On 8 March 2018, the European Commission (EC) published its Action Plan to strengthen digital transformation in the financial sector, in an attempt to foster greater competition among market participants. In June 2017, and on the occasion of the mid-term revision of the draft Capital Markets Union (CMU), the EC highlighted the potential of FinTech in the transformation of the capital markets as much as the application of new technologies in the financial sector not only facilitates the incorporation of new market players in financial activities, but also helps encourage improvements and the development of technology solutions applied to the financial industry.
In order to draft this Action Plan, the EC conducted a public consultation in March 2017. The Plan has 19 measures affecting three EC Directorates-General: Financial Stability, Financial Services and Capital Markets Union (DGFISMA); Jobs, Growth, Investment and Competitiveness; and Digital Economy and Society.
The 19 measures included in the Plan can be grouped together in three main blocks – without including the EC proposal on crowdfunding, which is analysed in another article in this Bulletin – as follows:
1) Measures to foster Europe-wide innovative business models.
2) Fostering an interest in technology innovation in the financial sector.
3) Strengthening the security and resistance of the financial sector.
Noteworthy among the specific measures contained in the Plan are the following:
1) The creation of an EU FinTech Laboratory as a specific space for engagement between the public and private sectors.
2) The creation of the Blockchain Observatory and Forum, which has already been set up.
3) Boost the digitalisation of information published by listed companies, including the use of innovative technologies to connect national data bases.
4) The promotion of workshops to share experiences on cyber-security.
5) The promotion of best practices on establishing sandboxes.
Firstly, in order to foster Europe-wide FinTech business models, the EC proposes the following measures:
1) To establish clear and consistent licensing requirements for FinTech companies that operates in the European Union (EU). This proposal will be shored up through the following actions:
a. Development of a Europe-wide system for crowdfunding platforms authorised by the European Securities and Markets Authority (ESMA). In fact, as mentioned above, the EC has already presented a proposal for a Regulation on European Crowdfunding Service Providers (See article in this Bulletin).
b. Drafting of a map on the procedures and requirements to authorise FinTech companies by different national supervisory authorities, in particular on how to apply the principles of proportionality and flexibility. This map will be drafted by the three European Supervisory Authorities (ESAs).
c. Monitoring of crypto-asset issues through Initial Coin Offerings (ICO), in order to assess the suitability of undertaking regulatory proposals.
2) To promote common standards applicable to FinTech companies and foster interoperability among new FinTech companies and incumbents. In this regard, the EC intends to promote:
a. Greater coordination in drawing up standards for FinTech companies in close collaboration with standard-setters.
b. The development of Application Programming Interfaces (APIs) for market players, compatible with the Payment Services Directive and the EU General Data Protection Regulation. Greater interoperability, portability and competition in the sector can be achieved through APIs.
3) To adopt different measures that facilitate Europe-wide innovative business models, such as:
a. Request the ESAs, before the end of the first quarter of 2019, and based on the results of the map mentioned above (1.b), to identify the best practices applicable in this sector of activity and, when suitable, to issue guidelines.
b. Request the ESAs to coordinate and promote the exchange of best practices and information on innovation hubs and sandboxes among the Competent National Authorities.
c. The publication by the EC of a report on best practices on sandboxes before the end of the first quarter of 2019.
Secondly, the EC verified that the dynamic nature of technology applied to the financial system is very high, which means that experts and users may quickly lag behind and that the regulation cannot be fully developed – either directly or, more likely, indirectly – as it constrains innovation or is not technologically neutral. In order to reduce these risks, the EC will implement the following actions:
1) Revision of financial regulation for the purpose of assessing its neutrality regarding the applicable technologies through the creation of a working group.
2) Removal of regulatory obstacles to the use of cloud services by
a. Requesting that ESAs explore the need to draft guidelines on outsourcing to cloud services providers before the end of the first quarter of 2019.
b. Inviting cloud service providers to draw up internal codes of conduct.
c. Inviting members of the financial industry to provide data portability.
d. Promoting the standardisation of contractual clauses among cloud service providers and financial institutions.
3) Promote different blockchain actions, including:
a. The digitalisation of information provided by listed companies, including the potential creation of a European financial transparency portal based on blockchain.
b. Maintaining the continuity of work to foster the use of blockchain at a RegTech and FinTech level.
c. Launching an observatory on the use of blockchain in the EU in order to update the development of this technology and swiftly detect potential regulatory problems that limit its use – set up by the EC in February 2018.
4) Creation of an EU FinTech Laboratory in the EU that allows ongoing dialogue between FinTech companies and EU supervisors and regulators, facilitating to this end a neutral and non-commercial space to share knowledge and experiences.
Lastly, technology development and its applications to the financial sector can increase the risk of error in the IT security of financial companies as well as greater risk of suffering cyber-attacks. To avoid this, and in order to strengthen the IT security of the financial sector in the EU, the EC will implement the following measures:
1) Organise workshops to foster collaboration between the public and private sector.
2) Invite ESAs to draw up a map on best practices on governance and IT security requirements before the end of the first quarter of 2019, analysing the suitability of issuing guidelines on these aspects and, should this prove necessary, of providing the EC with potential legislative proposals.
3) Invite ESAs, before the end of the first quarter of 2018, to make an assessment of the costs and benefits of the development of a framework to verify the resistance of financial institutions to cyber-attacks.
The different activities that make up this Plan are subject to a very demanding schedule between the first quarter of 2018 and the second quarter of 2019. One of the most important milestones will be the EC proposal on ICOs at the end of 2018, since this will set the trend to be followed by all the members of the EU on this type of transactions.
Link of interest: