Fiduciaries

'In Code(rs) We Trust: Software Developers as Fiduciaries in Public Blockchains' by Angela Walch in Philipp Hacker, Ioannis Lianos, Georgios Dimitropoulos and Stefan Eich (eds), Regulating Blockchain. Techno-Social and Legal Challenges (Oxford University Press, 2019 comments 

This chapter addresses the myth of decentralized governance of public blockchains, arguing that certain people who create, operate, or reshape them function much like fiduciaries of those who rely on these powerful data structures. Explicating the crucial functions that leading software developers perform, the chapter compares the role to Tamar Frankel’s conception of a fiduciary, and finds much in common, as users of these technologies place extreme trust in the leading developers to be both competent and loyal (ie, to be free of conflicts of interest). The chapter then frames the cost-benefit analysis necessary to evaluate whether, on balance, it is a good idea to treat these parties as fiduciaries, and outlines key questions needed to flesh out the fiduciary categorization. For example, which software developers are influential enough to resemble fiduciaries? Are all users of a blockchain ‘entrustors’ of the fiduciaries who operate the blockchain, or only a subset of those who rely on the blockchain? Finally, the chapter concludes with reflections on the broader implications of treating software developers as fiduciaries, given the existing accountability paradigm that largely shields software developers from liability for the code they create. 

CryptoAssets and the Crypto Economy

The UK Financial Conduct Authority Research Note on Cryptoasset Consumer Research 2020 states 

In October 2018, we published a joint report, alongside the Bank of England and the Government, as part of a UK Domestic Taskforce on Cryptoassets. In the document, we provided an overview of the state of the UK cryptoassets market and committed to several actions. Whilst the Taskforce report identified 3 major risks of harm associated with cryptoassets - to market integrity, of financial crime and to consumers - we also acknowledged the limited amount of detailed, credible evidence on this rapidly-evolving market. 

The FCA commissioned research to gain insight into the size of the market and identify potential harm. In March 2019, we published consumer research into ‘consumer attitudes and awareness of cryptoassets’. Through a nationally representative survey of 2,132 UK consumers and 31 in-depth interviews, this research provided invaluable insights into the size of the market and where potential harms could be found. It concluded that the size of the market was relatively small with 3% of consumers having ever bought cryptoassets, spending on average £200. It also showed that awareness of cryptoassets among the general population was low. 

Whilst these results were informative and taught us much about consumers’ attitudes and motivations in relation to cryptoassets, both aspects of the research had certain limitations. The qualitative research was exploratory and reached a sample of 31. The nationally representative survey started with 2,132 participants, but the specific follow- up questions related to cryptocurrency ownership were only applicable to a small sub-set of 51 adults, as the remaining individuals in the overall study population had not purchased cryptocurrencies. 

A year on, we commissioned follow-up quantitative research among a larger sample of cryptoasset owners, to ensure our understanding of consumer behaviour and areas of potential harm remain accurate. This research was designed to help us build on the previously gained insight into how consumers interact with the cryptoassets market. 

Through a longer survey and larger sample sizes, we have been able to understand whether and how the market has changed over the past year. Thirteen current or former cryptocurrency owners also provided video interviews to help us gain deeper insights from the consumer perspective. This research relates to cryptoassets that are, generally, outside of the regulatory perimeter. They are unregulated transferable cryptoasset tokens including well-known tokens such as Bitcoin, Ether and Ripple. As they are unregulated, we do not otherwise hold significant relevant data about them. The market sizing data, insight into consumer profiles and attitudes towards cryptoassets in the UK included in this research is otherwise unavailable. 

... To note, we chose to use the term ‘cryptocurrency’ throughout the questionnaire. This term is more widely used in public domain than the broader ‘cryptoasset’ term we tend to prefer. We also use ‘exchange’ to represent ‘cryptoasset trading platforms’, given ‘exchange’ is widely understood and used by consumers.

The FCA's Key findings are - 

We estimate 3.86% of the general population currently own cryptocurrencies. This amounts to approximately 1.9 million adults with the UK population (over 18) taken to be approximately 50 million. 

• 75% of consumers who own cryptocurrencies hold under £1,000. 

• Technical knowledge appears high among most cryptocurrencies owners. Most consumers seem to understand the risks associated with the lack of protections, the high volatility of the product and have some understanding of the underlying technology. 

• Nevertheless, the lack of such knowledge among some presents potential consumer harm to consumers. 11% of current and previous cryptocurrency owners thought they were protected. This amounts to approximately 300,000 adults. 

• The most popular reason for consumers buying cryptocurrencies was as ‘as a gamble that could make or lose money’, acknowledging that prices are volatile. 

• Cryptocurrency exchanges are a key market participant and most consumers used non-UK based exchanges. 

• Adverts are important components of the consumer journey with the ability to influence consumer sentiment. Other mediums such as traditional media and online news also impact consumer behaviour. 

• 45% of all current and previous cryptocurrency owners said they had seen a cryptocurrency related advert. Of these, 35% or approximately 400,000 adults, stated it made the purchase more likely. 16% of current and previous cryptocurrency owners were influenced by an advert. 

Year on year differences 

• The research findings highlight a statistically significant increase from 3% in the 2019 FCA Consumer Research to 5.35% this year in those who hold or held cryptocurrencies. This represents an increase of 2.35 percentage points, from approximately 1.5 million people to 2.6 million people. 

• This year 27% had never heard of cryptocurrencies, compared with 58% in our survey last year. This represents a statistically significant increase in the percentage of those being aware of cryptocurrencies from 42% to 73% of adults. 

• The media’s role in raising consumer awareness about cryptocurrencies has risen.

'The Size of the Crypto Economy: Calculating Market Shares of Cryptoassets, Exchanges and Mining Pools' by Konstantinos Stylianou and Nic Carter in (2020) 16(4) Journal of Competition Law & Economics 511–551 comments 

Cryptoassets and related actors such as crypto exchanges and mining pools are now fully integrated into mainstream economic activity. A necessary corollary is that they have attracted heightened regulatory and investor scrutiny. Although some rules and obligations apply uniformly across all economic actors in a given sector, many others, such as antitrust laws and some financial regulations as well as investor decisions are informed by actors’ relative economic size—meaning that those with larger market shares can become more attractive regulatory or investing targets. It is therefore a foundational issue to properly measure the economic footprint of economic actors in the crypto economy, for otherwise regulatory oversight and investor decisions risk being misled. This has proven a remarkably difficult exercise for multiple reasons including unfamiliarity with the underlying technology and role of involved actors, lack of understanding of the applicable metrics’ economic significance, and the unreliability of self-reported statistics, partly enabled by lack of regulation. Acknowledging the centrality of cryptoasset size in a number of regulatory and policymaking areas and the fact that previous attempts have been incomplete, simplistic, or even plainly wrong, this paper presents the first systematic examination of the economic footprint of cryptoassets and their constituent actors—mining pools and crypto exchanges. We aim to achieve a number of objectives: to introduce, identify, and organize all relevant and meaningful metrics of crypto economic actors market share calculation; to develop associations between metrics, and to explain their meaning, application, and limitations so that it becomes obvious in which context metrics can be useful or not, and what the potential caveats are; and to present rich, curated, and vetted data to illustrate metrics and their use in measuring the shares of crypto economic actors in their respective markets. The result is a comprehensive guidance into the size of the crypto economy.

'Regulating Libra' by Dirk A Zetzsche, Ross P Buckley and Douglas W Arner in (2020) Oxford Journal of Legal Studies comments 

Libra is the first private cryptocurrency with the potential to change the landscape of global payment and monetary systems. Due to the scale and reach provided by its affiliation with Facebook, the question is not whether, but how, to regulate it. This article introduces the Libra project and analyses the potential responses open to regulators worldwide. We conclude that perhaps the greatest impact will come not from Libra itself, but rather from reactions to it, particularly by other BigTechs, incumbent financial institutions and governments around the world.

