By John de Kroon, Senior Consultant,
and Joana Elisa Maldonado, Regulatory Compliance Assistant
Financial innovation is gaining momentum – and the regulatory response is not long in coming. Finalyse’s FinTech Corner helps you catch up with the rapidly evolving feedback loop between innovation and regulation.
Big data is increasingly used in the banking, insurance and securities sector and by FinTech start-ups. Currently, different regulations from adjacent areas apply to the analysis and use of big data. Now, the European supervisors awake to the quickly evolving financial innovation and assess the need for specific regulation of the field: in December 2016, the Joint Committee of the European Supervisory Authorities (JCESA) issued a discussion paper on the use of big data by financial institutions. With this report, the European Supervisory Authorities (ESAs) seek advice from stakeholders on the use of big data and potential regulatory responses. We summarise here the key points of the document, which includes a preliminary impact assessment and an overview of the current regulatory framework.
Financial companies have always used data, but nowadays data is generated, collected, stored and processed at unprecedented rates. Observing that the entire sector is being reshaped by data analytics and personal data is being used motivates the JCESA report. The ESAs understand big data based on the European Commission’s concept of three V’s: with volume, variety and velocity, they define it as the collection, processing and use of a large amount of data, which varies in type and source, and is generated and processed at high speed. The concept of big data is hence not limited to the data itself, but also refers to the different technologies and procedures for processing and analysing it.
Big data can reveal patterns and correlations, generate new ideas and solutions and accurately predict future events. The ESAs observe big data use by business to improve product development, internal efficiency, marketing campaigns, fraud detection, pricing, targeted offers, distribution and regulatory compliance. Collected data for these purposes are, for example, ID or contact details, browsing history, professional data, personal interests, financial and payment data, consumer complaints, location data, or medical information. Banks, for example, use financial payment data for credit worthiness tests. Insurers make use of telematics boxes in cars, smart homes and wearable devices to monitor behaviour and individually adapt prices by granular segmentation of risks. Asset managers base their investment strategies and financial risk management on big data. Corporates enhance financial analysis by adding non-traditional data sources to economic results. Aggregator services use financial and payment data from bank accounts of consumers for dashboard and accounting products.
The report does not include statistics about the use of big data, but observes that Chief Data Officers are increasingly appointed within financial institutions. The ESAs suspect that many firms may already be using big data without making it public to avoid reputational risk and actions by competitors.
The report includes an impact assessment of big data, which takes the form of an unstructured qualitative brainstorming of potential benefits and risks for both financial services firms and their clients. The table on the next page structures and summarises the key points identified in the analysis.
The document also comprises a description of the patchwork of different regulations that currently apply to the use of big data in the financial industry. Depending on the type of data and business purpose, different regulations from three areas apply: Data protection regulations, consumer protection regulations and financial sector regulations. When personal data is used, strict data protection legislation applies. Concerning marketing and sales practices, there are national laws conformable to several European directives. Finally, financial regulation with its strict investor protection and disclosure rules applies in financial services. The ESAs do not give their opinion on the currently applying regulations. However, they indicate that the existing framework is most likely ‘flexible enough to cover big data and announce that they will determine at a later stage if further regulatory action is necessary.
The ESAs provide statistics to emphasize that, for big data, regulatory compliance is not only relevant to avoid sanctions, but also to ensure consumer trust and a good reputation.
For example, according to the Eurobarometer, 69% of Europeans are concerned that their personal data held by companies might be used for a purpose other than that for which it was collected.
Therefore, the challenge for the implementation of big data processes and, as a consequence, changing business process in the financial industry consists of the effective cooperation between technical and legal experts.
The ESAs conclude that the use of big data has the potential to grow and become a key determinant of competitive advantage in the future. They observe that the interest of financial institutions in big data is increasing, fuelled by the competition from (partly non-financial) technology firms, which have already collected large amounts of data on consumers. However, the market analysis of the authorities concludes that the capacity of incumbents to adopt innovative ideas should not be underestimated and that a majority of financial services providers sees big data as an opportunity.
The bottom line of the JCESA report is that in today’s market environment, financial institutions’ success is based on partnerships with digital companies, quick adaptation to the technological evolution and close cooperation between technology and legal experts.
For the creation of customised regulation for big data, further analysis should be done. The JCESA impact assessment is more a diffuse collection of ideas than a structured fact-based impact assessment and reflects the problematic of the confusing patchwork of regulations. It shows that a better understanding of policy makers and clear regulation are needed for FinTech innovations.
Do you agree with the statements of the European supervisors? Do you think regulatory or supervisory action is needed in the field of big data? Are the existing regulations unjustified barriers? Do the authorities have a realistic view on the benefits and risks posed by the use of big data? Are you using big data? Is there a level playing field? If not, which barriers do you see? Give your opinion on the JCESA discussion paper in the public consultation on the ESMA website (until 17 March 2017) or discuss with our regulatory experts and industry peers via Twitter @finalysegroup, #bigdata.