Financial technology firms have been demonstrating efficiency and convenience for investors and customers over the last five years. Their ability to offer the same banking and financial services while being less costly and less complex than well-established financial institutions has put them in the regulatory spotlight. From one perspective, if fintech firms could undoubtedly open a new era for the financial sector, from another, the systemic and financial risks which this innovation could unveil are not completely transparente. Therefore, national regulators are attempting to build a solid framework to guarantee the safety and soundness of the system, but also they want to ensure the customers' and businesses' protection.
Learning from other countries
There are no international regulations which can apply to fintech companies, so national policymakers are in charge of establishing appropriate rules to prevent any violations. Underlying this, the term "regulations" does not mean simply the set of rules which apply to the existing company, but it also implies the numerous rules related to the licensing of the companies and their compliance. These standards are not supposed to hold the companies' growth down, but they rather are instruments to guarantee market fairness and to prevent the risk of market failure. Moreover, appropiate regulations may be the underpinning of confidence and innovation in fintech sector in the long run.
Basically, two different kinds of policies which can achieve different outcomes exist. Some national authorities have chosen to regulate fintech companies through preexisting frameworks. This mean using the same set of rules previously applied to all financial and banking institutions. Other authorities have preferred introducing specific and tailored regulations for fintech companies with the aim of adapting the system to the particular needs of the sector and of stimulating the growth of these companies.
In some countries, fintech lending platforms are regulated by the same rules for investor protection, risk management and capital requirements as other financial service intermediaries are.
For instance, Germany does not have specific regulations for fintech credit platforms. In other words, a fintech credit company must be granted a banking license to pursue a credit activity; however, it must ascertain what type of service the business is providing to verify if the business offer might qualify as a regulated activity under general German financial regulatory laws. The German Banking Act provides for a licensing requirement for banking activities and investment services; for example, in Germany fintech credit platforms are subject to a licensing requirement under the German Payment Service Supervisory Act, and the management of investment fund is regulated under the German Capital Investment Code.
As in Germany, the Netherlands does not have specific regulations for fintech companies. In the Netherlands, a fintech credit platform must obtain a regular license for credit activity from the Dutch Central Bank ("DNB") and the Netherlands Authority for the Financial Markets ("AFM") before providing credit to customers. However, there are some exemptions to this principal rule. In fact, the level of scrutiny is based on specific activity carried out by the fintech entity. For instance, financial services which are established outside of the Netherlands are considered not to be offered in the country unless the product are offered on the initiative of the provider. Therefore, in this last case, the proper Dutch regulator should release any prior authorization.
Several authorities have created specific and tailored regulations for fintech companies by introducing new licenses for fintech platforms. For instance, one of the most customized and effective one is in Switzerland. The national policymakers have introduced a new licensing category for fintech companies. This regulation would give the Swiss Financial Market Supervisory Authority ("FINMA") the chance to analyze the fintech platforms individually and to tailor the appropriate regulation according to the activity they pursue.
Based on the specific business model, the regulatory authority can request a license for the company or in other cases, the fintech company must simply fulfill some requirements to operate in the market. In other words, there is a case-by-case control which allows Switzerland to have a more flexible and efficient system where the individual financial market laws provide for de minimis and other exemptions that can potentially be relevant for fintech operators depending on the type and scale of their activities.
A different analysis is necessary for China. China represents one of the most attractive markets for the fintech business; however fintech regulations are extremely strict. The core of the regulatory framework is represented by the Guiding Opinions on Promoting the Sound Development of Internet Finance and the Provisional Rules for the Administration of the Business Activities of Online Lending Information Intermediary Institutions, respectively were amended by the People's Bank of China and the China Banking Regulatory Commission (CBRC) with the assistnace of other authorities. However, there is something unusual characterizing the Chinese approach in the way it conceives fintech credit platforms as being essentially information intermediaries rather than credit intermediaries.
Therefore, whatever the fintech activity or product, all businesses are regulated by the releant financial industry authorities and licenses are required. Additionally, various requirements should be fulfilled based on the business conducted. That is, individual online lending institutions will maintain their status as information intermediaries which mainly provide an information service to the lenders and borrowers, and will not provide credit enhancement services or conduct illegal fundraising. Equity crowdfunding must be carried out via equity crowdfunding intermediary platforms. Finally, fintech credit platforms are also required to deposit client funds with a third party, for example a bank, and these entities are encouraged to strengthen disclosures and to improve risk monitoring and management.
