FinTech is the future of financial services. To secure its growth and the UK's position as a global FinTech leader, the Kalifa Review calls for a new and comprehensive policy and regulatory strategy. Such a strategy should set a new policy innovation benchmark for emerging technologies, support the scaling up of innovative firms, and secure an integral role for FinTech in the UK's future trade policy.
The final report of the Independent Fintech Strategic Review, led by Ron Kalifa OBE, was published last Friday. Launched in July 2020 at the Chancellor's request, the Review's objective was to develop the vision and plan to secure the future success of the UK's FinTech sector. In Mr Kalifa's words, FinTech is no longer a "niche within financial services" but instead a "permanent, technological revolution, that is changing the way we do finance". Its success is crucial for the UK's post-pandemic economic recovery and growth.
The Review made 17 recommendations across five priority areas: skills and talent, investment, international, policy and regulation, and national connectivity [Read about Deloitte's contribution to the national connectivity chapter here].
This article takes a closer look at Review's recommendations on policy and regulation. The UK already sets the pace in these areas - as evidenced by the widespread emulation of the Financial Conduct Authority (FCA)'s regulatory sandbox. But competition from other jurisdictions, the uncertainty caused by Brexit, and the acceleration in digital adoption caused by the pandemic threaten the UK's leadership. The Review makes three main recommendations in relation to policy and regulation to strengthen the UK's position.
1. A digital finance package to create a new regulatory framework for emerging technology
The Review calls for a new comprehensive strategy to provide a modern regulatory and policy environment for FinTech. In our view, this will be the UK’s equivalent of the EU’s Digital Finance Strategy issued last September, but with one key difference. The UK FinTech strategy will directly address all matters relevant to FinTech, including cross-sectoral issues which apply to all sectors of the economy.
Regulatory issues - such as conduct, data protection, competition, and digital public infrastructure - are currently considered by separate public agencies, primarily in silos. The current mandates of these agencies allow for limited consideration of each other's approach or substantial collaboration. This creates regulatory uncertainty for firms, as we highlighted in our recent report on the interaction between conduct and data protection in Artificial Intelligence (AI). To remediate this, the Review suggests creating a single body to bring together all relevant FinTech policy and regulatory strands and ensure co-ordination on cross-cutting issues. We believe such a body could significantly increase the competitiveness of the UK's policy environment, provided it has sufficient authority and resources.
More broadly, the strategy should identify "Priority FinTech Areas" that require particular support. The Review includes an initial list organised in two themes: data and the promotion of digitisation of financial services.
The development of common data standards and Digital Identity (ID) are at the top of the list as foundational public infrastructure for a digital economy. Several Government initiatives in these areas exist already. However, further action is required to expand their scope, accelerate their development, and establish the UK as a dominant force. For example, the Review suggests that the Government should drive the consistent provision of data by its departments to support a trusted national Digital ID verification infrastructure and proactively remove barriers preventing data sharing between trusted sources in the public and private sectors.
The Government should also prioritise Smart Data by facilitating and, if necessary, mandating data sharing within and between sectors. It should expand the scope of its existing Smart Data initiative, currently limited to the communications, energy and finance sectors. It should ensure a level playing field by bringing into its scope firms that hold large quantities of consumer data, such as large technology companies. The FCA should continue to progress Open Finance and ensure alignment and interoperability with other Smart or Open Data initiatives in the UK and internationally. Many will welcome Open Finance in principle, but we see some of the detailed proposals, e.g. the funding by industry levy or write access for users, as potentially controversial.
Finally, the Review argues for additional regulatory guidance for AI. The FCA and Prudential Regulation Authority should clarify how existing rules apply in an AI context, and their expectations about governance and accountability, explainability and customer understanding, and the required degree of human intervention or oversight. Additional guidance should also clarify how equality and data protection requirements apply to AI and how they interrelate with financial services regulation. We support these suggestions fully. We have ourselves argued that more regulatory guidance and cooperation are necessary to foster AI innovation, especially in significant public interest areas such as support for vulnerable customers and financial inclusion. The Review also calls on the Government to review the future legal and regulatory framework for AI, including the role of ethics. The publication of the EU new AI legislative framework, currently expected in April, could represent a further incentive for the UK government to undertake such an exercise sooner rather than later.
Promoting the digitisation of financial services
The Review argues that digitisation of financial services can create a fertile environment for FinTech to flourish and support more customer-centric and efficient financial markets. It identifies four key examples:
- Introducing a UK Central Bank Digital Currency (CBDC) could support innovation in payments and the adoption of new technologies, including Distributed Ledger Technology. Interoperability, with other CBDCs and forms of money, and privacy will be primary considerations. Addressing these will require close collaboration between the Bank of England, HM Treasury, and the Information Commissioner's Office.
