Featured Product

    FSI Paper Endorses Entity-Based Regime for Regulating Big Tech Firms

    July 05, 2022

    The Financial Stability Institute (FSI) of the Bank for International Settlements published a paper that examines financial stability risks stemming from the interconnections and interdependencies inherent in the business models of large technology companies—also known as the big tech firms—that are now increasingly providing financial services. The paper outlines the regulatory implications of how big tech firms provide financial services and the tools financial authorities have at their disposal now to address related risks. The paper concludes that addressing interdependency risks requires the development of specific entity-based rules, which could take the form of a new regulatory framework that allows authorities to control risks emerging from the combination of financial and nonfinancial activities. This framework should follow an entity-based approach and impose requirements at the group level, including on strengthening operational resilience.

    The paper notes that such large digital platform companies (or big tech firms) operate highly interconnected platform ecosystems and have gained a substantial footprint in the provision of financial services. Such firms are increasingly becoming intrinsic to the financial services sector and are embedding, into their business models, offerings like cloud computing, banking-as-a-service partnerships, payments, credit scoring, and the available data/analytics on existing customers. In particular, several big tech firms have developed proprietary credit scoring systems serving all their business segments. The big tech firms leverage alternative data and sophisticated artificial intelligence-based tools as part of their credit scoring systems. These systems can identify eligible potential customers who might not qualify for credit on the basis of traditional credit risk models used by financial institutions. This is possible because big tech models not only analyze the credit history of customers but also past transactions and digital behavior in their ecosystems. Overall, these advantages of big tech firms' credit scoring systems have become important for their service offerings and, therefore their, profitability. These firms are also increasingly becoming critical third-party service providers to the financial institutions, thus giving rise to not only information and communications technology (ICT) and cyber risks, operational risks, reputational risks, consumer protection risks, and related moral hazards, but also to systemic and financial stability risks. 

    The big tech firms' operations in financial services are, however, regulated on the basis of sectoral regulatory regimes. When a big tech entity provides its financial services in collaboration with other financial institutions, it usually does not need any license because its partners will typically meet the regulatory requirements. Though if a big tech entity is licensed to perform a regulated financial activity, it faces a body of regulatory requirements attached to that license under sectoral financial regulations. The regulatory frameworks for different financial sectors were not formulated with large interconnected digital platform companies in mind and thus they do not fully capture such risks under sectoral regulations. Thus, to effectively foster operational resilience and preserve financial stability, it seems essential that the entity-based rules be put in place to comprehensively address risks related to interdependences. The paper notes that a few jurisdictions have started to insert entity-based rules in their regulatory framework to cope with selected risks presented by big tech firms. The paper also concludes that strong intragroup dependencies among big tech entities call for risk assessment at the group level.

    The paper suggests that, until the entity-based regime is in place, to begin with, authorities could focus on regulated financial entities and use them as a lever to counter potential financial stability risks:

    • For regulated financial entities that are members of big tech groups, authorities may wish to assess whether they have a clear picture of the risks stemming from interdependencies. Based on the assessment, they could enter into a structured supervisory dialog with the examined entities to discuss the findings and potential risk mitigants.
    • For all regulated financial entities, authorities may wish to assess whether there is a need to strengthen digital operational resilience. It would also include assessing regulated entities’ resilience to cyber incidents and whether they follow international guidance and industry best practices. Deficiencies identified in the assessment could be addressed with the existing regulatory instruments, which encompass, among others, prudential capital requirements, large exposure limits, AML/CFT requirements, outsourcing requirements, rules on related-party transactions, regulatory disclosures, and cyber and operational resilience standards and guidelines.
    • For regulated entities’ use of critical services, authorities may wish to ramp up their monitoring efforts. A major concern in this respect is that the limited number of providers of cloud services could magnify the impact of any operational vulnerability.


    Related Links


    Keywords: International, Banking, Regtech, BaaS, Lending, Lending Marketplace, Platform Businesses, Cloud Computing, Systemic Risk, Basel, Entity Based Regulation, FSI, BIS

    Featured Experts
    Related Articles

    CFPB Finalizes Rule on Small Business Lending Data Collection

    The Consumer Financial Protection Bureau (CFPB) published a final rule that sets out data collection requirements on small business lending, under section 1071 of the Dodd-Frank Act.

    March 30, 2023 WebPage Regulatory News

    BCBS to Consult on Pillar 3 Climate Risk Disclosures by End of 2023

    The Bank for International Settlements (BIS) published a summary of the recent Basel Committee (BCBS) meetings.

    March 23, 2023 WebPage Regulatory News

    FINMA Approves Merger of Credit Suisse and UBS

    The Swiss Financial Market Supervisory Authority (FINMA) has approved the takeover of Credit Suisse by UBS.

    March 21, 2023 WebPage Regulatory News

    BOE Sets Out Its Thinking on Regulatory Capital and Climate Risks

    The Bank of England (BOE) published a working paper that aims to understand the climate-related disclosures of UK financial institutions.

    March 13, 2023 WebPage Regulatory News

    US Congress Report Examines Data Privacy and Cybersecurity Regulations

    The U.S. Congressional Research Service published a report on banking, data privacy, and cybersecurity regulation.

    March 13, 2023 WebPage Regulatory News

    OSFI Finalizes on Climate Risk Guideline, Issues Other Updates

    The Office of the Superintendent of Financial Institutions (OSFI) is seeking comments, until May 31, 2023, on the draft guideline on culture and behavior risk, with final guideline expected by the end of 2023.

    March 12, 2023 WebPage Regulatory News

    EU to Conduct One-Off Scenario Analysis to Assess Transition Risk

    The European authorities recently made multiple announcements that impact the banking sector.

    March 10, 2023 WebPage Regulatory News

    APRA Assesses Macro-Prudential Policy Settings, Issues Other Updates

    The Australian Prudential Regulation Authority (APRA) published an information paper that assesses its macro-prudential policy settings aimed at promoting stability at a systemic level.

    March 07, 2023 WebPage Regulatory News

    BIS Paper Examines Impact of Greenhouse Gas Emissions on Lending

    BIS issued a paper that investigates the effect of the greenhouse gas, or GHG, emissions of firms on bank loans using bank–firm matched data of Japanese listed firms from 2006 to 2018.

    March 03, 2023 WebPage Regulatory News

    HMT Mulls Alignment of Ring-Fencing and Resolution Regimes for Banks

    The HM Treasury (HMT) is seeking evidence, until May 07, 2023, on practicalities of aligning the ring-fencing and the banking resolution regimes for banks.

    March 02, 2023 WebPage Regulatory News
    RESULTS 1 - 10 OF 8810