Like brakes to a bicycle, fintech must exist within the realms of regulation if it is to ditch its ‘wild west’ persona. Indeed, the adoption of various elements of the industry, like cryptocurrency, has ultimately suffered due to the lack of regulation that surrounds and supports them. Throughout the entire month of May, The Fintech Times will be dedicating its focus to highlighting the most current developments in this ever-perplexing and constantly-changing foundation of fintech.
To start our series at the beginning, we quizzed five industry experts on which regulations they thought would have the biggest impact this year.
A greater scope of insight
Adam Holden, CEO of NorthRow, isn’t wrong to put forward the rise of identity regulations as one to watch this year. The industry has witnessed a massive surge in data use cases of late, and it would seem only fitting that the latest regulations match its pace: “The project being undertaken by the Department for Digital, Culture, Media and Sport (DCMS), and subsequent proposals for regulation, will ensure consistent high standards of identification and verification (ID&V) and the processes across the board for individuals and companies.
“As individuals, we’ve become more accustomed than ever to carrying out our jobs, completing tasks and operating almost entirely in a digital environment. Once in place, the option for individuals to have digital IDs will be transformative, both for citizens of the UK and for fintechs.
“With a single, digital source of truth, and no risk of sensitive ID documents becoming misplaced or falling into the wrong hands; onboarding individuals and organisations will soon become slicker than ever before.
“Using these digital IDs in conjunction with advanced biometric technology such as facial recognition will provide a secure method of verifying people are who they claim to be. This will ultimately speed up the onboarding process for both businesses and individuals.”
“Thanks to the UK’s Green Financing Roadmap and subsequent environmental, social and governance (ESG) legislation, momentum for more sustainable finance is gathering pace within the fintech and regtech communities in support of the UK’s transition towards net zero.
“As a result, organisations are placing more scrutiny than ever before on the entities and individuals with whom they transact and do business.
“Using Know Your Business (KYB) and Know Your Customer (KYC) software, organisations can vet companies and individuals based on a pre-defined risk profile that reflects a business’ ethical standpoint before deciding to onboard them.
“Whether monitoring mentions in the media for any involvement in human rights violations, ensuring diverse representation among directors and shareholders or prioritising the onboarding of organisations with clear green policies and credentials; using a KYB/C platform can supply businesses with critical ESG insights as a part of a deeper analysis of their clients.
“As consumers and businesses increasingly consider green credentials, corporate social responsibility and sustainability in their decision-making process, these checks can help businesses to become more climate-friendly by identifying, assessing, and managing ESG-related risk and selecting more ethical companies to partner with.”
Data privacy and social channels
According to Robert Cruz, VP of information governance solutions at Smarsh, the regulations that are due to have the biggest impact on his multi-national customers fall into two categories:
“First, given the significant increase in the use of digital communications tools like Zoom, Microsoft Teams and social media, regulators globally are behind in providing guard rails for firms to understand how they should be controlling those sources as new locations for regulatory and other forms of risk.
“Most firms we work with are now considering those tools as vital components in their communications infrastructure and have been vocal in their desire for regulatory guidance on how they should be providing oversight.
“Second, the further evolution of data privacy and protection mandates around the world has significant implications for our customers who operate in multiple jurisdictions, and how they capture, store and control business-related communications.
“This will continue to have a significant impact on how multinationals can support business in new geographic regions while adhering to data protection and other jurisdictional-specific mandates.”
The regulatory response to the invasion of Ukraine
Although Rupert Brown does echo areas of comments previously mentioned here, the CTO and founder of Evidology Systems does bring to light the impact the ripples of the Ukraine conflict will have on the direction and force of up and coming regulations:
“Whatever the outcome of events in Ukraine, 2022 will now be dominated by the raft of sanctions imposed against Russia and its Oligarchs. Although there will inevitably be some backsliding over time until there is significant regime change in Moscow the enforcement of these will be top of mind for politicians of all complexions and their civil servants/regulatory agencies.
“The Ukraine conflict also brings into focus three other sets of regulations that had already been instigated before the invasion, namely:
“ESG reporting and governance — the focus here will shift, however, into demonstrating that whatever energy sources are consumed, they do not originate in Russia rather than discriminating between fossil fuels and renewables. Global political expediency has already trumped much of the voice of the environmental lobby and will continue to do so whilst war crimes continue to emerge.
“Critical infrastructure hardening and security — The FCA and SEC had already tightened guidance and reviewed requirements prior to the invasion on all aspects of government and corporate business-critical infrastructure. We can expect to see further requirements emerge as the wave of cyberattacks unleashed by the war continues to escalate.
“Cryptoassets, especially transaction tracing/reporting — These have already become the tool of choice for Russia to try and evade western sanctions where it needs to source materials and equipment that it does not produce itself. It enables Russia to finance its proxies in the Middle East and Africa to continue to cause mischief and distract Western governments.
“Of these three regulatory themes, the governance of infrastructure hardening and security will prove to be the most challenging. There is a critical need for better regulation of both IT infrastructure design and operation, given its pervasiveness to all our lives.”
Good, clear and concise data regulations
Jonathan Thursby, CEO and founder of KOR Financial, provides an insightful and largely American view of how regulations are reacting to the growing importance of accurate data: “2022 is the year significant revisions to global over-the-counter (OTC) transaction reporting starts to be implemented a decade after first introduced. Given that the United States was the first regime to go live, it’s only fitting that it’s the first to introduce the most expansive single set of changes we’ve seen anywhere.
“Up for change is adopting a large tranche of critical data elements (CDE) by internal standard-setting bodies CPMI and IOSCO. CDE represents a growing shift from principals to prescription-based requirements approach with the goal to standardise data within a region and global regulatory sharing.
“Also, in the US we’re seeing the strictest obligations globally be introduced on data reporters confirming the completeness and accuracy of data. Clearly, a drive to higher quality and setting up consequences for failures on top of the nearly $200million in fines trade reporting fines issued globally since 2019.
“Another quiet but significant first is simplified porting from one trade repository relationship to a new one. Unlike the complicated process in EMEA, the US will allow for a simple snapshot cutover with no movement of history. Along with significantly narrowed specification gaps between trade repositories thanks to the new regulatory prescription, it all adds up to a real win for market participants who have wanted to seek out a new trade repository.
“While the US is busy implementing in 2022, the year will also be filled with anticipated guidance globally on proposed amended reporting rules and implementation timelines set out by regulators in Canada, the UK, the EU, Singapore, Australia, and Japan. And for good measure, we’ll also see close to the final draft of the years in the making unique product identifier (UPI) system that represents a huge impact on every reporter globally when adopted by regulators.”
The end of the wild days of crypto
Jim Flinn, FCAS of Breach Insurance, remains on a similar note to Thursby by means of a regional focus on the US, however, he does identify how 2022 will be the year for long-awaited crypto regulations: “Regardless of industry, regulation is necessary to properly manage an emerging space and give market participants the peace of mind that their best interests are being considered.
“It is important for regulators to avoid overly oppressive directives that stifle innovation and add time and expense that ultimately burdens consumers. When implemented thoughtfully, regulation can give assurance to new and existing participants, in this case giving them the confidence to participate in the crypto economy in a safe and protected way.
“The US is in a unique position to take advantage of the growing crypto economy and position itself at the forefront of the financial innovation frontier. Other countries that have attempted to halt the growth and criminalise crypto participation have done nothing to keep the growth from occurring.
“All it has done has left them on the sidelines. If we want to reverse the tide of changing world orders and keep the US economy as a world leader, lawmakers should consider carefully crafting legislation that protects consumers and supports growth and innovation.”