 92 See also, Lerner and Tufano (n 76) 43; An example for the difficulties with the

distinction can be found at Tufano (n 3) 310.

4

AN INTRODUCTION TO FINANCIAL INNOVATION

87

the corresponding risks. This understanding can inform an (if necessary) appropriate and well-calibrated regulatory response. Here, the objective of understanding a certain innovation is captured in three guiding questions necessary when assessing financial innovation. 1. What is the (exact) technological innovation? At this first step, the regulator needs to distil the substance of the new service or product. The novelty of the product or service needs to be characterized. This broader undertaking includes more specific questions: Is the innovation just a (minor) technical improvement that brings efficient gains but does not change the profile of the service or product? Or is it something that substantially differs from existing products/ services? For answering these questions, expertise is of utmost importance, as the regulator needs to understand in a very timely manner the business model of the innovation. It needs to gather or produce the necessary information while staying aware of the interests involved when receiving information from market participants.93 At the same time, the regulator needs to steadily stay on top of the newest developments in the market. 2. What is the purpose, function and what are the characteristics of the innovation? In a next step, the regulator needs to identify the underlying purpose, function, and specific characteristics of the innovation which can inform a potential regulatory response ahead. In respect of the purpose, the regulator needs to take a closer look at what supposedly drives the innovation.94 Is the innovation based on technological advancements, is there an (investor) demand in the market for the product/service or is its purpose rather circumventing certain rules or regulations? A functional analysis is meant to shed light on the effects and risk profile of the innovation. Most of the time—even if utterly new and complex on its surface—a new product or service still resembles one of the classic functions of financial intermediation or a mix of them. Similarly, understanding 93 This raises again the issue of regulatory capture. Generally on the problem that decision-makers including regulators having a tendency to be blinded by ‘spectacular’ technological innovation and rely to much on the innovator’s presentation, see Mandel (n 54). For a critical assessment of fintech through that lens, see Omarova (n 2 in Chapter 1). 94 On the potential drivers of financial innovation, see below in Sect. 3.4.

88

C. RUOF

the risks requires an understanding of the potential effects of an innovation. This can include effects on third parties (i.e. potential externalities), potential effects on market structures, as well as effects on the dynamics in the secondary market.95 Here, the regulator engages in a predictive undertaking that requires a high level of economic and technical expertise as well as experience. 3. What are the implications? Finally, the question the regulator needs to ask himself is, ‘so what?’. This encompasses an informed evaluation of potential regulatory responses to the innovation. It is important to first ask whether an intervention is required at all, which is not the case, if the risks are effectively covered by the existing regulatory framework or where the market can effectively self-regulate. Importantly, when assessing the implication, it is not only to analyse if the risks are regulated but also if the regulation is adequate and proportionate. While risks may be covered, current regulation might oblige the innovator to comply with rules that are unproportionate or not required in their specific case, i.e. over-inclusive. This situation imposes unnecessary costs on the innovation and could go as far as to drive it out of the market. On the other hand, if the analysis concludes that a new regulation is required because risks are not effectively covered by the current framework, the response needs to strike a right balance between (potentially) conflicting regulatory objectives.96

3.3

The Distinct Nature of Financial Innovation

Financial innovation entails several characteristics that distinguish it from innovation in other industries (especially the manufacturing industry) which also make it particularly difficult to regulate. The following list is not exhaustive but only outlines the most important distinguishing features.97

95 As described at p. 50ff. 96 On the regulatory objectives and potential conflicts between them, see above in

Chapter 2, Sect. 2.2. 97 A more comprehensive list including further references can e.g. be found Tamer Khraisha and Keren Arthur, ‘Can We Have a General Theory of Financial Innovation Processes? A Conceptual Review’ (2018) 4 Financial Innovation 1, 5ff.

4

AN INTRODUCTION TO FINANCIAL INNOVATION

89

First, the financial system is highly interconnected. This causes financial innovations to often be accompanied by a gossamer set of positive and (more importantly) negative externalities.98 In particular, innovation in the financial product market often operate through multi-layer networks giving rise to interdependencies and correlations.99 These for instance include interconnections through interbank loans, balance sheet holdings with other financial institutions, as well as by holding similar asset classes.100 Second, financial innovation is dynamic. In other words, innovation occurs at a very high pace and innovation cycles faster than in most industries. The reason underlying the dynamism of financial innovation as opposed to innovation around physical objects lies in the fact that financial innovation innovates around intangibles, which makes them, especially in our current digitalized and globalized world, much faster available on a large scale. More importantly, however, innovation in finance is characterized by weak or non-existing intellectual property rights.101 As a result, the diffusion rate of financial innovation is exceptionally high. Intuitively though, weak intellectual property rights would normally result in little innovation, as the innovator can only extract the rents of its innovation until someone imitates it. Given the intangible nature of financial innovation, this period is generally even rather short. However, in the financial market certain particularities lead to the opposite outcome. Namely, financial firms can gain significant profits by first-mover advantage.102 Being the first to introduce a product or service to the market, the innovator can acquire a larger market share than the adopter of the

98 See Lerner and Tufano (n 76) 45ff. 99 See Franklin Allen and Ana Babus, ‘Networks in Finance’ in Paul R Kleindorfer,

Yoram Wind and Robert E Gunther (eds), The Network Challenge: Strategy, Profit, and Risk in an Interlinked World (Wharton School Publishing 2009). 100 See also Khraisha and Arthur (n 97) 7 with further references. 101 See e.g. William Redmond, ‘Financial Innovation, Diffusion, and Instability’ (2013)

47 Journal of Economic Issues 525, 526; Luis E López and Edward B Roberts, ‘FirstMover Advantages in Regimes of Weak Appropriability: The Case of Financial Services Innovations’ (2002) 55 Journal of Business Research 997, 1003; or Awrey, ‘Complexity’ (n 31 in Chapter 3) 262. 102 See López and Roberts (n 101) or Ford (n 30 in Chapter 2) 160.

90

C. RUOF

innovation.103 In the context of financial product innovation, an empirical study by Peter Tufano showed that innovators do not profit from higher prices—even not in the short period of having a monopoly over the product—but make profits by capturing a larger share of underwritings for that innovation.104 Also, financial firms tend to artificially accelerate the pace of innovation,105 which is not at least due to the quickly dissipating benefits of financial innovations. To achieve product (or service) differentiation—not only vis-à-vis their competitors but also to own the previous generation of the product—they seek to put ‘something new’ on the market even if there is no genuine necessity (neither from demand side nor supply side).106 After the new product or service hits the market, a herding effect can develop: each additional firm chooses to adopt an innovation, and the pressure to follow suit increases among those firms that have not yet adopted it.107 Schumpeter described these behaviours as the swarming process, arguably occurring in the financial sector in a turbocharged fashion.108 A consequence of this dynamic is that products and service in the financial service constantly change their underlying structure, the way that they are marketed, and how they are used.109 Another characteristic of financial innovation, that yet also in parts underlies the accelerated pace of innovation is the absence of full marketbased control.110 As opposed to other industry sectors, in finance, it is sometimes difficult for the market to determine the quality of a 103 Peter Tufano, ‘Financial Innovation and First-Mover Advantages’ (1989) 25 Journal of Financial Economics 213. 104 Ibid. 105 The literature on this again stems primarily from financial product innovation. See

e.g. Henry TC Hu, ‘New Financial Products, the Modern Process of Financial Innovation, and the Puzzle of Shareholder Welfare’ (1991) 69 Texas Law Review 1273, 1275 or Awrey, ‘Complexity’ (n 31 in Chapter 3) 262. 106 This dynamic can cause what U.K. FSA Chairman Adair Turner has characterized as ‘socially useless’ over-innovation. See Phillip Inman, ‘Financial Services Authority Chairman Backs Tax on “socially Useless” Banks’ The Guardian (26 August 2009). 107 Phil Molyneux and Nidal Shamroukh, ‘Diffusion of Financial Innovations: The Case of Junk Bonds and Note Issuance Facilities’ (1996) 28 Journal of Money, Credit and Banking 502, 519. 108 Similarly, Ford, Innovation and the State (n 30 in Chapter 2) 160. 109 Tufano (n 103). 110 See in Chapter 2, Sect. 2. Also, FSA (n 91 in Chapter 2); Ford, Innovation and the State (n 30 in Chapter 2) 4.

4

AN INTRODUCTION TO FINANCIAL INNOVATION

91

product, even after purchasing it.111 Market discipline usually separates the ‘good’ from the ‘bad’ products and therefore also functions as a natural constraint to innovation activity. The incompleteness of that control further fuels the pace of innovation. 3.4

Drivers of Financial Innovation

When thinking about financial innovation, it is useful to take into consideration the factors that are driving it. This is particularly useful when thinking about innovations in a macro sense and not just on an individual micro basis. The common drivers of financial innovation can be put into the following three categories: (1) demand-driven innovation, (2) innovation-driven by supply conditions, and (3) regulation.112 3.4.1 Demand-Driven Innovation In the traditional understanding, financial innovation is driven by investor demand for certain services, products, or responds to demands for efficiency improvements by addressing market imperfections.113 Imperfections of the financial system performing its functions can be inherent part of the financial system for already a while or be products of more recent exogenous changes to the economic environment. They include, inter alia, incomplete markets, transaction costs, information asymmetries, or agency costs.114 These imperfections create demand for fixing—incentivizing financial players to create new services or products which promise to address these very imperfections, i.e. they start to innovate. In fact, some of the most prominent innovations in finance can be (inter alia) attributed to responding to market imperfections.115 For instance, the invention of the ATM was a response to the high costs associated with teller-assisted transactions. Likewise, credit cards and online banking dramatically lowered the costs of processing a transaction and by

111 Goods of these kinds are in economic terms called credence goods. See Armour and others (n 7 in Chapter 2) 57. 112 A similar categorisation is used by Mishkin (n 2 in Chapter 2) 458. 113 See above 88ff. 114 See Awrey, ‘Complexity’ (n 31 in Chapter 3) 261.with further references. 115 A comprehensive selection of examples can be found at Tufano (n 3) 315ff.

92

C. RUOF

that addressed imperfections in the form of transaction costs.116 Another popular example in the history of financial innovation that is attributed to a demand in the market are financial derivatives that emerged as a response to dramatic increase in volatility of interest rates that occurred especially in the 1970s and ’80s.117 As a high fluctuation in interest rates lead to great uncertainty about returns on investments, there was an increasing demand in the market for financial products and services that could lower the interest-rate risk. This ultimately led to the creation of, inter alia, financial derivatives, enabling investors the hedge that exact risk.118 3.4.2 Supply-Driven Innovation While this common view of innovation is important, it paints a fundamentally incomplete picture. It ignores incentives and changes in conditions on the supply side as well as leaves out the regulator as an important factor in the market (which is the topic of the subsequent paragraph). Perhaps the most important source of change on the supply side that stimulates financial innovation has been advancements in information technology (IT).119 The interlinkage of finance and IT has a long history, of which fintech can be seen as the current manifestation. The importance of information technology for the financial sector is indicated by the fact that the financial industry has been the largest purchaser of IT since the mid-’90s.120 Whereas until the end of the 1980s, it was mostly advances in telecommunications technology that was utilized to improve processes in transactions, afterwards the digitalization had

116 By one estimate already from 2000, while the teller-based transaction costs over 1$, the same transaction executed over the internet would cost only about 0.01$. See Simon Long, ‘A Survey of Online Finance’ (The Economist 2000) 355, 20. 117 It has to be noted that financial innovation is no monocausal phenomenon, but in almost all cases a product of different factors. Also, these factors do usually not come from a single category (e.g. demand side), but are a mix of different drivers. 118 See Hu, ‘Misunderstood Derivatives’ (n 32 in Chapter 3). Also, James C Van Horne, ‘Of Financial Innovations and Excesses’ (1985) 40 Journal of Finance 621. 119 See Mishkin (n 2 in Chapter 2) 459. 120 Oliver Wyman, ‘Managing Complexity—The State of the Financial Services Industry

2015’ (2015) 5.

4

AN INTRODUCTION TO FINANCIAL INNOVATION

93

a major transformative effect on the world of finance.121 In fact, most financial innovation is based on some form of technological advancement. Looking at the innovations that were attributed to demand in the market, it becomes clear that for all of them preceding technological advancements were the basis.122 This shows once more that financial innovations are not monocausal, but a product of multiple factors.123 Advancements in IT hereby regularly plays the role of a ‘facilitator’, making addressing a market imperfection possible in the first place. At the same time, it is a driver of efficiency gains making the provision of many services cheaper and available on a much broader scale. Certainly, globalization, being also to a large extent attributable to technological advancement plays a major role in those developments as well. Furthermore, aside from the above-acknowledged incentive of financial institutions to innovate in response to market demand, some scholars additionally identify supply-side incentives to design new products or services.124 For example, Dan Awrey suggests that financial institutions have an incentive to artificially accelerate their innovation process to distinguish their products from those of their competitors as well as their own prior products.125 A reason for this is the lack of IP rights that makes it difficult to capitalize on one innovation for a longer time.126 These innovations do not necessarily offer something new or respond to particular market demand, but rather are intended to create greater rents for the institutions.127 Another incentive can be to (again) keep up the pace of innovation in order to embrace complexity.128 That is because a high level of opaqueness in their products or services can provide them 121 For a more comprehensive description of the history of finance and technology, see Arner, Barberis, and Buckley (n 60) 1276ff. 122 More examples can be found at Mishkin (n 2 in Chapter 2) 459ff. 123 William L Silber, ‘The Process of Financial Innovation’ (1983) 73 American

Economic Review 89, 91 provides a table that shows what forces were influential for which specific financial innovation that occurred between 1970 and 1982. 124 Awrey, ‘Complexity’ (n 31 in Chapter 3) 263f. 125 See, e.g., Hu, ‘New Financial Products, the Modern Process of Financial Innovation,

and the Puzzle of Shareholder Welfare’ (n 105) 1275. 126 On the lack of IP rights, see above at p. 86f. 127 On why these kinds of innovation extract profit, despite the lack of genuine market

demand, see, e.g., Awrey, ‘Complexity’ (n 31 in Chapter 3) 264 or Van Horne (n 118). 128 Awrey, ‘Complexity’ (n 31 in Chapter 3) 264f. who is also looking for explanation,

94

C. RUOF

an informational advantage over consumers, but also importantly vis-àvis regulators.129 This type of behaviour hence produces a variant of complexity that does not exist for the provider of the service but is solely made to artificially increase the information cost for other parties. For financial institutions, this might for instance appear especially attractive, as it can help them to promote their ‘too big to fail’ argument.130 For the equation given above, this would imply the following (with Ca standing for artificially created complexity): Equation 1: Information gap (IG) between the regulator (R) and the market (M) showing how artificially created complexity (Ca) plays into Eq. 4 in Chapter 3 and adds to the information gap. I G(R, M) = I cost(Com(C1 + C2 + C3 + · · · + Cn) (I pc(M) + Ca) +I ocst(x)) × I pc(R) 3.4.3 Regulation as a Driver for Financial Innovation The third and last major driver of financial innovation is regulation. In Sect. 2.2 of this chapter, it has already been shown that regulation and innovation can influence each other in many ways. This dynamic is particularly prevalent in the financial sector. As the financial industry is much more heavily regulated than most other industries, its impact on innovation is correspondingly large, and the ways in which it takes place are numerous. First, and most prominently, financial institutions innovate in order to avoid regulation that restricts their ability to earn profits. This notion of regulatory arbitrage in the financial sector is also being described as ‘loophole mining’, one phase of the regulatory dialectic.131 The level of why this is a business models that sustains especially with a view to not leading in a ‘market for lemons’-like market failure. 129 Ibid. 265. 130 In the sense that due to the high level of complexity and their informational advan-

tage, they could overstate their systemic importance (in particular in the form of their interconnectedness) and correspondingly the consequences in the case of their failure. 131 Edward Kane was the first to coin that term in Edward J Kane, ‘Accelerating Inflation, Technological Innovation, and the Decreasing Effectiveness of Banking Regulation’ (1981) 36 The Journal of Finance 355.

4

AN INTRODUCTION TO FINANCIAL INNOVATION

95

incentive to engage in that kind of activity is a product of the level of regulation and the corresponding costs imposed on the regulated firm, the credibility of enforcement of that regulation and, finally, of the speed of ‘catching up’ by the regulator, i.e. in which it introduces new regulation that closes the loophole. The dialectic game in financial regulation is well exemplified by the change from Basel I capital requirements to Basel II.132 Basel I was introduced in 1998 and set out quite straightforward capital requirements for banks according to what types of assets they hold.133 However, while quite straightforward, those requirements turned out to be relatively easy to game and circumvent. One reason was that it heavily relied on broad categories, assigning the same risk to a certain type of asset. At the same time, it failed to account for variations within and between those categories. However, soon thereafter the incentives for regulatory arbitrage presented by the Basel I framework were widely recognized. As a response, Basel II tried to address those shortcomings by shifting towards a more principles-based approach for calculating risk and the corresponding capital requirements. Trying to reduce the incentive for regulatory arbitrage, the framework now aimed at incorporating the creativity of the regulated firms in a fruitful way, i.e. aimed at incentivizing creative compliance in its positive form. However, Basel II also failed, mainly caused by regulators relying too much on the compliance techniques presented by the industry without properly controlling or questioning them.134 Ultimately, this led to the build-up of excessive risk, which in the end contributed to the excessive build-up of risk that led to the GFC. There are numerous other examples of how regulation triggered innovation intended to circumvent that very piece of regulation, followed by regulatory responses.135 Staying on top of this game is by far not an easy task for regulators, especially given the typical resource asymmetry

132 The Basel Accords are the banking supervision Accords (recommendations on banking regulations) issued by the BCBS. Capital adequacy requirements—including those under Basel—belong in the category of prudential regulation. They prescribe, inter alia, that banks and certain other classes of financial institution maintain a specified ratio of capital to risk-weighted assets. 133 BCBS, ‘History of the Basel Committee’ (n 118 in Chapter 2). 134 E.g. Cristie L Ford, ‘New Governance in the Teeth of Human Frailty: Lessons from

Financial Regulation’ (2010) 2010 Wisconsin Law Review 441, 455ff. 135 In the context of the USA, see for example Mishkin (n 2 in Chapter 2) 465.

96

C. RUOF

between regulators and the industry.136 Moreover, regulators often face significant constraints in their ability to respond to innovation/arbitrage products given the often complex institutional structure in several jurisdictions.137 One side effect of the ongoing dialectic game though is that it often results in an unending cycle of increasing complexity by steadily increasing the total amount of rules and regulations.138 However, as mentioned above, regulation can also trigger innovation that is not intended to circumvent the respective regulation, but rather a result of a change in market dynamics caused by the new regulation.139 This effect happens in a much more indirect way and is therefore often hard to predict. In contrast to regulatory arbitrage, these effects are not a result of attempts to avoid regulation, but rather to comply with it. For instance, to comply with prudential requirements, the regulated entity needs to hold a certain amount of assets, which are classified as safe.140 This fuels demand for that type of assets, potentially to a degree outstripping the supply, stimulating the creation of new (supposedly) safe assets.141 A 2014 SEC memorandum in fact saw the prudential requirements as a notable source of the pre-crisis demand for AAA-rated assets, contributing to excessive creation of (seemingly safe) CDS and MBS.142 Ultimately, all the above factors play a role in the process of financial innovation. It is however not possible (neither necessary for this study) to

136 See above at p. 53ff. 137 That is in particular true for the USA and the EU. 138 See also Kane, ‘Accelerating Inflation, Technological Innovation, and the Decreasing

Effectiveness of Banking Regulation’ (n 131) 363. 139 See Niamh Moloney, ‘Financial Services and Markets’ in Robert Baldwin, Martin Cave and Martin Lodge (eds), The Oxford Handbook of Regulation (Oxford University Press 2010) 445f. providing further examples. 140 However, empirical data on this dynamic is mixed. See e.g. a study by Jagtiani and others, failing to find evidence that changes in capital requirements consistently affected the speed of adoption of certain innovations that the theory might predict, e.g. certain types of off-balance sheet products. See Julapa Jagtiani, Anthony Saunders and Gregory Udell, ‘The Effect of Bank Capital Requirements on Bank Off-Balance Sheet Financial Innovations’ (1995) 19 The Role of Capital in Financial Institutions 647. 141 Kathryn Judge, ‘Investor-Driven Financial Innovation’, (2018) 8 Harvard Business Law Review 291. 142 SEC Division of Economic and Risk Analysis, ‘Demand and Supply of Safe Assets in the Economy’ (2014), https://www.sec.gov/dera/staff-papers/economic-analyses/dem and-supply-safe-assets-2014.pdf.

4

AN INTRODUCTION TO FINANCIAL INNOVATION

97

tell which driver was the strongest, and what others contributed to what degree. Most likely, the majority of innovations in the financial sector were shaped by a combination of all three drivers.143 In Chapter 5, we will see how fintech representing the current innovation cycle fits into this framework allowing for a better understanding of the phenomenon, which is necessary to construct a proper regulatory framework. 3.5

Assessing Financial Innovation: Implications so Far

Having gained an overview of both, the phenomenon of financial innovation and the particularities and limitations of financial regulation, this part will now connect these two elements. The goal is to identify implications for financial regulation and what the dynamics in financial innovation mean for the design of a sound regulatory framework. Hereby, I will set in context the dynamics that have been outlined in the previous subsection to the particularities of financial regulation as set out in Chapter 2, Sect. 2. As will be shown, the dynamics of financial innovation strongly exacerbate the inherent challenges of regulation and financial regulation in particular. When connecting the particularities of innovation in the financial sector to the common issues in financial regulation, two main implications can be ascertained. The first concerns the information deficit, especially the task of collecting information, which is significantly complicated by the idiosyncratic features of financial innovation. The second one affects the process of translating information into effective regulation that influences the behaviour of market participants in the desired direction—in which the dynamics and pace of financial innovation, as well as regulatory dialectic, create significant tensions frictions. 3.5.1 Innovation and the Information Deficit Reliable information is one key element of regulation that builds the basis of an effective regulatory framework. The special features of financial innovation that have been identified in this part have several implications

143 See also Tufano (n 3) 322ff., also providing some examples.

98

C. RUOF

for these tasks, ultimately exacerbating the information deficit and laying the ground for regulatory mismatch. First, innovation presents an inherent informational lag on the side of the regulator. When something new is introduced to the market, regulators naturally lack information about that phenomenon.144 That means the existence of financial innovation implies an inherent information asymmetry between the private sector (from where the innovation emerged) and the regulator. At the same time, they are faced with the question on if and how to regulate the innovation, which creates a ‘chicken-and-egg’ problem as information necessary to answer this question is to a large extent collected by performing day-to-day supervision and microprudential regulation (hence after the question had been answered). Further, gathering information to close that inherent gap is not a straightforward task. First, financial innovation is one, if not the main driver, of complexity, making this task highly costly. Second, possible sources of information from each are associated with certain problems. Relying solely on the private sector can e.g. raise problems of regulatory capture145 and brings framing risks in the presentation and selection of information. Relying on the internal intelligence of regulators when assessing new services or products on the other hand regularly takes a lot of time and is very resource-intensive. Ultimately, drawing on findings from academia is also not a timely regulatory measure.146 This problem is exacerbated by the high pace of financial innovation. As shown above, financial institutions have an incentive to continuously come up with something new in order to capture profits. A ‘new’ product or service however do not always constitute something truly novel.147 Rather, it can be something well-known hidden under a new cloak. The product/ service can for instance just be a minor technical improvement to an existing one or designed for regulatory arbitrage, i.e. presented as something ‘new’ (requiring lighter regulatory treatment or not falling into the regulatory framework at all), while entailing the exact same characteristics as its predecessor. Identifying that is not an easy task for regulators. Worse still, as some commentators argue, financial institutions deliberately

144 See also Moses (n 46) 7. 145 See above at p. 65f. 146 Hu, ‘Misunderstood Derivatives’ (n 32 in Chapter 3). 147 See above at p. 79ff.

4

AN INTRODUCTION TO FINANCIAL INNOVATION

99

over-complexify their innovations to exploit their informational advantage vis-à-vis regulators and customers.148 Furthermore, the increasing use of information technology puts regulators to the task of also developing sufficient technological expertise and manpower, of which there is typically plenty working in various financial institutions. This increasing significance of tech149 drives the asymmetry in information processing capacity and ultimately feeds into the information gap between regulators and financial institutions. With the overall complexity increasing in the financial market, so does the amount of pertinent information not known to any party (i.e. unknown information). For example, in the wake of the GFC, it has been widely acknowledged that even the most sophisticated parties failed to grasp all nuances of certain new instruments that were introduced in the market.150 The information deficit is once again exacerbated by the phenomenon of regulatory dialectic. As regulators are not just observers of the system but also participants, in their attempts to regulate they alter the behaviour of those who they seek to control. At the same time, they often possess imperfect knowledge of the endogenous consequences of their actions. As a consequence of that, the two objectives of regulators— to understand the behaviour of market participants, and to alter it in a certain direction—can stand in conflict with each other.151 This enhances the dynamic of the financial market, makes it less predictable, increases its complexity, and drives up information costs. Moreover, the thicket of rules that is created by the constant regulation and re-regulation leads to a structural complexity for both market participants (seeking to comply with regulation) and regulators (seeking to coordinate their activities) that ultimately results in additional information cost.152 Not least, this

148 Awrey, ‘Complexity’ (n 31 in Chapter 3) 264ff.; Saule Omarova calls this phenomenon ‘Strategic Complexity’. See Saule T Omarova, ‘License to Deal: Mandatory Approval of Complex Financial Products’ (2012) 90 Washington University Law Review 72ff. 149 How this trend behaves under fintech, see below at p. 169ff. 150 For example, there is evidence that several financial institutions did relatively little

due diligence about assets that they placed into CDO’s and failed to fully appreciate their unique structure. See Awrey, ‘Complexity’ (n 31 in Chapter 3) 250f. or Judge, ‘Investor-Driven Financial Innovation’, (n 141) 332. 151 See also George Soros, The Alchemy of Finance (J Wiley 2003) 2f. 152 See Awrey, ‘Complexity’ (n 31 in Chapter 3) 256.

100

C. RUOF

thicket (with its high compliance costs and inevitable gaps) further raises incentives for regulatory arbitrage. When it comes to ‘genuine’ innovation,153 those new products or services are not rarely shrouded in Knightian uncertainty and are therefore particularly challenging for regulators, as regulators as well as market participants simply lack any evidence or experience with the new product or service.154 Ultimately, the complexity induced by unique characteristics of financial innovation and regulatory dialectic exacerbates the information deficit of regulators in all three of its elements. That puts regulators to a highly difficult task: While the private sector is constantly innovating and thereby increasing the overall amount of information in the market, regulators lag behind trying to grasp the latest phenomenon. In doing so, they not only need to gather information that is with private firms (which itself raises certain problems, e.g. framing or deliberate complexification) but are also faced with ‘real’ uncertainty due to information not available to any party or even not (yet) available at all. At the same time, their interference in the market alters the behaviour of the very parties they seek to regulate and understand, again hampering the intelligibility of the system. 3.5.2 Regulating in the Face of Financial Innovation Another one of the three fundamental requirements of regulation according to Hood and an essential part of effectively making new information fruitful is the ability to modify the behaviour of regulated actors in a desirable direction.155 It primarily concerns the creation of the right incentives and ensuring that the original purpose of the regulation is effectively met. At this stage, the regulator has to ensure that in the process of applying and enforcing legal standards, the outcome thereof is in line with the purpose of the regulation. These parts of the regulatory process, both concerning the effective translation of information into regulation, are challenged by the above-described dynamics of innovation in various ways.

153 In the taxonomies introduced above, these are mostly captured by ‘radical innovation’ (see above at p. 83f.). 154 See also Hillary Allen, ‘Driverless Finance’ (2020) 10 Harvard Business Law Review 157, 195f. and Ford, Innovation and the State (n 30 in Chapter 2) 180. 155 See p. 26f.

4

AN INTRODUCTION TO FINANCIAL INNOVATION

101

As described above, the financial system is an extremely dynamic environment with fast innovation cycles. This speed accelerates the pacing problem and can render regulation outdated in a similarly quick fashion— increasing the pressure on the regulator to continuously introduce new regulations. Depending on the chosen style and architecture of regulation,156 this has the potential to overwhelm the regulatory process. When failing to respond to innovation with (new) regulation, as a result, static rules can become deregulatory in effect.157 This happens as the system constantly evolves, yielding new products and services or even changing fundamental structures, while the regulatory framework is still ‘wrapped’ around an old environment, which is ceasing to exist. Hence, over time (but recurrently), financial innovation will erode or circumvent whatever new structure regulators erect if the framework is not adapting to the new environment and innovation will take place mostly off the regulators’ radar. Thus, seeking to regulate innovation with a static, i.e. not changing framework, in effect equals the attempt to paper over a moving object and therefore cannot be the solution. Meanwhile, introducing new regulations also entails difficulties. First and foremost, regulators have to take into account the regulatory dialectic. Innovation runs down avenues of opportunity which makes its future path particularly hard to predict. Innovation reacts to changes in regulation and—given the incentive for arbitrage is strong enough—will seek new ways around, under and over it. Adding to this is that innovation not only seeks to game rules but also reacts to regulation in more indirect ways.158 Regulatory intervention can be far more transformative than initially expected and cause new forms of risks. Understanding those side effects when writing regulation is of high importance, but far from straightforward. Put in terms of cost–benefit analysis,159 it complicates

156 See above in Chapter 2, Sect. 2.2.4. 157 See also Judge, ‘Regulation and Deregulation: The Baseline Challenge’ (n 38) 104f. 158 See above at p. 73ff. 159 The topic of cost–benefit analysis (CBA) is being highly disputed in the field of financial regulation. However, here it is not necessarily referring to an explicit CBA. Rather, it can also be done implicitly, which certainly is part of every regulator’s process when designing a new rule. On the issues of CBA in finance, see e.g. Eric Posner and Glen E Weyl, ‘Benefit–Cost Analysis for Financial Regulation’ (2013) 103 American Economic Review 393; Jeffrey N Gordon, ‘The Empty Call for Benefit–Cost Analysis in Financial Regulation’ (2014) 43 The Journal of Legal Studies S351.

102

C. RUOF

both, the calculation of the cost as well as the benefit side. Benefits are for instance harder to estimate, as it might not be clear how long it will take the private sector to circumvent the rule. Also, regulation should be designed to be sustainable and not only capture a brief moment in the innovation cycle, which given the pace and complexity is hard to assess. On the cost side, inter alia potential unintended side effects or structural implications render an appropriate estimate increasingly difficult. Similarly, it needs to be considered how the regulation itself feeds into complexity, e.g. in terms of its interplay with existing regulation or simply by adding to the size of the rulebook. Hence, regulation itself generates information in the market that needs to be collected and processed (see Fig. 1). At the same time, regulators face the trade-off of wanting to make an informed and appropriate intervention, while on the other hand avoiding letting innovation evolve in the unregulated sphere for too long because they have not reached the desired level of informedness yet. In this unregulated phase, risks for consumer and the financial system can uncontrollably grow. Moreover, the longer this phase exists, the greater the incentives for market participants to engage in regulatory arbitrage.160 3.5.3 Implications for Regulatory Objectives But what do these observations ultimately mean for the regulator in fulfilling its mandate? First, as mentioned before, information is by far the utmost important resource for the construction of regulation. The less regulators are informed about the sector, the higher the risk for regulatory failure. As shown above in Chapter 3, Sect. 1.2), innovation is a main contributor to the information deficit, rendering it a threat to the goals of regulation generally. The special dynamics in the financial system exacerbate this problem and hence make effective regulation a particularly challenging task. At the same time, the pace and incentive structure of financial innovation and existing regulatory structures lay the basis for a ‘regulatory lag’, further impeding the task of the regulator. Against this backdrop, while financial innovation certainly brings great prospects for economic growth and improving the financial system, it can be a key contributor to regulatory mismatch and ultimately a threat to the objectives of financial regulation.

160 As explained above at p. 91f.

4

AN INTRODUCTION TO FINANCIAL INNOVATION

103

Fig. 1 Information cycle in the regulatory process (Source Author)

Moreover, a growing pool of unknown information can lead to market dysfunctions. As long as there is sufficient confidence in the market, a general lack of understanding might not be harmful, but when things start to crumble, this absence of understanding fuels panic and has the potential to significantly exacerbate crises.161 In sum, not grasping the risks of innovative products or services and making uninformed or (due to lack of information) no regulatory action significantly decreases regulators ability to meet their objectives of protecting consumers and investors from harm as well as ensuring financial stability. Also, regulators could overestimate or completely misinterpret risks, which would result in over-regulation, imposing useless costs on firms and encouraging arbitrage activity. The process of correcting those rules costs resources, which are desperately needed for keeping up with newer developments in the market. While the tendency of having (many, but)

161 This exact situation occurred in the wake of the GFC, when the value of CDOs and MBS were started to be put in question. Judge, ‘Investor-Driven Financial Innovation’, (n 141) 332; or more generally on this, Ricardo J Caballero and Alp Simsek, ‘Fire Sales in a Model of Complexity’ (2013) 68 The Journal of Finance 2549, 2550.

104

C. RUOF

improper rules in place encourages regulatory arbitrage, i.e. socially useless innovation,162 it also stifles other (positive) innovative activity. That is because the combination of an uninformed regulator and the dynamics of regulatory dialectic is likely to result in an opaque, inefficient, and unproportionate regulatory framework that is highly unfriendly for new innovative players. This means it also impedes regulators from fulfilling their objective of market functioning and ensuring (good) competition. Ultimately, when not being managed well, financial innovation can cause ‘regulatory instability’.163 That means when not constantly gathering and incorporating new information, the regulatory status quo cannot sustain and erodes. With time, innovation will (deliberately or not) run through the cracks in the framework and partly migrate to an area outside the regulator’s radar. Under such conditions, the regulator is in an increasingly bad position to be able to properly fulfil its regulatory objectives. A main take-away here is to view financial innovation as a key challenge to regulation, one that calls for an informed and considered response. It seems plausible that the specific characteristics of financial innovation, i.e. inter alia its intangible nature, its speed, complexity, and the shapeshifting possibilities inherent in innovation around them, make it more of a challenge for financial regulation than innovation is to regulation in other fields. If the regulatory framework is not explicitly geared towards those challenges, it is likely to fall back, which in the end has negative implications on all regulatory objectives. In sum, across sectors fintech firms promise to deliver financial services at lower cost, and in a more convenient and efficient way. For that purpose, they apply state of the art (information) technology and advance the digital transformation of the financial sector. Yet, from a functional perspective, they do not change the fundamental nature of the product or service, but often only superficial elements. Instead, their economic functions resemble relatively closely that of their (non-digital) predecessors. 162 Socially useless in a sense that it does not respond to a demand in the market but is just devoted to the purpose of escaping regulation. Also, while escaping ‘improper’ rules, it might at the same time circumvent appropriate rules, which means that actual risks would be unregulated. 163 Gerding (n 77 in Chapter 3).

CHAPTER 5

Fintech—What’s New About It (and What Isn’t)?

Having outlined the general characteristics of financial innovation as they have taken shape throughout the recent decades, this chapter turns to the main subject of this study, zooming in on the phenomenon of fintech. After an examination of the term ‘fintech’, in order to explain why fintech is happening and why it is happening now, this chapter continues by applying the framework for the drivers of financial innovation as laid out in Chapter 4 to the phenomenon of fintech. This is followed by a sectoral analysis of fintech activity, shedding light on some of the most relevant new business models. In sum, across sectors fintech firms promise to deliver financial services at lower cost, and in a more convenient and efficient way. For that purpose, they apply state of the art (information) technology and advance the digital transformation of the financial sector by substituting human intermediation with a computer-based one. Yet, from a functional perspective, they do not change the fundamental nature of the product or service. Instead, their economic functions resemble relatively closely that of their (non-digital) predecessors. Subsequently, this chapter will continue with identifying certain characteristics which are in fact novel and distinguish fintech from prior eras of innovation. The most important of these are the new and diverse set of players active in the market as well as the new pace of innovation.

© The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 C. Ruof, Regulating Financial Innovation, EBI Studies in Banking and Capital Markets Law, https://doi.org/10.1007/978-3-031-32971-5_5

105

106

C. RUOF

As opposed to previous era, in which big financial institutions dominated the market (and were also the prominent source of innovation), the current market under fintech is more fragmented with a much of the innovation activity coming from smaller players and new digital competitors, but also marked by the entry of giants from other industry sectors. Another important difference in the era of fintech presents the pace of innovation. While the financial sector has always been marked by fast innovation cycles as well as high diffusion rates of innovations for quite some time and has continuously followed an upward trajectory, the pace under fintech appears to be significantly more elevated than before. The goal of this chapter is to support a clearer understanding of fintech and will also lay the ground for understanding the broader (structural) shifts that are associated with fintech, which will be examined in Chapter 6.

1

The Term Fintech and What Is Captured by It

The term ‘fintech’ is an acronym, which originates from the words ‘financial’ and ‘technology’ and describes, in general, the recent connection of information technology with financial services.1 While its current meaning is associated with developments that have been emerging after the GFC, the roots of the term ‘fintech’ date back as far as the early 1990s and the so-called Financial Services Technology Consortium, a project initiated by Citigroup to facilitate technological cooperation efforts.2 It was not before around 2010, however, when fintech gained increasing attention and metamorphosed into a ‘hot topic’ in finance. In the general press, it gained popularity through being portrayed as a source of disruptive challengers to established banks or even the financial system more broadly as in the case of cryptocurrencies. At the same time, fintech also attracted

1 E.g. Jelena Madir, ‘Introduction—What Is Fintech?’ in Jelena Madir (ed), Fintech: Law and Regulation (2nd edn, Edward Elgar Publishing Limited 2021) 1f. 2 So according to Marc Hochstein, ‘Fintech (the Word, That Is) Evolves’ (American Banker, 5 October 2015), https://www.americanbanker.com/opinion/fintech-the-wordthat-is-evolves.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

107

significant attention from the scholarly as well as regulatory community, producing countless academic articles and reports by regulators.3 In particular during its beginnings, fintech was heralded as a revolution— a disrupter of the financial sector and its incumbents—whose reputation was still in shambles due to the GFC. Fintech (as per its current definition) is a relatively young phenomenon explaining the ambiguity when it comes to the concrete substance of the term and that of other terminology used within the fintech space.4 For this study, I adopt the working definition for fintech that was first used by the Financial Stability Board (FSB) and subsequently adopted by inter alia the BCBS and the EBA.5 According to the FSB, fintech is ‘technology-enabled financial innovation that could result in new business models, applications, processes or products with an associated material effect on financial markets and institutions and the provision of financial services’.6 ‘Fintech firms’ is used here to describe firms whose business model focuses on these innovations. This includes both, firms offering innovative services to consumers as well as those enabling other providers to do so.7 This definition of fintech is chosen for several reasons.8 First and foremost, it is open and dynamic. For this study, ‘fintech’ is not used to describe a definite set of applications or services in the financial sector.

3 For an overview of scholarly contribution, see previous footnotes. Regulatory reports are issued by national regulators (such as the UK FCA, the EU EBA, or the French AMF), but importantly also from high-level institutions, such as the FSB, BIS, or the World Bank. 4 Liudmila Zavolokina, Mateusz Dolata, and Gerhard Schwabe, ‘FinTech—What’s in a Name?’ (2016) provide an overview on how differently the term ‘fintech’ is used by various authors and institutions. See also Johannes Ehrentraud and others, ‘Policy Responses to Fintech: A Cross-Country Overview’ (BIS 2020) 6. 5 See Ehrentraud and others (n 4) 6; EBA, ‘The EBA’s Fintech Roadmap’ (2018) 9. 6 FSB, ‘Financial Stability Implications from FinTech: Supervisory and Regulatory Issues

That Merit Authorities’ Attention’ (FSB, 2017). 7 Erik Feyen and others, ‘Fintech and the Digital Transformation of Financial Services: Implications for Market Structure and Public Policy’ (BIS Monetary and Economic Department 2021) vi. 8 It is worth noting that there is an ongoing discussion about the necessity and feasibility of a common definition of fintech. About the concerns around that discussion, see for example Basel Committee on Banking Supervision, ‘Sound Practices—Implications of Fintech Developments for Banks and Bank Supervisors’ (BIS 2018) 8f.

108

C. RUOF

Fig. 1 Fintech as the current episode in the trajectory financial innovation (Source Author)

Rather, it is supposed to capture the substance of a phenomenon that depicts a current episode in the trajectory of financial innovation (see Fig. 1).9 This specific episode is associated with certain characteristics, developments, and changes in the financial environment that come with corresponding implications for regulators. One motivation of this study is to identify and analyse the changes and characteristics associated with the fintech episode, which have the potentially largest impact on the information deficit making them therefore particularly relevant for regulators. This however also means the changes brought by and characteristics of fintech described here are not conclusive. This means there may be aspects of fintech that are neglected in this study—not because they are not part of the phenomenon, but because they are less relevant for the purpose of this study. The definition of fintech as used here is also not supposed to be used as a legal definition or terminus technicus, as this is outside the purpose of this study.10 A closer look at the definition reveals that it consists of two main elements, that is, (1) there has to be a technology-based innovation11 9 Notably, beside fintech, there are also other manifestations of current financial innovation, such as in the financial products market. These are however out of the scope of this book. 10 For legal purposes, defining would also not be useful due to its very broad nature. This however does not preclude the need for defining certain products or services in order to design respective regulation. 11 The part ‘[…] that could result in new business models, applications, processes or products […]’ is in my opinion redundant, as the term ‘innovation’, as explained above, already contains this.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

109

which (2) has the potential of a material effect on the financial landscape. This shows that the definition gravitates around the term ‘innovation’, which is (itself) a dynamic one. At the moment, innovations running under the notion of ‘fintech’ are often categorized according to the economic function they serve, which is helpful as it shifts the focus away from the specific service provider towards the activity it conducts. These categories (at the moment12 ) commonly encompass (1) payments, clearing, and settlement; (2) deposits, lending, and capital raising; (3) insurance; (4) investment management; and (5) market support.13 The second element of the definition on the other hand focuses on the (presumable) effect caused by the firms that perform these functions, which is one of the most important questions when it comes to assessing a regulatory response. A functional and effect-based approach of fintech is also desirable in terms of neutrality. Just as in the case of financial innovation generally, there is a remarkably positive narrative around the notion of fintech. Often, the so-called fintech revolution is embraced as a win–win situation which does not involve any hard policy choices or trade-offs.14 This view often comes with a relatively narrow perspective of the phenomenon—typically only looking at it from a transactional perspective while neglecting the (potential) accompanied changes on a macro level.15

2

Fintech Drivers

This part will apply the framework of drivers of financial innovation as laid out in Chapter 4 on fintech. Accordingly, it will differentiate between supply-side drivers, demand-side drivers, and regulation as a driver. 12 It is again worth emphasizing that this typology can evolve over time. 13 This builds on the categorization from World Economic, see World Economic

Forum, ‘The Future of Financial Services How Disruptive Innovations Are Reshaping the Way Financial Services Are Structured, Provisioned and Consumed’ (WEF, 2015). The same categories are also used by the FSB, see FSB (n 6) 8 and BIS, see Basel Committee on Banking Supervision (n 4). Later, it has also been adopted by European authorities, EBA, ‘Discussion Paper on the EBA’s Approach to Financial Technology (FinTech)’ (EBA 2017) EBA/DP/2017/02. Once again, this is only one possible categorization, which is not supposed to limit the substance of the definition of fintech as used here. 14 See also Saule T Omarova, ‘New Tech v. New Deal: Fintech as a Systemic Phenomenon’ (2019) 36 Yale Journal on Regulation 735. 15 See also Omarova, New Tech vs New Deal (n 14) p. 745.

110

C. RUOF

2.1

Supply-Side Drivers of Fintech

When considering supply-side drivers16 of fintech innovations, the first and most obvious thing that comes to most people’s minds is certainly technology, as implied by the term itself. As already stated above, the interlinkage between technology and finance has a long history, one that certainly will not end with fintech, but rather continues to be written in the future. In the context of fintech, there are certain key technologies that empower most of those innovations that fall under this term.17 Those key technologies can be summarized under the ‘ABCD framework’ (acronym for AI, Big Data, Cloud services, and DLT), at least one of which was underpinning the prevalent fintech innovation in the sectors described above.18 Just like fintech itself, these technologies are evolving at a rapid pace, providing fertile ground for ever more innovations building on them. Underlying those technologies in turn are broader advancements that enabled or empowered a large share of modern innovation across sectors. Primarily, these are (1) dramatic improvements in computing power and (2) new forms of communication and improvements in connectivity.19 First, changes in the hardware industry, as reflected for example in advances in core computing and data storage capacity, represent a sea change in capabilities and lay the basis for most relevant innovations in the financial sector. Regarding the latter, especially the proliferation of mobile devices and other internet-connected devices play a key role in the business model of most fintech innovations.20 They also reduce the need

16 It is worth noting that the following description of drivers is written from a more European/US-centric perspective. There can be other drivers at work in other jurisdictions, especially in Asia or Africa. For instance, with respect to China, see Xiuping Hua and Yiping Huang, ‘Understanding China’s Fintech Sector: Development, Impacts and Risks’ (2021) 27 The European Journal of Finance 321. 17 The main ones of which are described in this chapter. 18 See Dirk A Zetzsche, Douglas W Arner and Ross P Buckley, ‘Decentralized Finance’

(2020) 6 Journal of Financial Regulation 172, 179f. 19 See also U.S. Department of the Treasury, ‘A Financial System That Creates Economic Opportunities Nonbank Financials, Fintech, and Innovation’ (2018) Report to President Donald J Trump 53f. or FSB, ‘Financial Stability Implications from FinTech’ (n 6) 6. 20 See, e.g., Feyen and others (n 7) 5. Graph 1 showing the correlation between worldwide mobile subscriptions and the number of registered mobile money accounts.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

111

for physical branches and allow smaller players and companies from other sectors to offer financial services. The COVID-19 pandemic has given a substantial push to these developments, significantly accelerating the digital transformation across sectors and industries. The key technologies in the era of fintech, also referred to as ‘enabling technologies’, are represented by the ABCD framework.21 However, they do not only underlie a large share of fintech innovations but play a much larger role in shaping the financial sector environment of today. In combination, they set out the condition for an ecosystem, where information and data can be created, transferred, and processed at an unprecedented speed and magnitude. Another supply-side factor that contributed to the development and adoption of fintech applications were the macroeconomic conditions in the last decade.22 First and foremost, the low interest rate environment put downward pressure on profits of financial firms and increased incentives of existing financial firms to cut costs as well as for new market entrants to experiment with innovative business models that promise higher margins. In the same vein, fintech adoption has been greater in countries, where financial services are relatively expensive,23 or where there is little competition among providers.24 These circumstances provide fertile soil for innovative fintech solutions to address inefficiencies in the market with the help of novel technologies and without the burden of a legacy business architecture. For example, blockchain companies attempt to offer cost-cutting solutions that will speed clearing and settlement, and online marketplace lenders have streamlined traditional

21 E.g. Ehrentraud and others (n 4) 9f. 22 See also John Schindler, ‘FinTech and Financial Innovation: Drivers and Depth’

(Board of Governors of the Federal Reserve System 2017) 11f. 23 Jon Frost, ‘The Economic Forces Driving Fintech Adoption across Countries’ (BIS Monetary and Economic Department 2020) 6f. 24 This arguably is true for the USA as well as most European countries. See for example Guillaume Bazot, ‘Financial Consumption and the Cost of Finance: Measuring Financial Efficiency in Europe (1950–2007)’ (2018) 16 Journal of the European Economic Association 123 who shows that the European largest countries’ unit costs globally increase (Germany and the UK) or stagnate (France). Philippon discusses the relatively high and stable ‘unit cost’ of finance in the USA over time, and the potential of fintech to provide greater efficiency. Thomas Philippon, ‘The FinTech Opportunity’ (National Bureau of Economic Research 2016) 22,476, http://www.nber.org/papers/w22476.pdf.

112

C. RUOF

loan underwriting processes in order to reduce costs.25 Certainly, there are more macroeconomic factors at work, which however do not need to be scrutinized here.26 Finally, another supply-side factor that is worth returning to is that of deliberate over-complexification.27 According to Hilary Allen, this incentive might be particularly strong in the era of fintech, which is connected to the widespread utilization of the aforementioned technologies, in particular with respect to algorithms.28 That is because the more sophisticated or complex an algorithm is, the more likely human beings are to defer to the outcome provided by it.29 This potentially creates the incentive for those designing (or simply applying) the algorithms to exploit that bias in order to game regulation and regulators.30 As Allen argues ‘[…] some programmers (or their employers) may even use the complexity of algorithmic programming affirmatively, purposefully overengineering and rapidly updating code in order to confound competitors and deflect regulatory scrutiny’.31 While being hard to prove and the degree to which this is an actual phenomenon in fintech innovation is more of speculative nature, from an informational perspective—as I will later show—this still has significant implications. 2.2

Demand-Side Drivers of Fintech

Turning to the demand-side factors, there are three main drivers of fintech that are worth mentioning. Namely, (1) changing customer expectations,

25 See also Schindler (n 22) 12. More generally on the cost-reducing potential of fintech, see Santander InnoVentures, Oliver Wyman and anthemis group, ‘The Fintech 2.0 Paper: Rebooting Financial Services’ (June 2015). 26 For example, Mansilla-Fernández finds that investment in fintech firms (scaled by

GDP) is higher where an economy has greater financial depth, as proxied by ratios of credit and bank assets to GDP. See José Manue Mansilla-Fernández, ‘Numbers’ (2017) 2 European Economy - Banks, Regulation, and the Real Sector 35. 27 See above at p. 90f. 28 Allen, ‘Driverless Finance’ (n 154 in Chapter 4) 175f. 29 This is also being referred to as ‘automation bias.’ See, e.g., Kenneth A Bamberger,

‘Technologies of Compliance: Risk and Regulation in a Digital Age’ (2010) 88 Texas Law Review 669, 676. 30 Allen, ‘Driverless Finance’ (n 154 in Chapter 4) 176f. 31 Ibid.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

113

(2) demographic factors, and (3) a more general demand for cheaper and more convenient products.32 First, customer expectations change especially as a result of their interactions and experience they have in other sectors.33 More specifically, the digitization of commerce, which introduced unflawed real-time transacting capability of internet-connected devices has given rise to higher customer expectations with regard to convenience, speed, cost, and userfriendliness of financial services.34 Another spill-over from e-commerce, customers expect the relationship with the company to become more personal and products and services to be more individual and tailored to their specific needs.35 Overall, digitalization has changed the expectations for financial services and led the sector to become more customer-centric. These expectations have been fuelled by the COVID-19 pandemic, as pandemic-related responses and containment measures increased the importance of digital financial services.36 So far, it seems plausible that these trends have to a large extent endured after the pandemic has ended. The second main demand factor being closely interlinked with changing of customer expectations is demographic developments—in particular the growing financial influence of the generations known as digital natives and millennials.37 These generations are typically highly connected, exhibiting high internet and mobile penetration,38 and demand financial products and services that match their mobile lifestyle. 32 In addition, especially with respect to DeFi, the lingering effects of the 2008 financial

crisis are often cited as another driver. More specifically, the disappointment and growing distrust with the financial system and its incumbent players arguably have made the ground for a growing demand for alternative financial solutions that are not associated with the actors involved. 33 See Ioannis Anagnostopoulos, ‘Fintech and Regtech: Impact on Regulators and Banks’ (2018) 100 Journal of Economics and Business 7, 10 or Vives (n 164 in Chapter 4) 248. 34 See FSB, ‘FinTech and Market Structure in Financial Services: Market Developments and Potential Financial Stability Implications’ (FSB 2019) 10. 35 See Anagnostopoulos (n 33) 10. 36 See also FSB, ‘Fintech and Market Structure in the COVID-19 Pandemic:

Implications for financial stability’ (2022) COVID-19, 2f. 37 See FSB, ‘FinTech and Market Structure in Financial Services: Market Developments and Potential Financial Stability Implications’ (n 34) 10. 38 Anagnostopoulos (n 33) 10 who is also providing a more detailed account of the generational shift from the ‘baby boomers’ to the Millennials.

114

C. RUOF

Additionally, these generations’ views on the financial sector are significantly shaped by the GFC, which led to a decline in the reputation of and trust towards incumbent financial institutions. Yet, trust in technology and technology companies is relatively high among those generations.39 Because of these conditions, fintech solutions are seemingly appealing highly to millennials and digital natives alike.40 Last, there is a constant market demand for more efficiency and correction of frictions in the financial market which fintech also attempts to meet. In that sense, fintech is in line with past financial innovation attempts to improve the traditional intermediary functions. More specifically, fintech could be more effectively overcoming information asymmetries (e.g. with the help of Big Data and AI),41 reduction of transaction costs42 or just better use of economies of scale and efficiency gains through specialization.43 Moreover, the demand for more cost-efficient solutions has also been a driver from the industry side. In the case of regtech for instance, the rising regulatory burden and corresponding compliance costs raised the demand by financial institutions for regtech solutions meeting these new regulatory requirements and bringing those costs back down.44 Such demands have only been further 39 See, e.g., a cross-country survey conducted by Gerard Du Toit and Maureen Burns, ‘Evolving the Customer Experience in Banking’ (Bain & Company 2017). However, it has to be noted that in the very recent years, trust in technology firms may have declined, due to increasing negative press coverage (reporting about inter alia data scandals, discussions around hate speed or their sheer market and political power). It remains to be seen how this affects the fintech sector. For more on this, see, e.g., Sanjay Nair, ‘Trust in Tech Is Wavering and Companies Must Act’ (Edelman), https://www.edelman.com/res earch/2019-trust-tech-wavering-companies-must-act, including the corresponding report (Edelman, ‘Trust Barometer 2019 - Trust in Technology’ [2019]). 40 See EY, ‘Fintech Adoption Index 2017—The Rapid Emergence of FinTech’ (2017). 41 See, e.g., Vives (n 164 in Chapter 4) 249. 42 William Magnuson, ‘Regulating Fintech’ (2018) 71 Vanderbilt Law Review 1167, 1183. 43 Anagnostopoulos (n 33) 11. 44 More specifically, demand for regtech was not only spurred by the costs of compli-

ance, but also by the costs of non-compliance, which also increased after the Piotr Kaminski and Kate Robu, ‘A Best-Practice Model for Bank Compliance’ (McKinsey & Company Risk 2016) Exhibit 1. According to the CCAF report, (as of 2018) regtech adoption has been the strongest, where it has been supported by legislative initiatives that punish non-compliance with large fines or criminal sanctions, and that favour high

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

115

elevated because of the ever-growing volume of transactions and data that many financial institutions need to process as the increasingly digitalized economy continues to grow.45 2.3

Regulation as a Driver of Fintech

As already described in Chapter 4, Sect. 3.4, a key driver of financial innovation is regulation. More specifically, regulation and innovation stand in an ongoing reciprocal relationship with each other where one dynamically reacts upon the actions of the other.46 In the context of fintech, regulation played a significant role in its emergence, especially the regulatory reforms that were passed after and as a reaction of the GFC. As shown earlier,47 regulation can trigger innovation in a number of ways. Largely, the post-crisis regulations were not intended to spur financial innovation in the way they did—far from it.48 Rather, as a reaction to the crisis, their main objective was broadly to address financial stability with the aim to make the financial system more resilient as well as addressing more specific flaws which had been identified as contributors and culprits to the crisis.49 Financial innovation, on the other hand, was seen by many as one of the contributors to the crisis and therefore its support was not on top of the agenda.50

data volumes and prescriptive data taxonomies (Cambridge Centre for Alternative Finance, ‘The Global RegTech Industry Benchmark Report’ (CCAF 2019) 10. 45 See Arthur Yuen, ‘Regtech in the Smart Banking Era—A Supervisor’s Perspective’ (Hong Kong Monetary Authority 2018) Regulatory Keynote Speech, www.hkma.gov.hk/ eng/news-and-media/speeches/2018/09/20180927-2/. 46 In the context of fintech, this dynamic has also been discussed in Pedro M Batista and Wolf-Georg Ringe, ‘Dynamism in Financial Market Regulation: Harnessing Regulatory and Supervisory Technologies’ (2021) 4 Stanford Journal of Blockchain and Policy 203. 47 See p. 73ff. and p. 91ff. 48 This particularly applies to the reforms introduced as a direct response to the crisis

in the years after it. More recent initiatives, such as the PSD 2 in the EU, however again put more attention on innovation. Some of these initiatives will be analysed below in Chapter 9. 49 For a comprehensive analysis of the post-crisis reform efforts in the EU, see, e.g., E Wymeersch, Klaus J Hopt and Guido Ferrarini (eds), Financial Regulation and Supervision: A Post-Crisis Analysis (1st edn, Oxford University Press 2012) or Coffee Jr (n 76 in Chapter 3) for the USA. 50 E.g. Arner, Barberis and Buckley (n 60 in Chapter 4).

116

C. RUOF

The rise of fintech came about through different means. First, by intending to make the financial system more resilient, the post-crisis reforms introduced a huge amount of new (or more stringent) regulatory obligations,51 which dramatically increased the compliance burden on financial institutions.52 As a result of this,53 traditional financial institutions saw certain business models and sectors getting under pressure. In order to cut costs and use capital more efficiently, they consequently reduced or withdrew from some activities. For example, higher capital requirements which were part of Basel III54 were aimed at enhancing market stability and risk-absorbing capacity—a goal they seemed to have achieved.55 However, they have also resulted in changes of some banks’ lending behaviour. Banks withdrew from lending markets, in particular those for small and medium enterprises (SME) and non-wealthy individuals.56 This new withdrawal from certain lending markets created an open demand for small (and usually riskier) credit. While banks were pulling back from this segment, new contesters (in particular marketplace lending platforms) entered those markets with innovative products which

51 This is true for basically all significant financial markets around the world, especially Europe and the USA. Prominent examples of these regulations include: the review of balance sheet requirements, such as higher capital and lower leverage requirements in the banking sector; addressing the risks posed by shadow banking entities and activities; additional stress testing requirements; the regularization of the over-the-counter derivative markets; and the review and enhanced requirements for financial market infrastructure (such as payment systems, securities and derivatives market infrastructures). FSB, ‘Financial Stability Implications from FinTech: Supervisory and Regulatory Issues That Merit Authorities’ Attention’ (n 6) 36. 52 See, e.g., Arner, Barberis and Buckley (n 60 in Chapter 4) 377. A 2019 report prepared for the EC compared the compliance costs for different financial institutions in 2019 to those found in similar report from 2009, showing significant increases across sectors. See ICF and CEPS, ‘Study on the Costs of Compliance for the Financial Sector— Final Report’ (EC 2019) 148ff. A survey of 87% of banking CEOs considered these costs as a source of disruption. See BBVA, ‘RegTech, the New Magic Word in FinTech’ (2016) BBVA Research 6. 53 And potentially other factors, such as low interest rate environment. 54 BCBS, ‘Minimum Capital Requirements for Market Risk’ (BIS 2016). 55 Not least demonstrated by the relative stability of the financial sector during the emergence of the COVID-19 pandemic. 56 See FSB, ‘Financial Stability Implications from FinTech: Supervisory and Regulatory Issues That Merit Authorities’ Attention’ (n 6) 36. See also Arner, Barberis and Buckley (n 60 in Chapter 4) 1289 or Anagnostopoulos (n 33) 11.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

117

utilized technology to fulfil the credit demand in a profitable way.57 A similar observation can be made for the lending market, more specifically for mortgage origination, where the market share of traditional banks shrank while that of fintech lenders grew significantly. This shift can also be linked to the adoption of several new regulatory initiatives concerning bank capital requirements.58 Furthermore, as discussed earlier, regulation inherently imposes costs, which is why market actors tend to respond by seeking ways to reduce these costs. This can happen in two different ways: (1) by making compliance more efficient59 or through (2) ‘arbitrage’, i.e. finding ways to circumvent regulations that would normally apply.60 As the post-crisis reforms led to a massive increase in compliance costs,61 it seems plausible that fintech is at least in parts an occurrence of regulatory arbitrage.62 In theory, a heavy regulatory burden in traditional sectors combined with little to no regulation of related fintech activities will most likely channel activity in this direction.63 Such occurrences are supported by the fact that a significant amount of fintech firms, also in the EU, are

57 See also Arner, Barberis and Buckley (n 60 in Chapter 4) 1289. 58 See Buchak and others, ‘Fintech, Regulatory Arbitrage, and the Rise of Shadow

Banks’ (National Bureau of Economic Research 2017) 23,288. 59 This resembles one way of reducing the social cost of the behaviour, as stated at

p. 73f. That is, because the social costs are comprised of the compliance cost (for the firm) and the costs reflecting the risk (for others). Compliance provided more efficiently therefore means, addressing the risk with the same (or better) level of effectiveness, while decreasing the cost of it. 60 See above at p. 74f. 61 Frost for examples concludes from a set of studies that they ‘[…] do not tend

to support the idea that fintech adoption is driven primarily by regulatory arbitrage, at least at an aggregate level’. See Frost (n 23) 8. However also noting that the evidence is necessarily high-level and partial, and it does not account for individual types of regulation. 62 This is also suggested by Batista and Ringe (n 46) 206f. or René M Stulz, ‘FinTech, BigTech, and the Future of Banks’ (2019) 31 Journal of Applied Corporate Finance 86, 92. 63 Similarly BIS and FSB, ‘FinTech Credit: Market Structure, Business Models and Financial Stability Implications’ (BIS and FSB, 2017) 36f in the context of the growing fintech lending market.

118

C. RUOF

still unregulated.64 An analysis by Mansilla-Fernández seems to corroborate this, finding that investment in fintech firms (scaled by GDP) is lower where the banking sector is more regulated, suggesting that regulatory arbitrage plays a role.65 More specific examples include initial coin offerings (ICO), which have been suspected of being used to circumvent investor protection regulation,66 or marketplace finance platforms, which were supposedly created to gather funds through a non-depository mechanism in order to avoid being categorized as a bank.67 The same is being suggested for certain non-bank payment providers holding customer funds, which presumably are structured to avoid prudential regulatory requirements.68 However, these studies are only suggestive and are not (yet) able to provide a full picture neither for the sector nor for the whole phenomenon of fintech. For a better account of the role of regulatory arbitrage in fintech, more conclusive evidence needs to be produced. Nevertheless, there are examples of efficient compliance (1) triggered by the post-crisis regulation. Above all, regtech constitutes a direct response to the increasingly large and complex regulatory environment.69 64 A Consultation Document by the EBA from 2017 showed that out of a sample of 282 fintechs, 31% were subject to no regulatory regime at all (EBA, ‘Discussion Paper on the EBA’s Approach to Financial Technology [FinTech]’ [n 13] 20). That is even against the backdrop that EU regulation is supposed to follow a functional approach (‘same risk, same regulation’), see ECB, ‘ESCB/European Banking Supervision Response to the European Commission’s Public Consultation on a New Digital Finance Strategy for Europe/FinTech Action Plan’ (2020) 2. Notably, the line of causation here is difficult to assess. The fintech activity could also be ‘unintendedly’ unregulated, simply because the regulatory framework is outdated. 65 Mansilla-Fernández (n 26) 38. 66 Among others by the SEC, ‘Report of Investigation Pursuant to Section 21(a) of the

Securities Exchange Act of 1934: The DAO’ (SEC 2017) Release No. 81207, https:// www.sec.gov/litigation/investreport/34-81207.pdf, or World Bank, ‘Why Decentralised Finance (DeFi) Matters and the Policy Implications’ (OECD 2022) 11f. 67 See Feyen and others (n 7) 43. 68 See, e.g., Allen, ‘Payments Failure’ (n 41 in Chapter 3) or Dan Awrey and Kristin

van Zwieten, ‘Mapping the Shadow Payment System’ (SWIFT 2019) 11ff. 69 See also Veerle Colaert, ‘Regtech as a Response to Regulatory Expansion in the Financial Sector’ [2018] SSRN Electronic Journal. Patrick Armstrong, a senior expert at ESMA, described the emergence of regtech as a ‘predictable response’ to the post-crisis regulation (see ESMA, ‘Report on Trends and Vulnerabilities’ (ESMA 2019) ESMA50165–737, 43). A deeper analysis on the drivers of regtech can be found at FSB, ‘The Use of Supervisory and Regulatory Technology by Authorities and Regulated Institutions - Market Developments and Financial Stability Implications’ (FSB 2020) 4ff.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

119

Especially, the comprehensive reporting requirements that were introduced by post-GFC regulation represented a major opportunity for the automation of compliance and monitoring processes that regtech is delivering.70 In that sense, Regtech can be viewed as an example of regulatory dialectic.71 Overall, the effects of the post-crisis regulatory reforms on the emergence of fintech are ambiguous. In whichever way fintech is seen as (in parts) a reaction to the post-crisis regulation, what can be more recently observed is the emergence of the next phase in the ‘regulatory dialectic’— that is different forms of re-regulation. This part of the dialectic takes shape in an adjustment of the old framework to the new phenomenon, e.g. through a wholesale recalibration, targeted adjustments of regulation in certain areas or regulatory interventions as well as the introduction of novel regulatory instruments. These initiatives will be subject to further analysis in Chapter 9. 2.4

Contextualization of Fintech Drivers

Since the major drivers of fintech have been introduced and reviewed, certain conclusions could be drawn. Fintech in its current form is a covalence of multiple drivers including shifting consumer expectations, technological advancements and the post-crisis reform efforts. Looking at the drivers individually, it becomes clear that most of them are not new, but rather are present throughout a big part of financial innovation’s history. First and foremost, the fact that technology is a (major) driver of fintech does not make fintech different. In addition, the purpose of reducing frictions in the system, enhancing efficiency, or adapting to demographic changes is nothing new. From the perspective of the regulatory dialectic, fintech can be viewed as a predictable response to the post-crisis reform efforts, presumably existing in both forms, as regulatory arbitrage as well as efficient compliance solutions. Hence, it could be implied that fintech—seemingly—fits into the broader trajectory of financial innovation. However, as the remainder of this section will show, this conclusion is oversimplified and premature. Even if at micro-level

70 Arner, Barberis and Buckley (n 60 in Chapter 4) 375. See also ESMA (n 69) 43. 71 Also, Patrick Armstrong, ‘Developments in RegTech and SupTech’ (ESMA 2018)

ESMA71-99-1017. On regulatory dialectic generally, see above at p. 73ff.

120

C. RUOF

individual fintech innovations appear to be similar to past financial innovations, in reality, the accumulation of the small changes, as will be discussed, make it distinct in several aspects from previous innovation eras and implies a significant impact on the market structure and the financial ecosystem.

3

New Fintech Business Models

This part seeks to locate fintech within the broader trajectory of financial innovation. As will be shown, a lot of fintech applications represent an improved version of a longstanding service or product in the financial market with only some of its features slightly changed. What is often happening is that fintech companies substitute human intermediation with a computerized one. The utilization of advances in technology and computing in the financial services sector similarly, on the face of it, is nothing new. This observation in turn led some commentators to argue that fintech is solely a continuation of the long story of financial and technological innovation captured mostly by preceding analysis.72 While this assumption might be partly true on a micro-level, it proves to be altogether wrong on a macro level (as will be shown in Chapter 6). The following enumeration is neither conclusive nor does it limit the broad meaning of the term fintech as it has been described above. Rather, these sectors currently capture the most relevant fintech activity, which may however be subject to change at any point of time. Put differently, the following analysis is simply a snapshot of a moving and constantly evolving object. In organizing fintech activities in sectors, this chapter largely builds on previous work, in particular that of the FSB and the BIS. Most of the services performed or products offered by fintech firms at this time

72 See, e.g., Dong He and others, ‘Fintech and Financial Services’ (International Monetary Fund 2017) 5, 9, http://elibrary.imf.org/view/IMF006/24364-978 1484303771/24364-9781484303771/24364-9781484303771.xml; Jean Dermine, ‘Digital Banking and Market Disruption: A Sense of Déjà Vu?’ (Banque de France 2016) 20, https://www.insead.edu/sites/default/files/assets/faculty-personal-site/jean%20derm ine/documents/BanquedeFrance-DigitalBanking-Proof-2016.pdf.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

121

fall into one of the following four categories: (1) payments, clearing, and settlement; (2) deposit, lending, and capital raising, (3) investment management; and (4) market support and infrastructure services.73 3.1

Payment, Clearing, and Settlement

A payment system is a set of instruments and procedures for the transfer of funds and other assets between participants in satisfaction of financial obligations.74 In the history of fintech, numerous new ways of initiating payments (e.g. mobile and contactless payments) as well as overlay systems (such as PayPal or ApplePay) that provide innovative customer interfaces have been introduced to the market.75 Both of these types of innovations facilitate payment transactions by transferring money digitally and—from a consumer’s perspective—more simply. They both also use existing payment systems for settlement and therefore rely on corresponding relationships to banks.76 More specifically, they operate as overlay systems, changing only the customer interface, in which the customer can instruct and receive payments. At the same time, these innovations use existing payment infrastructure, such as correspondent banking, credit card, or retail payment systems, to process and settle payments.77 The specific business models vary, giving the users different options to make payments digitally. This includes inter alia services that operate on the basis of a traditional bank account, as well as prefunded e-money accounts operated

73 While mirroring most (neglecting slight variations) typology used in literature and by public authorities, this list is not conclusive. The selection of categories is supposed to reflect those, which are considered most relevant for the purpose of the analysis at hand. 74 S Millard, Andrew G Haldane and Victoria Saporta (eds), The Future of Payment Systems (1st edn, Routledge 2008) 2. 75 Specific firm examples and their respective function can be found at Ehrentraud and others ‘Fintech and Payments: Regulating Digital Payment Services and e-Money’ (BIS 2021) 10. Notably, money can also be stored on the accounts of those mobile payment providers. 76 See also Bech and Hancock ‘Innovations in Payments’ (BIS 2020) or Kathryn Petralia and others, Banking Disrupted? Financial Intermediation in an Era of Transformational Technology (Centre for Economic Policy Research 2019) 35. 77 BIS, ‘G7 Working Group on Stablecoins Investigating the Impact of Global Stablecoins’ (2019) 28.

122

C. RUOF

by a non-bank payment service provider.78 Furthermore, there are B2B payment providers such as Square or Stripe offering full-service payment services to merchants without the need for them to set up a merchant account with a processing bank.79 However, there is also a new wave of initiatives that are not only working on the front-end but also replace the back-end infrastructure, i.e. operate in a closed-loop system.80 This trend can be observed in China where Alipay (launched in 2004) and WeChat Pay (launched in 2011) together account for 92% of mobile payments.81 They are both closed-loop systems and they provide services directly to both payers and payees. Those systems operate with back-end arrangements that are largely internal to their respective companies, meaning they do not build upon or are dependent on the incumbent payment infrastructure (standalone system).82 As opposed to (mere) front-end innovations, in these set-ups, payments are processed, cleared, and settled by the platform provider independent of another (incumbent) system.83 Another major change in the payment sector occurs with the emergence of non-traditional payment schemes.84 These entail decentralized digital currencies and mobile money solutions that are supposed to provide alternatives to traditional value transferring systems and mostly

78 Ehrentraud and others (n 75) 21. For an instrument to be considered e-money, it typically needs to (i) serve as a multipurpose medium of exchange; (ii) be accepted as a means of payment by parties other than the issuer; and (iii) be issued only on receipt of funds (e-money is prepaid). 79 See Erik Feyen and others, ‘Fintech and the Digital Transformation of Financial Services: Implications for Market Structure and Public Policy’ (World Bank Group 2022) Flagship Technical Note 15. 80 While front-end services evolve around the initiation of the payment, while back-end arrangements process, clear, and settle payments. For a further explanation of what functions and services belong to front-end and back-end respectively, see Bech and Hancock (n 76) 23. 81 Aaron Klein, ‘Is China’s New Payment System the Future?’ (The Brookings Institution 2019). Both players owe their market position largely due to successfully capitalizing on their huge pre-existing network of customers. 82 See Bech and Hancock (n 76) 27f. 83 See Petralia and others (n 76) 28. 84 See World Economic Forum, ‘The Future of Financial Services How Disruptive

Innovations Are Reshaping the Way Financial Services Are Structured, Provisioned and Consumed’ (n 13) 43ff.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

123

operate outside the established system. While services similar to PayPal all utilize a centralized network, decentralized schemes operate based on a distributed ledger where transactions between parties can be processed via a cryptographic protocol.85 Thereby tasks are allocated across many individuals, rather than running through one central point. Additionally, all of those transactions are recorded on the distributed ledger which is continuously downloaded by users with each transaction being authenticated and confirmed as it happens.86 Most decentralized payment schemes denominate payments in a native currency often referred to as ‘cryptocurrency’ (Bitcoin being the first and still most prominent one).87 In the recent years, a whole market ecosystem has evolved around cryptocurrencies, including various exchanges, wallets, and other types of intermediaries.88 While at the beginning of these innovations operating outside of the established system had always been a key proposition, more recently the development seems to head towards their embodiment in the established system. This is for instance showcased by JP Morgan’s JPM Coin89 but also by (planned) initiatives from the regulatory side, namely, CBDC.90

85 The BIS described DLT as ‘means of recording information through a distributed ledger, i.e. a repeated digital copy of data at multiple locations’. DLTs enable nodes in a network to securely propose, validate, and record state changes to a synchronized ledger that is distributed across the network’s nodes. See Basel Committee on Banking Supervision (n 8), Glossary. 86 See Carla Reyes (n 77 in Chapter 4) 197ff. 87 See, e.g., World Economic Forum, ‘The Future of Financial Services How Disruptive

Innovations Are Reshaping the Way Financial Services Are Structured, Provisioned and Consumed’ (n 49) 45. 88 Hilary J Allen, Driverless Finance: Fintech’s Impact on Financial Stability (Oxford University Press 2022) 95f. and Hilary J Allen, ‘DeFi: Shadow Banking 2.0?’ (2022) William & Mary Law Review (Forthcoming) 20 providing several concrete examples. 89 JPMorgan Chase & Co, ‘J.P. Morgan Creates Digital Coin for Payments’, https:// www.jpmorgan.com/solutions/cib/news/digital-coin-payments. 90 A collaboration of national central banks launched a collaboration on issues around CBDC and its implementation on the platform of the BIS. For the first of a series of reports having resulted therefrom, see BIS, ‘Central Bank Digital Currencies: Foundational Principles and Core Features’ (2020).

124

C. RUOF

3.2

Deposit, Lending, and Capital Raising

Deposit, lending, and capital raising services is another sector traditionally under the control of financial incumbents which has been under attack by fintech firms.91 Common fintech applications that fall into this sector are digital banking and alternative lending and funding platforms. Digital banking describes the move of traditional banking services to an all-digital setting, meaning that banking services are delivered through electronic channels instead of physical branches.92 This development is highly driven by ‘Neobanks’93 which apply advanced technology to provide banking services94 in a more cost-efficient and innovative way, typically through a smartphone app.95 Often, they leverage scalable infrastructure models through inter alia cloud technology aimed to make them faster and more agile.96 Prominent examples are N26 and Fidor in Germany and the UK, Varo Money in the USA, and WeBank in China. However, for deposit, lending, and capital raising services, of greater relevance is the activity in the second area, that is alternative lending and funding. In the alternative lending sphere, most innovation activity runs under the notion of ‘fintech credit’.97 This term encompasses all credit activity performed by innovative electronic platform models whereby borrowers are matched directly with lenders.98 These entities are commonly referred

91 The above-cited survey by the BCBS (Ehrentraud and others [n 75]) shows that 18% of fintech activities fall within that category. 92 Similarly, Ehrentraud and others (n 4) 7f. 93 The boundaries between fintech and neo-bank are often blurry, often a banking

licence being the decisive factor. The distinction being made here is rather for conceptional reasons. More information on these types of players will be given below in Sect. 4.1. 94 Among those all kinds of services traditionally been provided by incumbent banks. These are, for example, deposit solutions, lending, and asset management. 95 See Basel Committee on Banking Supervision (n 8) 17. 96 These infrastructure models will be subject of further analysis in Sect. 4 of this

subsection. 97 See, e.g., BIS and FSB (n 63) or Stijn Claessens and others, ‘Fintech Credit Markets around the World: Size, Drivers and Policy Issues’ (BIS 2018). 98 See BIS and FSB (n 63) 2.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

125

to as ‘loan-based crowdfunders’, ‘peer-to-peer (P2P) lenders’, or ‘marketplace lenders’.99 The overarching idea of those platforms is to provide an online market that allows lenders to directly connect with borrowers and vice versa.100 In the standard version of this model, the online platform provides a low-cost standardized loan application process and facilitates direct matching and transacting between borrowers and investors (lenders). Prospective borrowers provide relevant information and investors subsequently review it on the platform (most often only after the platform has verified it). Platforms often contribute to the creditor’s loan selection process by providing their own credit risk assessment of the borrower usually communicated in the form of a credit grade from which the pricing of the loan is based on.101 In the course of this assessment, often a variety of non-traditional data sources are consulted, including for instance data derived from social media and public records (e.g. property transactions, marriage, divorce, criminal records).102 When borrower and investor are matched, a loan contract is made between them.103 Once the loan is originated, the platform typically acts as an agent of the investor by servicing the loan.104 Often, traditional players remain involved in this model: Platforms like Prosper or LendingClub for example let a bank make the initial loan, which is then only in a

99 Ibid. As opposed to P2P lending, marketplace lending is a broader term, which also includes lending (to a significant extent) from wholesale sources. As for the purpose of this book this difference is not of importance, I will in the following stick to the broader term, i.e. marketplace lending. 100 Ibid. 11. 101 Claessens and others (n 97) 32. In regard of the process of price setting, there

are different approaches existing, ranging from auctioning over automatic price setting to individual matching. See Ken Davis and Jacob Murphy, ‘Peer-to-Peer Lending: Structures, Risks and Regulation’ (2016) 1 The Finsia Journal of Applied Finance 37. 102 Jo Ann S Barefoot, ‘Disrupting FinTech Law’ (2015) 18 Fintech Law Report 1, 5; Allen, ‘Driverless Finance’ (n 154 in Chapter 4) 168. 103 The specifics of this contract (especially the existence of another contractor) depend on the particular business model of the platform, which is however not necessary to elaborate upon further here. For further information on different versions of marketplace lending business models, see, e.g., Eleanor Kirby and Shane Worner, ‘Crowd-Funding: An Infant Industry Growing Fast’ (IOSCO 2014) or BIS and FSB (n 63) 10ff. 104 Claessens and others (n 97) 32.

126

C. RUOF

subsequent step being sold to the investor.105 Some platforms additionally provide a secondary market, where the investor can sell loans and credit rights can be transferred.106 In addition to marketplace lending, crowdfunding is another popular field in the sphere of alternative forms of capital raising. Capital raising activities have traditionally been facilitated by specialized financial institutions such as investment banks, leveraging their expertise to identify and support investment opportunities. Access to investments with the help of those intermediaries has typically been limited to selected high net worth and institutional investors.107 Crowdfunding promises to change that by widening access to capital and providing funding for a greater number of actors. It is the practice of funding a project or venture (usually early stage start-ups) by raising money from a large number of people.108 It is typically via an internet platform that facilitates the raising of capital. There are two types of crowdfunding to be distinguished: loan-based crowdfunding which falls under the category of fintech credit, and equity crowdfunding which is used to raise capital in exchange for equity.109 All of the so far described business models can be categorized as ‘Fintech platform financing’. Another relevant development in this sector can be found in the world of cryptocurrencies and decentralized finance (DeFi). Aside from offering an alternative currency and payment services, companies from the crypto space also increasingly provide credit services, loans, and offer interest-generating deposit accounts to their customers.110 However, as 105 Allen, Driverless Finance (n 88) 83. 106 Claessens and others (n 97) 32. 107 World Economic Forum, ‘The Future of Financial Services How Disruptive Inno-

vations Are Reshaping the Way Financial Services Are Structured, Provisioned and Consumed’ (n 49) 111. 108 Basel Committee on Banking Supervision (n 8), Annex 1. 109 Loan-based crowdfunding is mostly overlapping with marketplace lending and the

terms are often used as synonyms. The main difference probably lays in the purpose of the lending: While marketplace lending can be utilized for all kinds of (general) financing needs, crowdfunding is usually used to raise money for a (one-time) particular project. However, since this does not entail different implications for the purpose of this book, I will in the following keep referring to marketplace lending. 110 According to a recent report by the World Bank, collateralized lending is the fastestgrowing applications DeFi product accounting for more than half of the value of cryptoassets locked in DeFi. See World Bank (2022) Why Decentralized Finance, p. 9.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

127

opposed to dealing in an official currency, their service centres around often multiple cryptocurrencies. BlockFi for example takes deposits of cryptocurrencies and pays interest on them. At the same time, BlockFi makes loans in dollars to people who put up cryptocurrency as collateral. It also lends crypto to institutions that need it.111 Other companies like Compound go one step further, solely offering a platform for depositing, lending, and borrowing cryptocurrencies. The difference to companies like BlockFi though is that all services are determined by the underlying protocol. This makes them a type of automated market run by computer programmes facilitating transactions without human intervention.112 3.3

Asset Management and Financial Advice

Since the aftermath of the GFC, a number of fintech companies, commonly referred to as ‘robo advisors’ have entered this field, applying technology-based solutions to compete with traditional asset managers.113 Robo advisors offer a range of automated services, from financial recommendations to investment or portfolio management.114 The composition of the recommendation or managed portfolio is typically based on two key components: the input information provided by the customer and the algorithm.115 The first component, the gathering of customer information, is usually conducted with the help of an online questionnaire and primarily focused on the investor’s financial situation

111 See Eric Lipton and Ephrat Livni, ‘Crypto’s Rapid Move into Banking Elicits Alarm

in Washington’ The New York Times (5 September 2021), https://www.nytimes.com/ 2021/09/05/us/politics/cryptocurrency-banking-regulation.html. 112 ibid. 113 See, e.g., Tom CW Lin, ‘The New Financial Industry’ (2014) 65 Alabama Law

Review 567, 573. See generally, Tom Baker and Benedict Dellaert, ‘Regulating Robo Advice Across the Financial Services Industry’ 103 Iowa Law Review 71 or Wolf-Georg Ringe and Christopher Ruof ‘Robo Advice—Legal and Regulatory Challenges’ in Iris HY Chiu and Gudula Deipenbrock (eds), Routledge Handbook of Financial Technology and the Law (Routledge 2021). 114 See FSB (n 6), Annex D. While some contributions also include in-house applications of incumbent financial firms in the definition of robo advice, here it only refers to consumer-faced applications. For the different use, see ibid. or Basel Committee on Banking Supervision (n 8) 42. 115 Wolf-Georg Ringe and Christopher Ruof, ‘A Regulatory Sandbox for Robo Advice’ [2018] European Banking Institute Working Paper Series 2018, 3.

128

C. RUOF

and risk tolerance. However, there is significant interest in the development of technologies that can gather information about a client’s financial situation in an automated fashion, i.e. without using an (online) questionnaire.116 Especially, the combination of the use of AI and Big Data117 has the potential of getting a much more accurate picture of the financial situation of the client and hence enable the robo advisor to give a more tailored recommendation.118 In the second phase, the algorithm (depending on the specific business model) constructs a portfolio/advice consisting of various investment products. The subsequent management aspect depends on the type of robo advisor: some can provide mere reallocation proposals, while others rebalance and reallocate automatically.119 These subsequent actions are also decided by the underlying algorithm of the robo advisor and depend on (changes in) the individual situation of the investor and developments in the (financial) market. Typically, all services offered by the robo advisor can be accessed through a smartphone app. In both parts of the process, robo advisors make increasing use of the newest developments in artificial intelligence120 (AI) and machine learning (ML).121 ,122 A recent study for instance found that the investment management industry is the most aggressive sector in 116 See, e.g., Deloitte, ‘The next Frontier—The Future of Automated Financial Advice in the UK’ (April 2017) 22; Also Hillary Allen, ‘Experimental Strategies for Regulating Fintech’ (2021) 3 Journal of Law & Innovation 1, 10; See also Ringe and Ruof (n 115) 26. 117 ‘Big Data’ is a generic term that designates the massive volume of (digitized) data that is generated by the increasing use of digital tools and information systems. Similar definition is used by FSB (n 6), Glossary. 118 See Ringe and Ruof, ‘A Regulatory Sandbox for Robo Advice’ (n 115) 25f. 119 See Ringe and Ruof (n 115) 3f. 120 Artificial intelligence broadly refers to IT systems that perform functions requiring

intelligence when performed by people, see FSB (n 6), Glossary. More specifically, AI can ask questions, discover and test hypotheses, and make decisions automatically based on advanced analytics operating on extensive data sets (see Basel Committee on Banking Supervision [n 8], Glossary). 121 Machine learning is a subcategory of AI. It is defined by the BIS as ‘a method of designing problem-solving rules that improve automatically through experience. More specifically, machine learning algorithms give computers the ability to learn without specifying all the knowledge a computer would need to perform the desired task, as well as build algorithms that can learn from and make predictions based on data and experience’ (see ibid. Glossary). 122 See, e.g., Allen, ‘Driverless Finance’ (n 154 in Chapter 4) 185.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

129

finance in embracing AI, particularly in relying on new types and sources of data.123 3.4

Market Support Services

The sector of market support and infrastructure services comprises a large variety of companies providing support services to financial companies, including incumbent banks as well as novel fintech firms.124 They are not limited to one intermediary function but provide services to all sorts of businesses and comprise a broad range of applications.125 They tend to operate under the surface and do not interact directly with the consumer (i.e. they operate only B2B). For the consumer (and not rarely also for other market actors, most importantly regulators), their existence is often not directly visible. However, this is—as will be shown below—what makes them particularly relevant from an informational perspective. Here, I mainly focus on two particular sets of developments in this field which can be summarized under (1) ‘Banking-as-a-platform’ and (2) ‘Regtech’. Those areas have gained particular traction in recent times and—continuing that route—are likely to have a strong impact on the structure of the financial system (more specifically the banking system) which is accompanied by major challenges from an informational perspective. 3.4.1 Banking-as-a-Platform ‘Banking-as-a-platform’ is not a clearly defined term.126 Here, I use it to capture services that operate in a platform-like environment and satisfy particular characteristics, namely the provision in a service-oriented 123 Cambridge Centre for Alternative Finance and World Economic Forum, ‘Transforming Paradigms—A Global AI in Financial Services Survey’ (2020) 87. 124 Against that backdrop, while some entities in this category do not themselves offer a ‘financial innovation’, they are so closely linked to it and are a key component of the fintech phenomenon (and its structural and regulatory implications) that they necessarily have to be included in the analysis. 125 See also Basel Committee on Banking Supervision (n 8) 9, providing also an extensive list of applications. 126 To date, there is no clear taxonomy of the services that are being described here. See also Markos Zachariadis and Pinar Ozcan, ‘The API Economy and Digital Transformation in Financial Services: The Case of Open Banking’ [2017] SWIFT Institute Working Paper No. 2016-001, 11.

130

C. RUOF

architecture and the extensive use of cloud technology and application programming interfaces (API).127 The first common element of this group of fintech is therefore the usage of a platform.128 Participants in this platform-based environment can play different roles such as offering certain (supporting/enabling) services or tools to other firms, providing the platform itself while others act as integrators, weaving together products and services seamlessly with third-party offerings.129 The second characteristic is a service-oriented architecture, which is characterized by organizing and utilizing distributed capabilities in an interoperable fashion—making them easy to offer and access for other parties.130 In the context of the financial sector, this includes but is not limited to service models ranging from infrastructure components being provided in the cloud (IaaS), software platforms hosting client-owned applications (PaaS), complete applications run in the cloud and offered as a service (SaaS), or even a suite of applications and processes managed and delivered in the cloud (BPaaS).131 ‘As-a-service’ business models provide the full externalization of an entire capability typically being offered on a subscription basis.132 Even in cases where this service constitutes a substantial part of the ultimate service offered to the consumer, neither the firm providing it nor the underlying structure is visible to them.