Some jurisdictions, such as United Kingdom, Australia and Singapore have introduced a different kind of approach to regulate fintech service providers. Using the innovative approach dubbed "regulatory sandbox", fintech providers offer their products or services to a limited group of customers to minimize the risks, allowing them to test the market without any risk or regulatory sanctions. The national authority release a "non-action letter" stating the suspension fo the rules for a period of time. When the fintech provider is established, it must quit the sandbox and it should embrace the general regulatory system. This buffer zone allows the proper time for the fintech providers to set up the business and to accomplish the regulatory system at the same time without any sanctions.
An indipendent analysis is essential for the American system, not only due to the country's dual banking (federal and state) systems characterizing the nation but also due to the tremendous number of regulators that America has and the challenges that are implied.
Fintech providers in the United States are not subject to a fintech-specific regulatory framework. However, fintech providers are subjected to numerous and fragmented federal and state licensing or registration requirements depending on the activities of the company, and are also subject to laws and regulations at both the federal and state levels. This has led to a widespread fear for fintech companies which may be restrained by the heavy and myriad regulations imposed by federal and state regulators. Such complexity has appeared as an obstacle to the expansion and growth of the entire sector because it may subject fintech companies, looking to expand their business across the U.S., to regulation and supervision by the laws and regulations of different regulators. This mean that for each state in which providers offer their services depending on the numeber of states and licenses that are required, a fintech company would sustain an extensive burden as each state has its own distinct set of rules and regulations.
To provide an idea of what this means, just on the federal level, the Consumer Financial Protection Bureau (CFPB) has jurisdiction over providers of financial services to consumers. Therefore, the CFPB has the power to enforce numerous consumer protection laws (such as consumer lending laws and anti-discrimination laws) that apply to the activities of financial companies. However, fintech providers might carry on such activities in other jurisdictions, in which the SEC or the Commodity Future Trading Commission (CFTC) have jurisdiction. In these areas certain fintech providers should register with such agencies and become subject to their power. Finally, fintech companies may also be required to register with the U.S. Department of Treasury's Financial Crimes Enforcement Network (FinCEN) and thus, must comply with the Bank Secrecy Act and other anti-money laundering laws and regulations.
In the United States this deadlock has resulted in the Office of the Comptroller of the Currency's (OCC), the primary federal bank regulator for national banks, having to manage this intricate situation in 2017. The OCC has decided that it will grant licenses for applications for a special purpose national bank (SPNB) charter to financial technology companies that engage in banking activities. The purpose of an SPNB charter is to create a framework of uniform standards and supervision for fintech companies that qualify. This framework will assist fintech companies to ensure that they operate under federal charters, conduct business in a safe and sound manner; the charter would sustain the dual banking system by providing fintech companies the option of offering banking products and services under a federal charter and operating under federal law, while ensuring essential consumer protections; the charter will enhance the financial system by including fintech companies in the national banking system and by promoting growth, modernization, and competition among them. Moreover, the OCC published an advanced notice of proposed rulemaking on enhanced cyber risk management standards, which would apply to any fintech company that obtains a special purpose national bank charter from the national agency.
However, this venture has clashed with the states' concerns; they prefer holding onto this power. On May 12th, the Department of Financial Services (DFS) file a lawsuit in the New York Federal Court challenging the OCC's decision to grant the special purpose charter to fintech companies subject to New York law. The DSF is seeking to stop the OCC's action to grant the national charter asserting that state regulators are more experienced and better equipped to regulate fintech providers. According to the DFS, the OCC is not authorized and equipped to grant this charter, so the OCC could put consumers at a greater risk of exploitation by newly federally chartered entities trying to be insulated from New York's strong consumer protection. Behind that there is something more. The states would maintain their authority on granting fintech license because it would strenght their position such as legislators, but mainly for the chance to compete in offering more flexible and effective regulations than other states.
The challenges ahead are multiple. Fintech regulation will be one of the primary concerns for policymakers. However, a balanced regulatory system is the only way to guarantee that every fintech company has the appropriate risk management systems to address all relevant risks in the business. The structure, sophistication, and oversight of regulatory systems should be commensurate with the complexity and volume of risk a company assumes. Thus, an appropriate regulatory framework would enhance business in a safe and sound manner while effectively serving the needs of consumers, businesses and communities.