In our new working paper entitled ‘The Future of Data-Driven Finance and RegTech: Lessons from EU Big Bang II’ we argue that 2018 marked an important point in the evolution of finance: a Big Bang of data driven finance in Europe. In particular, MiFID II, GDPR and PSD2, focusing respectively on financial and trade reporting, data protection, and open banking were implemented in Europe. While designed separately, these three regulatory reforms are triggering a transformation in finance and its regulation in the EU. The impact however extends far beyond the EU. First, these reforms have three important elements of extraterritoriality so their impact has reached around the world to all those dealing with finance and data in Europe. Second – and more significantly – countries around the world are grappling with questions of how to regulate finance, technology and data and their increasingly interwoven nature.

In analysing the interaction of these separate regulatory processes and their interactions, we focus in particular on the role and development of Regulatory Technology (RegTech). Applying a wide definition of RegTech that encompasses the use of technology for regulatory, legal and compliance purposes as well as use of technology by regulators and supervisors to enhance regulatory processes and also redesign systems,[1] we find, somewhat surprisingly, that although promoting RegTech was not an official policy objective in the EU prior to March 2018 at all, there was nonetheless an extended and significant process of digitization of reporting requirements to regulators. The rise of RegTech and data-driven finance in Europe has rested upon four apparently unrelated pillars: (1) extensive reporting requirements imposed after the Global Financial Crisis to control systemic risk and change financial sector behavior; (2) strict data protection rules reflecting European cultural concerns about dominant actors in the data processing field (GDPR); (3) the facilitation of open banking to enhance competition in banking and particularly payments (PSD2); and (4) a legislative framework for digital identification imposed to further the European Single Market (eIDAS).

Although regulators hardly realized its impact on financial intermediaries before it was adopted, the General Data Protection Regulation (in addition to PSD2) has forced all financial intermediaries to reconsider and reorganize the way they collect and process clients’ data. This came at the same time as financial service providers were exposed to a wave of new financial legislation, in which the common denominator were new reporting requirements so extensive that compliance with those requirements necessitated a radical overhaul of existing data gathering and reporting systems of both service providers and Member States’ supervisory agencies.

Beyond RegTech, our analysis suggests that together these four pillars have prompted a revolutionary development of data-driven financial services in the European Union: seeking to make the best out of the new need for data-based reporting, intermediaries were both forced to and used the momentum of the moment to invest in new IT systems that enabled them to capitalize on the unprecedented amount of data collected for business purposes. Hence, although unrelated and uncoordinated when adopted, we argue that these four steps – interacting together – will drive a Big Bang transition to data-driven finance. These seemingly unrelated pillars together bolster an emerging ecosystem which aims to promote a balance among a range of sometimes conflicting objectives, including systemic risk, data security and privacy, efficiency, and customer protection.

We argue that the EU experience is having and will continue to have global implications. Financial services and data protection regulatory reforms have unintentionally driven the use of RegTech by intermediaries, supervisors and regulators, thereby laying the foundations for the digital transformation of both EU financial services and financial regulation. The four pillars provide a natural experiment to analyze the impact of a specific combination of financial regulation, data regulation and open banking policies which are being watched very closely by countries around the world considering these issues will sit at the core of 21st century finance, economies and societies. Depending on their success (and there are strong arguments in favor of these changes particularly in RegTech, financial regulation, data regulation and eID processes), the EU experience may also provide a roadmap for other jurisdictions that seek to develop regulatory approaches to the intersection of data, finance and technology, in an effort to further both financial services innovation and financial inclusion.

Dirk A. Zetzsche is Professor of Law at the University of Luxembourg

Douglas W. Arner is the Kerry Holdings Professor in Law at The University of Hong Kong

Ross P. Buckley is King & Wood Mallesons Professor of International Finance Law, and a Scientia Professor, at the University of New South Wales

Rolf H. Weber is Professor of Law at the University of Zurich

 

[1] Following Arner, Barberis and Buckley, FinTech, RegTech and the Reconceptualization of Financial Regulation.