127 Notably, these attributes are not equally satisfied at the firms that are included in this section. Rather, some fulfil one characteristic, while the other one is more in the background. 128 The term is used in a broader sense, not necessarily connecting producers and consumers, but describing a digital marketplace, where products and services can be exchanged. 129 For a more comprehensive analysis of the distinctive roles, see Sarah Diamond and others, ‘The Future of Banking in the Platform Economy’ (2019) 47 Strategy & Leadership 34, 38. Another distinction that can be made is in regard of the “openness” of the platform. See Zachariadis and Ozcan (n 126) 11f. 130 See Alaa el-din Riad, Ahmed Hassan and qusay f Hassan, ‘Leveraging SOA in

Banking Systems Integration’ (2008) 3 Journal of Applied Economic Sciences 145. 131 See FSB, ‘Third-Party Dependencies in Cloud Services—Considerations on Financial Stability Implications’ (FSB 2019) 5f. 132 See also World Economic Forum, ‘The Future of Financial Services How Disruptive Innovations Are Reshaping the Way Financial Services Are Structured, Provisioned and Consumed’ (n 49) 140.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

131

Lastly, all services in this sector heavily rely on cloud computing typically on APIs.133 In cloud computing, a third-party provider delivers computing resources and hosts processes over the internet. It enables on-demand network access to a shared pool of configurable hardware resources.134 The fintech firms typically build up their business largely in the cloud from the very beginning and leverage cloud technology to improve connectivity, facilitate data sharing, implement processes, and enable real-time processing. Communication and data exchange commonly run through the APIs,135 which ultimately enable these connections to work in the first place. In the recent years, several new forms of support services have emerged in the financial services sector which utilize these elements. First, TPPs and fintech firms have emerged which specialize in certain specific parts of the traditional banking value chain. While non-financial functions like customer relationship management, human resources, or accounting have been offered by external providers for a while already,136 the spectrum of support services has been expanding and is also increasingly including core functions. For instance, services in risk modelling,137 data collection and management,138 and transaction monitoring139 or compliance140 are now often being provided by specialized TPPs and fintech firms.141 On 133 See also ibid. or FSB, ‘Third-Party Dependencies’ (n 131) 3. 134 See also FSB ‘Third-Party Dependencies’ (n 131), Glossary or Basel Committee

on Banking Supervision (n 8), Glossary. There are different types of cloud deployment models, separated according to their degree of openness. The common categories can be found e.g. at FSB, ‘FinTech and Market Structure in Financial Services: Market Developments and Potential Financial Stability Implications’ (FSB 2019) 22, Table 2. 135 The BCBS describes API as ‘a set of rules and specifications followed by software programmes to communicate with each other, and an interface between different software programmes that facilitates their interaction’ (see, e.g., Basel Committee on Banking Supervision [n 8]). 136 See FSB, ‘Third-Party Dependencies’ (n 131) 4 or World Economic Forum (n 13)

139. 137 For instance, the firm Open Gamma (https://opengamma.com/). 138 Such as Novus (https://www.novus.world/). 139 E.g. redkite (https://www.redkite.com/). 140 E.g. FundApps (https://www.fundapps.co/). 141 See World Economic Forum (n 13) 141 or FSB, ‘Third-Party Dependencies’ (n 131) 7. More examples of outsourced functions can be found at Feyen and others (n 7) 13.

132

C. RUOF

the receiving end, there in particular neo-banks and fintech firms increasingly rely on these external providers for running their infrastructure and back-office. Moreover, incumbent financial institutions make use of these types of support services outsourcing142 an increasing number of (key) functions to small external players.143 That means they cut off functions (and correspondingly staff) in their own firm and replace it with readymade ‘as-a-service’ solutions provided by a specialized third party.144 While already for decades financial institutions have been using a range of different third-party providers,145 for core processes, internal computer services and infrastructure, they have relied mostly on local internal solutions.146 In the recent years, this has changed, as core functions have increasingly been outsourced to TPPs.147 These core services also include data collection, data management and compliance. Cloud services also have gained significantly greater importance, as an increasing share of infrastructure is moved there.148 Second, in particular neo-banks provide (but also specialized providers) a certain form of support service referred to as ‘white label banking’

142 Outsourcing as used here encompasses arrangements in which a service provider undertakes to provide a service for a financial institution, which would normally have been performed by the institution itself. 143 FSB, ‘Third-Party Dependencies’ (n 131). An example constitutes the use of Deposit Solution by Deutsche Bank. 144 In this role, those institutions do not act as a platform in the above-described traditional sense. However, as the line between a (banking) platform and a traditional bank that only utilizes third parties as a service provider are blurry. 145 FSB, ‘Third-Party Dependencies’ (n 131) 1. Traditionally, these providers have been used for services relating to relationship management, human resources, or financial accounting. See also See FSB, ‘FinTech and Market Structure in Financial Services: Market Developments and Potential Financial Stability Implications’ (n 134) 7f. 146 See FSB, ‘FinTech and Market Structure in Financial Services: Market Developments and Potential Financial Stability Implications’ (n 134) 7f. 147 See FSB, ‘Enhancing Third-Party Risk Management and Oversight – A toolkit for financial institutions and financial authorities’ (Consultative document, FSB 2023) 8. 148 See FSB, ‘Third-Party Dependencies in Cloud Services’ (n 131) 1 and Basel

Committee on Banking Supervision (n 8) 31. For instance, in 2016, The UK challenger bank, OakNorth, became the first bank in the UK to transfer its core systems into the cloud by using Amazon’s Web Services (AWS). See Emma Dunkley, ‘OakNorth Takes UK Banking into the Cloud’ Financial Times (25 May 2016), https://www.ft.com/con tent/36c4eba2-2280-11e6-9d4d-c11776a5124d.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

133

(WLB).149 In white label banking, the provider offers other firms to build or provide their service on the provider’s infrastructure and—importantly—under its licence. In this scenario the provider, which is often the neo-bank, operates in the background functioning as a market support service provider, while the recipient, often a fintech firm, is the visible part in the front, interacting with the consumer. Third, there are ‘micro-services’, another category of services offered from fintechs to neo-banks and vice versa (but also sometimes to incumbent institutions).150 The provider of a micro-service implements a single business capability at its customer firm in a service-oriented fashion. This business capability is then delivered, operated, maintained, and updated by the external provider (of the micro-service).151 That is how each function can be scaled and deployed separately at any time.152 It can include payment services, onboarding services such as the creation of (online) bank accounts, but also systems for combating financial crime.153 Lastly, some neo-banks as well as fintechs offer another type of support service, which is referred to as ‘banking-as-a-service’. This includes the provision of e.g. regulatory, compliance or technical services for small 149 See also Luca Enriques and Wolf-Georg Ringe, ‘Bank–Fintech Partnerships, Outsourcing Arrangements and the Case for a Mentorship Regime’ (2020) 15 Capital Markets Law Journal 374, 378f referring to them—due to their different roles—as one-stop-shops. 150 Micro-services are a variant of the service-oriented architecture that structures an application as a collection of loosely coupled services. It should be noted that microservice architecture are also implemented internally, which means the respective function is simply outsourced to an independent team within the same firm. For more information on the use of micro-services in the financial sector and the underlying technology, see in particular Tim Walker and Lucian Morris, The Handbook of Banking Technology (John Wiley & Sons 2021) esp. on p 129ff. 151 See, e.g., Antonio Bucchiarone and others, ‘From Monolithic to Microservices: An Experience Report from the Banking Domain’ (2018) 35 IEEE Software 50, 50f. or Alan Megargel, Venky Shankararaman and David K Walker, ‘Migrating from Monoliths to Cloud-Based Microservices: A Banking Industry Example’ in Muthu Ramachandran and Zaigham Mahmood (eds), Software Engineering in the Era of Cloud Computing (Springer 2020) 86ff. 152 An employee of the neo-bank N26 fittingly refers to their services as ‘cattle and no pets’ (see Raj Saxena, ‘Tech at N26—The Bank in the Cloud’ (InsideN26, 31 October 2018), https://medium.com/insiden26/tech-at-n26-the-bank-in-the-cloude5ff818b528b). 153 Walker and Morris (n 151) 130f., where also a deeper exploration of micro-services in banking can be found.

134

C. RUOF

fintech companies as well as the integration of banking processes for non-financial firms (e.g. e-commerce web shops).154 Banking-as-a-service providers enable the receiving party, in particular small fintech firms, to bring their service or product to the market in a faster and more dynamic fashion. A customer (e.g. a fintech specialized in a niche financial service) can connect to the provider and purchase as much capacity as they require on-demand without the need to build up the normally required infrastructure from the scratch.155 Furthermore, some banking-as-a-service provider offer full-service packages including all kinds of traditional banking products allowing the customer to offer fully compliant digital financial services to the consumer without itself having any banking operations in place.156 Examples for that type of provider include the Solaris Bank which offers a direct integration of fully compliant digital banking services to the product of the customer157 or Mambu (a cloudrun composable banking platform) offering an API-enabled architecture with over 6000 highly configurable loan and deposit products.158 On the other hand, ‘Zeta’ has a platform for financial products, such as credits, leasing instruments, or factoring solutions, but does not offer any own products.159

154 See, e.g., Hartmut Giesen, ‘Plattformen im Banking – vom as-a-Service- bis zum AirBnB-Banking’ (Next-Finance-Blog (20 November 2017), http://www.next-financeblog.de/plattformen-im-banking-vom-as-a-service-bis-zum-airbnb-banking/. Examples can be found at Shelagh Dolan, ‘Top BaaS Companies in 2021: Platform Providers & Banks Using BaaS Technology’ Business Insider (4 January 2021), https://www.businessinsider. com/banking-as-a-service-platform-providers. 155 See also Feyen and others (n 7) 10. 156 Dolan (n 154). 157 https://www.solarisbank.com/en/. 158 That is, according to the company’s own statement, see MAMBU, ‘Mambu

Earns Frost & Sullivan’s 2021 Global Product Leadership Award for Its Cloud Banking Platform | SaaS Cloud Banking Platform | Mambu’ (15 July 2021), https://www.mambu.com/insights/press/mambu-earns-frost-and-sullivan-s-2021global-product-leadership-award-for-its-cloud-banking. 159 Max Boemer and Hannes Maxin, ‘Why Fintechs Cooperate with Banks—Evidence from Germany’ (2018) 107 Zeitschrift für die gesamte Versicherungswissenschaft 359, 374f.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

135

3.4.2 Regtech Another important area of market support innovation is the application of financial technology for regulatory and compliance requirements and reporting by regulated institutions160 (‘Regtech’).161 Generally, it can take the form of any application, service, or platform that makes regulatory compliance more efficient through automated processes and reduction in costs.162 As third-party providers, regtech firms tend to be relatively nascent, having come into existence in the aftermath of the GFC.163 They offer targeted solutions to meet business and regulatory needs which are adopted by financial institutions of all sorts. However, the latter has also been starting to develop in-house regtech applications, either in competition or in collaboration with these third-party providers.164 160 Notably, as the CCAF report shows, a large amount of regtech providers are also offering services to clients outside of the financial services sector, such as to consultancy or the legal industry (Cambridge Centre for Alternative Finance, ‘The Global Alternative Finance Market Benchmarking Report’ [2020] 33). 161 FSB, ‘The Use of Supervisory and Regulatory Technology (n 69) 3, John Ho Hee Jung, ‘Regtech and Suptech: The Future of Compliance’ in Jelena Madir, FinTech (Edward Elgar Publishing 2019) 257, https://www.elgaronline.com/view/edc oll/9781788979016/25_chapter12.xhtml, or FCA, ‘FS16/4: Feedback Statement on Call for Input: Supporting the Development and Adopters of RegTech’ (FCA, 20 July 2016), https://www.fca.org.uk/publications/feedback-statements/fs16-4-feedback-statem ent-call-input-supporting-development-and. Notably, there has been a discussion around the term of regtech, which mainly circulates around certain requirements to the (novelty of) technology being used and the inclusion of tools designed for regulators. For an overview, see, e.g., Colaert (n 69), Alex Yueh-Ping Yang and Cheng-Yun Tsang, ‘RegTech and the New Era of Financial Regulators: Envisaging More Public–Private Partnership Models of Financial Regulators’ (2018) 21 University of Pennsylvania Journal of Business Law 354, 381ff. However, the latter point of discussion has become rather obsolete, since the term suptech has become increasingly established. Suptech will be subject of a deeper analysis below in Chapter 9, Sect. 3. 162 See also Hee Jung (n 161) 257. This was particularly driven by the complexity associated with the newly adopted Basel 2 framework. See esp. BCBS, ‘International Convergence of Capital Measurement and Capital Standards - A Revised Framework Comprehensive Version’ (BIS, June 2006) 12ff. 163 EY, ‘Innovating with Regtech—Turning Regulatory Compliance into a Competitive Advantage’ (2016) or Hee Jung (n 161) 260. 164 See Financial ‘Financial Electronic

Rolf H Weber, ‘Regtech as a New Legal Challenge’ (2017) 46 Journal of Transformation 10. On the implications of this distinction, see Luca Enriques, Supervisors and Regtech: Four Roles and Four Challenges’ [2018] SSRN Journal 3f.

136

C. RUOF

The range of services captured by regtech is broad including activities such as customer identification or transaction monitoring in e.g. AML/CFT, anti-fraud surveillance, risk assessment and management, market conduct services, origination processes, and regulatory requirement monitoring.165 Thereby AML is probably most often cited as an area where regtech facilitates improved compliance166 and—with KYC— the most commonly offered service by regtech providers.167 AML regulation requires financial institutions to report suspicious transactions.168 For that purpose, the institutions need to test all transactions against a certain set of criteria. An algorithm conducting this task and flagging suspicious transactions obviously entails great cost advantages vis-à-vis a manual assessment by staff members. Another practical example for regtech concerns ‘know your customer’ (KYC) requirements, which is among the biggest regulatory pain points for the financial industry.169 Lastly, regtech is increasingly used in regulatory reporting. As part of the post-crisis regulatory overhaul, requirements on regulatory reporting have increased significantly with daily reporting of thousands of data points to multiple regulators in different jurisdictions now being the norm for a large, internationally active bank.170 To cope with the extensive reporting requirements, regtech offer automation and integration of regulatory reporting to cut costs, but also to streamline and increase the accuracy and timeliness of reporting.171 One relatively new application case of regtech in this context is natural language processing (NLP), 165 Hee Jung (n 161) 258. A good overview can be found at Benny Firmansyah and Arry Akhmad Arman, ‘A Systematic Literature Review of RegTech: Technologies, Characteristics, and Architectures’ (2022) 2022 International Conference on Information Technology Systems and Innovation (ICITSI), Bandung, Indonesia, 2022, 310. 166 Institute of International Finance, ‘Regtech in Financial Services: Technology Solutions for Compliance and Reporting’ (March 2016) 6ff. 167 Cambridge Centre for Alternative Finance, ‘The Global RegTech Industry Benchmark Report’ (n 44) 10 (more than 60% of vendors report that their offerings address either Know Your Customer (KYC) or AML requirements). 168 See Colaert (n 69) 6. 169 See FSB, ‘Artificial Intelligence and Machine Learning in Financial Services—Market

Developments and Financial Stability Implications’ (FSB 2017) 20. 170 See Arner, Barberis and Buckley (n 60 in Chapter 4) 394 and Deloitte, ‘Forward Look: Top Regulatory Trends for 2015 in Banking’ (2015) 9. 171 See Hee Jung (n 161) and Arner, Barberis and Buckley (n 60 in Chapter 4) 388ff. and 393f.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

137

which is already used to read and interpret rules and integrate them into their risk and reporting system.172 This family of regtech arguably holds the greatest potential in terms of having a fundamental impact on the sector, as would be one of the key building blocks for automating regulation and compliance.173 Much rarer are regtech offerings focused on dynamic compliance, automated compliance functions, or internal testing.174 This might however be subject to change in the future, as uses of AI and ML are likely to become much more prominent.175

4 Same Same, but Different: Distinctive Features of Fintech As shown, a lot of the fintech era can be put in known categories of previous financial innovation, which—to a certain extent—can make it appear as a mere continuation of the past. While many aspects are indeed far from utterly new, this section will highlight some key features which distinguish fintech from prior eras of innovation. In contrast to the previous part, this part will take one step back and look at the characteristics of fintech from a higher level of abstraction and scrutinize those features from an informational perspective. This will lay the groundwork for the core analysis of this chapter: identifying structural shifts taking place under fintech (Chapter 6) and the implications thereof from an informational perspective (Chapter 7).

172 According to Cambridge Centre for Alternative Finance (n 44) 9f. over a third of regtech applications use NLP to parse regulatory content. See also FSB, ‘Artificial Intelligence and Machine Learning in Financial Services—Market Developments and Financial Stability Implications’ (n 169) 20. 173 Which is however only possible, when the regulator provides the corresponding infrastructure and possess the necessary equipment. This will be further dealt with in Chapter 10. 174 Cambridge Centre for Alternative Finance (n 44) 36f. 175 That is according to the vendors’ report of expected usage in the Cambridge Centre

for Alternative Finance (n 44) (see Fig. 6.1. on p. 41 and 6.3. on p. 43).

138

C. RUOF

4.1

New Field of Actors

The previous analysis of fintech activity already suggested that in the era of fintech, there are several new and an expanded number of players involved than compared to the past. As shown above, this new development has been primarily driven by technology and has effectively lowered barriers to enter thus enabling small start-ups to be able to partake in financial innovation. With the advent of the internet and smartphones, it has also become possible for small firms to directly interact with the (potential) customer who consequently reduced the ‘stickiness’ of existing customer relationships significantly. Meanwhile, the new value of data176 has been attracting the attention of ‘data-rich’ players from other sectors who gained a new-found competitive edge in the financial sector. Trying to keep pace with developments in the market, big incumbent players on the other hand strive to become more dynamic and improve their legacy infrastructure—often with the help of a number of specialized third-party firms. This section will take a closer look at the new field of players in the era of fintech by identifying the relevant actors and briefly describing their key features and aspirations.177 Finally, it will give a short preview of the implication of this expansion of the sector, which will be the subject of deeper analysis in the subsequent Chapters 6 and 7. 4.1.1 The (Standalone) Consumer-Faced Fintech Firm Standalone fintech firms are the prototype of a fintech firm and are what commentators traditionally refer to when writing about the topic.178 This category encompasses mostly start-up companies whose expertise often reside in tech rather than in finance, focus on a particular (technological) innovation applied to a particular financial service. They typically target a 176 This will be further analysed below in Chapter 6, Sect. 4. 177 The following categorization if neither exclusive nor definite. Also, it is not supposed

to function as a legal classification. Rather, it is a typological exercise to demonstrate the variety of new actors in the financial sector. In several cases, boundaries between the categories are blurring. Notably, not all of the following actors are themselves ‘fintech firms’ in the meaning stipulated in at p. 102f. 178 See, e.g., Arner, Barberis and Buckley (n 60 in Chapter 4), Magnuson (n 42) or also Rory van Loo, ‘Making Innovation More Competitive: The Case of Fintech’ (2018) 65 UCLA Law Review 238.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

139

small part of a traditional bank’s service value chain, seeking to strip away a particular customer segment and the corresponding revenue basis. They are particularly active in the fields of payment services, asset management, alternative financing, or fintech credit. The standalone fintech as used here offers its service directly to a consumer.179 In the beginning of the fintech era and starting in the aftermath of the GFC in 2008, those standalone fintech firms have especially been a predominant source of innovation activity in financial services.180 This marked a stark shift to the pre-crisis era, where innovation was led by the largest and most established financial institutions.181 Also in contrast to previous eras of financial innovation (esp. before the GFC), where innovation mainly occured in the wholesale market, fintech innovation is to a large extent consumer-faced.182 While certainly some examples of this type of fintech firm can be found prior to that time (e.g. PayPal), in recent times, there has been a clear and dramatic increase in standalone fintech firms in financial services.183 An indicator for this increase can be derived from data by Venture Scanner which shows that start-up formations in the financial sector appear steadily from 2008 through 2010 but then accelerate significantly in the following two years with the total number of companies entering the market doubling.184 179 B2B fintech companies are described below, in particular in the section on TPPs (d. 2) (iii). 180 See, e.g., Laurens Kolkman, ‘Bank-Less Future: How FinTech Start-Ups Might Take over the Financial System’ (KPMG 2016). 181 In fact, for instance, innovation in the derivatives market by then was expressly permissioned on the fact that it came from those players. So e.g. explicitly stated in Commodity Futures Modernization Act of 2000 Pub. L. No. 106–554, 114 Stat. 2763 (2000). 182 See also Magnuson (n 36) 1174 or; Liz Moyer, ‘From Wall Street Banking, a New Wave of Fintech Investors’ The New York Times (6 April 2016), https://www.nytimes.com/2016/04/07/business/dealbook/from-wall-street-ban king-a-new-wave-of-fintech-investors.html. 183 See also Dirk A Zetzsche and others, ‘From Fintech to Techfin: The Regulatory Challenges of Data-Driven Finance’ (2018) 14 New York University Journal of Law & Business 393, 401; Yasha Yadav and Chris J Brummer, ‘Fintech and the Innovation Trilemma’ (2019) 107 Georgetown Law Journal 235, 275f. 184 Data from venture scanner as cited by Deloitte, ‘Fintech by the Numbers - Incumbents, Startups, Investors Adapt to Maturing Ecosystem’ (Deloitte Center for Financial Services 2017) 3f.

140

C. RUOF

Typically, these new players enter the market to compete with incumbents, offering a service in a (theoretically) more efficient way. They target one small part of the service portfolio of traditional banks and, utilizing technology and data, offer that service cheaper, more digitalized or consumer-friendly. While this role of the competitor to incumbents is the most popular one for fintech firms, there is also an increasing number of fintech firms partnering up with incumbents,185 and finally some that just seek to be acquired by an incumbent.186 4.1.2 Techfin and Bigtech A more recent trend drawing a lot of scholarly attention lately is the entry of (large) non-financial firms (primarily from the tech industry, ecommerce, or telecommunications) in the financial services sector called ‘techfins’.187 The distinctive feature about these types of firms is that their origin derives from the (broader) technology, telecom, or e-commerce sector which then adds financial services to their value chain.188 This especially includes the group of companies known as ‘bigtech’, named appropriately so due to their control over a large share of data flow in 185 Cooperation includes (but is not limited to) incumbents giving fintechs access to clients or the market (by reducing their regulatory burden, see above at p. 122ff.) as well as incumbents outsourcing business, for example lending, to fintech firms. Also, some team up with traditional or incumbent firms to facilitate new kinds of services for customers in their sectors (e.g. the virtual currency Ripple XPR). For more on that, see Yadav and Brummer (n 183) 276f. 186 For example, Fidor, see ‘Fidor Bank Acquired by France’s BPCE Groupe’, Let’s Talk Payments, 29 July 2016, https://letstalkpayments.com/fidor-bank-acquired-by-fra nces-bpce-groupe/. 187 E.g. Zetzsche and others, ‘From Fintech to Techfin: The Regulatory Challenges of Data-Driven Finance’ (n 183) or; Jànos N Barberis, ‘From Fintech to Techfin: Data Is the New Oil’ The Asian Banker (16 May 2016), https://www.theasianbanker.com/upd ates-and-articles/from-fintech-to-techfin:-data-is-the-new-oil. 188 There is a lot of ambiguity around the term ‘Techfin’. While some commentators or policymakers use it more largely interchangeably with ‘Bigtech’ (see, e.g., Zetzsche and others ‘From Fintech to Techfin: The Regulatory Challenges of Data-Driven Finance’ [n 183]), some use it to refer to fintechs, which outgrow the start-up phase (see FSB, ‘BigTech in Finance: Market Developments and Potential Financial Stability Implications’ (FSB 2019)). For more information and references on the terminology of Techfin, see Zetzsche and others ‘From Fintech to Techfin: The Regulatory Challenges of Data-Driven Finance’ (n 183) fn 3. Certainly, bigtechs are also active in many other areas, raising not less significant policy and regulatory questions that are however not in the scope of this book.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

141

the digital economy. Prominent examples for bigtechs in the US and EU market include Amazon, Google, Apple, Facebook, and Microsoft or Vodafone. In China, the most known bigtechs are Alibaba and Tencent. Their control over data provides them with a competitive edge not only in the financial services sector but also in largely every part of the economy.189 Typically, their business model consists of a combination of two key features, namely (1) network effects (esp. generated by platform solutions), and (2) technology (especially using AI and Big data).190 In terms of their use of novel technology to provide innovative financial services, they are functionally not distinct from fintech firms, but rather a subset of it.191 Techfins have in common that they benefit from having large customer bases (which they built up in their primary business field) and possessing massive amounts of data from those customers.192 In addition to that, they typically have considerable financial resources and regular income streams from their primary business segment. This potentially enables them to navigate complex regulations and if necessary build parallel infrastructure and systems.193 These attributes put them in a position to be able to scale rapidly across almost all major business segments as well as in financial services.194 Moreover, they might not only have an advantage when entering the financial services sector, but their activity therein can create synergies with their primary business field: The provision of financial services generates (qualitatively different) data which can be used to improve the bigtech’s core business.195 They 189 BigTechs are large technology firms and typically refer to a specific group of individual companies, most of which are named in this part. See also BIS, ‘Annual Economic Report’ (BIS 2019) 55. 190 See Jon Frost and others, ‘BigTech and the Changing Structure of Financial Intermediation’ (BIS 2019) 2f. 191 Similarly, FSB, ‘BigTech in Finance: Market Developments and Potential Financial Stability Implications’ (n 188) 3. 192 Ibid. 1. For what types of data this can entail, see Zetzsche and others, ‘From Fintech to Techfin: The Regulatory Challenges of Data-Driven Finance’ (n 183) 406f. 193 See also Feyen and others (n 7) 28. 194 See also FSB, ‘BigTech in Finance: Market Developments and Potential Financial

Stability Implications’ (n 188) 4f. and the corresponding graphs. For empirical evidence on the economic advantages of bigtech over incumbent institutions, with a focus on credit assessment, see Frost and others (n 190), sec. 4. 195 For more on the potential motivations and the business models of bigtechs, see BIS, ‘Annual Economic Report’ (n 189) 61ff.

142

C. RUOF

could also tie the financial service to their primary service, for instance, by enforcing loan repayment by the threat of disadvantages or exclusion from their ecosystem.196 While the presence of bigtech has advanced most in the financial services sector in China and other Asian countries, it’s also gaining significant traction in Europe and the USA.197 The existing gap between the Asian region and Europa/the USA is to a large extent the result of an already existing and relatively cemented structure in the latter, with established players and a large share of the population that has already been integrated into the financial system.198 For example, this is illustrated by the payments sector where techfins clearly dominate the market in China199 while in Europe and the USA this field had already been conquered by other means of electronic payment such as credit and debit cards.200 However, established structures are in the end not likely to prevent, but only delay the rise of techfin, as indicated by the increasing number of authorizations of bigtech subsidiaries as payment or electronic money institutions in the USA and EU.201 Moreover, some bigtechs have started applying for and in some cases are already receiving banking licences. For instance, in Europe, telecoms company Orange has a banking licence for Orange Bank.202 Others started to partner up

196 See also Feyen and others (n 7) 23f. 197 See Frost and others (n 42 in Chapter 6), also with data on the market volume of

bigtech in different regions. Also FSB, ‘BigTech in Finance: Market Developments and Potential Financial Stability Implications’ (n 40 in Chapter 6) Graph 3 and Graph III at Frost and others (n 36 in Chapter 6). 198 BIS, ‘Annual Economic Report’ (n 35 in Chapter 6) 57ff. 199 See Frost and others (n 42 in Chapter 6) 6f. and FSB, ‘BigTech in Finance: Market

Developments and Potential Financial Stability Implications’ (n 40 in Chapter 6) 6. 200 FSB, ‘BigTech in Finance: Market Developments and Potential Financial Stability Implications’ (n 34 in Chapter 6) 6. Also, as opposed to China and some countries, in the EU and USA these payment innovations operate on existing infrastructure (see above, p. 107ff.). 201 For the EU, see EBA, ‘Payment Institutions Register’ (https://euclid.eba.europa. eu/register/pir/disclaimer?returnUrl=%2Fpir%2Fsearch). In the EU, this is likely to have been partly catalysed by the introduction of the PSD2, which (subject to customer consent) enables bigtechs, if they hold a respective licence, to access payments-related data previously only available to (incumbent) banks. See ibid. 7 with Table 1 showing bigtech licences for payment subsidiaries in the EEA. 202 Frost and others (n 190) 8.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

143

with established financial players.203 While bigtech firms generally saw rapid revenue growth during the pandemic as lockdowns moved life and commerce online, there is also growing evidence that they have further expanded their footprint in financial services over that period.204 At this stage, techfins mostly offer payment services, many offer loans, and some also offer insurance and wealth management products.205 However, the status quo is likely to face disruptions: Facebook’s (failed) plan to launch its own cryptocurrency—Diem206 —which is closely integrated into the world’s most ubiquitous social media platform can be seen as a warning of bigtech companies’ high ambitions.207 If it had been successful, Diem would have given Facebook the chance to leverage their social network for creating a similarly wide payments network—with unknown implications for financial stability.208 While techfins often act as direct competitors to incumbent financial institutions and fintech firms (such as in the payment sector), but also often provide financial services in partnership with (incumbent) financial

203 For example, the recent cooperation between Apple and Goldman Sachs. See, e.g.,

Patrick McGee and Joshua Franklin, ‘Apple teams up with Goldman Sachs on high-yield savings account’ (Financial Times, 13 October 2022). 204 See FSB, ‘FinTech and Market Structure in the COVID-19 Pandemic – Implications for financial stability’ (FSB, 2022) 2ff. 205 FSB, ‘BigTech in Finance: Market Developments and Potential Financial Stability Implications’ (n 188) 4f.; Feyen and others (n 7) 23. 206 Diem started under the name of Libra, until it was rebranded in December 2020. 207 See Libra White Paper, https://libra.org/en-US/white-paper/. Due to strong

opposition from regulators and scholars, Libra was though not realized. For more on the strong reaction to the announcement, see Caroline Binham, Chris Giles, and David Keohane, ‘Facebook’s Libra Currency Draws Instant Response from Regulators’ Financial Times (18 June 2019), https://www.ft. com/content/5535fb3a-91ea-11e9-b7ea-60e35ef678d2; Jack Kelly, ‘Facebook’s Libra Comes Under Fire In Senate Hearing—Here’s Why Congress Is Terrified’ Forbes (16 July 2019), https://www.forbes.com/sites/jackkelly/2019/07/16/facebooks-libracomes-under-fire-in-senate-hearing-heres-why-congress-is-terrified/; Graham Steele, ‘Perspective | Facebook’s Libra Cryptocurrency Is Part of a Disturbing Financial Trend’ Washington Post (12 August 2019), https://www.washingtonpost.com/outlook/2019/ 08/12/facebooks-libra-cryptocurrency-is-part-disturbing-financial-trend/. 208 For more on Diem and the potential effects, it would have had, see Allen, Driverless Finance (n 88) 100ff.

144

C. RUOF

institutions.209 These partnerships span from bigtechs acting as a service provider for the financial institution (for example, providing technical infrastructure or cloud services210 ) over financial institutions enabling bigtechs to provide their own financial services (without becoming subject to banking regulation) to bigtechs incorporating a financial institution’s service into their core business line (for example, offering the customer to apply for a loan in the bigtech’s customer interface, which is then transmitted to a bank).211 Such partnerships are often multidimensional where bigtech deals with several institutions (banks, credit card networks, fintech firms, etc.) simultaneously.212 4.1.3 Technology Provider/TPPs Furthermore, there are companies that provide a process service or activity, such as infrastructure or technological support, which the receiving company would otherwise carry out itself (Third-party providers; TPPs).213 TPPs encompass a wide array of firms which include traditional suppliers of electricity, telecommunications, or physical hardware.214 For this study, the focus will be on TTPs’ provisions of digital services, including: data services, data management, infrastructure services, and cloud services. Even though those companies (mostly) operate in the background and do not conduct any financial services themselves, they become an increasingly significant actor in the financial services sector.215 Put differently, they can be described as ‘pure’ technology companies that fulfil a supporting function to financial companies.216 They solely have a contractual relationship with the financial 209 That particularly applies to Europe and the USA. See FSB FSB, ‘BigTech in Finance: Market Developments and Potential Financial Stability Implications’ (n 188) 15f. 210 See Frost and others (n 190) 8. 211 See FSB, ‘BigTech in Finance: Market Developments and Potential Financial

Stability Implications’ (n 188) 15ff. enlisting also further partnership forms. 212 Ibid. 17. 213 A similar definition is used by FCA, e.g. at, https://www.fca.org.uk/firms/out

sourcing-and-operational-resilience. See also EBA, ‘Report on the Impact of Fintech on Credit Institutions’ Business Models’ (EBA 2018) 14. These TPPs typically provide market support services, as described above in Sect. 2.4. 214 See FSB, ‘Third-Party Dependencies’ (n 131) 4. 215 See above in at Sect.3.4. 216 See above.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

145

institution (which can be an incumbent, a fintech, or any other kind) mostly on a flexible service basis.217 Relationships can also exist between different TPPs, so-called ‘fourth parties’.218 Moreover, there is no direct relationship with the consumer, to whom those TPPs are mostly invisible. Overall, TPPs are much more (pure) technology companies than fintech firms. On the spectrum of finance and technology, TPPs could almost be located at the technology end (as illustrated in Fig. 2). The firms that belong in the category of TPPs are far from homogenous. While there is a large number of small, specialized firms offering niche services for financial institutions,219 some market segments display a high level of concentration. In the cloud market, economies of scale play a key role this is best visible.220 Here, a small number of bigtech companies, above all Amazon and Microsoft, dominate the major share of the market.221 In other TPP market segments on the other hand the market is much more scattered, showing a large number of smaller specialized players. For the recipient of the service, the TTPs can fulfil varying functions. For instance, small fintech firms often act as enablers222 which facilitate easier market entry by providing infrastructure that would often be prohibitively expensive when built up in-house.223 Such services also ensure a high level of flexibility and adaptability, making them often utilized by neo-banks and helped them to have grown at the pace they did. On the other hand, big incumbent players primarily make use of TTPs’ services as a matter of outsourcing in order to keep up with the dynamic of the market and the standard of flexibility that fintech firms and neo-banks set.224

217 See above on the ‘as-a-service’-model at Sect. 3.4. 218 See FSB, ‘Third-Party Dependencies’ (n 131) 4. 219 See above at Sect. 3.4. 220 See FSB, ‘Third-Party Dependencies’ (n 131) 7. 221 In 2019, the top 5 public cloud providers accounted for 80% of the market share.

See, e.g., Gartner, ‘Gartner Says Worldwide IaaS Public Cloud Services Market Grew 37.3% in 2019’ (Gartner, 10 August 2020), https://www.gartner.com/en/newsroom/ press-releases/2020-08-10-gartner-says-worldwide-iaas-public-cloud-services-market-grew37-point-3-percent-in-2019. 222 See above. 223 See also FSB, ‘Third-Party Dependencies’ (n 131) 10. 224 Also Enriques and Ringe (n 149) 376ff.

146

C. RUOF

Fig. 2 Different types of players on the finance-technology spectrum (Source Author)

4.1.4 Neo-Banks Neo-banks225 refer to a new generation of technology-driven banks that—just like their incumbent competitors—offer full-service banking, but in a fully digital more cost-effective and innovative way.226 This fullservice is what distinguishes them from fintech firms, which typically offer only one or few services of that portfolio. Neo-banks also operate with full banking licences.227 As opposed to incumbents, they do not run any physical brick-and-mortar branches, and instead, offer banking services through a smartphone app and internet-based platform. They seek to leverage novel technologies to the fullest, using cloud providers and APIbased systems which supposedly provide them with much more flexibility than incumbents and their legacy infrastructure systems.228 In contrast to small fintech firms, they already outgrew the start-up stage, and are typically seeking to scale up their activity at a high pace.229 Neo-banking emerged around 2010, namely in the UK with players such as Monzo

225 On the functions that neo-banks perform, see also above Sect. 3.4. 226 See Basel Committee on Banking Supervision (n 8) 17f. Some commentators also

include smaller niche-provider in this category. Here however, those belong to ‘consumerfaced fintechs’, while neo-banks refer to (rather) full-service firms. For a detailed report on the dissemination and the development of neo-banks, see Business Insider Intelligence, ‘The Global Neobanks Report’ (2019). 227 Sometimes, a distinction is made between ‘full service’ and ‘relationship-only’ neo-banks. Thereby, the latter have no banking licence and only offer the customer a relationship-side service, either using a traditional bank for processing transactions or in a partnership model. See, e.g., BBVA, ‘Neobanks: Creating a Digital Bank from Scratch’ (2016) BBVA Research 5. For the purpose of this book, these belong to the fintech category. 228 See above. 229 Certainly, there are also significant differences among neo-banks. See, e.g., KPMG,

‘A New Landscape—Challenger Banking Annual Results’ (2016), categorizing them in ‘small challengers’ and ‘large challengers’.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

147

and Atom Bank.230 Other prominent examples that subsequently hit the market include Bunq in the Netherlands, WeBank in China, Simple and Varo Money in the USA, N26 in Germany, and Fidor in both the United Kingdom and Germany.231 Similarly to the previous types of actors, neobanks are growing at an increasingly high rate and are projected to keep doing so in the future.232 Neo-banks seek to differentiate themselves from traditional banks by embracing a much more open ecosystem. Many of them employ platform models, encouraging third-party providers and small fintech firms to work with them, and thereby providing customers with access to a large variety of different products and services. They also aim to be able to permanently adapt their service and product portfolio according to changing market developments or consumer preferences.233 In some instances, the core banking systems of neo-banks are characterized by a network of micro-services, with many different components operating separately but integrated together rather than having the whole system in the same program. This allows them to implement changes and innovate at a much faster pace compared to the traditional approach.234 Apart from that, there are additional forms of cooperation that neo-banks engage in with other players: as described above, neo-banks also act as enablers for small fintech, especially when offering ‘white-label-banking’ services.235 At the same time, they contract with numerous TPPs for running their back-office and infrastructure operations.236

230 CrowdfundUPTeam, ‘What Is a Neo Bank and How Are They Disrupting Traditional Banking Models?’ (ACRE Assets, 23 July 2018), https://medium.com/cro wdfundup/what-is-a-neo-bank-and-how-are-they-disrupting-traditional-banking-models3c1b2fa5b8e1. Also Amanda James, ‘Neo Bank vs Challenger Bank: The Talk of the Town’ (Medium, 4 June 2019), https://amandajames19868.medium.com/neo-bank-vschallenger-bank-the-talk-of-the-town-53238a5dfe22. 231 See Basel Committee on Banking Supervision (n 8) 17. 232 Aarti Goswami, Pramod Borasi and Vineet Kumar, ‘Neo and Challenger Bank

Market by Service Type (Loans, Mobile Banking, Checking & Savings Account, Payment & Money Transfer, and Others) and End User (Business and Personal): Global Opportunity Analysis and Industry Forecast, 2020–2027’ (AlliedMarketResearch 2020). 233 Also, see KPMG, ‘A New Landscape—Challenger Banking Annual Results’ (n 229). 234 See above at p. 122ff. Also, Gabriel Hopkinson and others, ‘How Neobanks’

Business Models Challenge Traditional Banks’ (Aalbord University, 16 August 2019). 235 See at p. 124. 236 See above p. 122ff. and 149ff.

148

C. RUOF

4.1.5 Incumbent Financial Institutions Despite increasing competition and a changing environment, the basic economic forces that protected the incumbent financial institutions’ market share in the past still enable them—at least for now—to maintain relatively dominant, especially in Europe and the USA.237 They typically provide the full range of banking services via a network of established physical branches complemented by online distribution channels. Incumbents benefit from economies of scale and scope as well as their reputation and trust that they have built in the past.238 However, the emergence of diverse competitors has put them under pressure to prevail in this new environment. Competitive pressure is particularly strong on commercial banks which rely on ‘classic’ banking business such as lending and deposit. They are faced with the potential scenario of specialized fintech firms stripping away profitable products and services, leaving them with an embedded cost base and products and services with lower margins.239 Besides, business sectors that relied on direct human interaction and were fee-driven are under threat, for instance, this is visible with traditional asset management.240 To cope with this, incumbent institutions have rolled out innovation and digitalization strategies to grasp the fintech agenda and explore its potential for their benefit. This often includes shedding overhead costs and employees, leverage and compete for customer relationships and—more generally improve and digitalize their product portfolio.241 While some simply gradually digitalize and optimize their existing operations and reduce their branch network, others have strategically decided to disrupt their own businesses by launching new digital banks.242 For example, BBVA’s subsidiary in the USA and Intesa SanPaolo in Italy have created platforms in order 237 Feyen and others (n 7) 20f. 238 Notably, this argument can also be turned upside down by saying that the damaged

trust and reputation as a result of the GFC created the moment for fintech in the first place. 239 See also Feyen and others (n 7) 20f. For example, firms like Transferwise and Remitly targeted the relatively high-margin international money transfer business (see also p. 27). 240 See above at Sect. 3.3. 241 Feyen and others (n 7) 21. 242 See EBA, ‘Report on the Impact of Fintech on Credit Institutions’ Business Models’

(n 213) 16.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

149

to create their own ecosystem, similar to those that neo-banks operate in.243 In-house development of fintech solutions is often conducted through (relatively independent) internal accelerators or innovation labs where a dedicated team constantly monitors the fintech market and is supposed to—with a fresh perspective—identify and develop potential applications.244 Not least, the relationship between incumbents and new players (esp. fintech firms) is not just of competitive nature, but often also characterized by partnerships and collaboration.245 This brief typology of key players in the modern financial services environment showed that in addition to incumbent institutions, there are a number of new entities entering the financial services market. These new actors have in common that they all leverage new technologies while data often plays a key role in the business model they pursue. In addition, these new players are through various forms of partnerships interwoven with each other as well as with the already existing incumbent institutions. Regarding the latter, the relationship is both marked by competition as well as by cooperation. Each of these players certainly brings its own idiosyncratic challenges. More importantly though, on a macro level, the combination of all contribute to a structural shift, creating an utterly new financial services landscape.246 4.2

New Pace of Innovation

As shown earlier in Chapter 4, Sect. 3, the high pace of innovation is for several reasons a characteristic feature of the financial services sector, which has been marked by fast innovation cycles and high diffusion rates of innovations for quite some time. While this pace has continuously followed an upward trajectory,247 the current pace of innovation appears to be significantly higher. For instance, when comparing the 243 See Enriques and Ringe (n 149) 379. 244 See also EBA, ‘Report on the Impact of Fintech on Credit Institutions’ Business

Models’ (n 213) 29f. 245 For the EU market, see ibid. 22ff. 246 See below in Chapter 6. 247 For instance, when comparing the length of time for adoption of different financial innovations, the adoption of the ATM occurred over two decades, while internet banking and mobile banking already have been adopted over much shorter intervals. See Basel Committee on Banking Supervision (n 8) 13.

150

C. RUOF

length of time for adoption of different banking innovations, ATM adoption occurred over two decades whereas internet banking and mobile banking have already been adopted over progressively shorter intervals.248 Adoption of fintech services on the other hand show considerably faster adoption rates. According to a PwC study, adoption of fintech services has moved steadily upward, from 16% in 2015, where the study was first published, to 33% in 2017, to 64% in 2019.249 There is growing evidence suggesting that the COVID-19 pandemic further accelerated the adoption rate of fintech services.250 While very fast adoption rates were already part of the wholesale sector before the crisis,251 with respect to consumer financial services, it is a new phenomenon. At the same time, the growing number of start-ups entering the sector as well as the continuously growing flow of investment into fintech firms252 also indicate an increase in innovation activity. In sum, more companies are entering the market while concurrently the diversity and number of services being offered to consumers continues to increase all of which are being adopted at a high pace. There are a number of reasons why the pace of innovation has accelerated during the era of fintech. First, it is a phenomenon that is clearly not exclusive to financial services but pervades across industry sectors. For instance, when looking at medicine, transportation, or communication, the last decades have witnessed an unprecedented number of innovations that changed the lives of millions of people. Most recently for example, in 2020, the world witnessed by far the fastest development of a highly effective vaccine against the coronavirus.253 Faster innovation cycles also help to explain why publicly traded companies are disappearing at a faster

248 See Ehrentraud and others (n 4) 14. 249 See EY, ‘Global FinTech Adoption Index 2019 As FinTech Becomes the Norm,

You Need to Stand out from the Crowd’ (2019). This number is based on a survey of more than 27.000 consumers in 27 markets. 250 FSB, ‘Fintech and Market Structure’ (n 204) 2ff. 251 This applies particularly to securitized products of financial engineering, such as

CDO’s or CDS’s. See, e.g., Awrey, ‘Comeplexity’ (n 31 in Chapter 3). 252 For the global investment activity in fintech for the years between 2014 and 2019, see KPMG, ‘The Pulse of Fintech H2 2019’ (2020) 9. 253 See Philip Ball, ‘The Lightning-Fast Quest for COVID Vaccines—and What It Means for Other Diseases’ (Nature, 18 December 2020), https://www.nature.com/art icles/d41586-020-03626-1.

5

FINTECH—WHAT’S NEW ABOUT IT (AND WHAT ISN’T)?

151

rate—in fact six times as fast as forty years ago—presumably becoming victims of ‘creative destruction’.254 This common trend can in turn be traced to innovations in technology, which underlie products in these sectors—an explanation that particularly applies to financial services.255 As shown above, all the significant fintech innovations are highly driven by very recent technological innovations such as blockchain or cloud computing.256 With accelerating pace in these technologies, parallelly the pace of innovation in finance increases as well. With respect to the financial sector though, the relationship between developments in underlying technologies and the pace of innovation is not fully synchronized. Rather, several factors further accelerate the latter. First, there are market support services accelerating the speed of entry and scaling in the market. By reducing fixed and marginal costs of producing financial services as well as giving small fintech firms access to sophisticated capabilities, they lower barriers to entry to the market. For example, cloud technology companies are enabling firms across the financial sector to innovate more rapidly by granting access to powerful computing resources.257 Having entered the market, firms can scale more easily, as market support services allow for growing capacity in tandem with their service without the initial setup costs previously required.258 Where open banking is in force, small start-ups can additionally leverage data from existing financial institutions, giving further potential to scale. At the same time, smartphones and other modern communication technologies enable also small firms to reach a massive number of consumers at once and quickly disperse an innovation on a wide scale.259 At the same time, the adoption of new applications can grow non-linearly given the network 254 See Martin Reeves, Simon Levin and Daichi Ueda, ‘The Biology of Corporate Survival’ [2016] Harvard Business Review, https://hbr.org/2016/01/the-biology-of-cor porate-survival. On creative destruction, see above at p. 70ff. 255 See also with further references Peter Gomber and others, ‘On the Fintech Revolution: Interpreting the Forces of Innovation, Disruption, and Transformation in Financial Services’ (2018) 35 Journal of Management Information Systems 220, 224f. 256 See above at Sect. 2. 257 See U.S. Department of the Treasury (n 19) 44 or Feyen and others (n 7) 17. 258 Feyen and others (n 7) 16. 259 For instance, only 9 months after Alibaba had started offering their customers to put their excess balance in their accounts of Alibaba’s payments affiliate Ant Financial Services Group into a new Money Market Fund, the fund had grown to become the fourth largest Money Market Fund in the world. See Tjun Tang, Yue Zhang and David

152

C. RUOF

effects. Even more so, technology facilitates new business models and structures, such as white-label-banking which spur innovation activity.260 In combination with innovative technological solutions, they can substantially reduce fixed and marginal costs of offering financial services, easing market access for new competitors.261 Hence, technological innovation not only (directly) translates into innovative financial services building on those technologies, but also leads to knock-on effects, further fuelling the speed of innovation. Moreover, fintech innovations are typically overlapping and mutually reinforcing, further fuelling the overall pace of innovation in the sector.262 Not least from a behavioural economics perspective, the arguable hype that is currently around fintech innovations is further accelerating this development through surging consumer demand as well as investment capital.263 Briefly, the pace of financial innovation has been constantly accelerating over the past. This constant growth has been exacerbated in the era of fintech and further complicates the task of regulators by expediting everything—from the emergence of risks to their materialization, as well as the introduction of regulation to its obsolescence.264

He, ‘The Rise of Digital Finance in China—New Drivers, New Game, New Strategy’ (Boston Consulting Group 2014) 4f. 260 See above at p. 124f. 261 See also Feyen and others (n 7) 12. 262 See He and others (n 72) 11 also providing examples. 263 See Basel Committee on Banking Supervision (n 8) 14 locating fintech in the

‘hype cycle’ according to Gartner: ‘Thus fintech in general may well be hyped and some innovations may already be entering the “trough of disillusionment” but, as history shows, this does not necessarily mean that fintech will have no lasting effect on the banking sector’. 264 More on this later in Chapter 7.

CHAPTER 6

Digital Disruption: Structural Shifts Under Fintech

This chapter will outline the structural shifts that fintech brings to the financial services sector and show how fintech is reshaping its key dynamics. These shifts are to a large extent a product of the interaction of the forces at work as identified in the previous chapter. This chapter identifies three distinct, yet interrelated shifts that are associated with fintech. Namely, these are (1) the reduction and changing of the role of traditional intermediaries and formerly centralized processes in the provision of financial services (Decentralization); (2) the qualitatively new significance of conventional as well as novel types of data (Datafication); (3) and the new role of algorithms and AI that corresponds with a move away from human-based decision-making and control (Automation). In analysing these shifts, this chapter puts a strong focus on their informational implications. In particular, it examines changes in the distribution, quality and quantity of information in the market and where it now originates. It argues that through these shifts lay at the core of the regulatory challenge associated with fintech and bear the potential to significantly exacerbate the information problem and raise the risk for regulatory mismatch. The analysis in this chapter will inform the identification of implications for the job of regulators in the context of the inherent information problem (Chapter 7).

© The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 C. Ruof, Regulating Financial Innovation, EBI Studies in Banking and Capital Markets Law, https://doi.org/10.1007/978-3-031-32971-5_6

153

154

C. RUOF

1

Introduction to the Analysis

A lot has been and is being written about the topic of fintech. Legal scholars are increasingly interested in various legal and regulatory challenges posed by the new technological advances in the financial sector.1 Among those, a major share of literature focuses on specific legal, economic, or operational aspects of individual fintech applications.2 Alongside these targeted legal analyses, there is an expanding body of scholarship that attempts to take a broader view of issues fintech raises for lawmakers and financial regulators.3 This chapter makes a contribution to the existing literature by looking more broadly at fintech as a systemic phenomenon and its structural implications on the financial services sector. Most importantly, it analyses these structural changes through an informational lens, i.e. with a view to its impact on the information deficit and thereby adds a so far neglected perspective to the debate. As outlined in Chapter 2, the structure of the financial system can be described in various ways, such as the difference between a market-based

1 A comprehensive fintech literature survey with relevant research studies and policy discussion around the various aspects of fintech is provided by Franklin Allen, Xian Gu and Jagtiana Julapa, ‘A Survey of Fintech Research and Policy Discussion’ (2021) 1 Review of Corporate Finance 259. 2 See, e.g., Wolf-Georg Ringe and Christopher Ruof, ‘Robo Advice—Legal and Regulatory Challenges’ in Iris HY Chiu and Gudula Deipenbrock (eds), Routledge Handbook of Financial Technology and Law (Routledge 2021); John Armour and Luca Enriques, ‘The Promise and Perils of Crowdfunding: Between Corporate Finance and Consumer Contracts: The Promise and Perils of Crowdfunding’ (2018) 81 The Modern Law Review 51; Shlomit Azgad-Tromer, ‘Crypto Securities: On the Risks of Investments in BlockchainBased Assets and the Dilemmas of Securities Regulation’ (2018) 68 The American University Law Review 69; Tom Baker and Benedict Dellaert, ‘Regulating Robo Advice Across the Financial Services Industry’ (2018) 103 Iowa Law Review 713; Adam J Levitin, ‘Pandora’s Digital Box: The Promise and Perils of Digital Wallets’ (2018) 166 University of Pennsylvania Law Review 305. 3 Douglas W Arner, Jànos N Barberis and Ross P Buckley, ‘FinTech, RegTech, and the Reconceptualization of Financial Regulation’ (2017) 37 Northwestern Journal of International Law & Business 371; W Magnuson, ‘Regulating Fintech’ (2018) 71 Vanderbilt Law Review 1167; Omarova, ‘Technology v Technocracy’ (n 2 in Chapter 1); Yesha Yadav and Chris J Brummer, ‘Fintech and the Innovation Trilemma’ (2019) 107 Georgetown Law Journal 235; Iris HY Chiu, ‘Fintech and Disruptive Business Models in Financial Products, Intermediation and Markets—Policy Implications for Financial Regulators’ (2016) 21 Journal of Technology Law and Policy 55.

6

DIGITAL DISRUPTION: STRUCTURAL SHIFTS UNDER …

155

financial system and a bank-based system. While this displays a very fundamental structural difference, the term can also encompass more subtle features. As used in this study, market structure refers to those characteristics of a market that influence the nature, behaviour, and results of the firms working in that market.4 Market structures can be influenced by numerous factors, such as the number and size of market participants, barriers to entry and exit, significant interdependencies, emerging key technologies, and more.5 In contrast to those individual characteristics, shifts in the structure are typically taking place more under the surface and are therefore less visible. Identifying them requires taking a step back and adopting a high-level perspective. Furthermore, in comparison with the features described above, structural changes go deeper and affect the very basis of how financial services are being provided. Structural shifts in the financial sector do not occur overnight, but rather are an ongoing process. Importantly, structural shifts undermine regulatory assumptions underlying the existing framework and raise the risk of regulatory mismatch, which mandates the regulator to adapt to the new structures to be able to fulfil its mandate.6 While the concrete shapes and forms the financial services sector will take and the concrete innovations it will yield remain unclear, the shifts identified in the following section are meant to capture some key enduring trends that are underlying the development in the sector of the current innovation era, i.e. in the present and presumably in the not too distant future. In the following, I focus on three distinct but closely related structural shifts brought by fintech of particular importance from an informational perspective.7 These are: (1) the reduction and changing of the role 4 For other uses of market structure, encompassing parts of it as used here,

see https://policonomics.com/lp-market-structures-market-structure/; FSB, ‘FinTech and Market Structure in Financial Services: Market Developments and Potential Financial Stability Implications’ (n 554); Omarova, ‘New Tech v. New Deal: Fintech as a Systemic Phenomenon’ (n 434) 780; Omarova, ‘Technology v Technocracy’ (n 2) 87ff. 5 See also FSB, ‘FinTech and Market Structure in Financial Services: Market Developments and Potential Financial Stability Implications’ (n 134 in Chapter 5). 6 See also Iris HY Chiu, ‘Fintech and Disruptive Business Models in Financial Products, Intermediation and Markets—Policy Implications for Financial Regulators’ (2016) 21 Journal of Technology Law and Policy 55, 68. 7 Certainly, this list is not definite. Another important shift that can be observed for instance is a geographical one. Whereas historically the developed countries, especially those with large financial markets were the major drivers of innovation, a lot of innovation,

156

C. RUOF

of traditional intermediaries and formerly centralized processes in the provision of financial services (Decentralization); (2) the new role of algorithms and AI that corresponds with a move away from human-based decision-making and control (Automation); and (3) the qualitatively new significance of conventional as well as novel types of data (Datafication).8 Together, as will be shown, these interconnected shifts render the financial services sector more complex and increasingly challenging to regulate.

2

Decentralization

The first shift that fintech brings to financial services is arguably the most impactful one on the structure of the sector. I use the term decentralization to describe the phenomenon where processes, control, and activity in the financial services sector are becoming more disaggregated (as opposed to concentrated).9 Decentralization is not a binary property but is better envisioned as one end of a spectrum with centralization being the other end.10 The decentralization of the sector as a whole can be divided into several layers, the most important of which will be outlined in the following. The first of these is the decentralization of actors: While traditionally financial services was a more oligopolistic sector with a few big incumbents dominating the market—with the emergence of fintech—this structure is crumbling. As mentioned above, in the fintech era, the sector saw numerous market entries by a diverse set of small and specialized players. These players are not only competitors to incumbent firms, but they also interact with these and each other in utterly new ways. Related to that but warranting separate analysis is the decentralization of market activity, which refers to fragmentation of formerly centrally performed

including some ‘disruptive’ ones, are taking place in developing regions. See, for instance, with respect to innovation in the payment sector, see above in Chapter 5, Sect. 3.1. 8 A comparable framework, though with differing emphases, has been brought froward by Yadav and Brummer (n 183 in Chapter 5) 264. 9 A ‘distributed’ system, on the other hand, while also referring to the division of a system in more parts, does not (necessarily) entail a diffusion of power/control. Rather, the divided parts can still be controlled by a central entity. See also Cambridge Centre for Alternative Finance, ‘Distributed Ledger Technology Systems—A Conceptual Framework’ (2018) 45. 10 See also ibid. 44.

6

DIGITAL DISRUPTION: STRUCTURAL SHIFTS UNDER …

157

tasks and functions. Needless to say, technology plays a key role in facilitating these layers of decentralization. However, and thirdly, there are also technologies—most importantly DLT—which are inherently designed in a decentralized fashion and consequently make up another form of the sector’s decentralization. In the following, these changes will be further analysed with a particular view on what is being decentralized and to whom. 2.1

Decentralization of the Playing Field

The first layer of decentralization concerns the field of actors in the financial services sector. While the types of new players have already been described above, this part will focus on the associated changes to the structure of the sector. As opposed to the transition of the sector from brick-and-mortar institutions to the digital sphere11 which has started already a while ago, the shift from big one-stop-shop institutions to a patchwork of specialized players is a more recent trend. Unlike in earlier eras, where the sector was dominated by a few big players, with fintech, an immensely diverse set of new actors entered into financial services12 whose primary expertise not rarely resides in tech rather than finance. These new players contribute to the decentralization of the sector in several ways: First, as noted above, many small fintech firms are targeting discrete parts of an incumbent’s financial supply chain and (attempt to) provide that service in an improved fashion or supplement existing bank services. Whereas in earlier eras it was common for a consumer to have all financial aspects managed by one bank, fintech has brought an unprecedented degree of fragmentation to financial services. This has led to an unbundling and horizontal disintegration of financial services consumption.13 From a consumer’s perspective, it is not uncommon anymore to have a deposit account at one institution, while receiving investment, lending, and payment services from other firms, respectively.14 Easy

11 On that see, e.g., Arner, Barberis and Buckley (n 60 in Chapter 4). 12 See above in Chapter 5, Sect. 4.1. 13 See also Feyen and others (n 7 in Chapter 5) 15. 14 See Feyen and others (n 7 in Chapter 5) 14, 29. EY, ‘Global FinTech Adoption

Index 2019 As FinTech Becomes the Norm, You Need to Stand out from the Crowd’ (n 249 in Chapter 5) 5ff and 14.

158

C. RUOF

switching from one provider to another is enabled by advances in connectivity and online search, theoretically allowing the consumer to search for the best service around the globe. Even in cases where the fintech service (seamlessly) is—from a consumer’s perspective—part of the product portfolio of an incumbent institution, the substance, i.e. the effective control and responsibility for the service, can be with an external player, i.e. fintech firm (see also below on the decentralization of activity).15 Moreover, some platform business models, especially in the lending space, decentralize the sector in the sense that they ‘match’ consumers with each other. The function of the classic intermediary is hereby often significantly reduced and/or provided by an algorithm. In those cases, where the intermediary is almost fully cut off, these platforms disintermediate, which in effect equals a decentralization to the smallest economic unit, i.e. the individual consumer. This resembles a shift from an indirect finance structure towards one more alike to direct finance. On the other hand, where those platforms perform the function of the intermediary differently (i.e. by using sophisticated algorithms), they cause re-intermediation—while giving technology (as opposed to a human) a greater role in the process of intermediating.16 This decentralization in the ‘front’17 is accompanied by a perhaps even more important decentralization in the ‘back’. Whereas traditionally financial institutions have been running their infrastructure and backoffice processes in-house, those processes are also being outsourced to specialized players.18 Outsourcing in this field in the past was generally limited to custodial services, utility providers, e.g. telecommunications companies. Technological advances, however, have reduced the costs of,

15 That is a difference to earlier models, where incumbent institutions ran certain branches of their business at separate entities (subsidiaries), which, however, were under the full control of those incumbents. See Yadav and Brummer (n 183 in Chapter 5) 275f with further references. 16 Chiu (n 36 in Chapter 5) 83ff. For a broader account on this process, see also Tom CW Lin, ‘Infinite Financial Intermediation’ (2015) 50 Wake Forest Law Review 643. 17 The ‘front’ in this context includes all those activities that are directed to the consumer, while the ‘back’ encompasses those activities not visible for her. Namely, frontend activity, for example, includes investment management, lending or payment services, back-end activity, on the other hand, risk modelling, data collection and management, compliance and alike. 18 See above at p. 122ff. and 149ff.

6

DIGITAL DISRUPTION: STRUCTURAL SHIFTS UNDER …

159

and need for, much of legacy back-office functions and infrastructure.19 This has given room for third parties to step in and offer these functions in a more efficient and modular way. Today financial institutions outsource a much broader set of functions to TPPs or other financial players including fintech firms.20 As already described above, this especially includes the use of cloud providers.21 More recently, outsourcing activity is further extended to various core operations or in some cases even the whole background infrastructure.22 In China, for instance, traditional deposit-taking banks even outsource payment functions to TPPs and rely on the external payments provider to monitor the flow of money from online transactions.23 The decentralization of back-office functions further intensifies when considering interdependencies among third-party suppliers (fourth parties).24 That is, TPPs themselves make use of other third-party suppliers to decrease costs and improve their service.25 These interconnections can exist between TPPs providing services to the same financial institutions as well as to completely different TPPs. These fourth parties can inversely rely on other suppliers for certain services, which themselves can again rely on different parties. Figure 1 provides an illustration of this new ecosystem.

19 See also Feyen and others (n 7 in Chapter 5) 17. 20 See also Chen-Yun Tsang, ‘From Industry Sandbox to Supervisory Control Box:

Rethinking the Role of Regulators in the Era of Fintech’ (2019) 2 Journal of Law, Technology & Policy 355, 363 or Feyen and others (n 7 in Chapter 5) 14. 21 For example, in the case of Goldman Sachs, already in 2015 85% of the workloads operated in a cloud framework. FSB, ‘FinTech and Market Structure in Financial Services: Market Developments and Potential Financial Stability Implications’ (n 134 in Chapter 5) 7 (citing Fred Ng and Rajesh Kandaswamy, ‘Market Insight: Value-Based Cloud Opportunities in Financial Services’ (Gartner, April 2017)). Overall, in 2018 about 25% of core banking system of global SIFI’s were residing in the cloud (see Ravi Menon, ‘Financial Regulation—20 Years After the Global Financial Crisis’ (BIS 2018) Keynote Address). 22 For example, Starling Bank in the UK used Amazon’s AWS to build all of its infrastructures. See Asha Barbaschow, ‘Starling Built a Bank from Scratch in the Cloud’ (ZDNet ) https://www.zdnet.com/article/starling-built-a-bank-from-scratchin-the-cloud/. 23 See Longmei Zhang and Sally Chen, ‘China’s Digital Economy Opportunities and Risks’ (International Monetary Fund 2019) WP/19/16 12. 24 See above at p. 150. 25 FSB, ‘Third-Party Dependencies in Cloud Services’ (n 131 in Chapter 5) 4f.

160

C. RUOF

Fig. 1 Traditional structure of banking ecosystem vs structure under fintech. Under the fintech model, incumbent banks outsource back-office (BO) functions to small specialized TPPs while neo-banks have their back-office run largely by these TPPs. At the same time, neo-banks offer BO services to small fintech players, which (in some cases) provide their (front office, FO) service through the neo-bank as part of the bank’s product portfolio (Source Author)

6

DIGITAL DISRUPTION: STRUCTURAL SHIFTS UNDER …

161

The other side of the coin is that the expertise, and correspondingly substantial control over those processes, goes missing in-house, shifting to the TPPs. Especially when it comes to back-office functions, these TPPs are typically no ‘financial institutions’26 but rather specialized tech companies, or, with respect to cloud services, bigtechs. As a consequence, the internal scaffolding of financial institutions is being replaced by a patchwork of independent third-party actors who perform singular functions, respectively, for multiple clients. Similarly, it involves a move away from centrally held data and records, but towards systems in which data is stored across a broader set of parties.27 These tendencies grow considering the chain of outsourcing does not end at TPPs, but continues to fourth-party providers, fifth-party providers, and so on.28 As opposed to the decentralization process in the front, this form of decentralization happens beneath the surface invisible to the consumer (and importantly also difficult to detect for regulators29 ). In general, what can be observed is a shift from an oligopolistic structure in the ‘front’ where a few dominant firms that function mostly as one-stop-shops for the consumer to a structure with a larger and more diverse set of players who provide specialized services to consumers who can choose providers individually for each respective service they seek.30 At the same time, back-office functions, which used to be (almost) fully centralized within each financial institution, respectively, are being transformed into a patchwork of (big and small) third-party suppliers which are further interconnected among each other or with other TPPs.31 Overall, the chains of intermediaries involved in performing the financial sectors functions are becoming longer and more complex as a result of fintech.

26 Neither functionally, nor in legal terms. 27 See FSB, ‘Decentralised Financial Technologies: Report on Financial Stability,

Regulatory and Governance Implications’ (FSB 2019) 3f. 28 See above 149ff. 29 As will be discussed in more depth in Chapter 7. 30 However, due to the dynamics of platform business models, the development of the

front might take a different shape in the future. See below at n 39. 31 However, other commentators see a scenario as likely, where a reconcentration of different (yet unknown) parts of the value chain will take place. See Zetzsche and others (n 182 in Chapter 5) 202f (providing Big Data pools and cloud computing as current examples).

162

C. RUOF

2.2

Decentralization of Activity

Not only the number and composition of interconnections, but also their quality, meaning the way that players interact with each other, are subject to change. Most importantly from an informational standpoint, activity in the market is subject to decentralization in the form of a decoupling of the creation of a service from its provision to the customer. In other words, the company providing a service to a consumer or another company does not need to be the creator of that service. Associated with that decoupling is once again a shift in substance from ‘front’—institutions to the back, consisting of numerous smaller players. While in the past it was common that the institution interacting with the consumer (be it digital or in-person) was also the provider of the service it offered, fintech has complicated things. In the current era, there is a growing trend towards a model where the distribution of a financial service is separated from its origination (or the ‘manufacturing’).32 This trend is showcased by the above-described ‘BaaP’—model that is popular among neo-banks and fintech firms. In this new setting, neo-banks (additionally33 ) integrate various products and services created by fintech companies in their product portfolio.34 This can take place either under the brand of the respective neo-bank as an integral part of its own portfolio or visibly as an external service under the name of the fintech company. These integrated services can include any kind of financial service, ranging from payment services to e.g. loan or deposit products.35 In this context, two main functions can be distinguished. There are distributors (typically neo-banks and fintech firms, but also bigtechs and adapting incumbents) who distribute the service through a front-end customer platform and originators, creating and materially

32 See also Nydia Remolina, ‘Open Banking: Regulatory Challenges for a New Form of Financial Intermediation in a Data-Driven World’ (2019) 25ff. 33 That is, on top of their genuine service portfolio. Much more than traditional financial institutions, neo-banks operate in a digital cloud-based setting and to a greater extend rely on external infrastructure and processes provided by third parties. 34 Much more than traditional financial institutions, neo-banks operate in a digital cloud-based setting and to a greater extend rely on external infrastructure and processes provided by third parties. For example, Saxena (n 152 in Chapter 5) in the context of the German Neo Bank N26. 35 See, e.g., Basel Committee on Banking Supervision (n 8 in Chapter 5) 18.

6

DIGITAL DISRUPTION: STRUCTURAL SHIFTS UNDER …

163

providing the service.36 These platforms are often designed in a ‘plug and play’ fashion, where the provider can integrate its service on the digital consumer-faced interface of the distributors.37 Distributors either provide the service under their own name or act as the ‘enabler’ by letting the originator use its license and offer the distributors service under their name.38 To understand the implications of this, it is helpful once more to distinguish between the distributor level and the originator level. As of now, there are numerous distributors acting as a platform (though in different forms and shapes) and creating a more decentralized picture in the frontend. However, given the typical economic forces and dynamics at work in the platform industries, potentially, this could be a transition stage and in the mid-term lead to consolidation among players.39 Similarly, on the originator level, a decentralized market structure can be observed. Here, however, the trend is likely to go in the opposing direction towards greater atomization and fragmentation.40 Namely, a shift from a (more) monolithic model (i.e. originator equals distributor) to a system with a panoply of niche services being delivered by a similar number of different firms is taking place. This part of the sector is likely to be characterized by a high level of dynamism, since firms can scale (and fail) quickly using AI, data, and on-demand infrastructure/back-office services. As a result, the substantial control of the financial service is increasingly located on the originator level, dispersed among smaller players, and not necessarily

36 In the context of bigtech, this is seen as a potential scenario by FSB, ‘FinTech

and Market Structure in Financial Services: Market Developments and Potential Financial Stability Implications’ (n 129 in Chapter 5) 12. 37 See also Basel Committee on Banking Supervision (n 8 in Chapter 5) 18. 38 The latter case is referred to as the ‘relegated banking scenario’ by ibid. 19. 39 These are in particular economies of scale and scope, network effects, resulting in

a ‘winner-takes-it-all’ dynamic which can be observed at several tech-driven markets such as social media, e-commerce or ride hailing; see also World Economic Forum, ‘Beyond Fintech: A Pragmatic Assessment Of Disruptive Potential In Financial Services’ (WEF 2017) 20. However, it is noteworthy that different platforms perform different functions (such as WLB or consumer-faced). It is thinkable that these markets remain (rather) separate, where, respectively, the service is performed by a (small) number of distributors. Another potential outcome is the so-called barbell scenario with a few large multi-product players (in particular bigtechs) and a large number of small niche players offering a focused B2C product/service (see Feyen and others (n 7 in Chapter 5) 30f. 40 Feyen and others (n 7 in Chapter 5) 30f.

164

C. RUOF

located at the distributor.41 Figure 2 illustrates this new structure in a simplified way. Notably, the growing number of small players on the originator level is not at least a product of the new quality of interaction. The distributors offer services to the originator fintech firms—be it in the form of WLB or by providing BaaS—which effectively lower market barriers. This simplified market entry stimulates innovation and yields new players, presumably further reinforcing the decentralization process. What adds to the decentralization process again is the fact that, as described above, this construct does not end at the level of originators.42 Instead, there is another (and potentially many more) layer(s) unfolding in the background of originator firms. Meaning that several

Fig. 2 Originator and distributor level in the financial services ecosystem. On the originator level small, specialized players create services which are distributed through distributors, in some cases as integrated parts of their portfolio, in others as an external service. At the same time, players on both levels utilize specialized TPPs for back-office functions (Source Author) 41 This is true for both cases, the distributor offering the service in its own name or in the name of the actual provider. See also World Economic Forum, ‘Beyond Fintech: A Pragmatic Assessment of Disruptive Potential in Financial Services’ (n 39) 19. 42 See above at p. 149ff.

6

DIGITAL DISRUPTION: STRUCTURAL SHIFTS UNDER …

165

functions in the back of those firms are in turn outsourced to other specialized players (namely third parties and fourth parties).43 At this stage, by tendency increasingly smaller players provide granular services to (each) other players most commonly in an ‘as-a-service’ fashion. This again leads to increasing fragmentation of the actual substance behind the service or product that is offered to the consumer. Notably, while the intellectual substance, as well as functions, is becoming decentralized, the physical infrastructure is centralizing at a few dominant players.44 The Service-oriented Architecture adds a high level of dynamism to this structure as services (in the ‘front’ and in the ‘back’) often can be utilized and terminated on demand. Hence, the new structure is not only highly decentralized but also subject to constant change. In some jurisdictions, regulation further adds to this dynamic. For instance, the PSD 245 in the EU as well as Open Banking initiatives in other jurisdictions act like rocket fuel for these developments.46 They facilitate access to data for new players, and thereby enable more players and a broader set of services to enter the market while also simplifying interactions like data sharing or seamless integration of third-party services using a market-wide API.47 In sum, while at the front—from the consumer’s perspective—a shift towards a broader variety of services being offered by diverse players48 is taking place, the more important change takes place in the background. A formerly static and monolithic structure, on which financial service providers stood, is turning into a highly decentralized web of (through multiple means) interconnected players subject to continuous change. The corresponding substance, including physical infrastructure,

43 This refers to what has been described above as banking as a service at p. 122ff. 44 Namely, those entities owning the hardware on which the cloud infrastructure is

running. See above at p. 146ff. 45 Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/ 65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC. 46 In the EU an Open Banking regime was introduced with the PSD2. On the global developments on Open Banking, see BCBS, ‘Report on Open Banking and Application Programming Interfaces’ (BIS 2019) 10ff. 47 For more see, e.g., Remolina (n 32) or Zachariadis and Ozcan (n 126 in Chapter 5). 48 Irrespective whether the provider from the consumer’s perspective is also the

originator of the service or is simply acting in its role as a distributor.

166

C. RUOF

expertise, and overall activity, vanishes at the financial institution and is being dispersed to many small players. At the same time, the distributor model contributes to the shift of substance to the back by decoupling the creation of a service including the expertise and infrastructure connected to the creation process from its provision to the customer. 2.3

Decentralized Technology

Another layer of decentralization, which brings its own set of regulatory challenges, concerns technology itself. In that regard, this layer of decentralization needs to be differentiated from decentralization caused by technologies underlying the decentralized provision of financial services, such as AI or cloud computing. Of interest at this point are technologies which themselves are decentralized—first and foremost blockchain and DLT.49 A distributed ledger is a database that is spread across multiple nodes in a network. Changes in the database are validated and recorded employing a decentralized, consensus-based protocol, and cryptographic signatures.50 The network consists of a large number of participants,51 each providing server capacity that together function as the ledger.52 This means that the substance, the infrastructure, the service itself including the verification process of transactions, the corresponding data produced, and the record-keeping become decentralized among all participating

49 The same distinction is also being made by FSB, ‘Decentralised Financial Technologies: Report on Financial Stability, Regulatory and Governance Implications’ (n 27) 3. 50 This definition probably comes closest to the one used by FSB (FSB, ‘Decentralised Financial Technologies: Report on Financial Stability, Regulatory and Governance Implications’ (n 27)). However, there exist a huge variety of different definitions in publications on DLT. For an overview, see, e.g., Cambridge Centre for Alternative Finance, ‘Distributed Ledger Technology Systems—A Conceptual Framework’ (n 9) 19f. 51 The number of participants depends on the ‘openness’ of the ledger. It is commonly distinguished between ‘permissionless’ ledgers, which are open to everyone and ‘permissioned’ systems, where the participation itself is limited or certain activities are reserved to certain user (groups). See, e.g., Michel Rauchs and others, ‘Distributed Ledger Technology Systems—A Conceptual Framework’ (CCAF 2018) 24. 52 See David Mills and others, ‘Distributed Ledger Technology in Payments, Clearing, and Settlement’ (Division of Research & Statistics and Monetary Affairs, Federal Reserve Board 2016) https://www.federalreserve.gov/econres/feds/distributed-ledgertechnology-in-payments-clearing-and-settlement.htm.

6

DIGITAL DISRUPTION: STRUCTURAL SHIFTS UNDER …

167

users.53 Whereas legacy databases are often distributed across multiple machines, locations, or even providers, the control is centralized within the trusted actor(s).54 With DLT in contrast, data is shared among and controlled by independent parties who generally do not trust one another.55 Typically, the parties do not even know each other with their identities masked behind cryptographic codes. Against this backdrop, decentralization through DLT takes place primarily in two ways: (1) in a physical way (data being spread throughout multiple computers/ systems) and (2) in the context of control (no central party has power over the data).56 Comparing this to the first two forms of decentralization, the decentralization of players and the decentralization of activity, decentralization here does not happen as a market-driven process but is intrinsically built-in to a system. Here—depending on the specific application form—the disaggregation of control is also meant to happen down to the lowest possible level, down to the level of the individual consumer.57 The use of DLT is most prominently showcased by crypto-assets and cryptocurrencies (most importantly Bitcoin and Ether) and the companies dealing with it.58 This field has grown rapidly in the recent years, evolving from the development and exchange of private cryptocurrencies to a whole ecosystem that serves as a simulacrum of the traditional financial system and its providers using coins and tokens on a distributed ledger (this new universe as a whole is often referred to as decentralized finance or ‘DeFi’).59 It encompasses a huge variety of financial 53 Notably, this is only the case ‘permissionless’ ledgers, while in ‘permissioned’ systems, only a more limited consortium of users is actively part in these processes. 54 See also Werbach, The Blockchain and the new architecture of trust, p. 61. 55 Ibid. It is worth noting that this is only fully true for public ledgers, such as Bitcoin.

In the case of ‘permissioned’ ledgers, the network is still not controlled by a central entity, but only verified actors (with the permission of a coordinating body) are able to validate a transaction. 56 See also Angela Walch, ‘Deconstructing ‘Decentralization’: Exploring the Core Claim of Crypto Systems’ in Chris Brummer (ed), Crypto Assets: Legal and Monetary Perspectives (Oxford University Press 2019) 3. 57 Depending on the specific use case of DLT and correspondingly on the nature of participants. 58 See above in Chapter 5, Sect. 3.2. 59 See Allen, ‘DeFi: Shadow Banking 2.0?’ (n 88 in Chapter 5) 9f. See also above at

p. 107f. Notably, the level ‘real’ decentralization in DeFi is contestable. Rather, as some commentators argue, there has been an increasing trend towards recentralization towards

168

C. RUOF

services in crypto-asset markets that largely aim to replicate functions of the traditional financial system, while seemingly disintermediating their provision and decentralizing their governance.60 Similar to the traditional system, it contains a complex set of players including outside entities (e.g. from centralized finance) and TPPs.61 In this ecosystem, transactions and contractual obligations are often executed and enforced automatically on the distributed ledger by way of using ‘smart contracts’, instead of using an entity as intermediary.62

3

Automation

The second key shift that fintech brings to the sector is automation. Here, automation refers to the ongoing transformation of the sector from one that has been dominated by human deliberation to a sector in which decisions are increasingly made by machines with i.e. sophisticated algorithms. Certainly, automation is neither new nor exclusive to the financial services sector.63 Instead, financial services have always been at the forefront of integrating technical developments64 pushing for increasing automation. As early as in the 1970s, algorithms have entered the marketplace enabling transactions to take place at higher speed and greater sophistication.65 However, the rise of the internet, digitization, Big Data, and advances in computing power have elevated the sophistication, ubiquity, and autonomy of algorithms to a new level. What distinguishes the current types of algorithms from previous ones is the a few, powerful players. See ibid. 17, Walch (n 56) or Sirio Aramonte, Wenqian Huang and Andreas Schrimpf, ‘DeFi Risks and the Decentralisation Illusion’ (BIS 2021) BIS Quarterly Review. 60 See FSB, ‘The Financial Stability Risks of Decentralised Finance’ (FSB 2023) 4f., also providing a comprehensive overview of the products and services provided by DeFi on p. 13ff. 61 Ibid. 62 Smart contracts are self-executing code deployed on a blockchain that fulfils the

terms and conditions of a transaction in an automated manner (see FSB, DeFi (n 60) 8). More generally on smart contracts, see, e.g., Jelena Madir, ‘Smart Contracts’ in Jelena Madir (ed), Fintech: Law and Regulation (Edward Elgar Publishing Limited 2019). 63 Comprehensively, see Klaus Schwab, The Fourth Industrial Revolution (1st edn, Penguin 2017). 64 See Arner, Barberis and Buckley (n 60 in Chapter 4). 65 Yadav and Brummer (n 183 in Chapter 5) 270.

6

DIGITAL DISRUPTION: STRUCTURAL SHIFTS UNDER …

169

increasing application of AI and ML.66 The application of AI across a wide array of sectors of the economy, including financial services, has skyrocketed over the past few years. The concrete form of AI can vary substantially (according to its specific application), but it is generally associated with efforts to enable machines or computers to imitate aspects of human cognitive intelligence.67 Machine learning, as a sub-branch of AI, has the distinct feature to continuously learn from new data and therefore train to improve at its task(s) without any human interference.68 There are several categories of ML, the most advanced of which in terms of selfimproving is deep learning.69 In general, ML methods are most useful in high-dimensional and complex tasks, making them highly relevant for application in the financial sector.70 The sheer magnitude of data that— due to the digitization of everything—is now available demands tools like AI and ML to effectively process and make use of the vast amounts of information.71 At this new level of sophistication, these techniques can be used to find patterns in large amounts of data from a huge variety of (new) sources.72 In the era of fintech, automation permeates all aspects of financial services,73 altering both the provision of front-end and back-end services. 66 See, e.g., Bank of England and FCA, ‘Machine Learning in UK Financial Services’ (BoE and FCA 2019); FSB, ‘Artificial Intelligence and Machine Learning in Financial Services—Market Developments and Financial Stability Implications’ (n 169 in Chapter 5); Dirk A Zetzsche and others, ‘Regulating Artificial Intelligence in Finance: Putting the Human in the Loop’ (2020). 67 U.S. Department of the Treasury (n 19 in Chapter 5) 53. 68 Ibid. 69 See FSB, ‘Artificial Intelligence and Machine Learning in Financial Services—Market Developments and Financial Stability Implications’ (n 169 in Chapter 5) 5. In deep learning, the functioning of the algorithms is modelled after that of the human brain, i.e. working in multiple layers. For a description of ML categories generally, see ibid. 5f. 70 Lihong McPhail and Joseph McPhail, ‘Machine Learning Implications for Banking Regulation’ (2019) SSRN Electronic Journal 7, 18f https://www.ssrn.com/abstract=342 3413. 71 U.S. Department of the Treasury (n 19 in Chapter 5) 54; FSB, ‘Artificial Intelligence

and Machine Learning in Financial Services—Market Developments and Financial Stability Implications’ (n 164 in Chapter 5) 3f. 72 More on the role of data below. 73 A complete listing of the ML and AI application is beyond the scope of this book

and would in any case be out of date by the time this gets published. In the following, I will, therefore, give some selective examples, which best showcase this shift.

170

C. RUOF

This part will further illuminate the transformation associated with the increasing use of the tools by looking at recent developments in several sectors. It will reveal an unprecedented level of algorithmic autonomy74 and thus an increased role for algorithms to replace human decisionmaking.75 Ultimately, this transformation entails a shift in the financial services market’s centre of gravity towards more techno-centrism. Similar to decentralization, the automation of the sector can be divided into different layers. The following will analyse the automation of front-office activity and back-office activity. 3.1

Automation of Front-Office Activity

On the customers-end, automation redefines the way in which customers experience the provision of financial services. In the payment sector, for instance, AI and ML already are underlying most innovative mobile payment systems that have been developed in recent years.76 For instance, automation is the main driver for a shift to real-time payments, as AI removes the need for several (formerly) manual safety efforts and thus allowing for faster settlement.77 At the same time, while payments have typically always been a central sector of financial services, automation is on the verge of pushing the sector more underground, i.e. making a separate customer experience disappear.78 Modern commerce solutions tend to skip over the payment process or the choice of payment which can instead be made by an algorithm. Put differently, the process of payment is (likely) shifting from a manual act done by

74 The term is borrowed from Allen, ‘Driverless Finance’ (n 154 in Chapter 4). 75 As of now, many institutions, in particular incumbents, still seem to apply rather

simple algorithms, which require some level of human involvement (See EBA, ‘EBA Report on Big Data and Data Analytics’ (2020) 17). With increasing sophistication of algorithms and corresponding competitive pressure from (new) market players, this is, however, likely to change in the near future. 76 For an overview of innovation in the payment sector, see above in Chapter 5,

Sect. 3.1. See also World Economic Forum, ‘The New Physics of Financial Services— Understanding How Artificial Intelligence Is Transforming the Financial Ecosystem’ (WEF 2018) 108f. See also McPhail and McPhail (n 70) 22f. 77 See World Economic Forum, ‘The New Physics of Financial Services—Understanding How Artificial Intelligence Is Transforming the Financial Ecosystem’ (n 76) 108. 78 Ibid. 111.

6

DIGITAL DISRUPTION: STRUCTURAL SHIFTS UNDER …

171

the consumer79 towards a fully automated process culminating in an automatic consequence of a consumer’s purchase choice. Moreover, algorithms also underlie another important development in the broader field of payments, namely DLT-based crypto-assets.80 Cryptocurrencies build AI into their protocols to automate payments and execute transactions in real-time.81 Thereby, these tasks are fully performed and executed by the underlying protocol, free from direct human control. Notably, in the world of (private82 ) cryptocurrencies, not only private sector decisionmaking but also that of public agencies is (supposed to be) being replaced by a machine: Instead of a central bank, the computer software determines the supply of the respective currency in the economy.83 Importantly, DeFi companies operating in the crypto space84 also showcase an extremely high level of automation. There, users are engaging in a computercontrolled market that automatically executes transactions, like issuing loans backed by crypto or paying interest on holdings. Moreover, the fintech credit sector is heavily affected by automation.85 While traditionally credit assessments were done by a human, relying on credit scores that were informed by face-to-face interviews, standard info about the client (e.g. income, liabilities), and payment history,86 now, this process is almost fully automated.87 Client data from various sources88 is being

79 That is, a process that started with cash, went through online transfer, credit cards over to PayPal and ultimately new fintech providers as described above in Chapter 5, Sect. 3.a. 80 See above at p. 108f. 81 See, e.g., Yadav and Brummer (n 183 in Chapter 5) 272 using the concrete case

of ‘Ether’. Also Allen, ‘Driverless Finance’ (n 154 in Chapter 4) 173f putting out the prospect of self-executing smart contracts in the form of ‘cocos’. 82 This is notably not the case for CBDCs. 83 Omarova, ‘Technology v Technocracy’ (n 2 in Chapter 1) 91. 84 Such as Compound (see above in Chapter 5, Sect. 3.2). 85 See above at p. 112ff. 86 Automation in this earlier process was—if at all—used to achieve operational effi-

ciency. See, e.g., Gary Bergman, ‘Using Automation to Improve the Credit Risk Review Function’ (1999) 14 Commercial Lending Review 60. 87 See FSB, ‘Artificial Intelligence and Machine Learning in Financial Services—Market Developments and Financial Stability Implications’ (n 169 in Chapter 5) 11f. 88 This includes utterly new sources like social media, hobbies, mobile phone use and purchase history in online stores. Ibid. 12 or Yadav and Brummer (n 183 in Chapter 5)

172

C. RUOF

fed into the algorithm in order to (more) accurately assess the creditworthiness of the applicant and price the loan accordingly.89 In this process, ML enables the lender to track and parse this unstructured data across sources, draw out patterns, and determine the best course of action to take based on the algorithm.90 Using such algorithms allows for a more complete picture of the credit risk of the applicant which also includes new factors such as the applicant’s willingness to pay. The costs and time that would be needed for a human to do a similar check of such resources would likely be prohibitive.91 Subsequently, the algorithm makes the decision on whether to grant credit and under what conditions.92 It is not unlikely that in the (near) future, not only the initial credit decision is automated, but also that the adjustment of the credit and its conditions will be done by an algorithm in real-time following changes in credit parameters. Hence, the process of credit assessment, granting, and managing is increasingly becoming automated, with AI-based algorithms determining who to lend to and under what conditions. Algorithms also play an increasing role in the context of asset management, where several firms, in particular robo-advisors, use AI and ML to devise trading and investment strategies.93 Algorithms are applied for onboarding the client,

274. For more on the qualitatively new types of data being used, see Sect. 4.1.2 of this chapter. 89 See also Julapa Jagtiani and Catharine Lemieux, ‘The Roles of Alternative Data and Machine Learning in Fintech Lending: Evidence from the LendingClub Consumer Platform’ (2019) 48 Financial Management 1009, 1011ff. 90 Yadav and Brummer (n 183 in Chapter 5) 274. For more on the functioning of fintech credit including P2P lending, see above at p. 112ff. 91 Allen, ‘Driverless Finance’ (n 154 in Chapter 4) 166ff. 92 Depending on the type of firm and its degree of automation, often this decision is

only made as an initial approval decision, which ultimately needs to be confirmed by a human. In the case of a P2P lending platform, for instance, the information about the applicant and the corresponding credit assessment is depersonalized and sent to prospective investors. See, e.g., ibid. 168. 93 FSB, ‘Artificial Intelligence and Machine Learning in Financial Services—Market Developments and Financial Stability Implications’ (n 169 in Chapter 5) 18. On the different parts of the process that are subject to automation in robo advice, see HKMA and PwC, ‘Reshaping Banking with Artificial Intelligence’ (2019) 45f.

