Securities markets: standing at the crossroads
Financial technology has the potential to radically transform the securities industry. The fast pace of change could lead to disintermediation, according to an Iosco study. Daily News at Sibos editor Heather McKenzie reports.
In February, the International Organisation of Securities Committees (Iosco) published its report on financial technologies. Studying a range of areas including financing platforms, retail trading and investment platforms, and institutional trading platforms, Iosco’s report concluded that the industry is at “a crossroads of significant technology-driven change in the offering of financial services”.
Key trends identified in the report include:
- Greater availability of data
- Exponential growth in computing power allowing the analysis of ever larger data sets
- Broader access to and the decreasing cost of goods and services
- Increasing disintermediation and re-intermediation
- Demographic and generational changes
“Fintech applications are developing at an increasingly faster pace, creating new opportunities to achieve better outcomes for investors. At the same time, as with any change, new risks and vulnerabilities may arise,” states the report. Changes that are already under way are substantial and could lead to full disintermediation using technology.
Innovative fintech business models are disintermediating and re-intermediating certain regulated activities. For example, online equity crowdfunding platforms intermediate share placements and disintermediate stock exchanges and underwriters; peer to peer lending platforms intermediate or sell loans and disintermediate banks and lenders, and robo-advisers provide automated investment advice and thereby disintermediate traditional advisors.
While financial institutions face significant changes from fintech, so too do regulators. As Iosco points up, while firms can operate globally, regulation is overseen within national or sub-national borders. This may create challenges in terms of regulatory consistency, as well as cross-border supervision and enforcement. It also creates a potential risk of regulatory arbitrage. The global nature of fintech may therefore contribute to challenges that may be addressed by international cooperation and the exchange of information among regulators.
Regulators have engaged in greater multilateral collaboration on the topic of digital innovation at Iosco, the Committee on Payments and Market Infrastructures, the Financial Stability Board (FSB) and the Bank for International Settlements (BIS). Regulators also establish bilateral initiatives to share information about financial services innovations in their respective markets, including emerging trends and regulatory considerations.
Many jurisdictions have engaged in greater national regulatory coordination. For example, Hong Kong created a cross-regulatory collaboration group established at the level of the Financial Services and Treasury Bureau. Representatives of the fintech offices of Hong Kong’s three regulatory bodies are part of this collaboration group. In Japan, the Working Group of the Financial System Council, which is the advisory body of the Financial Services Agency has been formed and has submitted findings. As a result, two major legislative amendments, to the Payment Services Act and the Banking Act have been enacted.
The rising use of technology in the delivery of financial services may increase the complexity of supervision, surveillance and enforcement. Regulators may face challenges addressing fintech development while fulfilling their regulatory mandate, such as promoting investor protection, market fairness and financial stability.
Regulators have increased their policy focus, for example by issuing new regulations and guidance on specific fintech areas. Regarding robo-advisers and other forms of automated or digital financial advice, regulators have relied on general suitability, know your customer (KYC), registration, training, best-execution, short-sale, disclosure, record-keeping, compliance and supervision rules to address the advice given. Regulators have also increased supervisory focus over new technologies including, for example, algorithmic trading, crowdfunding, P2P lending, financial platforms, use of cloud storage, cybersecurity, authentication and fraud control.
In distributed ledger technology (DLT), regulators could participate as one of the nodes of the ledger, thereby having access to all data, which in turn would enable regulators to have more complete and traceable real-time records. While it is still very early days for DLT, some regulators have already responded. In June 2016, the European Securities and Markets Authority (ESMA) issued a discussion paper, which includes an analysis of how DLT would (or would not) fit in the existing EU regulatory rulebook (mainly on post-trading issues).
In the same month, the French Parliament voted a law which allows some securities vouchers to be issued and exchanged on a DLT (referred to as securities electronic and distributed recording facility). It empowers the Government to issue a decree to specify how these securities vouchers, as well as how securities that are neither listed on a platform nor admitted to a central securities depository, would be exchanged through DLT. This in turn would result in a regulatory framework for DLT.
In January 2017, the US Financial Industry Regulatory Authority (FINRA) issued a paper on the use of DLT in the securities industry. The paper requested comments on matters for which it would be appropriate to consider additional guidance, consistent with the principles of investor protection and market integrity, based on DLT applications and their implications for FINRA rules.
