The Bank for International Settlements (BIS) published a paper that examines the business models and the associated risks posed by big technology firms foraying into financial services sector. The paper focuses on the new nexus between data privacy and competition, also discussing its implications for the lending segment. The paper first describes business models of these firms and analyzes the potential benefits in their provision of financial services. It then evaluates the potential costs, including the new risks of price discrimination, abuse of market power, anti-competitive behavior, and limits to data privacy. Finally, the paper lays out the complex public-policy trade-off between the objectives of efficiency and privacy and discusses the policy options.
The paper notes that business model of big tech firms rests on enabling direct interactions among a large number of users on digital platforms, such as in e-commerce, search, and social media. An essential by-product is their large stock of user data, which they use to offer a wide range of services and exploit natural network effects, generating further user activity. Increased user activity completes the circle, as it generates yet more data. Building on the self-reinforcing nature of the data-network-activities loop, some big technology firms have ventured into financial services, including payments, money management, insurance, and lending. The entry of such firms into finance promises efficiency gains and greater financial inclusion. However, it also introduces new risks associated with market power and data privacy. The nature of the new trade-off between efficiency and privacy will depend on societal preferences and will vary across jurisdictions. The paper notes that, in this context, defining and regulating the use of data has become an important policy issue for authorities and increases the need to coordinate policies at both the domestic and international levels.
At the domestic level, central banks and financial regulators may need to upgrade their understanding of personal data issues. Meanwhile, only a few countries have a national data or artificial intelligence strategy. As the digital economy expands across borders, there is a need for international cooperation on rules and standards. The paper suggests the following, potentially complementary, approaches to address the efficiency-privacy trade-off raised by the widespread use of personal data:
- One approach consists in restricting the processing of user data. For example, recent data protection laws (for example, European Union, Brazil, California, Japan, Singapore) have clarified data collection and use to protect personally identifiable information. However, the challenge with these laws is how to balance differences in privacy concerns and use of data. Some other jurisdictions have taken measures with a wider ambit that may restrict data flows across borders but such frictions in the use of data could lead to cost inefficiencies, limiting their potential benefits.
- A second approach is to give consumers greater control over their personal data. This could allow customers to grant competitive firms access to relevant information and can thus foster competition. Recent open banking initiatives (for example, in the European Union, Australia, and Mexico) are examples of concrete policy actions in this direction. These policies require financial firms to make their customers’ transaction data directly transferable to third parties or competitors, typically through open application programming interfaces (APIs). However, as access is asymmetrical, open banking rules do not fully level the playing field between big tech firms and incumbent service providers.
- A third approach is a set of public infrastructure on which a layer of services can be built. This includes important foundations for digital services such as digital identity, like Aadhaar in India and MyInfo in Singapore, and the development of data management protocols. Once these infrastructures are in place, payments, digital government services, and a host of other solutions become possible. By making consumers data-rich and giving them greater control over their data, important benefits for users can be reaped.
Keywords: International, Banking, Fintech, Financial Inclusion, Credit Risk, Bigtech, Regtech, Lending, Platformization, Open Banking, API, BIS
Previous ArticlePRA Proposes Rulebook Changes; BoE Extends BEEDS Testing Window
Next ArticleBIS to Launch Asian Green Bond Fund Early Next Year
APRA issued a letter on the loss-absorbing capacity (LAC) requirements for domestic systemically important banks (D-SIBs) and published a discussion paper, along with the proposed the prudential standards on financial contingency planning (CPS 190) and resolution planning (CPS 900).
The European Commission (EC) launched a call for evidence, until March 18, 2022, as part of a comprehensive review of the macro-prudential rules for the banking sector under the Capital Requirements Regulation (CRR) and Directive (CRD IV).
The Financial Stability Board (FSB) published a report that sets out good practices for crisis management groups.
The Australian Prudential Regulation Authority (APRA) found that Heritage Bank Limited had incorrectly reported capital because of weaknesses in operational risk and compliance frameworks, although the bank did not breach minimum prudential capital ratios at any point and remains well-capitalized.
The Office of the Superintendent of Financial Institutions (OSFI) released the annual report for 2020-2021.
Through a letter addressed to the banking sector entities, the Office of the Superintendent of Financial Institutions (OSFI) announced deferral of the domestic implementation of the final Basel III reforms from the first to the second quarter of 2023.
EIOPA recently published a letter in which EC is informing the European Parliament and Council that it could not adopt the set of draft regulatory technical standards for disclosures under the Sustainable Finance Disclosure Regulation (SFDR) within the stipulated three-month period, given their length and technical detail.
The Financial Conduct Authority (FCA) published the third in a series of policy statements that set out rules to introduce the UK Investment Firm Prudential Regime (IFPR), which will take effect on January 01, 2022.
The Australian Prudential Regulation Authority (APRA) published, along with a summary of its response to the consultation feedback, an information paper that summarizes the finalized capital framework that is in line with the internationally agreed Basel III requirements for banks.
The Committee on Payments and Market Infrastructures (CPMI) and the International Organization of Securities Commissions (IOSCO) issued a consultative report focusing on access to central counterparty (CCP) clearing and client-position portability.