6

DIGITAL DISRUPTION: STRUCTURAL SHIFTS UNDER …

173

i.e. to assess their investment profile,94 but also for asset allocation, portfolio selection, trade execution, portfolio rebalancing, tax-loss harvesting, and portfolio analysis—all tasks traditionally performed by a human.95 While currently these tasks are mainly performed by predictive algorithms, there is a growing trend in applying ML to collect (unstructured) data about the client to improve portfolio selection, allowing for an even higher level of personalization and automation.96 The algorithm can also conduct market analysis to inform its investment decision, where AI and ML are inter alia being used to identify market signals and leverage vast amounts of (market) data to predict price movements.97 3.2

Automation in the Back Office

At the same time, AI/ML allows firms to have many back-office and market support functions being performed by computer programs.98 This part of the automation of the sector is closely interconnected with the decentralization shift described above. That is, financial institutions are not outsourcing back-office functions to TPPs because of their enhanced expertise or alike, but rather because of their promise to apply state-ofthe-art technology, in particular, AI and ML, to allow them to reach better results at lower costs compared to when performed in-house with greater human involvement. These functions include, for example, regulatory compliance, risk analysis/management, and the calculation of

94 The onboarding process in the context of investment management is very similar to that described earlier regarding the credit assessment. That means, the profile of the client is analysed (mostly) on the basis of (unstructured) data that is processed by an algorithm. 95 See FINRA, ‘Report on Digital Investment Advice’ (2016) 2. Notably, human advisors have always to a certain extent been using computer programs in those tasks. New is, however, the (almost) full elimination of the human element. 96 See, e.g., Deloitte, ‘The Next Frontier—The Future of Automated Financial Advice in the UK’ (n 116 in Chapter 5) 22 or Allen, ‘Driverless Finance’ (n 154 in Chapter 4) 167. 97 FSB, ‘Artificial Intelligence and Machine Learning in Financial Services—Market Developments and Financial Stability Implications’ (n 169 in Chapter 5) 18. 98 According to a survey by the Bank of England, back-office functions see the most frequent use cases of ML in the UK financial services sector. See Bank of England and FCA (n 66) 10 Chart 4A.

174

C. RUOF

capital.99 For the latter task, banks have always been heavily relying on mathematical models and computers. Yet, algorithms deploying AI and ML significantly increased the level of sophistication in these calculations, leading to an observable reduction in the traditionally calibrated regulatory capital.100 In risk analysis and management, AI allows to track risk exposure more accurately.101 While traditional methods for measuring risk relied on a fixed and limited set of factors (such as sensitivity to inflation, interest rates, equity indices, or oil price), ML tools can be used to include a multitude of potential factors and allow for more complex risk analysis.102 To get a precise picture of the risk the respective institutions are exposed to, it is supposed to make sense of large amounts of unstructured and semi-structured data, for which AI and increasingly ML are being deployed.103 In fact, with the increasing complexity and automation of both market and market players (i.e. front-office activity), risk analysis is (correspondingly) becoming automated because most aspects moved beyond humans’ cognitive capacity. AI and ML are also being used by financial institutions for regulatory compliance. At this stage, the most prominent application cases are KYC and AML, but also all kinds of disclosure obligations.104 However, other (potential) applications currently being explored are e.g. the use of NLP in combination with ML to interpret regulations (e.g. MiFID or AIFMD) into a common language, which could then subsequently be automatically integrated into reporting and compliance systems.105 Proceeding on this path, a large 99 See, e.g., Zetzsche and others, ‘Regulating Artificial Intelligence in Finance: Putting the Human in the Loop’ (n 66) 11f. 100 See FSB, ‘Artificial Intelligence and Machine Learning in Financial Services—Market Developments and Financial Stability Implications’ (n 169 in Chapter 5) 15f. Notably, according to a McKinsey study, this has led to a 5–15% savings in risk-weighted assets for financial institutions. See McKinsey & Company, ‘Capital Management, Banking’s New Imperative’ (2012). 101 World Economic Forum, ‘The New Physics of Financial Services—Understanding How Artificial Intelligence Is Transforming the Financial Ecosystem’ (n 77) 129. 102 McPhail and McPhail (n 70) 20. 103 FSB, ‘Artificial Intelligence and Machine Learning in Financial Services—Market

Developments and Financial Stability Implications’ (n 168 in Chapter 5) 16. 104 See above 129f. On the role of AI therein, see Zetzsche and others, ‘Regulating Artificial Intelligence in Finance: Putting the Human in the Loop’ (n 66) 13. 105 FSB, ‘Artificial Intelligence and Machine Learning in Financial Services—Market Developments and Financial Stability Implications’ (n 168 in Chapter 5) 20.

6

DIGITAL DISRUPTION: STRUCTURAL SHIFTS UNDER …

175

share of compliance could potentially become automated, including, e.g. automatic adaption of internal processes in response to changes in the regulatory framework. As these and related tasks currently are performed by very large numbers of human employees, this transition would be another significant boost in the automation of the sector. 3.3

Shifting Gravity: From Human-Driven to Algorithmic Finance

Overall, these observations all showcase the transformation of the financial services sector, from one once dominated by humans to one where humans and algorithms (at best) share power.106 Though the use of modern technology has always played a big role in financial services, fintech is bringing a qualitative shift.107 While in earlier eras computer programs were mostly supplementary and primarily used for efficiency gains, with fintech a significant share of responsibility is transferred to algorithms. More precisely, substantial decision-making and deliberation that used to be made by financial experts are being delegated to machines. This includes the automation of ‘new’ tasks (i.e. tasks formerly (almost) fully performed by a human), as well as in increasing automation and sophistication thereof concerning tasks that have already been to a certain level performed by a computer program. Machine learning applications function in a way that they continuously improve without human interference by learning directly from (newly created) data in the market, which enable them to develop in unanticipated directions. It is, in particular, this feature, but also other applications of AI that render outcomes (i.e. decisions) increasingly difficult to predict, understand, interpret, and explain.108 In effect, this delegation of tasks to complex, often (by the user) little understood algorithms constitutes another form of outsourcing, which adds on to that taking place under decentralization. 106 Already in 2013, Tom Lin (also taking into account (presumed) future developments) stated that modern finance is transforming into what he termed ‘cyborg finance’. See Tom CW Lin, ‘The New Investor’ (2013) 60 UCLA Law Review 678. 107 This shift is both, driven by qualitatively new forms of automation, but also a change in quantity that (already) amounts to a change quality. See also Kristin N Johnson, Frank Pasquale and Jennifer Chapman, ‘Artificial Intelligence, Machine Learning, and Bias in Finance: Toward Responsible Innovation’ (2019) 88 Fordham Law Review 449, 500ff. 108 See also Andrew Tutt, ‘An FDA for Algorithms’ (2017) 69 Administrative Law Review 83, 92 identifying these two aspects as among the main regulatory challenges in the context of ML.

176

C. RUOF

Thus, substance (i.e. activity and decision-making power) is transferred from humans with financial expertise to coded software programs. This transfer of substance, which lies in the centre of the automation process, additionally implies another, deeper shift, namely one in the centre of gravity of the sector towards a more techno-centric, code-driven sphere. Before, financial expertise was the desired skill to get a foot in the industry, now, financial firms are increasingly looking for computer scientists and coders.109 Competition among financial firms will be (and to a certain extent already is) mostly revolving around having the best algorithm as opposed to the best financial experts.110 This new tech-centricity fuels—as can be observed already—a market segment (i.e. the development and supply of algorithms), which in turn attracts other or new market players to the sector. That is, algorithms are often not developed internally but supplied by external tech companies which are often small, specialized tech firms or at times bigtech companies.111 Hence, automation has the potential to shift decisional power in financial services—this time away from financial institutions and towards software developers, platforms, or bigtech.112 In that sense, parallels can be drawn to the first shift in the sector (decentralization): While decentralization showcases the outsourcing of substance from financial institutions towards a web of small and diverse players, automation in effect means outsourcing to algorithms and ultimately to those market actors developing them. At the same time, the human element in the decision-making process becomes less prevalent and is largely moved from the moment where the decision is implemented to the earlier moment of its programming into an algorithm.

109 This will be further discussed below in Chapter 8, Section Resources. 110 See also World Economic Forum, ‘The New Physics of Financial Services—Under-

standing How Artificial Intelligence Is Transforming the Financial Ecosystem’ (n 77) 35. 111 FSB, ‘Third-Party Dependencies in Cloud Services’ (n 131 in Chapter 5). Also, see above Sect. 2 of this chapter. 112 See also Omarova, ‘Technology v Technocracy’ (n 2 in Chapter 1) 92.

6

DIGITAL DISRUPTION: STRUCTURAL SHIFTS UNDER …

4

177

Datafication

The last structural shift is the transformation of the financial services sector towards a data-driven industry. What has been stated above about automation is similarly true here: The high significance of data is neither new to the sector nor unique to it. Quite the opposite—financial innovation has always relied on data collection and utilization,113 and market participants have always been trying to get (and exploit) an information advantage over other participants for which data is the key resource. Similarly, data lies at the core of multiple other industries and has given rise to some of the most valuable companies that ever existed. It is at the core of the so-called Fourth industrial revolution114 where data has become a new essential factor of production—or as some say the ‘new oil’.115 In contrast to oil though, one special aspect of data as a resource is that it can be used many times and by an unlimited number of firms simultaneously, making it ‘non-rivalry’.116 With the financial services sector being among the most data-intensive sectors,117 the impact of this development is particularly strong here.118 In the age of fintech, a quantitative, as well as qualitative shift in the use of data, compared to previous eras, is taking place. That is, not only is the amount of data being produced, collected, and used exponentially higher, but also the kind of data is qualitatively different; more diverse and heterogeneous than before.119 The COVID-19 pandemic has further accelerated this process, triggering unprecedented creation collection, and aggregation of data by moving large parts of the life online.120 These developments (in combination with sophisticated algorithms) have opened up new possibilities in providing financial services and give rise to 113 For example, Tufano (n 103 in Chapter 4). 114 Schwab (n 63). 115 See esp. Barberis (n 187 in Chapter 5). 116 See also Feyen and others (n 7 in Chapter 5) 41. 117 E.g. Md Morshadul Hasan, József Popp and Judit Oláh, ‘Current Landscape and

Influence of Big Data on Finance’ (2020) 7 Journal of Big Data 1ff https://journalof bigdata.springeropen.com/articles/10.1186/s40537-020-00291-z. 118 See also Douglas W Arner, Giuliano G Castellano and Eriks K Selga, ‘Financial Data Governance’ (2023) 74 Hastings Law Journal 235. 119 See also Yadav and Brummer (n 36 in Chapter 5) 265. 120 See, e.g., Arner, Cestellano and Selga (n 118) 238f.

178

C. RUOF

new business models. It also elevated the value of data as a resource in the sector to a new level, initiating a gold rush for data and data analysis tools. Ultimately, the new role and significance of data have major ramifications for the competitive and structural dynamics of the sector, moving it further away from its traditional (financial) roots and towards a fully automated, data-driven, and less human-centric sphere. 4.1

The Three Vs

To capture the shift taking place through ‘datafication’ in the financial sector I am using the framework that is often employed to characterize ‘Big Data’, namely the ‘three Vs’.121 The three Vs stand for volume, variety, and velocity. In this context, the first ‘V’, volume, is used to refer to the quantitative shift in the production and use of data in the current time. Variety, on the other hand, is supposed to describe the qualitative shift that is a result of the use of different, more diverse sources and datasets. The third ‘V’, velocity, is primarily referring to the increased speed of data processing but is also supposed to encompass other factors that fuel the data flow in the sector. 4.1.1 Volume Volume builds the fundament for the shift of datafication. The amount of data that companies generally manage has exploded since around 2012.122 Already in 2015, a study of IBM estimated that every day we create 2.5 quintillion bytes of data and that 90% of the data in the world today has been created in the last 2 years. The level at which data is generated by 2020 is forecasted to be more than 40 times higher than in 2009.123 While the volume of data generated globally in 2016 amounted to 16.1 zettabytes (ZB),124 this number has grown to an estimated 48 ZB in 2020.125 By 2025, as forecasted by a study, this amount is to 121 See, e.g., ESA’s, ‘Joint Committee Final Report on Big Data’ (ESA’s 2018) JC/ 2018/04 8. 122 BBVA, ‘The Five V’s of Big Data’ (BBVA Communication, 8 May 2017) https:// www.bbva.com/en/five-vs-big-data/. 123 Notably, this forecast was published in 2013. See AT Kearney, ‘Big Data and the Creative Destruction of Today’s Business Models’ (2013) 2. 124 It seems likely that the COVID-19 pandemic has further accelerated this trend. 125 See Feyen and others (n 7 in Chapter 5) 5f.

6

DIGITAL DISRUPTION: STRUCTURAL SHIFTS UNDER …

179

grow to 163 ZB, with most of this new data coming from end-user devices.126 This explosion of data has been largely driven by the advent of the internet and the immense growth of computing power in recent years. Since most aspects of peoples’ lives have moved from offline to online and from analogue to digital, information is widely available on an unprecedented scale. Of key importance are digital devices, above all the smartphones127 in combination with the internet of things (IoT), which allow to gather and analyse data on almost everything. The core aspect, behind the large-scale utilization of data and the stark impact in the financial services sector (as well as others) though, is digitization. It is only once data becomes available in digital format that—with parallel developments in AI and ML—it could be put to effective use. Furthermore, as the costs of storing and processing data have decreased,128 the amounts of data collected and retained have parallelly increased.129 Another important factor that further fuels datafication is algorithms, in particular those applying ML. The more data is available for the training of an (esp. MLbased) algorithm, the faster those algorithms can learn and improve.130 Hence, as algorithms have become a key component for success in financial services,131 the race for the best system additionally creates a massive demand for large volumes of data.132 In that sense, the development of automation and datafication are mutually reinforcing. That is because, as

126 David Reinsel, John Gantz and John Rydning, ‘The Evolution of Data to LifeCritical: Don’t Focus on Big Data, Focus on Data That’s Big’ (2017). 127 Data on the dissemination of devices as such and their use can be found at e.g. U.S. Department of the Treasury (n 19 in Chapter 5) 17 (concerning the US); For a global comparison, see Kyle Taylor and Laura Silver, ‘Smartphone Ownership Is Growing Rapidly Around the World, but Not Always Equally’ (Pew Research Center 2019). 128 Whereas in 2009 the costs of data storage were 0.11 USD per gigabyte, until 2020, this number has decreased to 0.02 USD per gigabyte. See Feyen and others (n 7 in Chapter 5) 8. 129 See also U.S. Department of the Treasury (n 19 in Chapter 5) 17 and Feyen and others (n 7 in Chapter 5) 8. 130 See also Zetzsche and others, ‘Regulating Artificial Intelligence in Finance: Putting

the Human in the Loop’ (n 66) 9. 131 See above in Chapter 5. 132 A recent report of the EBA corroborates this as regards of the EU: As of 2019,

64% of respondents report to already have big data and advanced analytics solutions in place, with another 23% in testing or development stage. See EBA, ‘EBA Report on Big Data and Data Analytics’ (n 75) 8.

180

C. RUOF

shown above, algorithms are essential for processing the large amounts of data that are now available. In short, algorithms are necessary for data, and data is necessary for algorithms. Further, as aforementioned, the sector increasingly attracts the attention of players from more diverse backgrounds.133 With their entry into the market, these players bring with them large volumes of data from their respective backgrounds into the financial services sector, which can be put to use. 4.1.2 Variety In contrast to earlier eras in the sector, in the age of fintech, data comes from a broad variety of sources. Whereas in the past, information134 mostly resided in banks and was not efficiently used, the sector is now increasingly evolving into a data industry.135 To get new and deeper insights into the customer, fintech firms are increasingly making use of data from the internet, including social media and smartphone data and online purchase history.136 This shift is particularly observable in credit services and asset management. Regarding the former, lenders have long relied on credit scores to make their lending, which were based on data on the transaction and payment history.137 Nowadays, lenders and fintech credit firms are increasingly turning to additional unstructured and semistructured data points,138 including social media activity, mobile phone 133 Namely, in particular the tech-industry, but also from social media companies or online retailers. See above in Chapter 5, Sect. 4.2. 134 This refers to both, (financial) information about customers, but also to information relevant for e.g. market analysis. 135 See also Dirk A Zetzsche and others, ‘The Future of Data-Driven Finance and RegTech: Lessons from EU Big Bang II’ (2019) 46 or Remolina (n 32). 136 For more (potential) sources, where data can usefully be generated from, see Zetzsche and others, ‘From Fintech to Techfin: The Regulatory Challenges of DataDriven Finance’ (n 183 in Chapter 5) 406f. As of now, however, according to an EBA report, core banking data are still the main input for data analytics, rather than other alternative data sources. See EBA, ‘EBA Report on Big Data and Data Analytics’ (n 75) 4. 137 FSB, ‘Artificial Intelligence and Machine Learning in Financial Services—Market Developments and Financial Stability Implications’ (n 169 in Chapter 5) 12. 138 While structured data can be mapped into fixed pre-defined fields, unstructured data cannot be contained in a row-column database and doesn’t have an associated data model. The latter e.g. include photos, video and audio files, text files, social media content, satellite imagery, and presentations. For more, see, e.g., Bernard Marr, ‘What’s The Difference Between Structured, Semi-Structured And Unstructured Data?’ Forbes (18

6

DIGITAL DISRUPTION: STRUCTURAL SHIFTS UNDER …

181

use, and text message activity in order to get a more nuanced view of the creditworthiness of the (prospective) borrower and improve the accuracy of their risk-scoring model.139 In the field of asset management, while most robo-advisors still, to a large extent, rely on a (digital) questionnaire for choosing their advice,140 the use of alternative data allows to identify parameters like the family situation, risk aversion, financial situation, and propose investment advice, tax advice, and financial planning based on these insights without the need for (much) customer participation.141 The increasing value of unstructured data is likely to further attract more non-financial companies (esp. tech companies, but also players from commerce) to the sector.142 bigtech companies, in particular, are wellsituated to utilize their access to massive quantities of individualized and continuously updated data sets on consumers for purposes of providing all kinds of financial services.143 Aside from direct market entries, close partnerships between data owning companies from various sectors with financial service providers are likely to increase.144 4.1.3 Velocity Ultimately, the speed at which data is created, collected, shared, processed, and analysed has increased significantly in the past years.145 Because the vast majority of all data on the internet has been created very recently, and—with the ‘fourth revolution’ ongoing—this trend is

October 2018) https://www.forbes.com/sites/bernardmarr/2019/10/18/whats-the-dif ference-between-structured-semi-structured-and-unstructured-data/. 139 FSB, ‘Artificial Intelligence and Machine Learning in Financial Services—Market Developments and Financial Stability Implications’ (n 169 in Chapter 5) 12; Yadav and Brummer (n 183 in Chapter 5) 267f. 140 On robo-advisors, see above. See also Ringe and Ruof (n 115 in Chapter 5). 141 See Deloitte, ‘The next Frontier—The Future of Automated Financial Advice in the

UK’ (n 116 in Chapter 5); Ringe and Ruof, Regulatory Challenges (n 113 in Chapter 5) 195. 142 See Zetzsche and others, ‘From Fintech to Techfin: The Regulatory Challenges of Data-Driven Finance’ (n 183 in Chapter 5). 143 See also Omarova, ‘Technology v Technocracy’ (n 2 in Chapter 1) 90. 144 See also World Economic Forum, ‘Beyond Fintech: A Pragmatic Assessment of

Disruptive Potential in Financial Services’ (n 39) 23. 145 ESA’s, ‘Joint Committee Discussion Paper on the Use of Big Data by Financial Institutions’ (ESA’s 2016) JC 2016 86 8f; U.S. the Treasury (n 19 in Chapter 5) 8.

182

C. RUOF

not expected to end but rather accelerate.146 At the same time, highperformance computers and sophisticated algorithms enable to process data in almost real-time, directly translating into faster decision-making. The ability to process data swiftly can give a material competitive advantage147 (e.g. in market analysis) which further drives developments in that field. The velocity of data flow is enhanced by the structural assistance of cloud technology. Cloud is the technology behind the possibility to store large quantities of data cheaply on servers of external providers, (potentially148 ) providing access to massive data sets to a wide variety of market actors.149 The same could be true for DLT: Using DLT, data is stored and verified in a decentralized and automated fashion and could be accessed by every member of the network. Thus, it could similarly increase the availability and accessibility of (decentralized) information.150 The increased rate of data turnover is not only a product of supply and demand, but also fuelled by exogenous factors, namely regulation.151 Above all, the Open Banking movement in several jurisdictions contributed to this development. Open Banking massively increases the accessibility of data by forcing the holders of customer data (i.e. primarily incumbent financial institutions) to grant (potential) competitors access to that data.152 This access is supposed to allow third parties to develop innovative services and products based on customer data. Typically, as in the case of the PSD 2,153 those regulations mandate open standards of communication (i.e. API’s) to be implemented to ensure the interoperability of different technological communication solutions and smooth

146 See U.S. Department of the Treasury (n 19 in Chapter 5) 8ff. 147 In fact, as stated by an executive of MetLife, velocity can be more important than

volume. See BBVA, ‘The Five V’s of Big Data’ (n 122). 148 The actual availability is dependent on the data protection laws of the respective jurisdiction. 149 See Yadav and Brummer (n 183 in Chapter 5) 266. 150 See also ibid. 267. 151 Aside from Open Banking, other regulations also had a significant (though more indirect) effect on the datafication of the sector. For more on that, see Zetzsche and others, ‘The Future of Data-Driven Finance and RegTech: Lessons from EU Big Bang II’ (n 135). 152 See also above at p. 167. 153 PSD 2, para 93.

6

DIGITAL DISRUPTION: STRUCTURAL SHIFTS UNDER …

183

data exchange between the players. Common API standards enable financial service providers to gather data from diverse sources (esp. from non-financial firms) more efficiently and are one of the key technologies in the new financial services landscape.154 API is also the technology underlying the growth of ‘as-a-service’ business models in the sector155 —not least a product of the new data-driven ecosystem.156 4.2

The Data-Induced Shift of the Sector

As can be seen from the above, datafication is already having a significant impact on the sector. By exploiting the unprecedented magnitude and diversity of data, using novel analytical tools, fintech offers a momentary snapshot of how datafication is reshaping financial services. From a consumer’s perspective, datafication has created expectations for increasingly personalized services.157 For instance, robo-advisors are making use of unstructured data to offer a tailor-made portfolio to the customer without the need for much participation. Moreover, robo-advisors also use diverse data sources for market analysis that informs their investment decisions.158 Fintech credit providers are using algorithms fed with structured and unstructured data for risk-scoring and risk-modelling purposes.159 Moreover, fintech firms as well as incumbents are using big data and data analytic tools to automate and improve back-office functions, such as the generation of client conventions, fraud detection, or for AML/KYC compliance purposes.160 Truly, data has always played an important role in the sector, e.g. to gain an information advantage—for example in the securities sector.161

154 Remolina (n 32) 28. 155 See above at p. 122ff and p. 149ff. 156 See also Remolina (n 32). 157 See also EBA, ‘EBA Report on Big Data and Data Analytics’ (n 75) 11. 158 Ibid. 22. 159 See above and also ibid. 19. 160 Ibid. 23. 161 See, e.g., examples provided at Tufano (n 3 in Chapter 4).

184

C. RUOF

However, today’s fortune rests to a different extent on data.162 It has become the very basis for both incremental and disruptive innovations in the sector and thereby a strategic resource. While in the past, competitive advantage was mostly built on assets (allowing for economies of scale), in the era of fintech, the scale of data is becoming the decisive factor.163 Data spurs the acquisition and analysis of new digital data that, in turn, enables the development of new AI-based technological solutions.164 Hence, the provider with the most extensive, accurate, and detailed data is best placed to offer the best service to the customer. Client relationships, another major advantage of incumbents in the past, are losing significance165 with data from all types of sources replacing that role. A knowledge advantage about the customer based on an existing relationship with the service provider does not exist anymore. Furthermore, while establishing a relationship with the client automatically implied high chances of locking the client and subsequently being able to cross-sell other services in the past, the customer is now increasingly choosing the services on a much more individual basis and with diminishing respect to previous relationships. In sum, the financial services sector is steadily turning into a datadriven economy.166 Without data and access thereto, it will become difficult to stay competitive. Traditional assets, which the sector used to a key role, are becoming increasingly insignificant and replaced by data. Importantly, the datafication of the sector does not take place in a silo but stands in a reinforcing relationship with the above-described automation. Together with automation, the datafication of the sector further shifts the sector’s decisional centre of gravity from humans to software, where a rapidly growing share of decisions is being ‘outsourced’ to algorithms 162 For a past-present comparison in the context of asset management, see, e.g., Deloitte, ‘Alternative Data for Investment Decisions: Today’s Innovation Could Be Tomorrow’s Requirement’ (Deloitte Center for Financial Services 2017). 163 See also World Economic Forum, ‘The New Physics of Financial Services—Understanding How Artificial Intelligence Is Transforming the Financial Ecosystem’ (n 77) 24. 164 See, e.g., Arner, Castellano and Selga (n 118) 252f. 165 That is, because not only switching costs for consumers are decreasing significantly,

but also it is becoming increasingly normal to use granular services from different providers for distinct purposes. 166 In the same vein, Zetzsche and others, ‘The Future of Data-Driven Finance and RegTech: Lessons from EU Big Bang II’ (n 135).

6

DIGITAL DISRUPTION: STRUCTURAL SHIFTS UNDER …

185

(feeding on data). Correspondingly, decisional control is transferred from the financial institutions to programmers (i.e. tech companies) and those collecting and aggregating the data for the algorithms. The human role, on the other hand, is often limited to the process of programming the code, maintaining, and—depending on its level of sophistication— improving the algorithm.167 Besides that, data is the single most decisive ingredient of its action—as the accuracy and predictive capabilities of algorithms are defined by the breadth, depth, and quality of the data.168 As often neither the programmer nor the user of the algorithm has a clear picture on these metrics for the data put used by it, comprehensibility and predictability of the algorithm are further aggravated, leading to a perpetuation of the slipping of control over decision-making in the sector.169 Furthermore, accompanying the shift of substance from finance to tech is also a shift in relevant expertise. Financial service providers are increasingly looking for data scientists and IT specialists rather than graduates from financial backgrounds.170 Over time, this talent turnover will likely lead to a loss of expertise on the financial part, further reinforcing the aforementioned control shift.

5

Conclusion

As shown by this analysis, the financial services sector is undergoing substantial change. These shifts are going deeper, and change is happening faster than ever, which makes them highly relevant from a 167 For a more comprehensive display of the methodology and different working stages of an (ML-based) algorithms, see EBA, ‘EBA Report on Big Data and Data Analytics’ (n 75) 24ff. 168 See also World Economic Forum, ‘The New Physics of Financial Services—Understanding How Artificial Intelligence Is Transforming the Financial Ecosystem’ (n 77) 71. More precisely, it has to be differentiated between the data that is fed to the algorithm in the course of its ‘training’, and the new input data, which it uses for self-improving and decision-making. While the former is under control of the programmer, the latter is hard to monitor and is consequently the one raising concerns. See also EBA, ‘EBA Report on Big Data and Data Analytics’ (n 75) 31f. 169 The accuracy of data is also expressed as a concern utmost importance by respondents to the consultation of Big Data by the ESAs. See ESA’s, ‘Joint Committee Final Report on Big Data’ (n 121) 6. 170 In the context of the investment industry, see Deloitte, ‘Alternative Data for Investment Decisions: Today’s Innovation Could Be Tomorrow’s Requirement’ (n 162) 8.

186

C. RUOF

regulatory perspective. Fintech applications that can be seen right now are not the cause of this change, but rather a symptom of the structural shifts taking place in the sector. It has been shown that under the surface of the innovation fintech applications, more fundamental changes occur. This was first shown in the context of decentralization: While from the consumer’s perspective, a shift from big one-stop-shop institutions towards small, specialized players is taking place, the more substantial change is happening on a deeper level, i.e. from a monolithic (in-house) back-end structure to a highly decentralized, interwoven and dynamic web of players. As a result, substance and control are being outsourced to specialized third parties. Second, financial services are being provided in a more digitalized and automated fashion. Yet, substantial decision-making tasks are transferred from humans to algorithms—effectively outsourcing major responsibilities to computer programs. This outsourcing process is also part of the broader transformation of the sector towards a more techno-centric one. Datafication plays the other major role in this transformation. While data enables financial service providers to offer more individualized, efficient, and cheaper services, at the same time, an increasing dependency on data grows and propels the transfer of control from humans to computers and from classic finance to new technology.

CHAPTER 7

The Information Problem Under Fintech

Having examined the fintech phenomenon from a micro- and macroperspective, this chapter puts fintech into context with the information deficit, inherent to financial regulation. That is, it will apply the conceptual framework developed in Chapter 3 to the characteristics and shifts associated with fintech as identified in Chapters 5 and 6. Given the centrality of complexity to the information problem, it will begin by showing how fintech elevates complexity and renders the collection and processing of information for regulators more costly. Subsequently, it will scrutinize the implications of fintech’s characteristics and shifts on each dimension of the information problem, namely the information gap, unknown information and Knightian uncertainty. Thereby, it will show how fintech renders the sector more opaque and is associated with a tendency of moving activity outside the (traditional) regulatory perimeter. Ultimately, it argues that given the utmost importance of information for achieving sound financial regulation and avoiding regulatory mismatch, addressing the information problem should have priority and stand above all questions of specific regulatory gaps or market failures caused by individual fintech applications.

© The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 C. Ruof, Regulating Financial Innovation, EBI Studies in Banking and Capital Markets Law, https://doi.org/10.1007/978-3-031-32971-5_7

187

188

C. RUOF

1

The Fintech Complexity

As explained earlier, complexity, as used herein, functions as an umbrella term to capture those components of the sector as well as the interactions between them, which render it difficult to understand, i.e. which produce or increase information costs.1 There are a number of typical drivers of complexity in the financial sector that have been sketched above. As will be shown, these drivers are also in various manifestations prevalent in the era of fintech. 1.1

New Opaque Market Structures

One of the main sources of rising information costs under fintech is the new market structure in the era of fintech, which is associated with an extraordinary high level of opacity.2 Fintech brings an unprecedented influx of new players to the financial services sector. In general, the influx of new participants is always accompanied by a flood of new relevant information, needing to be either produced by the regulator or collected from market participants. For several reasons though, this task has become significantly more difficult in the era of fintech. First, to collect or produce information about new market actors, the regulator needs to become aware of them. Herein lies the first problem: A significant number of fintech players are emerging outside the regulatory perimeter.3 That is particularly true for market support services that perform back-office functions for (front-end) financial players since they do not themselves perform financial services.4 In contrast to financial institutions, these firms are typically not regulated and therefore off

1 See at p. 58f. 2 See above at in Chapter 5 Sect. 4.1 and Chapter 6 Sect. 2. 3 See above in Chapter 6 Sect. 2. That is especially true for market support services,

which typically do not qualify as a ‘financial firm’ in the meaning of the law, as well as firms using white label banking and thereby avoiding the need for a regular license. Another trend that is mostly taking place outside the regulated sphere is that regarding all kinds of services around cryptocurrencies. This area is drawing increasing attention from regulator. Elizabeth Warren for instance, recently called Crypto the ‘new shadow banking’. See Andrew Ross Sorkin and others, ‘The New “Shadow” Banks’ The New York Times (8 September 2021) https://www.nytimes.com/2021/09/08/business/dea lbook/crypto-bitcoin-regulation.html. 4 Which is typically what puts them in the scope of financial regulation.

7

THE INFORMATION PROBLEM UNDER FINTECH

189

the regulator’s radar.5 Similarly, bigtechs who increasingly gain systemic significance by providing cloud infrastructure and storage capacity for financial institutions are not directly under the purview of the regulator. Lastly, the identification of (decision-making) actors in the DeFi world is extremely difficult, as these in many cases hide behind the cover of decentralization and anonymity.6 As a result, it has become much harder—more specifically, costly—to collect information from relevant players. Before fintech, regulators had a single point of contact to gather relevant information directly from the regulated institution where it had originated. To the activity outside the regulatory radar, in contrast, the regulator generally simply lacks a direct channel of access from which it could draw information. Now, with every level of delegation, the regulator is pushed farther away from the original source of information. While the existing links to financial institutions are still in place, with the increasing outsourcing of activity to third parties, they lose their value. These problems become more severe considering the chain of outsourcing does not end at TPP’s, but continues to fourth party providers, fifth party providers, and so on.7 The result is a further obfuscation of the web of players that ultimately form the financial company as it is operating in the market. Correspondingly, information is now dispersed among a large number of small (often unregulated) parties.8 Worse still, as the outsourcing of activity is accompanied by an outflow of knowledge and expertise, financial institutions themselves are often not in the possession of information regarding their activities (anymore). In cases where the distribution of a service is decoupled from its origination9 and financial institutions act as mere platforms, substance including expertise and infrastructure is not to be found at the front-line financial institution, but is once again dispersed in the background among a diverse set of players—and crucially off the regulator’s radar. Overall, a large share

5 See Tsang (n 20 in Chapter 6) and Enriques and Ringe (n 149 in Chapter 5). See also below in this chapter. 6 See also World Bank (2022) ‘Why Decentralised Finance Matters’ (n 66 in Chapter 5)

44. 7 See above 149ff. 8 See Figure 5 above. 9 See above 167ff.

190

C. RUOF

of activity appears to be migrating into the shadows and away from the (financial) regulator’s oversight.10 Exacerbating this problem is the dynamism of the field of players in this part of the sector. Part of that dynamism is a constant change in the composition of the sector, in particular with respect to market support services. In that particular sector, low barriers to entry allow for a constant influx of new players: First, players in that sector regularly do not (themselves) perform a financial service and are therefore not subject to licensing requirements. Also, they typically offer a highly specialized and technology-based service, which does not require the operational basis that is often needed to run a financial company. To a perhaps lesser but still significant extent, this dynamic exists also with respect to front-office activity, in particular with neo-banks and (other) platform providers for small fintech players. Especially white label banking lowers barriers to entry by largely removing regulatory obstacles for small players and thereby adds to the emergence of new players. In that case, the regulator once again is only connected to the front entity, lacking direct access to the actual substance and relevant sources of information. These new forms of interconnectedness and dynamism conceals the field of players making it challenging to get informed about who performs what function and overseeing the links between players, both from the front to the back and within the back. Having gained an overview over the field of players in the sector, in a next step, the regulator needs information about (a) what activity they specifically perform, (b) the corresponding risks, and (c) the nature and extent of interconnections between players in the front to those in the back and among actors in the back. In this context, the impact of fintech on the costs associated with collection and interpretation of these types of information increase substantially. Identifying and understanding the activity can face great difficulties that stem from the increased use of technology and algorithms (which will be further discussed in the subsequent part). With respect to (b), decentralization of players and activity also cause a decentralization of risks. The large number of additional players in the ecosystem simultaneously increase the number of interconnections in the system and (in consequence) potential points of

10 This observation is shared by other commentators, such as Omarova, ‘Technology v Technocracy’ (n 2 in Chapter 1) 90.

7

THE INFORMATION PROBLEM UNDER FINTECH

191

failure.11 Fintech credit platforms, for instance, involve a decentralization of (esp. liquidity and credit) risk to the smallest unit.12 Because fintech companies often add additional layers of intermediation on the existing structures, they are closely interlinked with incumbents. Those links could potentially create channels for the transmission of risks from fintechs to incumbents. Further difficulties getting information about risks associated with a specific activity are again posed by the developments in the market support segment. While individually they are often small and provide a very technical service, looking at large, they perform a substantial part of (critical) back-office functions. This new complex structure disperses risks (especially operational and prudential risks), makes these risks harder to locate, and is likely to present utterly new risks to regulators.13 That is in stark contrast to pre-fintech eras when these back-office functions were still (mostly) concentrated in the same institution that also provided the service at the front-end. Further difficulties arise in connection with subscription-based business models and interoperability. As a result, those interconnections become less steady and harder to identify, leading to an overall obfuscation of the sector and a consequential rise in information costs. This is exacerbated by the existence of parallel structures, above all the DeFi ecosystem. These ecosystems entail complex links within and outside their structures, which are often far from easy to identify.14 Overall, in terms of complexity theory, both the number of individual components in systems and the way they interact increase, leading to a great rise in complexity and information costs. 1.2

Technological Sophistication and Specialization

Other characteristics of new fintech players that affect information cost are that they are usually highly specialized, diverse, and technological. As shown before, these characteristics permeate innovation in all areas of the financial services sector, from robo advisors in asset management, 11 Similarly, Philippon (n 24 in Chapter 5). See also Allen, ‘Payments Failure’ (n 41 in Chapter 3) illustrating this on the example of Venmo in the payment sector (see p. 487f). 12 FSB, ‘Decentralised Financial Technologies: Report on Financial Stability, Regulatory and Governance Implications’ (n 27 in Chapter 6) 3f. 13 Similarly, FSB, ‘FinTech and Market Structure in Financial Services: Market Developments and Potential Financial Stability Implications’ (n 134 in Chapter 5) 2. 14 See FSB (2023) DeFi (n 60 in Chapter 6) 21f.

192

C. RUOF

over new payment providers, to market support services and impact information costs in multiple ways: The new diversity that is associated with fintech, ranging from business models to internal structures, affects information costs by reducing economies of scale associated with collection and production of information about specific types of services. What further enhances this effect is that the services those players offer are becoming increasingly customized. As a result, in addition to the diversification on the firm-level comes a diversification of the output, i.e. on the service/ product level. That means that one service of a particular firm can take various individual forms, depending on the person it is provided to. Depending on the range of the variety of the service, this can result in increasingly varying risk implications corresponding to changes in the customer base. Hence, this new diversification needs to be taken into account in the regulatory assessment.15 In addition, new fintech players typically have a strong technological focus, further driving information costs. As described above, compared to previous eras of financial innovation, the complexity around the relevant technologies—in particular cryptography, DLT, and AI/ML—has increased.16 As opposed to past eras, in fintech ‘disruption’ is frequently on the agenda of start-ups and new market entrants. Notwithstanding the actual validity of this claim in each individual case, innovation activity taking place outside the ordinary channels has in fact increased. Innovation that is based on a solely new technological infrastructures is associated with exceptionally high information costs, as it requires the regulator to intellectually conquer an utterly new field. Thereby, the regulator can to a lesser extent build on its existing basis of knowledge, as the case with incremental information. Hence, given the greater level of uncertainty around these types of innovations, the information costs associated with the new technologies under fintech are especially high. Some innovations for instance create new (additional) infrastructure systems

15 See also Omarova, ‘Technology v Technocracy’ (n 2 in Chapter 1) 92f. 16 With respect to ICO’s, for example, the lack of information and corresponding

uncertainty was not least indicated by the fact that it took most jurisdictions many years before deciding how to regulate those. See, e.g., Dirk A Zetzsche and others, ‘The ICO Gold Rush: It’s a Scam, It’s a Bubble, It’s a Super Challenge for Regulators’ (2019) 60 267.

7

THE INFORMATION PROBLEM UNDER FINTECH

193

(e.g. payment providers in some jurisdictions),17 while others (e.g. certain cryptocurrencies)18 run on a wholly different (parallel) structure. In the context of DeFi for instance, written disclosures and balance sheets are replaced by computer code of smart contracts. Those smart contracts typically exhibit a high level of complexity, as they often need to take into account many possible states of the world before they are deployed.19 Auditing and understanding the code underlying the smart contract is a regularly highly complex undertaking and only reserved to a small group of people.20 Even in the case there is a written disclosure explaining the functioning of the code, it is similarly difficult to verify for third parties, including the regulator. Additional technological complexity is introduced by the convoluted governance structure of the distributed ledger, on which the DeFi ecosystem is based.21 DeFi applications typically claim to have decentralized ownership structures, if they have such structures at all.22 However, the actual degree of decentralization varies broadly, with often the actual control and power being in the hands of only a few actors.23 Furthermore, there are a number additional idiosyncratic features of DeFi that introduce more complexity and raise costs for gathering sound information about it24 : First, while the underlying protocol is typically transparent, the pseudonymous nature of information on public ledgers limits its usefulness. Second, a large number of transactions take place offchain, rendering available information incomplete. This is further added by the lack of or non-compliance with reporting standards ensuring reliability of the information. Lastly, there are significant incentives at play for certain actors in the DeFi ecosystem to manipulate their data in 17 See above at p. 108. 18 See above at p. 108f. 19 FSB (2023) DeFi (n 60 in Chapter 6) 18. 20 See Allen, ‘DeFi: Shadow Banking 2.0?’ (n 88 in Chapter 5) 10f. 21 Ibid 10. Notably, in the context of complexity, the discussion of the true level of

decentralization that DeFi entails is not of importance, as the complexity introduced by its structures and technology remains untouched. 22 See FSB (2023) DeFi (n 60 in Chapter 6) 11. 23 Ibid p. 17 and Angela Walch, ‘Deconstructing ‘Decentralization’: Exploring the Core

Claim of Crypto Systems’ (2019) in Crypto Assets: Legal and Monetary Perspectives (Chris Brummer, ed), Oxford University Press, 2019. 24 Comprehensively, FSB (2023) DeFi (n 60 in Chapter 6) 31f.

194

C. RUOF

order to make their service or product seem more significant. On a more general level, perhaps the key concern with DeFi from an informational point of view is that players in this sphere seek to fully replace the existing financial infrastructure with new unregulated, shadow infrastructure. Decentralized payment schemes for alternative currencies for example seek to provide a traditional financial service on an alternative, decentralized infrastructure. Thereby, key functions are pulled out of the existing system on which the regulatory structure is build and thereby largely out of the purview of the regulator.25 Crucially, these and other new technologies play a more central role in the business model of many firms than in the past, making the comprehension of the technology even more indispensable for understanding the firm and its risks. Relevant information can in many cases be deeply hidden in code and therefore only be collected or produced with significant expertise in computer science and coding.26 Further exacerbating the situation is that such information does not have to necessarily reside with the company that offers the financial service.27 Rather, for instance, the algorithm on which the service is based can be supplied by a third party whose expertise lies even deeper (and more exclusively) in IT and coding. Hence, in addition to being qualitatively more demanding, the relevant information is more fragmented and difficult to locate for the regulator, which further drives information costs.28 Another highly important technology-based driver of information costs is the widespread use of sophisticated algorithms. As stated above, more

25 Yet, it remains to be seen how successful these attempts will turn out to be. 26 See also Allen, ‘Payments Failure’ (n 41 in Chapter 3) 484ff in the context of fintech

developments in the payments sector. Also the FSB, ‘Financial Stability Implications from FinTech: Supervisory and Regulatory Issues That Merit Authorities’ Attention’ (n 6 in Chapter 5) 2: ‘the complexity and opacity of some big data analytics models makes it difficult [.….] to assess the robustness of the models or new unforeseen risks in market behaviour, and to determine whether market participants are fully in control of their systems.’ 27 That can, e.g. be true for investment advice companies, whose advice heavily relies on AI-powered algorithm. 28 This fragmentation can to a certain extent also exist within the financial institutions (between front-end employees and back-office developers). See also Zetzsche and others, ‘Regulating Artificial Intelligence in Finance: Putting the Human in the Loop’ (n 66 in Chapter 6) 24. See also FSB, ‘Third-Party Dependencies in Cloud Services’ (n 131 in Chapter 5).

7

THE INFORMATION PROBLEM UNDER FINTECH

195

and more emerging fintech companies heavily rely on the use of (MLbased) algorithms that feed on the massive amount of unstructured data. ML-based algorithms are generally associated with two additional problems with relevance for the information deficit, explainability and predictability.29 Explainability refers to how difficult the outputs of an algorithm are to understand, while predictability is a measure of the difficulty to predict those outcomes in advance.30 These issues are not congruent with knowledge about the inner workings of an algorithm. Even with the possession of a full understanding on the programming of a particular algorithm, the actual mechanism of how input is turned into specific output still remains opaque. It is not that explainability and predictability from human behaviour are straightforward—far from it. However, over time humans developed an understanding of the functioning of other humans—be it empathically or empirically. There is no similar intuitive understanding of the workings of algorithms. MLbased algorithms are highly unpredictable and unexplainable, almost by definition. The way they evolve and how they reason from the data is almost entirely alien.31 This phenomenon is commonly referred to as the ‘black box’ problem, meaning that only input and output are observable, while the mechanism remains utterly unknown.32 As algorithms become more sophisticated and autonomous, these issues will become more pronounced. Continuing this trend, it is not unlikely that in the foreseeable future algorithms will decide autonomously what data to collect, what data is relevant, and how it is relevant or even autonomously reprogramme their operations. As one commentator in the field put it, they might become ‘algorithms that make algorithms’.33 These difficulties 29 The notion of explainability and predictability is common in the literature about algorithms, but was notably introduced in the legal discourse by Tutt (n 108 in Chapter 6) 101ff. 30 Ibid. 31 Eliezer Yudkowsky, ‘Artificial Intelligence as a Positive and Negative Factor in Global

Risk’ in Nick Bostrom, Milan M Cirkovic and Martin J Rees (eds), Global Catastrophic Risks (Oxford University Press 2008) 313. 32 Comprehensively on the notion of algorithmic black boxes see, e.g., Frank Pasquale, The Black Box Society: The Secret Algorithms That Control Money and Information (Harvard University Press 2016). 33 Pedro Domingos, The Master Algorithm: How the Quest for the Ultimate Learning Machine Will Remake Our World (Penguin Books 2017) 6 or Eric Siegel, Predictive Analytics: The Power to Predict Who Will Click, Buy, Lie, or Die (2., Wiley 2016) 115.

196

C. RUOF

worsen considering the (potential) interdependencies between algorithms. It remains unclear what will transpire when sophisticated algorithms start to be a dominant force in the (financial services) market.34 The impact on information costs is accordingly high. To decipher the exact mechanisms of these algorithms, a massive amount of expertise, time, and technological support is necessary. The exact amount increases with the level of sophistication of the algorithm, up to a point, where a full understanding is (almost) impossible. Moreover, given the dependency of algorithms on the breadth of data, the expanding volume, variety and velocity thereof, renders the input to an algorithm increasingly obscure and thereby once more hampers the comprehensibility and predictability of its actions.35 1.3

Speed and Size-Induced Complexity

The velocity of the sector constitutes another major source of rising information costs mainly driven by the pace of innovation, the turnover of information, and the automation of decision-making. Under fintech, the speed with which new players enter the market has skyrocketed. This is not only a result of broader (technological) advancements, but is also, to a large extent, driven by new forms of interaction and business models in the sector that have emerged for this purpose. For instance, instead of going through the long process of acquiring a license, firms enter into agreements with already licensed players and enter the market through them.36 This affects information costs for the regulator through the loss of a major channel for information about a firm—the licensing process. This path to the market is less transparent which is why information remains much more exclusive in the bilateral arrangement of the two (private) parties. Meanwhile, the speed with which a service is adopted and disseminated has increased significantly. But also, on the contrary, the speed with which a service fails or is outcompeted is greater than before. Hence, market presence in the time of fintech is 34 These interdependencies can for example take the form of ‘herding’ or tacit collu-

sion (being the other extreme). See, e.g., Zetzsche and others, ‘Regulating Artificial Intelligence in Finance: Putting the Human in the Loop’ (n 66 in Chapter 6) 19f. 35 The accuracy of data is also expressed as a concern utmost importance by respondents to the consultation of Big Data by the ESAs. See ESA’s, ‘Joint Committee Final Report on Big Data’ (n 121 in Chapter 6) 6. 36 See above at p. 124.

7

THE INFORMATION PROBLEM UNDER FINTECH

197

much more fugitive than in the past. From an informational perspective, this also means that relevant knowledge evolves much faster. Expertise becomes shorter-lived, and accordingly, the effort to stay substantially informed grows. Moreover, these types of arrangements potentially make the private sector more responsive, allow firms to react to new regulations quicker (in whatever way),37 and accelerate the dialectic game. This is exacerbated by the increasing popularity of subscription-based business models which enhances this dynamic. As described above, it turns a formerly steady back-office infrastructure into a fast-evolving and dynamic landscape, where the individual service providers, as well as the interactions between them, are subject to constant change. This raises information costs, as these changes need to be tracked and new information associated with them needs to be collected and assessed. Information subject to constant change, e.g. includes the identity of the players, their respective business structure and risk profile, as well as the interdependencies among them. Ultimately, this raises complexity on both levels: that of the single components and with regard to the interactions thereof. Aside from the private sector, the public sector also contributes to the velocity of the sector. Open Banking initiatives (intentionally) fuel private sector innovation by breaking up data monopolies of incumbents and enabling small players to build business models on customer data. It leads to increased overall movement of data between a diverse set of market players and creates additional interlinkages.38 What further underlies the overall velocity in the sector is the high level of information turnover, i.e. the amount of information that is being generated (in whatever sense), collected, shared, and put to use in the market within a certain period of time. While the production of a greater amount and availability of information is largely a (by-) product of the digitalization of the sector, harvesting this information and putting it to use is enabled by sophisticated algorithms in combination with the processing and storage capacity offered by cloud technology. API

37 That means, be it in the form of regulatory arbitrage or other ways of innovative compliance. See above in Chapter 4 Sect. 2. 38 Importantly, part of some of these initiatives, such as the PSD 2, was also to widen the regulatory perimeter by extending the scope of the original directive to these thirdparty services accessing and using the data. In that way, they also significantly decrease information cost by gaining direct access to those firms.

198

C. RUOF

technology supports this trend by laying the infrastructure for fast information exchange and creating shortcuts that allow information to flow better between market actors.39 However, from an informational perspective, this significantly affects the comprehensibility of market activity and infuses a high level of uncertainty in the sector. In tendency, the more data algorithms harvest from different sources, the more opaque it becomes how an algorithmic decision is made, ultimately exacerbating the black box problem. For developing an understanding about the algorithms and the outputs they produce, the regulator hence needs to know what data is used and how it is utilized. Important to this context is the increased use of non-financial information by algorithms performing financial services. The use of such information automatically makes it relevant for regulators and expands the spectrum of information to be collected and processed. Another aggravating factor is the role of the quality and trustworthiness of data, as the quality of algorithm-based decisions is its data input.40 That means, if predominantly poor data is used, new risks due to poor algorithmic decisions might emerge. For the regulator, this implies that to understand the output (or generate good output), one needs to be in a position to assess the quality of data. The automation of decision-making affects the velocity of the sector in the sense that decisions are increasingly made instantaneously. Enhanced automation at each step of the process further leads to the decision being able to be made and implemented in almost real time, accelerating the overall pace in the sector.41 For instance, with the use of smart contracts, obligations, such as collateral calls, are instantaneously enforced by code.42 Whereas the element of human deliberation or the existence of (human) intermediary has in the past created a natural barrier to the speed in the decision-making, this barrier is removed and fully replaced by a computer that produces a decision within milliseconds. Given the interactions and interdependencies in the financial sector, this micro-level efficiency improvement can turn into a vicious cycle of self-reinforcing 39 See also Allen, ‘Payments Failure’ (n 41 in Chapter 3) 472f. 40 A phenomenon often described with ‘garbage-in, garbage-out’ and has been a long-

standing problem in machine learning and data analytics. See Thomas C Redman, ‘If Your Data Is Bad, Your Machine Learning Tools Are Useless’ [2018] Harvard Business Review https://hbr.org/2018/04/if-your-data-is-bad-your-machine-learning-tools-are-useless . 41 See also Omarova, ‘Technology v Technocracy’ (n 2 in Chapter 1) 89ff. 42 See also FSB (2023) DeFi (n 60 in Chapter 6) 16.

7

THE INFORMATION PROBLEM UNDER FINTECH

199

acceleration. One action of an algorithm can trigger a (re-) action of another algorithm, triggering a (re-re-) action of the former algorithm as well as a (re-) action of third, and so on. This all taking place in an instantaneous fashion would result in a level of velocity that is extremely difficult (and costly) to comprehend and not less hard to control. Lastly, fintech is also increasing the size of the financial sector. One important mechanism through which this takes place is by way of drawing new people into the financial system. This happens through multiple channels: For instance, in the pursuit of financial inclusion, robo advisors channel fresh capital from small retail investors into the capital market.43 Additionally, fintech payment providers offer financial products such as money market funds, thereby also channelling fresh money into the capital markets.44 Moreover, fintech credit platforms are producing (often high yield) loans, while equity crowdfunding platforms and initial coin offerings grant small enterprises access to public capital who would otherwise not meet the threshold for a regular IPO.45 Ultimately, the financial products created as a result of those and other fintech transactions stand ready to be fed into the securitization machinery of secondary markets and thereby further inflating its size.46 In sum, it shows that fintech spurs the sectors inexorable march towards mystifying complexity, with the above-outlined trends as main drivers.47 From an informational perspective, these developments make a quantitative as well as qualitative change, increasing information cost. Ultimately, with fintech, the financial services sector is becoming significantly more difficult to understand than commonly appreciated, exacerbating the inherent challenges of financial regulation.

43 By charging smaller fees and requiring smaller investment thresholds, they thereby typically appeal to investors who haven’t had access to financial advice before. See above at 139ff. 44 Which is what happened in China, resulting in the biggest Money Market Fund in the world. See (n 259 in Chapter 5). 45 See above at 136ff. 46 On a larger (and arguably more fraudulent) scale, this awakens memories of the

origins of the GFC, when excessive amounts of subprime mortgages were fed into the secondary market, where they were securitized. 47 Wording taken from Allen, ‘Driverless Finance’ (n 154 in Chapter 4) 161.

200

C. RUOF

Information Deficit Under Fintech

2

In Chapter 3, I distinguished between three dimensions of the information deficit. First, there is an asymmetry between the information of private actors in the market and that known by regulators—here referred to as an information gap.48 Second, there is information that is known to exist but not collected or produced by any single market actor termed unknown information. Last comes the issue concerning information with an existence which is fully unknown, unknown unknowns or Knightian uncertainty. This section will stick to this framework and analyse the impact of fintech on each dimension of the information deficit with a particular focus on the information gap. Hereby, the focus will lie on its impact on the information gap given its more direct implications for the regulation of fintech. 2.1

Fintech and the Widening Information Gap

As just discussed, fintech elevates complexity in the financial services sector to new heights. This generally result in higher information costs that, for the aforementioned reasons, particularly affect the regulator. Aside from the rise of information costs, the two key components of the information gap are (1) the (inherent and artificial) information advantage of private parties and (2) the information processing capacity of private sector players vis-à-vis regulators.49 The following part will apply this framework to the features of and shifts under fintech and discuss the most important developments in these categories. 2.1.1

Inherent and Artificial Information Advantages Under Fintech As outlined in Chapter 3 part I.(1), one source of the information gap is that private market participants possess the inherent advantage of either being the source of information or at least in proximity to it (e.g. as competitors or collaborators). In fintech, however, there is reason to believe that this advantage might be smaller than in the past. The cause for this lies in the new market structure: There are now smaller and 48 A further distinction on the market side can be made between individual actors and the sum of all actors. 49 See Eq. 3 above at p. 55.

7

THE INFORMATION PROBLEM UNDER FINTECH

201

highly specialized players, making the information they possess likely technical and narrow. In contrast to larger financial entities that dominated the market in the past, these players are likely to lack the incentive and the capacity to gather information that goes beyond their narrow spectrum of activities. This translates to deeper knowledge on information from a distinct activity, but a shallow grasp of information on other, non-related activity as well as systemic information. For instance, a small fintech firm might possess a high level of expertise with respect to their particular payment service, but broadly lack contextual information on how this service is located in the wider ecosystem or perhaps even alters it. Similarly, it regularly does not possess (much) information about activity in other sector of the financial market or macroeconomic aspects. For the notion of the information gap, this means a widening of the gap concerning information on their distinct activity, yet at the same time a reduction or even reversal with respect to other information. It needs emphasis that this reversal is not caused by an improved information level at the regulator but due to a decrease on the side of the individual firm. Hence, for the regulator, the main implication is that the amount of information that can be collected from each participant is arguably significantly smaller under fintech than in previous eras. Furthermore, under fintech, another layer of information gap, namely one between the provider of the service and the supplier of the technology, is added to the pre-existing one. Depending on the specific service, the technology underlying it, and especially the level of automation, the precise ways of its provision are often far from clear even for the entity who delivers it. While from an outside perspective the entity should be the source of information for their own activity, these kinds of information can already in that case be associated with significant costs even for the entity. That is, however, particularly true in instances where the algorithm on which the service is based is supplied by a third party or certain parts of the end-service are directly performed by other firms.50 Here, the information advantage of the financial institution vis-à-vis the regulator is much smaller, because the more significant information asymmetry exists between the company and its supplier. At the same time however, this is supplemented by the (new) information gap between the regulator and the background supplier(s).

50 See above at p. 122f. and Chapter 6 Sect. 2 and 3.

202

C. RUOF

With respect to new types of information that have become relevant, i.e. non-financial information and (unstructured) information,51 the source of the information lies outside the financial sector so that there should be no significant inherent information advantage of financial firms vis-à-vis the regulator. Yet, with fintech, this can be different. Fintech firms regularly build whole business models around (unstructured) data or more precisely the use thereof. Therefore, they presumably often have better sources and greater sophistication to deal with that new type of data. This is supported by a report by the FSB, noting: ‘[w]hile the abundance of data is itself at the heart of FinTech developments, regulators often note having few official data sources to monitor the sector.’ Potential reasons for this could include the lack of access of regulators to new sources of data as well as their inferior data processing tools. Certainly, this aspect will be—and to some extent already is—elevated to a whole different level with the growing presence of bigtech whose main field of business is located in production of these types of data. Bigtechs have control over unmatched quantities of consumer data touching almost all aspects of life. While a lot of this data has not been put to use in the financial services sector yet, it is likely to gain great significance in the future. Therefore, as bigtechs are likely to play a greater role in the financial services sector, a significant information gap is waiting to emerge. Furthermore, there are information advantages which are not a side effect of market developments but rather are artificially (and purposely) created by private sector activity. It has already been described above that one supply-side driver of innovation is the intentional ‘overcomplexification’ of financial products and services with the intention of deluding customers or regulators.52 The same way it has likely been the case with structured financial products in the wake of the GFC, this could be taking place in the era of fintech. While then, securitization was the instrument of choice, in fintech the instrument could be automation or (more broadly) technologization.53 For instance, firms might deliberately 51 Non-financial information is here used to refer to information that is unrelated to financial transactions or the use of financial services/ products. It thereby might differ from its use in the law, such as the Non-Financial Reporting Directive (Directive 2014/ 95/EU). 52 See above at p. 90. 53 Similarly, Allen, ‘Driverless Finance’ (n 154 in Chapter 4) 177.

7

THE INFORMATION PROBLEM UNDER FINTECH

203

obscure the working of algorithms they deploy and refer to the black-box in case something goes wrong. They also might outsource compliance or other back-office tasks to obscure their inner architecture, e.g. allowing them to take higher risks. In a similar vein, technologies like DLT could be used to cloak a financial service as a decentralized in order to avoid the regulation that would normally apply. The type of complexity created that way (i.e. ‘artificial complexity’)54 differs from the general complexity in the sense that it is typically more superficial, attempting to cloak the true (simpler and more well-known) core of the product/service. As the relevant information is hidden behind a layer of artificial complexity, this behaviour adds to the information advantage of private entities as compared to regulators.55 2.1.2 Information Processing Capacity in the Era of Fintech The second factor underlying the information gap is the information processing capacity of private market actors vis-à-vis regulators. The most important determinants thereof include the use of and access to state-of-the-art technology, human resources, up-to-date expertise, and deployable (financial) resources. It has already been mentioned above that asymmetries in information processing capacity are a problem prevalent in any (regulated) industry field and particularly omnipresent in finance.56 Fintech again is likely to append to that problem in several ways. First, we are still witnessing the beginning of the fintech era. At this stage, the private sector is moving at a high pace57 driving forward the development of new business models and innovative services, all having in common a high reliance on technology and algorithms. While the pace of technological change generally is constantly accelerating,58 fintech firms 54 See also above at 82ff. 55 Notably, this advantage also often exists vis-à-vis other private entities—arguably to a

much lesser extent though, as private parties often engage in similar practices of artificially enhancing complexity. This was also true with regard to the activities before the GFC, where the investment banks involved were mostly aware of the respective practices of their competitors. 56 See above at p. 55f. 57 See above at p. 154ff. 58 According to the prediction of Gordon Moore, the founder of Intel, in 1965

(referred to as Moore’s law), the number of transistors that could be fixed per square inch

204

C. RUOF

regularly harness the cutting edge of technological innovation for their service or build their whole business around it. In that sense, novel technologies are in tendency given a more central and constitutive function, in contrast to the supporting role that it has always had in the past. Under fintech, succeeding in the market is often closely related to having the best technology or algorithm, making technology a central subject of competition. As a result, there is typically only a small lag between the emergence of a relevant technological innovation and its deployment by (some) fintech firms. Regulators on the other hand do not have this build-in incentive to harness innovation or seek new ways to improve or recreate their operations. Consequently, they often operate with old analogue systems, which are not able to keep up with the pace of information production in the sector, resulting in a widening gap of technological standards and sophistication. For instance, manual reports, which still form the basis of many regulators for gathering information, are typically periodic and require considerable time to prepare, creating an inherent time lag where in the current era the information may be already obsolete by the time it reaches the regulator.59 Even where analogue systems have been automated, they often function with workflows that were originally designed for an analogue world, still bearing the fundamental features for how information was transmitted in the past.60 In addition to that, there is a growing gap concerning expertise and skills that are becoming increasingly central in the era of fintech, in particular in the areas of IT, computer programming, and data analytics. The industry on the one hand is fiercely competing for talent with aforementioned backgrounds and increasing their respective share of them in their overall workforce. According to an analysis by the Financial Times, for instance, the number of adverts for IT and engineering roles at banks across the EU in the first quarter of 2018 was 11.4 times higher than in the same period in 2015, while the overall share of those positions at banks went up from seven to 17%.61 Recent efforts by incumbent on integrated circuits doubles every two years, while the costs are halved. See Gordon E Moore, ‘Cramming More Components onto Integrated Circuits’ (1965) 38 Electronics. 59 See Jo Ann S Barefoot, ‘A RegTech Manifesto—Redesigning Financial Regulation for the Digital Age’ (Alliance for Innovative Regulation 2020) 26f. 60 See also ibid 26. 61 Nicholas Megaw, ‘Banks Seek Tech Talent for Digital Shift’ Financial Times (21

May 2018) https://www.ft.com/content/90063bd2-59e0-11e8-bdb7-f6677d2e1ce8.

7

THE INFORMATION PROBLEM UNDER FINTECH

205

financial institutions in recruiting tech talent for transforming and digitalizing their services further corroborate this observation.62 Meanwhile, regulators broadly lack that kind of personnel and skills in their ranks.63 Similar to the influence on information advantages (see above), fintech also brings new facets to the asymmetry in information processing capacity, in particular when it comes to general resource asymmetry. One new facet is rooted in the decentralization of the sector64 which is likely to be accompanied by a decentralization of resources, too. That is, when a large number of small start-ups are stealing the market share of big incumbents, correspondingly resources are drawn away from them and allocated among a larger field of players, resulting in a smaller concentration of resources. This has the effect that the (average) resource asymmetry between the regulator and individual players would likely decrease.65 In some scenarios, this could even lead to a reversal of the information gap. For instance, where a fintech is primarily relying on an algorithm provided by a third party and at the same time (due to its small size and resources) does not possess significant information processing capacity, the regulator—despite suffering from structural information disadvantages—might yet have a better overview and experience, making it the better-informed party. Another new facet of resource asymmetry is likely to be introduced by the entry of bigtech, which in contrast would be located on the other side of the spectrum. While financial incumbents have been (and certainly to a certain extent still are) the power hubs on the market side, bigtechs are either likely to replace or supplement their dominance by leveraging their monopolistic or near-monopolistic power in other sectors to position themselves in financial services. Bigtech’s success in 62 Ibid. 63 Also, Omarova, ‘Technology v Technocracy’ (n 2 in Chapter 1) 100f. A survey by

the FSB further shows that 70% of (surveyed) regulators still rely on legacy systems and static reports when it comes to the distribution and presentation of data (FSB, ‘The Use of Supervisory and Regulatory Technology by Authorities and Regulated Institutions— Market Developments and Financial Stability Implications’ (n 69 in Chapter 5) 24). 64 See above in Chapter 6 Sect. 2. 65 That assumption, however, only holds true when those small players are independent

and not—as (increasingly) often the case—a subcompany of a big financial player. Moreover, the level of decrease depends on how far the decentralization in the sector goes, and also—similarly important—if the platform dynamics will lead to a re-concentration in the sector.

206

C. RUOF

these other sectors helped them to grow to immense size—the biggest five of them (Alphabet, Amazon, Apple, Microsoft, Facebook) reached a combined market capitalization of USD 7.5 trillion.66 This size and the corresponding availability of resources and capital make bigtech already a serious threat to participants in any sector they seek to compete in. Not least important, these companies are in the possession of enormous data sets, not only is this a source of informational advantage67 but also a distinct form of resource advantage.68 While the various sorts of data these companies produce and possess have just started to be put to use in the financial sector, they are likely to gain increasing significance in the near future.69 Furthermore, bigtech companies have all the requirements that are needed to overcome the contemporary sources of information costs. Namely, the main drivers of complexity in the era of fintech70 belong to the core business and expertise of bigtech companies, giving them an advantage in overcoming it. Their resource advantage and their sophistication and expertise with novel technologies further put them in a good position to successfully ‘over-complexify’ and game regulators. Combining all these aspects, bigtech presents a great risk of significantly exacerbating the information gap and ultimately poses a major challenge to regulators. Overall, with asymmetries growing in both directions, fintech introduces greater variance when it comes to availability of resources. 2.2

Fintech and Unknown Information

The second part of the (inherent) information deficit consists of unknown information and ‘unknown unknowns’, which regulators face now more

66 See The staff of the Wall Street Journal, ‘How Big Tech Got Even Bigger’ Wall Street Journal (6 February 2021) https://www.wsj.com/articles/how-big-tech-got-evenbigger-11612587632 . 67 See above at p. 146f. 68 See above at p. 176. 69 Similarly, Zetzsche and others, ‘The Future of Data-Driven Finance and RegTech:

Lessons from EU Big Bang II’ (n 135 in Chapter 6); Nydia Remolina, ‘Towards a Data-Driven Financial System: The Impact of COVID-19’ (SMU Centre for AI & Data Governance 2020). 70 See above in part I. of this chapter.

7

THE INFORMATION PROBLEM UNDER FINTECH

207

frequently in the era of fintech.71 First, fintech creates information in the market that is neither being collected nor processed (or produced)72 by any party (neither private companies nor the regulators). In contrast to the situation of the information gap above, it is not enough for the regulator to simply identify the relevant party, i.e. the one in possession of the wanted information, and draw it therefrom. Rather, here, the information has to be produced in the first place. While some information is of high relevance from a regulator’s perspective, this might not be the case for private market actors making it not worth deploying the resources necessary to collect and understand certain information.73 In the context of fintech, this type of information is likely to increase as a result of the general increase in quantity of information and the new market structure. In the new fragmented landscape, knowledge is more fragmented and as a result also more granular.74 That means, the knowledge exists in silos, with each party having only the information about the (narrow) activity they perform, lacking a bigger picture perspective of their activity as one part of a system. The implication of this is that systemic knowledge, which is already under-produced, is generated even less.75 Here, once again, a scenario is likely in which the information level of the regulator is higher than that of many private market participants. When every party is only focused on a very small part of the overall value chain (of a respective service), it becomes simply too costly to produce the information that requires connecting all individual components of it. Moreover, for a small, technology-savvy company, it is arguably much easier to reinvent itself than for a bigger financial institution, making it less dependent on the unimpaired continuation of the current system. As a result, they also lack a sufficient incentive to invest in the production of that type of information. 71 See also Yang and Tsang (n 161 in Chapter 5) 360f. 72 Referring esp. to systemic information, i.e. information that is just created through

putting together individual pieces of information and data points. 73 More specifically, private firms typically have an interest to be informed about their risk, their competitors, and their co-operators, but less so about unrelated players and market activity, and importantly often systemic information (which is often especially costly to generate). 74 See above at p. 27f. 75 In tendency, the bigger the player, the higher the interest in generating systemic

information, as with increasing size these players are becoming more integrated to the system, hence exposed to systemic risks. Notably, this incentive is, however, weakened by the prospects of public bail-outs, once the institutions becomes ‘too big to fail’.

208

C. RUOF

At the same time, evident collective action problems prevent those small from coordinating and producing systemic information by connecting the individual components. In sum, systemic knowledge and information on systemic risks, including information about the interactions of small parties, interplays between front-end and back-end function, TPP’s, fourth parties, and so on, become increasingly unknown.76 One particular source of unknown information, for instance, is likely the extended use of algorithms and the related black box issue, where the deciphering of how an algorithmic outcome was reached involves significant costs.77 These costs increase with more sophisticated algorithms, higher dependency on ML, and the further stage of self-development. The more sophisticated and complex the inner workings of an algorithm becomes, the more prone the user is to at some point blindly rely on the algorithms output. This problem is exacerbated when algorithms are developed (and serviced) by an external provider. In that case, the division of responsibilities and potential conflicts of interests can lead to an overall informational failure in the form of a lacking comprehension of the operation of the algorithm in its specific context and application. Looking at the fast improvements in the field of ML, this is likely to become an even greater source of unknown information in the (near) future. Even more, these black box actions could accumulate into macroeconomic black box events. Looking further down the route of automation, there will be (more) interactions between unexplainable and unpredictable algorithms, which can lead to similarly unexplainable and unpredictable outcomes in the market. Another potential source of unknown (systemic) information could be the complex interaction of fintech with secondary market dynamics.78 As described earlier, there are numerous ways in which fintech potentially channels additional capital into the financial system. This bares the risk that complexity prevalent in the fintech sphere is being transmitted into the traditional financial system and balance sheets of big incumbent 76 See also Yesha Yadav, ‘Fintech and International Financial Regulation’ (2020) 53

Vanderbilt Journal of Transnational Law 1109, 1140 stating the lack of knowledge regarding systemic risk stemming from fintech. 77 See above at p. 189. 78 For a comprehensive account of this, see Omarova, ‘New Tech v. New Deal: Fintech

as a Systemic Phenomenon’ (n 14 in Chapter 5). See also Allen, Driverless Finance (n 88 in Chapter 5) 85f.in the specific context of marketplace lending.

7

THE INFORMATION PROBLEM UNDER FINTECH

209

players. This transmission could work as follows: Complexity is introduced in the process of granting the loan, as this decision is primarily done by an algorithm.79 The opacity regarding the algorithm and the credit decision it made is then passed on when the fintech credit sells it, e.g. to an investment bank, intending to securitize it. Bundled together with multiple other loans (possibly also originating from fintech credit), the opacity regarding the product becomes even greater. In this way, complexity stemming from fintech can find entry into the secondary market and ultimately transmitted through the whole financial system.80 Furthermore, as players from the traditional financial world are beginning to enter DeFi, concerns rise that the crypto world could become increasingly integrated with the established financial system, similarly making the one exposed to the other.81 The widespread use of stablecoins within DeFi potentially further increases interconnectedness to the traditional financial markets.82 The FSB identified several potential transmission channels how DeFi could ‘spill over’ and ultimately be a risk for overall financial stability.83 These are just a few examples to illustrate how fintech creates interlinkages with the secondary market, adding to its size, bringing new potential sources of risk, and potentially increasing the severity of a shock.84 Fintech also impacts Knightian uncertainty in the sector. Generally, increasing complexity also means a rising level of Knightian uncertainty,

79 See above at p. 112ff. 80 Again, this resembles the dissemination of repackaged MBS in the wake of the GFC. 81 See for example World Bank (2022) Why Decentralised Finance Matters (n 66 in

Chapter 5) 10. In her recent essay, Hilary Allen points out similarities between the growing world of crypto with the shadow banking system that evolved in the wake of the GFC and warns of the build of systemic risks. See Allen, ‘DeFi: Shadow Banking 2.0?’ (n 88 in Chapter 5) 10ff. 82 World Bank (2022) Why Decentralised Finance Matters (n 66 in Chapter 5) 13. 83 These channels include (i) financial institutions’ exposures to crypto- assets, related

financial products and entities that are financially impacted by crypto-assets; (ii) confidence effects; (iii) wealth effects stemming from the fluctuations in the market capitalization of crypto-assets; and (iv) the extent of crypto-assets’ use in payment and settlement. See FSB (2023) DeFi (n 60 in Chapter 6) 24ff. 84 Another scenario that Hillary Allen draws is one where banks use crypto assets as collateral when borrowing from each other, creating significant expose of the traditional financial market to the crypto world. See Allen, Driverless Finance (n 88 in Chapter 5) 96f.

210

C. RUOF

even though not to the same extent. In a field that is less understood— in tendency—the risk of something utterly unforeseeable happening increases. A more concrete channel, in which fintech influences the level of ‘unknown unknowns’ is (again) the outsourcing of decisionmaking from humans to machines (or more specifically algorithms). That is because this kind of outsourcing does not only imply giving away control over current activity but also over future developments. The more autonomously ML-based algorithms will be able to develop in the sector, the more likely they can go into utterly unforeseen directions. While this is already the case on the level of individual algorithms, it is even more true when it comes to interactions between them. Primarily, these translate into a market outcome (e.g. a trade) that is the product of the direct interaction between two algorithms. For instance, recent empirical studies suggest that algorithms learn to tacitly collude without the instruction to do so.85 However, the effects of those interactions can go beyond their mere sum, but importantly also lead to knock-on effects that have the potential to alter the overall ecosystem in utterly unknown ways. Whereas algorithms exhibit a key driving force in this type of Knightian uncertainty, the new market structures under fintech also more generally make fertile ground for utterly unanticipated events. That is, because the greater the share of unknown information in the market becomes, the greater also the risk of losing control over and comprehension of it and correspondingly the ability to anticipate specific developments.

3 Summary of Findings and Some Real-World Indicators In sum, this section has shed light on the changes the financial services sector is undergoing and analysed their implications for the informational deficit of regulators, particularly the information gap between regulators and regulated actors. It has shown the channels through which fintech exacerbates the complexity in the sector and significantly increases information costs for market participants—most importantly for regulators. These developments can be put in three distinct but closely interrelated categories: namely decentralization, automation, and datafication. 85 See Marcus Buckmann, Andy Haldane and Anne-Caroline H¨ user, ‘Comparing minds and machines: implications for financial stability’ (2021) 37 Oxford Review of Economic Policy 497.

7

THE INFORMATION PROBLEM UNDER FINTECH

211

Together, they render the sector more opaque and effectively show a tendency of moving activity outside the (traditional) regulatory perimeter. In addition to that, asymmetries in capacity between regulators and regulated actors are moving to both extremes, yielding a situation in which regulators are confronted with small players in possession of very little information, but also a ‘David v Goliath’-situation, especially in the context of bigtech. Certainly, these developments bring great challenges to the task of regulators. Because of a widening information gap, regulators will face severe problems meeting their regulatory objectives of consumer protection, financial stability, and market efficiency. Widely reported difficulties not even concerning some of the more recent innovations and technologies suggest that this problem is not just of theoretical nature: For instance, in outreach meetings with the US Treasury, many industry participants from both the financial services and the tech industry indicated that regulators often lack a basic understanding of the technologies employed by fintech firms.86 This for instance includes DLT, where at least in its early stage, many regulators appeared puzzled as to its use and associated risks.87 In the context of cloud computing, according to a recent study by ENISA, almost half of regulators said their knowledge of cloud computing was medium (27%) or poor (18%).88 This impression seems to be shared by industry participants, as some TPP’s stated that ‘[l] l]ots of rules or guidelines, even if written recently, don’t understand how cloud works. This is very frustrating and impedes [bank] customers from using the world’s most innovative platform. There is a disconnect’.89 A Survey conducted by the FSB among major regulators around the globe showed that while most respondents feel proficient in Excel or SQL, their

86 See U.S. Department of the Treasury (n 19 in Chapter 5) 175. 87 Similarly, Tsang (n 20 in Chapter 6) 370. 88 See Rossen Naydenov and others, Secure Use of Cloud Computing in the Finance

Sector: Good Practices and Recommendations. (ENISA 2015). This is further supported by a study by W Kuan Hon and Christopher Millard, ‘Banking in the Cloud: Part 1—Banks’ Use of Cloud Services’ (2018) 34 Computer Law & Security Review 4, 35ff providing further anecdotal evidence and examples for the lack of technical expertise. There seem to be other jurisdictions though where regulators are more sophisticated about IT issues, including Singapore and the USA (see p 35f.). While the expertise on cloud computing is likely to have improved, the fundamental problem is likely to have maintained. 89 See Hon and Millard (n 88 in Chapter 7) 35. This excerpt is also used by Tsang (n 20 in Chapter 6) 369.

212

C. RUOF

competency in coding languages or AI and ML appears rather low.90 While Excel can provide the analytical capability for traditional data and manual processing, it is not capable to handle the quality and quantity of data sets in the current era and hence is no longer a necessary tool.91 A recent CCAF SupTech report corroborates these indicators. According to the report, 63% of authorities collect data through 1G web-based portals or bulk uploads. They collect this data periodically in the form of standard reporting templates.92 Moreover, the data collected in the vast majority of cases needs manual processing and is not machine-readable by default.93 A similar picture is shown when it comes to data processing: A large proportion of regulators appear to still validate data manually through time-consuming and error-prone manual ‘spot checks’ (28%) or spreadsheet-based formula (20%), which are unsuited for working with large datasets.94 On a more general level, multiple of the most recent publications by the FSB further pointed at the existence of data gaps among regulators with respect to fintech and underscored the need to address them.95 Remaining hands-off to these developments will ultimately lead to a growing mismatch between the regulators’ sphere and the actual nature of the financial services sector. Chapter 4 will discuss potential regulatory responses to these challenges.

4

Regulatory Implications

As this chapter has shown, fintech is accompanied by consequential structural shifts of the sector and is giving rise to major informational problems. As a result, regulators face significant challenges which go far beyond filling specific regulatory gaps or rewriting targeted rules in light of new technologies. This part will sketch some of those challenges 90 See FSB, ‘The Use of Supervisory and Regulatory Technology by Authorities and Regulated Institutions—Market Developments and Financial Stability Implications’ (n 69 in Chapter 5) 16. 91 Also ibid 23f. 92 CCAF, ‘State of SupTech Report 2022’ (2022), 36. 93 Ibid. 94 CCAF (2022) SupTech report (n 92 in Chapter 7) 37. 95 See, e.g., FSB (2022) Fintech and Market Structures (n 204 in Chapter 5) and FSB

(2023) DeFI (n 60 in Chapter 6).

7

THE INFORMATION PROBLEM UNDER FINTECH

213

and show how the effects of fintech on the sector exacerbate known limitations and failures of regulatory policy. 4.1

Fintech Challenging Traditional Style and Architecture of Financial Regulation

While the structure of the sector has changed, regulatory approaches in most jurisdictions, at least fundamentally, have not.96 Many regulators adopted a ‘wait and see’ approach in the sense of continuing their work without any substantial changes. This could either manifest in a ‘laissezfaire’ stance, which for a long time could be observed in China97 or a relatively rigorous and inflexible application of existing rules (not designated for fintech), as is the case in some EU countries.98 After the first ‘wait and see’ period,99 many jurisdictions, including the EU or the USA (partly), adopted special frameworks for specific fintech applications100 or opted for a ‘regulation by enforcement’ approach, attempting to achieve the desired outcome by enforcing the existing rules in a specific direction and fashion.101 A few other countries have adopted comprehensive 96 For a comprehensive overview on regulatory stances towards fintech, see Dirk A Zetzsche and others, ‘Regulating a Revolution: From Regulatory Sandboxes to Smart Regulation’ (2017) 31 Fordham Journal for Corporate & Financial Law 31, 47ff. Some of the most important initiatives directed at fintech will be analysed in Chapter 9. 97 Weihuan Zhou, Douglas W Arner and Ross P Buckley, ‘Overseas Law: China’s Regulation of Digital Financial Services: Some Recent Developments’ (2016) 90 Australian Law Journal 297; Zetzsche and others, ‘Regulating a Revolution: From Regulatory Sandboxes to Smart Regulation’ (n 96 in Chapter 7) 50. 98 For a more in-depth discussion of regulatory responses to fintech in the EU, see Deirdre Ahern, ‘Regulatory Lag, Regulatory Friction and Regulatory Transition as FinTech Disenablers: Calibrating an EU Response to the Regulatory Sandbox Phenomenon’ (2021) 22 European Business Organization Law Review 395, 399ff. 99 For instance, EU regulators have long limited their role to the publication of warnings, e.g. with respect to crypto assets. 100 According to a survey by the FSB from 2017, 20 out of 26 surveyed jurisdictions either adopted new rules to specific fintechs or altered existing ones. See FSB, ‘Financial Stability Implications from FinTech: Supervisory and Regulatory Issues That Merit Authorities’ Attention’ (n 6 in Chapter 5) 24f. See further Johannes Ehrentraud, Denise Garcia Ocampo and Camila Quevedo Vega, ‘Regulating Fintech Financing: Digital Banks and Fintech Platforms’ (BIS 2020) providing an overview of regulatory responses to fintech deposit-taking, credit intermediation, and capital-raising. 101 As the case with the SEC’s approach to crypto, beginning from late 2022. On regulation by enforcement in this context, but also more generally, see Chris Brummer,

214

C. RUOF

fintech legislation, above all Mexico with its ‘Fintech Law’.102 Yet, this process is slow and no match for the speed of innovation in the sector. Moreover, financial firms in most jurisdictions are supervised at the entity level and focused on different types of licensed financial institutions. In light of the exploding growth of non-financial institutions performing a diverse set of activities and their growing significance, this approach gives regulators an increasingly smaller picture of the sector.103 Fintech firms also challenge this compartmentalized regulatory structure, regularly blurring the lines between traditional entity types and increasingly between the financial and commercial sector as well.104 As a result, many activities only fall partially within the current sectoral legislation.105 In addition to that, traditionally segregated sectors are converging, often rendering it impossible to draw clear categorical lines between different types of services.106 This causes not only questions of competence among different regulators, but also has substantial legal implications, as the categorization typically determines the substantive regulatory outcome.107 As a result, regulators are in no good position to keep track of and react to novel developments, as their perspective is often confined to their respective silo. At the same time, the unregulated status of firms that is often the result of this also deprives the regulator of its tools that

Yesha Yadav and David Zaring, ‘Regulation by Enforcement’ Southern California Law Review (2023) University of Southern California Law Review (forthcoming). 102 Stefan Staschen and Mehmet Kerse, ‘Is Mexico’s “Fintech Law” Leading a New Trend in Fintech Regulation?’ (CGAP Blog ) < https://www.cgap.org/blog/mexicos-fin tech-law-leading-new-trend-fintech-regulation > . Yet, this law for example does not cover bigtech firms active in financial services. See FSB (2022) Fintech and Market Structures (n 204 in Chapter 5) 15. 103 Notably, in recognition of this problem, some regulators have or are in the process of acquiring regulatory powers over those players by designating them as critical for the financial system. See FSB (2023) Enhancing Third-Party Risk Management (n 147 in Chapter 5) 31 and Annex 2. 104 See also Omarova, ‘Technology v Technocracy’ (n 2 in Chapter 1) 96. 105 See Eugenia Macchiavello, ‘FinTech Regulation from a Cross-Sectoral Perspec-

tive’ in Veerle Colaert, Danny Busch and Thomas Incalza (eds), European Financial Regulation: Levelling the Cross-Sectoral Playing Field (Hart Publishing 2019). 106 See also Saule T Omarova, ‘Dealing with Disruption: Emerging Approaches to Fintech Regulation’ (2020) 61 Washington University Journal of Law & Policy 25, 33. 107 Similarly, Omarova, ‘Technology v Technocracy’ (n 2 in Chapter 1) 81f.

7

THE INFORMATION PROBLEM UNDER FINTECH

215

would normally be utilized to address certain risks.108 This is particularly problematic, forcing regulators to police a much larger and more diverse space, where players typically have a more direct consumer contact potentially heightening the opportunities for abusive, deceptive, fraudulent market conduct and alike.109 Arguably, the peak of this dissonance occurs with respect to some characteristics of DeFi, given that existing regulatory frameworks are designed for a system that has financial intermediaries at its core. As the (alleged) non-existence of intermediaries is the very essence of DeFi, it appears highly difficult for regulator to regulate and supervise this space.110 Moreover, outside the regulatory perimeter, new systemically important players are about to emerge.111 In contrast to traditional ‘Systemically important financial institutions’ (SIFI’s), their significance is rather likely to stem from data dependencies, the provision of critical infrastructure such as cloud services or the development of AI.112 Another type of systemically important player could be emerging among the producer of AI, as while traditional SIFI’s systemic significance is directly founded in their role in the overall economy and the catastrophic consequences for it of their failure, the new SIFI’s significance is primarily a derived one. Given the degree of outsourcing by the ‘traditional’ SIFI’s, they develop a strong technological dependency on these market support providers in a way that their failure would have the potential to cause the failure of traditional SIFI’s and thereby ripple through the real economy. As these types of players, however, mostly do not themselves perform any financial service, their activity and risk profile is predominantly outside of the regulator’s direct purview and control. 108 See also Tsang (n 20 in Chapter 6). 109 See also Omarova, ‘Technology v Technocracy’ (n 2 in Chapter 1) 97. 110 World Bank (2022) Why Decentralised Finance Matters (n 48 in Chapter 5) 12. 111 This in particular includes bigtech players, but also (smaller) TPP’s. On the

growing importance of bigtech, see FSB (2022) Fintech and Market Structures (n 204 in Chapter 5), on that of TPPs see, e.g., FSB (2023) Enhancing Third party risk management (n 147 in Chapter 5). 112 See also Remolina (n 32 in Chapter 6) 7 or World Economic Forum, ‘The New

Physics of Financial Services—Understanding How Artificial Intelligence Is Transforming the Financial Ecosystem’ (n 32 in Chapter 6) 83. With respect to the systemic importance of AI developers, see Nydia Remolina, ‘Interconnectedness and Financial Stability in the Era of Artificial Intelligence’ (2022) Singapore Management University School of Law Research Paper 14.

216

C. RUOF

4.2

Fintech and Regulatory Failure

Second, fintech and the corresponding informational problems bring new facets to established categories of regulatory failures, in particular those of regulatory arbitrage and regulatory capture. This happens due to rising complexity but also due to certain properties of automation and decentralization. Complexity generally raises the risk of regulatory capture when combined with an asymmetry between regulator and industry in capabilities of managing it, thus creating a dependency of the former to the latter. Against this backdrop, the current developments in the sector associated with fintech provide a fertile ground for regulatory capture. Simultaneously, technological innovation (as particularly prevalent in fintech) generally increases opportunities for a process-oriented form of regulatory arbitrage, designing functional equivalents to regulated services by achieving the same outcomes by way of underlying processes that were not anticipated by the regulatory regime.113 Aside from those well-known sources of potential regulatory failure, fintech also presents new channels for regulatory capture and regulatory arbitrage to occur. One important channel through which automation impacts regulatory arbitrage as well as regulatory capture is a behavioural bias, i.e. the ‘automation bias’.114 This means the more autonomous (and complex) an algorithm becomes, the more human beings are prone to simply defer to its outcome without interrogating the underlying process.115 The computer-generated outcome is taken as correct, while contradictory information is disregarded or not being looked for. This tendency is particularly strong where the comprehensibility of the underlying process is difficult and associated with high information costs. Given the complexity of modern algorithms paired with a limited capacity of regulators, conditions for the automation bias seem to be good.116 113 See also Allen, ‘Experimental Strategies for Regulating Fintech’ (n 116 in Chapter 5) 4. 114 See, e.g., J Elin Bahner, Anke-Dorothea Hüper and Dietrich Manzey, ‘Misuse of Automated Decision Aids: Complacency, Automation Bias and the Impact of Training Experience’ (2008) 66 International Journal of Human–Computer Studies 688, 688f. 115 See also Allen, ‘Driverless Finance’ (n 154 in Chapter 4) 176. 116 These preconditions resemble the situation before the GFC, where sophisticated

computer models were used by large banks to determine capital requirements. The

7

THE INFORMATION PROBLEM UNDER FINTECH

217

The first implication of this bias is that it creates obvious risks of regulatory capture. While in the traditional form of regulatory capture the influence of the industry is more direct and regulators take assessments and opinions from the industry as correct, the automation bias adds an additional layer to this. That means, the industry creates algorithms that represent certain opinions and assessments (in coded form) which then— by way of the automation bias—are taken as correct by the regulators. As a result, the bias can be used as a mechanism for private market actors to further their aims. Most importantly, they can exploit the automation bias to avoid (the spirit of) regulation or game regulators—namely regulatory arbitrage. As explained in Chapter 4 part III.4, firms occasionally innovate to embrace complexity in order to gain informational advantages, vis-à-vis regulators. Applied to the context of automation, this would mean that firms may even use the opaqueness of algorithms to deliberately over-engineer and rapidly update the code to (artificially) widen the information gap between them and regulators and ultimately deflect regulatory scrutiny.117 Finally, the greater the information gap, the more regulators are to be subject to the automation bias, and the better the chances are for successful arbitrage. Besides automation, decentralization can also deflect regulatory efforts by way of a different form of arbitrage, which can take place as follows: The widespread trend to outsource activity to third parties can (and is) also be utilized by firms to reduce the regulatory burden. This alone, however, does not yet qualify as regulatory arbitrage because the compliance function is still performed—simply by a different player. However, with the responsibility for that task, the knowledge and expertise about it are shifted away from the regulated entity and correspondingly from regulatory scrutiny.118 Adding further levels of decentralization (i.e. fourth parties and so on) to that picture, it can easily become obscure how and to what extent the compliance outcome is achieved. For the regulator on the other hand, the important part typically is simply that the required function is performed and—at least on the face of it—the desired outcome

outcomes of these models were often accepted by regulator with little to no questioning. See also Allen, Driverless Finance (n 88 in Chapter) 157f. 117 See also Allen, ‘Driverless Finance’ (n 154 in Chapter 4) 177. 118 Importantly though, accountability must remain with the regulated institution.

