FinTech: Trends and legal implications
There are notable variations between countries in the global FinTech market but it is commonly accepted that the UK, and London in particular, is a key centre both now and for the future of the industry. This is based around a strong, mature services sector for both the financial sector and digital services, plus government support, a pragmatic regulator and readily available finance.
Two of the key battlegrounds in FinTech have been payments and peer-to-peer lending and, in both cases, banks have been forced to consider whether they see their future as a utility supplier of the "backbone services" to other operators or whether they themselves will become technology organisations selling regulated services. At the centre of any FinTech innovation is often a debate over whether the traditional and FinTech players should treat each other as competition or co-operate to leverage their different core competencies. Banks can bring regulatory expertise, customers and deep pockets whilst FinTech players are seen as more agile, more innovative and unencumbered by legacy system issues.
Looking forward, payments and peer-to-peer platforms will continue to see innovation but we are also seeing increasing activity in RegTech, robo-advice and blockchain.
The payment revolution
Payments have always been a meeting point of "finance" with "technology", with online clearance of payment cards having been the key driver behind the commercial exploitation of the internet. However, there is a new wave of FinTech disruption now impacting payment in cash, payment by direction to trusted third parties and payment using cards.
In terms of payment in cash (notes and coins), FinTech companies are eliminating this for face-to-face transactions through apps, mobile wallets and contactless payments. Digital currencies, of which Bitcoin is the most famous, could in time also provide an alternative to notes and coins but there are still regulatory concerns, security concerns and concerns about the lack of state-backing (or any kind of asset-backing) for such currencies.
In terms of directed payments, FinTech solutions are changing the method by which directions are given (using apps and text messaging), providing instantaneous confirmed transactions without payment cards and introducing new trusted third parties that seek to add value (e.g. in convenience or cost) compared to the offerings of traditional banks – for example, M-Pesa, e-money issuers and international money remitters.
In terms of payment cards, new offerings are becoming available to small merchants to take card payments and new services are eliminating the need for the intermediation of the card schemes altogether (Zapp) and changing who "owns" the customer relationship (Apple Pay, Samsung Pay and Android Pay).
FinTech and the cloud
FinTech start-ups are using cloud to break through market barriers, operate cheaply, and focus on innovation and scale. Cloud computing allows FinTech suppliers to use best-of-breed technology more quickly and more cheaply than would be possible if building the infrastructure from scratch itself. Cloud is built to scale by volume and geography so does not inhibit rapid growth by FinTech start-ups. The lack of upfront CAPEX means that new FinTech services can be launched more quickly and cheaply within banks as well. All of this means businesses can focus on improving their core offering and innovate and scale more quickly.
FinTech start-ups building on cloud platforms are disaggregating the technology supply chain by increasing the number of operators at different levels and focusing on specific types of service where they can excel. Consumers and regulators are increasingly calling for better access to data held within banks to support different services (e.g. account aggregators) and cloud computing will be the platform upon which these open APIs are delivered.
FinTech solutions and big data
Businesses like Uber and AirBnB have become global companies without owning cars or properties. They are using data and technology platforms to deliver their services. This approach is equally visible within FinTech as companies offer various services without branches, using data analytics as a source of competitive advantage.
A number of FinTech offerings are built around compliance with regulations requiring data management, such as know your client and anti-money laundering. "Big data", including information on social media, is also being used to provide alternate ways of assessing credit worthiness (and thereby improving access to banking services for individuals who might otherwise struggle) and to create and sell new products.
Services are becoming increasingly tailored to individuals based on data tracked about them, part of the "internet of me", and the development of machine learning and artificial intelligence will further push the boundaries of how data can be used in FinTech. Inevitably, regulators will take a keen interest in all of these areas to ensure a balance between the use of the data being collected and the risks of relying on artificial intelligence to make financial decisions at the individual and corporate level.
Cyber issues in FinTech
Once implemented, the Network and Information Security Directive will require operators of essential services to implement appropriate and proportionate security measures to protect networks and data against cybersecurity incidents and to report serious breaches to regulators. The definition of "essential services" will include banks, trading exchanges, credit institutions and insurance companies. Technology suppliers can expect customers to seek to flow down the obligations of the NIS Directive through their contracts.
The NIS Directive is due to be formally approved imminently and then Member States will have 21 months to transpose the Directive and a further 6 months to identify essential services. However, operators should be considering the NIS Directive and the new General Data Protection Regulation now.
In practice, companies should accept that a cyber-attack is a case of "when" not "if", create a plan that balances prevention and preparation and stop viewing cyber risk as purely an IT issue (so involve IT, IT forensics, lawyers, compliance officers and PR in planning and reaction to any cyber breach).
For information on our CyberBox offering click here. You can also read our UK focused overview on the General Data Protection Regulation and the Network and Information Security Directive here.
FinTech start-ups: How to attract finance and enable growth
There is a typical funding cycle for the FinTech start-up that follows the stages of the company lifecycle - foundation, expansion, consolidation and exit (typically through a trade sale or IPO). At the foundation stage a FinTech start-up is often self-financed or backed by friends and family and as the business or service offering becomes more defined it will look to outside capital in the form of "seed financing" from angel investors. When the FinTech start-up is generating revenue and in growth mode venture capital is a common source of finance. If a FinTech start-up is looking to exit via an IPO then it may require "mezzanine financing" which is usually provided by private equity firms.
For FinTech start-ups at the seed financing stage, the most common sources of finance are high net worth individuals, equity crowdfunding, FinTech accelerators and early stage venture capital or micro funds. At the growth stage, we are seeing banks and financial services firms establish dedicated corporate venture funds to invest in FinTech start-ups. A key consideration for the FinTech start-up is its funding strategy – it needs to determine the best investor for its business based on its business model and exit strategy.
Blockchain: Use in FinTech beyond Bitcoin
Blockchain technology is at "peak hype" and is being discussed as a tool to transform all sorts of businesses. In particular, blockchain technology is bound to become a game changer within FinTech. Already, a number of banks and financial institutions are trying to set up blockchains to lower transaction costs associated with settlement of all kinds of financial transactions. Industry consortiums such as R3 are in front here.
Blockchain is database technology that works on a network rather than being stored in one place – so that all "nodes" with the application downloaded hold a copy. This database is structured as a ledger or registry of entries that are time-stamped, encrypted and permanent. The main benefits of blockchains are seen to be the transparency of the transactions, the security, and the efficiency of the system.The likeliest use cases involve removing intermediaries from different transactional processes.
Blockchains can be open (i.e. anyone can participate) or permissioned to a closed group of companies (although these are considered less secure due to the twin risks of collusion and hacking). Blockchains can embed within the transactions that make the blocks sophisticated computer code that represents contractual terms and conditions. Such “smart” contracts could be sufficiently detailed to allow them to be partially or fully self-sufficient, self-executing, and self-enforcing for trading financial assets or digital rights management.
The implications of blockchain to both transparency and privacy do mean that regulators will take an interest in how the technology is used and likely apply existing regulations to specific types of transactions, in much the same way as the internet became regulated.