On 8 March 2018, the European Commission (EC) published its long-awaited new FinTech Action Plan. The EC understands FinTech to be technology-enabled innovation in financial services, and the strategy covers developments related to new technologies which are changing the financial industry and the way consumers and firms access services. At the same time, the action plan also covers related challenges, such as cyber threats, and proposes the assessment of innovative technologies, such as blockchain, cryptocurrencies and cloud computing services.
EU Commission Vice-President Valdis Dombrovskis recently compared the increasing digitalization of financial services to a global ‘space race’ – in which Europe should not lose out. Various national supervisory authorities in Europe are concerned about the ‘gamification’ of, and advertisement methods for, certain financial services and warn of the risks associated with Initial Coin Offerings (ICOs). An important policy debate for FinTech is thus in full swing at EU level.
A New Enabling Framework for the European FinTech Industry
The EC had heralded the new FinTech framework to boost the European FinTech industry, while ensuring the protection of investors, consumers and the resilience and integrity of the financial system. The EC considers, based on the feedback received from the public and private sector, that the case for broad legislative or regulatory action at EU level is limited at this stage – but that a number of targeted initiatives are needed. The arguably moderate level of ambition is not surprising also in light of the overall timing of this initiative: in spring 2019 a new EU Parliament will be elected, and in summer/autumn 2019 a new EU Commission will be formed. This means in practice that any new legislative measure which is being put forward in 2018 has only limited time to complete the co-decision procedure. In other words, only largely non-controversial new EC proposals have a chance to be adopted by the EU Parliament and Council before spring 2019.
European Commission’s Three Main Objectives
The proposed legislative and non-legislative measures in the FinTech Action Plan focus on three broad policy objectives: (i) to enable innovative business models to reach EU scale, (ii) to support the uptake of technological innovation in the financial sector and to (iii) enhance security and resilience of the financial sector.
1. In order to enable innovative business models reach EU scale, the EC wants to ensure clear and converging licensing requirements for FinTech firms by proposing a new legal framework for investment-based and lending or loan-based crowdfunding services for business (see below). Currently such operators are treated differently across the EU from a regulatory and supervisory perspective, and most operators do not benefit from the EU passporting regime.
The EC will also assess the applicability of the EU regulatory framework to cryptocurrencies and Initial Coin Offerings (ICOs). In order to enhance competition and cooperation between the market players the EC plans measures to develop common standards and interoperable solutions for the various FinTech services. The EC will work with the European Committee for Standardisation (CEN) and with industry to develop the necessary standards, for instance around Application Programming Interfaces (API) which will form the basis of the future European Open Banking eco-system.
In order to support the scaling up of innovative business models across the EU, the EC will invite the ESAs to come up with best practices for innovation facilitators (and related approaches such as regulatory sandboxes), potentially leading to future ESA supervisory guidelines in this context. The EC plans to present a report with best practices for regulatory sandboxes.
2. To support the uptake of technological innovation in the financial sector, the EC will do a technology-neutrality ‘fitness review’ to ensure the existing EU rulebook is fit for disruptive new technologies such as distributed ledger technologies (DLT) and/or artificial intelligence (AI).
It will also look to remove obstacles to the use of cloud services and invite the ESAs to explore the need for Guidelines in this context. The cloud service industry is tasked with developing cross-sectorial self-regulatory codes of conduct to facilitate switching between cloud service providers. The EC will facilitate the development of standard contractual clauses for cloud outsourcing by financial institutions.
Lastly, the EC will seek to advance Europe’s’ understanding and utilization of Blockchain-type technologies, including DLT, via a dedicated EU Public Blockchain initiative and increase knowledge and thereby build trust via an EU FinTech lab for the ESAs, national authorities and industry. In this context, the EC launched on 1 February 2018 the EU Blockchain Observatory and Forum which monitors key developments of the blockchain technology and promotes European operators and interests. In particular, the new platform will seek to evaluate the ‘legal and regulatory’ aspects of blockchain technology while allowing EU Member States to authorize testing.
3. To enhance security and resilience of the financial sector the EC wants to strengthen the ‘cyber hygiene’ within all relevant firms and organizations. The EC also points at the need to share relevant information between all operators in the EU financial sector and will look to address any legal and regulatory obstacles in this context. Rigorous testing will become an increasingly important factor and the EC invites the ESAs to assess whether a coherent ‘cyber threat-testing framework’ is needed for certain significant market operators and infrastructures. Lastly, the ESAs will map the existing supervisory practices around ICT security and governance requirements in the EU financial sector.
The New EC Proposal for Crowdfunding Platforms
The proposed new Regulation for European Crowdfunding Services for Business is the only legislative measure of the March 2018 Action Plan.
For the first time in EU financial services regulation we see a so-called ‘29th regime’ being proposed – which is to say that the new EU crowdfunding regime would sit ‘next to’ existing national approaches. This means that operators can chose to either obtain the new EU authorization (administered and supervised by ESMA) which then allows for the provision of cross-border services across all 28 EU Member States (EU passport) – or they continue operating under the national regime (where such exists) in order to operate locally. If an EU authorization is obtained, the national authorization is withdrawn, and vice-versa.
The new authorization regime is not available to operators currently authorized under MiFID, AIFMD, UCITS and CRD. Other operators, including payment services provider authorized under the PSD or E-MD may obtain the new EU license which allows for the provision of crowdfunding services to businesses, but not consumers.
The new regime establishes a maximum threshold of EUR 1 million for each crowdfunding offer. The new authorization regime is risk-based (e.g. no minimum capital rules) and contains organizational requirements to ensure the management possesses the appropriate integrity, skills and experience, but also in order to counterbalance potential conflicts of interest (e.g. the prohibition of crowdfunding service providers to have any financial participation in the crowdfunding offers on their platforms).