218

C. RUOF

is achieved. Substantially however, continuous decentralization of regulatory tasks and creating increasingly more layers of parties performing them could deteriorate the quality of the outcome. Hence, in effect, by way of outsourcing financial institution could reach the same outcome as classic regulatory arbitrage: compliance with the letter of the law, while avoiding its spirit.

CHAPTER 8

Conceptualizing a Regulatory Response to Fintech

This chapter develops the core pillars of a regulatory response to fintech against the background of the findings of the previous chapters. It chapter argues that the process of understanding the challenges of fintech, identifying the risks, as well as considering and finding the adequate regulatory response demands an innovative and forward-looking approach based on enhanced participation, decentralization, and experimentation. These principles build the intellectual foundation for a new regulatory structure that is supposed to fulfil this goal and make financial regulation future-proof. This chapter explains how these principles reduce the information deficit by tackling it from different directions: Experimentation holds the promise to increase the overall production of information, improve information gathering, and address (Knightian) uncertainty. Participation draws information from private market actors and other stakeholders into the regulatory process. Lastly, by way of decentralization, the regulator utilizes private market participants’ information advantage and borrows their resources to increase its own capacity and thus seeks to reduce the information gap from the capacity side. Combined, these principles are supposed to reflect a recalibration of the traditional public–private divide and entail elements known from Public–Private-Partnership (PPP) forms of regulation. The chapter continues with two additional, supporting © The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 C. Ruof, Regulating Financial Innovation, EBI Studies in Banking and Capital Markets Law, https://doi.org/10.1007/978-3-031-32971-5_8

219

220

C. RUOF

features that the new regulatory approach should entail: more flexibility for the regulator as well as a strong commitment to technologization. Flexibility is not only necessary to let the Guiding Principles unfold their full potential, but also to effectively translate the informational gains into regulatory output. Meanwhile, technology could play an enabling role in implementing the remainder principles and ultimately make—as will be shown later—the proposal a conceivable solution.

1

The Point of Departure

Before commencing with the quest for a regulatory response, it is first useful to recapture the findings to this point. The point of departure of this study has been that information constitutes the foundation of a functioning regulatory system. It is the key resource for the regulator’s main tasks which is identifying, and mitigating risks associated with activities in the sector. The lack of information or the failure to (effectively) act upon it is a source of regulatory mismatch and can result in regulatory failure. As shown in the previous part of this study, staying informed as a regulator is, for numerous reasons, not an easy task. First and foremost, information originates in the market at private market actors, meaning not rarely far away from the regulator’s purview. As a result, there is an inherent information gap between market actors and the regulator—with the regulator naturally playing the role of ‘following’ activity in the market. Innovation exacerbates this dynamic. By continuously bringing new products or services to the market, regulated actors steadily add to the existing body of information that regulators need to have, steadily rendering the sector as a whole more complex. Meanwhile, old information, which often has been acquired at high cost and effort, becomes irrelevant. While these dynamics are generally symptomatic for the financial services sector, fintech puts them on steroids, exacerbating all dimensions of the information gap. First, key features of fintech have a significant impact on the information dynamics between regulator and market participants: The changing field of players is associated with changes to the information gap that go in different directions. While the emergence of bigtech has the potential to meaningfully widen information gaps, the rapidly increasing number of small fintech players typically have only granular and small amounts of information which can lead to a reduction or in some cases even a reversal of information gaps. The pace of innovation

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

221

as well as velocity of activity and information turnover are jet fuel for the challenges regulators face. In the digital data-driven environment, innovation is occurring faster, quickly entering the market,1 and scaling up at a rapid pace. At the same time, fintech renders the sector significantly more complex, which first of all means an increase of information costs for all market participants. However, regarding those costs, regulators are regularly much less well equipped to deal with. The complexity under fintech is fed by inter alia a decentralization of the market which is corresponded by dispersion of activity and—ultimately—information thereabout. This decentralization takes place largely outside the regulator’s perimeter and in consequence increases information costs. Meanwhile, the trend of outsourcing and fragmentation takes relevant information further away from the regulator by detaching information about an activity from the entity performing it and in effect adding additional layers to the information gap. The automation and datafication underlying a large share of fintech business models introduce a new quality to information in the market that often requires real technological expertise to decipher. The increased use of third-party algorithms similarly adds new layers to the information gap. In aggregate, these shifts are continuously rendering market activity less visible, traceable, comprehensible, and in the end, controllable. Lastly, fintech also significantly increases the amount of unknown information in the sector. This is primarily fuelled by automation, the use of sophisticated algorithms, and machine learning. The more activity is and will be outsourced to algorithms, the more autonomous these algorithms become, the more information will be (and remain) hidden in the ‘black box’ shrouding those activities in (Knightian) uncertainty. Furthermore, in a more dispersed and fragmented market environment, less systemic information will be produced, creating a greater number of unknown information in the market. Several implications can be drawn from the effect of growing complexity and information costs under fintech on the classic methods of information gathering and production.2 First, it means that the existing

1 That is not at least with the help of (other) private market solutions, such as whitelabel banking. See above at p. 124. 2 See above at p. 61ff.

222

C. RUOF

links to financial firms that used to function as main channels for information collection are not able to cover a major share of market activity anymore. Also, given the decoupling of activity and expertise, establishing links to the firms that performs a certain activity does not necessarily help in attaining (sufficient) information about that activity. Besides, the centre of gravity in the sector has changed in a way that significantly increased the complexity of information around activity and associated risks. At the same time, the amount of unknown information and (Knightian) uncertainty rises, while the number of entities potentially producing systemic information declines, creating a void for systemic information. Against this backdrop, a key feature of the following proposal is a greater focus on the production thereof by the regulator.3 While fintech has fundamentally altered the dynamics in the sector, regulatory structures have broadly remained steady. These structures, however, were built on a certain set of propositions that are increasingly undermined in the era of fintech. One of those propositions was that a central regulator consisting of a few well-educated specially trained appointed officials could make the best decisions for the public good.4 The notion was that the powers of the officials were based on their assumed superior knowledge, information, and expertise.5 Over the course of time and multiple innovation cycles, this situation has, however, been turned upside down. Under fintech, the regulator now faces a situation where information is more dispersed, complex, and ‘unknown’, setting the grounds for a steadily growing information gap and regulatory mismatch. At the same time, the public–private divide has been broadly left untouched. The public side (i.e. the regulator) is in pursuit of furthering the public good that manifests in the fulfilment of the known regulatory objectives while the private side keeps innovating, primarily in the pursuit of reaping profits. Thereby, the regulator is the sole locus of power to regulate, and the regulated entities are the passive recipients of orders. Thus, the regulator constantly ‘catching up’ with the market and 3 In a similar direction, (already) Hu, ‘Misunderstood Derivatives’ (n 32 in Chapter 3)

1496 and 1502f and more recently, Hilary J Allen, ‘Resurrecting the OFR’ (2021) 47 The Journal of Corporation Law 1. 4 In the context of the New Deal regulation, see Laurens Walker, ‘The End of the New Deal and the Federal Rules of Civil Procedure’ (1997) 82 Iowa Law Review 1269, 1272. 5 Orly Lobel, ‘The Renew Deal: The Fall of Regulation and the Rise of Governance in Contemporary Legal Tho’ (2004) 89 342, 373.

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

223

reacting to activity therein is implied in this division of roles. This section argues that in light of the propositions of fintech and its informational implications, such a clear division is unfit. Instead, to circumvent detachment between the regulator (and regulation) and the sector, the regulator will need to go beyond responding to private innovation but rather play a catalytic role in addressing change. This chapter, therefore, advocates for a new regulatory approach based on a more cooperative mode of the public–private relationship (or a form of a ‘Public–Private Partnership’ (PPP)) in the regulatory process with the primary objective to increase the level of information on the regulator’s side and better enable it to quickly and effectively to act on information.6

2 A New Regulatory Approach: Rethinking the Public–private Divide This chapter argues that the process of understanding the challenges of fintech, identifying the risks, as well as considering and finding the adequate regulatory response demands an innovative and forwardlooking approach based on enhanced (public–private) collaboration and experimentation. The following principles underwrite a new regulatory structure that is supposed to fulfil this goal and make financial regulation future-proof. This new structure is supposed to reflect a recalibration of the traditional public–private divide and entails elements known from Public–Private-Partnership (PPP) forms of regulation. However, it also deviates from its classic understanding in several ways. This part will give a brief overview of PPP’s and elaborate on those deviations. Compared to the traditional approach, PPP’s in regulation are of more than traditional regulatory structures.7 In their origins, PPP’s have been used in complex government development projects of which the

6 It should be acknowledged that other observers might decide that other goals should take priority and that trade-offs are likely to exist between those and that taken here. Hence, recognizing the narrowness of this perspective, the purpose of this book is to bear down on the informational challenge under fintech. 7 For recent contributions on public–private partnership approaches to financial regulation, see Yang and Tsang (n 161 in Chapter 5); David A Wishnik, ‘Reengineering Financial Market Infrastructure’ (2021) 105 Minnesota Law Review 2379. For a PPP approach to regulation more generally, see Justin (Gus) Hurwitz, ‘Regulation as a Partnership’ (2021) 3 Journal of Law & Innovation 117.

224

C. RUOF

successful execution depended heavily on the private industry.8 Generally, the idea was to commercialize and marketize certain public goods (otherwise and historically undertaken wholly by the public sector) in the hope that they may be more efficiently and innovatively delivered under the involvement of the private sector.9 Theoretically, PPPs allow the government to leverage upon the private sector’s expertise, efficiencies, and innovation capabilities to deliver the public good more effectively.10 PPPs typically involve contracting out a certain set of functions to the private sector and the agreement of a governance structure, including how interactive relations are established, maintained, and implemented.11 At the same time, it is within the responsibility of the public actor to oversee the private activity and ensure the soundness and unbiasedness of regulation. In line with that, the public–private model that is proposed in this chapter similarly envisions a greater involvement of private market participants in delivering the public good (i.e. financial stability) and enabling the regulator to respond to rapid change. In particular, it suggests that the regulator should use the information and knowledge of private market participants, use their innovative powers and resources for the public good, and encourage desirable and beneficial collaboration within the industry. Put differently, the PPP approach is to harness the best of both worlds: private actors’ advantages in access to information and the ability to process them effectively while having a strong regulator in the background that maintains and performs oversight with a particular focus on systemic developments and risks. As opposed to the traditional understanding of PPPs though, the approach as suggested here does not include a withdrawal of the public side from the respective field, but, in contrast, aims for greater involvement of the public in what is commonly understood as belonging more to the private sphere. Namely, regulators should attempt to actively engage in experimentation towards finding solutions to certain problems, think 8 See Hurwitz (n 7) 131. 9 See generally Jeffrey Delmon, Public–Private Partnership Projects in Infrastructure:

An Essential Guide for Policy Makers (Cambridge University Press 2017). 10 Ibid Ch. 1. 11 See Roger M Barker and others, ‘Public–Private Partnerships and the Role of the

Law of Organisations and Governance’, The Law and Governance of Decentralised Business Models: Between Hierarchies and Markets (Routledge 2021) 151ff further elaborating on these elements.

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

225

creatively about how technology as well as private parties can be of help for their tasks, and actively collaborate to that end. This kind of engagement implies a shift from a largely reactive regulatory role to a proactive one, allowing the regulator to also be part of the change, not only in pursuit of it. Overall, this form of a PPP is supposed to entail a shift from both ends of the public–private spectrum towards the other, respectively. Regulation as the output of this structure should not only be the product of state action but rather be the co-product of state and private actors, ideally being superior to that solely delivered by the public sector. The PPP model as described above is building on three theoretical principles forming the intellectual foundation of it, as well as two more practical requirements which fulfil an enabling function for the theoretical principles. In the following, I will elaborate on these principles and requirements and show how they are meant to address the prevailing information gap by improving both elements of the regulatory process, namely the information gathering and the ability to act upon the information. Subsequently, I will discuss potential challenges that the implementation of these principles would bring, in particular, new or amplified sources of regulatory failure and suggest safeguards to mitigate that risk. Figure 1 illustrates this structure. 2.1

Three Guiding Principles Underwriting a New Structure: Experimentation, Participation, and Decentralization

The three Guiding Principles forming the intellectual fundament of the new regulatory approach—experimentation, participation, and decentralization—are largely building on insights developed from New Governance scholarship, also born out of the recognition of the information gap. This section does not attempt to fully outline the body of that scholarship but take and expand on three of its central ideas, which are the most promising in addressing the information gap under fintech.12

12 For a more comprehensive overview of regulatory principles commonly associated

with New Governance, see, e.g., Lobel (n 5) or; Robert Weber, ‘New Governance, Financial Regulation, and Challenges to Legitimacy: The Example of the Internal Models Approach to Capital Adequacy Regulation’ (2010) 62 Administrative Law Review 783. A more recent summary of the body of scholarship can also be found at Tsang (n 138 in Chapter 2) 579ff.

226

C. RUOF

Fig. 1 Components of the PPP model. The PPP model is made of three guiding principles (Experimentation, participation, and decentralization). The light blue layer shows the necessary preconditions/enablers for the PPP model, while the outermost layer captures necessary safeguards (Source Author)

New Governance has emerged in the early twenty-first century and was to offer a new paradigm in regulatory thought, one that is based on the acknowledgement of the importance of non-governmental actors in complex fields of society and the necessity to use these actors’ knowledge and abilities to build up a more effective governance regime.13 Accordingly, it promotes diverse forms of collaboration and cooperation of

13 Lobel (n 5) 438.

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

227

private actors and public regulators. The term New Governance captures a large variety of more concrete regulatory approaches, including ‘responsive regulation’,14 ‘meta-regulation’,15 “soft law”,16 ‘self-regulation’,17 ‘iterative regulation’,18 ‘negotiated rulemaking’,19 and more.20 What all these approaches have in common, though, is a shift away from traditional ‘command and control’-style regulation towards a more reflexive and cooperative form of governance.21 While New Governance was discussed in the context of a broad and diverse spectrum of the realms of regulation—such as health law,22 internet regulation,23 environmental

14 Ian Ayres and John Braithwaite, Responsive Regulation: Transcending the Deregulation Debate (Oxford University Press 1992); John Braithwaite, Restorative Justice & Responsive Regulation (Oxford University Press 2002). 15 Bronwen Morgan, ‘Regulating the Regulators’ (1999) 1 Public Management: An International Journal of Research and Theory 49. More general, Baldwin, Cave and Lodge (n 134 in Chapter 2). 16 Kenneth W Abbott and Duncan Snidal, ‘Hard and Soft Law in International Governance’ (2000) 54 International Organization 421. 17 For example, Darren Sinclair, ‘Self-Regulation Versus Command and Control? Beyond False Dichotomies’ (1997) 19 Law & Policy 529. For a refined version of this concept, applied to the financial sector, see Saule T Omarova, ‘Wall Street as Community of Fate: Toward Financial Industry Self-Regulation’ (2011) 159 University of Pennsylvania Law Review 411. 18 James D Cox, ‘Iterative Regulation of Securities Markets After Business Roundtable: A Principles-Based Approach’ (2015) 78 Law and Contemporary Problems 25. 19 Philip J Harter, ‘Negotiating Regulations: A Cure for Malaise’ (1982) 71 Georgetown Law Journal 1. 20 For a more comprehensive overview, see Tsang (n 138 in Chapter 2) 581. Also Ford, Innovation and the State (n 30 in Chapter 2) 92ff. 21 See also Annelise Riles, ‘Is New Governance the Ideal Architecture for Global Financial Regulation’ (2013) 31 Monetary and Economic Studies 65, 81. 22 Louise G Trubek, ‘New Governance and Soft Law in Health Care Reform’ (2006) 3 Indiana Health Law Review 139 or Nan D Hunter, ‘“Public–Private” Health Law: Multiple Directions in Public Health’ (2007) 10 Journal of Health Care Law & Policy 89. 23 David R Johnson and David Post, ‘Law and Borders—The Rise of Law in Cyberspace’ (1996) First Monday.

228

C. RUOF

law,24 or transnational corporate law25 —the application to financial regulation is more recent.26 Most scholarship in this context has been produced in the years around the GFC being substantially focused on securities regulation.27 Often, contributions in that field were promoting a more principles-based or self-regulatory regime and advocated some sort of industry participation in the regulatory process.28 In any context, New Governance approaches at their core have always (at least partly) meant to be a response to complexity and great information asymmetries between regulators and regulated entities.29 Not least, that is what makes New Governance also relevant for the design of a regulatory response to the challenges posed by fintech. 2.1.1 The First Theoretical Foundation: Experimentation The first and most important pillar of responding to the information gap under fintech is regulatory experimentation.30 It represents the key principle driving the production of information and hence increasing

24 Bradley C Karkkainen, ‘Adaptive Ecosystem Management and RegulatoryPenalty Defaults: Toward a Bounded Pragmatism’ (2003) 87 Minnesota Law Review 943; Marc Allen Eisner, ‘Corporate Environmentalism, Regulatory Reform, and Industry SelfRegulation: Toward Genuine Regulatory Reinvention in the United States’ (2004) 17 Governance 145. 25 For example, Stephen Bottomley, ‘From Contractualism to Constitutionalism: A Framework for Corporate Governance’ (1997) 19 Sydney Law Review 277. 26 Prominent scholars in this field are inter alia Cristie Ford, Saule Omarova, Anelise Riles and Robert Weber. 27 So, for instance, Cristie L Ford, ‘New Governance, Compliance, and Principles-Based Securities Regulation’ (2008) 45 American Business Law Journal 1. 28 See in particular contributions of Julia Black and Cristie Ford, e.g. Julia Black, Martyn Hopper and Christa Band, ‘Making a Success of Principles-Based Regulation’ (2007) 1 Law and Financial Markets Review 191; Ford, ‘New Governance, Compliance, and Principles-Based Securities Regulation’ (n 27). 29 Among others, Tamara Belinfanti, ‘Shareholder Cultivation and New Governance’ (2014) 38 Delaware Journal of Corporate Law 789 or Ford (n 27) 38. As one prominent New Governance scholar, Robert Weber, puts it ‘In the face of dizzying complexity, the tools and methodologies of traditional regulation begin to appear arbitrary.’ (Weber [n 12] 868). 30 The importance of experimentation in financial regulation has recently gained significant attention in various contexts in the literature. See, for example, Conti-Brown and Wishnik (n 54 in Chapter 3); Awrey and Judge (n 147 in Chapter 2); Allen, ‘Experimental Strategies for Regulating Fintech’ (n 116 in Chapter 5).

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

229

the level of information with the regulator. At the same time, it holds the promise to draw external knowledge into the state apparatus. While its main emphasis lies on continuous learning, it also acknowledges the inevitable incompleteness and elusiveness of information. That is, it implements the insight that even with improved information mechanisms, the regulator can’t have enough knowledge ex-ante for designing (if existing) the perfect rulebook. The Idea Experimentation as proposed here has two dimensions, namely a trialand-error approach to regulation itself, and the design of an experimentalist structure in regulation. Regarding the former, regulation itself should be viewed as a constant practice of experimentation.31 The goal is to incorporate change as a natural feature of regulation, without compromising the stability of the system.32 This means that rules for market players should be subject to ongoing assessment and (subsequently) revision in light of new information. Especially in a dynamic environment that constantly produces new information, regulatory action is necessarily temporary and must be constantly adjusted as future situations might require. Fintech further stresses this point given the increasing prevalence of disruptive innovations that can contain utterly new risks and therefore make these risks insufficiently covered by existing rules. At the same time, structural changes are taking place that can render underlying assumptions on which current rules had been written outdated. As shown before, under fintech, complexity and the level of Knightian uncertainty rises, challenging the regulator even more in reaching the usual threshold of certainty before taking action. In addition to that, the new dynamics in the market also create more uncertainty around the impact of new regulations, raising the risk of unintended consequences and side effects.33 The traditional model, however, rests on the assumption that is possible to know ex-ante what the best rule will be to address a certain problem

31 This element is also being advocated for by Awrey and Judge (n 117 in Chapter 2) 2348ff. 32 In a similar direction Teresa Rodriguez de las Heras Ballell, ‘The Layers of Digital Financial Innovation: Charting a Regulatory Response’ (2020) 25 Fordham Journal for Corporate & Financial Law 381. 33 On unintended side effect of rules, see above at Chapter 4, Sect. 2.3).

230

C. RUOF

or risk, which often translates into comprehensive cost–benefit analyses.34 It views regulation more as a ‘single-shot’ game,35 which typically has its peak after a crisis or a scandal, but tends to be rather inactive when things are going well. While in some contexts this approach might be warranted,36 when it comes to fintech, it makes regulation prone to be outpaced by the sector and ultimately fuels regulatory mismatch. Hence, this principle seeks to initiate a departure from this and views regulation as a dynamic process that constantly improves with experimentation and an ongoing exercise of acquiring and implementing (new) information.37 Secondly, the regulatory architecture should be structured in a way to enable and promote experimentation. This structural dimension of experimentation is based on what Charles Sabel and William Simon termed ‘experimentalism’. In this concept, the basic constituents are a ‘centre’ and a set of ‘local units’.38 It is set up as a hub-and-spoke model, with the local units functioning as experimentation labs, typically with some amount of local discretion, that constantly report to the hub aggregating information and translating these findings into an overarching set of regulatory requirements. Hence, regulatory responses on the highest level would follow and be informed by a recursive process of revision based on learning from the comparison of alternative approaches.39 In this way, parallel experiments can be taking place, amplifying the benefits of experimentation on the local level, while a clearinghouse-style regulator oversees

34 On the CBA, see above at p. 97 and fn. 415. On the frictions of applied CBA with regulatory innovation and experimentation, see Hilary J Allen, ‘Regulatory Innovation and the Permission to Fail: The Case of Suptech’ (2023) 19 New York University Journal of Law & Business 237, 296f. 35 See also Awrey and Judge (n 117 in Chapter 2) 2352. 36 That is, for example, when it comes to the regulation of SiFis. Here, the regulator

deals with a set of legacy institutions, which do not display the same level of dynamism. At the same time, the costs of ‘getting it wrong’ are typically far greater, which justifies a more thorough and static rulemaking process. 37 Charles F Sabel and William H Simon, ‘Minimalism and Experimentalism in the Administrative State’ (2011) 100 Georgetown Law Journal 53, 60ff. 38 Ibid 79. 39 Charles F Sabel, Jonathan Zeitlin and David Levi-Faur, ‘Experimentalist Governance’,

The Oxford Handbook of Governance (Oxford University Press 2012) and Conti-Brown and Wishnik (n 54 in Chapter 3) 649.

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

231

the local units.40 Ideally, this hub-and-spoke architecture is set up in a way that stimulates a race-to-the-top style competition between the different ‘spokes’ in finding the best regulatory solution to certain challenges.41 Experimentation as a Stimulus for Information Production (How it Addresses the Information Gap) Experimentation functions as the main way of learning and producing (new) information.42 It does so by not relying on assumptions and hypotheses, but instead by compiling hard evidence from real-world observations. While, for instance, in medicine it is the common practice to use trials to see if a drug is safe and effective, in the financial services sector it is mostly absent as a policy tool.43 However, also in this context, they are promising policy tools for addressing the information problem. Namely, experimentation at the local units helps to learn and get information about the private market actors participating in the experimentation. In contrast to the blind application of a static rulebook, experimentation with regulation requires a thorough understanding of the underlying risks and therefore encourages the development of expertise. In this way, experimentation stimulates the production of (new) information. It builds on a process of enacting regulation, followed by feedback, review, and incorporation of lessons into future regulation and the corresponding process.44 In that process, it induces actors to engage in investigation, discussion, and deliberation about problems and potential solutions.45 The hub-and-spoke architecture—in contrast

40 See also Ford, ‘New Governance, Compliance, and Principles-Based Securities Regulation’ (n 27) 30. 41 Competition often constitutes another key principle of New Governance scholarship. See, for instance, Lobel (n 5) 373. 42 Experimentation as a policy tool has been discussed by many scholars from diverse fields, see, e.g., Sunstein, ‘Cost–Benefit Analysis and the Knowledge Problem’ (n 50). Generally e.g. Abhijit V Banerjee and Esther Duflo, Poor Economics: A Radical Rethinking of the Way to Fight Global Poverty (PublicAffairs 2011) or Francesca Dominici, Michael Greenstone and Cass R Sunstein, ‘Particulate Matter Matters’ (2014) 344 Science 257. 43 A notable exception of this is regulatory sandboxes, which will be scrutinized below in Chapter 9, Sect. 3. 44 Similarly, Conti-Brown and Wishnik (n 54 in Chapter 3) 648. 45 Sabel and Simon (n 37) 81.

232

C. RUOF

to regulatory monoculture46 —would further enhance these effects, as it allows for testing different solutions on a small scale simultaneously. The beneficial effects of experimentation can be particularly large when facilitating an early engagement with innovators. By doing so, the regulator could aim for a synchronized development of regulation and innovation. Small fintech firms could grow under close supervision and with the timely development of a solution, e.g. once a before unknown risk becomes apparent. The local units of the regulatory apparatus could be more specialized than one central entity allowing for more ground knowledge concerning the entities they are interacting with, which is not only a good basis for a more fruitful dialogue but also could use this knowledge to attract players in the proximate shadow of those entities into the experimentation zone of that unit. Yet, information production by way of experimentation also comes with a risk. As experimentation is based on a before-after assessment, it may not control for certain confounding variables.47 This can lead to wrong conclusions where the observed outcome is simply not fully understood. That risk has to be kept in mind when conducting experiments. Furthermore, parallel to the medical domain, it could be mitigating by doing randomized control trials.48 Furthermore, as in an experimental setting, rules are not static, information can be timely rewarded in the form of finding entrance to an update of regulation. In environments with rapid change and high levels of uncertainty, information production through experimentation is particularly advantageous over other (common) means of information production which primarily rely on retrospective expertise development. A reason for this is that the nature of problems in these types of environments is typically different. They often have little to do with past experiences, which raises the uncertainty around them, making the pursuit

46 For potential dangers and downsides of regulatory monoculture and harmonization, see also Richard Bronk and Wade Jacoby, ‘Uncertainty and the Dangers of Monocultures in Regulation, Analysis, and Practice’ (Max Planck Institute for the Study of Societies 2016) MPIfG Discussion Paper 16/6. 47 See also Sunstein, ‘Cost–Benefit Analysis and the Knowledge Problem’ (n 50 in Chapter 2) 14. 48 Ibid. Randomized controlled trials for policy evaluation is also being proposed by e.g. Banerjee and Duflo (n 42).

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

233

for a solution especially controversial.49 Provided a well-designed incentive structure in its concrete implementation, experimentation can utilize the creativity and innovation power of private entities to address these problems, and more broadly, for the public good. That is one reason why experimentalist regimes are especially well-suited for areas that are characterized by Knightian uncertainty. Even where solutions are not found and the goal of the experimentation is not reached, the regulator benefits from the learning process and builds expertise, generally putting them in a better position to deal with (non-solvable) uncertainty. In the context of fintech, it seems most beneficial to focus experimentation activity on small start-ups—to date unregulated entities—and those firms which build their service around highly sophisticated algorithms, where the largest information deficits exist.50 These actors also tend to lack heavily entrenched legacy systems making them more flexible and adaptable to innovative regulatory approaches. At the same time, with smaller firms, the downside costs of failure, an inherent part of experimentation, are typically limited.51 At the same time, however, experimentation has an inherent microprudential bias, as its focus is lies primarily on the individual innovator firms. Hence, the generation of macroprudential information needs to be predominantly ensured by way of the remaining principles. Experimentation in Practice On a broader level, experimentation is—sometimes more sometimes less—part of a large number of regulatory architectures. That is, every federal state displays in some way the hub-and-spoke architecture described above.52 In the context of the USA, Justice Brandeis famously referred to states as ‘laboratories’ for democracy, where policies can be

49 See also Conti-Brown and Wishnik (n 54 in Chapter 3) 649. 50 See above at Chapter 7, Sect. 2. 51 The other side of the coin is that experiments might be more difficult to conduct in large established markets with entrenched systems. Herein lies a limitation of information generation by experimentation, as these entrenched markets often happen to be a significant source of systemic risk. Information generation in these markets needs to primarily take place in different ways, 52 Notably, having this architecture in place does mean it is used for the purpose of experimentation.

234

C. RUOF

tested without putting the country as a whole at risk.53 Notably, the scope of experimentation in the states differs between industry sectors, as the regulation of some sectors is (primarily) with the competence of the federal government.54 While the structure of the EU could be named as another example for this architecture, it additionally applies a light form of the first dimension of experimentation. More specifically, in the rulemaking process governing EU financial regulation (the socalled Lamfalussy process55 ), it is provided that four-yearly reviews of framework laws take place, which is supposed to guarantee that earlier assumptions are constantly revisited. This represents (though on a very small scale) the idea that laws are temporary and have to be constantly reviewed in light of new information. Moreover, the Lamfalussy process requires the EU law-making authorities to be in constant exchange with the Level 3 committees, which consist of the domestic regulators of the Member States. Those ‘nodes’ are supposed to constantly share information and evaluate implementation, while the EU authorities function as a central node reviewing and managing the information flow.56 In line with the argument here, the Lamfalussy process was also introduced with the purpose of adjusting the EU rulemaking process to an increasingly dynamic environment. However, as already becomes clear looking at the intervals of reviews, roughly two decades later it seems this purpose is not met anymore. Instead, in the era of fintech, a new Lamfalussy moment might be warranted. 2.1.2 The Second Principle: Participation The first Guiding Principle that is supposed to underwrite a new regulatory approach is (enhanced) private participation in the regulatory process.

53 Ford, Innovation and the State (n 30 in Chapter 2) 197. 54 This is, for example, the case for environmental regulations, which are mainly codified

under Title 40 of the Code of Federal Regulations. 55 This process was first introduced in 2001, when the EU endorsed the proposals of the so-called Lamfalussy Report (ESMA, ‘Final Report of the Committee of Wise Men on the Regulation of European Securities Markets’ [ESMA 2001]). 56 See also Weber (n 12) 848 on the New Governance aspect of the Lamfalussy process.

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

235

The Idea The principal idea behind participation is to enhance access to local knowledge. Concerning the major share of information in the market, private entities are the producers. Thus, integrating these entities in the decision-making holds the promise to draw information directly from the source into the regulatory process. In a highly decentralized and heterogenous environment that is evolving under fintech, the level of expertise and knowledge required for understanding and overseeing this environment is increasingly beyond an agency’s capacities. Local knowledge and context-specific microprudential risk information are types of information that originate far from the regulator’s purview, especially in the fintech environment. Given the fragmentation of activity taking place in fintech,57 the decision-making process in regulating also needs broadening, giving a greater role to non-state actors in the informationgathering and expertise building process.58 Aside from the process of designing regulation, participation could also take place at other stages. Theoretically, it could permeate all stages of regulation and supervision that are currently in the responsibility of state actors. This includes inter alia legislation, the promulgation of rules, implementation of policies, and enforcement.59 The concrete level of participation has to be decided in the individual context, taking into account the respective limitations and risks.60 On the abstract level, the decisive factor is always whether and to what extent the private sector has an advantage vis-à-vis the regulator and if that advantage can be utilized by the regulator to further the public good. How Participation Addresses the Information Gap (Drawing Knowledge from the Source) The key promise of participation is to draw local knowledge and information from the shadows into the regulatory process. From the perspective of private entities, the prospect of greater participation could incentivize them to seek dialogue and cooperation with the

57 See in particular above at Chapter 6, Sect. 2. 58 See also Lobel (n 5) 373. 59 See also ibid. The sharing of responsibility in the day-to-day supervision will be dealt with in greater detail in the subsequent section. 60 This will be discussed in greater detail in Chapter 10, Sects. 2 and 3.

236

C. RUOF

regulator. This appears to be particularly important given the growing number of small players that grow outside the regulatory radar, which could be attracted in that way. Hence, participation could import knowledge in the regulatory process, while at the same time reducing the amount of unobserved activity in the sector. What gives this objective even more significance in fintech though, is the quality of information that currently is (at least) partly hidden in the shadows. As described above,61 small tech companies increasingly take over back-office functions and other parts of the value chain. This activity is typically highly technologized and automated and often those small entities are deeply interconnected among each other, making them particularly complex and hard to understand for regulators. Without the participation of those entities and access to their knowledge, managing this complexity is presumably not within the regulator’s capabilities. As participation is likely to establish a more cooperative and less adversarial relationship between regulators and private entities, the latter will presumably be more inclined to provide information and offer expertise, as opposed to seeking to preserve it at all cost to avoid public intervention.62 Moreover, participation is not only likely to increase incentives to share information but might also stimulate the production of information.63 Bringing together a diverse set of stakeholders with different viewpoints and a different set of information can create synergies that exceed the mere addition of each parties information. This is especially important against the background of increasing fragmentation of information under fintech, and even fewer parties being in a good position to produce systemic information.64 Furthermore, firms are more inclined to resolve known unknowns when that information can be put to use, i.e. being incorporated in a process of mutual problem-solving. Hence, diverse participation could potentially also provide the missing incentive for the production of certain types of information. 61 See Chapter 6, Sect. 2. 62 See also Weber (n 12) 843. More comprehensively and with regard to the phar-

maceutical sector Daniel P Carpenter, Reputation and Power: Organizational Image and Pharmaceutical Regulation at the FDA (Princeton University Press 2010). 63 For example, Martha Minow argues that private party involvement always stimulates the generation of new knowledge, see Martha Minow, ‘Public and Private Partnerships: Accounting for the New Religion’ (2003) 116 Harvard Law Review 1229. 64 See above at p. 159ff and 197ff.

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

237

Participation furthermore holds the promise to address the dialectic problem, which constitutes another driver of complexity.65 Every attempt to regulate in a unilateral command-and-control manner will inevitably result in regulatees seeking and finding new ways to get around those rules, potentially creating the necessity for another set of new rules. By way of participation of regulatees in the regulatory process, this vicious cycle can be broken.66 Effectively integrating affected parties, the regulatory process can become one of mutual problem-solving and discovery. A mutually agreed-upon solution typically enjoys a higher perceived legitimacy among regulatees, as they helped to inform it, eventually (co-) designed, and presumably agreed to it.67 This higher legitimacy typically reduces the likelihood that regulatees will defect from that regulation.68 Since some fintech innovations are often associated with arbitrage activity69 and the shifts in the sector under fintech appear to provide increasingly good conditions for it,70 this would be another important advantage of a more participatory approach in regulating fintech. Who Should Participate? With regard to the question of who should be included in the regulatory process, the decisive factor has to be the amount and quality of information the respective party can potentially offer. To reduce the information gap, the main interest of the regulator is to gather as much information and pool as much expertise as possible. In addition, it is important to diversify information and expertise in order to create synergies and

65 See above at p. 58f. 66 See also Omarova, ‘Wall Street as Community of Fate: Toward Financial Industry

Self-Regulation’ (n 17) 433. 67 For example, Weber (n 12) 842f. 68 According to socio-legal research, regulations that are perceived as legitimate typically

enjoy a higher compliance rate. See, e.g., Ayres and Braithwaite (n 14) 113. 69 As, for instance, in the case of some forms of fintech credit or ICOs. See above at p. 137ff. 70 As discussed earlier, the main reasons for this being above all the increasing complexity, technologization and the growing information asymmetry between regulators and regulatees.

238

C. RUOF

prevent information monopolies.71 Against that backdrop, scholars in New Governance have been advocating for not only including regulated institutions in the process, but also other stakeholders or experts. Ayres and Braithwaite, for instance, developed a model of so-called ‘tripartism’ where the circle of participation in the regulatory process is extended to also include third parties, in particular public interest groups.72 Apart from additional expertise, these public interest groups are supposed to incentivize further cooperation between industry and regulators as well as prevent regulatory capture.73 Meanwhile, Omarova views the mandated creation of a non-governmental organization group to include in the regulatory process rather impossible in the context of the financial services sector.74 She, on the other hand, advocates for the creation of an independent council of experts as a third-party stakeholder in the regulatory process, which should consist of inter alia academics, public figures, representatives, or consumer advocates groups. Aside from diversifying and adding information sources, this council of experts should, according to Omarova, function as a public interest watchdog in the regulatory process.75 While more information is theoretically always desirable, this does not directly apply to the number of participants. Rather, there is a trade-off between quantity, diversity, and quality of information/expertise, on the one side, and functionality and capture risks, on the other side. The regulator should still be the ultimate controller of the information and ensure a flexible and efficient regulatory process, which is in jeopardy if too many parties become involved in it. In the context of fintech, a council, as proposed by Omarova, would be in an especially good position to support the regulator in the production of systemic information. It could maintain

71 Meaning that there is only one supplier of a certain type of information or expertise, bearing the risk that this monopolist is able skew/frame the information for its own advantage. 72 See Ayres and Braithwaite (n 14) 54ff. 73 In their book, Ayres and Braithewaite refrain from clearly saying who is supposed

belong to these public interest groups. Rather, they advocate for to identify on an ‘arenaby-arena’ basis the group best able to represent, respectively contest the public interest (ibid 58f). 74 Omarova, ‘Wall Street as Community of Fate: Toward Financial Industry SelfRegulation’ (n 17) 488. 75 Ibid 489.

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

239

a bird-eye view over the sector, while not (primarily) having to deal with microprudential issues. In contrast to the regulator, it could have the privilege of only dealing with broader developments in the sector. It would also have the incentive to produce systemic information with a view to the public good, which market participants typically lack.76 Furthermore, it would be particularly important to integrate more tech expertise into the regulatory process. This could come from such a council, as well as from the market participants themselves. Especially extending participation to those actors that are currently operating mostly off the regulator’s radar would be fruitful from an informational perspective. This includes in particular developers/suppliers of algorithms and market support services that come rather from the tech than from the finance side.77 Putting these different stakeholders together in a collaborative setting could hence improve the production of systemic information, address black-boxes (or other known unknowns), and help to develop a clearer macro-picture of the sector as a whole. Participation in Practice An oft-cited example of this mantra having been put (partly) to use is the IRB under the Basel II accords. The June 2004 Basel II Capital Accords were a transnational agreement among regulators on the regulation of banks.78 It established a set of high-level principles which were the outcome of a lengthy consultative process between the BCBS and representatives from the industry, national regulators as well as other stakeholders.79 Furthermore, it acknowledged the information advantage of the industry and the disadvantage of regulators in adequately assessing the risks of regulated institutions.80 Consequently, under Basel II, banks 76 That is, if there are no mechanisms in place altering those incentives, so that the primary drive of all corporate activity is the pursuit of profits. 77 See above at p. 149ff. 78 BCBS, ‘International Convergence of Capital Measurement and Capital Standards—A

Revised Framework’ (BIS 2004). 79 Those consultation documents in advance to Basel II can be found at https://www. bis.org/bcbs/bcbscp3.htm. For example, a list of all parties who submitted comments on the third consultative paper can be found at BCBS, ‘The New Basel Capital Accord: Comments Received on the Third Consultative Paper’ https://www.bis.org/bcbs/cp3 comments.htm. 80 See also Ford, ‘New Governance in the Teeth of Human Frailty: Lessons from Financial Regulation’ (n 134 in Chapter 4) 460f.

240

C. RUOF

were allowed to adopt their own estimated risk parameters for the calculation of risk-weighted assets within the agreed-upon standards. Hence, it directly relied on financial institutions to generate key inputs for their own regulation.81 Yet, the Basel II model was no success.82 As it turned out, while being compliant with Basel II, banks build up unprecedented levels of leverage, which overall generated immense risk in the sector.83 In the end, this was primarily attributed to the lack of scrutiny in the information provided by banks as well as regulatory capture.84 While this certainly presents an important lesson for enhanced industry participation,85 it does not make a case against it per se—quite the opposite: Arguably, the problem was that participation did not go far enough. More specifically, it did not extend participation wide enough to get the necessary quantity, quality, and diversity of information.86 This general lack of knowledge under Basel II was paired with a prevailing information gap between participating entities on one side and the regulator on the other. The regulator took information from a limited number of sources without adequate scrutiny (neither by itself nor a third party), providing the regulated entities with the power to ultimately control the process. Furthermore, it aimed primarily at preserving

81 A similar approach was adopted for shadow banks under the (voluntary) CSE program, giving leading shadow banks in the US the same leeway to assess their capital reserve levels as banks under Basel II. See ibid 488. 82 See above at pp. 222 and 227. 83 In the case of the UK, for example, the Independent Commission on Banking found

that ‘This constraint was still in place in the run-up to the crisis. But the average risk weight attributed to UK banks’ assets had roughly halved since 1988 to around 33% by 2008. (With hindsight it would appear that as risk weights were decreasing, risk was in fact mounting.) So, the 8% minimum capital ratio translated to leverage of 35–40 × in terms of total assets. And because some of this 8% was met with non-equity forms of capital which proved unable to bear losses, real leverage was higher still.’ (Independent Commission on Banking, ‘Interim Report - Consultation on Reform Options’ (2011) 18. 84 See Ford, ‘New Governance in the Teeth of Human Frailty: Lessons from Financial Regulation’ (n 134 in Chapter 4) 461f. 85 The risks of regulatory capture of herein developed approach will be discussed in greater detail below. 86 In the same direction: Weber (n 12) 855 and 863f and; Tsang (n 138 in Chapter 2) 594f.

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

241

the solvency of the regulated institutions, meaning it had a strong microprudential focus.87 Solely relying on industry information regarding their internal risk was, therefore, no sound attempt of enhanced participation in the first place—neither with regard to the circle of participants, nor to the type of information that was gathered. 2.1.3 Decentralization The third pillar of a regulatory response to the information gap is decentralization, which has been a recurring theme throughout this study.88 While the context differs—be it as part of an economic theory, a business model, or a Guiding Principle—the different notions of decentralization are closely connected to each other. First, there is the Hayekian observation that information is decentralized, i.e. dispersed among a countless number of market actors. No single actor in the market—neither a regulator nor a private entity—can possess all the information necessary to govern effectively, let alone all information in general. While this observation predated fintech by many decades, it has gained traction and is now arguably more important than ever. Information is more dispersed than before, and high information costs constitute barriers for actors to acquire information, in particular for a centralized regulator. New Governance scholars share the observation that generally a centralized regulator is often too far detached from the details of the daily process and the local information to govern in an informed way.89 Private actors, on the other hand, often have a relative advantage in terms of access to that information, given their proximity to the source of information.90 In the era of fintech, where a lot of information is being produced outside the scope of the regulator, this trend becomes more severe. Hence, decentralization constitutes a clear threat to the top-down regulatory model. For this reason, the regulator needs to adapt to this new environment. That is, the regulator can use decentralization as a mechanism for bringing in a 87 See also Omarova, ‘Wall Street as Community of Fate: Toward Financial Industry Self-Regulation’ (n 17) 440f. 88 For decentralization as part of the New Governance scholarship, see for example Lobel (n 5) 381ff or Sabel and Simon (n 37) 79f. 89 See, e.g., Ford, Innovation and the State (n 30 in Chapter 2) 127ff with further references. 90 See above at p. 53ff. Also Omarova, ‘Wall Street as Community of Fate: Toward Financial Industry Self-Regulation’ (n 17) 433.

242

C. RUOF

broader range of knowledge and capacity from the private side in order to bridge the information gap and improve the regulatory process. This challenges the dogma where the state is the only locus of power and replaces it with a collaborative model in which the state harnesses private sector capacity to serve public goals.91 The Idea Similar to experimentation, the principle of decentralization has multiple dimensions. The first dimension to a certain extent mirrors the corresponding shift in the market. It suggests that the regulator should outsource certain tasks concerning gathering and processing of information to private market participants. While ‘experimentation’ and ‘participation’ were to enhance the information level of the regulator by integrating private parties in the process, on this dimension, decentralization tackles the other part of the information gap equation, i.e. the information processing capacity element. More specifically, having acknowledged the relative advantage of the market in this context, the regulator could seek ways to tap the processing capacity of private companies and thereby harness their information advantage. Furthermore, private actors could also be given certain tasks in enforcing regulation as well as in day-to-day supervision, thereby functioning in specific contexts as ‘outposts’ of the regulator. Here, once again the proximity of the frontline entity and relative expertise advantage could yield efficiency gains. While from a regulator’s perspective performing these tasks typically requires a relatively large amount of resources, leveraging the private sector capacity only would only cost the regulator the price of the leverage itself.92 However, in this context, it needs to be cautiously scrutinized which tasks are reasonably suited for being subject to outsourcing. Whereas in tendency technical aspects of supervision as well as supporting or background tasks are typically less sensitive, the core of regulation and supervision would need to stay the sole responsibility

91 Ibid 428. 92 See generally, William E Kovacic and David A Hyman, ‘Regulatory Leveraging:

Problem or Solution?’ (2016) 23 George Mason Law Review 1163 (discussing private sector leveraging).

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

243

of the regulator.93 Ultimately, financial regulation is and needs to remain a public responsibility, since it is not least the public side that is accountability for the case of regulatory failure. Aside from that, outsourcing may bring a number of risks as well as potential sources of conflicts and ultimately can be a source of regulatory failure on its own.94 Somewhat implicit in this decentralization of tasks is a decentralization of the regulatory structure, away from a monolithic enterprise towards an architecture that encompasses several local units with a certain level of discretion. Broadly, this structure has already been described under the second dimension of experimentation.95 In addition to what has been said there, such local units can be used for additional purposes—from solving a specific regulatory issue, to attracting a certain type of (probably unregulated) service. The locally produced information by those units would subsequently be transferred to a central regulator, functioning as a type of clearinghouse for the information from diverse sources. Finally, there is another inspiration that regulation can take from the sector. As shown above, outsourcing does not only take place to TPPs but also machines, i.e. algorithms. These can and should also play a central role in the regulatory response to fintech.96 Algorithms have the potential to significantly improve information gathering and processing while avoiding some of the problems that are associated with outsourcing these tasks to industry players.97 How Decentralization Addresses the Information Gap (Leveraging the Private Sector Information Advantage and Capacity) Just like participation, the idea of decentralization in regulation draws on the acknowledgement of the value of private information and the relative advantage of private parties in terms of information costs and

93 What concrete functions and tasks could be subject to outsourcing will be further discussed in the remainder of this book. See especially at 4.a.3) and 4.c.1) and 2). 94 See below at Chapter 8, Sect. 2.4. 95 See above at p. 213ff. 96 The role of technology in a regulatory response to fintech will be discussed in further

detail below. 97 Those risks will be dealt with at Chapter 8, Sect. 2.4).

244

C. RUOF

processing capacity. In an increasingly dynamic and complex environment that constantly yields new forms of high-tech innovation, reliance on the state as the single source of information gathering/processing and regulatory power appear inappropriate. Under those circumstances, a monopolistic regulator is not likely to handle the tasks of managing the constant flow of information that is produced in this environment and to timely translate this information into regulation. Decentralization in contrast utilizes the principle of subsidiarity, maintaining that tasks are typically best executed at the level closest to their effect, respectively, to the source of information.98 A decentralized structure with local, more specialized units would meet this standard, while at the same time pooling technical expertise and achieving a certain level of homogeneity in the unit which would contribute to aligning the interests of all participants towards a common goal. This in turn is an essential component of successful experimentation and collaboration.99 Decentralization utilizes the information advantage private parties have vis-à-vis the regulator, significantly reducing the costs of collecting and processing the information. The closer and more similar the business model of the respective entity or the more contact points exist, the more likely that it possesses the means and expertise to process and understand the information—resulting in smaller information costs compared to the regulator. Consequently, their enhanced experience with the industry and its participants could help shorten the information-gathering process and enhance decisional efficiency and contextualization of information.100 Concerning fintech, regulators could especially benefit from utilizing those that are most familiar with the newest technologies, such as AI, ML, or DLT.101 This could be an important mechanism for acquiring (and making sense of) information about entities and activity outside the regulator’s radar. The regulator could use (regulated) entities as a gateway to small fintech firms and technology-based market support services currently operating in the shadows and use their capacity to gather and process information about them. Private market actors are 98 See also Lobel (n 5) 382. 99 See also Omarova, ‘Wall Street as Community of Fate: Toward Financial Industry

Self-Regulation’ (n 17) 479 or Riles (n 21) 101. 100 See also Yang and Tsang (n 161 in Chapter 5) 388. 101 Yadav and Brummer (n 183 in Chapter 5) 304ff are also advocating for some of

decentralized regulation for fintech.

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

245

however only one part that should be utilized for the purpose of gathering and processing information. Similarly important, the same technology that underlies a lot of fintech can take on certain (repetitive) regulatory tasks while also helping gather information from entities.102 Moreover, they are a key factor in enhancing processing capacity without which a reduction of the information gap cannot be reached. Decentralization along the way promotes the other two principles, participation and experimentation.103 A decentralized approach gives much more space for experimentation, as it can use the different units in the structure to test and learn and thereby heavily enhances its benefits. By expanding the regulatory territory, it can include yet to be integrated players into the process, enhancing participation. Outsourcing certain tasks can significantly enhance the power and effectiveness of financial regulation even under budget constraints. Moreover, it frees up resources inside the regulator that can be put to more effective use. As a central aggregator and manager of (externally gathered) information, the regulator could focus more on the macro-picture and the production of systemic information and the promotion of the other two principles. Decentralization in Practice Just like participation, decentralization (to varying degrees and forms) is not lacking real-world examples. In the financial sector, decentralization has been in different forms a well-known practice. For instance, the Basel II regime, which was used as an example for participation above, also entails elements of decentralization. That is, the capital requirements under Basel II (to a large extend) allowed financial institutions to use their own risk assessment models to calculate their risk. The idea behind that approach was to utilize the private sector’s information advantage and creative powers to improve the quality of regulation. However, as stated above, that approach failed. The major problem with the decentralization of responsibility in that context was that it outsourced regulation to the affected entity itself, i.e. constituted a form of self-regulation. The conflict of interest thereby created was not properly controlled by the regulator. It failed to establish external controls or credible enforcement but relied

102 This will be further dealt with below in Sect. 2.3) of this chapter. 103 Lobel (n 5) 382.

246

C. RUOF

heavily on the calculations given by the industry. In the end, this encouraged risk-taking, especially in unconventional business areas, ultimately contributing to the systemic shocks underlying the GFC.104 Another prominent example from the financial sector is the case of self-regulatory organizations (SROs), where this particular conflict of interest is not prevalent.105 Self-regulatory organizations have long been an important element of financial market regulation in the US, especially in the context of securities regulation.106 Securities SROs, such as the Financial Industry Regulatory Agency (FINRA) or stock exchanges (e.g. NYSE), are given significant oversight responsibilities by the regulator (in the US context the SEC) and are supposed to ensure the integrity of the securities market and sound conduct of market participants.107 This regulatory model represents a private–public partnership implementing the principle of responsibility-sharing and outsourcing: The state regulator functions as the guardian regulator overseeing the SROs and is equipped with intervention powers108 while having outsourced resource-intensive tasks to SROs, thus functioning as the ‘frontline regulator’.109 In this model, the SROs are designated private entities owing their existence primarily to their given oversight and regulatory functions. They also do not (only) enforce and supervise state regulations, but also create (most of) their rules.110 FINRAs rulebook for example includes detailed rules

104 See Adrian Blundell-Wignall and Paul Atkinson, ‘Thinking beyond Basel III: Necessary Solutions for Capital and Liquidity’ (OECD) Volume 2010 – Issue 1. 105 On SROs on their role between being an industry organization and fulfilling government tasks, see, e.g., Roberta S Karmel, ‘Should Securities Industry SelfRegulatoryOrganizations Be Considered GovernmentAgencies?’ (2008) 14 Stanford Journal of Law, Business & Finance 151. 106 On the history of self-regulatory organizations in US securities regulation, see Marianne K Smythe, ‘Government Supervised Self-Regulation in the Securities Industry and the Antitrust Laws: Suggestions for an Accommodation’ (1984) 62 North Carolina Law Review 475. Interestingly, despite the decades-long experience with this model in the securities sector, it has yet never been tried in the banking sector. 107 See Omarova, ‘Wall Street as Community of Fate: Toward Financial Industry SelfRegulation’ (n 17) 464f. 108 The SEC’s authority to oversee and regulate SRO’s is laid down in the Securities Exchange Act of 1934. That is, the SEC can inter alia inspect the SROs or channel regulatory mandates directly through the SRO infrastructure. See ibid. 109 Ibid 465f. 110 For example, Armour and others (n 7 in Chapter 2) 545f. The rulemaking process

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

247

on the communication of broker-dealers with their customers, the safeguarding of customers’ funds, bookkeeping, disclosure of information, and more.111 While the regulatory model of SROs is deeply rooted in the post-crisis paradigm and has arguably enjoyed a relatively good reputation, it is also not free of critique. In particular, commentators often point to the conflict of interest, here with respect to their function as regulator and profit-seeking private market participant, for which credit rating agencies in the GFC make an illustrative example.112 Other commentators raise more fundamental questions about their efficacy and effectiveness as private regulators.113 Not least, securities exchanges have been critiqued for taking a too lax approach to supervision and enforcement in some cases.114 Overall, as most compellingly shown by the failure of Basel II, blind reliance on the private side to perform its delegated task is prone to failure. Rather, it has to be cautiously assessed what types of tasks can be better performed by private entity and which in contrast have to remain in the public sphere. Similarly, the concrete level of regulatory involvement, ranging from excessive micromanagement to no mere oversight of the operations, has to be thoroughly calibrated. While the former is resource-intense and hence offsets some of the benefits of decentralization, the latter risks backsliding into a regulatory capture and heavy dependence on the industry.115 In a next step, the regulator has to ensure the incentives are aligned and conflicts of interest are properly managed. To ensure this,

of the FINRA for example can be seen at FINRA, ‘FINRA Rulemaking Process’ https:// www.finra.org/rules-guidance/rulemaking-process. 111 The FINRA rulebook can be accessed at https://www.finra.org/rules-guidance/rul ebooks/finra-rules. 112 See, e.g., Jonathan R Macey and Maureen O’Hara, ‘From Markets to Venues: Securities Regulation in an Evolving World’ (2005) 58 Stanford Law Review 563, 583. For the role on credit rating agencies in the emergence of the GFC, see John Patrick Hunt, ‘Credit Rating Agencies and the “Worldwide Credit Crisis”: The Limits of Reputation, the Insufficiency of Reform, and a Proposal for Improvement’ (2009) 2009 Columbia Business Law Review 109. 113 Karmel (n 105). 114 See, e.g., Yesha Yadav, ‘Oversight Failure in Securities Markets’ (2019) 104 Cornell

Law Review 101. 115 This will be dealt with in greater detail in Sect. 2.4.1 of this chapter.

248

C. RUOF

there must be a robust framework with a strong regulator, in whose shadow the frontline regulators operate.116 2.1.4 Summing up a New Collaborative Approach So far, this chapter has outlined three abstract principles that should underwrite a regulatory response to the information gap under fintech. They reduce the information by tackling it from different directions: Experimentation holds the promise to increase the overall production of information, improve information gathering, and address (Knightian) uncertainty. Participation draws information from private market actors and other stakeholders into the regulatory process. Lastly, by way of decentralization, the regulator utilizes private market participants’ information advantage and borrows their resources to increase its own capacity and thus seeks to reduce the information gap from the capacity side. What underlies all these principles is that they all emphasize the importance of learning. Learning is promoted by multiple factors across those three principles, including: acknowledging the elusiveness of temporary information, bringing together diverse actors and viewpoints, eroding the boundaries between the public and private sphere, encouraging decentralized experimentation, installing effective communication channels with the help of technology, and more. Given the dynamic developments in the sector and the challenges that fintech brings, learning is a key requirement for effectively pursuing the regulatory objectives. Thereby, the three principles are to facilitate learning in multiple forms.117 First, regulators enhance their knowledge about new technologies and innovations in the sector as well as broader aspects, such as interconnections and structural developments in the sector. At the same time, they facilitate regulatory learning. This refers to developing knowledge on what regulatory tools are best suited to address what kind of risks and what possible side effects are or could be. Furthermore, the three principles hold the promise to reduce the undesired sort of learning which is the learning of

116 In a similar vein, Neil Gunningham and Joseph Rees, ‘Industry Self-Regulation: An Institutional Perspective’ (1997) 19 Law & Policy 363, 400. 117 Relatedly, also in New Governance scholarship, several commentators have identified and distinguished between different layers of learning. See, e.g., Lobel (n 5) 397 (citing Pieter Glasbergen, Learning to Manage the Environment, in DEMOCRACY AND THE ENVIRONMENT: PROBLEMS AND PROSPECTS 175, 176 [William M. Lafferty & James Meadowcroft eds., 1996]).

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

249

private market actors how to circumvent regulatory structures. By way of constant engagement, short revision cycles, mutual problem-solving, and experimentalism, collaboration has the potential to change the repeated game dynamic between regulators and regulated actors but make the game a mutually beneficial one. 2.2

Flexibility

While the prior section has outlined three principles that are supposed to improve the production of the regulatory substance, the principle of flexibility touches the part of information gathering as well as that of acting upon information. It is not only necessary to let the Guiding Principles unfold their full potential, but also to effectively translate the informational gains into regulatory output (i.e. to effectively act-upon them). That is, simply raising the information level is not of little help—the regulatory framework also needs to be able to incorporate new information on a timely basis.118 This in turn creates the need for flexibility in the formulation, application, and revision of regulation. Failing to do so risks resulting in chronically outdated regulation and drive the regulatory mismatch. Ultimately, especially in fast-changing environments, any system that seeks to survive over the long-term must entail flexibility and evolvability as primary design considerations.119 This section will continue by making the case for the increased use of principles (as opposed to rules) to achieve this goal. It will begin with discussing the unfitness of the traditional (rules-based) model before showing how a shift towards principles can provide the needed flexibility while simultaneously addressing several other challenges associated with fintech. Importantly, it will also argue that the flexibility that principles provide is necessary to create the space in which beneficial experimentation can take place.

118 Referenced in Hu, ‘Swaps, the Modern Process of Financial Innovation and the Vulnerability of a Regulatory Paradigm’ (n 12 in Chapter 3) 405. 119 See also Ruhl (n 31 in Chapter 3) 574.

250

C. RUOF

2.2.1 The Rigidness of the Status Quo The typical form of regulation in the financial services sector is a relatively prescriptive ex-ante rule.120 These rules often contain clear requirements for when they apply (trigger) and the response thereby elicited, leaving only little flexibility for the decision-maker (i.e. typically the regulator).121 Naturally, the rigidness in the legal framework also shapes the level of supervision, which follows the pattern of regulation. Rules are typically drafted in a formalized process and reflect the information level of the drafter at that moment of time.122 Consequentially, however, two problems arise: First, in such a process, the drafters of rules are invariably afflicted by temporal constraints and knowledge gaps which undermine their ability to predict side effects of the rule and ultimately its ability to meet its purpose.123 Second, even assuming a high level of informedness, in dynamic environments, no one is able to foresee future developments, which necessarily sooner or later renders the rule anachronistic. Indeed, rules can be adapted. As soon as new information comes up that the drafter (regulator or policymaker) deems sufficient to warrant a change of the rule, a new process can be started at the end of which a new (adapted) rule stands. This might come with certain advantages, since rule adaption is typically thorough and hence constitutes a natural barrier to overhasty decisions. While the exact amount of time this process takes highly varies depending on the jurisdiction and the specific circumstances of the case, it is generally cumbersome and resource-intensive.124 The process typically involves extensive discussions, cost–benefit analysis, and a relatively high level of certainty concerning the solutions it is about to offer. In addition, it often needs to go through different chambers and usually does not directly come into effect once it is passed. Surely, in certain industries, this approach can be appropriate. For instance, where change is slow, but the impact is big when it occurs, reacting by carefully 120 See above at p. 47f. 121 See also Awrey, ‘Complexity’ (n 31 in Chapter 3) 275. 122 For examples in the US context, see Awrey and Judge (n 117 in Chapter 2) 2319. 123 See above at p. 47f. Also, Awrey, ‘Complexity’ (n 31 in Chapter 3) 277. 124 On the slowness of the EU process, see, e.g., Wolf-Georg Ringe and Christopher Ruof, ‘Regulating Fintech in the EU: The Case for a Guided Sandbox’ (2020) 11 European Journal of Risk Regulation 604, 617f. For the US, see Awrey and Judge (n 117 in Chapter 2) 2315f.

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

251

drafting a response can be the right approach. In the financial services sector, however, this is not the case. While the sector has always been dynamic, pushing this approach to its limits, the pace of innovation and the new level of complexity under fintech finally render it unfit. In highly dynamic environments, this approach creates unavoidable problems of under- and over-inclusiveness and ultimately is prone to lead to a steady detachment of the regulatory framework from the reality in the sector.125 In addition, the rule adaption in the traditional system is often not (fully) oriented at its necessity but rather has a tendency to come in cycles due to the political economy of regulation.126 It is also linked to the phenomenon that regulatory changes are often packaged together (i.e. a number of changes are passed together as one bill). Furthermore, the nature of rules is itself problematic in light of the challenges of fintech. Firstly, rules are never perfectly congruent with their purpose, but rather inevitably under-inclusive (failing to capture behaviours that should be included) or over-inclusive (capturing behaviours that should be excluded).127 This is particularly problematic given the new diversity that fintech brings to the sector. As in the past, innovation came predominately from incumbents and often contained known elements from previous innovations, it was arguably easier to put it in the existing framework. Fintech, on the other hand, consists of a new level of heterogeneity and ‘disruptive’ innovations, making this exercise much more difficult. In extreme cases, the good sense of the rule can be swept away before its value is appreciated.128 Moreover, the rules-based approach tends to fuel complexity, as it encourages regulatory arbitrage, as the bright-line character of rules is making them easier to game.129 That is due to the bright-line character of rules, making them easier to game. Furthermore, the slow adjustment process is maximizing the profits of arbitrage activity. Additionally, while new rules are added

125 For the problems of the EU regulatory framework on robo advice in specific, see Ringe and Ruof (2021) Regulatory challenges (n 113 in Chapter 5). 126 See above at p. 67f. 127 See, e.g., Black, Hopper and Band (n 28) 194. 128 Lawrence G Baxter, ‘Adaptive Financial Regulation and RegTech: A Concept Article

on Realistic Protection for Victims of Bank Failures’ (2016) 66 Duke Law Journal 567, 594. 129 See above.

252

C. RUOF

to the framework, old rules often stay in place, leading to a layeringon of rules on rules—each to deal with a new situation/addressing a new problem.130 The result of this is a steadily growing rulebook which becomes increasingly difficult to obey for market participants and to apply for regulators.131 From an informational perspective, this is highly undesirable. Not only does it introduce additional information costs for both regulators and market participants, but it is also likely to create an adversarial relationship between regulators and regulatees, making the latter less inclined to share information.132 2.2.2 The Case for More Principles The goal is hence, to build regulatory structures that are capable of adapting and reacting to constant and fast change, which as I argue here, can be achieved through a well-calibrated move towards the use of principles.133 A move towards the greater usage of principles would entail a shift in terms of statutory construction towards the articulation of desired outcomes.134 The identification and articulation of those principles would depend on the desired outcome (i.e. for instance minimization of a risk) and ultimately root in the regulatory objectives of the respective regulator. Broadly, the promises of principles often are the mirror image of the downside of rules.135 Principles can respond organically to new developments in the market while allowing for swift adjustment in light of new 130 See also Ford, ‘New Governance, Compliance, and Principles-Based Securities Regulation’ (n 27) 60. 131 See also above at p. 92f with further references. 132 See Baxter (n 128) 595. 133 From the (broad) literature on principles-based regulation in the context of financial markets, see in particular Pierre Schlag, ‘Rules and Standards’ (1985) 33 UCLA Law Review 379; Awrey (n 12 in Chapter 3); Black, ‘The Rise, Fall and Fate of Principles Based Regulation’ (n 149 in Chapter 2); Ford, ‘New Governance, Compliance, and Principles-Based Securities Regulation’ (n 27); Daniela Weber-Rey, ‘Latest Developments in European Corporate Governance in Light of Better Regulation Efforts’ in Stephen Weatherill (ed), Better Regulation (Hart Publishing 2007) and Cunningham (n 143 in Chapter 2). From a law & economics perspective, see Kaplow (n 146 in Chapter 2). In the context of fintech, they are (in different forms) advocated for by Omarova, ‘Technology v Technocracy’ (n 2 in Chapter 1) e.g. on p 108 or by de las Heras Ballell (n 32) 418f. 134 Awrey, ‘Complexity’ (n 31 in Chapter 3) 282. 135 For a summary of the (old) rules-principles-debate, see, e.g., Schlag (n 133). A

comprehensive enumeration of the pros & cons will not be part of this book. Rather,

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

253

information.136 Principles are formulated on a higher level of abstraction than rules, which allows them to (better) capture future unanticipated developments.137 In the application of a principle, the regulator typically enjoys greater discretion and can more easily deviate from prior practices. This is mainly what gives a principle its key benefit that is flexibility.138 This flexibility is not only important in light of new information about existing market participants, but also the emergence of new actors. As opposed to rules, a principle typically has a much wider potential scope of application and can hence be more easily applied to new business models. Importantly, for making the three Guiding Principles developed above truly fruitful, flexibility becomes more a precondition than a goal. That is first because a regulatory structure based on these principles would enhance information flows and potentially uncover unknowns, which need to be addressed in a timely fashion. Second, in particular, decentralization and participation are supposed to attract fintech firms from the shadows which are likely to not fit into bright-line rule categories. Moreover, a decentralized regulatory approach harnessing local knowledge and responding to the decentralization and diversification in the market requires a level of flexibility that rules can barely offer. More importantly, flexibility is necessary to make experimentation work. In contrast to principles, bright-line rules inherently only provide a relatively small corridor in which experimentation can take place. The trial-and-error approach and the constant adjustment cycle that is associated with experimentation are, therefore, not compatible with the typically slow process of rulemaking and adaption. Under principles, diverse models and methods to achieve the set standard can compete to find the best approach. Moreover, the regulator can directly translate new findings and information into its regulatory practice without the need to go through the formal procedure. Without the power to make quick and significant adjustments, private actors partaking in the experimentation have little incentive to participate, stifling the positive effects of the whole exercise. Meanwhile, on the level of individual staff of the regulator, the discretion and responsibility that this part will look at the discourse from an informational perspective and discuss aspects relevant in that context. 136 See also Armour and others (n 7 in Chapter 2) 550f. 137 On different levels of abstraction and openness of principles, see, e.g., Moses (n 46

in Chapter 4) 270ff. 138 See also Awrey, ‘Complexity’ (n 31 in Chapter 3) 278.

254

C. RUOF

would come with flexibility are likely to enhance incentives for building up expertise and educating oneself.139 Another important argument for principles that derive from their flexibility is durability in the face of changing circumstances.140 While this benefit is far from new, it gains additional weight in light of the dynamic that fintech brings. Their durability makes principles (and the corresponding regulatory practice) less prone to lose touch with market reality, in effect lowering the risk of regulatory mismatch. This advantage is particularly strong in the face of high complexity. Here, it becomes increasingly impossible to regulate every detail of the market and more reasonable to revert to what regulation is ultimately supposed to achieve.141 The combination of flexibility and durability further makes principles also more difficult to game. Given their typically high level of abstraction, compliance with the principle is more congruent with complying with its spirit than this is the case with a rule.142 Principles thereby reduce the prospects of success and hence the incentive for market participants to engage in socially wasteful regulatory arbitrage.143 Conversely, they can lead to a greater degree of desirable creative compliance, as they require firms (in cooperation with regulators) to think of

139 See Gailmard and Patty (n 3 in Chapter 1) 38ff. 140 See Awrey, ‘Complexity’ (n 31 in Chapter 3) 278 or; Julia Black, ‘Forms and

Paradoxes of Principles-Based Regulation’ (2008) 3 Capital Markets Law Journal 425, 616f. 141 In the words of Andrew Haldane, former chief economist at the Bank of England: ‘[a]s you do not fight fire with fire, you do not fight complexity with complexity. Because complexity generates uncertainty, not risk, it requires a regulatory response grounded in simplicity, not complexity’. See Andrew G Haldane and Vasileios Madouros, ‘The Dog and the Frisbee’ (31 August 2012) Speech by Mr Andrew G Haldane and Mr Vasileios Madouros at the Federal Reserve Bank of Kansas City’s 366th economic policy symposium, ‘The Changing Policy Landscape’. 142 See Awrey, ‘Complexity’ (n 31 in Chapter 3) 278; Armour and others (n 7 in Chapter 2) 550f. 143 Black, Hopper, and Band (n 28) 191. Research in financial services, but also other fields (e.g. accounting, health, criminal law), shows that whether a rule is designed as a detailed rule or a broad principle has a significant effect on the response to it. See, e.g., Colin S Diver, ‘The Optimal Precision of Administrative Rules’ (1983) 93 Yale Law Journal 65; Robert Baldwin, Rules and Government (Clarendon Press; Oxford University Press 1995); Doreen McBarnet and Christopher Whelan, ‘The Elusive Spirit of the Law: Formalism and the Struggle for Legal Control’ (1991) 54 The Modern Law Review 848.

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

255

effective ways to comply.144 This leads to another potential benefit of principles—they provide the foundation and impetus for dialogue. Given their high level of generality, they place the onus on the parties to communicate their respective intentions completely and precisely in order to reach a common understanding.145 Concurrently, a shift towards principles would address the adverse relationship that is typically associated with bright-line rules approach. It would furthermore reverse the aforementioned trend of ever-growing rulebooks.146 A smaller number of principles is likely to be easier to handle for market participants (and regulators) and increase supporting their willingness to cooperate.147 2.2.3 Downsides of Principles Yet, principles do not come without drawbacks. First, their biggest promise is simultaneously their biggest weakness: with their flexibility comes at least on the outset vagueness and a lack of precision.148 While a rule certainly also does not equate precision,149 the gap between the principle and the individual case it is applied to is clearly wider and therefore requires more effort to be bridged. An absence of precision can undermine predictability and regulatory certainty, which ultimately stifles innovation and can lead to frustration and evasive behaviour on the side of market participants.150 Relatedly, it is argued that due to the uncertainty around the compatibility of a certain activity with a stipulated principle, regulated firms are more concerned about error costs.151 This can in turn lead to what Julia Black calls a ‘chilling effect’, in which entities adopt a conservative interpretation of the principle.152 From an informational perspective, this does not seem desirable, as this would undermine the

144 Black, Hopper and Band (n 28) 195. 145 See Schlag (n 133); Armour and others (n 7 in Chapter 2) 550. 146 See above at p. 92f. 147 See also Black, Hopper and Band (n 28) 195. 148 See also Awrey (n 12 in Chapter 3) 278. 149 Impreciseness of a rule can for instance stem from technical language or high

complexity. See, e.g., Black, Hopper and Band (n 28) 194. 150 See Cass R Sunstein, ‘Problems with Rules’ (1995) 83 California Law Review 953,

958. 151 Black, Hopper and Band (n 28) 195. 152 Ibid.

256

C. RUOF

experimentation objective and stifle the production of useful information. Another risk that is often associated with principles-based approaches is ‘regulatory creep’, which describes the abuse of discretion that principles typically confer to the regulator.153 According to the idea of regulatory creep, principles can be used by the regulator to extend its scrutiny into areas that are normally not covered by its mandate, ultimately pushing its jurisdictional boundaries. However, this risk is simply the other side of the coin of flexibility. Against the background of the fintech-inherent dynamic of the sector, the potentially broad and flexible scope of application can be quite desirable, making this characteristic rather a feature than a bug. 2.2.4 A More Nuanced View This discussion has shown that principles entail some benefits that make them appealing in the era of fintech, when it comes to dealing with the information gap caused by fintech’s dynamics. However, it is important to note that there is no one-size-fits-all-solution. The above-mentioned benefits of principles are not overarching, meaning, that they are not always more preferable than rules in the whole sector and any given context. Neither should the rule-principle dichotomy be perceived as two discrete and alternative concepts, but rather as different points on a spectrum.154 Whereas the previous discussion had a strong focus on the aspect of flexibility, which carries a lot of weight in light of the challenges of fintech, there are also contexts where the desirable solution lays somewhere closer to the rule-end of the spectrum.155 One way to frame this desirability is in the relative costs that the design of the rule/principle and its application involves.156 In that sense, Louis Kaplow has posited that rules are costly ex-ante since their content must

153 Ibid 198. 154 Ford, ‘New Governance, Compliance, and Principles-Based Securities Regulation’

(n 27) 8f; Frederick Schauer, ‘The Convergence of Rules and Standards’ (2003) 2003 New Zealand Law Review 303. 155 See also Diver (n 143). 156 See Kaplow (n 146 in Chapter 2) 559f; Awrey (n 12 in Chapter 3) 279f.

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

257

be already filled when they are written, while principles are costly expost as their content is rather filled in the process of application.157 From that follows that the choice between rules and principles should primarily come down to the frequency with which a particular problem arises.158 In often-recurring situations, detailed rules can facilitate quick processing of a large number of cases, while ensuring consistency of interpretation and application by a large number of different employees.159 According to the cost perspective, rules should be used whenever economies of scale offset the ex-ante costs associated with determining the content of the rule.160 Of particular importance in that context is the relatively clarity and steadiness from the informational basis, so that the rule can be welltailored to address the risk at hand, avoiding over- or undershooting. In contrast, exceptional or unusual situations should be governed by principles. Notably, this framework remains empirically untested161 and criticized by some commentators for being (over-) simplified, not taking into account all relevant costs162 which is why it should be approached with caution. Yet, it is useful for finding a starting point on the ruleprinciple spectrum, from which then all other context-specific aspects, arguments, and respective risks have to be considered and weighed. Applied to the era of fintech, which is characterized by a dynamic market environment with a high level of diversity, this framework would generally support the use of principles. Once a certain type of product or service has matured and the regulator has gathered a sufficient level of knowledge about it, it can transition to a more rules-based regime.163

157 Kaplow (n 146 in Chapter 2). 158 Ibid. 159 Black, Hopper and Band (n 28) 195. 160 Kaplow (n 146 in Chapter 2) 577. 161 Similarly, Awrey (n 12 in Chapter 3) 280; Ford, ‘New Governance, Compliance, and Principles-Based Securities Regulation’ (n 27) 39. 162 See Ford, ‘New Governance, Compliance, and Principles-Based Securities Regulation’ (n 27) 39 outlining in particular two points that Kaplow fail to consider, importantly ex-ante costs of rule specification in environments with serious information deficits. Here, the assumption that a recurring situation implies fewer overall costs of a rule does not hold. 163 Similarly, Chris J Brummer and Daniel Gorfine, ‘Fintech—Building a 21st-Century Regulator’s Toolkit’ (Milken Institute Center for Financial Markets 2014) 7f.

258

C. RUOF

2.2.5 Principles in Practice The most prominent reality test that principles-based regulation underwent was in the UK before the GFC. The Financial Services Agency’s (FSA) move towards principles-based regulation in the securities area started in 2001, replacing a big share of its detailed rules with short high-level and outcome-oriented requirements.164 Those principles were typically filled with guidance and often formulated in concert with the industry.165 After the financial crisis, however, principles-based regulation became a lightning rod for public criticism, stemming mainly from a perception that it had institutionalized the FSA’s ‘light touch’ approach towards supervision and enforcement.166 This brings another risk to the fore: Principles make it easy for the regulator to hide incapacity to understand innovation and as a result conveniently cede the field to private players. In other words, principles-based regulation shall not become deregulation through the backdoor.167 The case of the FSA is further illustrative of another failure: to foster interpretive communities to kickstart the information production process to yield the true potential of a principles-based approach.168 Whether or not that deregulatory effect was to some extent desired back in that time,169 the core problem of the FSA was its lack of staff and resources which (among other things170 ) made 164 Ford, ‘New Governance, Compliance, and Principles-Based Securities Regulation’ (n 27) 14f. Between 2002 and 2005, for example, the shift from rules to (more) principles relating to listed companies reduced the length of the rules by 40% and added six listing principles plus guidance. 165 Ibid 15. 166 Armour and others (n 7 in Chapter 2) 549. For a more comprehensive account

of the (potential) failures of the FSA’s approach, see, e.g., Ford, ‘New Governance in the Teeth of Human Frailty: Lessons from Financial Regulation’ (n 134 in Chapter 4); Julia Black, ‘Paradoxes and Failures: “New Governance” Techniques and the Financial Crisis: “New Governance” Techniques and the Financial Crisis’ (2012) 75 The Modern Law Review 1037. 167 See Ford, Innovation and the State (n 30 in Chapter 2) 213f. Also, Omarova, ‘Wall Street as Community of Fate: Toward Financial Industry Self-Regulation’ (n 17) 428. 168 Awrey (n 12 in Chapter 3) 290. 169 Which might have been due to the competition among regulators at that time. 170 Potential other reasons could include a suspiciously high turnover of FSA staff with

regulated entities, very limited direct contact with bank executives, and a adherence to a belief in the self-correcting nature and optimality of free and unfettered financial markets prior to the crisis. See, e.g., Ford, ‘New Governance in the Teeth of Human Frailty: Lessons from Financial Regulation’ (n 134 in Chapter 4). (esp. p. 464) or FSA (n 87 in

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

259

it fail to acquire sufficient expertise and stand as an effective counterweight to regulated actors.171 To avoid becoming deregulating in effect, any principles-based regime should clearly delineate well-crafted principles and—similarly important—actually enforce them.172 Perhaps most importantly, as principles confer more discretion to the regulator, more resources and expertise are needed to soundly implement and enforce them.173 With the knowledge on the promises of principles-based regulation the potential shortcomings of prescriptive rules with the novel challenges of fintech, it suggests that the time is ripe to incorporate the lessons of the past and aim for a new and better attempt. 2.3

Harness Technology

As shown in the previous chapters, the arrival of the fintech era brings a variety of challenges for financial regulation. Yet, fintech also brings a number of opportunities, one of which is the possibility to use the technological tools that underlie fintech to upgrade regulation and supervision. Just like the shifts in the sector are largely driven by technology, so too should the change in financial regulation. That is not only because of the need for levelling the playing field, but also as technology could hold the potential of playing another key role in the decentralization of financial regulation and supervision. As of now though, while the use of modern technology and sophisticated algorithms in the sector is thriving, the potential thereof on the side of the regulator has not nearly been reached yet.174 This subsection will elaborate further on the pressing need for technologization and its potential for addressing the challenges presented by fintech and discuss how technology could enable the effective implementation of the Guiding Principles. Chapter 2). 171 Cristie L Ford, ‘Principles-Based Securities Regulation in the Wake of the Global Financial Crisis’ (2010) 55 McGill Law Journal 257, 261. 172 Omarova, ‘Wall Street as Community of Fate: Toward Financial Industry SelfRegulation’ (n 17) 433 and Black, Hopper and Band (n 28) 199. 173 This will be further discussed below in Sect. 2.4.1.2 of this chapter. 174 Simone di Castri and others, ‘The Suptech Generations’ (BIS 2019) 14. Compre-

hensively, Emily Jones and Peter Knaack, ‘The Future of Global Financial Regulation’ (University of Oxford 2017).

260

C. RUOF

2.3.1 The Necessity of Technologization The first argument for ramping up technologization derives from the change in the sector. That is, financial regulation needs to adapt to the nature of the industry it seeks to regulate. A digitized and highly automated environment cannot be regulated and controlled in an analogue fashion.175 If an industry is developing and applying new technologies at a rapid pace, a regulator who fails to adapt will ultimately find itself losing control of that industry. Hence, the regulator needs to adapt to the digitization of activities of regulated entities.176 Also, in a context where the regulated service is run in a fully automated fashion, there might not be room for intervening manually which also creates a necessity to adapt to the sector. Whereas in the past, the necessity of human action for the implementation of decisions or execution of contracts provided the opportunity to ad hoc intervene, automation often closes this window.177 In this case, in order to retain the power to intervene, it becomes necessary to consider ways of automating regulation and/or its execution in order to address the otherwise inevitably growing regulatory lag.178 The same argument applies for instance where the industry applies ML solution to huge datasets: In order to scrutinize these datasets and understand the algorithm, the regulator needs to develop its own tools capable of dealing with that amount of data.179 Moreover, technology provides the means to build up and run a decentralized architecture, where the regulator can get data from the nodes in an instant fashion and monitor the individual units in real-time.180 Given the increasing number and diversity of players, digitization becomes a

175 To quote Hilarly Allen, relying on traditional approaches to ensure regulatory objectives would be the ‘regulatory equivalent of bringing a knife to a gunfight.’ See Allen, Driverless Finance (n 88 in Chapter 5) 160f. 176 See also di Castri and others (n 174) 2f. 177 This issue is further described by Allen, Driverless Finance (n 88 in Chapter 5)

37ff. 178 See, e.g., Allen, ‘Driverless Finance’ (n 154 in Chapter 4) 180f and Allen (2023) Suptech (n 34) 244. See also Bagby and Packin (n 29 in Chapter 4) 153f further arguing that technology-induced progress in regulation is still a relatively under-utilized resource. 179 Similarly, Allen (2023) Suptech (n 34) 244. 180 This infrastructure and the technology behind it will be described in further detail

below in Chapter 9, Sect. 4.1).

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

261

necessity for maintaining oversight and control over the proposed architecture and the sector more generally.181 The digital infrastructure should encompass all market participants and should in particular establish stable links between the regulator and other participants in the regulatory process—especially the ‘nodes’ which function as the links to firms still off the radar. These links should enable the regulator to draw data and information directly from the entity and, if needed, to directly intervene in the firm’s operation. Conversely, the nodes should be able to report findings (e.g. from experimentation) on a real-time basis. Once links and information exchange channels are established (between all relevant participants), regulatory experimentation can function as a data-collecting mechanism and carry out data-driven and empirical-based regulation in a timely fashion.182 Another key area for the application of technological solutions is the processing of data and information. However, the mere generation of data and information—especially in these extreme amounts—does not directly translate into knowledge and expertise. Between these two stages, information needs to be filtered, analysed, processed, and summarized, in which—realistically—technology and in particular algorithms need to play a key role.183 Ideally, these algorithms would be in some way integrated into the information gathering entities (e.g. ‘nodes’ or other regulated entities) to ensure seamless and direct processing. The unprecedented quantity of data is, however, not only a challenge but also a chance for the regulator. Just like fintech firms, the regulator should use the promises of innovative technology to automate processes and utilize the unprecedented magnitude of data.184

181 See also Toronto Centre, ‘SupTech: Leveraging Technology for Better Supervision’ (2018) 8. 182 See also Tsang (n 20 in Chapter 6) 374. 183 See also Dirk Broeders and Jermy Prenio, ‘Innovative Technology in Financial

Supervision (Suptech) – the Experience of Early Users’ (BIS 2019) 8f. 184 There are examples of other agencies that already make comprehensive use of technological innovation. See, e.g., Allen (2023) Suptech (n 34) 239f.

262

C. RUOF

2.3.2 Human vs Machine Regulator Certainly, technology is not the silver bullet to all problems and human involvement is not dispensable, far from it.185 This, however, is also not promoted here. Rather, the role of technology in implementing the three Guiding Principles is supposed to be a supporting and not a replacing one. The allocation of tasks performed predominantly by a human or by a program can be done in accordance with the advantage each option has. One way to frame this allocation is closely related to the above-described framework for rules vs. principles. Algorithms typically work in a rules-based fashion. Software and automated decision-making software tends to be formed primarily of declarative logical statements that can be combined into decision-treelike branches.186 Like machines, rules are typically appreciated for their clarity, precision, and predictability, but also criticized for their rigidity and inflexibility.187 Conversely, principles, like humans, are typically more adaptable to new circumstances and better able to handle utterly new situations.188 At the same time, they are criticized for their uncertainty, while their application is typically more costly compared to rules. According to that framework, technology is particularly useful for technical and repeating tasks that do not need (or very little) human deliberation. This could include reporting or as mentioned above data collection and processing.189 Also, areas such as market surveillance, misconduct analysis, or aspects of microprudential regulation could be automated.190 Automating these tasks could not only save resources but also allow for more tailored regulatory solutions. That is, once an innovation in the

185 In the words of Tom Lin: ‘[i]n a world driven by data and machines, humans are needed more than ever’ (Lin, ‘The New Investor’ [n 106 in Chapter 6] 731). 186 James Taylor and Neil Raden, Smart (Enough) Systems: How to Deliver Competitive Advantage by Automating the Decisions Hidden in Your Business (Prentice Hall 2007). 187 See Lin, ‘The New Investor’ (n 106 in Chapter 6) 732. 188 Ibid. 189 For instance, a test by the SEC has shown that algorithms are five times better than random testing at identifying language in filings by investment advisers, which could warrant further investigation. See Scott W Bauguess, ‘The Role of Big Data, Machine Learning, and AI in Assessing Risks: A Regulatory Perspective’ (2017). 190 For a more detailed assessment of regulatory methods and activity that could be automated, see, e.g., Bagby and Packin (n 29 in Chapter 4) 132 and 143ff.

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

263

market matures and its risks are known, technology could help in transitioning from the principles-based regulation towards a rule approach that is more customized to the risk profile of the activity. While in the traditional (analogue) rule-based approach customization in a complex and diverse market was usually associated with (prohibitive) costs, harnessing technology holds the promise to enable this. Automation of these tasks would free up capacity for the regulator and enable it to apply its resources to more crucial tasks such as the production of systemic information.191 Automating time-consuming exercise also puts the regulator in a better position to maintain oversight over different nodes in the architecture and timely intervene when necessary. Above all, the regulator could invest more resources in the analysis of information and (if necessary) adjust its implementation of the principles accordingly or assess their application to novel phenomena. Finally, these applications of technology only represent the current technological progress. In the future, especially with further advances in ML, it is likely that the share of tasks better performed by algorithms than humans will significantly increase. 2.3.3 Machine Regulatory Failure The central role of technology in the new approach, however, comes with certain risks and potential sources of regulatory failure. One concern is that technologization and automation entail the risk of automation biases.192 Just like the regulator can be prone to simply trust algorithmic outcomes generated by market participants, the same risks exist when using their own programs and automated tools. In this context, the risk increases as the tools become more sophisticated. Therefore, while practically reliance on the outcomes of those tools is somewhat necessary, the regulator should still maintain the ability to question and review it, for instance in cases of emergency. In addition to that, the delegation of responsibility to an algorithm might bare the risk of undermining the employees’ sense of personal responsibility.193

191 See also Baxter (n 121 in Chapter 2) 598. 192 See above at p. 135. 193 Allen, Driverless Finance (n 88 in Chapter 5) 156f.

264

C. RUOF

Another recurring problem from the private side is that the application of sophisticated AI and ML solutions can raise black-box issues.194 Put differently, the complexity and opacity of the technologies used by the regulator can lead it to lose control of the processes.195 The most central requirement to address these risks is once again the existence of sufficient in-house expertise on these matters.196 Failing to do so will not only result in poorer quality of regulation but also opens up another window for regulatory capture as private market participants could seek to exploit the information asymmetry and the automation bias within the regulator. More specifically, model developers of private market actors could be encouraged to select the most complex algorithm and subsequently tinker with the data or steer its behaviour in a risky direction, knowing that regulators would be discouraged from questioning the result of the automated process.197 These problems already surface to an extent with in-house developed solutions. However, much more realistic is that most technology solutions and algorithms will be supplied by specialized third parties.198 While elevating some of the above-mentioned risks,199 this also has the potential to introduce new dimensions of regulatory arbitrage. That is, as the regulator would have limited funds to pay suppliers of technological solutions and algorithms, it is very likely that these same suppliers leverage their products by providing comparable solutions to private companies. These comprise a much bigger market and are, therefore, likely to enjoy greater attention from suppliers. This in turn might result in regulatory arbitrage through suppliers potentially skewing the technology and software in favour of their (financially) more attractive private clients.200 A possible way to reduce this risk would be to emphasize the participation

194 See above at p. 189. For a discussion on the black-box problem in the context of suptech, see Bagby and Packin (n 29 in Chapter 4) 159. 195 See also Toronto Centre (n 181) 9. 196 This necessity is further discussed below in Sect. 2.4.1.2 of this chapter. 197 See also Allen, Driverless Finance (n 71 in Chapter 5) 59. 198 This is not only more realistic, but from an efficiency perspective also more desirable. 199 That is true in particular with regard to black-box issues as well as the automation

bias. 200 Enriques (n 164 in Chapter 5) 5.

