New technologies are disrupting the investment management industry – from the back office through to distribution – and are causing regulators to question the adequacy of existing rules.
Innovation and automation are starting to disrupt and reshape the investment management industry, and regulators recognise the potential benefits. However, it is also causing them to question whether existing rules and supervisory approaches are fit for purpose. Prior concerns about cyber-security, money laundering and terror financing are amplified by recent attacks.
Regulators appear to join investors in embracing the benefits of technology innovation. The European Commission, for example, has said it will “continue to promote the development of the FinTech sector and ensure that the regulatory environment strikes an appropriate balance between promoting FinTech and ensuring confidence for companies and investors”. National regulators are also recognising the opportunities and are happy to facilitate the roll-out of FinTech.
At the same time, however, regulators are considering the risks of this technology trend. Among them, the EU has employed a new internal taskforce to investigate Europe’s FinTech industry amid concerns customers and consumers are not adequately protected.
As robo-advice has grown to be a key component of the FinTech revolution, impacting asset allocation, portfolio selection and trade execution, many regulators see it as a force for good. In Hong Kong, for example, internet distribution platforms and robo-advice have been welcomed by the regulator as a way to break banks’ stranglehold over fund distribution.
There is also concern about the impact of robo-advice, though, with IOSCO stating that consumers should receive appropriate advice, the same as for the face-to-face advice model. While most national regulators believe their existing rules are adequate, some regulators acknowledge that their supervisory techniques must evolve too.
Distributed ledger technology (DLT) has huge potential implications in the investment management industry for settlement, and for back and middle offices. Integrating DLT with existing regulatory and legal frameworks is seen as one of the biggest adoption challenges. However, regulators are starting to address the issue.
A European Central Bank committee on payments and market infrastructures said DLT could pose new risks to the financial system, including potential uncertainty about operational and security issues as well as potential legal and operational obstacles.
ESMA identified possible benefits of DLT but also outlined technological shortcomings, as well as governance, privacy, regulatory and legal issues. Key risks are cyber, fraud, money laundering, operational, herding behavior (increased market volatility) and unfair competition. It said that active engagement from regulators and co-ordination at EU and international level is paramount to ensure that applications of DLT do not create unintended consequences.
Many regulatory bodies were already attuned to data and cybersecurity issues. The events in May 2017 amplified concerns and a sense of urgency.
In Europe, ESMA’s Supervisory Convergence Programme for 2017 includes data as one its four main priorities. It believes data quality will be essential as national regulators prepare for and enforce compliance with the various reporting requirements under MiFID II/MiFIR, EMIR and AIFMD, and it emphasises focus on the development of supporting IT infrastructure.
Regulators in the US and Japan are other examples of countries that were already focusing increasingly on risks around data and cybersecurity for financial services firms. The Australian prudential regulator has written to pension fund trustees asking them to focus on data quality. It is also concerned that schemes are providing bulk extracts of sensitive data to third-party providers, albeit it for legitimate business reasons.
In particular, with the growth of technology and increased access to data, regulators are concerned that data could be leveraged for money laundering purposes. Therefore, the regulatory threshold for AML is rising among regulators, in Singapore and Europe for example.