Another chapter of the new regime focuses on investor protection (incl. a new ‘entry knowledge test’ for prospective investors) and transparency requirements (e.g. a ‘key investment information sheet’ including a number of warnings). Crowdfunding operators may not hold client funds, or provide payment services, without the necessary authorization.
The List of Proposed Measures
The new Action Plan proposes multiple measures of various types in the coming months:
- Proposal for a new Regulation on European Crowdfunding Service Providers for Business.
- EU Blockchain Observatory and Forum launched on 1 February 2018 (monitoring the developments around blockchain technology through various sectors). In this context, the EC will draft a study on the feasibility of deploying EU public blockchain infrastructure to develop cross-border services. The EC to assess with the assistance of the Forum and collaboration with the European Standardisation Organisations, whether legal, governance and scalability issues are required and support interoperability and standardisation efforts (long-term measure).
- EC to work on a comprehensive strategy on distributed ledger technology and blockchain addressing the legal aspects with the aim to enable FinTech and RegTech applications across the EU (long-term measure).
- Public consultation on digitisation of regulated information about companies listed on EU regulated markets (European Financial Transparency Gateway) based on distributed ledger technology.
- EC to invite cloud service providers to develop cross-sectoral self-regulatory codes of conduct to facilitate switching to other cloud service providers.
- EC to organise a public-private workshop to discuss the barriers for cyber threats between financial services market players and identify solutions based on data protection standards (long-term measure).
- EC to host an EU FinTech Lab where ESAs and national authorities will be engaging with technology solution providers (long-term measure).
- EC to work with major standard setting bodies (CEN, ISO) to identify and assess the approach and standards for FinTech and Blockchain applications (long-term measure).
- ESAs to evaluate the costs and benefits of developing a coherent cyber resilience-testing framework for significant market participants and infrastructures in the entirety of the EU financial sector.
- ESAs to map the innovation facilitators set up by national supervisory authorities, identify best practices and if appropriate, to issue Guidelines.
- EC to monitor crypto-assets & Initial Coin Offerings with the ESAs, ECB, FSB to assess the risks to the regulatory framework. Based on this work EC to assess whether EU regulatory measures are necessary in this context.
- ESAs to map the current authorization, procedural and licensing approaches across the EU when authorising innovative FinTech activities. ESAs to issue Guidelines on whether such approaches are suitable or issue recommendations to the EC whether to adapt the existing EU financial services framework.
- Based on the work of the ESAs on innovation facilitators, the EC to present a report on best practices for regulatory sandboxes.
- Competent authorities to take initiatives to facilitate innovation at the national level based on the ESAs best practices. The ESAs should facilitate supervisory cooperation based on the effort to create innovation hubs, regulatory sandboxes and consistent supervisory practices.
- ESAs to map the existing supervisory practices of the financial sector on ICT security and governance requirements, and where appropriate:
- Consider issuing Guidelines aiming at supervisory convergence
- Provide to the EC technical advice on the need for legislative improvements.
- ESAs to explore whether there is a need for guidelines on outsourcing to cloud service providers.
- EC to facilitate the development of standard contractual clauses for cloud outsourcing by financial institution.
- EC to set up an Expert Group to review unjustified regulatory obstacles within the EU financial services regulatory framework.
- By mid-2019, EC to support joint efforts by market players to develop standardised PSD2 and GDPR compliant Application Programming Interfaces (API) to support a European Open Banking eco-system.
Polish Context of the EU Fintech Action Plan
“Looking at the EU Fintech Action Plan from the Polish perspective, I must admit it covers all main areas that are interesting in the Fintech space, from both our Fintech clients’ and Polish regulators’ perspectives. It also shows that the Commission has a real interest in the financial technology sector and is looking for ways to promote technological development in it,” said Jacek Wiśniewski, Fintech sector leader at the Warsaw office of Squire Patton Boggs, and member of the Special Task Force for Financial Innovation (FinTech) in Poland at the Polish Financial Supervision Authority (KNF).
“Based on our works within the Special Task Force for Financial Innovation, I can affirm that Polish financial regulators and financial supervision bodies are also very much interested in financial innovation issues. All topics highlighted by the European Commission in the EU Fintech Action Plan are also being discussed and monitored at the local level. As an example, the Polish Task Force also has a great interest in crowdfunding schemes, where the white paper summarizing business models in the crowdfunding space was prepared – as well as a self-regulation committee, of which I have the pleasure of being a member of – aiming at preparing best practices for the sector. Blockchain (DLT) technology is also being closely examined, and first practical use cases are being developed. For example, Polish financial institutions, in co-operation with Fintech companies, are testing blockchain technology for the purposes of storage and provision to clients of the “durable medium” documents, an issue that has become even more important for the European financial sector after the so-called BAWAG case,” adds Jacek.
“I think that the Commission has also clearly demonstrated that it wants to work on the development of the financial technology and Fintech, together with the market players, by forming relevant working groups and forums to discuss and actually work hand-by-hand with innovators to understand better how to proceed, so the financial technology and Fintech sectors may develop and compete on the globalized market. The Polish authorities, and in particular the Polish FSA, have a similar approach to some extent, as evidenced not only with the Task Force for Financial Innovation, but also with the creation of the Innovation Hub that was formed with the Polish FSA. The Innovation Hub was designed as a means of helping financial innovators to launch smoothly their projects within the highly regulated financial space, as well as serve as a forum of exchange of knowledge and ideas between Fintechs and authorities,” concludes Jacek.
Conclusion & Next Steps
With the new FinTech Action Plan, various elements of the existing EU financial services regulatory framework are again up for discussion, while new elements will be added to it (e.g. the new crowdfunding licensing regime). This process opens up strong advocacy opportunities for new and incumbent financial market operators in the coming months.