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

265

principle and include other (quasi-public) stakeholders (such as universities)—in the assessment of third-party solutions and, possibly, also in the development of such solutions.201 Another more drastic way would be to prohibit those suppliers from offering solutions to private companies.202 The development of those solutions in the frame of a mutually beneficial partnership between the private sector and the regulator would remain preferable, however. Besides, arbitrage can also take form in that regulated institutions would attempt to obtain knowledge about how the technology used by the regulators works and strategically attempt to game it. 2.4

Risks and Challenges of the New Approach

While the previous section has outlined principles to address the information gap and improve the regulatory process, this section will further elaborate on the corresponding risks and challenges and discuss—learning from past experiences—what preconditions need to be met to overcome these. It will begin with established categories of regulatory failure, which are likely to gain new quality under the envisioned new regulatory approach. Subsequently, it discusses two key challenges of the new approach that would be needed to be taken care of, namely the incentive structure in a collaborative model and regulatory uncertainty caused by greater dynamism and flexibility of regulation. 2.4.1 The Risk of Regulator Failure in a PPP Approach As shown in Chapter 3, not only do markets fail but so does regulation. This failure can occur for various reasons, including capture, regulatory forbearance, the struggle of regulators to keep pace with the market, or insufficient resources. This section will shed light on the risk of regulatory failure under a new approach that incorporates the principles outlined in the previous section. It will focus on the two most important sources of regulatory failure, namely capture and insufficient resources. 201 See Allen, ‘Experimental Strategies for Regulating Fintech’ (n 116 in Chapter 5) 32 and Yang and Tsang (n 161 in Chapter 5) 400. 202 This option, however, would likely drive many suppliers out of the market and significantly reduce the overall funding of such solutions.

266

C. RUOF

Regulatory Capture Increased private involvement and coordination in the regulatory process are likely to bring enhanced prospects of regulatory capture.203 The close interaction that characterized all of the underlying principles might open up new channels for private interests to (inappropriately) influence the thinking of regulators and, as a consequence, the substance of (future) regulation. (1) Sources of capture in the new approach First, the envisioned relationship between regulators and regulated actors is likely to create mutual sympathy. While a certain degree of sympathy is even intended,204 a high level of it can be unhealthy. Similarly, the acknowledgement of the superiority of the private sector in terms of information that is inherent in all the above principles can easily translate into a biased view on input from that side. Second, a core component of the new approach is enhanced incorporation of private party information to improve the substance of the regulation. This result though is far from self-evident. It depends highly on the quality of information that is being provided by the market participants. The dependency of regulators on private party information also provides room for strategic selection and presentation of information. For instance, information which is harmful to the entity (e.g. associated with a prudential risk that—in case of disclosure to the regulator—is likely to trigger regulation and correspondingly increase compliance costs) can be omitted, while potential beneficial effects (e.g. enhanced efficiency or financial inclusion) can be overemphasized. This risk is particularly prevalent in the context of the participation principle, where private entities (next to other stakeholders) are given the opportunity to present

203 However, it also being argued that a partnership-based approach to regulation is not necessarily more susceptible to capture than an adversarial (command-and-control) one. Hurwitz (n 7) 129 and 151f. While given the opening up of more channels for private interest to enter the process, this does not seem fully plausible, it is in any case important to discuss the risk and potential remedies. That is also in line with Hurwitz, who does not see capture as no problem, simply not (necessarily) as a bigger one than usual. 204 For the downsides of an adversarial relationship that is associated with the traditional approach, see above at p. 218ff.

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

267

information and their views. The potential of this type of capture can further jeopardize the success of experimentation. As the core promise of it lies in the generation of (new) information, the regulator is once more dependent on the neutrality of the private participants. Strategic usage of the experimentation setting, on the other hand, would likely result in failure—either by creating mistrust or by incrementally detaching the resulting regulation from the public good when the information generated is chronically biased towards private interests. For instance, in an experimentation setting, regulators might subconsciously come to elevate the needs of participating firms (e.g. under the guise of promoting innovation) over the public interest in financial stability and consumer protection.205 The risk of capture in the new approach is further exacerbated by the move towards principles, requiring regulators and the market to reach a ‘shared understanding’ regarding their content. More broadly, this exemplifies the dilemma that underlies the new approach as a whole: Many of its benefits—above all its main goal of mitigating the information gap—can only be realized when close cooperation and high industry input exist. At the same time, the closer the cooperation, the more likely it is to use this closeness for strategically skewing regulation towards their private interest. (2) How collaboration in regulation can go wrong History in financial regulation provides plenty of examples of how wellintended cooperation with industry leads to capture. One of those is the pre-GFC regulatory approach by the UK FSA. Based on the assumption that private firms’ knowledge was superior, the FSA did not see itself in the position to challenge the risk calculation of financial institutions. As reliance on senior management was a key part of the substantive dimension of the principles-based regulation by then, flawed (but beneficial for the private entities in the short-term) understandings of risk found their way into actual regulation.206 The failure moreover revealed that regulators were not (only) relying on firms’ internal systems and controls but on skilful representations of those systems and controls constructed by

205 See also Hillary Allen, ‘Regulatory Sandboxes’ (2019) 87 George Washington Law Review 579, 635 in the context of regulatory sandboxes. 206 See Black, ‘Paradoxes and Failures’ (n 166) 1044f.

268

C. RUOF

those who were responsible for managing relations with the regulatory bodies.207 A similar trajectory took the Consolidated Supervised Entity (CSE) program208 by the SEC, which—under the same assumption—gave shadow banks significant freedom in calculating their risk exposure and capital requirements.209 After the crisis, it turned out to be that firms within the CSE program valued illiquid assets too generously, underestimated tail risks, and maintained inadequate capital buffers, all the while they communicated to regulators to reduce overall risks rather than to exacerbate them.210 These and other experiences show that the assumption that regulatees would automatically act in the interest of the public good, ‘neutrally’ share information, and always be mutually beneficial is in the words of Julia Black a ‘regulatory Utopia’.211 In reality, this utopia can too easily turn into a regulatory state that is run by the interest of regulatees, giving them more or less the freedom to do what they want. (3) Potential remedies From this cooperation paradox follows that a key challenge for the new approach is to find a way to utilize the (above-mentioned) benefits of close cooperation between the regulator and firms while mitigating the potential for regulatory capture. Regulatory capture can be addressed from multiple ends: First, the regulator needs to maintain a certain degree of scepticism towards industry information and views.212 This culture can be institutionalized, for example by installing certain instances for reviewing and double-checking the information provided by regulatees. Either this task can be done by a department within the regulatory agency, or by a third party which would necessarily need to be sufficiently distinct

207 Ibid 1045. 208 See above at pp. 222 and 227. 209 For a comprehensive analysis of the CSE and the reasons for its failures, see,

e.g., Ford, ‘New Governance in the Teeth of Human Frailty: Lessons from Financial Regulation’ (n 134 in Chapter 4) 459ff. 210 Ibid 462. 211 Black, ‘Forms and Paradoxes of Principles-Based Regulation’ (n 140) 430. 212 See also Ford, ‘New Governance in the Teeth of Human Frailty: Lessons from

Financial Regulation’ (n 134 in Chapter 4).

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

269

from the information provider and its interests. Adding sufficiently diverse interests to the process could serve to filter out potential distortions in perspectives and even up the views of well-resourced individuals.213 On the level of the individual employee, a certain degree of rotation could prevent individual personnel from becoming too sympathetic with a certain entity. Secondly, capture can be addressed by promoting transparency and accountability.214 There should be clear and open lines of communication and a transparent decision-making process, enabling external checks (e.g. by media or academia) to focus a spotlight on improper collusion.215 Third, enhancing (in-house) expertise on the side of the regulator would elevate their role in the public–private partnership and in producing the substance of regulation.216 Not least, close supervision and the threat of strict enforcement could deter private parties from strategic behaviour, and hence mitigate the risk of regulatory capture.217 Ultimately, and in close connection with the latter two points, there is the necessity of a wellequipped regulator.218 An understaffed regulator is neither able to build up significant expertise, nor can it effectively monitor private participants and review the information they provide.219 Resources Another reason regulation can fail is the lack of resources that are devoted to it. This is certainly true for all styles of regulation. Aside from negative effects on the quality of the regulator’s day-to-day work, a lack of 213 See also Awrey (n 12 in Chapter 3) 313. 214 See Lawrence G Baxter, ‘Understanding Regulatory Capture: An Academic Perspec-

tive from the United States’ in Stefano Pagliari (ed), Making good financial regulation: towards a policy response to regulatory capture (Grosvenor House Publishing Ltd 2012) 34 further categorizing this into 5 distinct strategies, namely adequate regulatory capacity; meaningful transparency; meaningful access by stakeholders; external checks; and internal checks. 215 Ibid 36; Awrey (n 12 in Chapter 3) 313. 216 See also Awrey (n 12 in Chapter 3) 310. 217 On aligning the incentives of participating private entities, see below at p. 250ff. 218 This will be further dealt with in the subsequent section. 219 See also Ford, ‘New Governance in the Teeth of Human Frailty: Lessons from Financial Regulation’ (n 134 in Chapter 4) 463f. The lack of resources, in combination with ineffective enforcement, was seen as the major contributor to the capture associated with the CSE program and ultimately its failure. See, e.g., Weber (n 12) 856f.

270

C. RUOF

resources would also make the regulator prone to be gamed and outpaced by the industry, in both, a command-and-control style regulation as well as an approach as envisioned here. Yet, the proposed concept in combination with the new financial service landscape exacerbates this problem. Put differently, the need for a well-resourced regulator is stronger than ever. The first reason for this is the envisioned structure of the new approach, in particular its emphasis on decentralization and experimentation. As opposed to the traditional command-and-control style, the task of the regulator becomes more complex and changes from that of a monopolistic supervisor and rule-enforcer to a much more multifaceted one. In the new setting, the regulator must constantly monitor the regulatory ‘nodes’ and experimentation practices, with a particular view to those outsourced to private entities. At the same time, it acts as a coordinator and manager of the regulatory structure as a whole while also functioning as a sort of clearinghouse for information, managing the diverse streams of information from various stakeholders. Most importantly, as the primary producer of systemic information, it has to maintain a systemic overview of the sector, ensuring its stability. To perform all these functions, an adequate number of employees and state-of-the-art technology is of utmost importance. What’s more, additional resources would be needed upfront but, and to a certain extent, also on an ongoing basis to build up the necessary infrastructure. This includes communication channels, an IT platform for all participants, and additional supervisory and relationship management personnel. Furthermore, the use of principles as opposed to rules requires in tendency more resources than a more rules-based approach. Even though a principles-based regulation might be more ‘hands-off’ when it comes to the procedural details, it requires an increased amount of resources in the context of putting the principles to action.220 As the regulator typically has greater discretion in applying the principle, it can pay more attention to the individual case. While with time economies of scale can emerge (repeated application of a principle to similar/comparable cases), the greater ‘distance’ from the principle to the individual case generally brings a greater need for

220 See also Ford, ‘Principles-Based Securities Regulation in the Wake of the Global Financial Crisis’ (n 264); Black, ‘Forms and Paradoxes of Principles-Based Regulation’ (n 140).

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

271

deliberation, which makes the application of principles more resourceintensive than the box-ticking of rules. Moreover, the heightened threat of regulatory capture brings an additional need for resources (see above). It requires that the regulator has (and is able to use) robust investigatory powers and to possess the necessary expertise to scrutinize the information provided by private participants.221 Not least, as mentioned above, a well-staffed regulator equipped with good expertise would be taken much more as a serious partner within the PPP framework than one that is utterly dependent on participation external resources and expertise.222 Aside from the general necessity of resources, another important issue is how and where to spend them. Also in this context, the structural shifts in the market have several implications. Firstly, the transformation in the sector prompts the need for heavy investments directed to enhancing the technological literacy and capability of the regulatory staff. To become an eye-level partner in the new regulatory approach, the regulator needs to develop deep internal expertise in computer programming, data analytics, and other technical areas.223 If the regulator lacks the technical expertise to properly analyse and process information provided by private firms, it will become utterly reliant on the firms’ presentation of it, leading it to fall prey to their interests. Personnel, who is trained and used to overseeing traditional financial services providers, can easily be overwhelmed by the diverse types of small fintech firms that increasingly populate the sector now.224 221 See Ford, ‘Principles-Based Securities Regulation in the Wake of the Global Financial Crisis’ (n 171). 222 See, for example, Madalina Busuioc and Dovile˙ Rimkute, ˙ ‘The Promise of Bureaucratic Reputation Approaches for the EU Regulatory State’ (2020) 27 Journal of European Public Policy 1256 or Mark L Flear, ‘Epistemic Injustice as a Basis for Failure? Health Research Regulation, Technological Risk and the Foundations of Harm and Its Prevention’ (2019) 10 European Journal of Risk Regulation 693 stressing the importance of the agency’s reputation in the success or failure of stakeholder participation exercises in an EU context. 223 This is underpinned by a FSB survey of major regulators, where one of the main envisaged benefit of having a digitally skilled workforce is perceived as to be able to get in dialogue with market participants (see FSB, ‘The Use of Supervisory and Regulatory Technology by Authorities and Regulated Institutions - Market Developments and Financial Stability Implications’ [n 69 in Chapter 5] 13). 224 See Gary Stern, ‘Can Regulators Keep Up with Fintech?’ (Yale Insights, 13 December 2017) https://insights.som.yale.edu/insights/can-regulators-keep-up-with-fin tech.

272

C. RUOF

The regulator, therefore, needs to train existing employees and hire new employees (preferably with private sector fintech experience) able to supervise the operation of fintech firms and assess the quality of the information provided by them and other market participants. In effect, within the regulator, a shift also needs to take place from an agency mostly dominated by lawyers and economists225 to one at least similarly equipped with computer programmers and data scientists/engineers.226 Hiring that kind of talent will become highly challenging, as the regulator will face strong competition from financial institutions, which are themselves already fiercely competing for these people.227 Clearly, comparing the current renumeration standards,228 this would require increasing the (especially financial) attractiveness of the regulator as an employer.229 With regard to existing staff, the regulator should encourage them to keep learning and provide corresponding incentives such as promotions or extra compensation.230 It should promote and offer education and training, ideally on an international level and organized by an international organization such as the FSB or BIS.231 This should include

225 See Luca Enriques, ‘The HR Challenge of FinTech for Financial Regulators’ (Oxford Business Law Blog, 3 July 2017) https://www.law.ox.ac.uk/business-law-blog/ blog/2017/07/hr-challenge-fintech-financial-regulators. 226 See also Omarova, ‘Technology v Technocracy’ (n 2 in Chapter 1) 100f; Enriques (n 164 in Chapter 5) 6 or; FSB, ‘The Use of Supervisory and Regulatory Technology by Authorities and Regulated Institutions - Market Developments and Financial Stability Implications’ (n 69 in Chapter 5) 9f. A similar observation was already made after the crisis by Jennifer Hughes in the FT (the FSA needs to pursue ‘the same PhD rocket scientists the banks are chasing.’ See Jennifer Hughes, ‘FSA Admits Failings over Northern Rock’ Financial Times (26 March 2008) https://www.ft.com/content/0833a416-fb0d-11dc8c3e-000077b07658. 227 See Yang and Tsang (n 161 in Chapter 5) 380. Notably, also banks face challenges in attracting skilled personnel with these backgrounds, as their compensation policies were regulated as a response to the GFC (a constraint that tech companies do not face). See, e.g., See Patrick Kampkötter, ‘Non-Executive Compensation in German and Swiss Banks before and after the Financial Crisis’ (2015) 21 The European Journal of Finance 1297. 228 For more information and evidence on the pay gap, see, e.g., Allen, ‘Resurrecting the OFR’ (n 3) 30f. or Yang and Tsang, (n 161 in Chapter 5) 380. 229 Potential means to achieve that—also aside from simple pay raises—are discussed below in chapter 10, Sect. 4.2). 230 See also Tsang (n 20 in Chapter 6) 400. 231 Some regulators started pursuing such initiatives. Notably, the ECB is seeking to

build and foster a digital culture among regulators as a part of their long-term digital

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

273

comprehensive digital curriculums and could be supplemented by secondments of regulatory personnel to other regulators or even private entities.232 Not least, it needs to be ensured that the regulator maintains ‘institutional cohesion’ and fosters a common understanding and culture between its employees from different backgrounds.233 One avenue to pursue could be hiring or training of ‘interpreters’, who have one foot in the regulatory (i.e. legal or economic) world and the other foot in the tech world.234 Importantly, these initiatives would have to be corresponded by a cultural shift within the regulator, away from the bureaucratic mindset towards one of engagement, continuous learning, and technical sophistication. Ultimately, without enough in-house expertise, regulatory failure is set to happen. That being true for the traditional approach, but even more so for the one envisioned approach presented here. Implementing the proposed approach without sufficient resources, on the other hand, would risk utterly ceding the field to those it regulates, ultimately resulting in a laissez-faire regulatory environment. As aforementioned, the greater incorporation of private entities in the regulatory process shall not correspond with a withdrawal of the state from the regulatory space, quite the opposite.235 The envisioned partnership, in which private advantages and capacities are leveraged and channelled to the public good, can only work if it is embedded in a strong governance framework. Hence, a strong and well-equipped regulator is key for making the new approach a success.236

strategy. See FSB, ‘The Use of Supervisory and Regulatory Technology by Authorities and Regulated Institutions - Market Developments and Financial Stability Implications’ (n 489) 16. 232 Notably though, this again raises risks of regulatory capture. 233 This is seen to be a problem by Omarova, ‘Technology v Technocracy’ (n 2 in

Chapter 1) 101. 234 See Allen, ‘Experimental Strategies for Regulating Fintech’ (n 116 in Chapter 5)

31. 235 This would equate to deregulation, which comprises initiatives that seek a nearcomplete withdrawal of government from the regulatory universe. For a comprehensive take on deregulation, see, e.g., Marc Allen Eisner, ‘Markets in the Shadow of the State: An Appraisal of Deregulation and Implications for Future Research’ in David A Moss and Edward J Balleisen (eds), Government and Markets: Toward a New Theory of Regulation (Cambridge University Press 2009). 236 Notably, whereas Hayek’s observations built a key element of this study’s analytical framework, this marks a clear departure from the solutions that Hayek and his followers

274

C. RUOF

The additional costs that would be associated with it are likely to pay off in the mid- and long-term. The necessary investments would further provide a good signal to regulated actors and create trust in the regulatory system. In the end, given the potential costs of regulatory failure, a strong financial regulator is certainly worth investing in.237 2.4.2 Aligning Incentives in a PPP Model As the cooperation between regulators and private market actors is a, if not the key element in the new approach, its success and failure also highly depend on the (quality and quantity of) participation of these private entities. Despite all the benefits of a collaborative model, financial regulation refrains from broadly assigning tasks and functions in the financial regulation process to private entities. One reason for this is that private sector participants are generally self-interest-driven, with—assuming no external influence—little interest in the public good. Therefore, while private sector participants are relatively well (and better) equipped in terms of knowledge and resources, they have less incentive to use it for the public interest. This not at least is corroborated by past experiences, which have shown that private actors exploit their influence to game regulators and take more risks.238 Ultimately, this leads to a trade-off between capability and incentive. Therefore, the incentives of participating private companies somehow need to be aligned with the public good (i.e. the regulatory objectives).

draw from them. While Hayek concluded from his observation that regulators are and will always be incapable and should hence—if at all—be given only a very small role, here the (preliminary) conclusion is that with the right approach (and incorporation of private actors) the regulator can gather sufficient information, make sound regulation, and further the public good. Put differently, while both views start from the dispersed nature of information and the information advantage of the private sector, Hayek views the market as the only institution to channel information into action. The approach advocated here builds a regulatory architecture for aggregating and making use of it. 237 As Frank Pasquale rightly notes, ‘regulators’ lack of resources is not simply the natural state of affairs’ but is instead a policy decision. See Frank Pasquale, ‘Law’s Acceleration of Finance: Redefining the Problem of High-Frequency Trading’ (2015) 36 Cardozo Law Review 2085, 2088. 238 See above at pp. 65 and 222f.

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

275

A first way to foster beneficial cooperation is to create a common culture of mutual-problem-solving, as opposed to a ‘winner-loser’ one.239 The failure of the regulator should also be perceived as a failure by the market participants and—vice versa—failures in the market240 as failures by the regulator. A less adversarial relationship between regulators and the market, as it is envisioned by the new approach proposed here, might have the potential to create a (better) industry morality, one that stronger incorporates the regulatory objectives into business activity.241 As argued by Saule Omarova, this culture is most likely to emerge in homogenous (industry) groups where interests are relatively similar.242 In the context of the new approach, this could be utilized within the decentralized structure. More specifically, the regulatory nodes could be structured towards specific entity types, potentially amplifying the informational benefits.243 However, counting on the industry culture to improve will most likely be insufficient, proving why a regulatory structure creating effective incentives for private participants to act in accordance with the public good is needed. This should include affirmative incentives as well as negative penalties to encourage participants to behave sensibly, in other words, make use of both the carrot and the stick. Generally, while penalties and punishments may be politically and administratively more satisfying following the misbehaviour, incentives may be more effective in preventing and correcting such misbehaviour in the future.244 On the 239 For example, Omarova, ‘Wall Street as Community of Fate: Toward Financial Industry Self-Regulation’ (n 17) advocates for the creation of a ‘community of fate’ that emphasizes the importance of ‘collective survival’. 240 Importantly, this does not mean that the regulator should prevent firms from ‘failing’ in the way of being outcompeted of the market. Failure in the market is supposed to refer to the realization of typical market failures (e.g. exploitation of consumers due to information asymmetries). William O Douglas referred to this background threat— here in the context of the SEC—as keeping a well-oiled shotgun safely behind the door. See William O Douglas, Democracy and Finance: The Addresses and Public Statements of William O. Douglas as Member and Chairman of the Securities and Exchange Commission (Kennikat Press 1940) 64f. 241 Omarova, ‘Wall Street as Community of Fate: Toward Financial Industry SelfRegulation’ (n 17) 446. 242 See ibid 456 and 477f. 243 That is because this would lead to the aggregation of expertise and the emergence

of ‘hubs’ of certain types of innovation, which would be likely to yield synergies and re-enforce the production of (new) information. See also above in Chapter 6, Sect. 2. 244 See Lin, ‘The New Financial Industry’ (n 113 in Chapter 5) 614f. More generally

276

C. RUOF

punishment side, there should be a constant presence of an official from the regulator concatenated with permanent threat of regulatory intervention in the background. This threat should function like the ‘benign big gun’245 as termed by Ian Ayres and John Braithwaite—i.e. severe but rarely deployed. It should include the prospect of bans and other types of substantial sanctions.246 Regulators should always be alert, prepared, and able to intervene promptly if wrongful conduct becomes pervasive.247 On the other hand, in order to make market actors truly engage in participation, experimentation, and to some extend willing to lend their capacity, there also should be something for them to gain from it.248 For small fintech start-ups, these incentives could for instance stem from guidance and support by the regulator in complying with regulatory principles. This guidance could provide (regulatory) certainty for the start-up as well as for potential investors, benefitting fintech firm. For the regulator, this would similarly be beneficial and allow it to learn about the respective technologies they use.249 Support by the regulator should include integrating fintech firms into the digital regulatory infrastructure and intertwining their compliance system with the regulator’s tools. Furthermore, the flexibility that principles provide could offer a more appropriate and proportionate regulation of small and mid-sized entities, and hence, reduce compliance costs. Similarly, in an experimentation setting, new less costly ways of regulating certain activities could be explored, likely incentivizing participation. An experimentationsupporting environment could further provide participating firms with the opportunity to test early-stage services, collect data, and gain important

on the effect of punishment, see Miriam H Baer (2012) 92 Boston University Law Review 577, 579 and comprehensively on incentives and their functioning, see Richard H Thaler and Cass R Sunstein, Nudge: Improving Decisions about Health, Wealth, and Happiness (Rev and expanded ed, Penguin Books 2009). 245 Ayres and Braithwaite (n 14) 19ff. 246 See also Omarova, ‘Wall Street as Community of Fate: Toward Financial Industry

Self-Regulation’ (n 17) 468f. 247 Tsang (n 138 in Chapter 2) 599. 248 See also U.S. Department of the Treasury (n 18 in Chapter 5) 174, where partic-

ipants in Treasury outreach meetings were criticizing the lack of incentives for them to participate in government schemes. 249 See Ringe and Ruof, ‘Regulating Fintech in the EU: The Case for a Guided Sandbox’ (n 124).

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

277

insights about their own product. The same is true for larger entities, which could test products and, in collaboration with the regulator, develop technology-based compliance solutions that are safer and at the same time less costly. Performing certain tasks in the new ecosystem could also be a source of additional revenue streams in the form of fees. 2.4.3 Addressing (Regulatory) Uncertainty As aforementioned, the flipside of principles’ flexibility is the uncertainty associated with it. Regulatory uncertainty can be detrimental to the success of the new approach by possibly deterring actors from participating. Because, when operating under regulatory uncertainty, regulated actors are likely to adopt more conservative interpretations of principles as a way of mitigating the risk of regulatory sanctions, resulting in an unintended ‘chilling effect’. Julia Black has described this phenomenon as the ‘compliance paradox’.250 In effect, this chilling effect would run completely against the proposal’s purpose of encouraging (regulatory) experimentation. A permanent gap between the regulators and private market actors’ understanding of principles could further cause frustration among private actors and (re-)create a hostile regulatory environment, one which the new approach is meant to overcome. Reducing regulatory uncertainty is, therefore, another objective that has to be considered when implementing the new approach, for which there are several avenues. For instance, as a response to uncertainty, Cristie Ford proposes to use ‘clear and prophylactic rules around areas where fundamental systemic requirements are involved’,251 which again reemphasizes the need for a thorough assessment of finding the right area on the rule-principle spectrum in a given context.252 Another way could be to establish some kind of ‘fix points’ in the application of the principle to communicate what kind of conduct would be required.253 In a similar vein, the regulator could provide ‘safe harbours’ to constitute a way of (ensured) compliance with the principle (but not the only possible one). These fix points and safe harbours could also be updated in light of new

250 Black, ‘Forms and Paradoxes of Principles-Based Regulation’ (n 140) 449f. 251 Ford, ‘New Governance in the Teeth of Human Frailty: Lessons from Financial

Regulation’ (n 134 in Chapter 4) 487. 252 See above at p. 236. 253 See Black, Hopper and Band (n 28) 200f.

278

C. RUOF

information.254 In sum, these options could provide certainty-seeking entities with a way of straightforward compliance, reducing uncertainty, while leaving others free to experiment and find better ways to comply. As especially technological compliance offers the prospect of achieving this aim, there should be enough incentive left for firms to still engage in experimentation. Aside from ‘fix points’ and ‘safe harbours’, the regulator could extend its toolkit with comparable soft law instruments and informal guidance—enabling parties to become compliant with the principle. Yet, these tools should be applied with caution due to the risk of making the new approach backslide into a de facto rules-based system, including all of the before-mentioned drawbacks.255 Furthermore, close cooperation and guidance from the beginning are likely to contribute to reaching a common understanding of the principles and therefore reduce regulatory uncertainty. In that context, it is important to channel regulatory resources to where uncertainty is the highest. These would typically be small innovative players where experience with the application of principles is the smallest (for innovator and the regulator). Not least, a high level of transparency in the application of principles could improve their predictability and once more help reducing uncertainty among the regulated actors. 2.5

The New Approach in Light of the Regulatory Objectives

On a higher level of abstraction, the regulator’s ultimate goal is still to further the above-mentioned regulatory objectives. Hence, to close the circle, in the following I will briefly show how the new approach would support this task. As stated before, the primary purpose of reducing the information gap is to prevent regulatory mismatch and put the regulator in a better position to identify and regulate risks in the system. Under the current approach though, the dynamics of the financial services sector are likely to exacerbate that gap and might result in a higher prevalence of market and regulatory failures. By putting information gap reduction centre stage of the new approach, the regulator would be positioned to identify emerging

254 It, however, should be considered that the more frequent updates are made, the more the regulator risks to offset the beneficial effects on regulatory certainty. 255 See above at p. 235f.

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

279

consumer and financial stability risks. Thereby a clear focus is put on financial stability by enhancing the production of systemic information while outsourcing certain tasks to free up resources. At the same time, enhanced flexibility provides the regulator with the ability to translate new knowledge into regulatory action in a timely fashion. More broadly, the envisioned partnership between the regulator and the market could be an opportunity to promote the health and resilience of the system as a whole.256 Whereas the traditional approach is characterized by a dynamic of the regulator chasing (and regularly failing to prevent) a set of narrowly defined market failures, the new approach is built on collaboration and enhanced participation. This change could make the ground for a corresponding shift from focusing on isolated problems that are divorced from the health of the overall ecosystem to a more holistic view of the sector.257 However, if executed poorly (i.e., in particular, neglecting the new risk of it), the new approach is not only likely to fail in meeting those expectations, but can also exacerbate risks for consumers and financial stability compared to the current regime. As mentioned before, this is especially true if the regulator fails to become a credible eye-level partner to industry participants, be it due to lacking resources, regulatory capture, or other reasons. In that scenario, the dominant role of industry participants in the regulatory process is prone to result in a significantly greater generation of risk in the sector. Participation, decentralization, and experimentation could in that case become gateways for industry interest and ultimately result in deregulation and greater risks for financial instability. There are multiple examples from the past that illustrate the consequential outcomes this scenario can lead to and should function as constant reminders when implementing and executing the new approach. Another mostly neglected regulatory objective so far, but one which warrants no less attention, is the promotion of market efficiency and competition.258 On the face of it, key elements of the new approach, namely experimentation and the use of principles, are widely associated with promoting innovation and competition.259 In the new approach, 256 An akin suggestion is hinted at by Awrey and Judge (n 117 in Chapter 2) 2300f. 257 Such a perspective is also advocated for by Awrey and Judge (n 117 in Chapter 2). 258 On competition as a regulatory objective, see above at p. 36f. 259 See, e.g., in relation to the FSA’s Principles-based approach prior to the GFC Black, ‘Regulatory Styles and Supervisory Strategies’ (n 141 in Chapter 2) 230 with further references. Also, Ford, ‘New Governance, Compliance, and Principles-Based Securities

280

C. RUOF

the regulator is meant to actively support entities to use the room for innovation, finding efficient ways of compliance and fuel the regulatory discovery process. In the end, the flexibility of the regulator to accommodate innovation is part of what makes the new approach attractive for firms and hence constitutes a key incentive for their beneficial engagement in it. However, this effect does not occur automatically, but has to be also actively ensured by the regulator. One reason for this has already been mentioned above, namely the chilling effect that principles-based regulation can cause if no regulatory certainty is actively provided by the regulator.260 Innovation and competition can also be stifled once the collaboration between industry and regulator leads to a cementation of power structures in the market and higher barriers to entry.261 For that reason, the regulator needs to actively use the flexibility given by the new approach to accommodate new entities and draw them into the public–private partnership. Utilizing the given flexibility and proportionately applying the principles, the regulator can level the playing field between incumbents and newcomers as well as small and big players. This, however, is not an automatic effect of the new approach but rather has to be pursued in its implementation. As stated above, technology should play a central role in compliance solutions and be harnessed from the very beginning to establish an integrated compliance system between the regulator and regulated entity. This, however, can involve significant cost expenditures potentially harming small start-ups (and hence innovation), due to their primary focus on economic survival. Hence, they may lack the bandwidth to take in technological compliance experimentation or similar. To address this issue the regulator could—where possible—provide also a technological safe harbour system for start-ups, which involves only very little compliance costs but forms the basis for future experimentation. In addition, the regulator should, in certain contexts, operate as an information ‘equalizer’, disseminating information about best practices, which would also especially benefitting small actors. This could be supplemented

Regulation’ (n 27) 47ff. On innovation in experimentation schemes, see, e.g., Michael A Livermore, ‘The Perils of Experimentation’ (2017) 126 Yale Law Journal 636. More generally with respect to New Governance, see Lobel (n 5), for instance, on p. 396f. 260 See above 235. 261 See also Batista and Ringe (n 46 in Chapter 5) 215.

8

CONCEPTUALIZING A REGULATORY RESPONSE TO FINTECH

281

by institutionalized support from ‘node’ entities262 potentially through a mentorship relationship.263 Yet, it should be made sure that these relationships do not emerge as a source for new competition problems.264 This section has outlined a set of principles that should underwrite a new regulatory approach whose main purpose is bridging the information gap and preventing regulatory mismatch. On top of that, it has discussed that the risks accompanying this new approach, which will need to be addressed to make the proposal a success. In the upcoming chapter, I will analyse the current menu of regulatory approaches to fintech against the background of the principles developed above and their presumed effects on the information gap. As will be shown, a number of those approaches entail at least some aspects of New Governance scholarship and the developed principles yet are likely to fail in sufficiently addressing the (informational) challenges under fintech. The subsequent analysis of current approaches will contribute to informing the concrete proposal as the final chapter of this book.

262 See above 224f. 263 Such a mentorship regime is proposed by Enriques and Ringe (n 149 in Chapter 5). 264 That is, the ‘node’ entity might have an incentive—be it because it sees a competi-

tive threat to it or a related entity in the regulated fintech, or for potential liability issues, to keep its regulated entities on a very short leash. In the New Approach, the regulator needs to keep an eye on developments as such and intervene if necessary. On that similar risk, but the context of the mentorship regime, see ibid 384f.

CHAPTER 9

Analysing the Current Menu of Fintech Regulation

This chapter provides an analysis of a selection of the most important regulatory responses to fintech. The analysis is thereby the principles developed in the previous chapter in two ways. First, while by now there is a wide range of different approaches, three of these have been selected for their promise to reflect certain elements of the theoretical or supporting principles. Namely, this chapter examines (1) the current landscape of innovation hubs, with a particular focus on the EU, (2) sandbox, including the prototype of the FCA regulatory sandbox as well as the concept of industry sandboxes, and (3) suptech innovations in particular in the form of digital infrastructure concepts and machine-readable and executable regulation. Second, the assessment of these approaches will be based on the principles developed in Chapter 9 and ultimately on their promise to address the information problem. For each approach, it starts with a description of the idea, continues with a more detailed case study of a specific implementation example of the approach, and last assesses on the basis of the principles developed in the previous section and its promise in addressing the information gap under fintech. On the basis of this analysis, the following chapter will translate the findings into a policy proposal, suggesting a new regulatory structure that allows for more collaboration and experimentation.

© The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 C. Ruof, Regulating Financial Innovation, EBI Studies in Banking and Capital Markets Law, https://doi.org/10.1007/978-3-031-32971-5_9

283

284

C. RUOF

1

Context and Goal of the Analysis

Like financial innovation, financial regulation occurs in cycles.1 While the pre-crisis era was characterized by a more laissez-faire approach, driven by a strong belief in the self-correcting powers of the market, the GFC marked a turning point, introducing a major process of reregulation. Those initiatives were mostly aimed at enhancing financial stability and addressing in particular the presumed weaknesses in pre-crisis regulation. In the subsequent years, fintech emerged while memories of the financial crisis faded, leading regulators to slowly rebalance their priorities and to begin putting more weight on promoting innovation again.2 This shift has underlain most of the recent regulatory initiatives worldwide directed at fintech.3 In that sense, the following measures can also be seen as a manifestation of the regulatory sine curve as described by Coffee.4 While designed with the primary purpose of promoting innovation and accommodating fintech innovations, some of these regulatory responses to fintech also—as this section will show—embody elements of the abovedeveloped principles. Accordingly, this section will offer an analysis of these initiatives, selected according to their closeness to (some of the) the principles and their promise to address the information gap more broadly.5 The goal of this exercise is not to offer a conclusive assessment about the desirability of those measures but rather to add a new perspective on them. Whereas a considerable number of contributions have been published summarizing these measures and discussing their risks and promises on a rather broad level, an informational perspective is mostly missing.6 While the perspective used here is certainly not the 1 See above, in particular on p. 67f. On regulatory dialectic generally, see 73ff. 2 See Zetzsche and others, ‘Regulating a Revolution: From Regulatory Sandboxes to

Smart Regulation’ (n 950 in Chapter 7). 3 Counting for both, individual fintech applications and fintech as a broader phenomenon. 4 See above 68. Similarly, Allen, ‘Experimental Strategies for Regulating Fintech’ (n 536 in Chapter 5) 24. 5 Notably, there are numerous other, not less significant regulatory and legislative initiatives targeted at different forms of fintech. These are however for the given reasons beyond the scope of this study. 6 See, e.g., Omarova, ‘Dealing with Disruption: Emerging Approaches to Fintech Regulation’ (n 106 in Chapter 7); Zetzsche and others, ‘Regulating a Revolution: From Regulatory Sandboxes to Smart Regulation’ (n 96 in Chapter 7). An overview on the

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

285

(only) decisive one, the previous part of this study should have made a strong case for making it part of the consideration when evaluating policy responses to fintech. This section will continue by analysing three types of regulatory responses to fintech. For each approach, it starts with a description of the idea, continues with a more detailed case study of a specific implementation example of the approach, and last assesses on the basis of the principles developed in the previous section and its promise in addressing the information gap under fintech.

2

Innovation Hubs/Facilitators

Among the first initiatives directed at supporting the development of a domestic fintech ecosystem was the creation of so-called innovation hubs. They were introduced as early as 2014 and first emerged in Luxembourg, the UK, and Australia. Innovation hubs constituted the first accommodative approach to fintech firms in recognition of the difficulties the post-crisis regulatory framework created for them.7 At the same time, they arguably initiated a competition between regulators on attracting fintech firms to their jurisdiction and became a starting point of more comprehensive measures directed at fintech firms. 2.1

Concept

An innovation hub can be described as a bridge between regulators to the industry (or fintech in particular) made to discuss fintech innovations, provide guidance on regulatory requirements, and potentially

literature can be found at Dirk A Zetzsche, Douglas W Arner and Ross P Buckley, ‘Fintech Toolkit: Smart Regulatory and Market Approaches to Financial Technology Innovation’ (Deutsche Gesellschaft für Internationale Zusammenarbeit 2020) 49ff (esp. on p 60). 7 According to Zetzsche and others, ‘Regulating a Revolution: From Regulatory Sand-

boxes to Smart Regulation’ (n 96 in Chapter 7) the Luxembourg CSSF, the UK FCA, and the Australian ASIC were the first regulators to set up innovation hubs in 2015. According to ESAs (2018), the first innovation hub was established as early as 2014 (ESMA, ‘FinTech: Regulatory Sandboxes and Innovation Hubs’ (ESMA 2018) JC 2018 74).

286

C. RUOF

discuss adjustment of certain (unfit) parts of the framework.8 This institutionalized dialogue is primarily to enhance firms’ understanding of the regulator’s expectations and is therefore especially directed at small fintech start-ups that lack (legal) staff and/ or are faced with high regulatory uncertainty from the innovativeness of their business model and the complexity of the regulatory framework.9 For instance, innovation hubs often provide firms with guidance on the conformity of their (proposed) business model with regulatory requirements, particularly including the necessity of an authorization.10 To that extent, the function of innovation hubs do not substantially differ from established regulator practices of responding to ad hoc queries concerning regulatory issues. However, what distinguishes them from past practices is their specialization with regard to (technical) expertise, the broadened scope towards non-financial (esp. tech) companies, and the scope and extent of their guidance and support.11 The objective of innovation hubs is primarily to support innovation by creating a pro-innovation climate and lowering barriers to entry and regulatory uncertainty. Meanwhile, it is also meant to facilitate mutual learning and help the regulator identify emerging issues in the sector.12 With regard to the latter, innovation hubs contribute in informing the need for a different application of certain rules or potentially even for regulatory reforms.13 Often, innovation hubs are just a first step in a broader innovation-focused journey of the regulator. They typically mark the starting point (as opposed to the subsequent initiatives) since they are easy to establish and typically require no legislative or

8 See Ross P Buckley and others, ‘Building Fintech Ecosystems: Regulatory Sandboxes, Innovation Hubs and Beyond’ (2020) 61 Washington University Journal of Law & Policy 55, 58. 9 See ESMA, ‘FinTech: Regulatory Sandboxes and Innovation Hubs’ (n 7) 8 and 13. 10 See ibid 8. 11 See ibid 8f. 12 UNSGSA, ‘Early Lessons on Regulatory Innovations to Enable Inclusive FinTech:

Innovation Offices, Regulatory Sandboxes, and RegTech’ (UNSGSA FinTech Working Group and CCAF 2019) 20. 13 A good example for this is the Netherlands AFM which amended its interpretation of some rules and provided clearer guidance on others based on interactions in its innovation hub. See ESMA, ‘FinTech: Regulatory Sandboxes and Innovation Hubs’ (n 7) 20.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

287

regulatory change, as their toolkit is usually limited to ‘soft’ measures.14 Innovation hubs are the most widespread response by regulators to fintech, with almost all major regulators around the globe having one set up in some form.15 They typically consist of a unit within the regulatory agency and are staffed with a (varying16 ) number of experts that function as the contact point for inquiries from the industry. The design varies across jurisdictions and has evolved over time, often starting with a simple dedicated contact point and now, for instance, providing personalized support or access to investor networks or innovation accelerators.17 By opening the regulator’s doors more to fintech innovators, innovation hubs create a communication channel from the industry to the regulator and hence embody elements of the principle of participation. They hold the promise to enhance information flows from the market to the regulator and to thereby decrease the size of the information gap. By being targeted at small fintech-specific regulatory issues, they tend to create engagement at the forefront of innovation, as it is typically the novelty of the service and correspondingly the lack of regulatory precedent that causes the need for guidance. In view of this, they could be a notable tool for regulators to stay in touch with current market developments. Moreover, innovation hubs provide a strong signal to fintech firms and market participants more generally about the willingness of the regulator to support innovation.18 This signal can improve the relationship between the regulator and regulatees and lay the foundations for further collaboration efforts and a more partnership-based approach.

14 That is, their guidance is usually non-binding and adjustments are only made to interpretation of the legal framework, but not to the text of the written law itself. 15 See UNSGSA (n 12) 19. 16 With respect to the EU, ESMA, ‘FinTech: Regulatory Sandboxes and Innovation

Hubs’ (n 7) state the headcount of innovation hubs between one and nine experts, with one exception of around thirty (see p. 9). 17 See Radostina Parenti, ‘Regulatory Sandboxes and Innovation Hubs for FinTech— Impact on Innovation, Financial Stability and Supervisory Convergence’ (European Partliament, Policy Department for Economic, Scientific and Quality of Life Policies 2020) 20. 18 Similarly, Buckley and others (n 8).

288

C. RUOF

2.2

Case Study: The EU Innovation Hub Landscape

Innovation hubs in the EU make a good case study because they possess promising elements aiming at broader participation in the regulatory process and showcase some significant shortcomings of the concept and of its effectiveness in addressing the information gap. In the EU, as a multi-layered legal framework,19 innovation hubs and related initiatives can be found on the EU as well as on a Member State level. On the national level, most Member States have by now established innovation hubs.20 The earliest date back as far as 2014, however, the majority became operational after 2016.21 Typically, there is at least one innovation hub in each Member State, with some having more than one depending on the regulatory architecture in the respective jurisdiction.22 According to a report conducted by the ESA’s, innovation hubs in the Member States are overall very similar in terms of their objectives and scope while variations can be observed with respect to the mode and means of interaction between regulators and firms, the nature of the support provided to the firms, and the level of transparency of their operations.23 All hubs have established dedicated contact points such as a telephone line or electronic interfaces, online meetings, or specific websites functioning as the communication channel between firms and regulators.24 After having received an inquiry, the national regulator typically conducts a screening process to determine how to best deal with the inquiry and if other authorities (e.g. data protection authorities) need to

19 See above at p. 44f. See further Eilis Ferran, ‘Understanding the New Institutional Architecture of EU Financial Market Supervision*’ in Eddy Wymeersch, Klaus J Hopt and Guido Ferrarini (eds), Financial Regulation and Supervision (Oxford University Press 2012) or Armour and others (n 14 in Chapter 2) 542ff on the architecture of financial regulation in the EU. 20 The ESAs Joint Committee maintains a regularly updated list of innovation facilitators in the EU that includes innovation hubs. See https://esas-joint-committee.europa.eu/ efif/innovation-facilitators-in-the-eu. 21 See ESMA, ‘FinTech: Regulatory Sandboxes and Innovation Hubs’ (n 7) 7. 22 This applies, e.g., to Belgium and France. 23 See ESMA, ‘FinTech: Regulatory Sandboxes and Innovation Hubs’ (n 7) 7. 24 See ibid 9f.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

289

be involved.25 The response to the firm, mostly taking the form of ‘preliminary guidance’, can be conveyed through various channels including personal meetings and telephone calls or email.26 Some regulators publish (selective) inquiries in Q&A-form or as public statements in order to inform other (potential) innovators about the outcome of the communication. Overall, however, the level of transparency is relatively low with only a few regulators doing the above-mentioned or publishing other kinds of reports or studies on their activities in their respective innovation hub.27 While in terms of scope, innovation hubs are generally available to all market participants who want to or consider adopting financial services or business models related thereto. The ESA’s report has shown that the predominant users of innovation hubs appear to be unlicensed start-ups.28 The smaller share of inquiries, however, comes from regulated entities considering (new) products or services and TPPs offering technical solutions for financial institutions/fintech firms.29 While most inquiries are about the application or applicability of certain regulators to new technology or business models, in some cases innovation hubs are also used by firms to raise awareness for certain incompatibilities with or gaps in the regulatory framework and suggest possible changes to it.30 The number of inquiries varies significantly between respective regulators, some reporting just a dozen inquiries per month, while others report hundreds.31 Some regulators added supplementary initiatives to their

25 In a few Member States (e.g. Belgium and the Netherlands) supervision is organized in the ‘twin peaks’ model, where coordination between the two regulators might be necessary. 26 ESMA, ‘FinTech: Regulatory Sandboxes and Innovation Hubs’ (n 7) 11. 27 Ibid. 28 Ibid 13. 29 Ibid. 30 Ibid 14. 31 Parenti (n 17) 14. For instance, the joint innovation hub by the Dutch AMF

and DNB provided guidance and regulatory clarification to around 600 firms in the first year of its existence (UNSGSA (n 12) 23.), the French Fintech Innovation Unit of the ACPR in its first year did the same to 133 actors (see ACPR and Banque de France, ‘The Fintech Innovation Unit of the ACPR Is Strengthening Its Team and Launching Two New Communication Actions for Innovative Financial Players’ (2017), https://acpr.banque-france.fr/sites/default/files/medias/documents/20170717cp-fintech-en.pdf), while the Greek received a total of 36 inquiries from its foundation

290

C. RUOF

innovation hub to reach out to a broader group of stakeholders.32 For instance, the French ACPR and AMF established a Fintech Forum, which is a consultative body gathering representatives from industry (fintech, incumbent players and other backgrounds) as well as public authorities and supervisors.33 The forum is intended to act as a venue for monitoring developments, engaging in dialogue, and making proposals to identify challenges and unintended consequences of the regulatory framework as well as developments and risks associated with fintech more broadly.34 Other regulators run separate outreach programs, through which they actively engage with fintech-related stakeholders, such as academics, industry associations, other regulators, incubators, and accelerators.35 These arrangements though are made more on an individual basis as opposed to an institutionalized setting, as typically the case with fintech forums. Developments in the context of innovation hubs did not just occur on the national level. Over the past years, EU institutions, above all the ESAs, too have stepped up their work in this area, connecting knowledge from innovation or start own innovation hub-like initiatives. Most importantly, in cooperation with the EC, they launched the European Forum for Innovation Facilitators (EFIF), set up to facilitate cooperation, collaboration and sharing of experiences and expertise among national regulators.36 Aside from the EFIF, there are multiple other initiatives for outreach and knowledge sharing on fintech scattered across different forums. In 2018, the EU Fintech Lab, established by the EC, had its first meeting that brought together regulators (EU and

in March 2019 until the end of 2019 (see Bank of Greece, ‘FinTech Innovation Hub’, https://www.bankofgreece.gr/en/main-tasks/supervision/fintech-innovation-hub). 32 These include Dutch, French, and Greek authorities. 33 See AMF France, ‘The AMF and ACPR Launch the FinTech Forum’ (AMF , 19

July 2016), https://www.amf-france.org/en/news-publications/news-releases/amf-newsreleases/amf-and-acpr-launch-fintech-forum. There also the exact composition of the Forum can be found. 34 Ibid. 35 For example, see the Stakeholder Outreach program of the Central Bank of Ireland

(Central Bank of Ireland, ‘Innovation Hub—2019 Update’ (2019)). 36 See, https://esas-joint-committee.europa.eu/efif/efif-homepage.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

291

the Member States) with representatives from the industry.37 The lab is designed to raise the level of regulatory and supervisory capacity and to share knowledge about technologies in the sector.38 Concomitantly in 2018, the EBA established the Fintech Knowledge Hub, bringing together authorities in a common setting and enhancing engagement with industry. The Knowledge Hub hosts regular events on contemporary topics and monitors the impact of fintech on the financial ecosystem on an ongoing basis.39 Moreover, there are more targeted outreach initiatives, such as the EU Blockchain Observatory and Forum, created as a pilot project by the European Parliament and run by the EC. It consists of representatives from academia and industry and undertakes blockchain developments monitoring, knowledge sharing, and makes recommendations on EU blockchain policy.40 As opposed to the lab or the Knowledge Hub, this initiative runs more independent and with less involvement (and representation) from a regulator’s side. More recently, in 2021, the ECB established a virtual lab to pursue suptech experimentation. This lab facilitates cross-border teamwork and allows European banking supervisors to explore innovative ideas and to collaborate on AI developments and other projects.41 Looking at the international stage, those initiatives are part of a global network of innovation hubs with the aim of knowledge sharing and regulatory cooperation, led by international bodies (such as the FSB) and standard-setting organizations (such as the BCBS). The most relevant initiative in this regard would be the BIS Innovation hub, established by 60 central banks around the world with the goals of coordinating responses to critical trends in the sector and knowledge sharing on 37 The agenda of the meeting can be found at, https://ec.europa.eu/info/sites/info/ files/180620-eu-fintech-lab-agenda_en.pdf. 38 See, https://ec.europa.eu/info/publications/180620-eu-fintech-lab-meeting_en. 39 See, https://www.eba.europa.eu/financial-innovation-and-fintech/fintech-knowle

dge-hub. 40 https://www.eublockchainforum.eu/. 41 See https://www.bankingsupervision.europa.eu/press/publications/newsletter/

2021/html/ssm.nl 210217_3.en.html. This initiative is a part of a broader, multi-year suptech strategy by the ECB in the form of a Digitalization Roadmap. For a comprehensive discussion of this strategy, Alessio Azzutti, Pedro M Batista and Wolf-Georg Ringe, ‘Navigating the Legal Landscape of AI-Enhanced Banking Supervision: Protecting EU Fundamental Rights and Ensuring Good Administration’ (2023) European Banking Institute Working Paper Series 2023 - no. 140, 7ff.

292

C. RUOF

innovation.42 Notably, as the hub exclusively consists of central bank representatives, its focus resides more with central bank-related topics such as CBDC.43 2.3

Assessment

Overall, innovation hubs mark a step towards greater collaboration with industry players and improvement of regulators’ expertise. They constitute a channel through which industry players—including fintech firm—can participate in the regulatory process and bring in their views and knowledge. Conversely, regulators gain access to ‘on-the-groundknowledge’ from participants of the innovation hub, being provided with an additional way to gather additional information then inform potential adaption of regulatory output.44 In this way, innovation hubs can help regulators to keep pace with development, gaining timely insights into emerging technologies and business models. Importantly, the data on EU innovation hubs shows that they are largely used by small (unlicensed) fintech start-ups, which are often either operating below the regulatory radar or are still at a pre-market stage of their development.45 In both cases, innovation hubs establish a link to actors previously inaccessible to regulators and in doing so reduce regulatory blind spots outside of the regulator’s direct line of sight.46 Hence, innovation hubs are expected to help regulators bridge information gaps emerging at the edges of the

42 See Parenti (n 17) 51 and, https://www.bis.org/about/bisih/about.htm?m=1% 7C441%7C713. 43 See the six core working topics of the BIS Innovation hub here: https://www.bis. org/about/bisih/topics.htm?m=1%7C441%7C714. 44 According to Parenti (n 17), the majority of authorities reported that innovation facilitators (which includes innovation hubs) helps them to gain a better understanding of innovation in financial services (see p. 33). According to the UNSGSA report (n 12), all 40 interviewed regulators asserted the benefits of innovation hubs in staying better informed about innovation in the market and mitigating risks to regulatory objectives (see p. 23f). 45 See Parenti (n 17) p. 43. 46 See also Deirdre Ahern, ‘Regulators Nurturing FinTech Innovation: Global Evolution

of the Regulatory Sandbox as Opportunity-Based Regulation’ (2019) 15 Indian Journal of Law and Technology 345, 351f.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

293

regulatory perimeter.47 To incentivize participation and sharing of information, regulators offer fintech firms and other players a more than usual degree of guidance and support. Moreover, innovation hubs appear to contribute to an improved relationship between regulator and industry, above all fintech firms, which readies the ground for deeper collaboration efforts. For that, the first contributor to improvement is the mere set-up of an innovation hub, creating a strong signal of a pro-innovation attitude by the regulator. As opposed to the traditional approach, innovation hubs provide more informal contact points with regulators, which prove to be less ‘intimidating’ and more convenient, especially for small players.48 This is then supported by a mutually beneficial arrangement of providing information and knowledge in exchange for support and guidance. A proactive early-stage engagement and the supportive approach that innovation hubs offer can also mitigate the dangers of innovation being funnelled into the shadows, hence reducing the likelihood of regulatory arbitrage.49 The popularity of innovation hubs shown by the high number of participants seem to corroborate this.50 Yet, innovation hubs to date are still far away from the level and quality of participation promulgated by the Guiding Principle. First, the landscape of innovation hubs is highly fragmented, hampering the positive effects on the information gap. Namely, in the EU, the biggest share of innovation hubs operates at the Member States level.51 As a starting point, this makes sense as most of the day-to-day regulation/supervision is also exercised at that level. It not only provides the innovation hub with greater proximity to the participants but also holds the potential to be able to more seamlessly translate information gains into regulatory output. However, due to the small scale of most individual Member States 47 See also Parenti (n 17) 23. 48 See also Ahern (n 46) 350. 49 See also Chiu (n 229) 747. 50 See further Aurelio Gurrea-Martínez and Nydia Remolina, ‘Global Challenges and Regulatory Strategies to Fintech’ (2020) 22 providing some additional numbers on participations in certain innovation hubs. 51 Notably, the problem of fragmentation is not exclusive to the EU. Especially, the USA shows an equally scattered innovation hub landscape that yields similar implications. For an overview of the US landscape, see Allen, ‘Experimental Strategies for Regulating Fintech’ (n 111) 22.

294

C. RUOF

innovation hubs52 , major trends and systemic developments are likely to elude them. While some coordination is taking place at an EU level, it is far from enough. To truly yield the benefits of participation, there needs to be stable internal channels in place for knowledge transfer and a central platform that constantly gathers and processes all incoming information. As the type and amount of knowledge gathered in the innovation highly differs, this central point should act as an equalizer and disseminate the centralized and processed information among the individual regulators. This has to be done on an ongoing basis and in an automated fashion. Only this way, the benefits of the interaction between regulator and market actors can go beyond the individual case and contribute to reducing the information gap. Second, the way innovation hubs operate does not enable the regulator to gather the amount, quality, and diversity of information necessary to close the information gap. Since innovation hubs are primarily targeted at market participants who seek regulatory guidance, the scope of participation they provide is inherently limited. While the targeted sample is an important one from an informational perspective, other important actors are left out. For instance, innovation hubs do not capture actors that are simply unregulated (and therefore do not need regulatory guidance). The foremost goal is still accommodating firms in the current regulatory framework, but not to change the framework. This limitation especially applies to market support services, technology providers, and other back-office firms. Furthermore, the channel established by innovation hubs only links regulators to the industry, therefore leaving out other stakeholders such as academics. Engagement with a broader scope of participants would also mitigate the risk of regulatory capture, prevalent in the two-sided dialogue most innovations are building on.53 In terms of substance, the type of information that is gathered is limited by the purpose of the information exchange: Since the communication is taking place under the notion of regulatory guidance, issues that go

52 Which is above all indicated by the small number of employees deployed to the innovation hubs. In the EU, a number of regulators noted having difficulties in finding and retaining appropriate staff for effectively running an innovation hub (see Parenti (n 17 in Chapter 2) 34). 53 As shown above, some national and EU initiatives seek to include other stakeholder. Yet, these inclusions are mostly limited to a handful of meeting and are therefore shy of a full integration into the innovation hub and the regulatory process more generally.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

295

beyond the direct sphere of the regulator’s responsibility are not considered.54 Not least, it also makes them prone to neglect deeper questions about the underlying technology and its potential impact on the sector more broadly. Last, especially in the EU setting, the channel through which information gathered in the innovation hub can be translated into regulatory output is highly opaque and incomplete. First, regulators in the EU typically do not possess a high degree of discretion, leaving little room to directly act upon new information. Innovation hubs offer no direct remedy for the inflexibility that is typically inherent in the regulatory structure. Second, while innovation hubs mostly operate on the Member State level, regulation itself is primarily developed on the EU level, which means adaptions and responses to new challenges have to be initiated exactly there. This leaves the regulator running the innovation hub largely unable to act upon new information. This inability not only negatively affects the attractiveness of the innovation hub for firms, but also enhances their reluctance to share information or participate. Not being able to experiment with regulation leaves regulators running innovation hubs heavily reliant on observation-based learning and information provided from the industry side, finally depressing its informational benefits. While the ECB’s virtual lab does embrace experimentation with suptech solutions, it appears to remain a primarily internal platform for regulators (i.e. the ECB and NCA’s) and thereby falls short of reaping the informational benefits of experimentation.55 In addition to that, as research has shown, not having the possibility to put learnings into practice also has a negative impact on the incentive to gather information in the first place.56 Ultimately, innovation hubs give a positive signal of cooperation to the industry that—as far as one can tell—has been received with sympathy. To that extent, they can contribute to a more collaborative relationship, building the basis of the proposal for a new regulatory concept.

54 This problem has also been raised by EU regulators in Parenti (n 17 in Chapter 2)

34. 55 To the knowledge of the author, no public data on the experimentations and their outcomes in the virtual lab is available as of to date. 56 This applies to the incentive of the individual employees of the regulator. See Gailmard and Patty (n 3 in Chapter 1) 35ff.

296

C. RUOF

However, in terms of actual substance, their contribution to reducing the information gap appears to be rather limited.

3

Fintech Sandboxes

Over the past few years, regulatory sandboxes have gained a lot of attention, with more than 70 running and more announced globally now.57 The concept has been pioneered by the FCA’s regulatory sandbox in June 2016, still functioning as a boiler plate model for most sandboxes that were introduced subsequently. The sandbox concept is not unique to the financial sector. It has its origins in the IT industry, where it refers to a segregated, isolated environment for testing software to mitigate risks before introducing it to the market.58 Similarly to innovation hubs, sandboxes can be seen as a countermeasure to the post-GFC regulatory efforts that created barriers to entry for innovators, particularly fintech firms.59 They are usually implemented after an innovation hub and, as will be shown, are also typically associated with more substantial changes to the existing structure. While the regulatory sandbox is the standard model, more specialized versions of fintech sandboxes have emerged in recent years.60 This part will analyse the most relevant fintech sandboxes with a view to the Guiding Principles as well as their promise to reduce the information gap. I will start by introducing the basic model of the regulatory sandbox, using the FCA sandbox as a case study and take into account 57 See, e.g., Thomas F Hellmann, Alexander Montag and Nir Vulkan, ‘The Impact of the Regulatory Sandbox on the FinTech Industry’ (August 2022), Available at SSRN: https://ssrn.com/abstract=4187295, 2. Already as of Q2 2020, more than 70% have been created after 2018, indicating a growing trend. World Bank Group, ‘Global Experiences from Regulatory Sandboxes’ (World Bank 2020) 6. 58 World Bank Group, ‘Global Experiences from Regulatory Sandboxes’ (n 57 in Chapter 2) 5. Sandboxes have also been used in the health industry to identify and experiment with innovative tests and services (see World Bank (2020), p. 5.). Recently, the concept of sandboxes has also been tested in other sectors. For instance, recently the Singaporean Energy Market Authority (EMA) set up a regulatory sandbox to support energy innovations. See EMA, ‘Regulatory Sandbox—Regulatory Sandbox for Energy Sector Innovations’, https://www.ema.gov.sg/sandbox.aspx. 59 See Zetzsche and others, ‘Regulating a Revolution: From Regulatory Sandboxes to Smart Regulation’ (n 96); Allen, ‘Regulatory Sandboxes’ (n 205 in Chapter 3) 592. 60 For a classification of these models, see, e.g., Gurrea-Martínez and Remolina (n 50 in Chapter 3) 23ff or World Bank Group, ‘Global Experiences from Regulatory Sandboxes’ (n 57 in Chapter 3) 6ff.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

297

other relevant models when needed. Furthermore, I will look into the much less well-studied model of umbrella or industry sandboxes. 3.1

The Regulatory Sandbox

The regulatory sandbox is the original and still the most common model among fintech sandboxes. It refers to a controlled space in which firms can test and validate innovative products, services and business models, and delivery mechanisms with the support of an authority for a limited time.61 The support aspect manifests itself in ongoing engagement and is what differentiates the sandbox concept from simple regulatory waivers or exemptions. The ability of regulators to provide some sort of regulatory relief for the participants on the other hand makes the main distinction to the above-discussed innovation hubs. Often though, regulatory sandboxes are not standalone, but part of a broader innovation-oriented regulatory program.62 While the primary purpose of the regulatory sandbox is to promote innovation, another goal frequently mentioned—and of particular interest to this study—is the enhancement of regulators’ understanding of emerging technologies and business models, i.e. regulatory learning.63 3.1.1 Concept The regulatory sandboxes main goal is to encourage innovation by lowering the cost of entering the (regulated) market and allowing firms to test the viability of new products or services.64 If the product or service is economically viable, it is typically allowed to launch on the wider market, either under an existing licensing regime or an individual accommodation.65 Regulatory sandboxes can be seen as an advanced innovation hub, as in addition to the close guidance they both provide, it offers some 61 Ringe and Ruof, ‘Regulating Fintech in the EU: The Case for a Guided Sandbox’ (n 124 in Chapter 8) 607. 62 So the case, for example, with the ‘Project Innovate’ by the FCA or Singapore’s ‘Smart Financial Centre’. 63 For example, World Bank Group, ‘Global Experiences from Regulatory Sandboxes’ (n 57). 64 See also World Bank Group (n 57) 6 (there under the classification of ‘innovationor product focused sandboxes’). 65 See also UNSGSA (n 12) 28.

298

C. RUOF

flexibility with regard to regulatory obligations. Yet, on the other hand, regulatory sandboxes appear to be significantly more resource-intensive than innovation hubs, though the concrete costs vary strongly by the design of the sandbox.66 Due to these higher costs of sandboxes, the number of participants is relatively low, especially when compared with total engagements through innovation hubs.67 While there is heterogeneity across jurisdictions, regulatory sandboxes typically follow a common procedure: First, regulators review applications to the sandbox, most commonly based on their promise in terms of innovativeness but in some instances also on other criteria, for instance, their potential for increased competition, greater financial inclusion, or consumer benefit.68 Predominantly, regulatory sandboxes are not restricted to a certain type of fintech or technology. However, a notable special exception represents the ‘pilot regime for market infrastructures based on distributed ledger technology’69 in EU, which constitutes a sandbox specifically targeted at DLT-based services.70 Most sandboxes are generally open to regulated as well as unregulated entities, while their scope is typically limited by the jurisdiction of the respective regulator running the sandbox.71 Within the sandbox, the regulator can 66 See also ibid 31. According to there, one regulator had the equivalent of 10 fulltime staff supporting the sandbox function, while another had just one full-time staff member running the sandbox. According to World Bank Group, ‘Global Experiences from Regulatory Sandboxes’ (n 57) estimate the cost of running a sandbox ranging from $ 25.000 to $ 1 million (see on p. 20). On the resource-intensity of sandboxes vis-à-vis innovation hubs, see also Buckley and others (n 8) 58ff. 67 Buckley and others (n 8) 57f. 68 See, e.g., Lev Bromberg, Andrew Godwin and Ian Ramsay, ‘Fintech Sandboxes:

Achieving a Balance between Regulation and Innovation’ (2017) 28 Journal of Banking and Finance Law and Practice 314, 317ff. For an overview of the most commonly used eligibility criteria in the EU see Parenti (n 17) 32.table 1 (with bold country abbreviations referring to regulatory sandboxes). 69 Regulation (EU) 2022/858 of the European Parliament and of the Council of 30 May 2022. 70 For more on the DLT-sandbox, see, e.g., Dirk A Zetzsche and Jannik Woxholth, ‘The DLT sandbox under the Pilot-Regulation’ (2022) 17 Capital Markets Law Journal 212. 71 See also Ringe and Ruof (n 124 in Chapter 8) 607f with corresponding examples. There are also regulatory sandboxes that are targeted to a specific fintech application, such as the recently proposed DLT-Sandbox by the EU. See Wolf-Georg Ringe and Christopher Ruof, ‘The DLT Pilot Regime: An EU Sandbox, at Last!’ (Oxford Business Law Blog, 19

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

299

provide participants with various forms of regulatory relief, including partial authorizations to conduct specific activities, licensing exemptions, non-action letters, or a waiver from specific regulatory requirements.72 The flexibility in terms of providing relief is often limited by the amount of discretion the regulator running the sandbox is given by the legal framework.73 In the EU, that discretion faces further boundaries set by EU harmonization standards.74 In return for lifting certain regulatory burdens, regulators require participants to incorporate appropriate safeguards to insulate the market and consumers from potential risks of their innovative business. Often, the testing period is limited, either to a standard duration or an individual one, set on a case-by-case basis.75 Regulatory sandboxes are meant to provide an experimentation space for fintech firms. While supporting innovation and lowering market barriers is the core purpose of this exercise, a side effect of the close interaction between regulators and innovators is the enhancement of regulators’ understanding of innovations and novel technology, making the regulatory sandbox another promising tool to reduce the information gap. At the same time (yet to varying extents), regulatory sandboxes embody a form of principles-based regulation and consequently promote the principle of flexibility.76

November 2020), https://www.law.ox.ac.uk/business-law-blog/blog/2020/11/dlt-pilotregime-eu-sandbox-last. 72 For an overview of forms of relief, see Allen, ‘Regulatory Sandboxes’ (n 205 in Chapter 8) 623f; Zetzsche and others, ‘Regulating a Revolution: From Regulatory Sandboxes to Smart Regulation’ (n 96 in Chapter 7) 76f; Ringe and Ruof, ‘Regulating Fintech in the EU: The Case for a Guided Sandbox’ (n 124 in Chapter 8) 609f. 73 See also Gurrea-Martínez and 1286 (n 50) 24f. 74 Parenti (n 17) 34. Confirming this, the 2019 ESAs Joint report concluded that in

the EU; the established sandboxes ‘do not entail disapplication of regulatory requirements that must be applied as a result of EU law’ (ESMA, ‘FinTech: Regulatory Sandboxes and Innovation Hubs’ (n 16) 5). However, there remains some degree of flexibility in interpreting the laws, which national regulators can use within the sandbox. See Parenti (n 17) 34f. 75 See, e.g., Ringe and Ruof, ‘Regulating Fintech in the EU: The Case for a Guided Sandbox’ (n 124 in Chapter 8) 609. 76 In a similar vein, Allen, ‘Regulatory Sandboxes’ (n 205 in Chapter 8) 592.

300

C. RUOF

3.1.2 Case Study: The FCA Regulatory Sandbox and Beyond The FCA regulatory sandbox still constitutes the basic model and often blueprint for the huge majority of all sandboxes running to date. Irrespective of the concrete form or focus of sandboxes, regulators typically took the FCA’s model and adapted it to their needs or individual circumstances. By being the oldest operating sandbox, it also provides the broadest set of experiences on a yet infant phenomenon. The FCA launched its regulatory sandbox in June 2016 as part of its Project Innovate 77 , starting as early as 2014. Project Innovate is a broader initiative to encourage innovation in the financial sector and gave rise to inter alia an innovation hub and the regulatory sandbox.78 From its start, the sandbox had operated on a cohort basis with two six-month test periods per year. As of June 2021, six cohorts have been completed, amounting to a total number of 153 participants.79 In August 2021, the regulatory sandbox moved to an always-open-model, allowing firms to submit their applications throughout the year.80 Since this change, another 18 firms have been accepted into the sandbox. To that end, the FCA’s sandbox is by far the most used one. However, a large number of applications are regularly rejected: So far81 , the FCA received a total of over 550 applications but was only able to accept roughly 30%. To test in the sandbox, firms must submit an application setting out their eligibility based on, namely, their ability (i) to carry out or support financial services business in the UK, (ii) to offer a genuinely innovative product or service, (iii) to have an identifiable consumer benefit, (iv) to show a necessity for sandbox testing, and (v) to exhibit their preparedness to test.82 The FCA sandbox is generally open to incumbents and startups. Firms that are not consumer-faced (most importantly market support services/TPP’s) require a partner to test their service, which they have to find themselves before testing.83 Once accepted, firms in the sandbox may

77 FCA, ‘Regulatory Sandbox Lessons Learned Report’ (FCA 2017). 78 Bromberg, Godwin and Ramsay (n 68) 319. 79 See, https://www.fca.org.uk/firms/innovation/regulatory-sandbox. 80 See ibid. 81 As of June 2023. 82 FCA, ‘Regulatory Sandbox Lessons Learned Report’ (n 77). 83 See, https://www.fca.org.uk/firms/innovation/regulatory-sandbox-prepare-applic

ation.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

301

be provided with ‘sandbox tools’ to conduct the test within the regulatory framework. These include, (i) restricted authorization, (ii) rule waivers, (iii) individual guidance, and (iv) no enforcement action letters (or nonaction letters).84 Notably, especially the latter is unchartered territory for the FCA, not having used non-action letters prior to the sandbox.85 A dedicated case officer assigned to each firm in accordance with its needs and situation determines the application of these tools. The case officer maintains a close relationship with the firm and helps it understand how its innovative business models fit within the regulatory framework.86 The case officer also functions as a gateway point to broader expertise inside the FCA, facilitating engagement with subject matter experts from across the agency. Upon exiting the sandbox, firms are required to submit a final report highlighting the outcomes of the test. In May 2020, primarily as a result of the COVID-19 pandemic87 , the FCA supplemented its regulatory sandbox with a ‘digital sandbox’.88 There, it put the significance of data in the centre of its testing and added some interesting design features to the sandbox. First, the digital sandbox provides an API marketplace where digital service providers list and provide access to services via APIs. Second, it offers a collaboration platform to facilitate an ecosystem of key organizations that will provide support and input to digital sandbox participants—such as incumbents, academia, government bodies, venture capital, and charities. Ultimately, part of it is an observation deck—enabling regulators and other interested parties to observe testing, to inform policy thinking, provide mentorship, form partnerships, or simply to observe the process.89 The second 84 See, https://www.fca.org.uk/firms/innovation/regulatory-sandbox. 85 See FCA, ‘Regulatory Sandbox’ (2015), https://wiki.harvard.edu/confluence/dow

nload/attachments/204380235/FCA%20Regulatory%20Sandbox%20Announcement.pdf stating ‘We have not used this tool before, so we do not have examples of particular circumstances where these letters may be appropriate’ (available at https://wiki.harvard. edu/confluence/download/attachments/204380235/FCA%20Regulatory%20Sandbox% 20Announcement.pdf). 86 FCA, ‘Regulatory Sandbox Lessons Learned Report’ (n 77). 87 The main purpose of the digital sandbox was to provide enhanced support to

innovative firms tackling challenges caused by the pandemic. 88 https://www.digitalsandboxpilot.co.uk/features. 89 See https://www.fca.org.uk/firms/innovation/digital-sandbox

and World Bank Group, ‘Global Experiences from Regulatory Sandboxes’ (n 57) 38. For further information on the features, see, https://www.digitalsandboxpilot.co.uk/features.

302

C. RUOF

phase of the digital sandbox launched in 2021 and was themed around environmental, social, and governance (ESG) data and disclosures.90 To level up the digital sandbox offering, the FCA used industry engagement and brought in an Expert Advisory Panel of tech and finance bodies to support the evaluation process.91 According to the Kalifa Review’s recommendation, the FCA plans to establish the digital sandbox as a permanent part of their toolbox.92 The UK’s FCA is also taking the leadership role in the project of a global regulatory sandbox.93 In January 2019, in cooperation with other regulators94 , it created the Global Financial Innovation Network (GFIN). The GFIN was established to provide a platform for cross-border testing of fintech products.95 In its first testing phase, the GFIN accepted 8 firms (from 44 applications) to its Global Sandbox pilot.96 However, the pilot failed, and GFIN confirmed that it was unable to take forward any of the eight firms to begin the development of testing plans for their cross-border trials.97 This failure took place because none of the firms’ testing plans satisfied each jurisdiction’s criteria.98 While it is difficult to precisely extract the effects of the FCA’s regulatory sandbox99 , 90 See, https://www.fca.org.uk/firms/innovation/digital-sandbox. 91 See Deidre M Ahern, ‘The Role of Sectoral Regulators and other State Actors in

Formulating Novel and Alternative Pro-Competition Mechanisms in Fintech’ (2023) in Konstantinos Stylianou, Bjorn Lundqvist and Marios Iacovides (eds), Fintech Competition (Bloomsbury-Hart Forthcoming) 14. 92 Sir Ron Kalifa, ‘Kalifa Review of UK Fintech’ (HM Treasury, 2021) 34. 93 Gina Conheady, ‘Is Fintech Ready for a Global Regulatory Sandbox?’ (A&L

Goodbody, 27 November 2018), https://www.algoodbody.com/insights-publications/isfintech-ready-for-a-global-regulatory-sandbox. 94 The GFIN currently forms a network of around 50 regulators worldwide. For an updated list of member, see, https://www.thegfin.com/members. 95 https://www.fca.org.uk/firms/global-financial-innovation-network. 96 GFIN, ‘One Year On—The Global Financial Innovation Network Reflects on Its

First Year’ (2019) 9. 97 See GFIN, ‘Cross-Border Testing: Lessons Learned—The Global Financial Innova-

tion Network Reflects on the Cross-Border Testing Pilot’ (2020). 98 See ibid. For more, see, e.g., Sam Robinson, Susann Altkemper and Yasmin Kaur Johal, ‘The Regulatory FinTech Sandbox: A Global Overview’ (2020) 9 Compliance & Risk 10, 11. 99 This is does not only apply to the FCA’s regulatory sandbox: Despite the widespread adoption, there exists almost no micro-evidence on their effectiveness. (An exception

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

303

multiple indicators suggest that the sandbox met at least its purpose of supporting innovation. Namely, Project Innovate overall led to a faster time to market, with a 40 per cent reduction in application processing time reported.100 Moreover, a recent study by Cornelli et al. showed that firms entering the FCA’s regulatory sandbox see a significant increase of 15% in capital raised post-entry relative to firms that did not enter, while at the same time, their probability of raising funds in general is up by 50%.101 The authors account that this increase in funding is driven by a lower level of information asymmetry (of investors vis-à-vis fintech startups) inside the regulatory sandbox as well as reduced regulatory costs and uncertainty. Another recent study finds evidence of positive spillovers from sandbox entry in terms of subsequent birth and fundraising of high-growth start-ups at the industry level.102 However, regarding the reduction of information asymmetry, the pattern of investment inflow also suggests that a large part of the increase in funding does not occur due to gradual revelation of the firm’s quality. Rather, it suggests that the mere participation in the sandbox sends a signal on the quality of the firm, which investors respond to.103 A recent study supported this through its findings that next to ensuring regulatory compliance, boosting the firm’s reputation was identified as a key motivation to participate in the sandbox.104 Looking at the participants, it shows that around 50% of sandbox tests involved partnerships between incumbents and start-ups—a seemingly high number against the backdrop that the FCA provides no support for such partnerships.105 The FCA, however, believes that the increased certainty associated with participating in the sandbox can positively contribute to the formation of such.106 In makes Giulio Cornelli and others, ‘Inside the Regulatory Sandbox: Effects on Fintech Funding’ (BIS Monetary and Economic Department 2020)). 100 See FCA, ‘The Impact and Effectiveness of Innovate’ (2019) 5. 101 Cornelli and others (n 99). 102 No evidence was in contrast found for specific economic benefits for individual participants. See Hellmann et al. (2022) (n 57). 103 See ibid 5. 104 See Lauren Fahy, ‘Regulator Reputation and Stakeholder Participation: A Case

Study of the UK’s Regulatory Sandbox for Fintech’ (2021) 2021 European Journal of Risk Regulation 1, 5, 12f. 105 FCA, ‘The Impact and Effectiveness of Innovate’ (n 100) 5. 106 Ibid 19.

304

C. RUOF

effect, participating in the sandbox can make the smaller firm an attractive proposition to the incumbent they are seeking to partner with. On a broader level, the FCA’s regulatory sandbox also seems to have contributed to the UK, and more specifically London, emerging as a global fintech hub.107 While the UK has always been a financial hub, data on fintech funding shows that it was able to further strengthen its position in the last years wherein the sandbox most likely played a significant role.108 It remains unclear though if the direct effects of the sandbox or its positive (innovation-friendly) signal that it sends to the market played the bigger role.109 3.1.3 Assessment The regulatory sandbox, and in particular that of the FCA, constitutes a novel approach to the regulation of financial services on several levels. It takes a more supportive stance towards financial innovation (more precisely fintech), distinguishing it from the preceding post-crisis regulatory mindset. It very cautiously softens the traditional public–private divide by integrating more private parties into the regulatory process and establishing greater cooperation and coordination. From an informational perspective, the regulatory sandbox can be viewed as part of a shift in the relationship between regulators and regulated entities, providing a strong signal about the propensity of the regulator’s support of innovation and attracting firms that have been avoiding the regulated sphere.110 Just like the innovation hub, it embodies a more proactive and cooperative approach where fintech firms come to see the regulator as a beneficial institution capable to assist them in navigating the regulatory sphere and solving problems. Aside from the enhanced access to information this provides for the regulator, it also benefits the participating firm by way of the signal it sends to the market

107 Over the last decade, around 18% of worldwide funding for fintechs went to the UK, which is only topped by the USA (47%). Cornelli and others (n 99) 8. 108 The UK was able to increase its relative share of global fintech funding from less than 15% in 2010–2014 to over 20% for the 2015–2019 period. See Cornelli and others (n 99) 8. 109 Similarly, World Bank Group, ‘Global Experiences from Regulatory Sandboxes’ (n 57) 35. 110 On why this is a desirable property, see above at p. 219f.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

305

and to potential investors and consumers in particular. It shows that regulators are to a certain extend involved with the service and having at least allowed it for testing, which can be perceived as a ‘license light’. Especially in the early stage of a firm this benefit can be decisive, since building trust among consumers is a key part of a service’s future success. However, opposing opinions do exist. In particular, Buckley et al. see the contribution of the regulatory sandbox as being rather small, particularly because of its limited reach.111 Instead they promote the creation of innovation hubs which are able to reach a much larger number of firms. What their argument fails to consider though, is that in contrast to innovation hubs, the tools utilized in a sandbox enable it to not only identify, but to also solve regulatory problems. The flexibility offered by the sandbox and the corresponding space for experimentation arguably create a much stronger appeal compared to the innovation hub. Hence, its substance makes its contribution rather larger than that of the innovation hub. Furthermore, regulatory sandboxes address the inherent informational lag associated with (financial) innovation112 by providing a pre-market ‘transition’ space where information on new services or products can be gathered. This allows the regulator to already start the regulatory process concerning these innovations in a safe space with limited costs of failure. With respect to the Guiding Principles outlined above, the regulatory sandbox shows greater resemblances than the innovation hub. As a ‘safe space’, it explicitly encourages and provides room for experimentation, supporting learning, and the production of information. This experimentation is only taking place within several guardrails that ensure the mitigation of risks. At the same time, it does not defer (excessive) control to market participants, risking leaving the field to the industry. And, like the innovation hub, the regulatory sandbox can be understood as part of inviting stakeholder participation in the regulatory process.113 As it enables to lift some of the more concrete regulatory burdens, it constitutes a move towards a more principles-based regulation, bearing many advantages when dealing with fintech.114 It flexibilizes a certain 111 Buckley and others (n 8) 74. 112 On this lag, see above at p. 76ff. 113 Similarly, Fahy (n 104) 5 and Hanan Haber and Eva Heims, ‘Regulating with the

Masses? Mapping the Spread of Participatory Regulation’ (2020) 27 Journal of European Public Policy 1742. 114 On the advantages of principles when dealing with innovation, see at p. 232f.

306

C. RUOF

part of the regulatory framework and enables the regulator to act more in accordance with the individual firm and newest information. Concerning the FCA regulatory sandbox, it is also welcomed that a significant amount of resources are deployed to the task of understanding the respective innovation and collecting information about it. Meanwhile, the digital sandbox is a step towards technologizing the sandbox concept and including a higher level of transparency. Similar to the innovation hub, the proactive early-stage engagement that the sandbox offers can further mitigate the dangers of innovation being funnelled into the shadows away from the regulatory perimeter.115 Thus, in theory, the sandbox holds the promise of contributing to a more informed and hence more stable financial services sector while simultaneously being innovation-friendly, constituting a rare mixture in financial regulation.116 However, while the idea is promising, this part will show that the concept as well as its execution entail several shortcomings and design flaws, keeping it from unfolding its full potential. Ultimately, these shortcomings render it insufficient to mark a decisive shift in financial regulation to close the information gap and prevent regulatory mismatch. The first point of criticism concerns the current focus of the regulatory sandbox and its implications. Looking at the regulatory sandbox(es) as operated today, the experimental learning occurs rather incidentally, as a side effect of the promotion of innovation. The FCA sandbox is a tool with the primary goal of boosting innovation with lesser attention to financial stability or the production of information.117 While promoting innovation as a regulatory objective is valuable and necessary as a counterweight to the wave of post-crisis regulation, the concept of the regulatory sandbox has similar potential in contributing to financial stability and addressing the information gap. However, the sandboxes currently in operation fall short of reaching that potential. This could be changed with a clearer commitment to regulatory experimentation. One context in which this can be exemplified is the current use of tools within the sandbox. The core element of the regulatory sandbox is

115 Parenti (n 57) 23. 116 Yadav and Brummer (n 183 in Chapter 5) arguing that of three regulatory

objectives the regulator can at best achieve two. 117 A similar critique is offered by Allen, ‘Experimental Strategies for Regulating Fintech’ (n 116 in Chapter 5) 26.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

307

regulatory relief, a component making it attractive for (potential) participants. What the different sandbox tools for that purpose typically have in common is the aim of accommodating the fintech in the current regulatory framework, done primarily by way of waiving rules or slightly modifying them to fit the business model of the fintech.118 From an informational perspective, these sandbox tools are not optimal: Waivers can be granted on the basis of a preliminary understanding of the fintech’s risks as opposed to a thorough understanding of the business model, the underlying technology, and the broader implications for the sector. As of now, experimentation with the fintech centres around its commercial viability. Greater learning effects can, however, only be achieved with experimentation with new and better regulatory tools. There are other sandbox versions, in particular that in Singapore by the MAS, which are said to have a stronger focus on testing the fitness and adequacy of current regulation as opposed to the commercial viability of an innovative service.119 However, practically, there is no substantial difference between the two concepts, neither with regard to the sandbox tools nor with regard to the admission, testing practice, or the tools used.120 Hence, to improve the informational benefits, the regulator’s focus should be on improving the regulatory outcome as opposed to simply facilitating entry to the market and the regulatory framework.121 The goal of the exercise should not only be to ease unnecessary requirements and adapt existing rules to fit in the fintech, but to achieve the desired regulatory outcome in a more efficient, safe, and effective way. To that end, experimentation with alternative forms of compliance and especially technology-based solutions should be pursued as a matter of priority. Ideally, the regulator should 118 That is even more the case in other regulatory sandbox, where the sole or predom-

inant form or relief is waivers, sometimes even issued as class waivers like in the Australian sandbox. See, e.g., Bromberg, Godwin and Ramsay (n 68) 320ff. 119 Accordingly, the MAS sandbox is often categorized as a ‘policy testing sandbox’, as opposed to the FCA’s ‘product testing sandbox’. See, e.g., World Bank Group, ‘How Regulators Respond to Fintech Evaluating the Different Approaches - Sandboxes and Beyond’ (World Bank 2020); UNSGSA (n 12) 27; Gurrea-Martínez and Remolina (n 50) 24. 120 Similarly Gurrea-Martínez and Remolina (n 50) 24 and UNSGSA (n 12) 27. See also MAS, ‘Regulatory Sandboy Guidelines’ (MAS 2016), which show only minor differences to that of the FCA. 121 In a similar direction, Allen, ‘Experimental Strategies for Regulating Fintech’ (n 116 in Chapter 5).

308

C. RUOF

not only operate the sandbox as an overseer but also as a participant and actively engage, developing, and testing regulatory solutions. This form of active participation would further require (and promote) a much deeper level of understanding and hence reap the benefits of experimental learning to its fullest. Accordingly, the tools of the regulator should not be limited to granting relief from existing rules, but also include the freedom to achieve desired regulatory outcomes in innovative ways. For instance, the early-stage engagement that the regulatory sandbox provides would constitute a good opportunity for testing the integration of technological solutions into the fintech business model, making compliance an automated and integral part of its operation. Ideally, the sandbox could function as a platform where the regulator and regulates—in cooperation—can test those solutions and ultimately lay the ground for a PPP in financial regulation. In contrast, inserting these solutions into services once they have become operational on a larger scale will be far more difficult and more likely to result in unexpected side effects.122 Another shortcoming of the current sandbox models is its unsuitability to serve as a platform for the production of macro-level, systemic information about specific fintech services and fintech developments more broadly.123 Rather, the information that is produced by operating the sandbox is currently mostly limited to micro-level observations—a result of the scope of the sandbox124 , its purpose125 , and the time-limited testing period. One possible way to improve this would be to use the early-stage engagement for fostering a common infrastructure allowing for a real-time flow of information and supervisory data. This would provide further information, even after the sandbox period, and it would provide the regulator with a better and more accurate picture of the sector and ongoing developments. Also, as entities should remain part of the

122 See also ibid 29. 123 See also Omarova, ‘Dealing with Disruption: Emerging Approaches to Fintech

Regulation’ (n 960) 41 and Omarova, ‘Technology v Technocracy’ (n 2 in Chapter 1) 112. 124 That is, the sandbox is mostly limited to ‘novel’, ‘innovative’ services, determined by the regulator. The relatively small number of participants also limit its informational gains. 125 Meaning that if the sandboxes purpose is to facilitate market access, it mainly operates in a pre-market environment, where it is hard to draw any implications for the broader use of the service in the market.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

309

common infrastructure, information would keep being provided when the fintech matures. The regulator could access quality data on a real-time basis, raising the overall level of information, but also enabling to access granular micro-level information when necessary for immediate intervention. In this way, the sandbox could also generate important systemic information and ultimately contribute to enhancing financial stability. By instituting an API-based system, providing greater transparency, and allowing external parties to observe testing and draw information therefrom, the Digital Sandbox by the FCA can be viewed as a promising step in the right direction. The second major issue commonly being raised by other commentators concerns the eligibility and scope of the regulatory sandbox.126 The first problem in this regard is generally about the role of the regulator in determining access to a preferential regulatory environment to certain firms. The broadness of the selection criteria commonly used grants the regulator some sort of gatekeeper function which constitutes a major change compared to its typical (primary) function as an enforcer of rules.127 In the end, this could risk running against the purpose of promoting innovation because the regulator’s power to pick and choose might distort competition.128 In the long run, this picking and choosing would likely stifle innovation too and deprive the sandbox of some of its attractiveness for firms and therewith information benefit. From an informational perspective, an even more pressing problem associated with the eligibility concerns how specifically firms are selected for participation.129 In the FCA version of the sandbox, the foremost criterion for admission is that the service proposed for testing must bring sufficient innovation, making a real addition to the available services on

126 See, e.g., Zetzsche and others, ‘Regulating a Revolution: From Regulatory Sandboxes to Smart Regulation’ (n 96 in Chapter 7) 45f; Allen, ‘Regulatory Sandboxes’ (n 205 in Chapter 8) 598ff; Brian Knight and Trace Mitchell, ‘The Sandbox Paradox: Balancing the Need to Facilitate Innovation with the Risk of Regulatory Privilege’ (2020) 72 South Carolina Law Review 445, 454ff; Ahern (n 46) 359ff. 127 See also Ahern (n 46) 359. 128 See also Brian Knight and Trace Mitchell, ‘Done Right, Regulatory Sandboxes Can

Promote Competition’ American Banker (8 August 2019), https://www.americanbanker. com/opinion/done-right-regulatory-sandboxes-can-promote-competition. 129 Also critical to this aspect, Allen, ‘Regulatory Sandboxes’ (n 205 in Chapter 8)

626f.

