It’s not easy regulating digital technology. The pace of digital transformation and the speed at which new products are brought to market can quickly render regulation outdated if it is not flexible and future-proofed. This can in turn lead to market uncertainty, a chill on investment and innovation and ultimately negative outcomes for consumers.
This phenomenon has been particularly apparent during COVID, where established institutions, as well as early adopters, have embraced digital solutions to make user access to financial services safer and more convenient.
Matt Peake, Global Director of Public Policy at Onfido shares his thoughts on how Fintech regulation needs to be future-proof and consistent across borders.
Consumers no longer expect to make face-to-face visits to a bank to confirm their identity when they open an account. They instead want to do this whenever and wherever they choose, without having to speak to anyone. The technology exists to allow them to do this quickly, safely and with maximum convenience using digital solutions, and they rightly expect to be able to make use of this. A recent Onfido and OKTA survey showed that these two criteria, safety and convenience, are key to consumer choices.
A regulatory patchwork
But here’s the problem. While in many countries users are able to take advantage of this type of solution, in others they are not. This is often due to a failure of regulators to keep up with technological advances, and national rules that preclude new solutions being used in the market, even when they have been proven to meet the highest standards of security and privacy.
This results in a patchwork of national and international rules, stymying the ability of providers to scale efficiently and hampering the ability of fintechs from adopting best-in-class onboarding technology. Worse, this fragmentation means less competition, higher costs and potentially increased fraud.
We have seen this in the EU with the eIDAS and AML legislation, which are crucial parts of the digital identity regulatory framework. Remote digital identity verification solutions using AI and human oversight are now well-established as best-in-class onboarding solutions. They allow financial services providers to verify user identity to a high level of assurance and meet know-your-customer requirements. Yet these EU laws do not yet facilitate sufficient harmonisation across the bloc, and we still see individual Member States taking an approach that effectively foreclose the market to innovative new entrants.
The European Fintech Association (EFA) is trying to rectify this by calling on the European Commission to ensure uniform implementation of the revised eIDAS regulation and remove “cross-border barriers”, something we fully support, and we hope this is also the outcome with the forthcoming changes to the AML package.
But this is not just an EU phenomenon. Patchworks and regulatory divergence exist globally, and we also see this trend growing in more nascent areas such as AI. For a global technology provider using AI, the regulatory picture is starting to look increasingly complex.
In the UK, the Government’s recent AI Strategy is a welcome recognition that AI technologies have huge potential to help the UK build back better and improve lives across the country. Its aim to “build the most pro-innovation regulatory environment in the world” is one we support, and with the appropriate safeguards, it will protect consumers, stimulate innovation and investment.
The new EU AI law is taking Europe in a different direction. It will issue in a new era of more stringent ex-ante rules governing the use of AI deemed to be “high-risk”. While a risk-based approach makes sense, it is critical that prescriptive rules do not apply to low-risk use cases of AI, or indeed where its use serves to directly benefit users.
Meanwhile, AI is becoming a topic of increasing importance in the US as well. The Biden Administration has announced an initiative to create an “AI Bill of Rights”, and various task forces and working groups are emerging at both Federal and State level. We expect to see further policy initiatives emerge here in the coming months.
Three big markets, and potentially three divergent approaches. We may even see patchworks within patchworks if the US and EU frameworks are not fully harmonised.
Industry and government collaboration for better digital regulation
The AI revolution is, of course, global in nature. Innovative global players such as Onfido need to be able to rely on interoperability and consistency across borders in order to scale and invest efficiently. It is therefore key that an agile and joined-up approach is taken to the regulation of AI and other emerging technologies in order that all stakeholders can take full advantage of the huge advances they can offer.
This is exactly what companies and citizens need, especially in the wake of the pandemic, where digital-first is arguably the new normal in financial services and across a range of industries. Regulation needs to keep pace, fostering certainty, consistency and trust across all sectors.
We are here to help regulators and policymakers with our experience and views on what good looks like for digital regulation, so we can all realise the benefits.