Prof Joachim Wuermeling of Deutsche Bundesbank spoke, in München, about the need for the legal framework to keep pace with the digital transformation in the financial sector. He emphasized the need to ensure that the "regulatory framework will still be suited to the financial industry of tomorrow," considering the blurring of the boundaries between sectors, as new enterprises—such as fintechs and bigtechs—join the market. Mr. Wuermeling examined the risks and opportunities associated with this ongoing transformation, along with its implications for the supervisory and regulatory regime in EU and worldwide.
He explained that Bundesbank takes "an overall positive view of digitalization" and, as a supervisory authority, it is closely monitoring the related inherent risks and cost-saving opportunities. In the past few years, Bundesbank has responded to the increased significance of IT-related risks and specified its requirements more clearly. This affects the day-to-day supervisory work of Bundesbank. As new enterprises—mainly fintechs and bigtechs—join the market, boundaries of the financial sector "have become somewhat blurred." These enterprises often provide just one of the process steps that make up a banking service (customer onboarding or credit scoring, for instance) or technical support processes (for mobile payments or for general cloud services, for example) in partnership with banks. Many of the new players are not licensed as banks, financial service providers, or payment institutions, but may be involved at key stages in processes or the market structure as a result of outsourcing or other forms of cooperation. All of this is leading to a more complex competitive landscape and new forms of cooperation that can give rise to new and additional risks, thus raising the concerns about how far the legal framework can keep pace with the transformation of the financial sector.
He emphasized that the "long-established legal framework has remained very largely the same despite the changes the sector has undergone. Much of this is due to the prevailing regulatory approach in Germany and Europe as a whole." Formulating abstract requirements and standards instead of detailed technical rules has helped ensure the stability of the supervisory framework. For instance, in case of outsourcing activities, banks outsource certain processes to external service providers. From a banking supervisory perspective, the rules are clear. However, external providers that do not themselves perform business subject to the supervisory rules do not fall within the scope of regulation. It is the supervised institutions that bear full responsibility for any risks arising from cooperation with an external service provider. Examples of such risks are a potential default by the external service provider, or the possibility of reputational risk. The institutions must ensure that the risks remain manageable—for instance, by including relevant terms and conditions to this effect in cooperation agreements and by considering from the outset how they can keep their business up and running if the partnership is terminated unexpectedly.
However, where credit institutions work with large technology firms, such firms' negotiating power might be so large that institutions have difficulty effectively imposing their conditions on their contracting partners for the service being provided. The more the boundaries between sectors are blurred and the more intensively banks work with non-licensed enterprises, the more relevant discussions like this will become. He suggests that "we should discuss to what extent we might take a closer look at supervising individual activities—activity-based supervision—in addition to entity-based supervision." He added that Europe is already pressing ahead with regulation for issues emerging as a result of digitalization, giving an example of the recent EBA guidelines on outsourcing arrangements. He opined that he "would like to see the European stakeholders set the right course for the overarching framework of digitalization."
With regard to the increasing importance of cross-border business in the digital age, he said that a key concern for banks and finechs is that their innovative products and services can be rolled out across Europe straight away. To this end, EU should focus on counteracting any national fragmentation of regulation in its early stages. This is also important for Europe's global competitiveness in areas such as artificial intelligence, blockchain technology, video identification, or even issues relating to competition law. Additionally, EU could set its sights on objectives beyond strengthening the single financial market. Regulatory issues brought to light by digitalization often also have a more far-reaching impact. For instance, the framework for using artificial intelligence also raises ethical questions. He concluded that considering topics from various angles appears to be something EU is good at and EU regulation is often seen as being well-balanced from outside the EU. Other countries and jurisdictions have already chosen to model their own projects on the European Data Protection Regulation. Therefore, there exists a very real chance that EU could end up playing a leading role in developing the rules for the digital financial sector. "Expectations of this have already emerged, in fact. In the new legislative period, we should therefore be proactive in tackling pressing topics and questions," said Mr. Wuermeling
Related Link: Speech
Keywords: Europe, EU, Germany, Banking, Fintech, Bigtech, Activities-Based Approach, Cloud Computing, Bundesbank