310

C. RUOF

the market.130 This generally requires demonstration that the service in question is genuinely innovative and benefits consumers by meeting an unmet need or offering an existing service in a significantly improved fashion. One problem with the approach is the difficulty to determine whether, and to what extent, any fintech or service is truly ‘innovative’ and what—in contrast—is something old in a new dress, i.e. a purely supply-driven product.131 Making these judgements requires the regulator to (already) have a sufficiently extensive and deep understanding of the service in question. That problem becomes more acute given the impossibility to determine the function and the innovativeness of the service without understanding its technical features.132 Importantly, this not only bares the risk to lead to a false decision, but also jeopardizes the informational value of the sandbox. By requiring information about a firm for deciding whether to allow it access to the sandbox, the information that is only meant to be produced in the sandbox becomes a prerequisite for entering it. Not yet having benefitted from the information gained from experimentation, the decision is likely to be made based on insufficient and predominantly observation-based (or industry-provided) information. This preliminary often ill-informed judgement can provide a false sense of certainty regarding the functions and underlying technology of the service and hamper the learning process within the sandbox. Furthermore, the current selection criteria narrow the scope of the sandbox and hence are likely to leave players outside the scope which are yet important from an informational perspective.133 That is, focusing on the ‘innovativeness’ can especially neglect the impactful area of market support services that fulfil numerous back-office functions—just not by way of an ‘innovation’ like DLT or machine learning.134 Besides, false or misinformed judgements may further undermine the informational value of the sandbox sample. Given the prospect of regulatory relief, firms have 130 See above and Financial Conduct Authority, Eligibility Criteria, https://www.fca. org.uk/firms/regulatory-sandbox/prepare-application. The same criterion is also used by many other jurisdictions around the world (for an overview, see UNSGSA (n 46)). 131 See also, e.g., Allen, ‘Regulatory Sandboxes’ (n 205 in Chapter 8) 626. 132 This problem is also acknowledged by Omarova, ‘Dealing with Disruption:

Emerging Approaches to Fintech Regulation’ (n 106 in Chapter 7) 40. 133 Notably, the biggest constraint for broader participation in the sandbox is the resource constraints that regulators face. 134 In a similar vein, Enriques and Ringe (n 149 in Chapter 5) 388.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

311

an incentive to sell themselves as innovative, biasing selection towards those best at window dressing. Moreover, it makes the sandbox unable to capture quantitative developments in the sector, as a certain type of service becomes ‘disqualified’ by being already represented in it. Even more importantly though, the FCA regulatory sandbox also requires firms to show a consumer benefit. This requirement leads to further exclusion of firms providing back-office functions and therefore turns a blind eye to one of the main areas of change in the sector.135 To some extent, those firms are included through partnerships with sandbox participants, yet—by lack of support from the regulator136 —this can only cover a small fraction of what is happening in that area. To put these services on the regulatory perimeter more effectively and also encourage more firms to enter into partnerships, the regulator should support and provide a reliable regulatory framework for them.137 Effectively, this could extend the scope of the sandbox, provide for greater expansion and sharing of knowledge within it, and perhaps also safe resources on the side of the regulator.138 Last but not least, as the purpose of the sandbox is to facilitate market access, it is accordingly targeted at firms that potentially qualify for a license. It, therefore, fails to target players that are yet not captured by the regulatory framework, constituting one primary source of the information gap. This can be further complicated by sectoral limitations of a regulator, especially in a jurisdiction where the regulatory structure follows the institutional model, raising questions of sandbox jurisdiction (potentially also in distinction to other sandboxes).139 In sum, the current selection criteria appear to be unfit for the regulatory sandbox in its function of addressing the information gap.

135 See above in Chapter 6 Sect. 2.1 and 2.2. 136 See above at p. 272. 137 Such a framework should clear up questions around allocation of responsibili-

ties, supervision competences, and liability. See in greater detail Enriques and Ringe proposing a ‘mentorship regime’ to provide for this. See also Zlil Levin, ‘Fintech Startups and Incumbent Players Series - Designing a Regulatory Sandbox’ (Oxford Business Law Blog, 14 May 2020), https://www.law.ox.ac.uk/business-law-blog/blog/2020/05/fin tech-startups-and-incumbent-players-series-designing-regulatory suggesting to supplement the regulatory sandbox with such a mentoring regime. 138 Ibid. 139 On the differences in regulatory modes, see on p. 47f.

312

C. RUOF

Therefore, to make the sandbox not only a useful promoter of innovation but also to maximize its information production, the scope of the sandbox should be extended. To further the participation principle to its fullest extent, the goal should be to maximize the number of participants, while maintaining a high diversity among them. Ultimately, a more accessible sandbox regime could reach more actors and therefore enable greater data availability and further reduce the information gap.140 Importantly though maximizing participation is only fruitful, as long as it does not deteriorate the quality of the sandbox, i.e. the oversight and experimentation practice. Regulatory resources are still limited so that they should be allocated to their best use, which in this context would mean where they yield the greatest information gains. From this follows that participation should be decided on primarily with a view to the informational attractiveness of the firm and the extent to which the regulator could benefit from collaboration and experimentation. Notably, a larger scope would necessarily be associated with higher costs. While this concern can to an extent be addressed with the help of two other Guiding Principles—namely automation and decentralization—it remains a considerable factor. Yet, given the importance of the task and the costs that can potentially result from regulatory mismatch, the investment would most likely pay off. When it comes to the part of translating new information into regulatory output, regulatory sandboxes can and in fact appear to drive regulatory change. The current model, however, entails certain barriers to make newly produced information truly fruitful. According to a survey in 2019 conducted by the World Bank Group, over 50% of (responding) authorities reported that results from their respective regulatory sandbox led to some sort of regulatory change, underpinning its value in updating regulation and overcoming regulatory inertia.141 However, often these changes have been rather minor, including inter alia updated guidelines, common standards, or enabling a service to take place digitally.142 While certainly being an improvement compared to the traditional regulatory approach, this is still far away

140 Similarly, Tsang (n 20 in Chapter 6) 375. Possible ways of extending the sandbox will be discussed below at 4.c.2.a). 141 World Bank Group, ‘Global Experiences from Regulatory Sandboxes’ (n 57) 26. 142 See also ibid 26f with further examples.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

313

from reaching its full potential and being sufficient to prevent regulatory mismatch. One barrier to translate new information into regulatory output is linked to the limitation of available tools and the aim of the sandbox to reconcile the innovation with the existing regulatory framework. A more consequent move towards the application of principles could reduce the status quo basis and provide more room to incorporate new information in the sandbox practice. To date, however, the tools find their limits in the existing laws applied by and the power given to regulators.143 Significant changes to the practice of the regulator mostly require changes in the legal framework, hence the involvement of the legislature.144 This typically constitutes a long and cumbersome process which is difficult to square with the speed of change in the sector.145 Even in jurisdictions where the regulator enjoys relatively broad discretion, the feedback-loop is still highly limited by the enabling statutes.146 Therefore, to embrace effective flexibility, the regulator needs to be given a sufficient amount of discretion to be able to directly incorporate freshly produced information into its regulatory practice. Lastly, the experimentation does not always have end with the expiration of a certain period after which the firm either has to comply with the regular rulebook or will not be able to (continue to) operate its business.

143 This is certainly even more true in the case of EU regulatory sandboxes, where the individual regulators only have very little space for experimentation. This is also exemplified by the Dutch regulator, see DeNederlandscheBank and AFM, ‘More Room for Innovation in the Financial Sector - Market Access, Authorisations and Supervision: Next Steps’ (DNB and AFM 2016). 144 The degree to which this is the case also highly varies among jurisdictions. Some regulators, such as the MAS enjoy broader discretion and are given more freedoms in adapting regulation (see generally Ahern (n 46) 374 referring to ‘tailor-made sandboxes’ or, with regard to the powers of the MAS, Gurrea-Martínez and Remolina (n 50) 24 fn. 93). Notably, Taiwan in its Financial Technology Development and Innovative Experimentation Act from 2018 provided its regulator with extensive discretionary powers when dealing with innovation (see Jin-Lung Peng and Chen-Yun Tsang, ‘FinTech Regulation and A Review of Taiwan’s Financial Regulatory Sandbox Mechanism’ (2019) 38 Management Review 89, 98). In contrast to that, in the EU national regulator do not enjoy much discretionary powers (see fn 1222). 145 See above on p. 76ff. and 192ff. This issue is again particularly severe in the EU and its multi-layered legal system. For the challenges that poses for regulatory sandboxes see Ringe and Ruof, ‘Regulating Fintech in the EU: The Case for a Guided Sandbox’ (n 124 in Chapter 8) 620ff. 146 See also Peng and Tsang (n 144) 98.

314

C. RUOF

Instead of a clear (and arbitrary) cut, there should be a more flexible transition; the exact form of which should be informed by the (preliminary) findings of the testing.147 Put differently, experimentation should turn into stability, and principles can move towards rules, once a sufficient level of information is gained and an appropriate regulation has been found. Having analysed the regulatory sandbox, primarily on the basis of the FCA’s model, including its informational implications and shortcomings, I will now turn to a type of sandbox that was also developed by the FCA but did not overcome the concept stage. Yet, it entails certain interesting features that have the potential to address some of the regulatory sandbox’s shortcomings. 3.2

Umbrella Sandbox

Another concept that was circulating around the time when the FCA introduced its regulatory sandbox was that of a so-called umbrella sandbox—a private sandbox set up by the industry.148 The concept was also developed by the FCA, which, in the same paper that introduced the regulatory sandbox idea, suggested setting up a non-profit company by the industry to act as a sandbox umbrella that allows unauthorized innovators to offer their services under its shelter as appointed representatives.149 The umbrella company would be authorized and supervised by the FCA, but at the same time, it would be responsible for its representatives. More specifically, it would assess applications to the umbrella sandbox and monitor the compliance of participants.150 In the concept as outlined by the FCA, the distribution of tasks would be as follows: The industry would set up an umbrella company that decides which representatives to take under its shelter and subsequently be responsible (and liable) for their conduct (and misconduct). The regulator would primarily oversee and regulate the umbrella entity like any 147 The DFSA’s regulatory sandbox in Dubai arguably offers an improvement in this context: In the example of Sarwa, a sandbox participant, the DFSA worked with the firm to understand its operating model and then developed the appropriate regulation to allow its entry into the market. See World Bank Group, ‘Global Experiences from Regulatory Sandboxes’ (n 57) 27. 148 FCA, ‘Regulatory Sandbox’ (n 85). 149 Ibid 13. 150 Ibid.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

315

other regulated entity on the market. Concerning the testing inside the sandbox, it would rather function as a ‘coach’, providing ongoing support and advice primarily through its innovation hub.151 It would also act as a ‘guardian of the guardian’, ensuring proper oversight of the umbrella company over the testing activities.152 Comparing that to the regulatory sandbox, the regulator’s role was hence thought to be much more passive. In April 2016, the FCA proceeded on the idea, inviting consultation from a Fintech membership organization to explore the feasibility of such a concept.153 However, in the course of this consultation, the idea was watered down to a concept resembling an incubator, rather than a sandbox. The definition agreed upon in the Consultation Report envisioned a common platform on which participants could share resources and data and test their products in an off-market setting.154 The role of the regulator, on the other hand, was mostly left aside. A living example for this concept (in its version of the Consultation Report) constitutes the Boston Fintech Sandbox, which was started by a group of fintech entrepreneurs and investors in Boston, primarily with the aim of addressing the high cost and inaccessibility of data for fintech start-ups.155 While details with regard to the concrete design have not been outlined, the general idea of the sandbox umbrella as initially brought forward by the FCA entails certain interesting features. As shown above, one major barrier to the sandbox reaching its full potential is its lack of scalability and resource constraints on the regulator’s side. At the sandbox umbrella however, most of the actual testing activity is performed without the direct involvement of the regulator. Rather, these tasks are largely outsourced to the umbrella entity, whereby showing clear resemblances with the decentralization principle. Given that not only one but multiple umbrella companies could be set up, it could theoretically 151 See ibid. 152 The FCA does not specify though how that oversight would look like in detail. 153 Innovate Finance, ‘Industry Sandbox Consultation: A Development in Open Inno-

vation’ (9 May 2017) 4, https://issuu.com/innovatefinance/docs/industry_sandbox_cons ultation_repor. 154 See also Tsang (n 20 in Chapter 6) 387f. The definition described the concept as ‘a shared off-market development environment where developers of FinTech solutions can access data, technologies, and services from different providers in order to validate innovative ideas or address common industry challenges’. 155 See, https://fintechsandbox.org/what-we-offer.

316

C. RUOF

confer almost156 unlimited scalability to the sandbox concept.157 This could significantly widen the scope of participants and bring in a broader range of information. At the same time, it would free up resources that the regulator can allocate to the production of systemic information and macroprudential oversight. The scalability of the umbrella sandbox concepts could also enable an ecosystem in which the umbrella companies oversee homogenous groups of firms, ensuring optimal information production, incentive structure, and compliance with rules.158 In such a decentralized setting, the regulator would need to ensure that it is fully integrated into the information flow. More specifically, it would need to place itself in the centre of the system, making sure all information is channelled through it. Otherwise, it would be impossible for the regulator to maintain a full picture and—most importantly— to produce systemic information. The sandbox umbrella could further be attractive for market support services which by the nature of their service need a regulated entity for testing. These are, as shown above, currently neglected by the regulatory sandbox model, targeting primarily consumer-faced innovations and offering no support of partnerships.159 However, in the concept as proposed by the FCA, scalability comes at the full expense of any regulatory involvement. The concept neither envisions any form of regulatory flexibility inside the sandbox nor would the FCA have any intervention powers with regard to the representatives. Given the lack of regulatory involvement, it also falls short of any (regulatory) experimentation. This means, the potential informational gains from it hence comes exclusively from observational learning and externally produced information. Also with respect to the commercial experimentation, the regulator does not have any role. However, when seeking to solve any problems of interest for the regulator by way of experimentation, it would require at least some sort of coordinating role. Due to the incentives of private market participants, a source of external motivation

156 The limits arise due to the regulatory involvement that is still—even to a lower extent—necessary. 157 Going back to the decentralization principle as outlined above, the umbrella companies would function as the ‘nodes’ of the regulatory structure. 158 See above at p. 251. 159 See above at p. 272.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

317

is typically needed to guide activity in the desired direction. The regulator could facilitate this, for instance, by convening key industry actors together in one location and setting an agenda for them.160 Overall, the concept of the sandbox umbrella adds a decentralization element to the regulatory sandbox, holding the promise to yield broader participation and information gains. Yet, unfortunately, such decentralization comes at the expense of regulatory involvement. A response to fintech that seeks to address the information though needs to entail both of these elements.

4

Supervisory Technology (Suptech)

The last part on the menu of regulatory responses concerns the technologization of regulation and supervision. Suptech solutions emerged to address the challenges brought by fintech but also to improve financial regulation and supervision more generally. In this study, the term suptech is used to refer to the use of innovative technology, especially based on big data analytics and AI, by supervisory agencies to support supervision.161 In that sense, suptech seeks to harness those technologies that drive innovation in the private sector for regulatory purposes. In other words, it can be described as ‘regtech for regulators’162 , being the mirror image of the corresponding trend in the industry.163 As true for financial services, the use of technology is not new in the field of supervision. Various technology-based solutions have been adopted by supervisory authorities in the past to improve the efficiency of supervisory processes and activities.164 A recent paper by the BIS has categorized the use of technology in supervision into four distinct categories, whereby the category one and two—(1) data management and descriptive analytics and (2) digitization and automation of certain manual processes in the data pipeline—concern the digitization of certain manual processes. What

160 See also Robert B Ahdieh, ‘The Visible Hand: Coordination Functions of the Regulatory State’ (2010) 95 Minnesota Law Review 578, 637ff. 161 Similarly, Broeders and Prenio (n 183 in Chapter 8) 1. 162 See Barefoot (n 59 in Chapter 7) 28. 163 See above at p. 129ff. 164 See World Bank Group, ‘From Spreadsheets to Suptech Technology Solutions for

Market Conduct Supervision’ (World Bank 2018) 3.

318

C. RUOF

is here referred to as suptech though comprises categories three and four, covering primarily (3) big data architecture and (4) the use of AI.165 Broadly, suptech can currently be found in two areas of application, namely data collection and data analytics.166 Within data collection, suptech is used for e.g. reporting, data management, or virtual assistance. Data analytics on the other hand includes for instance tools for market surveillance and macroprudential oversight.167 Compared to its industry counterpart, developments in suptech are quite lagging behind. Whereas regtech is widely used by market participants, suptech is still at an early stage of exploration.168 However, driven not only by the need to adapt to a changing market environment but also by the challenge to assess and manage the increasing amount of information being provided by financial institutions169 , the openness of regulators towards suptech solutions has been continuously increasing with a marked take-off in 2019.170 Recent data has shown that the COVID-19 pandemic further boosted investment by regulators in suptech.171 This boost was in part made necessary, 165 See di Castri and others (n 174 in Chapter 8) 1: ‘The first generation involves data management workflows with intensive manual input, and mostly delivering descriptive analytics. The second generation digitises and automates certain manual processes in the data pipeline. The third generation covers big data architecture whereas the fourth generation involves the addition of AI as the defining characteristic. Suptech straddles the third and fourth generations.’ 166 A good overview on current suptech applications, in particular in the USA, can be found at Allen (2023) Suptech (n 34 in Chapter 8) 27ff. See also CCAF (2022) SupTech report (n 92 in Chapter 7) 64ff. for a more global overview in the form of case-studies. 167 See Broeders and Prenio (n 183 in Chapter 8) 5. 168 See Broeders and Prenio (n 183 in Chapter 8). Among the initiatives analysed by

di Castri and others (n 174 in Chapter 8) 14 less than a third were operation, with the majority still either at experimental or development stage. 169 See Chapter 6 Sect. 4. 170 See di Castri and others (n 174 in Chapter 8) 14 also putting forward potential

reasons this lag: ‘Aside from a deliberate strategy to sequence and pace IT upgrades gradually, the reasons for the relatively late embrace of suptech may be ascribed to (i) concerns among financial authorities about the uncertain value and risks of suptech; (ii) resource constraints; and (iii) a limited product offering for suptech solutions from a small pool of specialised technology vendors. The inertia inherent in legacy IT systems is another factor.’ Also, UNSGSA (n 12) 35. 171 See CCAF (2022) SupTech report (n 92 in Chapter 7) 23. Indicative of this trend is inter alia the 7.9% expenditure increase of the ECB reflecting the onboarding of new IT systems for banking supervision. See Simone Di Castri, ‘Powering the paradigm shift in financial supervision: the Cambridge SupTech

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

319

as on-site supervisory activities and interactions with financial institutions had to move online.172 The promises typically associated with suptech are better data collection and analytics, and—more generally—cost savings in regulatory/ supervisory processes and better allocation of regulatory resources.173 From an informational perspective, these are important factors. Automating and streamlining repetitive processes free up resources and personnel for assessing innovation, regulatory experimentation, and the production of systemic information. Perhaps even more important are the substantial improvements in data collection, which are an inevitable factor in addressing the information gap. However, the potential of suptech does not stop there. As this section will show, suptech could be utilized to create an infrastructure, on which the new approach is based. In that context, suptech is given an enabling role with regard to the Guiding Principles. Moreover, suptech holds the promise to fundamentally transform how regulation is done. By opening up possibilities to instantaneously translate information into regulatory output, it could play a decisive role in addressing the pace of the sector. Even more so, integrating suptech with regtech solutions of financial institutions could contribute to overcoming the regulatory mismatch and turn regulation from a backwards-looking exercise into a proactive process. This section will proceed by first elaborating on the potential of suptech in building an infrastructure for the new approach, drawing on currently developed or operating suptech solutions. Subsequently, it will discuss a more concrete suptech tool that holds the potential to substantially improve the regulatory practice, namely machine-readable and executable regulation.

Lab Innovation Leadership Programme’ (Cambridge SupTech Lab Blog, 29 June 2022), https://lab.ccaf.io/blog/powering-the-paradigm-shift-in-financial-supervision-thecambridge-suptech-lab-innovation-leadership-programme/. 172 See CCAF (2022) SupTech report (n 92 in Chapter 7) 23. 173 See, e.g., Toronto Centre (n 181 in Chapter 8) 4. Or Broeders and Prenio (n 183

in Chapter 8) 16f.

320

C. RUOF

4.1

Infrastructure Suptech

First, this section will review certain suptech applications that hold the promise to lay the infrastructure for a new regulatory structure. These include API architecture, real-time reporting, and data-pull approaches.174 4.1.1 API Architecture and Real-Time Monitoring To overcome the problems associated with traditional ways of regulatory reporting and monitoring, some regulators have introduced API-based solutions to collect data from supervised entities.175 One of the most ambitious attempts comes from the Philippian Central Bank (Bangko Sentral ng Pilipinas (BSP)). The BSP, with the support of the Regtech for Regulators Accelerator, has developed a prototype for an API-based data input approach to extract regulatory reports directly from banks176 , constituting a fundamental reengineering of BSP’s prudential reporting system. More specifically, the API establishes a direct (machine-to-machine) channel to the supervised entity, enabling the transmission of information without the need for human intervention.177 As opposed to filled-out templates, the system of the supervised entity directly transfers raw data into the system of the BSP. This permits the transfer of a much larger volume of data in almost realtime.178 Correspondingly, it makes the BSP capable of accommodating more granular data and more frequent submissions from supervised institutions via the API. It also increases the efficiency of data flow: In the case of the BSP, sending raw data cut the total number of submitted

174 Certainly, there are several other applications that could fit into this category. The three taken here are selected, as they are deemed most relevant with a view to their potential of addressing the information gap. 175 Namely, according to the R2A solution tracker, 11 regulators are currently working with, or experimenting with some form of API solution. 176 See Broeders and Prenio (n 183 in Chapter 8) 7. The context of its development can be found at Simone di Castri, Matt Grasser and Arend Kulenkampff, ‘An API-Based Prudential Reporting System for the Bangko Sentral Ng Pilipinas (BSP)—R2A Project Retrospective and Lessons Learned’ (BSP 2018) 4. 177 Di Castri, Grasser and Kulenkampff (n 176) 13. 178 See Simone di Castri, Matt Grasser and Arend Kulenkampff, ‘Financial Authorities

in the Era of Abundance—RegTech for Regulators and SupTech Solutions’ (BFA 2018) 34.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

321

data points from~107.000 to~50.000, eliminating duplicated and calculated fields.179 The submitted raw data is subsequently being processed by a system at the BSP, flagging specific anomalies. The API thereby ensures a uniform reporting scheme, which allows for faster and more accurate processing.180 For the industry side, the API infrastructure with established data channels would save compliance costs for the supervised institutions181 and is also likely to make submitting applications for new products or services easier.182 Data (especially in its raw form), however, does not equal information, but first needs to be processed and made digestible for the regulator.183 Given the quantity, complexity, and density of data, transforming raw data into intelligible information gains importance.184 For that purpose, the BSP uses a visualization software that allows the data to be presented in a more meaningful and comprehensible way in the form of charts, graphs, and dashboards in near-real-time.185 Performance indicators allow the BSP to have a real-time overview of the conditions of supervised institutions in the sector (real-time risk monitoring).186 Besides the BSP’s processing system, several other examples perform similar functions and yield useful insights. The ASIC, for example, uses a tool by IBM for data and network visualization to represent temporal, associative, and causal relationships from structured data sources.187 The

179 Di Castri, Grasser and Kulenkampff (n 176) 14. 180 In terms of speed, processing time has been reduced from over 30 minutes to just

10 seconds. See di Castri, Grasser and Kulenkampff (n 176) 34. 181 Tsang (n 20 in Chapter 6) 395. 182 See also Hee Jung (n 202 in Chapter 5) 278. Since there is no data on industry

experiences this has yet to be shown. 183 That of course foremost applies to the case where human judgement is needed and lesser in fully automated tasks (which would come with different issues). 184 This is deemed as among the primary challenges for implementing a regtech-suptech system by Barefoot (n 59 in Chapter 7) 42f. 185 Di Castri, Grasser and Kulenkampff (n 176) 35. 186 UNSGSA (n 1248) 35. 187 See Broeders and Prenio (n 183 in Chapter 8) 9 from that, the ASIC, using a suptech platform tool (MAI) for market surveillance, which provides data feeds from all Australian primary and secondary capital markets for equity products in real time. However, as the capital market constitutes a rather different application case with different characteristics, this is not being dealt with further here.

322

C. RUOF

Netherlands Bank (DNB) experiments with transforming (raw) data into logical indicators, e.g. traffic lights and dashboards,188 while the Bank of England and the ECB use ‘heat maps’ to highlight potential financial stability issues.189 A promising concept further comes from the MAS, which is developing a supervisory dashboard that simplifies data and provides supervisors with ‘at-a-glance’ visibility of the health of participating financial institutions. At the same time, it enables comparison of performance between different entities and peer groups, sends alerts in the case of significant changes of indicators, and allows drilling down to gain deeper insights on certain risks.190 While efficiency gains and costs savings are to be welcomed, from an informational perspective the real potential of the API-based architecture as brought forward by the BSP lies elsewhere. First and foremost, it enables the regulator to establish a channel to every entity on its radar, creating a network of all (primarily) regulated institutions. In the API infrastructure, the regulator could then closely supervise the entire population of regulated entities rather than just a selected number.191 This network could be further extended to also include TPP’s operating in the shadows of the regulated institutions. This could be enabled by establishing an API link at the regulated institutions which would then function as the gateway to the TPP, integrating it into the network. Not least, it seems conceivable to allow other stakeholders to connect to the API to enhance participation in the network. A network as such could generate more efficient information flows across various stakeholders and ensure that supervisors have access to the full range of data and information needed for sound regulation.192 Second, using an API architecture, the regulator would not be (or not as much) dependent anymore on manual reporting processes. This would not only strongly improve information gathering but also enable the regulator to manage the number 188 See ibid. 189 See ibid 13. 190 Ibid. 191 See also Micheler and Whaley (n 145 in Chapter 2) 358f. and more generally Susan C Morse, ‘Government-to-Robot-Enforcement’ (2019) 2019 University of Illinois Law Review 1497, 1520. 192 A comparable use case is envisioned by World Bank Group, ‘From Spreadsheets to Suptech Technology Solutions for Market Conduct Supervision’ (n 164) 5. See also Micheler and Whaley (n 145 in Chapter 2) 358.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

323

of entities, even when expanding the regulatory radar to the TPP’s and other entities currently operating in the shadows. The established channels in combination with real-time visualization of data and risk monitoring would keep the regulator always up to date. A comprehensive and real-time sector overview, as exemplified by the MAS visualization tool, would further enable the regulator to identify shifts and emerging risks, i.e. improve and simplify the production of systemic information. Ultimately, an API infrastructure could turn a closed and horizontal regulatory framework into a platform-like architecture that enables interoperability, modularity, and flexibility.193 These are the elements that hold the potential to enable experimentation in a decentralized environment. 4.1.2 Data-Pull Approach One promising feature that the API infrastructure could be supplemented with is ‘data-pulling’. This refers to a reporting framework in which the regulator ‘pull’ data directly from the IT systems of supervised entities as opposed to the traditional ‘push’ systems, where regulated institutions submit requested data.194 Thereby, the regulator assumes the task of standardizing the data and transforming it into desired reports when the data is already in its own database.195 One of the first and most comprehensive data-pull approaches comes from the Rwandan central bank (BNR), which implemented such a system in 2017.196 The system is based on an infrastructure that is comparable to that of the BSP, yet not as encompassing.197 The BNR uses an electronic data warehouse (EDW) to pull data directly from the IT systems of more than 600 supervised financial 193 See also Barefoot (n 59 in Chapter 7) 15. 194 See also FSB, ‘The Use of Supervisory and Regulatory Technology by Authorities

and Regulated Institutions - Market Developments and Financial Stability Implications’ (n 69 in Chapter 5) 32f. 195 Broeders and Prenio (n 183 in Chapter 8) 25; Toronto Centre (n 181 in Chapter 8) 5; di Castri and others (n 174 in Chapter 8) 12. 196 Toronto Centre (n 183 in Chapter 8) 5; Broeders and Prenio (n 183 in Chapter 5) 6. Background to the initiative can be found at Wilson Kamali and Douglas Randall, ‘Leveraging “Suptech” for Financial Inclusion in Rwanda’ (Private Sector Development Blog (World Bank Blogs), 8 June 2018), https://blogs.worldbank.org/psd/leveraging-sup tech-financial-inclusion-rwanda. Other jurisdictions testing such approaches (however at an earlier stage or smaller scale) are Australia, Austria, Italy, New Zealand, Philippines, Singapore, and the UK. 197 UNSGSA (n 12) 35.

324

C. RUOF

institutions.198 Data-pulling is done automatically every 24 hours or, in some cases, every 15 minutes. For other data, the frequency is monthly. If data do not meet certain quality standards, they are rejected and an automatic alert is sent to bank examiners within the BNR and the supervised institution.199 In the process of setting up this system, each participating entity was required to write data scripts that would synchronize the data system of the central bank to that of its own system. The approach is meant to generate operational efficiencies and improve the quality of reporting and data collection. The new richness of data also allows the BNR to adapt its supervisory processes following insights drawn from it and allocate supervisory resources more efficiently.200 From a financial institution’s viewpoint, this concept presumably reduces the need for compliance personnel to manually construct and send reports as well as errors and inconsistencies often associated with this process, effectively reducing compliance costs.201 Aside from the obvious efficiency gains and freeing up of regulatory resources202 , supplementing the API architecture with a data-pull approach could on several levels support the Guiding Principles for a new approach. First of all, it would reinforce the benefit that was already associated with automated reporting in the API architecture, namely improved information gathering. Being able to pull data on demand directly from the IT system of supervised institutions would effectively grant regulators additional examination powers, enabling them to investigate certain incidents (theoretically) without the need for getting the entity in question directly involved. This has great potential with regard to the implementation of the Guiding Principles. Namely, it would further reconcile decentralized experimentation with the need to maintain close oversight. Utilizing the above-described visualization tools, the regulator maintains an overview similar to a pilot in a cockpit. For instance, in case of an alarm or incident, the regulator could then zoom in to the respective institution or event and instantaneously pull the desired

198 See Broeders and Prenio (n 1155) 7 where more information about the technical details of the approach are provided. 199 Ibid. 200 See also Kamali and Randall (n 196). 201 See also ibid. 202 Similarly, Tsang (n 20 in Chapter 6) 395.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

325

information directly from the source, putting it into the position to timely react if necessary. It could closely oversee the nodes that perform certain tasks in the experimentation, being alarmed in case of anomalies. Importantly, outcomes of the experimentation could be observed and—if necessary—corrected in a swift manner, which would not at least give greater scope for trial-and-error.203 At the same time, pulling data would erase the necessity to rely on the institution to provide (and present) desired information, significantly reducing the scope for regulatory capture and arbitrage. The ability to zoom in could not only be useful in the case of an alarm. The regulator could also pull data from new innovative players in order to gain first-hand information about their business model and potential risks. Fintech start-ups could be ‘pluggedin’ to the network through the API once they enter the market (or participate in experimentation) and be followed throughout their maturation. The regulator would be able to closely monitor developments in the market, while always being able to drill deeper into aspects that are of interest. Ultimately, supplementing the API architecture with a data-pull approach would further enhance its information-gathering capabilities and strengthen the stability and resilience of the (decentralized) system. 4.2

Suptech Tools: Machine-Readable and Executable Regulation

While the previous part set the basis for improved information gathering, this part concerns more (but not exclusively) the part of ‘actingupon’ information, i.e. the regulatory output. More specifically, various specific suptech applications seek to improve specific parts of regulation, or regulation more generally. To date, those applications are primarily focused on, for instance, fraud detection and AML as well as regulatory reporting.204 These developments not only make sense against the backdrop of massively increasing (post-crisis) reporting requirements and data production by financial institutions but also in light of the structural shifts in the sector205 : 203 That is because failures or harmful events are typically less costly to correct, the more recent they occurred. 204 See, e.g., di Castri and others (n 174 in Chapter 8) 10. For an overview of existing suptech applications, see, e.g., Broeders and Prenio (n 183 in Chapter 8). 205 See above in Chapter 6.

326

C. RUOF

This part takes a closer look at one concrete example that forcefully showcases the potential of suptech: machine-readable and executable regulation (MRER). In this approach, regulators issue regulation as programming code that can be assimilated immediately by supervised entities’ operational systems without the need for a human to interpret them.206 In one further step of automating regulation, machine-readable regulation is also being self-executed (machine-executable).207 While its development is still at a very early stage, MRER is likely to play a key role in the future of financial services regulation and has the potential to fundamentally alter its dynamics. At the same time, it is an example of successful suptech-regtech collaborations, potentially functioning as a blueprint for more collective regulatory experiments in the future. MRER is an area that both showcases the potential of technological solutions in financial regulation and constitutes a field where suptech and regtech interact. 4.2.1 MRER Pilots In 2017, the FCA and the Bank of England have begun experimenting with machine-readable and executable regulation by launching a TechSprint event.208 During the two weeks of the event, participants (consisting of FCA and BoE employees as well as representatives from the private sector) coded a small subset of reporting rules from the FCA as well as the PRA handbook into a language that machines can read as well as execute by pulling the relevant information directly from the supervised entity.209 The experiment worked, as the program yielded a correct report in just ten seconds.210 Participants also successfully simulated a rule change in the handbook in real-time which was automatically executed by

206 See Toronto Centre (n 181 in Chapter 8); Broeders and Prenio (n 183 in Chapter 8). 207 Di Castri, Grasser and Kulenkampff (n 179) 22; Barefoot (n 913) 62. 208 See FCA, ‘Previous DRR Phases’ (FCA, 18 July 2018), https://www.fca.org.uk/

firms/our-work-programme/pilot-updates. 209 World Bank Group, ‘From Spreadsheets to Suptech Technology Solutions for Market Conduct Supervision’ (n 11 in Chapter 10) 5. The pilot tested the concept using synthetic mortgage data supplied by the firms in a standardized format. See Bank of England, ‘Transforming Data Collection from the UK Fnancial Sector’ (BoE 2020) 28. 210 Barefoot (n 59 in Chapter 7) 79.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

327

the supervised entity.211 To automate the execution of regulation, participants also experimented with DLT, also yielding some success.212 Work has since progressed to a pilot involving the FCA, the BoE, and several regulated banks, together examining ways to build prototypes for specific use cases of machine-readable and executable regulation.213 Machine-readable and executable regulation has the potential to fundamentally alter the regulatory dynamic as it currently exists. To date, the burden of implementing and interpreting a regulation lies with the regulated entity after the regulation had been promulgated by a regulator. Regulated entities employ humans who read and interpret the regulation issued by the regulatory authority. They carry the risk of ‘correct interpretation’ and putting in place the right system to ensure compliance.214 This is accompanied by an inherent interpretation problem, which is a gap between the purpose of the regulation as set by the regulator and the understanding and implementation by the recipient. With machineexecutable regulation, the burden shifts to the regulator—the one also responsible for the implementation of the rule.215 In theory, this shift allows for complete disambiguation and greater consistency, therefore erasing the gap inherent in the current approach.216 Thus, the regulator must work out the precise content and meaning of a rule in advance, rather than in retrospective enforcement actions.217 Especially for innovative start-ups, this would lift a heavy burden, as it would mean a significant reduction in overall compliance costs. For the regulator, this shift implies a greater level of consistency and reliability when it comes to compliance,

211 World Bank Group, ‘From Spreadsheets to Suptech Technology Solutions for Market Conduct Supervision’ (n 164) 5. 212 See Bank of England (n 209) 28. 213 See FSB, ‘The Use of Supervisory and Regulatory Technology by Authorities and

Regulated Institutions—Market Developments and Financial Stability Implications’ (n 69 in Chapter 5) 43. The work of the pilot mainly focuses on three areas: (i) Standardizing data description and identification; (ii) Digitizing reporting instructions; (iii) Improving the efficiency of report generation. 214 See also FCA, ‘Digital Regulatory Reporting—Feedback Statement on Call for Input’ (FCA 2018) 3, https://www.fca.org.uk/publication/feedback/fs18-02.pdf. 215 See also Andrew Burt and others, ‘Model Driven and Machine Executable Regulations Tech Sprint—Success Criteria & Recommendations’ (2017) 3. 216 Ibid and Broeders and Prenio (n 183 in Chapter 8) 9. 217 Burt and others (n 215) 4.

328

C. RUOF

as the regulation is automatically implemented without the step of interpretation by the regulatee.218 At the same time, it would reduce the need to supervise and monitor compliance for regulator and allow it to allocate human brainpower to where it is most needed. Removing the interpretation step in the regulatory process would further narrow the room for regulatory arbitrage and address regulatory dialectic. More importantly though, in the future MRER could give a completely new dynamic to the regulatory process. When regulatory changes in regulation are released in machine-readable formats, financial institutions could be able to directly update their systems with little need for additional interpretation. In the case of machine-executable regulation, even this step could become obsolete with changes in regulation being automatically implemented, comparable to the iOS update on an iPhone.219 In the context of regulatory reporting, for example, a rule change could induce the fully automated production of new supervisory reports, which in turn could inform (the necessity for) new rules. This would significantly speed up the feedback-loop between the promulgation of a rule, its effects and effectiveness, and readjustment of the rule.220 An important side effect of this would be that it would most likely reverse the trend towards ever-increasing rule-complexity and the problems associated therewith.221 4.2.2 Risks and Limitations of MRER Yet, MRER also bears certain risks and limitations. First, the potential speed associated with MRER could also bring downside risks. That is, the swift translation of information into regulatory output can also go awry in the sense that the impact of wrong or misinterpreted information is larger and regulatory failure materializes faster. This is important to be considered when using MRER. These effects could, for instance, be cushioned by first testing the new MRER on a small scale before applying it market-wide. Also, the regulator should always have in place and be ready to implement a plan B in case of a malfunction (be it

218 See also Barefoot (n 59 in Chapter 7) 59. 219 See ibid 36. Similarly, Micheler and Whaley (n 145 in Chapter 2) 357: ‘Adapting

to regulatory change could become as simple as installing a software update.’ 220 In a similar vein, Bank of England (n 209) 41. 221 See above at p. 92f.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

329

only the quick reversion of the MRER). Against this background, MRER testing in a well-designed experimentation setting bears great potential. This would allow the regulators to conduct regulatory tests on a small scale and directly act upon the information produced therein. Thereby, MRER could greatly improve the learning process that is associated with regulatory experimentation. Second, not all regulations are likely to be amenable to complete disambiguation, meaning that some regulations will inevitably require human input for interpretation and implementation.222 Which tasks should be automated and when human deliberation is required223 is closely aligned to the question of when to use rules and when principles.224 Similar to the rules-principles situation, the transfer of regulation into code has to be thought of as a spectrum, whereby the benefits of human regulation broadly align with those of principles, and the benefits of MRER with those of rules.225 While capable of operating at a high level of precision and clarity, software is (at present) not as flexible as natural language.226 As MRER is supposed to be executed without (or with minimal) human input, it cannot be as ambiguous as natural language regulation.227 For example, when a regulation demands, without any further specification, a certain behaviour for a ‘reasonable’ period of time or in a ‘reasonable’ way, its implementation requires judgement, which in turn regularly requires human input.228 MRER hence appears (as of now) particularly suitable for rules that are precise and specific as well as repetitive areas and tasks that require little interpretation.229 High-level principles on the other 222 Burt and others (n 179) 7. 223 And between machine-readable/ executable and human-centred regulation more

specifically. 224 See above at p. 236f. A similar comparison has been drawn by Lin, ‘The New Investor’ (n 106 in Chapter 6) 732. 225 See above at p. 240f. 226 Also, Micheler and Whaley (n 145 in Chapter 2) 365. This trade-off, however, may

change over time with advances in machine learning. 227 Burt and others (n 215) 4. 228 See also FCA, ‘Digital Regulatory Reporting—Feedback Statement on Call for

Input’ (n 214) 14. 229 In their first pilot testing MRER in regulatory reporting, the FCA and its collaborators implemented MRER for Loan to Income reports, which are quarterly views

330

C. RUOF

hand, which often include vague terms such as the one used above, are much less suitable for MRER. In between, there are numerous hybrid forms including, for example, less precise rules or more specific principles, which—with advances in ML—could also increasingly be transformed to MRER. Third, the way how MRER works further limits the scope of regulatory strategies230 it can potentially be applied to. Currently, MRER is applied to regulatory reporting, where it (especially in combination with the ‘pull’ approach as outlined above) holds great potential. With respect to other strategies, however, its application appears less straightforward.231 Namely, the element of direct implementation of a regulatory change at the entity level is hard to imagine, for example, with respect to certain changes in prudential requirements. An update of capital requirement rules cannot be ‘directly’ implemented, as it requires the regulated entity to become active on the operational level. Other cases of prudential regulation this similarly applies to include, for example, requirements on the management or the structure of a regulated financial institution. However, there are also certain areas where MRER is not yet present but has the potential to be in the future. This includes in particular regulation affecting private activity that is, or will be, fully automated, such as information collected (or demanded) by financial institutions in context of KYC or AML. More specifically, assuming the customer onboarding took place in a fully automated fashion where the customer needed to submit information to an online questionnaire, it would not be unimaginable to make an update in KYC regulation directly alter the information being asked for in the questionnaire. Another potential field where MRER could be given a role is taxonomy regulation: A change, for instance, in the classification of a certain asset could be directly updated in the system

of the mortgages an authorized firm has sold and the compliance check for Capital Equity Tier 1 ratio, an updated measure of the minimum capital a firm must hold against its assets. See FCA and Bank of England, ‘Digital Regulatory Reporting—Pilot Phase 1 Report’ (FCA and BoE 2019) 8, https://www.fca.org.uk/publication/discus sion/ digital-regulatory-reporting-pilot-phase-1-report.pdf. 230 See above in Chapter 2 Sect. 2.2) c. 231 These limitations primarily emerge in the context of machine-executability and do

not apply to making regulation machine-readable.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

331

of regulated entities.232 On a more general level, the automation of regulation can to some extent only go in sync with automation of the sector itself—the more the industry automates, the more the regulator can (and must) make use of suptech applications such as MRER. Fourth is the concern of excessive regulatory powers that MRER requires. While this concern is already prevalent with respect to MRER applied to regulatory reporting (at least when combined with direct implementation of rule changes and automatic ‘pulling’ of desired information), it is even more pressing in the aforementioned potential future application cases. There, the regulator would not only need to have access to the information flows of a regulated entity, but also have to some extent a direct impact on its operational activity. The greater the regulator’s access or power to interfere with the entity’s activity, the more acute become questions of control (of regulators), accountability and proportionality.233 Hence, it would need to be ensured that any regulation update pulling information or interfering with the operations of the regulated entity is proportional, i.e. does not go beyond of what is really necessary to meet the goal of the regulation. Moreover, regulatory action would need to be subject to an effective ex-post control by a court or a designated, independent body. Furthermore, given the scope of application of MRER and its resemblance with rules-based regulation, one could argue that it stands in conflict with the principle of flexibility, which promulgates a wider use of principles in regulating fintech. As MRER requires a high level of disambiguation, it may be more difficult to apply in unfamiliar circumstances or to new types of firms or services.234 On the other hand, certain features of MRER may even promote flexibility and the use of principles. Namely, the speed of adopting new regulation that MRER could also allow the regulator to quickly react to new circumstances and translate new information into regulatory output. Necessary changes in regulation

232 This, however, certainly needs to be approached with great caution, as these changes can in some instances cause significant shifts in asset classes, which—automatically executed—can potentially cause flash crashes or other unintended market movements/side effects. 233 Related concerns were raised by some of the respondents to the FCA’s call for input on digital regulatory reporting. See FCA, ‘Digital Regulatory Reporting—Feedback Statement on Call for Input’ (n 214) 9f. 234 See also Burt and others (n 215) 5.

332

C. RUOF

could be coded into MRER quicker than they are implemented in the current process. Given the almost immediate implementation, the state of compliance would hence be reached faster than usual. The principlesbased regime could give the regulator an umbrella framework under which they could flexibly deploy and test new regulatory strategies and technologies, including MRER. Ultimately, while MRER could fill the principle with substance—being subject to ongoing change and improvement—the principle itself could remain exclusive to human interpretation. With advances in MRER, regulatory principles could be increasingly filled with life in the form of code which could further amplify these benefits. Hereby, advancements in AI and ML could be the bridge between codified and principal-based regulation.235 Humans on the other hand would be needed to set out the principles, observe experimentation, and draw implications from it and, most importantly, translate these into code (or traditional regulation). They would also be needed in the process of verifying the veracity and utility of data, as the performance of the algorithm and more generally the ‘automated’ part of the regulatory system depends on it. Therefore, at least in the foreseeable future, MRER is therefore likely to not remove the need for human judgement, but rather complement it. Overall, while still at a very early stage, MRER bears great potential with respect to the Guiding Principles and addressing regulatory mismatch. On a general level, it technologizes and accelerates the part of ‘acting upon’ information, i.e. the regulatory output.236 By basically removing the gap between the promulgation of a rule and its implementation, it enables regulators to respond to new information more quickly. This aspect makes MRER also suited for regulatory experimentation, as quick adjustability opens up possibilities for trial-and-error rulemaking. Automatic implementation also significantly narrows the room for regulatory arbitrage and thereby reduces migration activity to outside the regulated sphere. Furthermore, with supervision of compliance becomes less needed, regulatory resources can be reallocated to where they are needed, e.g. at the production of information or design of regulation. Finally, MRER as piloted by the FCA exemplifies how MRER can be an 235 Similarly, Kyle Hauptfleisch, ‘Machine Readable Regulation’ (Fintech Circle), https://fintechcircle.com/insights/machine-readable-regulation/. 236 In the ‘regulatory loop’ as depicted in Fig. 2 (p. 98). MRER would consequently affect the third stage.

9

ANALYSING THE CURRENT MENU OF FINTECH REGULATION

333

area for fruitful collaboration and experimentation between regulators and private actors. Yet, in the foreseeable future, potential application cases of MRER remain limited to some selected areas of regulation. At the same time, wide-ranging adoption of MRER would be associated with a number of risks and concerns, which needed to be considered.

CHAPTER 10

A Reg- and Suptech Platform for Fintech (Policy Proposal)

Based on the findings of Chapters 8 and 9, this chapter suggests a platform-based regulatory approach on which industry participants, as well as the regulator, can engage in experimentation while allowing the regulator to observe activity in and outcome of these experimentations in real-time. It, thereby, aims to implement the envisioned PPP-model of regulation using state-of-the-art technological possibilities. As will be shown, these experimentations can (and should) take various forms under various purposes and be integrated on the regulatory platform in a modular fashion. At the same time, the platform would enable to quickly implement new regulatory tools and measures, drastically lowering the time between information gathering and acting upon it. This part will continue by first outlining the redesign of the regulatory architecture into a platform-based one. Subsequently, I will suggest how the regulatory toolkit (on that platform) could be extended, including different types of sandboxes, regulatory labs, and experimentation spaces.

1

Recapturing the Findings so Far

The previous part has shown that financial regulation has not remained completely static vis-à-vis the changing market environment. However, except for some ambitious suptech pilot programs, still far from being © The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 C. Ruof, Regulating Financial Innovation, EBI Studies in Banking and Capital Markets Law, https://doi.org/10.1007/978-3-031-32971-5_10

335

336

C. RUOF

widely used, those approaches lack ambition and do not go far enough to address the challenges of fintech and the information gap in particular. The innovation hub may help to attract fintech firms in the regulatory perimeter and yield some informational benefits from mutual engagement; this, however, is relatively limited due to its narrow scope as well as its confinement to observation-based learning. In addition, the innovation hub offers very little room to put new information to fruition. The regulatory sandbox on the other hand holds the promise to offer an improvement with regard to the latter, as it gives regulators (some) leeway to adapt regulation in light of new information or new business models. This brings the additional valuable benefit of improving information gathering through experimental learning. Yet also the regulatory sandbox falls short of being an effective remedy against the growing information gap. In particular, the very small number of participants and limited toolkit of regulators inside the sandbox hamper the benefits of experimentation. Moreover, currently running regulatory sandboxes are largely focused on testing the (commercial) viability of a product and bringing it to the market as opposed to gather information and improve regulation. A true game-changing role could be assumed by suptech. Aside from microimprovements of regulatory tasks, there are small-scale tests of suptech applications that could fundamentally improve the information dynamics in the sector. Namely, these include establishing an API-based regulatory architecture that allows real-time supervision of all regulated entities as piloted by the BSP, a data-pull-system tried out by the BNR, and machine-readable and executable regulation as experimented with by the FCA. Used effectively, they could dramatically improve both information gathering and the ability to timely act upon information. To date though, these approaches can only offer a starting point. They are still in their very infancy, and in the cases of the BSP and the BNR, they are only piloted by regulators overseeing a less developed and less complex market. Table 1 highlights the key benefits and shortcomings of the various regimes that have been discussed above. The proposal put forward here is aimed to address some of these major issues and build on the existing approaches.

Source author

Table 1 Comparison of tools to offer remedies for the information challenge under fintech

10 A REG- AND SUPTECH PLATFORM FOR FINTECH (POLICY …

337

338

C. RUOF

2

Overhauling the Architecture of Financial Regulation

The first pillar of a new regulatory approach entails a fundamental redesign of the regulatory architecture as currently in place in almost all jurisdictions. The idea is to convert the core regulatory framework from a closed top-down system into a platform-based ecosystem that allows for seamless data flows, mutual experimentation, as well as modularity and flexibility. First and foremost, the regulatory platform would tackle the information gap by bringing a fundamental shift to how data and information are collected and analysed, minimizing the costs and maximizing the speed of information gathering. This would substantially improve the information level of the regulator and provide a response to the Hayekian concern.1 Furthermore, it would drastically improve the speed with which information could be made fruitful, i.e. manifest in new regulation, adjustment of regulation, or the repeal of such. The production of information would be stimulated through decentralized experimentation and collaboration provided by the regulatory platform. Similar to the architecture of the approach piloted by the BSP, the platform should be based on a common and consistent API that allows creating direct channels to the systems of regulated entities. In the end, all relevant parties2 should be integrated into a network where the regulator maintains a connection to each participant from its centre and (private) participants are able to easily create links for pursuing a certain project or collaborations. For this to work, interoperability is of utmost importance. Aside from the common API; this especially includes clear and commonly accepted standards for all functions and participants in the ecosystem. A fragmented landscape of standards in contrast would result in regulatory

1 See above in Chapter 2 Sect. 2.1.2. 2 Ideally, this would include all regulated parties as well as—to varying extents—other

stakeholders, such as academia or technology companies. However, considering that the implementation of an all-encompassing platform constitutes an immense task that will take a significant time, a gradual development with a continuing integration of actors is inevitable. This transition period will be further discussed in Chapter 10 Sect. 5.

10

A REG- AND SUPTECH PLATFORM FOR FINTECH (POLICY …

339

uncertainty, high entry barriers, and significant operational and compliance costs.3 Besides, common data standards would also be a requirement for the functioning of making machine-executable regulation.4 The channels established on the platform would enable the regulator to get data from entities in real-time and hence significantly increase the information level on the side of the regulator. It would allow for realtime reporting by regulatees as well as data-pulling from the regulator (i.e. real-time ‘push’ and ‘pull’). From an informational perspective, it would be optimal to grant the regulator access to all information flows, including all privately produced information by firms. Clearly, this fullaccess option faces major concerns (especially) related to the security of the data as well as the power and potential for abuse this would give to regulators. One way to address these concerns would be to limit access to data that is either required in the application of a regulation or the access to which the respective firms has consented. This could be supplemented with ad hoc powers as well as the anonymization of data, which could also contribute to easing some of the concerns. Differentiations could also be made between different types of data according to their sensitivity. Following existing examples,5 the regulator should use visualization tools for the activity in the market and data inflows. These tools occupy a highly important role as they translate the magnitude of data and information from the market into a form that is comprehensible for the human mind. Ideally, the role of the regulator would be comparable to that of an air controller in the control tower, closely observing activity with the capacity to quickly shift the focus on a specific activity when necessary.6

3 In a ‘Confederation of British Industry Financial Services Survey’, respondents saw

common data standards as the most important technological element for reducing compliance and regulation costs. Confederation of British Industry, ‘Financial Services Survey’ (2019). 4 See also FCA, ‘Digital Regulatory Reporting—Phase 2 Viability Assessment’ (2020). 5 See above at p. 287. 6 In 2014, Andy Haldane, Chief Economist at the Bank of England used a comparable metaphor at a speech at Birmingham University: ‘I have a dream. It is futuristic, but realistic. It involves a Star Trek chair and a bank of monitors. It would involve tracking the global flow of funds in close to real time (from a Star Trek chair using a bank of monitors), in much the same way as happens with global weather systems and global internet traffic. Its centerpiece would be a global map of financial flows, charting spill-overs and correlations’ (Andrew G Haldane, ‘Managing Global Finance as a System’ (BIS 2014)).

340

C. RUOF

It would also be helpful in producing systemic information, as the regulator could use it to, for example, see how certain developments on a micro-level fit together and might entail compound effects as well as detect hidden risks.7 Importantly though, this translation process involves trade-offs as it necessarily entails simplification and is highly dependent on the quality of the algorithm and software underlying it. To what extent this computer-generated simplification can be relied upon needs to be carefully assessed. On the other hand, less reliance means greater human involvement, hence more costs and risk for human fallibility. It is likely that over time, the reliability of the software improves, while in the transition period, more human involvement and manual checks will be necessary. On a more general level, the bold digitalization and technologization of the (regulatory) ecosystem do not mean that all parts of regulation become a wholly automated exercise.8 In experimentation spaces on the platform, the regulator can try out automating certain functions and look for more efficient technological compliance solutions. Hereby the regulator can act as an active participant testing suptech solutions as well as oversee and validate externally developed regtech solutions. Where automation is not (yet) a feasible option, traditional rules could be tested and applied. In that way, the platform could start as a hybrid system, while constantly exploring the potential for further automation. This would also allow for a smoother transition to automated regulation in the form of regtech/suptech solutions and extensive use of MRER and avoid a disruptive change associated with high stability concerns. The API architecture could be used to enhance participation, integrating more stakeholders in the regulatory process to expand and diversify the informational spectrum. This could potentially include other

7 See also Allen (2023) Suptech (n 34 in Chapter 8) 269. 8 See also above with respect to MRER, see p. 290ff.

10

A REG- AND SUPTECH PLATFORM FOR FINTECH (POLICY …

341

authorities, such as central banks9 or regulators from other fields,10 representatives from academia, technology suppliers and developers as well as international organizations.11 More specifically, they could be included in the oversight activity by the regulator (i.e. be given a seat in the ‘control tower’) as well as integrated into the specific labs/sandboxes/designated spaces on the platform. This could be done in the form of different levels of access, in accordance with the purpose of the participation and the sensitivity of the data.12 For instance, universities or other research institutions could be provided with access to the API, enabling them to conduct their own data analysis, further adding knowledge to the regulatory sphere. In experimentation spaces or PPP-undertakings, besides providing additional knowledge, they could (where needed) function as a counterbalance and a control body for industry presence and input. Moreover, other market players could have (limited) access to ongoing experimentations and built on the insights drawn therefrom or provide additional input. Having established a network with all participants connected to the regulator, what turns this structure into a platform is the way it would enable the regulator and regulated entities to interact with each other as well as the way services or other undertakings can be started. The API architecture has to be set up in a way that allows for high modularity, creating an environment where participants (public and private) can (without high barriers) start and end joint projects. More specifically, regulators and regulatees would be able to set up ‘projects’ on 9 That is because banks sit at the centre of the financial system, which provides them with a good overview. The Irving Fisher Committee on Central Bank Statistic (IFC), a forum of central bank economists and statisticians that operates under the auspices of the BIS has already started attempts in that direction, identifying and addressing broader data gaps in relation to fintech. International Finance Corporation, ‘IFC Annual Report 2020: Transformation’ (IFC 2020) 5. 10 This would be particularly important with a view to bigtech, having their primary business in another market. 11 See also FSB, ‘The Use of Supervisory and Regulatory Technology by Authorities and Regulated Institutions—Market Developments and Financial Stability Implications’ (n 69 in Chapter 5) 35. 12 Naturally access to data can raise serious data protection and IP issues that thirdparty access would need to be reconciled with it. These issues, however, exceed the scope of this study. In some cases, in which the data might be too sensitive, these concerns might even fully override the benefits of participations, leading to a complete prohibition of participation.

342

C. RUOF

the network and open them up to prospective participants—allowing access according to the purpose of the project. For regulators, this would particularly include regulatory projects such as experimentation sandboxes, tech-sprints, or suptech-regtech collaborations such as MRER as piloted by the FCA. These would be visible on the platform for industry players who can decide to—depending on the specific type and design of the project—submit an application and eventually participate. The platform thereby could support collective learning where the regulator can collaborate with market players to find solutions to a given problem. In doing so, the development of suptech and regtech could go hand in hand, rather than in isolation.13 The regulator could harness resources and wisdom from the industry while maintaining sound oversight. At the same time, the quick adaptability combined with greater data availability and transparency would allow for common experimentation with greater informational gains. Regulated entities could further use the architecture as a platform for industry collaboration. Meaning, they could use the platform in the same way as the regulator to set up experimentation or collaboration spaces for any kinds of projects. More specifically, industry participants would not need to individually agree on a common API or protocol standard but could use the platform for their (platformbased) services. This would mean a potential boost for new developments like WLB and BaaS. Given the better interoperability, innovators would face fewer technological barriers, facilitating easier market access. At the same time, regulatory barriers could be reduced, for instance, by a (partly) automated submission process, by innovation-supporting programs such as regulatory sandboxes, or by market solutions like WLB. The advantage vis-à-vis the current situation would be that on the regulatory platform; these developments would be fully monitorable by the regulator, allowing for early identification of risks and quick intervention. Moreover, as the regulatory platform ideally covers close to all activity in the sector, it would also embed structural shifts in the market in a regulatory structure, hence, make them more visible and controllable for the regulator. This architecture has the potential to significantly improve every part of the regulatory process (see Fig. 1). First, given the real-time inflow of data, it has a significantly better overview of the sector and can perform its supervisory function in a more informed way. The direct links to the

13 Similarly, Batista and Ringe (n 46 in Chapter 5) 212ff.

10

A REG- AND SUPTECH PLATFORM FOR FINTECH (POLICY …

343

entities established through the API architecture and the possibility of ‘data-pulling’ would carry out a major part of the information gathering element; the ineffectiveness of which in the traditional system has been among the main reasons for the growing information gap. The simplified collection of information would further allow the regulator to focus on the production of systemic information, where again the platform offers benefits. Returning to the image of the ‘control tower’, the regulator would have an improved systemic view, observing interconnections between market participants, changes for instance with regard to the composition of the market, or fast growth of certain sectors. This puts it in a much better position to timely identify shifts and fundamental developments in the sector and enable it to allocate resources accordingly and timely. Second, the API-based ecosystem would enable it to introduce new regulation more swiftly and inversely also revise the change if necessary, more easily. On the API architecture, suptech solutions could be ‘plugged in’ to private sector services by implementing the solution in the system of concerned entities through the established channels.14 Effectively, this could make changes to specific regulations as easy as a software update on a computer.15 This structure would allow for quick changes in light of new information by adapting the software or ‘plugging in’ a different tool. Having such an architecture in place, MRER could at some point in the future become the standard form of implementing certain types of new regulations, allowing to make regulatory changes almost in real-time. Regulation could further be more tailored to the actual risk and business profile of the respective entity since information about it is available in a much more granular form and technology holds the potential to reduce the costs of individualization of regulation.16 This infrastructure and the possibilities thereon however are—as already discussed in the context of MRER—also associated with concerns related to excessive regulatory power, which prompt the need for control mechanisms. As the goal of this approach is not to greatly enhance regulatory powers, but rather to increase the efficiency, speed and performance of regulation, 14 See also Allen, ‘Experimental Strategies for Regulating Fintech’ (n 116 in Chapter 5)

3. 15 This does not mean this would typically take place without any involvement of the affected party. It simply describes the ease with which regulatory changes can be implemented. 16 Also Tsang (n 20 in Chapter 6) 394f.

344

C. RUOF

common principles and control mechanisms of financial regulation, and regulatory intervention more generally need to stay intact.17 On the proposed platform infrastructure, the role of the regulator would also become more versatile and vary depending on the specific project and the form of its participation. New roles would include functioning as a coach or guide when it comes to small start-ups seeking market access, as a referee in competition-based undertakings like techsprints, a guardian or high-level controller in the context of industry partnerships and private experimentation spaces, a clearinghouse and distributor with regard to relevant information, and ideally an equalizer when it comes to essential compliance technology/software. Perhaps, and most importantly, the regulator would engage in the sector as an active participant and collaborator in the context of experimentation with

Fig. 1 The new architecture in context to the information cycle in financial regulation (see original Figure 2 in Chapter 4) (Source author)

17 On these principles, see above on p. 33ff. In this context, these particularly include the principles of proportionality, equality, the prohibition of arbitrary action, acting within the borders of the given regulatory mandate/objectives as well as an effective ex-post control instance.

10

A REG- AND SUPTECH PLATFORM FOR FINTECH (POLICY …

345

suptech. In that sense, it would move a step into private sector territory and actively participate in solution-finding as opposed to taking a purely reactive role. Industry participants on the other hand would primarily keep their role ensuring an efficient allocation of capital, innovating and competing for finding new and better ways to achieve this. To support these functions, the platform would offer an innovation-friendly environment, where fintech firms could easily put their product on the platform or integrate it on a product of another institution and where partnerships could be easily established. In addition to that though, industry participants are also getting more integrated into the public sphere— collaborating with the regulator in helping to find technological solutions to regulatory problems and hence supporting the regulator in fulfilling its objectives.

3

Optimizing and Expanding the Regulatory Toolkit

Having outlined the concept of a platform-based API architecture, this part will dive deeper into how the platform could be used and for what purpose. It will also sketch some examples of what an improved (platformbased) regulatory toolkit could entail. As aforementioned, one key design feature and benefit of the regulatory platform is its modular approach. That is, all (new) regulatory tools can be implemented and discontinued in an easier and quicker fashion compared to the traditional procedure. While results can also be observed in real-time, failure can be detected much faster, lifting the burden of ‘getting it right’ from the design of regulatory tools and regulation itself. This broadens the room for regulatory experimentation, supporting the production of information and reducing regulatory mismatch. This part will begin by outlining how this setup could address the above-identified shortcomings of the regulatory sandbox. Following that, I will show how the classic concept of regulatory sandboxes could be supplemented with comparable, but more specialized, regulatory spaces. In these specific regulatory tools, regulations or technological solutions could be tested with a view to specific problems while simultaneously giving room for all sorts of collaborations, such as PP-partnerships or inter-industry collaborations.

346

C. RUOF

3.1

Optimizing the Regulatory Sandbox

As shown in Chapter 9 Sect. 2, the regulatory sandbox concept has the potential to contribute to reducing the information gap. As opposed to the more specialized sandbox (and sandbox-like) approaches that will be discussed below, the regulatory sandbox is rather ‘broad-purpose’, i.e. not geared towards one single problem or targeted at one class of services. Its main purpose remains to offer tailored (and to a certain extend preferential) regulatory treatment and individual (regulatory) guidance to innovative firms. The informational promises primarily stem from regulatory learning but also from attracting innovators from the shadows to the regulated sphere. It is intended to capture innovation activity and in congruence, information in the market as broadly as possible and as early as possible. The early engagement further provides the regulator with the opportunity to intervene in an early stage where it might be still easier and less costly to address risks inherent in the design of the products.18 However, as shown above, the regulatory sandbox (in its current form) also displays certain shortcomings that hinder it from unleashing its full potential. The regulatory platform opens up some opportunities to address these issues and help the regulatory sandbox concept to deliver its full potential. First and foremost, the regulatory sandbox should be widened in terms of scope and scale.19 In its current form, the limiting factor to achieve this has primarily been the resource intensity of the way it is operated. Integrated into the API-platform architecture, the first way this issue would be addressed is that the regulatory platform allows for more effective and simple oversight. This enables the regulator to keep track of the ongoing experiments and quickly intervene if necessary at any time. In this way, risks for consumers or investors can be kept at a minimum, while at the same time significantly reducing costs of oversight. As opposed to the current functioning, this would not require using formal communication channels or an inquiry form for data or information.

18 See also Allen, Driverless Finance (n 88 in Chapter 5) 40: ‘It is much easier to make changes to a product as it is developed, rather than trying to superimpose features onto a finished product’. 19 See above on p. 276ff.

10

A REG- AND SUPTECH PLATFORM FOR FINTECH (POLICY …

347

To further reduce costs, certain tasks within the sandbox could be automated and outsourced to algorithms. Currently, inter alia the admission and entry into the sandbox appear to require significant resources; however, automation could alleviate resource use here and cause reductions in cost. In addition, the ‘plug-and-play’ design of the platform would further allow for quicker and smoother entry as well as exit into and from the sandbox. Another resource-intensive task to date is the guidance, often provided by designated case officers for each participant.20 While the potential that automation brings for guidance seems at least to date limited, one way this task could be made less costly is by way of integrating (other) private parties into it. This could be achieved by forming homogenous clusters within the sandbox where comparable services can pool knowledge and communicate more directly. By way of partnerships,21 more experienced actors could in coordination with the regulator participate in the guidance and thereby free up regulatory resources that are to date devoted thereto. In addition, former sandbox participants or other players with advanced knowledge could be integrated, so that current participants could utilize additional expertise.22 Guidance could also be made less costly by disseminating information more consistently. Currently, regulatory sandboxes remain mostly non-transparent with only little information being disclosed to the public or other (future) participants.23 The regulator should aim for significantly more transparency, especially with regard to its individual guidance. Disclosing information would likely lower the total costs of individual guidance and at the same time level the informational playing field.24 Lastly, the regulator should support partnerships within the regulatory sandbox. Partnerships (especially between incumbents and start-ups) can help to reduce the need for guidance by the regulator, allowing it to allocate those resources more 20 That being in the case of the FCA’s sandbox. See above on p. 270. 21 Which are to some extent already existing, see above at 4.b.2)a). 22 Importantly, in many cases this could raise severe conflicts of interests, as those current participants could be (future) competitors of the included firms. Therefore, to what extend this option is viable had to be further explored. 23 The digital sandbox could become a notable exception to this. As of now however, there is no public data available. 24 Of course, this can only take place within the frame of applicable data privacy laws. The regulator is not supposed to disclose critical information about a participant’s business model or alike.

348

C. RUOF

efficiently. While the API architecture already provides a better ground for such partnerships, the regulator could further provide support e.g. by way of integrating a ‘mentorship regime’ that puts the partnership in a regulatory framework and at the same time have the beneficial side effect of drawing additional actors to the regulatory perimeter.25 Also, it could promote existing ‘support’ structures such as the diverse market support functions that are provided by and to fintech firms and neo-banks.26 As shown above, the scope of the regulatory sandbox is limited by its eligibility criteria, most importantly due to the necessity to be designated as ‘innovative’ by the regulator. As described above, this entails several problems.27 While some sort of admission criteria is certainly necessary, it should be altered to better fit the purpose of the sandbox. Accordingly, the regulator should try to attract those entities to the sandbox about which information is lacking or asymmetrical. Therefore, it should focus on small fintech firms, especially those currently operating outside the radar, firms at the edge of innovation, (yet) unlicensed firms, and possibly also—with a view to information asymmetries—bigtech players. Yet, at the same time, the eligibility criteria need to exhibit a certain degree of objectiveness and auditability, a task not easily reconcilable. Looking at the current practice, the focus of regulators in determining the ‘innovativeness’ is mostly based on the benefit of the respective service for consumers or the need for the service in the market. These aspects are not only outside the regulator’s task28 but also not useful from an informational perspective. Preferably, the innovativeness could instead be decided based on what extent the service is challenging the status quo in the market and of regulation. In other words, the regulator should apply the criteria in a way to draw especially those services to the sandbox that collide with the regulatory framework, or for which there currently is

25 See also Enriques and Ringe (n 149 in Chapter 5) 394. 26 See above at Chapter 5 Sect. 3.4.1 Sect. 4.1.4. 27 See above at p. 277f. Due to the scope of this book, not all of these issues can be addressed here. 28 Rather, it should be left to the market to decide on the commercial viability and quality of a product/service. Importantly, it is arguably also almost impossible for a regulator (or anyone else) to determine these things ex-ante.

10

A REG- AND SUPTECH PLATFORM FOR FINTECH (POLICY …

349

none.29 Even a greater focus on one specific FCA sandboxes admission criterion could improve the situation. That is, requiring the applicant to demonstrate a need for testing in the sandbox alongside the regulator could at least partly further the aim of attracting services outside of the regulatory perimeter. At the same time, it embodies neutrality and could similarly apply to services provided by any type of company.30 It could also be conceivable to fully redesign the admission procedure and give the regulator the power to include firms at its discretion (without any application from their side). This could be done by nudging those firms into the sandbox, or, in exceptional cases, even prescribe firms to participate.31 In any case, to not jeopardize the goals of the new approach, this would require a regulatory sandbox that is able to offer an advantage to the (often unregulated) status quo of the entity,32 the subject of the next improvement suggestion. Aside from the scale and scope of the regulatory sandbox, another major issue identified was the limited availability of tools and the corresponding lack of flexibility. That is, the current tools that regulators use inside the sandbox33 are more geared towards accommodating an innovative firm in the existing regulatory framework, achieved primarily in the form of waivers, as opposed to experimenting with innovative approaches for regulating them. In order to reach the full potential of experimental learning, the regulator should extend its toolkit within the sandbox by especially utilizing suptech/regtech solutions. Once again, for this purpose, it could often be fruitful to form partnerships, e.g. of a software company offering a certain suptech concept with a certain type of financial service that this service can be applied to. Besides, other types of 29 This could primarily be demonstrated by the entity in its application. However, it would also be conceivable that the regulator reaches out to entities where this criterion applies and offers them to participate in the regulatory sandbox. 30 This could also mitigate level-playing-field concerns that are at times raised in the context of regulatory sandboxes. 31 To ensure proportionality, this should, however, be the ultima ratio and subject to judicial review. 32 Notably, another way to induce those entities to participate in the sandbox would be to make the status quo more unattractive (i.e. by imposing stricter regulations outside the sandbox) or to somewhat increase the pressure for entities to participate in the sandbox. 33 Notably, as shown above, the availability and flexibility of tools strongly varies among regulators, with the FCA and MAS being located on the more end and especially EU regulators on the less flexible end. See also above at p. 278f.

350

C. RUOF

new (non-suptech) regulatory approaches also should be tried out in the sandbox.34 Since the API platform would enable much quicker adaption of regulation, the costs of regulatory failure would be much more limited. Moreover, the accommodative approach that is currently taken in regulatory sandboxes has the disadvantage of being unidirectional. Meaning that it can only correct over-inclusiveness of the regulatory framework, but not when the regulatory framework fails to (adequately) capture certain services or particular risks. To address this and include unregulated or inadequately regulated services in the sandbox, the regulator would have to extend its tools to impose new regulations on its participants. While certainly not as attractive for (potential) participants as accommodative tools, it would still be beneficial for firms to participate due to their capacity to influence the design of regulation through dialogue with the regulator in a sandbox. Since the API-platform architecture would allow for a much faster introduction of regulation, yet-unregulated firms could not expect to enjoy the benefits of their unregulated status for too long, making cooperation from the get-go the preferable option. Another touched-upon point concerns the inclusion of a broader set of stakeholders in the regulatory sandbox. In that aspect, the digital sandbox by the FCA is a good example which attempts to build an ecosystem where other players and organizations can provide support and input for sandbox participants as well as provide an ‘observation deck’ for interested parties.35 Theoretically, the sandbox operating on the API platform allows for much broader access to it compared to the current operational model. It could be opened to interested parties such as academia, government bodies, other regulators (from other fields as well as other jurisdictions), incumbents, or investors. For academia, think tanks, or other regulators, the regulatory sandbox would provide a unique source of data on nascent (and presumably under-researched) market phenomena and is therefore likely to be met with a high level of enthusiasm. Aside from broader beneficial effects on the quality of research and academic discourse, they could perform (ad hoc) consultative functions vis-à-vis sandbox participants and the regulator. Furthermore, the regulator could include (some of) the

34 This could for instance also include the testing for technological failures or design flaws in algorithms. 35 See above at p. 270.

10

A REG- AND SUPTECH PLATFORM FOR FINTECH (POLICY …

351

aforementioned stakeholders in the design process of regulation, broadening the spectrum of informative input. This would diversify the sources of information and knowledge informing the process and hence could address risks of capture. The risk of capture in sandboxes should, however, be addressed by additional safeguards including a rotation system in the allocation of case officers or implanting ‘regulatory contrarians’ in the agency that deliberately take an outside perspective on their colleagues work and challenge their assumptions.36 The inclusion of investors on the other hand could make the sandbox more attractive for (esp. unregulated) participants as they would significantly increase their visibility. Given the divergent interests (and conflicts thereof), it would again make sense to differentiate between different levels of access for external parties to the sandbox.37 More specifically, parties like investors pursuing individual commercial interests that often do not require full access to granular data of participants should be granted more ‘observational’ access allowing for a good overview of activity in the sandbox but less access to (sensible) data produced therein (this would be comparable to the observation deck the FCA’s digital sandbox offers). Even more caution in providing access should be applied when it comes to incumbents and competitors, due to obvious conflict of interest and intellectual property issues. Inversely, parties like academic institutions, government bodies, or regulators should be given a higher ‘security clearance’ and be allowed to observe and pull data from the sandbox as they require.38 That is not only because they are much less subject to conflicts of interests, but also due to their contribution to the regulatory process.

36 Also proposed by Allen, ‘Regulatory Sandboxes’ (n 205 in Chapter 8) 637f. The idea of the contrarian originally comes from McDonnell and Schwarcz in McDonnell Brett and Daniel Schwarcz, ‘Regulatory Contrarians’ (2011) 89 North Carolina Law Review 1629. 37 See above at p. 300. 38 Certainly, these represent rather only the ends of the spectrum. Access can be given

on a case-by-case basis according to the interest and profile of the applicant, with scrutiny increasing the extensive access is applied for.

352

3.2

C. RUOF

Adding Specialized and Thematic Experimentation Spaces to the regulator’s Toolkit

The ‘broad-purpose’ regulatory sandbox should further be supplemented with more specialized or thematic experimentation spaces where innovative (technological) solutions to specific (regulatory) issues could be tested in a shielded environment. The goal of these spaces is meant to initiate targeted experimentation and the production of information in a certain direction. These specialized sandboxes or regulatory spaces are also supposed to provide a platform for collaboration between the regulator and industry as well as within the industry itself—encouraging targeted problem solving and pooling and exchanging information. As aforementioned, these spaces could be established in a quick and simple fashion using the flexibility of the API architecture. While these spaces are all implemented on the same regulatory platform, modularity enables them to exist and operate independently from each other, allowing for more effective and dynamic experimentation. In this environment, the regulator functions as the operator of the regulatory platform overseeing the activity in the multiple experimentation spaces while simultaneously participating in many of them. Because of the design of the platform, the regulator would not risk losing track of the undertakings on the platform and retain its capacity to monitor activity in real-time and quickly intervene when necessary. In the following, I will sketch how these new platform spaces could look like, whereby I will distinguish between ‘specialized sandboxes’, ‘thematic sandboxes’, and ‘industry sandboxes’. It is however important to note that these forms are neither definite nor conclusive. The key advantage of the platform set-up is its flexibility and dynamic, allowing for broader experimentation and the initiation of a discovery process for the most adequate and best model. Figure 2 illustrates this structure in a simplified way: 3.2.1 Specialized Sandboxes First, the regulatory platform could be used for specialized sandboxes. This type of a modular regulatory space would be targeted at specific problems, primarily of regulatory nature. For instance, when a regulation (be it automated or traditional) appears to be unproportionate or over-inclusive, industry participants could seek to set up a specialized sandbox aiming at exploring the issue and finding a better regulatory

10

A REG- AND SUPTECH PLATFORM FOR FINTECH (POLICY …

353

Fig. 2 Overview of the core elements of the new proposal. Part a shows the ecosystem on the regulatory platform. Part b illustrates the key changes to the regulatory approach. Notably, the status quo is only exemplary and not referring to an existing regulator in a specific jurisdiction. Part c lists the main structural changes that need to take place within the regulatory agencies (Source author)

solution. Doing so, affected firms could immediately aim for a collaborative partnership with the regulator. The specialized sandbox with the regulator could also be a follow-on to an industry sandbox, where an industry solution could not be reconciled with the expectation of the regulator or combined with suptech solutions from its side. The initiative to create a specialized sandbox can however also come from the regulator’s side. This could be the regulator identifying a need for experimentation that requires industry participation (e.g. for suptech solutions) or when it identifies a problem, such as an inadequately or not addressed risk in the market associated with a specific service. The regulator could

354

C. RUOF

however also decide to set a sandbox due to an identified lack of information about a certain fintech type with the primary goal of learning.39 In the first case, for example, it could set up the sandbox accompanied by a call for proposals of regulatory solutions in order to integrate (affected) industry players into the process.40 This could include open problems like the regulation of algorithms and machine learning in particular with41 regard to black-box issues. The sandbox could for instance provide a space for ML-based applications to be trained with real-world data, while remaining under close supervision. In addition, it could be used to confront the algorithm with different (stress) scenarios to see how it responds to new situations. Thereby the regulator could decide on its own role within the sandbox, either solely specifying the requirements and leaving the development to participants or actively engaging in the latter by collaborating with participating firms. Moreover, specialized sandboxes could be used to test use cases of MRER on a small scale before applying them on a wider basis to mitigate risks of regulatory failure. The participation of the regulator could in this case range from being an eye-level collaborator (e.g. working jointly with industry participants on improving the MRER code) to the role of a validator, assessing industrymade MRER and approve it for (further) testing. When, alternatively, a specialized sandbox is set up to address the problem of unregulated services; accordingly, its purpose would be to attract the unregulated services to the platform, to get information about them, and to integrate them in a regulatory discovery process. In this form, the specialized sandbox would be relatively similar to what would also be taking place in the broad-purpose regulatory sandbox. The main difference would, however, be that in the specialized sandbox case there is a clearly identified problem that the sandbox seeks to solve, while the general sandbox operates before a specific problem has been identified or when a phenomenon is too small/nascent or generally unfit for a separate sandbox. That said, the broad-purpose sandbox would perform a backup function, meaning

39 This would resemble to some extent the background against which the DLT-sandbox had been set up. See Zetzsche and Woxholth (n 70 in Chapter 9). 40 This type of specialized sandbox would show some similarities with current TechSprints or Hackathons. 41 This could include for instance the test of ‘plug-in’ solution for algorithm as proposed by Allen, ‘Driverless Finance’ (n 154 in Chapter 4) 195ff.

10

A REG- AND SUPTECH PLATFORM FOR FINTECH (POLICY …

355

that is supposed to capture those (unregulated) services which are not targeted by specialized sandboxes. Irrespective of the specialization or the initiator, collaboration is always a key element of the approach and one of the main channels supposed to stimulate the production of valuable information. Participation should be similarly broad as in the regulatory sandbox, including the varying levels of access. 3.2.2 Thematic Sandboxes Second, regulators could introduce thematic sandboxes on the platform. While the specialized sandbox would be primarily targeted at regulatory problems, this type of sandbox would seek to stimulate information production in the direction of broader societal problems or policy goals. This could include finance-specific policy goals, such as financial inclusion,42 but also cross-sectoral topics like climate change. The purpose of this sandbox type would not be to find a (definite) solution to the formulated problem, but rather to kick-start a discovery process and incentivize innovation and investments in that direction. These innovations could be for instance regulatory innovations, but also technological solutions.43 Whereas regulatory innovation would be primarily spurred by experimentation and the stimulation of a corresponding discovery process, a thematic sandbox would additionally promote private sector innovation by improving visibility to investors and providing regulatory support. Given the nature of its goals, in contrast to the specialized sandbox, the thematic sandbox would operate rather open-ended. However, it is also conceivable that the broader theme of the sandbox could be supplemented by sub-themes that are addressed in separate (thematic) sandboxes. For instance, the climate change-themed sandbox could further be

42 Some jurisdictions have established their respective regulatory sandbox with the stated focus on products or services with particular salience to inclusive financial ecosystems. See, e.g., UNSGSA (n 12 in Chapter 9) 29ff. 43 Regulatory innovation in that context could for instance be directed at issues like the taxonomy on ‘green’ financial products or financial services supporting projects that address climate change.

356

C. RUOF

accompanied by more targeted ones, focusing e.g. on sustainable investment or green bonds.44 These thematic sandboxes would be particularly well-suited for including representatives from academia or other governmental bodies, because these topics typically concern several/all agencies of the state and are both highly relevant and beneficial for contemporary research. 3.2.3 Industry Sandboxes and Regulatory Labs Third, the platform could also be used for industry sandboxes. Here, the regulator would play a smaller role compared to the previously described sandboxes and be more limited to monitoring, consulting, and only if necessary, intervening. Also, in contrast to especially the regular (optimized) sandbox, the initiative for testing as well as the design of the testing space would in the case of the industry sandbox typically come from the private side. Importantly however, the regulator needs to remain a credible power in the background identifying and quickly responding to misguided practices and avoiding the misimpression of laissez-faire. While industry sandboxes are also possible in the current setting, the regulatory platform using a common API would enable establishing industry sandboxes in a much easier and quicker fashion, significantly reducing the associated initiation and running costs. Simultaneously, because of being on the regulatory platform, they would still produce valuable data for the regulator. Industry sandboxes could be used for conducting technological testing and exploring commercial solutions in an ‘off-market setting’45 while sharing costs and risks arising therewith. The API architecture would be an important enabler, allowing for easy sharing of data, seamless interlinkage of different services, and interoperability. Industry sandboxes could further be used as a testing ground for new forms of cooperation, such as WLB or BaaS, which are likely to experience a rush from the platform structure. They could also facilitate collaboration between financial and non-financial players, further attracting more

44 For an overview over the current discourse on green/ sustainable, see, e.g., Hao Liang and Luc Renneboog, ‘Corporate Social Responsibility and Sustainable Finance: A Review of the Literature’ (2020). 45 The level of regulation that applies (or does not apply) would need to be agreed upon in advance with the regulator. While in some cases there would not need be an alteration of rules, in others the participants could negotiate for a (slight) adaption of the framework for their undertaking.

10

A REG- AND SUPTECH PLATFORM FOR FINTECH (POLICY …

357

relevant (unregulated) players to the platform and consequently making information about them available for the regulator. In contrast to the sandbox types described above, the industry sandbox would have a clear commercial focus, which in the current system still lies within the regulatory sandbox. Outsourcing this part to a predominantly industry-run and operated sandbox would save resources that could be used elsewhere, e.g. regulatory experimentation. In a similar vein, the regulator could encourage staff members to engage in (internal) experimentation on the platform. As an equivalent to an industry sandbox, this could function as a pre-market stage where regulatory personnel could test out novel technologies, sharing data and test existing micro-service or suggest innovative projects and exchange ideas. It could also provide a space for remote collaborations across different regulators, enabling to develop cross-sectoral or cross-jurisdictional solutions.46 This regulatory lab could subsequently evolve into a specialized sandbox with dedicated industry participants and real-life testing. 3.3

Summary—Spoilt for Choice

The tools described in this section constitute one part of the move away from a traditional top-down regulatory structure towards one that is shaped by eye-level collaboration and common problem identification and -solving. They form the spaces for experimentation and the accumulation of knowledge—the key mechanisms for problem identification and -solving. Depending on the specific needs, goal, or problem of the respective entity or the regulator, each tool can entail its own individual benefits. The following examples are supposed to illustrate the choices from the perspective of a firm as well as from that of the regulator. First, assuming company A offers an innovative payment service and is not (yet) regulated. In the case that the reason for its unregulated status lies in commercial unreadiness (i.e. the service is not yet ready for the market), A could apply to the ‘broad-purpose’ sandbox to test

46 In this direction goes an initiative by the ECB called the ‘Virtual Lab’, providing a collaboration platform across the SSM. See FSB, ‘The Use of Supervisory and Regulatory Technology by Authorities and Regulated Institutions—Market Developments and Financial Stability Implications’ (n 69 in Chapter 5) 40.The initiative was supposed to start by the end of 2020.

358

C. RUOF

its service under near market conditions.47 Thereby, it could choose to partner up with a regulated institutions in the form of a mentorship agreement, allowing it to further improve its service and potentially test it in the real-market under the license of the regulated partner. If the unregulated status of A is however due to problems with existing regulation (e.g. it being unproportionate or over-inclusive), A could once again apply to the ‘broad-purpose’ sandbox, but alternatively also aim for the creation of a specialized sandbox. In that case, the ‘broad-purpose’ sandbox would function as a space for A to engage with regulator in order to discuss and test solutions to its problem. The creation of a specialized sandbox on the other hand could be more appropriate, if A’s problem is not an isolated case, but bigger phenomenon in the market. Then a specialized sandbox could bring together affected parties with the regulator and other interested stakeholders to kick off a discovery process towards finding an adequate solution to the problem. The same options would present themselves to A, when there simply is no applicable regulation to its payment service.48 Here, the focus of the sandbox engagement would however primarily lie in the production of information about A’s service in order to assess its potential risks and ultimately design an appropriate regulation. Second, also the regulator is presented with different choices when confronted with A providing an unregulated payment service. A can, for example, be active under the guise of a mentorship regime or within an industry sandbox, in which case the regulator could monitor A’s activities, collect (eventually ‘pull’) information, or invite A to more advanced sandbox testing. Assuming A is already operating in the real-market (without a license), e.g. due to an unclear regulatory status or the lack of applicable regulation, the regulator could invite A to the ‘broad-purpose’ sandbox, eventually even prescribe its participation therein, or—if the phenomenon is more prevalent—create a specialized sandbox to find a regulatory solution (see also above). Considering a different scenario,

47 Notably, these are additional options supplementing the regular process. That means, A could also keep developing the product on its own, reach out to the regulator informally (or through an innovation hub) regularly apply for market license. 48 In that case, the initiative for sandboxing might often come from the regulator, trying to draw A to the regulated sphere and integrate to the regulatory framework. This could, however, also be desirable for A, as it may seek regulatory certainty or to signal the market the safety of its product by way of regulatory approval.

10

A REG- AND SUPTECH PLATFORM FOR FINTECH (POLICY …

359

the regulator could also be unsatisfied with the regulatory status quo of (regulated) company B that provides blockchain-based credit services to consumers, for instance, because it believes consumer risks to be insufficiently addressed. Here, it could be appropriate to create a specialized sandbox and eventually even oblige B to participate. Collaboratively, in the sandbox they could aim to find a commonly accepted solution to the issue. If the regulator deems the situation to not be urgent, it could also set up a ‘lab’, inviting B and other stakeholders/parties to produce knowledge—however without yet taking any (also preliminary) regulatory action. The same could be done if it worries about the systemic implications of B and its peers and decides more information in that context is needed. 3.4

Implications for the Information Gap and Regulator’s Mandate

In sum, these proposed changes would have significant potential in addressing the information gap and preventing regulatory mismatch. First, the information gap between the regulator and individual participants would be significantly reduced. When operating on the regulatory platform, the regulator would have direct and un-skewed insight into the ‘machine room’ of a firm and its service and be able to pull microdata from the established channels. This would put regulators on par with the regulated entity in terms of data possession. Through the various experimentation spaces, they would further get a firm grip on innovation activity in the market and putting them in a good position to spot new market trends or emerging risks. Second, by also attracting unregulated entities to the regulatory radar, visualizing partnerships with non-financial firms and integrating them on the platform, the regulator would reduce the information gap vis-à-vis the sector as a whole. Lastly, unknown information as well as Knightian uncertainty would be reduced by way of stimulating the production of information through experimentation and collaboration. At the same time, the platform and the experimentation spaces, in particular, enable the regulator to act upon information in a much timelier and more effective fashion. A likely increase in the use of machine-readable and executable regulation would further amplify these benefits. Generally, more and better information would put the regulator in a better position to fulfil its mandate. With a much better overview of activity in the sector and several technical tasks automated or outsourced, the regulator can focus on and substantially improve the pursuit of its

360

C. RUOF

financial stability mandate. It can collect more and improved data on little-understood phenomena such as the behaviour of ML-driven algorithms in the market and test different approaches of regulating them. Meanwhile, risks for consumers could be effectively spotted (ex-ante) and consumer harm could be investigated much more thoroughly (ex-post) due to the data availability provided by the platform architecture. Effective competition would have to be ensured by making the platform easily accessible without too high initiation costs for start-ups and innovators. To that end, support of small start-ups might be necessary to prevent the regulatory platform and applied suptech solutions from becoming barriers to entry.49 In that case, the proposed changes are likely to stimulate competition and innovation, especially in the context of the provided experimentation spaces and industry sandboxes. In the mid- and long run, regulatory burden could be substantially reduced as data-pulling and increased use of machine-readable regulation obliterate the need for filing reports or time-consuming rule-interpretation, leading to substantial savings in compliance costs. Ultimately, a regulatory platform would make financial regulation more resilient and future-proof.

