Fintech regulation sometimes struggles to provide consumer protection, data privacy, and stability without hampering innovation.
After reading this, you'll understand:
Regulators often take one of three approaches with fintech: active (collaborative), passive (disinterested), and restrictive (hitting the brakes).
Global agencies are using regulatory sandboxes — frameworks that let fintech companies conduct live, supervised experiments.
The main goals of regulation include: consumer protection, data privacy, and stability.
The financial technology (fintech) ecosystem is growing rapidly. Thousands of fintech startups have launched in the past few years. Most of this innovation is led by non-bank entities without extensive knowledge of the traditional financial regulatory framework. Lightly regulated environments allow fintech companies to test and refine their unique business models. Indeed, regulators are struggling to keep up. Many fintech regulations are relatively new, and both sides are feeling their way along.
In this article, we'll discuss the types of fintech regulations, how regulation helps the fintech industry, and what the future may hold for fintech regulation.
Fintech is a complex and varied sector with startups emerging across the globe. Regulatory agencies seek to achieve several goals.
Consumer protection is one of the primary goals of fintech regulators. Financial institutions must conduct their business in a way that doesn't harm consumers. Consumer protection regulations exist to enforce consumer rights, compliance, and transparency. In the United States, the Consumer Financial Protection Bureau (CFPB) and the Federal Trade Commission (FTC) are the primary regulatory authorities for consumer relations with fintech companies.
The Gramm-Leach-Bliley Act of 1999 requires all financial institutions to inform their customers if they share their data with other entities. Businesses in the financial services industry must allow customers to opt out of data sharing to maintain regulatory compliance. Every fintech company must provide information about their privacy policy to each new customer and send updates at least once a year after that.
Fintech companies must treat all consumers fairly, regardless of race, religion, gender, or sexual orientation. These types of regulations enhance financial inclusion. Additionally, these companies often must provide consumers with ways to get their money back if they're affected by a mistake or fraud.
Fintech firms deal with consumers' personal and financial data, so they must take steps to protect this information. The FTC is responsible for making sure financial firms comply with data protection regulations, but the CFPB and other agencies play essential roles too. Financial regulations require every fintech business to protect personal and financial data and take proper steps toward robust cybersecurity measures.
Per section 1033 of the Dodd-Frank Act, financial firms must give their customers a way to access their financial records. Data protection regulations like this can be tricky to enforce when fintech companies collect data globally. Still, regulators worldwide have taken measures to protect their citizens when they use fintech products from other countries. For example, the European Union's General Data Protection Regulation states that EU customers' data may be processed only if the customer has given explicit consent, even if the organization is based outside of the EU.
Most financial regulators also require fintech entities to maintain reasonable security measures to protect consumer data. Fintech companies may face serious fines and penalties if data is mishandled. For example, Equifax was required to pay a $425 million settlement after a data breach that affected 147 million people.
Fintech companies often deal with large sums of money. The regulatory environment requires these entities to maintain financial stability to prevent consumer losses. These regulations exist to mitigate financial risks, direct fintech companies to meet the necessary capital requirements, and promote risk management and contingency planning practices.
The Collins Amendment section of the Dodd-Frank Act requires banking services to maintain a tier 1 capital-to-risk-weighted assets ratio of at least 4%. These assets include stock, retained earnings, and other assets that can easily be converted to currency. Fintech companies must have enough cash to meet their obligations when due. The Dodd-Frank Act also requires fintech companies to have a comprehensive risk management strategy.
Many fintech businesses are also subject to margin requirements. Per the Federal Reserve's Regulation T rules, fintech businesses handling securities transactions must require investors to deposit a certain amount of money when they buy securities on margin.
In most cases, fintech laws aim to protect consumers without hampering financial services and innovation. Still, the adoption of new technologies is growing exponentially, and regulatory issues could arise if lawmakers aren't cautious. Rita Mcgrath of the Harvard Business Review notes: "It took decades for the telephone to reach 50% of households, beginning before 1900. It took five years or less for cell phones to accomplish the same penetration in 1990."
Regulators across the globe often use one of three approaches when regulating fintech companies: active, passive, and restrictive.
Active regulation involves regulators working closely with fintech entities to help them maintain regulatory compliance and anticipate potential obstacles.
Federal regulators using a passive approach don't strive to help fintech companies succeed, but they don't try to prevent their success.
Some risk-averse regulatory bodies employ a restrictive approach to slow fintech growth.
Collaboration allows fintech companies and regulatory agencies to keep consumers safe without significantly slowing the pace of fintech innovation. In 2016, global regulatory agencies began using regulatory sandboxes — frameworks that let fintech companies conduct live experiments under the supervision of a regulatory agency. Per the World Bank, there were at least 73 regulatory sandboxes in at least 57 jurisdictions in 2020.
A collaborative approach is an ideal way for regulatory agencies to stop money laundering and other crimes while anticipating problems that could arise from emerging technologies, such as artificial intelligence.
Regulators worldwide are working hard to protect consumers using fintech products for financial transactions, stock purchases, cryptocurrency trading, and more. Still, regulators face numerous issues, such as a lack of global standards, difficulty keeping up with technological advancements, and balancing financial innovation and regulation.
Hedera is committed to supporting fintech startups while helping them maintain regulatory compliance. The Hedera Network's speed allows user requests to be logged in real-time. Hedera transactions are secured with advanced cryptography and can easily be verified and audited by third parties.
Companies building on the Hedera Network, such as Manetu, can take advantage of these benefits from the get-go. Per Manetu's CEO, Moiz Kohari, "We’ve created a self-service portal for consumers to come in and view, with permissions, exactly what information is held on them. With Hedera we’re able to take that to the next level and prove it on a public ledger, further enhancing trust."