- A new UK regime for the regulation of cryptoassets could give market credibility to many crypto-providers. This would allow them to grow while ensuring consumers remain adequately protected. According to the Review, the regime should capture a broad range of unregulated cryptoassets (e.g. Bitcoin) in line with the EU Markets in Crypto-assets proposal. It should also consider future challenges, such as the regulation of decentralised finance (DeFi). The Government has recently proposed focusing narrowly on tokens used as a means of payment for the time being. Accepting the Review's recommendation would require a significant change in approach, in our view.
- Supporting the digitisation of Financial Markets Infrastructure (FMI). The Review calls for modernised rules to enable FMIs to process digital financial instruments. This would require a review of the regulatory environment to facilitate digital technology uptake, such as tokenised securities trading and digital reporting.
- Support for Environmental, Social, and Governance (ESG) initiatives. FinTech could help firms collect and process ESG data using innovative technology solutions. However, to realise FinTech's potential, the UK needs to address significant obstacles, such as the lack of common data reporting standards, differences in terminology, multiple taxonomies, non-standardised data and significant data gaps.
In addition to the FinTech priority areas described above, Government and regulators should also consider whether any other policy or regulatory aspects may not have kept pace with innovation and require adjustment. They should leverage various other initiatives currently underway for this purpose. These include the Treasury Select Committee inquiry on the Future of Financial Services, Lord Hill's review of the UK listings regime, and the Government's Future Regulatory Framework and Payment Landscape reviews. Finally, the Review calls on the Government to establish a Digital Economic Taskforce to deliver the FinTech strategy.
2. Establishing a "Scalebox" to support the growth of innovative firms.
One of the Review's key recommendation is establishing a Digital Scalebox to give FinTech and RegTech additional support, particularly in their growth phase and/or in relation to the Priority Fintech Areas.
The concept of the Scalebox includes enhancing the FCA's regulatory sandbox, making permanent the digital sandbox pilot, and introducing measures to support partnering between incumbents and FinTech and RegTech firms.
Enhancements to the FCA's regulatory sandbox would include making it available on a rolling basis, broadening the eligibility criteria, and creating a dedicated space and specialist support for the Priority Fintech Areas.
A permanent "digital sandbox" would support innovation at the proof of concept stage, also with a focus on the Priority FinTech Areas. Given its expertise in sandboxes and TechSprints, the FCA should initially be responsible for developing the design and nature of a permanent digital sandbox offering. A neutral non-regulatory body could take responsibility in time, while the FCA would continue to offer regulatory guidance and assistance.
The Review also proposes several measures to facilitate partnerships between incumbents and smaller innovative firms. Two proposals caught our attention. The first involves introducing an accreditation regime for unregulated service providers, albeit not administered by the FCA. The second is about creating direct obligations for unregulated providers to comply with outsourcing requirements applicable to regulated firms, without specifying which regulator should impose and enforce this obligation. If adopted, these could have significant implication for third parties and outsourcing in financial services. The result would be a limited form of regulation for these service providers. Similar to the proposed EU Digital Operational Resilience Act (DORA), it could bring third-party ICT providers much closer to (or even within) the regulatory perimeter. This is an approach the UK financial services regulators have so far resisted. But the arguments in its favour seem to be gaining momentum.
3. Ensuring FinTech is an integral part of the UK's trade policy.
The third and final recommendation of the Review is to ensure the UK develops a coherent and consistent global trade policy concerning FinTech and digital matters. Through future trade agreements and other bilateral mechanisms (such as FinTech Bridges), the UK should secure commitments that would benefit FinTechs. Commitments could include enhanced regulatory cooperation and free flow of personal and non-personal data, preferably in machine-readable and open formats.
Conclusion and next steps
The Kalifa Review lays out an ambitious vision and plan to capitalise on the UK FinTech and financial services sector's current strengths and secure its future growth and success. The Review is clear that the modernisation of the UK's policy and regulatory frameworks is essential to deliver this vision.
Yet the Review’s three main recommendations encompass a dozen sub-recommendations, each of which seems to be equal in terms of priority. Several will place significant demands on the regulators’ resources, and in particular the FCA. According to the Review, some may require a reconsideration of the FCA’s objectives. It remains to be seen whether the regulators will increase their capacity (and, if they do, how this will be funded) or reallocate resources from other activities.
The next step is for the UK Government to consider the recommendations made by the Kalifa review. Its response, expected in April on the occasion of UK FinTech Week 2021, will set the direction of travel for the UK's digital finance legislative and regulatory agenda for the next several years.
"Fintech is a fast-paced sector. Policy-makers and regulators need to keep pace with the rate of change of business and technological developments and respond to emerging risks and opportunities. It is important that the future regulatory framework does not hinder their ability to do that."