In addition, many regulatory authorities are familiarising themselves with DLT through research, labs, innovation hubs and proof of concept projects. Furthermore, international organisations such as Iosco, the FSB and the BIS are observing the developments of DLT under their respective objectives.
Looking forward, says Iosco, regulators could, if desired, continue to explore how to best benefit from the trends in fintech and the closely associated regulatory technology (regtech). For example, regulators may leverage the increase in available data, as well as the potentially greater capability to access and process this data, including using data analysis tools and software to evaluate compliance with regulatory requirements. Regulators also may explore leveraging new compliance software and surveillance tools.
Fintech has enabled new distribution and business models for products and services through internet or mobile based interfaces. Emerging from this is the shift towards digital customer onboarding and e-KYC, which can reduce compliance costs and increase accessibility to a broader investor base. There are differences in the regulatory approaches towards digital onboarding, heightening the importance for fintech platforms to be cognizant of and comply with such jurisdictional differences, while also possibly increasing the risk of regulatory arbitrage between jurisdictions.
Cybersecurity and data protection concerns associated with fintech and increasing internet connectivity have been exacerbated by the frequency and sophistication of cyberattacks and breaches observed in both developed and emerging markets. These involved interruptions to the operations of platforms, theft of investors’ personal details or sensitive financial information and losses to client assets, amongst others. Cyberattack can undermine investor confidence in fintech firms and activities, says Iosco.
While cyber risk is common to both developed and emerging markets, emerging markets may be faced with additional risks due to more limited budgets assigned to investment in cybersecurity protection. Further, the growing role of emerging markets in global supply chains also may increase their risk of being used as a backdoor into larger markets.
To help capital market participants to navigate cybersecurity challenges and raise awareness of cybersecurity risks, several emerging market regulators such as India and Malaysia have developed or are developing cybersecurity frameworks and guidelines. To strengthen regulatory preparedness for a cyberincident, Iosco held a regulatory exercise simulating a cyberattack on participants across more than 40 jurisdictions. The simulation focused on the role of securities regulators when dealing with cyberattacks on regulated entities. It provided a platform to raise awareness of the consequences of the evolving cyberthreat and to discuss effective responses.
Another potential area of risk is in retail trading. Trading and investment in securities through fintech is more self-directed and a significant segment of investors may be retail-based. In view of this, Iosco recommends that regulators strengthen financial literacy and investor education. This is because investors may not always understand the risks involved and be more motivated by short-term gains, while lacking the ability to evaluate the longer-term viability of the issuer’s business models and risk. Increasing the level of investor education might better equip investors with the necessary tools and skills to navigate the investment process using various types of fintech.
Most regulators view transparency and disclosure of information as critical to facilitate informed assessment and decision making by investors. For example, some securities regulators require financing platforms to prominently display relevant information relating to the issuers and to provide communication channels, such as discussion forums and live chat applications, that facilitate discussions relating to offerings on the platform.
Also, to manage the risk of making decisions too quickly, some regulators may impose specific requirements aimed at slowing down online decisions. For example, the Italian Consob Crowdfunding Regulation considered an impact assessment and investor survey. It asks online decision-makers to read some mandatory educational information and to fill in a questionnaire aimed at ascertaining the true understanding of the main characteristics and risks of using automated advice services.
As innovative start-ups and technology firms may not be familiar with the financial sector and how products or services intersect with financial regulation, several regulators have established dedicated fintech offices, contact points and hubs. Dialogue between regulators and the industry through these dedicated fintech offices has also helped in bridging potential knowledge gaps. Furthermore, some regulators are exploring the possibility of introducing regulatory sandbox frameworks, under which fintech companies offering financial services may be granted certain regulatory flexibilities to experiment with solutions in a defined environment within specified timeframes.
Other regulators consider that a sandbox may create an uneven playing field across market participants between those innovative firms selected to be part of the sandbox program, and other innovative firms and incumbent players. These regulators are of the view that sound regulation may help firms win the confidence of investors, and may lend credibility to their international development efforts. Finally, some regulators have set up labs and accelerator programmes to explore whether certain new technologies can assist the regulator itself in better achieving its regulatory objectives.
This article is also featured in the Daily News at Sibos 2017 – Day 2 edition.
Click here to read the issue online or pick up a print copy if you are at the conference!
The digital and print editions are free.