4 Necessary Structural Changes to the Regulator In order to make the regulatory platform and the modular experimentation work, certain changes to the structure of the financial regulator would need to be made.50 While the following list does not claim to be exhaustive, it is meant to touch on the most important aspects critical for the success of the new approach. These are: (i) giving the regulator more discretion, (ii) equipping it with sufficient resources and talent, (iii) and finally pushing a cultural change within the agency.

49 That risk is also expressed by FSB, ‘The Use of Supervisory and Regulatory Technology by Authorities and Regulated Institutions—Market Developments and Financial Stability Implications’ (n 69 in Chapter 5) 10. 50 In parts similar suggestions are made by Allen, ‘Resurrecting the OFR’ (n 3 in Chapter 8).

10

A REG- AND SUPTECH PLATFORM FOR FINTECH (POLICY …

4.1

361

More Discretion for the Regulator

First, the regulator should be given more discretion. This would be necessary for regulators to successfully shift to a more principles-based approach and enable them to fully harness the benefits of experimentation. Given the dynamic and pace of the environment around the regulator, the model in which the regulator is a mere enforcer of rules decided by the parliament is prone to fail. As shown above, the feedbackloop between an (experimental) rule, information concerning its effects and effectiveness, and the use of this new information needs to be as short as possible and therefore be taking place within one institution. Put differently, gathering information and the ability to act upon it has to be unified in the same organization. Giving the parliament a central role in this loop would not only constitute the addition of another institution, but a particularly ponderous one.51 Taking experimentation seriously though, the regulator needs to be given the room to adopt, adapt, and discard rules following the newest information and data. Limiting this room ultimately means limiting the positive learning effects associated with experimental learning, arguably constituting the most important source of information.52 Discretion is also necessary with respect to experimentation with technology for regulatory purposes where comprehensive parliamentary involvement is also likely to impede the process. In light of the developments in the sector, it becomes increasingly hard, or even impossible, to reconcile the formal law-making process of parliaments with the nature of financial markets and the imperatives they create for financial regulators. The greater independence of the regulator from the parliament that would come with more discretion is no uncontroversial topic.53 While political independence has traditionally been seen as important, the events

51 On this problem, see above 76ff. 52 With respect to the new approach. 53 Notably, it also raises important questions related to democratic legitimation, the rule of law and separation of powers. While acknowledging the great importance of these issues, they cannot be fully addressed in this book. For an overview of the discussion, in particular around independence and democratic legitimation of agencies, see, e.g., Hermann Pünder, ‘Democratic Legitimation of Delegated Legislation: A Comparative View on the American, British and German Law’ (2009) 58 The International and Comparative Law Quarterly 353. Comprehensively, in the context of central bankers, Paul MW Tucker, Unelected Power: The Quest for Legitimacy in Central Banking and the Regulatory State (Princeton University Press 2018).

362

C. RUOF

around the GFC have brought the independence of regulators under attack.54 Against the backdrop of the above-mentioned benefits, it, therefore, appears to be preferable to readjust and make financial regulators again more independent from the political sphere.55 Recent scandals linked to political involvement56 as well as the susceptibility to changing political agenda and short-termism57 however demonstrated the perils of allowing some degree of (political) control over financial regulation.58 Hence, the reduction of ex-ante control associated with greater discretion should be compensated with an increase in ex-post controls, e.g. by introducing more comprehensive reporting requirements, ad hoc questioning and oral presentations or systematic reviews, and external assessments of the regulator’s work.59 4.2

Resource Requirements for the New Approach

Second, it needs re-emphasizing that the new approach requires an increase in available resources.60 Setting up a regulatory platform as envisioned above means significant upfront costs, even if they are likely to pay off mid-/long-term. As the implementation of the new approach is likely to require essentially a complete overhaul of legacy IT systems, large investments would have to be made. To make participation and collaborative experimentation flourish, it is of utmost importance to establish

54 See, e.g., Gadinis (n 115 in Chapter 2). 55 Notably, while keeping the chain of democratic legitimacy intact. 56 So for instance the Wirecard and Greensill scandals referred to in the introduction

to this study. 57 See for instance Hilary J Allen, ‘Putting the “Financial Stability” in Financial Stability Oversight Council’ (2015) 76 Ohio State Law Journal 1087, 1102. 58 Similarly, Allen, ‘Resurrecting the OFR’ (n 3 in Chapter 8). 59 See generally, Monique MH Pollmann, Jan Potters and Stefan T Trautmann,

‘Risk Taking by Agents: The Role of Ex-Ante and Ex-Post Accountability’ (2014) 123 Economics Letters 387. 60 Participants of a survey conducted by the FSB see resource issues as the major challenge in successfully developing and deploying suptech solutions (FSB, ‘The Use of Supervisory and Regulatory Technology by Authorities and Regulated Institutions— Market Developments and Financial Stability Implications’ (n 69 in Chapter 5) 11).

10

A REG- AND SUPTECH PLATFORM FOR FINTECH (POLICY …

363

trust in the regulatory platform, which requires a reliable, safe and maintained digital, and technological infrastructure. Hence, saving on the infrastructure would be most likely the first step to failure. Not least importantly, aside from hardware, the regulator would need the personnel to set up and run the platform infrastructure. This will be no easy task, as talent with expertise in finance and IT/computer/ data science is rare, and more critically, expensive.61 Whereas following the last financial crisis, some regulators sought to compete with the industry for mathematical talent (so-called quants),62 the talent that is wanted now is not only canvassed by the financial industry but also by the tech industry.63 Both of these industries are known for aggressive hiring, making it increasingly difficult for the regulator to compete. On the other hand, it has been shown that without being able to offer competitive salaries and/or working conditions; the regulator (similar to other public offices) has been able to attract talent taking the job for nonfinancial reasons, such as ideology or the desire for purpose.64 Yet, this is unlikely to suffice. Another potential solution might be to focus on hiring from universities or involve teams/labs from academia in specific projects.65 Additionally, the regulator should invest in educating the existing personnel. This could take place through the above-mentioned exchange programs and secondments,66 (online) training in computer/ data science, or software engineering, as well as (once the platform is

61 See above at p. 246ff. Also, e.g. Yang and Tsang (n 161 in Chapter 5) 380 for a comparison of salaries paid in the industry and by regulators in the USA. 62 Reuters, ‘U.S. Banking Regulators Hire Quants of Their Own’ (NEWSWEEK, 5 August 2014), https://www.newsweek.com/us-banking-regulators-hire-quants-their-own250375. 63 For instance, in February 2020, Goldman Sachs estimated that it employed around 10.000 software developers, which makes up a quarter of its total workforce. See Jia Jen Low, ‘Developers Now Make up a Quarter of Goldman Sachs’ Workforce’ (TechHQ , 14 February 2020), https://techhq.com/2020/02/developers-now-make-up-quarter-ofgoldman-sachs-workforce/. 64 Allen, ‘Resurrecting the OFR’ (n 975) 32 argues the regulator (in her case the OFR) should stress these ‘virtues of public service and the opportunities to contribute to something important and exciting.’ 65 Also ibid 34 and Yang and Tsang (n 161 in Chapter 5) 400. 66 See above at p. 246ff.

364

C. RUOF

established) in the frame of industry collaboration on the regulatory platform.67 It could be fruitful to establish a global knowledge centre that pools expertise in the relevant areas and fulfils a part in educating regulatory personnel.68 For this purpose the BIS and its innovation hub, for example, could play a central role.69 Additionally, research labs could be established within the regulatory agency to conduct cutting-edge and publicly minded research on innovations from the industry and for regulation.70 If executed well, these measures could sustainably elevate the reputation of the regulator, creating a virtuous cycle of attracting more skilled employees. Nonetheless, it seems inevitable that the regulator would have to be given a greater budget to enable it to invest in IT and human resources.71 As mentioned before, if proper funding of resources and expertise does not take place, the transition to the envisioned regulatory approach is prone to fail and would be likely to end up in a fragmented environment with an uninformed regulator, ultimately (once again) resulting in de facto laissez-faire and strong industry dominance.72 Worse still, the failure to build a sound digital infrastructure would inevitably result in operational failures, data breach and declining trust in the approach, which would ultimately risk to frustrate the whole project. Large investments that are necessary in the beginning would however be followed by growing economies of scale and declining costs of operation in the mid-and long-term. Furthermore, once the platform is running, additional income sources could be conceivable, such as

67 Concrete proposals on education programs are presented by Barefoot (n 59 in

Chapter 7) 73f. 68 For emerging market economies, the Toronto Centre fulfils a similar function. 69 See also Tsang (n 20 in Chapter 6) 401. 70 A comparable suggestion is made by Allen, ‘Resurrecting the OFR’ (n 3 in

Chapter 8) 45. 71 As Frank Pasquale also argued, ‘regulator’s lack of resources is not simply the state of affairs’, but is instead a policy decision. See Pasquale (n 237 in Chapter 8) 2088. 72 This would be in a way a repetition of what happened prior to the GFC in the UK, where principles-based regulation was accompanied by a lack of regulatory resources. See above at p. 237f.

10

A REG- AND SUPTECH PLATFORM FOR FINTECH (POLICY …

365

charging a (moderate) fee for the participation in certain regulatory spaces or the utilization of services provided by the regulator.73 4.3

A Cultural Change Inside the Regulator

Third, to bring the benefits of the new regulatory approach truly to fruition, a profound cultural transformation has to take place in regulatory agencies.74 As the Toronto Centre for Global Leadership in Financial Supervision rightly observes, ‘[p]aradigm shifts can only succeed with the right mindset and leadership at regulatory and supervisory authorities […]’,75 which underlines the need for some cultural imperatives to be followed within the regulator. First, the regulator needs to become more embracing of change and innovation, both when it comes to its own role as well as the environment outside of it. While regulators typically have not been thought of as innovators, the reactive approach cedes much of their ability to curtail harmful events and find safer and more effective regulation. Accordingly, regulators need to perceive themselves also as innovators and develop the corresponding mindset. With respect to private sector innovation, embracing innovation importantly does not mean unconditional support of innovation and fintech, but rather the acceptance that innovation and change is something that, particular in the current time, is inevitable. The question is rather where it takes place—below or on the regulatory radar. A well-informed regulator should not be ‘afraid’ of change, but rather encourage and harness it. At the same time, it has to stay aware of not being ‘blinded’ by (alleged) innovation and the often shiny presentations from the industry, but persistently test what the (exact) technological innovation is, what its purpose, function, and characteristic are and finally assess the implications of it.76 Second, and closely

73 Importantly though, the financial regulator should maintain the public budget as its primary source of income. The fees should also not have the effect of unproportionally affecting small fintechs, offsetting the attractiveness of the platform and its offerings. 74 This statement is necessarily generalizing and does not capture the individual differences in terms of mindset and culture among different agencies. 75 Toronto Centre, ‘FinTech, RegTech and SupTech: What They Mean for Financial Supervision’ (2017) 17. 76 See above at p. 93ff. and 102f.

366

C. RUOF

connected to the aforementioned, the regulator should adopt an experimental mindset and be willing to take (moderate) risks.77 This is foremost needed to produce information in order to avoid regulatory mismatch. However, more active engagement by the regulator is also needed as several contemporary problems, not only of regulatory nature, will not be solved by exclusive reliance on the private sector, but requires creative thinking also on the public side. To that end, the regulator should move a few inches along the spectrum from the risk-averse and rule-obsession end towards pragmatism and experimentation.78 Surely, developing an experimental mindset does not mean the regulator should not become a high-risk taker. Rather it should demonstrate openness to testing new solutions and reach across the aisle when it comes to solving problems. It should not set ‘perfect’ as the standard for new models and focus on its drawbacks, but rather on its potential to improve the status quo.79 A necessary part of experimentation (and being an innovator) is the acknowledgement and permission of failure.80 While in the private sector, failure is an inevitable part of business; the tolerance for it in the public sector is much lower. The regulator should be allowed some leeway for trial-and-error, even if that, in the end, results in wasted resources.81 Importantly though, it also has to maintain awareness of the risks involved and consider the potential costs of failure. This would for instance mean that experimentation could be much more embraced with smaller financial institutions as opposed to big financial players, where unexpected failures can send shockwaves throughout the whole economy. As on the platform, errors can be corrected much quicker than before, and the costs of failure are then generally more limited. This should be

77 Similarly, Allen, Driverless Finance (n 88 in Chapter 5) 168f and 197f. Notably though, this notion might conflict with the self-understanding or even the (implicit) mandate or principles of regulators to varying extents. 78 In a similar direction, Allen (2023) Suptech (n 34 in Chapter 8) also exploring the reasons for the current culture of regulators (see p. 287f.). 79 See also Barefoot (n 59 in Chapter 7) 70. 80 That this displays a major obstacle especially with respect to the adoption of suptech

becomes evident, for example, in Castri (2019) Suptech Generation where concerns among regulators about the uncertain value and risks of suptech are cited as the primary obstacle for their adoption (see on p. 14). 81 Also, Allen, ‘Resurrecting the OFR’ (n 3 in Chapter 8) 44f. Notably, in the long term, these investment would not be wasted, as the regulator learns from failures.

10

A REG- AND SUPTECH PLATFORM FOR FINTECH (POLICY …

367

supplemented with a more general permission structure that distinguishes between tolerable failures and intolerable ones.82 Third, and linked to all the above, is the imperative for the regulator to adopt a mindset of continuous learning. In order to succeed in a fast-changing environment, employees need to keep abreast of the latest developments in the market and be well informed about the newest technologies. This implies turning away from a ‘box-ticking’ mentality allegedly prevalent within some agencies. This learning would first and foremost be facilitated by experimentation, where regulators are expected to learn from failures and adjust their practice accordingly. Not least important, staying abreast of new developments in the markets should to be encouraged and incentivized from the top of the agency, e.g. by pay raises, more promising career paths, secondments, or other perks. This mindset of continuous learning also goes hand in hand with constant questioning of the current understanding of risks and potential sources for crises, including e.g. the appreciation of new potential transmission mechanisms for systemic risks.83 Last, the focus of the regulator should shift away from a market-failure oriented perspective towards a more holistic view that is concerned with the health of the entire ecosystem. As already mentioned before, the regulator’s main concern should be the production of systemic information and constant assessment of the impact and effectiveness of new regulation, while other tasks can be (in a context-sensitive way) be partly automated or outsourced. A regulatory platform would constitute a good basis for this shift, as it would make micro-prudential regulation more efficient, while simultaneously giving the regulator the unique opportunity to observe activity in the system from a high-level perspective and see the individual entities as part of a complex, constantly evolving financial ecosystem.84

82 See Allen (2023) Suptech (n 34 in Chapter 8) laying out 4 distinct categories where regulatory innovation/experimentation could go wrong, each carrying different implications (p. 270ff.). 83 See also ibid 38. 84 See also Awrey and Judge (n 117 in Chapter 2) 2351f.

368

C. RUOF

5

Remaining Risks and Limitations

Despite all the benefits a regulatory platform would entail, it is no panacea to all the flaws and problems of financial regulation. The purpose of the proposal offered here was to envision a broader conceptual redesign of financial regulation going beyond the commonly practised and discussed regulatory responses to fintech, which mostly remain rather technical. It advocates for an ambitious redesign of financial regulation, promising to close the information gap between regulators and the market and prevent regulatory mismatch. It also provides the basis for a new role of the regulator; one that is not only following the market but also actively participating in it (when it comes to regulatory solutions). In effect, the new approach should help regulation to turn from a backwards-looking into a predictive and proactive exercise. The collaborative approach to solving problems further holds the promise to help to overcome the problems associated with regulatory dialectic, in particular regulatory arbitrage. In sum, when executed properly, the new approach can make financial regulation much more future-proof and ultimately contribute to a more stable financial system. In taking a clear focus on remedying the information problem though, the proposal admittedly neglects (or even exacerbates) other problems, which might—depending on one’s priorities—be just as important. Yet, this does not diminish the value of the present contribution but rather invites for a discussion on improvements or adjustments of it. In the following, I will touch on some of the most important limitations, in particular on those that have been neglected so far.85 First, while the new regulatory approach appears primarily promising for fintech firms, small non-financial institutions and other innovative start-up firms, the challenges associated with its application big financial incumbents and bigtech players also need to be considered. Incumbent institutions, for instance, have much more complex and deeply ingrained IT systems and are overall more difficult to effectively integrate on the

85 Besides those, there are additional risks, which are however outside the scope of this study. This includes but is not limited to liability risks due to the use of algorithms and especially MRER.

10

A REG- AND SUPTECH PLATFORM FOR FINTECH (POLICY …

369

platform.86 The size of bigtech players87 and the variety of their product and service portfolio and the depth of integration with other types of services creates problems of at least similar degrees. Against this background, the transition here from the traditional structure to the new approach is likely to be challenging. Given the dimension of the task, only a gradual setup of the platform and integration of players will be feasible. Considering the lower costs of failure and higher benefits, it should begin with fintech and smaller companies and from there keep integrating other, bigger players.88 A full integration will pay off, as the enhanced data visibility and availability would make the identification of (systemic) risks much easier and reduce significant individual information gaps.89 Notably, also in substance the platform approach has limitations with respect to these players. In particular, it does not address the full risk portfolio of big financial players such as issues along the lines of ‘too big to fail’.90 The same is true for bigtech players who are increasingly into the financial markets, raising not only critical regulatory but also political, macroeconomic, and competition policy issues.91 Moreover, while the digitalization and (partly) automation of financial regulation would bring plenty of advantages compared to the current system, it also comes with certain risks. These, to a large extent, mirror risks that are associated with automation in general, i.e. also in the private sector. Namely, with increasing automation of processes, ‘blackbox’ issues could emerge.92 Once the regulator stops understanding how 86 That is added by the problem that they are typically present in multiple jurisdictions, resulting in multiple sources of data and potential problems in localizing them. 87 That is, to the extent they fall in the scope of the financial regulator. 88 Notably, depending on the time of this transition period this might, the regulator

would need to be aware of fragmentation risks and level-playing-field concerns. 89 See also Broeders and Prenio (n 183 in Chapter 8) 18. 90 Recently, Iain Withers and Huw Jones, ‘For Bank Regulators, Tech Giants Are Now

Too Big to Fail’ Reuters (20 August 2021), https://www.reuters.com/world/the-greatreboot/bank-regulators-tech-giants-are-now-too-big-fail-2021-08-20/. 91 On the entry of bigtech and corresponding challenges, see above on p. 146f. and Frost and others (n 190 in Chapter 5); FSB, ‘BigTech in Finance: Market Developments and Potential Financial Stability Implications’ (n 191 in Chapter 5). Notably, competition issues can translate into financial stability issues once the market power of Techfins reaches a certain level, not least raising new ‘too big to fail’ questions. 92 See above 241f.

370

C. RUOF

certain outcomes have been reached, it is likely to fall for the ‘automation bias’, blindly trusting the results produced by algorithms.93 Excessive dependence on suptech solutions could further lead to a misplaced emphasis on the risks that can be measured, as opposed to those that (truly) matter.94 Additionally, regulated institutions might over time figure out which signals create what warnings or alerts in the regulator’s suptech system and strategically exploit this knowledge.95 Against this backdrop, skilled human oversight is inevitable if the regulatory platform and the tools thereon are to provide enhanced stability.96 In order to avoid over-reliance, regulatory staff should not stop questioning and interrogating results.97 Further, as algorithms are highly dependent on the data they use,98 the quality of data becomes key. While the platform is able to control well for this by having full access to the entities, the issue becomes much more salient with respect to non-traditional sources of information and unstructured data. This will gain even more importance with the entry of bigtech in certain segments of the market. Furthermore, the wholesale digitalization of the regulatory structure can, especially in the transition phase, increase the risk of operational errors (i.e. hardware and software errors). Heavy reliance on suptech and regtech solutions, especially with respect to critical activities could create risks that potentially cause system-wide disruptions.99 While a controlled test in an experimentation space before wider market application mitigates some of that risk, additional safeguards would be needed. Besides, as the functioning of oversight and enforcement would rely on the infrastructure and the digital channels to the institutions, there would need to be emergency plans in the case they fail. As aforementioned, the instantaneous nature of MRER could similarly exacerbate the effects of mistakes by the 93 On automation bias, see above at p. 135. On potential remedies, see Allen, ‘Resurrecting the OFR’ (n 3 in Chapter 8) 38ff. 94 Similarly, Jon Danielsson, Robert Macrae and Andreas Uthemann, ‘Artificial Intelligence, Financial Risk Management and Systemic Risk’ (Systemic Risk Centre 2017). 95 See also FSB, ‘The Use of Supervisory and Regulatory Technology by Authorities and Regulated Institutions—Market Developments and Financial Stability Implications’ (n 69 in Chapter 5) 10. 96 See also ibid 32. 97 Which of course is again associated with additional costs. 98 See above at Chapter 6 Sect. 3. 99 Also He and others (n 72 in Chapter 5) 18.

10

A REG- AND SUPTECH PLATFORM FOR FINTECH (POLICY …

371

regulator and magnify the costs of failure when used pervasively. Moreover, concentration risks are likely to emerge if not properly controlled for. In particular, large suppliers of cloud services or providers of other critical functions that many firms rely on could become a single point of failure in the system.100 Perhaps even more importantly, the enhanced data flows on the platform increase cyber risks. Especially when data is being transmitted online or handled by third parties, increased risks for the security of this data can result. The flipside of digitalizing a large part of the regulatory environment is that it potentially also creates more points of vulnerability for cyber-attacks. That risk is even more pronounced against the background of the public–private collaborations on the platform. The closer (technological) links between public and private actors that would result, could function as a backdoor for criminal activities as well as theft of supervisory data or sensitive business information. Moreover, a heavy reliance on digital infrastructure can open can enhance the risk for malicious attacks from private or state actors. Cyber risks not only come from the outside, but eventually also from competitors and other participants who are active on the platform and could gain access to commercially sensitive of other firms.101 In that context, the API-infrastructure may bare the risk of providing a route for hackers to gain access into other participants’ systems. Every single variation of these cyber risks may have systemic implications and could potentially—in the worst case—result in a full collapse of the regulatory platform and the digital infrastructure underpinning it.102 Therefore, it is of great importance to be aware of these risks and prioritize safety and reliability of the digital infrastructure underpinning the platform. That is not only true with a view to prevent systemic breakdowns, but also essential for building the necessary trust in the approach, which is key to its success. Cyber risks can however also originate from the regulator’s side103 : Poorly coded or erroneous data requests/ ‘pulls’ or incompetent handling 100 See also Hee Jung (n 161 in Chapter 5) 269. 101 Similar concerns were raised by multiple respondents to the FCA, ‘Digital Regu-

latory Reporting—Feedback Statement on Call for Input’ (n 214 in Chapter 9) 9. 102 On the systemic implications of cyber risks, see also Broeders and Prenio (n 183 in Chapter 8) 18. 103 See also Broeders and Prenio (n 183 in Chapter 8) 18.

372

C. RUOF

of data/sensitive information can be both, harmful for the entity concerned and damage the reputation of the regulator and the platform. Resources and qualified staff can alleviate, but not fully erase these concerns. This, however, only covers the case where the regulator fails to achieve its good intention. In the proposed architecture, the regulator’s data access is meant to raise its level of information, which is supposed to put it in a position to achieve better regulatory outcomes. Yet, this presumes a functioning and stable state apparatus where the power of the executive branch is met by democratic checks and balances. In the case though, where this is not a given, or democratic structures crumble, the enhanced access of the regulator to private information can become a great source of risk and abuse. Another instance where regulators might deviate from their objectives is regulatory capture, a prospect that is also worth reemphasizing in the context of the proposed approach. To a large extent, capture is rooted in the information asymmetry between regulator and regulatee which would be addressed by the new approach. On the other hand though, the shift from a more adversarial to a collaborative relationship, as well as the envisioned public–private initiatives on the platform inevitably open (new) room for capture by the industry. Certain features that are parts of the proposal, such as high-level transparency, diversification of views and actors, and a well-equipped regulator with strong intervention powers, are already supposed to minimize opportunities for regulatory capture but more safeguards are likely to be necessary.104 Especially in the case where suptech solutions are bought from or created in collaboration with the industry new sophisticated forms of capture and arbitrage might occur, likely to require new measures to address them.105 According to interviews by the BIS, some regulators already see the risk that suptech might lead to market participants adjusting their behaviour in order to game the underlying technology and ultimately the regulator.106

104 These could, for example, include some form of internal and external checks, meaningful transparency to the public as well as (political) accountability. For a broader discussion of various strategies to address capture, see Baxter (n 214 in Chapter 8). 105 See above at p. 241f. and 245f. where also some potential safeguards are proposed. Additional potential remedies are e.g. suggested by Enriques (n 149 in Chapter 5) 5f. 106 See Broeders and Prenio (n 183 in Chapter 8) 2.

10

A REG- AND SUPTECH PLATFORM FOR FINTECH (POLICY …

373

However, done right, also the prospect of regulatory capture is a risk that can be successfully overcome.107 Lastly, there is likely to be a painful implementation and transition period until a regulatory platform would be fully in operation. Reasons for this include political barriers given the costs involved and the power shift from the legislative to the regulator. Resistance could further come from powerful interest groups as the new approach would bring new entities into the fold of financial regulation. Worse still, the investment is likely to not pay off immediately, but rather carry fruits in the mid-term. Additionally, the transition to new technology and structure usually takes time. There typically is a delay between the introduction and the successful and widespread adoption of a new technology (called the ‘technology diffusion lag’).108 Especially when the adoption of this new technology has to correspond with the replacement of an old, entrenched system, it can take a long time until the new system is successfully deployed.109 At the same time though, the cost aspect is the one with the smallest room for compromise. For the proposal to become a success, high initial investments will be necessary, about which there is no doubt. If these investments in IT as well as personnel were avoided, the approach would be likely to backfire, cede the field to the industry and lead to greater regulatory mismatch and risks for financial stability. In other words, the downside risk is high and the costs in the case of regulatory failure are even higher. On the other hand, if executed properly the upside potential of the regulatory platform is similarly great and is likely to lead to a substantial improvement of financial regulation.

107 According to Hurwitz, in some cases PPPs have proven more resilient to capture concerns than traditional regulatory models. See Hurwitz (n 7 in Chapter 8) 129. 108 See for instance Gaia Bernstein, ‘In the Shaddow of Innovation’ (2010) 31 Cardozo Law Review 2257. 109 For more on this see Rody Manuelli and Ananth Seshadri, ‘Frictionless Technology Diffusion: The Case of Tractors’ (NBER 2003).

CHAPTER 11

Summary and Conclusion

Fintech is visibly changing the way financial services are delivered and financial transactions are made. Like every era of innovation, especially in the financial sector, it entails promises mirrored against new risks. For identifying and effectively addressing those however, the regulator needs to collect information and built up expertise about the phenomenon. This study has analysed fintech against this background and calls for a reconceptualization of financial regulation that puts the tasks of collecting, producing, and processing information, and the ability to effectively act upon at its core.

1 Financial Regulation and Its Inherent Information Problem The first contribution of this study is the development a conceptual framework for showing the information problem that lies at the heart of many specific regulatory problems and failures in the financial sector. Without sufficient information, regulators are prone to make flawed decisions that lead to harmful outcomes, ultimately failing to meet their mandate. In comparison, if the regulator possessed all the relevant information, the remaining task of regulating would merely be more than an exercise of logic. Yet, in reality, information is present in an amalgam of decentralized © The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 C. Ruof, Regulating Financial Innovation, EBI Studies in Banking and Capital Markets Law, https://doi.org/10.1007/978-3-031-32971-5_11

375

376

C. RUOF

and disaggregated bits spread among countless individuals, complicating the task of the regulator who then needs to hunt dispersed information and process it. Ultimately, the regulator needs to translate the collected and processed information into well-designed regulation, or, in other words, act upon the information. If one of these elements is not ensured, the sector will keep to continuously detach itself from regulation, its structure, and approaches, creating a fundamental mismatch between the market and its regulation, the infamous regulatory mismatch. The elements of gathering and processing information determine the knowledge level, or inversely the information deficit. Conceptually, the information deficit consists of three separate, but interlinked elements, namely: (1) the information gap, (2) unknown information, and (3) Knightian uncertainty or unknown unknowns. The first of these describes the asymmetry of information between the regulator and the industry. This asymmetry is to some extent inherent in the nature of regulation and the divide of tasks between the public and the private sectors. Most importantly, information predominantly originates in the market, as financial institutions typically are the ones inventing the product or service, giving them an inherent information advantage vis-à-vis the regulator. Hence, market participants are often the source of information, while the regulator must first collect or itself produce it. While the latter is typically more costly, the way of collecting information from the industry can make the regulator dependent on private industry and open doors for self-interested influence by the industry on the regulatory process. The intrinsic information advantage of market participants exists in most industry sectors. Yet, the financial sector entails certain characteristics that particularly complicate and render costly the task of collecting information. Most importantly, it is extremely complex and dynamic. This complexity in turn is driven by certain features of the financial market, the most important of which include innovation, sophisticated technology, opacity, interconnectedness, and the reflexive relationship between regulator and regulatees. While complexity drives information costs generally, i.e. largely for market participants and regulators, their respective capacity to process the information differs. The size of that difference is determined by several factors, such as economies of scale in the collection and analysis of information, in-house expertise or technology, and resources available that can be devoted to that task. For instance, looking at the number of employees and financial resources, it becomes clear that there is a massive overall asymmetry in information processing capacity between

11

SUMMARY AND CONCLUSION

377

the regulator and the financial industry. In sum, high information costs in addition to a prevalent asymmetry in the capacity to manage those costs contribute to the existence of an information gap between the financial regulator and the industry it oversees. The second element of the information deficit is unknown information. While it is implicit in the notion of the information gap that someone actually is in possession of the information, there is also that type of information that no one has. Unknown information is not in the possession of any actor, because it is yet to be produced. This circumstance roots in a cost–benefit analysis of the individual market actors. That is, acquiring information is, for the above-stated reasons, costly and in some instances, these costs are not worth spending as they outweigh the benefits of the information. For example, systemic information often falls into this category as it is typically costly to produce, while simultaneously not yielding many (immediate) benefits or returns for the individual institution. Unknown information adds into the information deficit of the regulator by lacking one of the (most effective) ways to enhance its information level, i.e. to gather information from private actors. The last dimension, Knightian uncertainty, refers to information that is utterly ‘unknowable’. Knightian uncertainty is prevalent in highly dynamic environments such as the financial sector and implies that regulators—irrespective of their efforts to gather and produce information—will never be able to fully anticipate and address all potential risks.

2

Financial Innovation and Its Contribution to the Problem

What is the role of innovation in this dynamic? To answer this question, this Chapter 4 has taken a deep dive into the theme of innovation generally, and financial innovation particularly. Innovation generally maintains a highly important role in our societies. Most notably, Joseph Schumpeter argued since the early twentieth century that the health and success of an economy lies in its dynamic imbalance caused by innovation. Competition for the best product or service creates spur firms to innovate and create a process where old and weak economic structures are replaced with new and better ones, the so-called process of ‘creative destruction’. Aside from the ‘stick’ of destruction, the other main incentive for innovation is the ‘carrot’ in the form of financial reward. This combination has been yielding numerous inventions that improved the lives of billons of people,

378

C. RUOF

cured diseases, and prolonged lives. Not at least, it has contributed to finding a vaccine for a global pandemic in record time. On the other hand, innovation is not inherently positive, but can also be used for exploitation, deception, or other socially harmful activities. Ultimately, it depends on how it is used—which is also the main concern of the regulator whose task it is to assess its risks and benefits. One key problem in doing so is that regulation and innovation are not two forces acting independently of each other but stand in a reflexive relationship. That is, market participants take into account existing regulation when innovating or even innovate in response to regulation, while regulators react to innovation by adapting the regulatory framework and potentially prompting further innovation. This ‘regulatory dialectic’ can take various shapes, such as regulation influencing market behaviour in a desirable direction, but also regulatory arbitrage—a form of avoidance towards regulation by altering the structure of a product or service without changing its risk profile. The regulatory response on the other hand can range from an extreme of doing nothing to another extreme to ban the new product or service. As aforementioned, in this relationship, regulation typically plays the reactive part to pro-active innovation. Especially in environments with fast innovation cycles, this results in a so-called ‘pacing problem’ where innovation develops significantly faster than the regulatory response thereto. In a scenario where innovation continues to outpace regulation, it will run through the cracks of the regulatory structure and migrate to the outside space. In the end, it can be another main source of regulatory mismatch. Innovation in the financial sector is a special and very peculiar case. Its history is particularly chequered and controversial, with the relatively recent GFC significantly influencing the public view on financial innovation for many years to come. But what exactly is financial innovation and what makes it so special? For answering this question, this study has reviewed different definitions and categorization attempts from the literature on financial innovation. While most of these attempts are helpful in a given context, they are not for contouring the object of analysis in this study. Especially, portraying financial innovation as something inherently positive or negative appears misguided, as this assessment is neither the task, nor in the power of regulators. Rather, financial innovation needs to be framed neutrally, that is, simply as a process of change. To maintain a clear and neutral perspective on financial innovation, the regulator should focus on three core question when assessing a new product or service, which are: What exactly is the technological innovation? What are the

11

SUMMARY AND CONCLUSION

379

purpose and function and characteristics of it? And finally, what are the implications thereof? Financial innovation further entails certain characteristics that distinguish it from other industry sectors, including its externalities that are a result of the interconnected nature of the financial sector, and its high level of dynamism that manifests in fast innovation cycles and diffusion rates. These characteristics significantly contribute to the difficulty in its regulation. Yet, they are not part of the definition of financial innovation—being dynamic by nature, limiting its definition to a finite set of attributes would diminish its openness. The main drivers of financial innovation can be put into three categories, namely demand-side drivers, supply-side drivers, and regulation. Financial institutions innovate to improve imperfects in markets and inefficiencies in existing products and service. For instance, the emergence of financial derivatives in the 1970s and ‘80s are largely attributed to high volatility in that period which created a strong demand for products that enable investors to hedge corresponding risks. On the supply side, the most important driver in the past decades (that also underlies fintech) has been advancements in information technology. In financial innovations, technology typically plays the role of a facilitator, meaning that it enables for instance the addressing of market imperfections. Moreover, financial institutions also have supply-side incentives to innovate. Most importantly, they have an incentive to keep the pace of innovation at a high level in order to capture short-term rents but also to embrace complexity and increase their information advantage vis-à-vis and the regulator, which potentially enables them to exert influence on the regulator or conduct regulatory arbitrage. Lastly, in the financial sector, regulation has been a particularly strong driver of financial innovation well-exemplifying the concept of regulatory dialectic. Especially, responding to a new regulation in the form of regulatory arbitrage has been a common theme in the history of financial innovation. Aside from these behaviours, regulation can also trigger innovation in less direct and unintended ways. Putting these characteristics of financial innovation in context with the regulatory process bares several implications. Firstly, it exacerbates the information deficit in all its elements by driving information costs and creating Knightian uncertainty. Factors that complicate this task in particular in the financial sector are especially the supply-side incentives and the (not least caused by those) high pace of innovation. While the financial regulator is not only controlling, but also altering the behaviour of market

380

C. RUOF

participants, the latter have an inherent incentive to enhance and exploit their informational advantage and game the former. Furthermore, the part of translating information into regulatory output is similarly affected by the special characteristics of financial innovation. The regulator is faced with the fact that—depending on the style and architecture—regulation captures information about the market of a certain moment in time, which becomes a problem in light of fast innovation cycles and a constantly evolving information landscape. In responding to change, aside from the need for information about the new phenomenon, regulators need to consider the regulatory dialectic and potential side effects of the regulation they seek to implement. At the same time, the response should not take too long, as unregulated risks can grow and materialize. In the end, financial innovation poses a serious threat for the enterprise of regulation and severely complicates and cumbers the task of gathering and implementing information. That is what makes financial innovation a key challenge to financial regulation and needs to be put centre stage in a regulatory proposal.

3 Fintech as the Current Manifestation of Financial Innovation After having gone down one level of abstraction—from innovation to financial innovation—the study ultimately takes one step towards concretization and addresses the main object of the study, i.e. fintech. Whereas there is no clearly established definition of fintech, the study chooses one the same standards as for financial innovation generally. As a current episode in the broader trajectory of financial innovation, also every approach to a definition needs to display openness to change and future unanticipated developments. For this reason, the study uses the term fintech to refer to ‘technology-enabled financial innovation that could result in new business models, applications, processes or products with an associated material effect on financial markets and institutions and the provision of financial services.’ When looking at concrete manifestations of the phenomenon, it shows that fintech affects every major sector of the financial services market. Across sectors, fintech firms promise to deliver financial services at lower cost, and in a more convenient and efficient way. For that purpose, they apply state-of-the-art technology and advance the digital transformation of the financial sector. They often

11

SUMMARY AND CONCLUSION

381

target certain parts of the financial service value chain or seek to “disintermediate” and connect borrowers and lenders directly with each other. At the same time, most fintech firms build their business model on existing market structure and in some ways are reliant on the existing infrastructure or incumbent players. Few are attempting to build a wholly new structure and completely ‘disrupt’ the sector as it exists today. Another observable trend brought by fintech is the one towards platform business models for which the market support and infrastructure service sector is a prime example. From a functional perspective, most fintech applications do not change the fundamental nature of the product or service, but often only adapt certain elements. Instead, their economic functions resemble relatively closely that of their (non-digital) predecessors. What often is taking place with fintech companies is the substitution of human intermediation with a computerized one. An analysis of the drivers of fintech also comes to the conclusion that fintech to a large extent fits into the existing trajectory of financial innovation. Like in the case of most financial innovations in the past, fintech is the result of a covalence of a number of factors, without each of which the fintech development might have taken a different shape. Looking at the drivers individually, it becomes clear that most of them are not new, but rather are present throughout a big part of financial innovation’s history. The most obvious of these is technology, which more than ever is the ultimate enabler of a large majority of fintech services. On the demand side, fintech is largely driven by the expectation by consumers for financial services to transition to the digital world and modern lifestyle. From the perspective of the regulatory dialectic, fintech can be viewed as a predictable response to the post-crisis reform efforts, presumably existing in both forms, as regulatory arbitrage as well as efficient compliance solutions. Yet, drawing from this the conclusion that fintech would not be ‘something new under the sun’1 turns out to be premature. Already on a micro-level, certain distinctive features can be identified. First, this becomes apparent by looking at not only on what is, but ‘who is’ fintech. While the regulatory barriers to the market in tendency grew after the GFC, technology and new types of partnerships have lowered barriers to enter. With the advent of the internet and smartphones, it has

1 See Intro.

382

C. RUOF

been possible also for small firms to directly interact with the (potential) customer, significantly reducing the ‘stickiness’ of existing customer relationships. Meanwhile, the new value of data has been attracting the attention of ‘data-rich’ players from other sectors who see opportunities to gain a competitive edge in the financial sector. Feeling competitive pressure from fintech firms, neo-banks, and bigtech, incumbent financial institutions strive to become more dynamic and improve their legacy infrastructure in response—often with the help of a number of specialized third-party firms. This diversity marks a clear departure from previous eras of financial innovation, including the one before the GFC, where innovation came predominantly from the big incumbent financial institutions. Notably, also in contrast to previous eras, the expertise of these new entrants often resides more in tech than in finance. Furthermore, technology not only underlies the new variety of players, but has also contributed to significantly enhance one conventional features of financial innovation in the era of fintech, which is the pace of innovation. While this phenomenon is prevalent across sectors and industries it is exceptionally prevalent in financial services where a convalescence of factors makes innovation cycles short and let innovation diffuse on high speed. Ultimately, the pace under fintech further complicates the task of regulators by making everything happen faster—from the emergence of risks to their materialization, as well as from the introduction of regulation to its obsolescence.

4 Digital Disruption: Structural Shifts by Fintech Viewing fintech from a structural perspective reveals much more fundamental shifts that take place more incrementally and less visibly. These shifts are to a large extent a product of the high prevalence and interaction of the aforementioned features of fintech. Firstly, a structural perspective on the fintech phenomenon reveals a decentralization of the sector that affects consumer-faced activity as well as back-office functions. In the front, this shift manifests a change from the old structure where a few dominant firms, mostly functioning as one-stop-shops for the consumer, transition to a more diverse set of players providing specialized services to consumers that now often decide on a provider individually for each respective service they are seeking. Ultimately, this has been leading to

11

SUMMARY AND CONCLUSION

383

an unbundling of financial services consumption. At the same time, backoffice functions which once were (almost) fully centralized within each financial institution respectively, are being transformed into a patchwork of big and small interconnected (among each other or with other TPPs) third-party suppliers. As a result, the internal scaffolding of financial institutions is being replaced by a patchwork of independent third-party actors who perform singular functions respectively for multiple clients. This has important implications: as a result of the outsourcing process, the expertise behind these functions and substantial control over those processes shift away from these institutions to the TPPs, which are typically not financial institutions, but tech companies. Both, in the front and in the back, decentralization is significantly fuelled by platform-based business models as well as non-physical cloud-based infrastructure. Another important dimension of decentralization is the increasing separation of origination and distribution of a financial service which is once more rooted in platform-based business models. In the era of fintech, it is not the norm anymore that the firm offering a service—be it to a consumer or in a B2B setting—is also materially providing the service. This new separation contributes to the shift in substance to the back by decoupling the creation, expertise, and infrastructure of a service from its distribution to the customer. At the same time, these services are largely provided in an ‘as-a-service’ fashion, which adds more dynamism into this new structure. Not least, some of the technology underlying fintech is itself decentralized, first and foremost DLT and blockchain. Second, a wholesale automation of the sector is taking place in the form of a transformation from a sector that had once been dominated by humans to one where humans and algorithms (at least) share control and power. AI and ML are enabling technologies that underlie the large majority of fintech applications, continuously increasing the sophistication and autonomy of algorithms that are responsible for an increasing share of decision-making in the sector. That includes both: consumerfaced services such as investment advice or lending, as well as back-office functions such as risk monitoring or regulatory compliance. While likely to enhance efficiency and precision, enhanced automation at each step of the process further leads to the decision being able to be made and implemented in almost real-time, potentially further accelerating the overall pace in the sector. Ultimately, this transformation entails a shift in the financial services market’s centre of gravity towards more techno-centrism with once again control migrating away from the core financial players.

384

C. RUOF

The widespread application of algorithms and their steady improvement would however not be possible without one key resource, which is data. The last key structural shift that is observable under fintech and closely connected to the automation therefore is the transformation of the financial services sector towards a data-driven industry. In the centre of this shift are the so-called ‘three Vs’ of data, namely volume, variety, and velocity, whereby each of these components has seen an explosive growth across sectors and industries. This alone would yet not be too effective if the past years yielded substantial advances in the possibility to store and analyse data. The combination of these factors has resulted in new sorts and amounts of data underlying most new fintech services and have enabled a new level of personalization in financial services. At the same time, the dependency on data grows for market participants and regulators alike, giving players with better access an important competitive advantage.

5

Informational Implications of the Structural Shifts

What these shifts imply for the information dynamics between the industry and the regulator as well as for the deficit of the latter, is central for the stability and success of financial regulation. One key implication that these shifts have in common is that they fuel the already high level of complexity in the sector, which is inter alia driven by the influx of players that bring new quantities and qualities of information with them. In contrast to incumbent players, they are more diverse and employ a varied set of sophisticated technologies, such as cryptography and ML, resulting in increased information costs on the side of the regulator. Worse still, these new players often emerge outside of the regulators radar, making them harder to identify and draw information from. This is being accompanied by a new level of dynamic in the sector, primarily driven by platform and ‘as-a-service’ business models. Consequently, information is not only more costly to gather, but also subject to constant change, hence quickly outdated. In this environment, it becomes increasingly difficult for regulators to maintain an overview and locate emerging risks. Responding to risks is similarly aggravated by the instantaneous nature of automated decision-making, dramatically reducing the window for regulators to interfere. Simultaneously, as expertise becomes more fragmented, potentially less players from the industry side have the means

11

SUMMARY AND CONCLUSION

385

and the incentive to produce systemic information. The disruptive nature of some fintech innovations, the fast pace of change, and the application of autonomous algorithms further infuse Knightian uncertainty in the sector. Algorithms additionally come with idiosyncratic informational implications, above all the ‘black box’ problem. Lastly, fintech adds to the complexity in the sector by increasing its size, not only by adding new players and new layers of intermediation to it, but also by channelling new capital in the form of investment and loans into the machinery of the secondary markets. Fintech’s inexorable march towards new levels and forms complexity causes an overall increase in information costs. However, additionally, it also amplifies the information gap between the regulator and the market as a whole in multiple ways. For instance, due to the shift and fragmentation of substance and expertise caused by decentralization, it has become much more difficult to collect information from the market. While existing channels and tools are still in place, their value has eroded in light of the shifts associated with fintech. Notably, the information advantage of individual firms vis-à-vis the regulator arguably decreases or even reverses, as the information that many fintech firms possess is (similar to their business model) narrow and highly technical. This however is no good news for the regulator, as correspondingly the amount of information that can potentially be gathered from the firm decreases. Concerning fintech firms that are small and apply highly sophisticated technology, even information about their own service might not be in their possession, but with the technology provider behind the fintech. This in effect creates an additional layer to the existing information gap. At the same time, most regulators appear to be unable to keep up with newest technological development, both in terms of expertise, and utilization. Vis-à-vis fintech firms who have their whole business model dependent on a certain technology, a stark asymmetry in technological know-how is the result. This asymmetry grows in light of the skills and personnel each side employs. Talent with relevant tech and coding background is highly demanded and so far predominantly active on the industry side, but not on that of the regulator. At the same time, the entry of bigtech brings a whole new dimension to the asymmetry in information processing capacity possessing almost unlimited financial resources and first-class access to data as well as the technology to process and utilize it. These conditions not only can result in regulatory mismatch, but also prepare the ground for new facets of regulatory failure. Automation,

386

C. RUOF

for instance, can raise novel risks of regulatory capture and regulatory arbitrage. Against the backdrop of a widening information gap, fintech firms can potentially use technology as a tool for either gaming the regulator/regulation or to exert influence on the regulator. Additionally, outsourcing presents new opportunities for arbitrage-like behaviours, for instance when the ultimate responsibility for a task is being intendedly obfuscated by making extensive use of external parties providing that task. Despite these structural changes and their implications, regulatory approaches in most jurisdictions have in substance broadly remained the same. On the most basic level, the public–private divide has been left untouched—the regulator being the sole locus of power to regulate and the regulated entities being the passive recipients of orders. More specifically, many regulators around the world in the earlier days of fintech opted for a ‘wait and see’ approach, shying away from substantial alterations to their regulatory approach. In a subsequent phase, some regulators reacted by introducing special regulations tailored to specific fintech applications, which however—having to go through the regular rulemaking process—came late and were destined to be quickly outdated. This lack of speed and adaptability showcased just one of multiple frictions that exist between fintech and the current regulatory approach and architecture. How the regulatory structure can be changed in a way to reduce the information deficit and better accommodate a changing environment is discussed in Chapters 8 to 10.

6

Three Guiding Principles – the Intellectual Foundation of a New Approach

To cope with the challenges of fintech and the growing information deficit, this study proposes a public–private partnership approach that puts the collection and production of information centre stage. This new approach entails a recalibration of responsibilities along the public–private spectrum in financial regulation and should rest on three intellectual Guiding Principles. Namely, these Guiding Principles are (1) experimentation, (2) participation, and (3) decentralization and are partly inspired by, and partly making use the shifts in the sector. Experimentation occupies a key role, being the principle driving the production of information and hence increasing the level of information at the regulator. At the same time, it is supposed to draw external knowledge into the

11

SUMMARY AND CONCLUSION

387

state apparatus. It advocates for a trial-and-error approach to the regulation of fintech, acknowledging that in highly dynamic environments regulation is necessarily temporary and must be constantly adjusted as future situations require. In other words, regulation itself must become dynamic. This ‘regulating while learning’-approach should be accompanied by an infrastructure that supports structural experimentation with different regulatory approaches. Experimentation should be taking place in local hubs and in cooperation with private market participants to facilitate learning by constantly testing and evaluating new and better ways to regulate. It should induce actors to engage in investigation, discussion, and deliberation about problems and potential solutions, and attempt to utilize the creative forces of the private towards the public good. Participation on the other hand advocates for integrating a diverse set of actors into the regulatory process to thereby enhance access to local knowledge. As shown before in Chapters 5 and 6, a significant share of fintech activity is taking place off the regulator’s radar. Moreover, players are much more diverse and increasingly coming from a technological background. A regulatory response to fintech needs to integrate these players to develop an understanding of their functioning and potential risks. This integration should not stop at financial players but aim at including all perceivable actors that have informational value for the regulator. Lastly, by way of decentralization, the regulator should utilize private market participants’ information advantage and borrow their resources to increase its own capacity, thereby seeking to reduce the information gap from the capacity side. Market participants could be given (under close scrutiny) certain tasks and responsibilities in the regulatory process, with the regulator maintaining the ultimate control. This last principle stems from the acknowledgement that in an increasingly dynamic and complex environment which constantly yields new forms of high-tech innovation, reliance on the state as the single source of information-gathering, and processing and ultimately regulatory power is prone to fail.

7

Two Necessary Conditions

For effectively implementing these three principles, a number of conditions need to be ensured. One key success factor is the introduction of a higher level of flexibility in the formulation, application, and revision of regulation. This is not only necessary to enable the Guiding Principles to unfold their full potential, but, importantly, also to translate the

388

C. RUOF

informational gains into regulatory output effectively. For that purpose, the regulatory process needs to allow for swift adjustment of the regulatory practice in light of new information and a changing environment. This flexibility should be provided by an extended use of principles which would give the necessary space for experimentation, reduce regulatory lag as well as incentives for regulatory arbitrage, and provide durability in the face of a changing environment. A more prescriptive rule-based approach on the other hand, as currently in place in a majority of jurisdictions, is not compatible with the three principles and the challenges that come with fintech. The experimentation principle in particular requires fast adaptability, which collides with the lengthy process of introducing and revising new regulations. Moreover, the new complexity in the sector, especially expressed by the diversity of players and service they provide, becomes increasingly difficult to capture with bright-line rules. Yet, the new approach does not suggest a full-fledged turn to principles. Rather the rule-principle dichotomy should be perceived as different points on a spectrum, with different contexts requiring different calibrations along that spectrum. As a second condition, the regulator needs to drastically ramp up its technologization efforts. Just like technology is a key success factor in the industry, it is too for regulation. Whereas in the past the dispersed nature of information led Friedich von Hayek to conclude that attempts of its aggregation would necessarily be so imperfect that they would in the end lead to worse outcomes, today, his view might be a different one. Technology not only can save significant resources, but also provides the means to effectively collect and process information on a new scale— capabilities that can be witnessed in the private sector on a daily basis. Technology should be used to replace old structures and lines of communication with industry with faster and more efficient channels for data sharing as well as for automating some part of the regulatory and supervisory process. However, meanwhile it needs to be considered that similar issues known from the use of these technologies in the industry can arise when applied for regulatory purposes, including automation bias and the black box problem. While implementing these principles holds high promises, they also bring new risks and can even be the cause of dramatic regulatory failure. One source of risks that necessarily intensifies with increased incorporation of private market participants is regulatory capture. One does not need to look far for past cooperation attempts that did go wrong at

11

SUMMARY AND CONCLUSION

389

least partly because the regulator became too sympathetic with industry interests. Participation, experimentation, the outsourcing of certain tasks to private participants and the discretion that principles confer to the regulator are all aspects that have the potential to cause a resurgence of regulatory capture. Against that background safeguards need to be established to control for the risk of regulatory capture. Another well-known reason regulation can fail is the lack of resources that are devoted to it, which is a more-than-usual concern in the context of the new approach suggested in this study. This is not only a lesson learned from previous experiences with principles-based regulation, but also because the task of the regulator becomes substantially more complex and multifaceted. Its role changes from that of a monopolistic supervisor and rule-enforcer to an active participant in experimentation, while at the same time managing and overseeing a far more complex and decentralized structure that produces vast amounts of information on a daily basis. Particular importance has to be devoted to the task of producing systemic information, as this type of information is likely to become increasingly under-produced in the market. To perform all these functions, it is of utmost importance that the regulator is equipped with the necessary staff and technology. If not, the regulatory discretion and experimentation practices are likely to become gateways for industry interests, ultimately ceding the field to the industry. Furthermore, to ensure that participation is not exploited for this exact reason, the incentives of participants need to be aligned to the public goal. This could be achieved for instance by a combination of soft measures, such as fostering a common culture of mutual problemsolving, as well as harder measures such the prospect of harsh sanctions in the case of wrongdoing. Lastly, the regulator needs to actively counteract regulatory uncertainty that might abound as a result of volatile regulation.

8

Current Regulatory Approaches to Fintech

As aforementioned, financial regulation has not changed substantially in the face of the emergence of fintech. Yet, there have been some initiatives from regulators, the primary goal of which has been to promote innovation. This marked a clear shift from the negative view on financial innovation that had been dominant in the aftermath of the GFC. While these innovation-friendly regulatory initiatives are relatively nascent, they have kicked off a regulatory competition among regulators worldwide on attracting the best fintech innovations and innovators. Importantly, some

390

C. RUOF

of these initiatives also embody certain elements of the above-developed Guiding Principles, which is why they were chosen as the subjects for a deeper analysis. Those new initiatives can be put into three broader categories of regulatory approaches, namely innovation hubs and facilitators, fintech sandboxes, and suptech. The analysis shows that they all entail promising components, however, are far from unfolding their full potential and not going far enough to meet the (informational) challenges of financial regulation in the era of fintech. Innovation hubs for instance give a signal of cooperation to the industry that appears to have been positively received by it. To that extent, they can contribute to a more collaborative relationship between the regulator and the market and also promote participation by attracting fintech firms to the regulatory perimeter. Offering dialogue with these firms, innovation hubs create new information channels to cutting-edge innovation activity in the market. However, they provide no space for experimentation and no flexibility. As a consequence, their exclusive informational benefit stems from industry input and observation. The regulatory sandbox as pioneered by the FCA, in contrast provides some room for experimentation, applying waivers or lifting certain restrictions deemed unnecessary for the respective firm in exchange for more tailored requirements to a number of selected participants. In that sense, the regulatory sandbox represents a move towards a more principles-based approach, taking more into account the individual risk profile of a firm as opposed to blindly applying the existing rulebook. This feature makes it considerably more attractive than the innovation hub for fintech firms. Consequently, more fintech firms might be attracted to the regulatory sphere, while at the same time experimentation in the sandbox produces information for the regulator. Yet, the level of experimentation remains low, as its focus lies on the commercial viability of the firm’s service rather than on improving the regulatory framework. At the same time, the flexibility of the regulator is regularly strongly confined by their legal mandate, limiting the benefits of experimentation. Moreover, regulatory sandboxes as operated today are highly resource-intensive, keeping their scope small and making them impracticable for the production of systemic information. The concept of the ‘umbrella sandbox’ promises improvement on that end by outsourcing the operation of the sandbox to private parties. In return, it however fully refrains from any regulatory involvement and therefore does not deliver any informational benefit. The more recently introduced ‘Digital Sandbox’ by the FCA could offer a good comprise,

11

SUMMARY AND CONCLUSION

391

broadening access, while still allowing for regulatory experimentation. Lastly, regulators have also been starting to test out technological solutions for regulation and supervision, so-called suptech. In a way, suptech solutions seek to harness those technologies that drive fintech innovation in the private sector for regulatory purposes. Yet, suptech solutions to date are still very nascent and a long way behind fintech—both, in terms of scale and sophistication. The promises typically associated with suptech are improved data collection and analytics, and—more generally—cost savings in regulatory/supervisory processes as well as better allocation of regulatory resources. These are important elements in addressing the information gap. An analysis of some of the most promising suptech applications, including MRER and API-infrastructure approaches, however reveal that the potential of suptech goes much further. It could be utilized to create the infrastructure which allows for an effective implementation of the Guiding Principles underlying the PPP-model as proposed in this study. At the same time, it holds the promise to fundamentally transform how regulation is done. By opening up possibilities to instantaneously translate information into regulatory output, it could play a decisive role in coping with the pace of the sector. In other words, it could enhance the speed of regulation and enable the regulator to ‘catch up’ with the sector, ultimately preventing regulatory mismatch.

9

The Proposal

Based on these findings, this study proposes a ‘regulatory platform’ to cope with the challenges under fintech and the things to come. This platform should implement the theoretical principles developed above and the idea of a public–private collaboration for achieving the goals of financial regulation. This new concept largely rests on three pillars: 1. The first pillar of a new regulatory approach entails a fundamental redesign of the regulatory architecture as is currently in place in almost all jurisdictions. A comprehensive API infrastructure will lay the ground for a public–private platform, on which every participant is connected with the regulator as well as to each other. This infrastructure would provide the space for common collaboration and experimentation, with little to no barriers. Collaboration or experimentation initiatives could come from the regulators as well as the private side and could be started on the platform by, for

392

C. RUOF

instance, creating a virtual space, where the participants connect via the underlying infrastructure. The regulator could open such a space for example to test the automation of certain regulatory tasks or to search for more efficient technological solutions for compliance. These initiatives would be implemented in a modular fashion, allowing for easy start, exit, and participation. At the same time, the API infrastructure would enable the regulator to maintain full oversight and collect real-time data through the established links to all participants. The platform could thereby be used to expand the regulatory sphere as well as to include other stakeholders for specific initiatives, broadening the informational input. Finally, the API infrastructure would enable the regulator to introduce (and also revise) new regulation much more swiftly, which at some point in the future could make changes in regulation as easy as a software update. 2. Enabled by the regulatory platform, the regulator should optimize its existing toolkit. This would in particular include improving and extending its innovation hub and sandbox practices as well as adding utterly new instruments to its toolkit. For instance, the regulatory sandbox could be improved by expanding it in scope and scale by way of automating and outsourcing certain functions. Simultaneously, the regulator could still maintain full oversight and reap the informational benefits due to the established information channels to all participants. Other stakeholders, including from academia, governmental institutions as well as the private sector could be given (varying levels of) access to the sandbox, for instance in order to provide additional guidance and ultimately enhance the sandboxes informational returns. Meanwhile, the primary focus should shift from accommodating fintechs into the existing regulatory framework to true regulatory experimentation, including the testing of regtech and suptech solutions. Moreover, the existing sandbox and innovation hubs practices should be supplemented with more specialized and thematic experimentation spaces where innovative (technological) solutions to more particular problems could be tested. The goal of these spaces would be to initiate targeted experimentation and to steer the production of information in a desired direction. Specialized sandbox could for instance be targeted at a specific regulatory issue, such as an unproportionate piece of

11

SUMMARY AND CONCLUSION

393

regulation or the application of an algorithm in a specific regulatory context, while thematic sandboxes would be targeted at broader policy goals or societal problems. This could include financial inclusion or even cross-sectoral topics like climate change. Not least, the umbrella sandbox could experience a comeback on the regulatory platform, enabling industry collaboration under more beneficial conditions. All types of sandboxes and spaces could be operated with varying involvement of the regulator, who in any case occupies the role of the ultimate overseer of all undertakings. 3. The third and last pillar entails structural changes to the financial regulator itself. First, the regulator should be given more discretion, which would be necessary to apply a more principles-based approach and engage in true regulatory experimentation. To simply gather information in an improved way is not enough to prevent regulatory mismatch. Of similar great importance is the ability to effectively act upon new information. To effectively prevent regulatory mismatch, these components should be unified in the same institution, which means that the regulator needs to be given broader discretion to make changes to regulation. The second change touches an alreadymentioned aspect, which is the need for (more) resources. Setting up a regulatory platform requires significant upfront costs, even if these costs are likely to pay off mid-/long term. This includes large investments in hardware, but perhaps even more importantly, bringing the necessary personnel and expertise to the regulator. For this, the regulator would have to join the already fierce competition for this kind of personnel in the private sector. Additionally, the regulator should train existing staff and establish special programmes for that purpose. For all these initiatives however, it is inevitable that the regulator would need a greater budget. Last but not least, a profound cultural transformation would need to take place within the regulatory agency. First, this includes that the regulator would need to become more embracing of innovation, which means not only to encourage innovation, but also to utilize it for regulatory purposes. Meanwhile, the regulator should adopt an experimental mindset, and become willing to take (moderate) risks. Certainly, this does not mean it should become a high-risk taker. Rather the regulator should demonstrate an open mind to new solutions and their potential to improve parts in the regulatory process and not set ‘perfect’ as the standard for testing these solutions. Lastly at perhaps

394

C. RUOF

most importantly, the regulator needs to adopt a mindset of continuous learning. This especially includes employees keeping abreast of newest technological developments and academic debates and the creation of incentives for that end. While risks remain and the implementation of a regulatory platform will certainly face various limitations and challenges, it embodies a forward-looking concept for financial regulation that presents a remedy to the continuously growing information gap and regulatory mismatch in the financial sector. Ultimately, to provide stability and allow private sector innovation to flourish, a reconsideration of the public–private role division is warranted. More specifically, the regulator needs to move away from a singular understanding of it as a rule-enforcer and awaken its own entrepreneurial spirits. The private sector on the other hand needs to actively seek collaboration with the regulator in order to find mutual-beneficial solutions in contrast to channelling its energy towards finding loopholes in regulatory structure and design products to exploit them. This study provides one proposal for the implementation of such a concept and hopefully encourages future debate in that direction.

Bibliography

Abbott KW and Snidal D, ‘Hard and Soft Law in International Governance’ (2000) 54 International Organization 421 ACPR and Banque de France, ‘The Fintech Innovation Unit of the ACPR Is Strengthening Its Team and Launching Two New Communication Actions for Innovative Financial Players’ (2017) https://acpr.banque-france.fr/sites/ default/files/medias/documents/20170717-cp-fintech-en.pdf Ahdieh RB, ‘The Visible Hand: Coordination Functions of the Regulatory State’ (2010) 95 Minnesota Law Review 578 Ahern D, ‘Regulators Nurturing FinTech Innovation: Global Evolution of the Regulatory Sandbox as Opportunity-Based Regulation’ (2019) 15 Indian Journal of Law and Technology 345 ———, ‘Regulatory Lag, Regulatory Friction and Regulatory Transition as FinTech Disenablers: Calibrating an EU Response to the Regulatory Sandbox Phenomenon’ (2021) 22 European Business Organization Law Review 395 ———, ‘The Role of Sectoral Regulators and Other State Actors in Formulating Novel and Alternative Pro-Competition Mechanisms in Fintech’ (2023) in Konstantinos Stylianou, Bjorn Lundqvist and Marios Iacovides (eds), Fintech Competition (Bloomsbury-Hart Forthcoming) Akerlof GA, ‘The Market for “Lemons”: Quality Uncertainty and the Market Mechanism’ (1970) 84 The Quarterly Journal of Economics 488 Allard J and Blavy R, ‘Market Phoenixes and Banking Ducks Are Recoveries Faster in Market-Based Financial Systems?’ (IMF 2011)

© The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 C. Ruof, Regulating Financial Innovation, EBI Studies in Banking and Capital Markets Law, https://doi.org/10.1007/978-3-031-32971-5

395

396

BIBLIOGRAPHY

Allen F and Babus A, ‘Networks in Finance’ in Paul R Kleindorfer, Yoram Wind and Robert E Gunther (eds), The Network Challenge: Strategy, Profit, and Risk in an Interlinked World (1., Wharton School Publishing 2009) Allen F and Gale D, Financial Innovation and Risk Sharing (MIT Press 1994) ———, Comparing Financial Systems (MIT Press 2000) Allen F, Gu X and Julapa J, ‘A Survey of Fintech Research and Policy Discussion’ (2021) 1 Review of Corporate Finance 259 Allen F and Santomero AM, ‘The Theory of Financial Intermediation’ (1997) 21 Journal of Banking & Finance 1461 Allen HJ, ‘Putting the “Financial Stability” in Financial Stability Oversight Council’ (2015) 76 Ohio State Law Journal 1087 ———, ‘Regulatory Sandboxes’ (2019) 87 George Washington Law Review 579 ———, ‘Driverless Finance’ (2020) 10 Harvard Business Law Review 157 ———, ‘Experimental Strategies for Regulating Fintech’ (2021) 3 Journal of Law & Innovation 1 ———, ‘Payments Failure’ (2021) 62 Boston College Law Review 453 ———, ‘Resurrecting the OFR’ (2021) 47 The Journal of Corporation Law 1 ———, Driverless Finance: Fintech’s Impact on Financial Stability (Oxford University Press 2022) ———, ‘Regulatory Innovation and the Permission to Fail: The Case of Suptech’ (2023) 19 New York University Journal of Law & Business 237 Amadxarif Z and others, The Language of Rules: Textual Complexity in Banking Reforms (Bank of England 2019) 834 AMF France, ‘The AMF and ACPR Launch the FinTech Forum’ (AMF , 19 July 2016) https://www.amf-france.org/en/news-publications/newsreleases/amf-news-releases/amf-and-acpr-launch-fintech-forum, accessed 26 October 2021 Anagnostopoulos I, ‘Fintech and Regtech: Impact on Regulators and Banks’ (2018) 100 Journal of Economics and Business 7 Andenæs MT and Chiu IH-Y, The Foundations and Future of Financial Regulation: Governance for Responsibility (Routledge 2014) Areeda P, ‘Essential Facilities: An Epithet in Need of Limiting Principles’ (1989) 58 Antitrust Law Journal 841 Armour J and others, Principles of Financial Regulation (First edition, Oxford University Press 2016) Armour J and Enriques L, ‘The Promise and Perils of Crowdfunding: Between Corporate Finance and Consumer Contracts: The Promise and Perils of Crowdfunding’ (2018) 81 The Modern Law Review 51 Armstrong P, ‘Developments in RegTech and SupTech’ (ESMA 2018) ESMA7199-1017

BIBLIOGRAPHY

397

Arner DW, Barberis JN and Buckley RP, ‘The Evolution of Fintech: A New PostCrisis Paradigm?’ (2016) 47 Georgetown Journal of International Law Journal 1271 ———, ‘FinTech, RegTech, and the Reconceptualization of Financial Regulation’ (2017) 37 Northwestern Journal of International Law & Business 371 Arner DW, Castellano GG and Selga EK, ‘Financial Data Governance’ (2023) 74 Hastings Law Journal 235. AT Kearney, ‘Big Data and the Creative Destruction of Today’s Business Models’ (2013) Auer R, Cornelli G and Frost J, ‘Covid-19, Cash, and the Future of Payments’ (BIS 2020) 3 Auer R and Tercero-Lucas D, ‘Distrust or Speculation? The Socioeconomic Drivers of US Cryptocurrency Investments’ (BIS Monetary and Economic Department 2021) Awrey D, ‘Regulating Financial Innovation: A More Principles-Based Alternative?’ (2010) 5 Brooklyn Journal of Corporate, Financial & Commercial Law 273 ———, ‘Complexity, Innovation, and the Regulation of Modern Financial Markets’ (2012) 2 Harvard Business Law Review 235 Awrey D and Judge K, ‘Why Financial Regulation Keeps Falling Short’ (2020) 61 Boston College Law Review 2295 Awrey D and van Zwieten K, ‘Mapping the Shadow Payment System’ (SWIFT 2019) Ayres I and Braithwaite J, Responsive Regulation: Transcending the Deregulation Debate (Oxford University Press 1992) Azgad-Tromer S, ‘Crypto Securities: On the Risks of Investments in BlockchainBased Assets and the Dilemmas of Securities Regulation’ (2018) 68 The American University Law Review 69 Azzutti A, Batista PM and Ringe W-G, ‘Navigating the Legal Landscape of AI-Enhanced Banking Supervision: Protecting EU Fundamental Rights and Ensuring Good Administration’ (2023) European Banking Institute Working Paper Series 2023 - no. 140 Baer MH, ‘Choosing Punishment’ (2012) 92 Boston University Law Review 577 Bagby JW and Packin NG, ‘RegTech and Predictive Lawmaking: Closing the RegLag Between Prospective Regulated Activity and Regulation Prospective Regulated Activity and Regulation’ (2021) 10 Michigan Business & Entrepreneurial Law Review 127 Bahner JE, Hüper A-D and Manzey D, ‘Misuse of Automated Decision Aids: Complacency, Automation Bias and the Impact of Training Experience’ (2008) 66 International Journal of Human-Computer Studies 688

398

BIBLIOGRAPHY

Baker T and Dellaert B, ‘Regulating Robo Advice Across the Financial Services Industry’ (2018) 103 Iowa Law Review 713 Baldwin R, Rules and Government (Clarendon Press; Oxford University Press 1995) ——— (ed), A Reader on Regulation (Oxford University Press 1998) Baldwin R, Cave M and Lodge M (eds), ‘Meta-Regulation and Self-Regulation’ in Cary Coglianese and Evan Mendelson, The Oxford Handbook of Regulation (Oxford University Press 2010) ———, Understanding Regulation: Theory, Strategy, and Practice (2nd edition, Oxford University Press 2012) Ball P, ‘The Lightning-Fast Quest for COVID Vaccines—And What It Means for Other Diseases’ (Nature, 18 December 2020) https://www.nature.com/ articles/d41586-020-03626-1, accessed 24 October 2021 Ball R, ‘The Global Financial Crisis and the Efficient Market Hypothesis: What Have We Learned?’ (2009) 21 Journal of Applied Corporate Finance 8 Bamberger KA, ‘Technologies of Compliance: Risk and Regulation in a Digital Age’ (2010) 88 Texas Law Review 669 Banerjee AV and Duflo E, Poor Economics: A Radical Rethinking of the Way to Fight Global Poverty (PublicAffairs 2011) Bank for International Settlements, ‘Core Principles for Effective Banking Supervision’ (Bank for International Settlements 2012) Bank of England, ‘Transforming Data Collection from the UK Financial Sector’ (BoE 2020) Bank of England and FCA, ‘Machine Learning in UK Financial Services’ (BoE and FCA 2019) Bank of Greece, ‘FinTech Innovation Hub’ https://www.bankofgreece.gr/en/ main-tasks/supervision/fintech-innovation-hub, accessed 26 October 2021 Banner S, Anglo-American Securities Regulation: Cultural and Political Roots, 1690–1860 (1st edition, Cambridge University Press 1998) Barbaschow A, ‘Starling Built a Bank from Scratch in the Cloud’ (ZDNet ) https://www.zdnet.com/article/starling-built-a-bank-from-scratchin-the-cloud/, accessed 24 October 2021 Barberis JN, ‘From Fintech to Techfin: Data Is the New Oil’ The Asian Banker (16 May 2016) https://www.theasianbanker.com/updates-and-articles/fromfintech-to-techfin:-data-is-the-new-oil, accessed 24 October 2021 Barefoot JAS, ‘Disrupting FinTech Law’ (2015) 18 Fintech Law Report 1 ———, ‘A RegTech Manifesto—Redesigning Financial Regulation for the Digital Age’ (Alliance for Innovative Regulation 2020) Barker RM and others, ‘Public-Private Partnerships and the Role of the Law of Organisations and Governance’, The Law and Governance of Decentralised Business Models: Between Hierarchies and Markets (Routledge 2021)

BIBLIOGRAPHY

399

Barnichon R, Matthes C and Ziegenbein A, ‘The Financial Crisis at 10: Will We Ever Recover?’ (2018) Federal Reserve Bank of San Francisco Economic Letter Barr MS, ‘The Financial Crisis and the Path of Reform’ (2012) 29 Yale Journal on Regulation 91 Barrett A, ‘The Unbundling & Rebundling of Banks’ (Medium, 9 July 2019) https://blog.inovia.vc/the-unbundling-rebundling-of-banks-39a 5aaf57e38, accessed 24 October 2021 Basel Committee on Banking Supervision, ‘Sound Practices—Implications of Fintech Developments for Banks and Bank Supervisors’ (BIS 2018) Batista PM and Ringe W-G, ‘Dynamism in Financial Market Regulation: Harnessing Regulatory and Supervisory Technologies’ (2021) 4 Stanford Journal of Blockchain and Policy 203 Bauguess SW, ‘The Role of Big Data, Machine Learning, and AI in Assessing Risks: A Regulatory Perspective’ (2017) Baumol WJ, The Free-Market Innovation Machine: Analyzing the Growth Miracle of Capitalism (Princeton University Press 2002) Baxter LG, ‘Understanding Regulatory Capture: An Academic Perspective from the United States’ in Stefano Pagliari (ed), Making Good Financial Regulation: Towards a Policy Response to Regulatory Capture (Grosvenor House Publishing Ltd 2012) ———, ‘Adaptive Financial Regulation and RegTech: A Concept Article on Realistic Protection for Victims of Bank Failures’ (2016) 66 Duke Law Journal 567 Bazot G, ‘Financial Consumption and the Cost of Finance: Measuring Financial Efficiency in Europe (1950–2007)’ (2018) 16 Journal of the European Economic Association 123 BBVA, ‘Neobanks: Creating a Digital Bank from Scratch’ (2016) BBVA Research 5 ———, ‘RegTech, the New Magic Word in FinTech’ (2016) BBVA Research 6 ———, ‘The Five V’s of Big Data’ (BBVA Communication, 8 May 2017) https://www.bbva.com/en/five-vs-big-data/, accessed 24 October 2021 BCBS, ‘International Convergence of Capital Measurement and Capital Standards—A Revised Framework Comprehensive Version’ ———, ‘Minimum Capital Requirements for Market Risk’ (BIS 2016) ———, ‘Report on Open Banking and Application Programming Interfaces’ (BIS 2019) ———, ‘History of the Basel Committee’ https://www.bis.org/bcbs/history. htm, accessed 28 October 2021 ———, ‘The New Basel Capital Accord: Comments Received on the Third Consultative Paper’ https://www.bis.org/bcbs/cp3comments.htm, accessed 1 November 2021 Bech M and Hancock J, ‘Innovations in Payments’ (BIS 2020)

400

BIBLIOGRAPHY

Belinfanti T, ‘Shareholder Cultivation and New Governance’ (2014) 38 Delaware Journal of Corporate Law 789 Bergman G, ‘Using Automation to Improve the Credit Risk Review Function’ (1999) 14 Commercial Lending Review 60 Bernstein G, ‘In the Shadow of Innovation’ (2010) 31 Cardozo Law Review 2257 Bhattacharya S and Thakor AV, ‘Contemporary Banking Theory’ (1993) 3 Journal of Financial Intermediation 2 Bieri DS, ‘Regulation and Financial Stability in the Age of Turbulence’ in Robert W Kolb, Lessons from the Financial Crisis (Wiley 2011) Binham C, Giles C and Keohane D, ‘Facebook’s Libra Currency Draws Instant Response from Regulators’ Financial Times (18 June 2019) https:// www.ft.com/content/5535fb3a-91ea-11e9-b7ea-60e35ef678d2, accessed 24 October 2021 BIS, ‘Annual Economic Report’ (BIS 2019) ———, ‘G7 Working Group on Stablecoins Investigating the Impact of Global Stablecoins’ (2019) ———, ‘Annual Economic Report’ (2020) ———, ‘Central Bank Digital Currencies: Foundational Principles and Core Features’ (2020) BIS and FSB, ‘FinTech Credit: Market Structure, Business Models and Financial Stability Implications’ (2017) BIS Joint Forum, ‘Review of the Differentiated Nature and Scope of Financial Regulation—Key Issues and Recommendations’ Black F, ‘Noise’ (1986) 41 The Journal of Finance 528 Black J, ‘Critical Reflections on Regulation’ (2002) 27 Australian Journal of Legal Philosophy 1 ———, ‘Forms and Paradoxes of Principles-Based Regulation’ (2008) 3 Capital Markets Law Journal 425 ———, ‘The Rise, Fall and Fate of Principles Based Regulation’ [2010] LSE Legal Studies Working Paper No. 17/2010 26 ———, ‘Paradoxes and Failures: “New Governance” Techniques and the Financial Crisis: “New Governance” Techniques and the Financial Crisis’ (2012) 75 The Modern Law Review 1037 ———, ‘Regulatory Styles and Supervisory Strategies’ in Niamh Moloney and others (eds), The Oxford Handbook of Financial Regulation (Oxford University Press 2015) Black J, Hopper M and Band C, ‘Making a Success of Principles-Based Regulation’ (2007) 1 Law and Financial Markets Review 191 Blundell-Wignall A and Atkinson P, ‘Thinking Beyond Basel III: Necessary Solutions for Capital and Liquidity’ (OECD) Volume 2010, Issue 1

BIBLIOGRAPHY

401

Boemer M and Maxin H, ‘Why Fintechs Cooperate with Banks—Evidence from Germany’ (2018) 107 Zeitschrift für die gesamte Versicherungswissenschaft 359 Bottomley S, ‘From Contractualism to Constitutionalism: A Framework for Corporate Governance’ (1997) 19 Sydney Law Review 277 Brady S, ‘The Ref Gets Rough’ EUROMONEY (April 1992) Braithwaite J, Restorative Justice & Responsive Regulation (Oxford University Press 2002) ——, Regulatory Capitalism: How It Works, Ideas for Making It Work Better (Edward Elgar 2008) Braithwaite T, ‘Billions at Stake and No One Knows Who Takes the Hit: When Is Greensill a Systemic Risk?’ Financial Times (12 March 2021) https:// www.ft.com/content/811b1211-3135-4622-a81f-4bcbda568823, accessed 5 October 2021 Brett M and Schwarcz D, ‘Regulatory Contrarians’ (2011) 89 North Carolina Law Review 1629 Broeders D and Prenio J, ‘Innovative Technology in Financial Supervision (Suptech)—The Experience of Early Users’ (BIS 2019) Bromberg L, Godwin A and Ramsay I, ‘Fintech Sandboxes: Achieving a Balance Between Regulation and Innovation’ (2017) 28 Journal of Banking and Finance Law and Practice 314 Bronk R and Jacoby W, ‘Uncertainty and the Dangers of Monocultures in Regulation, Analysis, and Practice’ (Max Planck Institute for the Study of Societies 2016) MPIfG Discussion Paper 16/6 BROOKE GTF, ‘Uncertainty, Profit and Entrepreneurial Action: Frank Knight’s Contribution Reconsidered’ (2010) 32 Journal of the History of Economic Thought 221 Bruilt C, ‘The Rationale for a Single National Financial Services Regulator’, FSA Occasional Paper No 2 (1999) Brummer CJ, ‘How International Financial Law Works (and How It Doesn’t)’ (2010) 99 Georgetown Law Journal 257 Brummer CJ and Gorfine D, ‘Fintech—Building a 21st-Century Regulator’s Toolkit’ (Milken Institute Center for Financial Markets 2014) Brummer CJ, Yadav Y and Zaring D, ‘Regulation by Enforcement’ Southern California Law Review (2023) University of Southern California Law Review (forthcoming) Brunnermeier MK and others (eds), The Fundamental Principles of Financial Regulation (Centre for Economic Policy Research 2009) Bucchiarone A and others, ‘From Monolithic to Microservices: An Experience Report from the Banking Domain’ (2018) 35 IEEE Software 50 Buchak G and others, ‘Fintech, Regulatory Arbitrage, and the Rise of Shadow Banks’ (National Bureau of Economic Research 2017) 23288 http://www. nber.org/papers/w23288.pdf

402

BIBLIOGRAPHY

Buckley RP and others, ‘Building Fintech Ecosystems: Regulatory Sandboxes, Innovation Hubs and Beyond’ (2020) 61 Washington University Journal of Law & Policy 55 Buckley RP, Avgouleas E and Arner DW, Reconceptualising Global Finance and Its Regulation (Cambridge University Press 2016) Buckmann M, Haldane A and Hüser A-C, ‘Comparing Minds and Machines: Implications for Financial Stability’ (2021) 37 Oxford Review of Economic Policy 497 Burt A and others, ‘Model Driven and Machine Executable Regulations Tech Sprint—Success Criteria & Recommendations’ (2017) Business Insider Intelligence, ‘The Global Neobanks Report’ (2019) Businesswire, ‘Worldwide Public Cloud Services Spending Forecast to Reach $160 Billion This Year, According to IDC’ (18 January 2018) https:// www.businesswire.com/news/home/20180118005186/en/Worldwide-Pub lic-Cloud-Services-Spending-Forecast-to-Reach-160-Billion-This-Year-Accord ing-to-IDC, accessed 22 October 2021 Busuioc M and Rimkute˙ D, ‘The Promise of Bureaucratic Reputation Approaches for the EU Regulatory State’ (2020) 27 Journal of European Public Policy 1256 Caballero RJ and Simsek A, ‘Fire Sales in a Model of Complexity’ (2013) 68 The Journal of Finance 2549 Cambridge Centre for Alternative Finance, ‘Distributed Ledger Technology Systems—A Conceptual Framework’ (2018) ———, ‘The Global RegTech Industry Benchmark Report’ (2019) ———, ‘The Global Alternative Finance Market Benchmarking Report’ (2020) Cambridge Centre for Alternative Finance, Polsky Center for, and Entrepreneurship and Innovation, ‘Breaking New Ground—The Americas Alternative Finance Benchmarking Report’ (2016) ———, ‘State of SupTech Report 2022’ (2022) Cambridge Centre for Alternative Finance and World Economic Forum, ‘Transforming Paradigms—A Global AI in Financial Services Survey’ (2020) Carnell RS, Macey JR and Miller GP, The Law of Financial Institutions (Fifth edition, Wolters Kluwer Law & Business 2013) Carney M, ‘The Promise of Fintech—Something New Under the Sun’ (Deutsche Bundesbank G20 Conference on “Digitising Finance, Financial Inclusion and Financial Literacy”, Wiesbaden, 25 January 2017) Carpenter DP, Reputation and Power: Organizational Image and Pharmaceutical Regulation at the FDA (Princeton University Press 2010) Carrigan C and Coglianese C, ‘George J. Stigler, “The Theory of Economic Regulation”’ in Martin Lodge, Edward C Page and Steven J Balla (eds), The Oxford Handbook of Classics in Public Policy and Administration (Oxford University Press 2015)

BIBLIOGRAPHY

403

Central Bank of Ireland, ‘Innovation Hub—2019 Update’ (2019) Chancellor E, Devil Take the Hindmost: A History of Financial Speculation (1st edition, Farrar, Straus, Giroux 1999) Chiu IH-Y, ‘Fintech and Disruptive Business Models in Financial Products, Intermediation and Markets—Policy Implications for Financial Regulators’ (2016) 21 Journal of Technology Law and Policy 55 Chiu IH-Y, ‘A Rational Regulatory Strategy for Governing Financial Innovation’ (2017) 8 European Journal of Risk Regulation 743 Cihák M and Podpiera R, ‘Isone Watchdog Better Than Three? International Experience with Integrated Financial Sector Supervision’ (2006) 06 IMF Working Papers 1 Claessens S and others, ‘Fintech Credit Markets Around the World: Size, Drivers and Policy Issues’ (BIS 2018) Coase RH, ‘The Problem of Social Cost’ (1960) 3 The Journal of Law and Economics 1 Coffee Jr JC, ‘The Political Economy of Dodd-Frank: Why Financial Reform Tends to Be Frustrated and Systemic Risk Perpetuated’ (2012) 97 Cornell Law Review 1019 Colaert V, ‘Regtech as a Response to Regulatory Expansion in the Financial Sector’ [2018] SSRN Electronic Journal http://www.ssrn.com/abstract=267 7116, accessed 22 October 2021 Confederation of British Industry, ‘Financial Services Survey’ (2019) Conheady G, ‘Is Fintech Ready for a Global Regulatory Sandbox?’ (A&L Goodbody, 27 November 2018) https://www.algoodbody.com/insights-public ations/is-fintech-ready-for-a-global-regulatory-sandbox, accessed 26 October 2021 Conti-Brown P and Wishnik DA, ‘Technocratic Pragmatism, Bureaucratic Expertise, and the Federal Reserve’ (2021) 130 Yale Law Journal 636 Cornelli G and others, ‘Inside the Regulatory Sandbox: Effects on Fintech Funding’ (BIS Monetary and Economic Department 2020) Cox JD, ‘Iterative Regulation of Securities Markets After Business Roundtable: A Principles-Based Approach’ (2015) 78 Law and Contemporary Problems 25 CrowdfundUPTeam, ‘What Is a Neo Bank and How Are They Disrupting Traditional Banking Models?’ (ACRE Assets, 23 July 2018) https://med ium.com/crowdfundup/what-is-a-neo-bank-and-how-are-they-disrupting-tra ditional-banking-models-3c1b2fa5b8e1, accessed 24 October 2021 Cummings ML, ‘Automation and Accountability in Decision Support System Interface Design’ (2006) 32 The Journal of Technology Studies 23 Cunningham L, ‘A Prescription to Retire the Rhetoric of “Principles-Based Systems” in Corporate Law, Securities Regulation and Accounting’ (2007) 60 Vanderbilt Law Review 1409

404

BIBLIOGRAPHY

Damme EV, ‘Banking: A Survey of Recent Microeconomic Theory’ (1994) 10 Oxford Review of Economic Policy 14 Danielsson J, Macrae R and Uthemann A, ‘Artificial Intelligence, Financial Risk Management and Systemic Risk’ (Systemic Risk Centre 2017) Davies G, A History of Money: From Ancient Times to the Present Day (3rd edition, University of Wales Press 2002) Davis K and Murphy J, ‘Peer-to-Peer Lending: Structures, Risks and Regulation’ (2016) 1 The Finsia Journal of Applied Finance 37 de las Heras Ballell TR, ‘The Layers of Digital Financial Innovation: Charting a Regulatory Response’ (2020) 25 Fordham Journal for Corporate & Financial Law 381 de-Ramon S, Francis W and Straughan M, ‘Bank Competition and Stability in the United Kingdom’, Bank of England Staff Working Paper No. 748 (2018) Delmon J, Public-Private Partnership Projects in Infrastructure: An Essential Guide for Policy Makers (Cambridge University Press 2017) Deloitte, ‘Forward Look: Top Regulatory Trends for 2015 in Banking’ ———, ‘Alternative Data for Investment Decisions: Today’s Innovation Could Be Tomorrow’s Requirement’ (Deloitte Center for Financial Services 2017) ———, ‘Fintech by the Numbers—Incumbents, Startups, Investors Adapt to Maturing Ecosystem’ (Deloitte Center for Financial Services 2017) ———, ‘The Next Frontier—The Future of Automated Financial Advice in the UK’ Demirgüç-Kunt A and Levine R, ‘Finance, Financial Sector Policies, and LongRun Growth’ (World Bank Development Research Group 2008) Policy Research Working Paper 4469 DeNederlandscheBank and AFM, ‘More Room for Innovation in the Financial Sector—Market Access, Authorisations and Supervision: Next Steps’ (DNB and AFM 2016) Department of Defence, ‘News Briefing—Secretary Rumsfeld and Gen. Myer’ (2002) News Transcript Dermine J, ‘Digital Banking and Market Disruption: A Sense of Déjà Vu?’ (Banque de France 2016) 20 https://www.insead.edu/sites/default/files/ assets/faculty-personal-site/jean-dermine/documents/BanquedeFrance-Dig italBanking-Proof-2016.pdf, accessed 22 October 2021 DFS Observatory, ‘Regulatory Sandboxes’ (DFS Observatory) https://dfsobserv atory.com/content/regulatory-sandboxes, accessed 1 November 2021 di Castri S and others, ‘The Suptech Generations’ (BIS 2019) ———, ‘Powering the Paradigm Shift in Financial Supervision: The Cambridge SupTech Lab Innovation Leadership Programme’ (Cambridge SupTech Lab Blog, 29 June 2022) https://lab.ccaf.io/blog/powering-the-paradigm-shiftin-financial-supervision-the-cambridge-suptech-lab-innovation-leadership-pro gramme/

BIBLIOGRAPHY

405

di Castri S, Grasser M and Kulenkampff A, ‘An API-Based Prudential Reporting System for the Bangko Sentral Ng Pilipinas (BSP)—R2A Project Retrospective and Lessons Learned’ (BSP 2018) ———, ‘Financial Authorities in the Era of Abundance—RegTech for Regulators and SupTech Solutions’ (BFA 2018) Diamond DW, ‘Financial Intermediation and Delegated Monitoring’ (1984) 51 The Review of Economic Studies 393 Diamond S and others, ‘The Future of Banking in the Platform Economy’ (2019) 47 Strategy & Leadership 34 Diver CS, ‘The Optimal Precision of Administrative Rules’ (1983) 93 Yale Law Journal 65 Djankov S and others, ‘The New Comparative Economics’ (2003) 31 Journal of Comparative Economics 595 Dodgson M and Gann D, Innovation: A Very Short Introduction (Second edition, Oxford University Press 2018) Dolan S, ‘Top BaaS Companies in 2021: Platform Providers & Banks Using BaaS Technology’ Business Insider (4 January 2021) https://www.businessinsider. com/banking-as-a-service-platform-providers, accessed 20 October 2021 Domingos P, The Master Algorithm: How the Quest for the Ultimate Learning Machine Will Remake Our World (Penguin Books 2017) Dominici F, Greenstone M and Sunstein CR, ‘Particulate Matter Matters’ (2014) 344 Science 257 Douglas WO, Democracy and Finance: The Addresses and Public Statements of William O. Douglas as Member and Chairman of the Securities and Exchange Commission (Kennikat Press 1940) Dowd K, ‘The Case for Financial Laissez-Faire’ (1996) 106 The Economic Journal 679 Du Toit G and Burns M, ‘Evolving the Customer Experience in Banking’ (Bain & Company 2017) Dunkley E, ‘OakNorth Takes UK Banking into the Cloud’ Financial Times (25 May 2016) https://www.ft.com/content/36c4eba2-2280-11e6-9d4dc11776a5124d, accessed 22 October 2021 Dworkin R, Taking Rights Seriously (Harvard University Press 1977) EBA, ‘Discussion Paper on the EBA’s Approach to Financial Technology (FinTech)’ (EBA 2017) EBA/DP/2017/02 ———, ‘The EBA’s Fintech Roadmap’ (EBA 2018) ———, ‘Report on the Impact of Fintech on Credit Institutions’ Business Models’ (EBA 2018) ———, ‘EBA Report on the Impact of Fintech on Payment Institutions’ and E-Money Institutions’ Business Model’ (2019) ———, ‘EBA Report on Big Data and Data Analytics’ (2020)

406

BIBLIOGRAPHY

ECB, ‘ESCB/European Banking Supervision Response to the European Commission’s Public Consultation on a New Digital Finance Strategy for Europe/FinTech Action Plan’ (2020) Edelman, ‘Trust Barometer 2019—Trust in Technology’ (2019) Ehrentraud J and others, ‘Policy Responses to Fintech: A Cross-Country Overview’ (BIS 2020) ———, ‘Fintech and Payments: Regulating Digital Payment Services and eMoney’ (BIS 2021) Ehrentraud J, Ocampo DG and Vega CQ, ‘Regulating Fintech Financing: Digital Banks and Fintech Platforms’ (BIS 2020) Eisner MA, ‘Corporate Environmentalism, Regulatory Reform, and Industry Self-Regulation: Toward Genuine Regulatory Reinvention in the United States’ (2004) 17 Governance 145 ———, ‘Markets in the Shadow of the State: An Appraisal of Deregulation and Implications for Future Research’ in David A Moss and Edward J Balleisen (eds), Government and Markets: Toward a New Theory of Regulation (Cambridge University Press 2009) EMA, ‘Regulatory Sandbox—Regulatory Sandbox for Energy Sector Innovations’ https://www.ema.gov.sg/sandbox.aspx, accessed 1 November 2021 Enriques L, ‘The HR Challenge of FinTech for Financial Regulators’ (Oxford Business Law Blog, 3 July 2017) https://www.law.ox.ac.uk/business-lawblog/blog/2017/07/hr-challenge-fintech-financial-regulators, accessed 26 October 2021 ———, ‘Financial Supervisors and Regtech: Four Roles and Four Challenges’ (2018) SSRN Electronic Journal Enriques L and Ringe W-G, ‘Bank–Fintech Partnerships, Outsourcing Arrangements and the Case for a Mentorship Regime’ (2020) 15 Capital Markets Law Journal 374 EPA, ‘History of Reducing Air Pollution from Transportation in the United https://www.epa.gov/transportation-air-pollution-and-climate-cha States’ nge/accomplishments-and-success-air-pollution-transportation, accessed 28 October 2021 ESA’s, ‘Joint Committee Discussion Paper on the Use of Big Data by Financial Institutions’ (ESA’s 2016) JC 2016 86 ———, ‘FinTech: Regulatory Sandboxes and Innovation Hubs’ (ESA’s 2018) JC 2018 74 ———, ‘Joint Committee Final Report on Big Data’ (ESA’s 2018) JC/2018/ 04 ———, ‘Joint Committee Report on the Results of the Monitoring Exercise on “Automation in Financial Advice”’ (2018) JC 2018-29 ESMA, ‘Final Report of the Committee of Wise Men on the Regulation of European Securities Markets’ (ESMA 2001)

BIBLIOGRAPHY

407

———, ‘Report on Trends and Vulnerabilities’ (ESMA 2019) ESMA50-165–737 EY, ‘Innovating with Regtech—Turning Regulatory Compliance into a Competitive Advantage’ ———, ‘Fintech Adoption Index 2017—The Rapid Emergence of FinTech’ (2017) ———, ‘Global FinTech Adoption Index 2019 as FinTech Becomes the Norm, You Need to Stand out from the Crowd’ (2019) Facts & Factors, ‘Global RegTech Market Size Will Grow to USD 33.1 Billion by 2026: By Top Companies, Landscape, Solutions and Trends Analysis by Facts & Factors’ (GlobeNewswire News Room, 2 February 2021) https:// www.globenewswire.com/news-release/2021/02/02/2167981/0/en/Glo bal-RegTech-Market-Size-Will-Grow-to-USD-33-1-Billion-by-2026-By-TopCompanies-Landscape-Solutions-and-Trends-Analysis-by-Facts-Factors.html, accessed 23 October 2021 Fahy L, ‘Regulator Reputation and Stakeholder Participation: A Case Study of the UK’s Regulatory Sandbox for Fintech’ (2021) 2021 European Journal of Risk Regulation 1 Fama EF, ‘The Behavior of Stock-Market Prices’ (1965) 38 The Journal of Business 34 FCA, ‘Regulatory Sandbox’ (2015) https://wiki.harvard.edu/confluence/dow nload/attachments/204380235/FCA%20Regulatory%20Sandbox%20Anno uncement.pdf, accessed 22 October 2021 ———, ‘FS16/4: Feedback Statement on Call for Input: Supporting the Development and Adopters of RegTech’ (FCA, 20 July 2016) https://www. fca.org.uk/publications/feedback-statements/fs16-4-feedback-statement-callinput-supporting-development-and, accessed 22 October 2021 ———, ‘Regulatory Sandbox Lessons Learned Report’ (FCA 2017) ———, ‘FCA Mission: Our Approach to Competition’ (2017) https://www.fca. org.uk/publication/corporate/our-approach-competition.pdf ———, ‘Previous DRR Phases’ (FCA, 18 July 2018) https://www.fca.org.uk/ firms/our-work-programme/pilot-updates, accessed 27 October 2021 ———, ‘Digital Regulatory Reporting—Feedback Statement on Call for Input’ (FCA 2018) https://www.fca.org.uk/publication/feedback/fs18-02.pdf ———, ‘The Impact and Effectiveness of Innovate’ (2019) ———, ‘Digital Regulatory Reporting—Phase 2 Viability Assessment’ (2020) FCA and Bank of England, ‘Digital Regulatory Reporting—Pilot Phase 1 Report’ (FCA and BoE 2019) https://www.fca.org.uk/publication/discussion/dig ital-regulatory-reporting-pilot-phase-1-report.pdf Fenwick M, Kaal WA and Vermeulen EPM, ‘Regulation Tomorrow: What Happens When Technology Is Faster Than the Law?’ (2017) 6 American University Business Law Review 561

408

BIBLIOGRAPHY

Ferran E, ‘Principles-Based, Risk-Based Regulation and Effective Enforcement’ in Christoph Van der Elst and others (eds), Perspectives in Company Law and Financial Regulation (Cambridge University Press 2009) https://www. cambridge.org/core/books/perspectives-in-company-law-and-financial-reg ulation/principlesbased-riskbased-regulation-and-effective-enforcement/BBE 13D3CC0AEFA65A851AB512EA0CED5 ———, ‘Understanding the New Institutional Architecture of EU Financial Market Supervision*’ in Eddy Wymeersch, Klaus J Hopt and Guido Ferrarini (eds), Financial Regulation and Supervision (Oxford University Press 2012) Ferran E, ‘Institutional Design: The Choices for National Systems’ in Niamh Moloney, Eilís Ferran and Jennifer Payne (eds), The Oxford Handbook of Financial Regulation (Oxford University Press 2015) Feyen E and others, ‘Fintech and the Digital Transformation of Financial Services: Implications for Market Structure and Public Policy’ (BIS Monetary and Economic Department 2021) ———, ‘Fintech and the Digital Transformation of Financial Services: Implications for Market Structure and Public Policy’ (World Bank Group 2022) Flagship Technical Note Financial Crisis Inquiry Commission, ‘The Financial Crisis Inquiry Report: Final Report of the National Commission on the Causes of the Financial and Economic Crisis in the United States’ (2011) FINRA, ‘Report on Digital Investment Advice’ (2016) ———, ‘FINRA Rulemaking Process’ https://www.finra.org/rules-guidance/ rulemaking-process, accessed 1 November 2021 Firmansyah Benny and Arman Arry Akhmad, ‘A Systematic Literature Review of RegTech: Technologies, Characteristics, and Architectures’ (2022) 2022 International Conference on Information Technology Systems and Innovation (ICITSI), Bandung, Indonesia, 2022 Flear ML, ‘Epistemic Injustice as a Basis for Failure? Health Research Regulation, Technological Risk and the Foundations of Harm and Its Prevention’ (2019) 10 European Journal of Risk Regulation 693 Fleischer V, ‘Regulatory Arbitrage’ (2010) 89 Texas Law Review 227 Fligstein N and Goldstein A, ‘The Anatomy of the Mortgage Securitization Crisis’ in Michael Lounsbury and Paul M Hirsch (eds), Markets on Trial, Part A (1., Emerald 2010) Foley S, Karlsen JR and Putninš ¸ TJ, ‘Sex, Drugs, and Bitcoin: How Much Illegal Activity Is Financed Through Cryptocurrencies?’ (2019) 32 The Review of Financial Studies 1798 Ford C, Innovation and the State: Finance, Regulation, and Justice (Cambridge University Press 2017) Ford CL, ‘New Governance, Compliance, and Principles-Based Securities Regulation’ (2008) 45 American Business Law Journal 1

BIBLIOGRAPHY

409

———, ‘New Governance in the Teeth of Human Frailty: Lessons from Financial Regulation’ (2010) 2010 Wisconsin Law Review 441 ———, ‘Principles-Based Securities Regulation in the Wake of the Global Financial Crisis’ (2010) 55 McGill Law Journal 257 Frame WS and White LJ, ‘Empirical Studies of Financial Innovation: Lots of Talk, Little Action?’ (2004) 42 Journal of Economic Literature 116 Franks JR, Mayer CP and Da Silva LC, Asset Management and Investor Protection: An International Analysis (Oxford University Press 2003) Freeman C, ‘The Economics of Technical Change’ (1994) 18 Cambridge Journal of Economics 463 Freeman C and Soete L, The Economics of Industrial Innovation (3rd edition, MIT Press 1997) Freixas X, Laeven L and Peydró J-L, Systemic Risk, Crises, and Macroprudential Regulation (MIT Press 2015) Frischmann BM and Lemley MA, ‘Spillovers’ (2007) 107 Columbia Law Review 257 Frost J, ‘The Economic Forces Driving Fintech Adoption Across Countries’ (BIS Monetary and Economic Department 2020) ———, ‘BigTech and the Changing Structure of Financial Intermediation’ (BIS 2019) FSA, ‘Principles-Based Regulation—Focusing on the Outcomes That Matter’ ———, ‘The Turner Review: A Regulatory Response to the Global Banking Crisis’ FSB, ‘Financial Stability Implications from FinTech: Supervisory and Regulatory Issues That Merit Authorities’ Attention’ (2017) ———, ‘Artificial Intelligence and Machine Learning in Financial Services— Market Developments and Financial Stability Implications’ (FSB 2017) ———, ‘FinTech and Market Structure in Financial Services: Market Developments and Potential Financial Stability Implications’ (FSB 2019) ———, ‘Decentralised Financial Technologies: Report on Financial Stability, Regulatory and Governance Implications’ (FSB 2019) ———, ‘BigTech in Finance: Market Developments and Potential Financial Stability Implications’ (FSB 2019) ———, ‘Third-Party Dependencies in Cloud Services—Considerations on Financial Stability Implications’ (FSB 2019) ———, ‘The Use of Supervisory and Regulatory Technology by Authorities and Regulated Institutions—Market Developments and Financial Stability Implications’ (FSB 2020) ———, ‘FinTech and Market Structure in the COVID-19 Pandemic—Implications for Financial Stability’ (FSB 2022)

410

BIBLIOGRAPHY

———, ‘Enhancing Third-Party Risk Management and Oversight—A Toolkit for Financial Institutions and Financial Authorities’ (Consultative document, FSB 2023) ———, ‘The Financial Stability Risks of Decentralised Finance’ (FSB 2023) Gadinis S, ‘From Independence to Politics in Financial Regulation’ (2013) 101 California Law Review 327 Gailmard S and Patty JW, Learning While Governing: Expertise and Accountability in the Executive Branch (The University of Chicago Press 2013) Gartner, ‘Gartner Says Worldwide IaaS Public Cloud Services Market Grew 37.3% in 2019’ (Gartner, 10 August 2020) https://www.gartner.com/en/ newsroom/press-releases/2020-08-10-gartner-says-worldwide-iaas-publiccloud-services-market-grew-37-point-3-percent-in-2019, accessed 24 October 2021 Gault F, ‘Defining and Measuring Innovation in All Sectors of the Economy’ (2018) 47 Research Policy 617 Gerding EF, Law, Bubbles, and Financial Regulation (Routledge 2014) GFIN, ‘One Year on—The Global Financial Innovation Network Reflects on Its First Year’ (2019) ———, ‘Cross-Border Testing: Lessons Learned—The Global Financial Innovation Network Reflects on the Cross-Border Testing Pilot’ (2020) Gibson WE, ‘Is Hedge Fund Regulation Necessary?’ (2000) 73 Temple Law Review 681 Giesen H, ‘Plattformen im Banking—vom As-a-Service- bis zum AirBnBBanking’ (Next-Finance-Blog, 20 November 2017) http://www.next-fin ance-blog.de/plattformen-im-banking-vom-as-a-service-bis-zum-airbnb-ban king/, accessed 20 October 2021 Gilovich T, Griffin D and Kahneman D (eds), Heuristics and Biases: The Psychology of Intuitive Judgment (1st edition, Cambridge University Press 2002) Gilson RJ and Kraakman R, ‘Market Efficiency After the Financial Crisis: It’s Still a Matter of Information Costs’ (2014) 100 Virginia Law Review 313 Gomber P and others, ‘On the Fintech Revolution: Interpreting the Forces of Innovation, Disruption, and Transformation in Financial Services’ (2018) 35 Journal of Management Information Systems 220 Gomber P, Koch J-A and Siering M, ‘Digital Finance and FinTech: Current Research and Future Research Directions’ (2017) 87 Journal of Business Economics 537 Gordon JN, ‘The Empty Call for Benefit-Cost Analysis in Financial Regulation’ (2014) 43 The Journal of Legal Studies S351 Gorton G and Winton A, ‘Financial Intermediation’, Handbook of the Economics of Finance, vol 1 (Elsevier 2003)

BIBLIOGRAPHY

411

Goswami A, Borasi P and Kumar V, ‘Neo and Challenger Bank Market by Service Type (Loans, Mobile Banking, Checking & Savings Account, Payment & Money Transfer, and Others) and End User (Business and Personal): Global Opportunity Analysis and Industry Forecast, 2020–2027’ (AlliedMarketResearch 2020) Gray J and Hamilton J, Implementing Financial Regulation: Theory and Practice (Wiley 2006) Group of Thirty (ed), The Structure of Financial Supervision: Approaches and Challenges in a Global Marketplace (Group of Thirty 2008) Gunningham N, ‘Environment Law, Regulation and Governance: Shifting Architectures’ (2009) 21 Journal of Environmental Law 179 Gunningham N and Rees J, ‘Industry Self-Regulation: An Institutional Perspective’ (1997) 19 Law & Policy 363 Gurrea-Martínez A and Remolina N, ‘Global Challenges and Regulatory Strategies to Fintech’ (2020) Haan J de, Schoenmaker D and Wierts P, Financial Markets and Institutions: A European Perspective (4th edition, Cambridge University Press 2020) Haber H and Heims E, ‘Regulating with the Masses? Mapping the Spread of Participatory Regulation’ (2020) 27 Journal of European Public Policy 1742 Haldane AG, ‘Managing Global Finance as a System’ (BIS 2014) Haldane AG and Madouros V, ‘The Dog and the Frisbee’ (2012) Speech by Mr Andrew G Haldane and Mr Vasileios Madouros at the Federal Reserve Bank of Kansas City’s 366th Economic Policy Symposium, ‘The Changing Policy Landscape’ Hanson SG, Kashyap AK and Stein JC, ‘A Macroprudential Approach to Financial Regulation’ (2011) 25 Journal of Economic Perspectives 3 Hardy DC, ‘Regulatory Capture in Banking’ (IMF Monetary and Financial Systems Department 2006) WP/06/34 Hart O, Shleifer A and Vishny RW, ‘The Proper Scope of Government: Theory and an Application to Prisons’ (1997) 112 The Quarterly Journal of Economics 1127 Harter PJ, ‘Negotiating Regulations: A Cure for Malaise’ (1982) 71 Georgetown Law Journal 1 Hasan MdM, Popp J and Oláh J, ‘Current Landscape and Influence of Big Data on Finance’ (2020) 7 Journal of Big Data https://doi.org/10.1186/s40537020-00291-z, accessed 31 October 2021 Hauptfleisch K, ‘Machine Readable Regulation’ (Fintech Circle) https://fintechci rcle.com/insights/machine-readable-regulation/, accessed 27 October 2021 Hayek FA, ‘The Use of Knowledge in Society’ (1945) 35 The American Economic Review 519

412

BIBLIOGRAPHY

He D and others, ‘Fintech and Financial Services’ (International Monetary Fund 2017) 5 http://elibrary.imf.org/view/IMF006/24364-978148 4303771/24364-9781484303771/24364-9781484303771.xml, accessed 19 October 2021 Hee Jung JH, ‘Regtech and Suptech: The Future of Compliance’ in Jelena Madir, FinTech (Edward Elgar Publishing 2019) https://www.elgaro nline.com/view/edcoll/9781788979016/25_chapter12.xhtml, accessed 22 October 2021 Hellmann TF, Montag A and Vulkan N, ‘The Impact of the Regulatory Sandbox on the FinTech Industry’ (August 2022), Available at SSRN: https://ssrn. com/abstract=4187295 Hill JG, ‘Why Did Australia Fare so Well in the Global Financial Crisis?’ in Eilis Ferran and others (eds), The Regulatory Aftermath of the Global Financial Crisis (Cambridge University Press 2012) HKMA and PwC, ‘Reshaping Banking with Artificial Intelligence’ (2019) Hochstein M, ‘Fintech (the Word, That Is) Evolves’ (American Banker, 5 October 2015) https://www.americanbanker.com/opinion/fintech-theword-that-is-evolves, accessed 18 October 2021 Hockett RC and Omarova ST, ‘The Finance Franchise’ (2017) 102 Cornell Law Review 1143 Holmstrom B, ‘Moral Hazard and Observability’ (1979) 10 The Bell Journal of Economics 74 Hon WK and Millard C, ‘Banking in the Cloud: Part 1—Banks’ Use of Cloud Services’ (2018) 34 Computer Law & Security Review 4 Hood C, Rothstein H and Baldwin R, The Government of Risk: Understanding Risk Regulation Regimes (Oxford University Press 2001) Hopkinson G and others, ‘How Neobanks’ Business Models Challenge Traditional Banks’ Hu HTC, ‘Swaps, the Modern Process of Financial Innovation and the Vulnerability of a Regulatory Paradigm’ (1989) 138 University of Pennsylvania Law Review 333 ———, ‘New Financial Products, the Modern Process of Financial Innovation, and the Puzzle of Shareholder Welfare’ (1991) 69 Texas Law Review 1273 ———, ‘Misunderstood Derivatives: The Causes of Informational Failure and the Promise of Regulatory Incrementalism’ (1993) 102 The Yale Law Journal 1457 Hua X and Huang Y, ‘Understanding China’s Fintech Sector: Development, Impacts and Risks’ (2021) 27 The European Journal of Finance 321 Hughes J, ‘FSA Admits Failings over Northern Rock’ Financial Times (26 March 2008) https://www.ft.com/content/0833a416-fb0d-11dc-8c3e-000 077b07658, accessed 26 October 2021

BIBLIOGRAPHY

413

Hunt JP, ‘Credit Rating Agencies and the “Worldwide Credit Crisis”: The Limits of Reputation, the Insufficiency of Reform, and a Proposal for Improvement’ (2009) 2009 Columbia Business Law Review 109 Hunter ND, ‘“Public-Private” Health Law: Multiple Directions in Public Health’ (2007) 10 Journal of Health Care Law & Policy 89 Hurwitz J (Gus), ‘Regulation as a Partnership’ (2021) 3 Journal of Law & Innovation 117 ICF and CEPS, ‘Study on the Costs of Compliance for the Financial Sector— Final Report’ (EC 2019) Igan D and Lambert T, ‘Bank Lobbying: Regulatory Capture and Beyond’ (2019) WP/19/171 IMF, FSB, and BIS, ‘Elements of Effective Macroprudential Policies Lessons from International Experience’ (2016) Independent Commission on Banking, ‘Interim Report—Consultation on Reform Options’ (2011) Inman P, ‘Financial Services Authority Chairman Backs Tax on “Socially Useless” Banks’ The Guardian (26 August 2009) Innovate Finance, ‘Industry Sandbox Consultation: A Development in Open https://issuu.com/innovatefinance/docs/industry_sandbox_c Innovation’ onsultation_repor Institute of International Finance, ‘Regtech: Exploring Solutions for Regulatory Challenges’ https://www.iif.com/Portals/0/Files/content/Innovation/ 10_01_2015_regtech_exploring_solutions.pdf ———, ‘Regtech in Financial Services: Technology Solutions for Compliance and Reporting’ International Finance Corporation, ‘IFC Annual Report 2020: Transformation’ (IFC 2020) Jabotinsky HY and Sarel R, ‘How the Covid-19 Pandemic Affected the Cryptocurrency Market’ (CLS Blue Sky Blog, 26 March 2021) https://clsbluesky. law.columbia.edu/2021/03/26/how-the-covid-19-pandemic-affected-thecryptocurrency-market/, accessed 19 October 2021 Jagtiani J and Lemieux C, ‘The Roles of Alternative Data and Machine Learning in Fintech Lending: Evidence from the LendingClub Consumer Platform’ (2019) 48 Financial Management 1009 Jagtiani J, Saunders A and Udell G, ‘The Effect of Bank Capital Requirements on Bank Off-Balance Sheet Financial Innovations’ (1995) 19 The Role of Capital in Financial Institutions 647 James A, ‘Neo Bank Vs Challenger Bank: The Talk of the Town’ (Medium, 4 June 2019) https://amandajames19868.medium.com/neo-bank-vs-challe nger-bank-the-talk-of-the-town-53238a5dfe22, accessed 24 October 2021 Jenkinson N, Penalver A and Vause N, ‘Financial Innovation: What Have We Learnt?’ (Bank of England 2008)

414

BIBLIOGRAPHY

Jensen MC and Meckling WH, ‘Theory of the Firm: Managerial Behavior, Agency Costs and Ownership Structure’ (1976) 3 Journal of Financial Economics 305 Johnson DR and Post D, ‘Law and Borders—The Rise of Law in Cyberspace’ [1996] First Monday Johnson KN, ‘Things Fall Apart: Regulating the Credit Default Swaps Commons’ (2011) 82 University of Colorado Law Review 167 Johnson KN, Pasquale F and Chapman J, ‘Artificial Intelligence, Machine Learning, and Bias in Finance: Toward Responsible Innovation’ (2019) 88 Fordham Law Review 449 Johnson S and Kwak J, 13 Bankers: The Wall Street Takeover and the Next Financial Meltdown (1st edition, Pantheon Books 2010) Jones E and Knaack P, The Future of Global Financial Regulation (University of Oxford 2017) JPMorgan Chase & Co, ‘J.P. Morgan Creates Digital Coin for Payments’ https://www.jpmorgan.com/solutions/cib/news/digital-coin-payments, accessed 28 October 2021 Judge K, ‘Information Gaps and Shadow Banking’ (2017) 103 Virginia Law Review 411 ———, ‘Investor-Driven Financial Innovation’ (2018) 8 Harvard Business Law Review 291 ———, ‘Regulation and Deregulation: The Baseline Challenge’ (2018) 104 Virginia Law Review 101 Kaal WA, ‘Dynamic Regulation for Innovation’ in Mark Fenwick and others (eds), Perspectives in Law, Business & Innovation (Springer 2016) Kahneman D, Thinking, Fast and Slow (1st edition, Farrar, Straus and Giroux 2011) Kamali W and Randall D, ‘Leveraging “Suptech” for Financial Inclusion in Rwanda’ (Private Sector Development Blog (World Bank Blogs), 8 June 2018) https://blogs.worldbank.org/psd/leveraging-suptech-financialinclusion-rwanda, accessed 27 October 2021 Kalifa SR, ‘Kalifa Review of UK Fintech’ (HM Treasury, 2021) Kaminski P and Robu K, ‘A Best-Practice Model for Bank Compliance’ (McKinsey & Company Risk 2016) Kampkötter P, ‘Non-Executive Compensation in German and Swiss Banks Before and After the Financial Crisis’ (2015) 21 The European Journal of Finance 1297 Kane EJ, ‘Accelerating Inflation, Technological Innovation, and the Decreasing Effectiveness of Banking Regulation’ (1981) 36 The Journal of Finance 355 ———, ‘Dangers of Capital Forbearance: The Case of the FSLIC and “zombie” S&Ls’ (1987) 5 Contemporary Economic Policy 77

BIBLIOGRAPHY

415

———, ‘Interaction of Financial and Regulatory Innovation’ (1988) 78 The American Economic Review 328 ———, ‘Financial Regulation and Market Forces’ (1991) 127 Swiss Journal of Economics and Statistics 325 Kaplow L, ‘Rules Versus Standards: An Economic Analysis’ (1992) 42 Duke Law Journal 557 Karkkainen BC, ‘Adaptive Ecosystem Management and Regulatory Penalty Defaults: Toward a Bounded Pragmatism’ (2003) 87 Minnesota Law Review 943 Karmel RS, ‘Should Securities Industry Self-Regulatory Organizations Be Considered Government Agencies?’ (2008) 14 Stanford Journal of Law, Business & Finance 151 Kelly J, ‘Facebook’s Libra Comes Under Fire in Senate Hearing— Here’s Why Congress Is Terrified’ Forbes (16 July 2019) https://www.forbes.com/sites/ jackkelly/2019/07/16/facebooks-libra-comes-under-fire-in-senate-hearingheres-why-congress-is-terrified/, accessed 24 October 2021 Khraisha T and Arthur K, ‘Can We Have a General Theory of Financial Innovation Processes? A Conceptual Review’ (2018) 4 Financial Innovation 1 King MA, The End of Alchemy: Money, Banking, and the Future of the Global Economy (Norton Paperback, WW Norton & Company 2017) King RG and Levine R, ‘Finance and Growth: Schumpeter Might Be Right’ (1993) 108 The Quarterly Journal of Economics 717 ———, ‘Finance, Entrepreneurship and Growth’ (1993) 32 Journal of Monetary Economics 513 Kingdon JW, Agendas, Alternatives, and Public Policies (2nd edition, Longman 2011) Kirby E and Worner S, ‘Crowd-Funding: An Infant Industry Growing Fast’ (IOSCO 2014) Klein A, ‘Is China’s New Payment System the Future?’ (The Brookings Institution 2019) Klein DB, Knowledge and Coordination: A Liberal Interpretation (Oxford University Press 2013) Knight B and Mitchell T, ‘Done Right, Regulatory Sandboxes Can Promote Competition’ American Banker (8 August 2019) https://www.americanb anker.com/opinion/done-right-regulatory-sandboxes-can-promote-compet ition, accessed 27 October 2021 ———, ‘The Sandbox Paradox: Balancing the Need to Facilitate Innovation with the Risk of Regulatory Privilege’ (2020) 72 South Carolina Law Review 445 Knight F, Risk, Uncertainty, and Profit (Hart, Schaffner and Marx; Houghton Mifflin 1921)

416

BIBLIOGRAPHY

Kolkman L, ‘Bank-Less Future: How FinTech Start-Ups Might Take over the Financial System’ (KPMG 2016) Kovacic WE and Hyman DA, ‘Regulatory Leveraging: Problem or Solution?’ (2016) 23 George Mason Law Review 1163 KPMG, ‘A New Landscape—Challenger Banking Annual Results’ (2016) ———, ‘The Pulse of Fintech 2018—Biannual Global Analysis of Investment in Fintech’ (KPMG 2018) ———, ‘The Pulse of Fintech H2 2019’ (2020) Langevoort DC, ‘Structuring Securities Regulation in the European Union: Lessons from the U.S. Experience’ in Guido Ferrarini and Eddy Wymeersch (eds), Investor Protection in Europe (Oxford University Press 2006) Lannoo K, ‘New Market Conduct Rules for Financial Intermediaries: Will Complexity Bring Transparency?’ (2017) Lastra RM, ‘Systemic Risk and Macro-Prudential Supervision’ in Niamh Moloney, Eilís Ferran and Jennifer Payne (eds), The Oxford Handbook of Financial Regulation (Oxford University Press 2015) Lerner J and Tufano P, ‘The Consequences of Financial Innovation: A Counterfactual Research Agenda’ (2011) 3 Annual Review of Financial Economics 41 Levin Z, ‘Fintech Startups and Incumbent Players Series—Designing a Regulatory Sandbox’ (Oxford Business Law Blog, 14 May 2020) https://www.law. ox.ac.uk/business-law-blog/blog/2020/05/fintech-startups-and-incumbentplayers-series-designing-regulatory, accessed 27 October 2021 Levine R, ‘Financial Development and Economic Growth: Views and Agenda’ (1997) 35 Journal of Economic Literature 688 ———, ‘Bank-Based or Market-Based Financial Systems: Which Is Better?’ (2002) 11 Journal of Financial Intermediation 398 ———, ‘Finance and Growth: Theory and Evidence’ in Philippe Aghion and Steven Durlauf (eds), Handbook of Economic Growth, vol 1 (Elsevier 2005) Levitin AJ, ‘Written Testimony Before the United States Senate Committee on the Banking, Housing, and Urban Affairs’ (Hearing on: Modernizing Consumer Protection in the Financial Regulatory System: Strengthening Credit Card Protections, Washington, DC, 19 February 2009) ———, ‘Pandora’s Digital Box: The Promise and Perils of Digital Wallets’ (2018) 166 University of Pennsylvania Law Review 305 Liang H and Renneboog L, ‘Corporate Social Responsibility and Sustainable Finance: A Review of the Literature’ (2020) Lin TCW, ‘The New Investor’ (2013) 60 UCLA Law Review 678 ———, ‘The New Financial Industry’ (2014) 65 Alabama Law Review 567 ———, ‘Infinite Financial Intermediation’ (2015) 50 Wake Forest Law Review 643

BIBLIOGRAPHY

417

Lipton E and Livni E, ‘Crypto’s Rapid Move into Banking Elicits Alarm in Washington’ The New York Times (5 September 2021) https://www.nytimes.com/ 2021/09/05/us/politics/cryptocurrency-banking-regulation.html, accessed 19 October 2021 Livermore MA, ‘The Perils of Experimentation’ (2017) 126 Yale Law Journal 636 Lobel O, ‘The Renew Deal: The Fall of Regulation and the Rise of Governance in Contemporary Legal Tho’ (2004) 89 342 Long S, ‘A Survey of Online Finance’ (The Economist 2000) 355 López LE and Roberts EB, ‘First-Mover Advantages in Regimes of Weak Appropriability: The Case of Financial Services Innovations’ (2002) 55 Journal of Business Research 997 Low JJ, ‘Developers Now Make up a Quarter of Goldman Sachs’ Workforce’ (TechHQ , 14 February 2020) https://techhq.com/2020/02/developersnow-make-up-quarter-of-goldman-sachs-workforce/, accessed 27 October 2021 Macchiavello E, ‘FinTech Regulation from a Cross-Sectoral Perspective’ in Veerle Colaert, Danny Busch and Thomas Incalza (eds), European Financial Regulation: Levelling the Cross-Sectoral Playing Field (Hart Publishing 2019) Macey JR and O’Hara M, ‘From Markets to Venues: Securities Regulation in an Evolving World’ (2005) 58 Stanford Law Review 563 Madir J, ‘Introduction—What Is Fintech?’ in Jelena Madir (ed), Fintech: Law and Regulation (Edward Elgar Publishing Limited 2019) ———, ‘Smart Contracts’ in Jelena Madir (ed), Fintech: Law and Regulation (Edward Elgar Publishing Limited 2019) Magnuson W, ‘Regulating Fintech’ (2018) 71 Vanderbilt Law Review 1167 Malkiel BG, ‘The Efficient Market Hypothesis and Its Critics’ (2003) 17 Journal of Economic Perspectives 59 Malkiel BG and Fama EF, ‘Efficient Capital Markets: A Review of Theory and Empirical Work*’ (1970) 25 The Journal of Finance 383 MAMBU, ‘Mambu Earns Frost & Sullivan’s 2021 Global Product Leadership Award for Its Cloud Banking Platform | SaaS Cloud Banking Platform | Mambu’ (15 July 2021) https://www.mambu.com/insights/press/mambuearns-frost-and-sullivan-s-2021-global-product-leadership-award-for-its-cloudbanking, accessed 28 October 2021 Mandel GN, Legal Evolution in Response to Technological Change, vol 1 (Roger Brownsword, Eloise Scotford and Karen Yeung eds, Oxford University Press 2016) Mansilla-Fernández JM, ‘Numbers’ (2017) 2 European Economy—Banks, Regulation, and the Real Sector Manuelli R and Seshadri A, ‘Frictionless Technology Diffusion: The Case of Tractors’ (NBER 2003)

418

BIBLIOGRAPHY

Marchant GE, Allenby BR and Herkert JR (eds), Growing Gap Between Emerging Technologies and Legal-Ethical Oversight: The Pacing Problem (Springer 2011) Markham JW, A Financial History of the United States (ME Sharpe 2002) Marr B, ‘What’s The Difference Between Structured, Semi-Structured And Unstructured Data?’ Forbes (18 October 2018) https://www.forbes.com/ sites/bernardmarr/2019/10/18/whats-the-difference-between-structuredsemi-structured-and-unstructured-data/, accessed 24 October 2021 MAS, ‘Regulatory Sandboy Guidelines’ (MAS 2016) McBarnet D and Whelan C, ‘The Elusive Spirit of the Law: Formalism and the Struggle for Legal Control’ (1991) 54 The Modern Law Review 848 McGee P and Franklin J, ‘Apple Teams up with Goldman Sachs on High-Yield Savings Account’ (Financial Times, 13 October 2022) McKinsey & Company, ‘Capital Management, Banking’s New Imperative’ (2012) 38 ———, ‘Global Payments 2018: A Dynamic Industry Continues to Break New Ground’ (2018) ———, ‘Next-Generation Core Banking Platforms: A Golden Ticket? | McKinsey & Company’ (12 August 2019) https://www.mckinsey.com/ industries/financial-services/our-insights/banking-matters/next-generationcore-banking-platforms-a-golden-ticket, accessed 22 October 2021 McLean TR, ‘The Offshoring of American Medicine: Scope, Economic Issues and Legal Liabilities’ (2005) 14 Annals of Health Law 205 McPhail L and McPhail J, ‘Machine Learning Implications for Banking Regulation’ [2019] SSRN Electronic Journal https://www.ssrn.com/abstract=342 3413, accessed 24 October 2021 Meeus M and Edquist C, ‘Introduction to Part I: Product and Process Innovation’ in Marius Meeus and Jerald Hage (eds), Innovation, Science, and Institutional Change: A Research Handbook (Oxford University Press 2006) Megargel A, Shankararaman V and Walker DK, ‘Migrating from Monoliths to Cloud-Based Microservices: A Banking Industry Example’ in Muthu Ramachandran and Zaigham Mahmood (eds), Software Engineering in the Era of Cloud Computing (Springer 2020) Megaw N, ‘Banks Seek Tech Talent for Digital Shift’ Financial Times (21 May 2018) https://www.ft.com/content/90063bd2-59e0-11e8-bdb7f6677d2e1ce8, accessed 24 October 2021 Menon R, ‘Financial Regulation—20 Years After the Global Financial Crisis’ (BIS 2018) Keynote Address Merriam-Webster, ‘Definition of INNOVATION’ https://www.merriam-web ster.com/dictionary/innovation, accessed 28 October 2021 Merton RC, ‘Financial Innovation and Economic Performance’ (1992) 4 Journal of Applied Corporate Finance 12

BIBLIOGRAPHY

419

———, ‘Financial Innovation and the Management and Regulation of Financial Institutions’ (1995) 19 Journal of Banking & Finance 461 Micheler E and Whaley A, ‘Regulatory Technology: Replacing Law with Computer Code’ (2020) 21 European Business Organization Law Review 349 Millard S, Haldane AG and Saporta V (eds), The Future of Payment Systems (1st edition, Routledge 2008) Miller JH and Page SE, Complex Adaptive Systems: An Introduction to Computational Models of Social Life (Princeton University Press 2007) Miller MH, ‘Financial Innovation: The Last Twenty Years and the Next’ (1986) 21 The Journal of Financial and Quantitative Analysis 459 ———, ‘Financial Innovation: Achievements and Prospects’ (1992) 4 Journal of Applied Corporate Finance 4 Mills D and others, ‘Distributed Ledger Technology in Payments, Clearing, and Settlement’ (Division of Research & Statistics and Monetary Affairs, Federal Reserve Board 2016) https://www.federalreserve.gov/econres/feds/distri buted-ledger-technology-in-payments-clearing-and-settlement.htm, accessed 24 October 2021 Minow M, ‘Public and Private Partnerships: Accounting for the New Religion’ (2003) 116 Harvard Law Review 1229 Mishkin FS, The Economics of Money, Banking, and Financial Markets (11th edition, Pearson 2016) Mishra P, ‘Financial Innovation in Financial Markets—A Reassessment’ (2010) Mitchell M, Complexity: A Guided Tour (Oxford University Press 2011) Moloney N, ‘Financial Services and Markets’ in Robert Baldwin, Martin Cave and Martin Lodge (eds), The Oxford Handbook of Regulation (Oxford University Press 2010) ———, ‘The Evolution of Theory and Method in Law and Finance’ in Niamh Moloney, Eilís Ferran and Jennifer Payne (eds), The Oxford Handbook of Financial Regulation (Oxford University Press 2015) Molyneux P and Shamroukh N, ‘Diffusion of Financial Innovations: The Case of Junk Bonds and Note Issuance Facilities’ (1996) 28 Journal of Money, Credit and Banking 502 Moore GE, ‘Cramming More Components onto Integrated Circuits’ (1965) 38 Electronics More C, Understanding the Industrial Revolution (Routledge 2000) Morgan B, ‘Regulating the Regulators’ (1999) 1 Public Management: An International Journal of Research and Theory 49 Morse SC, ‘Government-to-Robot-Enforcement’ (2019) 2019 University of Illinois Law Review 1497 Moses LB, ‘Recurring Dilemmas: The Law’s Race to Keep Up with Technological Change’ (2007) 7 Journal of Law, Technology & Policy 239

420

BIBLIOGRAPHY

———, ‘How to Think about Law, Regulation and Technology: Problems with “Technology” as a Regulatory Target’ (2013) 5 Law, Innovation and Technology 1 Moyer L, ‘From Wall Street Banking, a New Wave of Fintech Investors’ The New York Times (6 April 2016) https://www.nytimes.com/2016/04/07/ business/dealbook/from-wall-street-banking-a-new-wave-of-fintech-investors. html, accessed 24 October 2021 Muelbert PO, ‘Managing Risk in the Financial System’ in Niamh Moloney, Eilís Ferran and Jennifer Payne (eds), The Oxford Handbook of Financial Regulation (Oxford University Press 2015) Nair S, ‘Trust in Tech Is Wavering and Companies Must Act’ (Edelman) https://www.edelman.com/research/2019-trust-tech-wavering-companiesmust-act, accessed 23 October 2021 Naydenov R and others, Secure Use of Cloud Computing in the Finance Sector: Good Practices and Recommendations (ENISA 2015) Ng F and Kandaswamy R, ‘Market Insight: Value-Based Cloud Opportunities in Financial Services’ (Gartner 2017) OECD, ‘Policy Framework for Effective and Efficient Financial Regulation: General Guidance and High-Level Checklist’ (2010) 2009 OECD Journal: Financial Market Trends 267 OECD and Statistical Office of the European Communities, Oslo Manual: Guidelines for Collecting and Interpreting Innovation Data, 3rd Edition (OECD 2005) https://www.oecd-ilibrary.org/science-and-technology/oslomanual_9789264013100-en, accessed 18 October 2021 Ollivaud P and Turner D, ‘The Effect of the Global Financial Crisis on OECD Potential Output’ (2015) Volume 2014 Omarova S, ‘Technology v Technocracy: Fintech as a Regulatory Challenge’ (2020) 6 Journal of Financial Regulation 75 Omarova ST, ‘Wall Street as Community of Fate: Toward Financial Industry Self-Regulation’ (2011) 159 University of Pennsylvania Law Review 411 ———, ‘License to Deal: Mandatory Approval of Complex Financial Products’ (2012) 90 Washington University Law Review ———, ‘New Tech v. New Deal: Fintech as a Systemic Phenomenon’ (2019) 36 Yale Journal on Regulation 735 ———, ‘Dealing with Disruption: Emerging Approaches to Fintech Regulation’ (2020) 61 Washington University Journal of Law & Policy 25 Osinski ´ J Seal, Katharine and Hoogduin L, Macroprudential and Microprudential Policies Toward Cohabitation (IMF 2013) Pan EJ, ‘Understanding Financial Regulation’ (2011) 4 Utah Law Journal 1897 Parenti R, ‘Regulatory Sandboxes and Innovation Hubs for FinTech—Impact on Innovation, Financial Stability and Supervisory Convergence’ (European

BIBLIOGRAPHY

421

Parliament, Policy Department for Economic, Scientific and Quality of Life Policies 2020) Partnoy F, ‘Financial Derivatives and the Costs of Regulatory Arbitrage’ (1997) 22 The Journal of Corporation Law 221 Pasquale F, ‘Law’s Acceleration of Finance: Redefining the Problem of HighFrequency Trading’ (2015) 36 Cardozo Law Review 2085 ———, The Black Box Society: The Secret Algorithms That Control Money and Information (Harvard University Press 2016) Pauly MV, ‘The Economics of Moral Hazard: Comment’ (1968) 58 The American Economic Review 351 Peltzman S, ‘George Stigler’s Contribution to the Economic Analysis of Regulation’ (1993) 101 Journal of Political Economy 818 Peng J-L and Tsang C-Y, ‘FinTech Regulation and A Review of Taiwan’s Financial Regulatory Sandbox Mechanism’ (2019) 38 Management Review 89 Petralia K and others, Banking Disrupted? Financial Intermediation in an Era of Transformational Technology (Centre for Economic Policy Research 2019) Philippon T, ‘The FinTech Opportunity’ (National Bureau of Economic Research 2016) 22476 http://www.nber.org/papers/w22476.pdf, accessed 23 October 2021 Pigou AC, The Economics of Welfare (Fourth edition, reprinted, Palgrave Macmillan 2013) Pistor K, ‘A Legal Theory of Finance’ (2013) 41 Journal of Comparative Economics 315 ———, ‘A Legal Theory of Finance’ (2013) 41 Journal of Comparative Economics 315 Pollmann MMH, Potters J and Trautmann ST, ‘Risk Taking by Agents: The Role of Ex-Ante and Ex-Post Accountability’ (2014) 123 Economics Letters 387 Posner E and Weyl GE, ‘Benefit-Cost Analysis for Financial Regulation’ (2013) 103 American Economic Review 393 Posner RA, ‘Theories of Economic Regulation’ (1974) 5 The Bell Journal of Economics and Management Science 335 Pünder H, ‘Democratic Legitimation of Delegated Legislation: A Comparative View on the American, British and German Law’ (2009) 58 The International and Comparative Law Quarterly 353 PwC, ‘Global FinTech Report 2017—Redrawing the Lines: FinTech’s Growing Influence on Financial Services’ (PwC 2017) Pyle DH, ‘On the Theory of Financial Intermediation’ (1971) 26 Journal of Finance 737 Rauchs M and others, ‘Distributed Ledger Technology Systems—A Conceptual Framework’ (CCAF 2018) Raz J, ‘Legal Principles and the Limits of Law’ (1972) 81 Yale Law Journal 823

422

BIBLIOGRAPHY

Redman TC, ‘If Your Data Is Bad, Your Machine Learning Tools Are Useless’ [2018] Harvard Business Review https://hbr.org/2018/04/if-your-data-isbad-your-machine-learning-tools-are-useless, accessed 31 October 2021 Redmond W, ‘Financial Innovation, Diffusion, and Instability’ (2013) 47 Journal of Economic Issues 525 Reeves M, Levin S and Ueda D, ‘The Biology of Corporate Survival’ [2016] Harvard Business Review https://hbr.org/2016/01/the-biology-of-corpor ate-survival, accessed 24 October 2021 Reinsel D, Gantz J and Rydning J, ‘The Evolution of Data to Life-Critical: Don’t Focus on Big Data, Focus on Data That’s Big’ (2017) Remolina N, ‘Open Banking: Regulatory Challenges for a New Form of Financial Intermediation in a Data-Driven World’ (2019) ———, ‘Towards a Data-Driven Financial System: The Impact of COVID-19’ (SMU Centre for AI & Data Governance 2020) ———, ‘Interconnectedness and Financial Stability in the Era of Artificial Intelligence’ (2022) Singapore Management University School of Law Research Paper Reuters, ‘U.S. Banking Regulators Hire Quants of Their Own’ (NEWSWEEK, 5 August 2014) https://www.newsweek.com/us-banking-regulators-hire-qua nts-their-own-250375, accessed 27 October 2021 Reuters Staff, ‘Large Carmakers Including Volkswagen, FCA Could Face 2021 EU Emissions Fines: Study’ Reuters (26 June 2019) https://www.reuters. com/article/us-carmaker-fines-idUSKCN1TR0B9, accessed 18 October 2021 Reyes CL, ‘Moving Beyond Bitcoin to an Endogenous Theory of Decentralized Ledger Technology Regulation: An Initial Proposal’ (2016) 61 Villanova Law Review 191 Riad A el-din, Hassan A and Hassan qusay f., ‘Leveraging SOA in Banking Systems Integration’ (2008) 3 Journal of Applied Economic Sciences 145 Riles A, ‘Is New Governance the Ideal Architecture for Global Financial Regulation’ (2013) 31 Monetary and Economic Studies 65 Ringe W-G, ‘Regulatory Competition in Global Financial Markets—The Case for a Special Resolution Regime’ 1 Annals of Corporate Governance 175 Ringe W-G and Ruof C, ‘A Regulatory Sandbox for Robo Advice’ [2018] European Banking Institute Working Paper Series 2018 https://ssrn.com/ abstract=3188828 ———, ‘Regulating Fintech in the EU: The Case for a Guided Sandbox’ (2020) 11 European Journal of Risk Regulation 604 ———, ‘The DLT Pilot Regime: An EU Sandbox, at Last!’ (Oxford Business Law Blog, 19 November 2020) https://www.law.ox.ac.uk/business-lawblog/blog/2020/11/dlt-pilot-regime-eu-sandbox-last, accessed 26 October 2021

BIBLIOGRAPHY

423

Robinson S, Altkemper S and Kaur Johal Y, ‘The Regulatory FinTech Sandbox: A Global Overview’ (2020) 9 Compliance & Risk 10 Roe MJ, ‘The Derivatives Market’s Payment Priorities as Financial Crisis Accelerator’ (2011) 63 Stanford Law Review 539 Romano R, ‘Regulating in the Dark and a Postscript Assessment of the Iron Law of Financial Regulation’ (2014) 43 Hofstra Law Review 25 Ruhl JB, ‘Managing Systemic Risk in Legal Systems’ (2014) 89 Indiana Law Journal 559 Ringe W-G and Ruof C, ‘Robo Advice—Legal and Regulatory Challenges’ in Iris HY Chiu and Gudula Deipenbrock (eds), Routledge Handbook of Financial Technology and Law (Routledge 2021) Rustad M, ‘Cybertorts and Legal Lag: An Empirical Analysis’ (2003) 13 Southern California Interdisciplinary Law Journal 77 Sabel CF and Simon WH, ‘Minimalism and Experimentalism in the Administrative State’ (2011) 100 Georgetown Law Journal 53 Sabel CF, Zeitlin J and Levi-Faur D, ‘Experimentalist Governance’, The Oxford Handbook of Governance (Oxford University Press 2012) Samuelson PA, ‘The Pure Theory of Public Expenditure’ (1954) 36 The Review of Economics and Statistics 387 Samuelson W and Zeckhauser R, ‘Status Quo Bias in Decision Making’ (1988) 1 Journal of Risk and Uncertainty 7 Santander InnoVentures, Oliver Wyman, and anthemis group, ‘The Fintech 2.0 Paper: Rebooting Financial Services’ Saxena R, ‘Tech at N26—The Bank in the Cloud’ (InsideN26, 31 October 2018) https://medium.com/insiden26/tech-at-n26-the-bank-in-the-cloude5ff818b528b, accessed 20 October 2021 Schauer F, ‘The Convergence of Rules and Standards’ (2003) 2003 New Zealand Law Review 303 Schindler J, ‘FinTech and Financial Innovation: Drivers and Depth’ (Board of Governors of the Federal Reserve System 2017) Schlag P, ‘Rules and Standards’ (1985) 33 UCLA Law Review 379 Scholtens B and van Wensveen D, ‘A Critique on the Theory of Financial Intermediation’ (2000) 24 Journal of Banking & Finance 1243 Schumpeter JA, The Theory of Economic Development: An Inquiry into Profits, Capital, Credit, Interest, and the Business Cycle (Harvard University Press 1911) ———, Capitalism, Socialism and Democracy (Harper & Brothers 1942) Schwab K, The Fourth Industrial Revolution (1st edition, Penguin 2017) Schwarcz SL, ‘Systemic Risk’ (2008) 97 Georgetown Law Journal ———, ‘Regulating Complexity in Financial Markets’ (2009) 87 Washington University Law Review 211 ———, ‘Regulating Shadow Banking’ Review of Banking & Financial Law

424

BIBLIOGRAPHY

SEC, ‘Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934: The DAO’ (SEC 2017) Release No. 81207 https:// www.sec.gov/litigation/investreport/34-81207.pdf SEC Division of Economic and Risk Analysis, ‘Demand and Supply of Safe Assets in the Economy’ (2014) https://www.sec.gov/dera/staff-papers/economicanalyses/demand-supply-safe-assets-2014.pdf Shepherd-Barron J, ‘Meet the True Star of Financial Innovation—The Humble ATM’ Financial Times (22 June 2017) https://www.ft.com/content/052 f9310-5738-11e7-80b6-9bfa4c1f83d2, accessed 18 October 2021 Shiller RJ, Finance and the Good Society (Princeton University Press 2013) ———, Irrational Exuberance (3rd edition, Princeton University Press 2016) Shleifer A, ‘Understanding Regulation’ (2005) 11 European Financial Management 439 ———, Inefficient Markets: An Introduction to Behavioral Finance (Repr, Oxford University Press 2009) ———, ‘The Age of Milton Friedman’ (2009) 47 Journal of Economic Literature 123 ———, ‘George Stigler’s Paper on Regulation and the Rise of Political Economy’ (ProMarket, 28 April 2021) https://www.promarket.org/2021/04/28/geo rge-stiglers-regulation-political-economy-capture/, accessed 7 July 2022 Shuren JE, ‘The Modern Regulatory Administrative State: A Response to Changing Circumstances’ (2001) 38 Harvard Journal on Legislation X Siegel E, Predictive Analytics: The Power to Predict Who Will Click, Buy, Lie, or Die (2., Wiley 2016) Silber WL, ‘The Process of Financial Innovation’ (1983) 73 American Economic Review 89 Simon HA, ‘The Architecture of Complexity’ (1962) 106 Proceedings of the American Philosophical Society 467 Sinclair D, ‘Self-Regulation Versus Command and Control? Beyond False Dichotomies’ (1997) 19 Law & Policy 529 Smaga P, ‘The Concept of Systemic Risk’ (London School of Economics and Political Science, LSE Library 2014) 61214 https://ideas.repec.org/p/ehl/ lserod/61214.html, accessed 8 October 2021 Smythe MK, ‘Government Supervised Self-Regulation in the Securities Industry and the Antitrust Laws: Suggestions for an Accommodation’ (1984) 62 North Carolina Law Review 475 Sorkin AR and others, ‘The New “Shadow” Banks’ The New York Times (8 September 2021) https://www.nytimes.com/2021/09/08/business/dea lbook/crypto-bitcoin-regulation.html, accessed 24 October 2021 Soros G, The Alchemy of Finance (J Wiley 2003)

BIBLIOGRAPHY

425

Staschen S and Kerse M, ‘Is Mexico’s “Fintech Law” Leading a New Trend in Fintech Regulation?’ (CGAP Blog ) https://www.cgap.org/blog/mexicos-fin tech-law-leading-new-trend-fintech-regulation, accessed 31 October 2021 Statista, ‘Fintech Report 2019’ (Statista 2019) Steele G, ‘Perspective | Facebook’s Libra Cryptocurrency Is Part of a Disturbing Financial Trend’ Washington Post (12 August 2019) https://www.washingto npost.com/outlook/2019/08/12/facebooks-libra-cryptocurrency-is-part-dis turbing-financial-trend/, accessed 24 October 2021 Stephenson MC, ‘Information Acquisition and Institutional Design’ (2011) 124 Harvard Law Review 1422 Stern G, ‘Can Regulators Keep Up with Fintech?’ (Yale Insights, 13 December 2017) https://insights.som.yale.edu/insights/can-regulatorskeep-up-with-fintech, accessed 26 October 2021 Stigler GJ, ‘Perfect Competition, Historically Contemplated’ (1957) 65 Journal of Political Economy 1 ———, ‘The Theory of Economic Regulation’ (1971) 2 The Bell Journal of Economics and Management Science 3 Storbeck O and Chazan G, ‘Wirecard Scandal Leaves German Regulators Under Fire’ Financial Times (24 June 2020) https://www.ft.com/content/f62 f7f56-3d45-492c-ae88-172948d21eb8, accessed 5 October 2021 Stout LA, The Shareholder Value Myth: How Putting Shareholders First Harms Investors, Corporations, and the Public (1st edition, Berrett-Koehler 2012) Stulz RM, ‘FinTech, BigTech, and the Future of Banks’ (2019) 31 Journal of Applied Corporate Finance 86 Sunstein CR, ‘Problems with Rules’ (1995) 83 California Law Review 953 ———, ‘Cost-Benefit Analysis and the Knowledge Problem’ [2014] SSRN Electronic Journal http://www.ssrn.com/abstract=2508965, accessed 7 October 2021 ———, ‘The Most Knowledgeable Branch’ (2016) 164 University of Pennsylvania Law Review 1607 Sunstein CR, ‘Empirically Informed Regulation’ 78 University of Chicago Law Review 1349 Tabuchi H, ‘The World Is Embracing S.U.V.s. That’s Bad News for the Climate.’ The New York Times (3 March 2018) https://www.nytimes.com/2018/03/ 03/climate/suv-sales-global-climate.html, accessed 18 October 2021 Tang T, Zhang Y and He D, ‘The Rise of Digital Finance in China—New Drivers, New Game, New Strategy’ (Boston Consulting Group 2014) Taylor J and Raden N, Smart (Enough) Systems: How to Deliver Competitive Advantage by Automating the Decisions Hidden in Your Business (Prentice Hall 2007) Taylor K and Silver L, ‘Smartphone Ownership Is Growing Rapidly Around the World, But Not Always Equally’ (Pew Research Center 2019)

426

BIBLIOGRAPHY

Terwiesch C and Ulrich KT, Innovation Tournaments: Creating and Selecting Exceptional Opportunities (Harvard Business Press 2009) Thaler RH and Sunstein CR, Nudge: Improving Decisions about Health, Wealth, and Happiness (Rev and expanded ed, Penguin Books 2009) The staff of the Wall Street Journal, ‘How Big Tech Got Even Bigger’ Wall Street Journal (6 February 2021) https://www.wsj.com/articles/how-bigtech-got-even-bigger-11612587632, accessed 24 October 2021 Toronto Centre, ‘FinTech, RegTech and SupTech: What They Mean for Financial Supervision’ (2017) ———, ‘SupTech: Leveraging Technology for Better Supervision’ (2018) Trubek LG, ‘New Governance and Soft Law in Health Care Reform’ (2006) 3 Indiana Health Law Review 139 Tsang C-Y, ‘Balancing the Governance of the Modern Financial Ecosystem: A New Governance Perspective and Implications for Market Discipline’ (2018) 40 Houston Journal for International Law 531 ———, ‘From Industry Sandbox to Supervisory Control Box: Rethinking the Role of Regulators in the Era of Fintech’ (2019) 2 Journal of Law, Technology & Policy 355 Tuch A, ‘Conduct of Business Regulation’ in Niamh Moloney, Eilís Ferran and Jennifer Payne (eds), The Oxford Handbook of Financial Regulation (Oxford University Press 2015) Tucker PMW, Unelected Power: The Quest for Legitimacy in Central Banking and the Regulatory State (Princeton University Press 2018) Tufano P, ‘Financial Innovation and First-Mover Advantages’ (1989) 25 Journal of Financial Economics 213 ———., ‘Financial Innovation’ in George M Constantinides, Milton Harris and René M Stulz (eds), Handbook of the Economics of Finance, vol 1 (Elsevier 2003) Tushman ML and Anderson P, ‘Technological Discontinuities and Organizational Environments’ (1986) 31 Administrative Science Quarterly 439 Tutt A, ‘An FDA for Algorithms’ (2017) 69 Administrative Law Review 83 UNSGSA, ‘Early Lessons on Regulatory Innovations to Enable Inclusive FinTech: Innovation Offices, Regulatory Sandboxes, and RegTech’ (UNSGSA FinTech Working Group and CCAF 2019) U.S. Department of the Treasury, ‘A Financial System That Creates Economic Opportunities Nonbank Financials, Fintech, and Innovation’ (2018) Report to President Donald J Trump US Department of the Treasury, ‘Office of Financial Research 2012 Annual Report’ (2012) US Treasury Department, ‘Joint Statement by Treasury Secretary Robert Rubin, Federal Reserve Board Chairman Alan Greenspan and Securities and Exchange

BIBLIOGRAPHY

427

Commissioner Arthur Levitt’ (1998) https://www.treasury.gov/press-cen ter/press-releases/Pages/rr2426.aspx van Horne JC, ‘Of Financial Innovations and Excesses’ (1985) 40 Journal of Finance 621 van Loo R, ‘Making Innovation More Competitive: The Case of Fintech’ (2018) 65 UCLA Law Review 232 Vercelli A, ‘Financialization in a Long-Run Perspective’ (2013) 42 International Journal of Political Economy 19 Vermeule A, ‘Local and Global Knowledge in the Administrative State’ in David Dyzenhaus and Thomas Poole (eds), Law, Liberty and State (Cambridge University Press 2013) Vermeulen EPM and Kaal WA, ‘How to Regulate Disruptive Innovation: From Facts to Data’ 57 Jurimetrics: The Journal of Law, Science, and Technology 169 Vigna P, ‘Fake Walmart News Release Spurs Spike in Little-Used Cryptocurrency Litecoin’ Wall Street Journal (13 September 2021) https://www.wsj.com/ articles/walmart-says-litecoin-partnership-news-release-is-fake-11631545453, accessed 19 October 2021 Vives X, Competition and Stability in Banking: The Role of Regulation and Competition Policy (Princeton University Press 2016) ———, ‘Digital Disruption in Banking’ (2019) 11 Annual Review of Financial Economics 243 Walch A, ‘Deconstructing “Decentralization”’ in Chris Brummer (ed), Cryptoassets: Legal, Regulatory, and Monetary Perspectives (1st edition, Oxford University Press 2019) Walker L, ‘The End of the New Deal and the Federal Rules of Civil Procedure’ (1997) 82 Iowa Law Review 1269 Walker T and Morris L, The Handbook of Banking Technology (Wiley 2021) Waters R, ‘What Did Silicon Valley’s Crypto Bubble Create?’ Financial Times (31 December 2020) https://www.ft.com/content/e846c8f6-6ff0-4e2f-a95f-f32 043558315, accessed 19 October 2021 ———, ‘Musk Says Tesla No Longer Plans to Accept Payment in Bitcoin’ Financial Times (13 May 2021) https://www.ft.com/content/052853fa-98164624-8dd3-6321c01ac875, accessed 19 October 2021 Weber R, ‘New Governance, Financial Regulation, and Challenges to Legitimacy: The Example of the Internal Models Approach to Capital Adequacy Regulation’ (2010) 62 Administrative Law Review 783 Weber RH, ‘Regtech as a New Legal Challenge’ (2017) 46 Journal of Financial Transformation 10 Weber-Rey D, ‘Latest Developments in European Corporate Governance in Light of Better Regulation Efforts’ in Stephen Weatherill (ed), Better Regulation (Hart Publishing 2007) http://www.bloomsburycollections.com/book/ better-regulation, accessed 7 July 2022

428

BIBLIOGRAPHY

Wehn U and Montalvo C, ‘Exploring the Dynamics of Water Innovation: Foundations for Water Innovation Studies’ (2018) 171 The Dynamics of Water Innovation S1 Whitehead CK, ‘Size Matters: Commercial Banks and the Capital Market’ (2015) 76 Ohio State Law Journal 765 Wishnik DA, ‘Reengineering Financial Market Infrastructure’ (2021) 105 Minnesota Law Review 2379 Withers I and Jones H, ‘For Bank Regulators, Tech Giants Are Now Too Big to Fail’ Reuters (20 August 2021) https://www.reuters.com/world/thegreat-reboot/bank-regulators-tech-giants-are-now-too-big-fail-2021-08-20/, accessed 27 October 2021 World Bank, ‘Why Decentralised Finance (DeFi) Matters and the Policy Implications’ (OECD 2022) World Bank Group, ‘From Spreadsheets to Suptech Technology Solutions for Market Conduct Supervision’ (World Bank 2018) ———, ‘Global Experiences from Regulatory Sandboxes’ (World Bank 2020) ———, ‘How Regulators Respond to Fintech Evaluating the Different Approaches—Sandboxes and Beyond’ (World Bank 2020) World Economic Forum, ‘The Future of Financial Services How Disruptive Innovations Are Reshaping the Way Financial Services Are Structured, Provisioned and Consumed’ (2015) http://www3.weforum.org/docs/WEF_The_future_ _of_financial_services.pdf ———, ‘Beyond Fintech: A Pragmatic Assessment of Disruptive Potential in Financial Services’ (WEF 2017) ———, ‘The New Physics of Financial Services—Understanding How Artificial Intelligence Is Transforming the Financial Ecosystem’ (WEF 2018) Wyman O, ‘Managing Complexity—The State of the Financial Services Industry 2015’ (2015) Wymeersch E, ‘Objectives of Financial Regulation and Their Implementation in the European Union’ in Veerle Colaert, Danny Busch and Thomas Incalza (eds), European Financial Regulation Levelling the Cross-Sectoral Playing Field (Bloomsbury Hart Publishing 2019) Wymeersch E, ‘The Future of Financial Regulation and Supervision in Europe’ (2005) 42 Common Market Law Review 987 Wymeersch E, Hopt KJ and Ferrarini G (eds), Financial Regulation and Supervision: A Post-Crisis Analysis (1st edition, Oxford University Press 2012) Yadav Y, ‘Oversight Failure in Securities Markets’ (2019) 104 Cornell Law Review 101 ———, ‘Fintech and International Financial Regulation’ (2020) 53 Vanderbilt Journal of Transnational Law 1109 Yadav Y and Brummer CJ, ‘Fintech and the Innovation Trilemma’ (2019) 107 Georgetown Law Journal 235

BIBLIOGRAPHY

429

Yang AY-P and Tsang C-Y, ‘RegTech and the New Era of Financial Regulators: Envisaging More Public-Private Partnership Models of Financial Regulators’ (2018) 21 University of Pennsylvania Journal of Business Law 354 Yellen JL, ‘A Painfully Slow Recovery for America’s Workers: Causes, Implications, and the Federal Reserve’s Response’ (2013) Speech at the ‘A Trans-Atlantic Agenda for Shared Prosperity’ Conference https://www.federa lreserve.gov/newsevents/speech/yellen20130211a.htm, accessed 7 July 2022 Yudkowsky E, ‘Artificial Intelligence as a Positive and Negative Factor in Global Risk’ in Nick Bostrom, Milan M Cirkovic and Martin J Rees (eds), Global Catastrophic Risks (Oxford University Press 2008) Yuen A, ‘Regtech in the Smart Banking Era—A Supervisor’s Perspective’ (Hong Kong Monetary Authority 2018) Regulatory Keynote Speech www.hkma.gov. hk/eng/news-and-media/speeches/2018/09/20180927-2/, accessed 23 October 2021 Zachariadis M and Ozcan P, ‘The API Economy and Digital Transformation in Financial Services: The Case of Open Banking’ (2017) Zavolokina L, Dolata M and Schwabe G, ‘FinTech—What’s in a Name?’ (2016) Zetzsche DA and others, ‘Regulating a Revolution: From Regulatory Sandboxes to Smart Regulation’ (2017) 31 Fordham Journal for Corporate & Financial Law 31 Zetzsche DA and others, ‘From Fintech to Techfin: The Regulatory Challenges of Data-Driven Finance’ (2018) 14 New York University Journal of Law & Business 393 Zetzsche DA and others, ‘The ICO Gold Rush: It’s a Scam, It’s a Bubble, It’s a Super Challenge for Regulators’ (2019) 60 267 ———, ‘The Future of Data-Driven Finance and RegTech: Lessons from EU Big Bang II’ (2019) ———, ‘Regulating Artificial Intelligence in Finance: Putting the Human in the Loop’ (2020) Zetzsche DA, Arner DW and Buckley RP, ‘Fintech Toolkit: Smart Regulatory and Market Approaches to Financial Technology Innovation’ (Deutsche Gesellschaft für Internationale Zusammenarbeit 2020) Zetzsche DA, Arner DW and Buckley RP, ‘Decentralized Finance’ (2020) 6 Journal of Financial Regulation 172 Zetzsche DA, Woxholth J, ‘The DLT Sandbox Under the Pilot-Regulation’ (2022) 17 Capital Markets Law Journal 212. Zhang L and Chen S, ‘China’s Digital Economy Opportunities and Risks’ (International Monetary Fund 2019) WP/19/16 Zhou W, Arner DW and Buckley RP, ‘Overseas Law: China’s Regulation of Digital Financial Services: Some Recent Developments’ (2016) 90 Australian Law Journal 297. Figures created with BioRender.com.

Index

A accountability, 243, 269, 331 algorithms, 112, 153, 156, 158, 168, 170–177, 179, 180, 182–186, 190, 194–198, 203, 208, 210, 216, 217, 221, 233, 239, 243, 259, 261–264, 347, 354, 360, 370, 383–385 Alibaba, 141 Alipay, 122 alternative lending, 124 Amazon, 141, 145, 206 API, 130, 165, 182, 183, 197, 301, 320–323, 325, 338, 341, 342, 350, 356, 391, 392 API architecture, 320, 322, 324, 325, 340, 341, 343, 345, 348, 352, 356 Apple, 141, 206 ApplePay, 121 architecture of financial regulation, 34, 43, 213, 338

As-a-service business models, 130, 132, 183, 384 asset management, 15, 127, 139, 148, 172, 180, 181, 191 ATMs, 81 Atom Bank, 147 automation application of AI, 169 of back-office activity, 173 of decision-making, 196, 198 of front-office activity, 170

B bank capital requirements, 117 Banking-as-a-platform, 129 Banking-as-a-service, 133, 134 Bank of England, 50, 322, 326 banks, 14–16, 25, 28, 95, 106, 116, 117, 121, 126, 129, 140, 144, 146–148, 159, 160, 174, 180, 204, 239, 240, 268, 291, 320, 327, 341

© The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG 2023 C. Ruof, Regulating Financial Innovation, EBI Studies in Banking and Capital Markets Law, https://doi.org/10.1007/978-3-031-32971-5

431

432

INDEX

Basel Committee on Banking Supervision (BCBS), 35, 107, 239, 291 Basel I and II capital requirements, 95 Basel II Capital Accords, 239 Basel III capital requirements, 116 BBVA, 148 bigtech, 140–145, 161, 162, 176, 181, 189, 202, 205, 206, 211, 220, 348, 368–370, 382, 385 Bitcoin, 2, 123, 167 black box problem, 198, 388 BlockFi, 127 Boston Fintech Sandbox, 315 broad-purpose sandbox, 354 Bunq, 147

C Cambridge Centre for Alternative Finance (CCAF), 212 capital raising innovations, 124, 126 fintech applications, 6, 109, 121 Chicago School of Law and Economics, 18 China bigtechs, 141, 142 deposit, lending and capital raising services, 124 fintech platform financing, 147 outsourcing activity, 159 Citigroup, 51, 106 cloud services, 110, 132, 144, 161, 215, 371 collaboration, 135, 149, 223, 224, 226, 244, 249, 267, 277, 279, 280, 283, 287, 290, 292, 293, 301, 312, 326, 333, 338, 342, 345, 352, 355–357, 359, 364, 371, 372, 391, 393, 394 Collateralized Loan Obligations (CLOs), 5

competition, 26, 29, 31–33, 40, 41, 45, 104, 111, 135, 148, 149, 176, 204, 231, 272, 279–281, 285, 298, 309, 360, 369, 377, 389, 393 ’completing’, 5 competitive distortions, 24 complexity in financial sector opaque market structures, 188 speed-induced, 196 technological sophistication and specialization, 191 compliance paradox, 277 compliance system, 76, 174, 276, 280 conduct regulation, 45 contractual savings institutions, 14, 15 COVID-19 pandemic, 2, 111, 113, 150, 177, 301, 318 creative destruction, 71, 151, 377 credit cards, 81, 91 crises-driven regulation, 63 crowdfunding, 2, 126, 199 cryptocurrencies, 106, 123, 126, 127, 167, 171, 193 cryptography, 2, 192, 384 customer expectations, 112, 113 cyber risks, 371

D datafication, 7, 177–179, 183, 184, 186, 210, 221 three V’s, 178 data management, 132, 144, 317, 318 data services, 144 decentralization of activities, 156, 162 experimentation and, 248, 324, 338 information-gathering/processing, 241–243 participation and, 219, 253, 270, 279

INDEX

players, 157, 167, 190 in practice, 245 principle, 7, 242, 315 technology for, 166, 167 decentralized finance (DeFi), 126, 167 decentralized payment schemes, 123, 194 decision-making process, 176, 235, 269 delegation, 34, 35, 175, 189, 263 demand-driven innovation, 91 demand factors, 113 depository institutions (banks), 14 deposits, 81, 127 fintech applications, 109 Diem, 143 digital disruption, 382 digital finance, 2 digitalization, 92, 113, 148, 197, 340, 369, 370 digital payments services, 2, 14, 126, 133, 139, 162, 357, 358 Digital Sandbox, 301, 302, 306, 309, 350, 351, 390 direct finance, 5, 10, 11, 16, 158 Distributed Ledger Technology (DLT), 298 distributors, 162–164

E efficiency, 12, 23, 26, 29, 31, 32, 39, 59, 75, 86, 91, 93, 114, 119, 175, 198, 211, 242, 244, 266, 279, 317, 320, 322, 324, 343, 383 Efficient Capital Market Hypothesis (ECMH), 12, 27 electronic data warehouse (EDW), 323 entry regulation, 45

433

Environmental Protection Agency (EPA), 75 EU Blockchain Observatory and Forum, 291 European Forum for Innovation Facilitators (EFIF), 290 EU rulemaking process, 234 ex-ante information asymmetry, 13, 26, 40, 45, 60, 65, 84, 229, 250, 256, 257, 362 experimentalism beneficial effects, 232 in practice, 233 as stimulus for information production, 231 experimentation spaces, 335, 340–342, 344, 352, 359, 360, 392 supporting environment, 276 ex-post information asymmetry, 13, 26, 40, 65, 84, 257, 331, 360, 362

F Facebook, 141, 143, 206 FCA regulatory sandbox, 283, 300, 306, 311 admission criterion, 349 Fidor, 124, 147 financial advice market support and infrastructure services, 6, 121, 381 robo advice, 2, 127, 128, 172, 191, 199 use of AI and Big Data, 128 Financial Industry Regulatory Agency (FINRA), 246 financial innovation assessment, 6 beneficial impact of, 83 categories, 137, 379

434

INDEX

characteristics, 80, 88, 90, 100, 104, 105, 379, 380 demand-driven, 91 diffusion rate of, 89 distinct nature of, 88 drivers of, 91 dynamics, 97 good and bad, 83 history, 92, 119, 379, 381 implications, 80, 97 incentive of financial institutions, 93 incremental, 85, 86 industry perspective, 62 information deficit and, 70, 97 pacing problem, 101, 378 process, 80, 84, 86, 96 product, 86 radical, 85, 86 in radical sense, 71 regulation and, 9, 69, 79, 97, 115 regulator perspective, 6, 84 role and meaning, 70 supply-driven, 92 trajectory, 108, 119, 120, 380, 381 financial intermediaries categories, 137, 379 service provided by, 13 size of, 14 financial market(s), 9, 10, 12, 13, 16, 26–28, 31, 50, 53, 55–57, 62, 66, 67, 81, 89, 99, 107, 114, 120, 201, 209, 246, 361, 369, 376, 380 financial regulator cultural imperatives, 361 discretions, 393 resource requirements, 51 structural changes, 360 Financial Services Agency (FSA), 258 financial services ecosystem originator and distributor level in, 164

Financial Services Technology Consortium, 106 financial shifts algorithmic finance, 175 data-induced shift, 183 qualitative, 175, 177, 178 structural shifts, 4, 137, 149, 153, 155, 177, 186, 212, 271, 325, 342, 382, 384 financial stability, 27, 29–33, 37, 103, 115, 143, 209, 211, 224, 267, 279, 284, 306, 309, 322, 360, 373 Financial Stability Board, 107 financial system, overview allocation of capital, 23, 345 core economic function, 10 role of intermediation, 13 well-functioning, 10 fintech applications, 1, 5, 7, 9, 107, 111, 120, 124, 154, 186, 187, 213, 381, 383, 386 asset management and financial advice, 127 categories, 121, 390 in China, 213 consumer’s perspective, 158, 183 current regulatory approaches, 386, 389 definition and meaning, 107 demand-side drivers, 112 deposit, lending and capital raising services, 124 distinctive features of, 137 functional perspective, 381 New Governance approaches, 225, 228 opaque market structures and, 188 pace of innovation, 6, 106, 150, 382

INDEX

payments, clearing and settlement services, 6, 109, 121 shifts associated with, 3, 187, 385 start-ups, 150, 192, 276, 286, 292, 315, 325 structural shifts, 4, 137, 155, 382 supply-side drivers, 110 technological sophistication and specialization, 191 Fintech Forum, 290 Fintech Knowledge Hub, 291 fintech regulation as driver, 109, 112, 115, 119 regulatory failures, 216 regulatory implications, 212 fintech sandboxes, 8, 296, 297, 390 flexibility, 145, 146, 220, 249, 250, 253–256, 265, 276, 277, 279, 280, 298, 299, 305, 313, 316, 323, 331, 338, 349, 352, 387, 390 risks and challenges, 8, 265 use of principles, 8 fourth industrial revolution, 177 fourth parties, 145, 159, 165, 208, 217 fragmentation, 156, 157, 163, 165, 221, 235, 236, 385 G Global Financial Innovation Network (GFIN), 302 Google, 141 Great Financial Crisis (GFC), 2, 3, 28, 30, 31, 36–38, 40, 67, 83, 95, 99, 106, 107, 114, 115, 127, 135, 139, 202, 228, 246, 247, 258, 284, 362, 378, 381, 382, 389 Great Financial Crisis of 2008, 3, 82, 139 Greensill Capital, 4

435

H Hayek, F.A., 21, 28, 48 Hayekian philosophy, 21 high-level principles, 4, 7, 8, 239, 329 hub-and-spoke model, 230 I incremental innovation, 85 incumbent financial institutions, 114, 132, 143, 148, 182, 205, 382 indirect finance, 5, 10, 11, 13, 15, 16, 158 industry sandboxes, 283, 297, 352, 356, 360 informational efficiency, 31 informational failure, 3, 4, 47, 208 informational lag, 48, 98, 305 information asymmetries, 24–26, 29, 91, 114, 228, 348 information challenge in financial regulation collection and processing of information, 50, 187 complexity issues, 53 effect of innovation and technology, 88 information deficit, 97 information gap, 47 in-house production, 58 interconnectedness, 56 Knightian uncertainty, 47, 52, 187, 200, 209, 210, 229 local information, 59, 241 opacity of sector, 56 reflexive relationship between regulation and regulated actors, 56, 376 for regulators, 217 unknown information, 47, 50, 187, 221 information costs, 48, 49, 53–55, 57, 94, 99, 188, 191, 192, 194, 196,

436

INDEX

197, 199, 200, 206, 210, 216, 221, 241, 243, 244, 252, 376, 377, 379, 384, 385 information deficit, 6, 7, 44–47, 50, 52–54, 56, 57, 59, 60, 70, 80, 97–100, 102, 154, 195, 206, 219, 233, 376, 377, 379, 386 under fintech, 108, 187, 200 information equalizer, 280, 344 information gap, 2, 3, 6, 43, 47–49, 55, 57, 59, 94, 99, 187, 200–203, 205–207, 210, 211, 217, 219–222, 225, 228, 231, 235, 237, 240–243, 245, 248, 256, 265, 267, 278, 281, 283–285, 287, 288, 292–294, 296, 299, 306, 311, 312, 319, 336, 338, 343, 346, 359, 368, 369, 376, 377, 385–387, 391, 394 information-gathering or monitoring, 20 information problem, 3–5, 22, 43, 61, 153, 187, 231, 283, 368, 375 information processing capacity, 46, 49, 54, 55, 57, 99, 200, 203, 205, 242, 376, 385 infrastructure services, 6, 121, 129, 144, 381 infrastructure suptech API architecture and real-time monitoring, 320 data pull approach, 323 machine-readable and executable regulation (MRER), 283, 319, 325, 327, 336, 359 initial coin offerings (ICO), 118, 199 innovation pace of, 7, 90, 91, 93, 97, 98, 105, 106, 149–152, 196, 220, 251, 379, 382

innovation hubs, 8, 283, 285–298, 300, 304–306, 315, 336, 364, 390, 392 innovation hubs/facilitators assessment, 292 EU, 283, 288 objective of, 286 participation, 288 relationship between regulator and industry, 285 investment intermediaries, 14 investor protection, 29, 30, 32, 33, 118

J JPM Coin, 123

K Knight, Frank, 52, 53 Knightian uncertainty, 43, 47, 52, 53, 100, 187, 200, 209, 210, 229, 233, 359, 376, 377, 379, 385 know your customer (KYC) requirements, 136

L Lamfalussy process, 234 learning, 2, 169, 175, 221, 229–231, 233, 248, 265, 272, 286, 295, 297, 305–308, 310, 316, 329, 336, 342, 346, 349, 354, 361, 367, 387, 394 lending, 10, 13, 124, 126, 127, 148, 157, 180, 383 alternative, 124 fintech applications, 6, 109, 121 lending markets, 116, 117 loan-based crowdfunders, 125 loophole mining, 94 low barriers to entry, 32, 190

INDEX

M machine learning (ML), 2, 128, 169, 221, 310, 354 based algorithms, 175 machine-readable and executable regulation (MRER) burden of implementing and interpreting a regulation, 327 regulatory powers, 331 regulatory reporting, 330, 331 risks and limitations, 328 scope of application, 331 machine regulatory failure, 263 macroprudential information, 233 macroprudential regulation, 45 Mambu, 134 market failure(s), 18, 22–24, 26–30, 32, 38, 60, 61, 66, 187, 279 marketplace lenders, 111, 125 market power, 24, 26 market structure, 88, 120, 155, 163, 188, 200, 207, 210, 381 market support and infrastructure services, 6, 121, 129 microprudential regulation, 45, 98, 262 microservices, 133, 147, 357 Microsoft, 141, 145, 206 Money Market Fund, 14, 199 Monzo, 146

N N26, 124, 147 natural language processing (NLP), 136, 174 negative externalities, 24, 25, 89 neo-banks, 124, 132, 133, 145–147, 149, 160, 162, 190, 348, 382 Netherlands Bank (DNB), 322

437

O Open Banking initiatives, 165, 197 Orange Bank, 142 originators, 162–164 outsourcing, 132, 140, 145, 158, 159, 161, 173, 175, 176, 186, 189, 210, 215, 218, 221, 242, 243, 245, 246, 279, 357, 383, 386, 389, 390, 392 P pacing problem, 77, 101, 378 participation participants, 242, 248 in practice, 239 principal idea behind, 235 production of information, 192, 219, 228, 236, 248, 305, 306, 332, 338, 345, 352, 358, 359, 386, 392 payment systems back-end services, 169 in closed-loop system, 122 decentralised, 194 digital payments services, 2 fintech payment innovation, 199 front-end services, 169 retail payments sector, 121 PayPal, 121, 123, 139 peer-to-peer (P2P) lenders, 125 penalties, 275 Philippian Central Bank (Bangko Sentral ng Pilipinas (BSP)), 320 platform-based API architecture, 345 platform-based regulatory approach, 8, 335 principles in practice, 258 principles-based regulation, 40, 258, 259, 263, 267, 270, 280, 299, 305, 389 process innovation, 86

438

INDEX

product innovation, 86, 90 Project Innovate, 300, 303 prudential regulation, 330 public interest groups, 238 public interest theory, 18, 24, 60 Public-Private-Partnership (PPP) forms of regulation, 7, 223, 224 incentives in, 274 punishments, 275 R radical innovation, 85 Regtech, 114, 118, 119, 129, 135–137, 317–320, 326, 340, 342, 349, 370, 392 regulation behaviour modification, 20 definition, 17 fundamental pillars, 20 information-gathering or monitoring, 20 requirement of standard-setting, 20 regulation of financial markets allocation of, 34 balancing act of trade-offs, 34 of competition, 31 complete, 329 conduct, 45, 78 crises-driven, 63 as driver of financial innovation, 94, 115, 379 efficiency, 31, 75, 343 entry, 45 for financial (and systemic) stability, 30 Fintech Law, 214 goals and objectives of, 28 impact of irrationalities, 27 of information, 3, 5, 20 information challenge in, 44 principles-based, 258, 259, 263, 267, 270, 280, 299, 305, 389

for promoting market efficiency and competition, 31 protection of investors, 29 prudential, 266, 330 reasons, 9, 22, 23 regulatory capture, 61 regulatory failures and, 43, 60 regulatory forbearance, 65 regulatory goals, 32 regulatory responses to fintech, 223, 243, 283, 284, 368 risks and limitations, 368 rules-based, 331 self-regulation, 38, 227, 245 styles/modes of, 37 regulatory arbitrage, 74, 75, 86, 94–96, 98, 100, 102, 104, 117–119, 216–218, 251, 254, 264, 293, 328, 332, 368, 378, 379, 381, 386, 388 regulatory capture, 61, 98, 216, 217, 238, 240, 247, 264, 266, 268, 269, 271, 279, 294, 325, 372, 373, 386, 388, 389 regulatory creep, 256 regulatory dialectic, 69, 72, 73, 77, 94, 97, 99–101, 104, 119, 328, 368, 378–381 regulatory failures, 37, 46, 216, 278 regulatory forbearance, 65, 265 regulatory innovations, 4, 355 regulatory instability, 104 regulatory labs, 335, 356 regulatory mismatch, 3, 46, 53, 69, 77, 85, 98, 102, 153, 155, 187, 220, 222, 230, 249, 254, 278, 281, 306, 312, 313, 319, 332, 345, 359, 366, 368, 373, 376, 378, 385, 391, 393, 394 regulatory objectives, 22, 23, 28, 31, 34, 36, 46, 60, 61, 88, 102, 104,

INDEX

211, 222, 248, 252, 274, 275, 278, 279, 306 regulatory resources, 278, 312, 319, 324, 332, 347, 391 regulatory sandboxes assessment, 304 experimentation space, 299 FCA’s model, 283, 296, 300–302, 304, 311, 314, 390 flexibility, 305, 316 goal, 297 informational perspective, 304 optimizing, 346 primary purpose, 297 procedure in, 298 risk of capture, 351 scope, 309, 348, 349 regulatory spaces, 273, 352, 365 regulatory tools, 248, 307, 335, 345 specialized and thematic experimentation spaces, 352 regulatory uncertainty, 265, 277, 278, 286, 339, 389 resources, 27, 49–51, 55, 62, 64, 78, 103, 131, 141, 151, 172, 203, 205–207, 219, 224, 242, 245, 248, 258, 259, 262, 263, 265, 269–271, 273, 274, 279, 306, 311, 315, 316, 319, 324, 342, 343, 347, 357, 360, 362, 364, 366, 372, 376, 385, 387–389, 393 returns, 12, 51, 92, 377, 392 ‘revolving door’ phenomenon, 62 rigidness, 250 risk management, 14 robo advisors, 2, 127, 128, 191, 199 rules-based regulatory regimes, 39 Rwandan central bank (BNR), 323, 324, 336

439

S Sabel, Charles, 230 scalability, 315, 316 Schumpeter, Joseph, 71, 72, 90, 377 secondary markets, 11, 88, 126, 199, 208, 209, 385 securitization, 15, 81, 84, 199, 202 self-regulatory organizations (SROs), 246, 247 service-oriented architecture, 130, 165 social costs, 19, 60, 74, 75 software platforms, 130 Solaris Bank, 134 South Sea Bubble, 82 specialized sandboxes, 352, 354, 355 Stigler, George, 60 stock exchanges, 80, 246 structural shifts, 4, 137, 149, 153, 155, 177, 186, 212, 271, 325, 342, 382, 384 subscription-based business models, 191, 197 supervisory technology (Suptech), 317 supply-driven innovation, 92 suptech, 8, 212, 283, 291, 295, 317–320, 325, 326, 331, 335, 336, 340, 342, 343, 345, 349, 353, 360, 370, 372, 390–392 systemically important financial institutions (SIFIs), 215 systemic information, 51, 52, 58, 59, 201, 208, 221, 222, 236, 238, 239, 245, 263, 270, 279, 308, 309, 316, 319, 323, 340, 343, 367, 377, 385, 389, 390 systemic risk, 3, 4, 25, 26, 30, 31, 34, 45, 84, 208, 367 T techfins, 140–143 technologization, 202, 220, 260, 263, 317, 340, 388

440

INDEX

human involvement, 340 need for, 259 technology-based innovation, 108 TechSprint, 326 Tencent, 141 thematic sandboxes, 352, 355, 356, 393 third-party providers (TPP), 131, 132, 135, 144, 145, 147, 160, 161, 164, 168, 189, 208, 211, 243, 289, 323, 383 functions, 145, 159, 173, 322 provisions of digital services, 144 Toronto Centre for Global Leadership in Financial Supervision, 365 transparency, 56, 269, 278, 288, 289, 306, 309, 342, 347, 372 tripartism, 238

U umbrella sandbox, 314, 316, 390, 393

unknown information, 43, 47, 50, 52, 99, 103, 187, 200, 206, 208, 210, 221, 222, 359, 376, 377 V variety of data, 125 Varo Money, 124, 147 velocity of data processing, 178, 182, 384 Vodafone, 141 Volcker, Paul, 83 volume of data, 55, 178, 320 W WeBank, 124, 147 white label banking (WLB), 133, 164, 342, 356 Wirecard, 4 Z Zeta, 134