Regulatory Incapacity

'Mortgage Broking, Regulatory Failure and Statutory Design' by Jeannie Marie Paterson and Elise Bant in (2020) 31(1) Journal of Banking and Finance Law and Practice comments

 The Royal Commission into Misconduct in the Banking, Insurance and Financial Services Industry and the Productivity Commission Report into Banking raised questions about the quality of the service provided by mortgage brokers to consumers and recommended far-reaching changes to the way in which the mortgage broking industry is regulated. In response, the Commonwealth Government has recently introduced a “best interests” duty and tighter regulation of commissions. This new regime has potentially far-reaching significance, as the broking industry itself is at the threshold of considerable technological change prompted by the introduction of the Open Banking’s initiative. This article assesses the reforms in terms of: (1) efficacy in improving the quality of the service provided by mortgage brokers; (2) fit with the existing regime, including insights from fiduciary law; and (3) flexibility in adapting to technological innovation. It aims to highlight the importance of good legislative design in responding to concerns about the effective functioning of a regulated market. 

The same issue features 'Trust, Social Licence and Regulation: Lessons from the Hayne Royal Commission' by Anne Matthew, offering

 a critical approach to examining key findings of the Hayne Royal Commission, using institutional theory as a lens. Institutional theory positions the social contract within its understanding of laws, rules and norms. It is argued that the Royal Commission’s recommendations calling for a stronger regulatory response and simplification of the law are supported by institutional theory. Enforcement and simplification can provide clarity that the law is in fact a rule of the game and ensure that the institutional rules are in a strong position to influence behaviour. The role of the regulator in this process is pivotal.

'Product Intervention Power: An Extra Layer of Protection to Consumers' by Marina Nehme, comments

 In April 2019, the Australian Securities and Investment Commission (ASIC) was provided with the power to issue product intervention orders – that is, where a financial services/credit product available to retail clients/consumers has caused, will cause or is likely to cause a significant consumer detriment, ASIC may “regulate, or if necessary, ban” that product. The Treasury Laws Amendment (Design and Distribution Obligations and Product Intervention Powers) Act 2019 (Cth) also empowers ASIC with design and distribution powers for financial services/credit products; this power will come into effect in April 2021. These powers have been on the horizon since the Financial System Inquiry in 2014, which hoped that product intervention powers (PIPs) might help to “build consumer confidence and trust in the financial system”. This aim remains urgent, particularly following well-publicised findings by the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry of poor and even illegal practices in the financial industry. This article analyses these reforms with the aim of understanding the extent to which PIPs might enhance the regulatory regime and promote consumer trust.

Victoria Stace's  'Consumer Lending by New Zealand Banks After the Royal Commission – Business as Usual or More Responsibility Required?' comments

This article looks at the question of whether banks in New Zealand – which are for the most part wholly owned subsidiaries of Australian banks – would be acting in breach of New Zealand’s responsible lending laws if they engage in certain conduct that was found by the Australian Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry to be in breach of the Australian responsible lending laws. This involves considering the differences between the responsible lending laws in each jurisdiction, and assessing whether the conduct identified by the Royal Commission to be in breach of Australian laws would contravene New Zealand’s equivalent laws. The article focuses on the lender’s obligation to assess whether the proposed credit will cause the borrower substantial hardship, as this was a particular focus of the Royal Commission.

Steve Kourabas's 'Prudential Regulation in Australia and the Banking Royal Commission: A Missed Opportunity for Reform?' argues

The global financial crisis (GFC) revealed fundamental regulatory weaknesses in many of the world’s leading financial jurisdictions. In particular, there was a lack of attention to risks of a systemic nature. Post-GFC regulatory reforms in many of the world’s leading financial jurisdictions have sought to address this problem through the introduction of regulation that emphasises the systemic nature of financial risk as well as changes to regulatory structures. However, Australian policy-makers and regulators have tended to focus more on market conduct and consumer protection matters as evidenced during the recent Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry. This article argues that the secondary status of systemic financial stability as a regulatory concern in Australia following the GFC undermines the centrality of systemic financial stability as a regulatory goal. The article proposes a number of reforms that have been introduced in jurisdictions such as the United Kingdom to give effect to global best practice following the GFC and that have as their key aim the maintenance of systemic financial stability.

'Role and Effectiveness of ASIC Compared with the SEC: Shedding Light on Regulation and Enforcement in the United States and Australia' by Zehra G Kavame Eroglu and KE Powell  comments

The Australian Securities and Investments Commission’s (ASIC) regulatory oversight of securities and financial markets has increased considerably over time. However, the wisdom of this model has recently been challenged by the Hayne Royal Commission as ASIC’s enforcement activities were found to be relatively toothless. Accordingly, many criticised the agency and called for further ASIC reform. After the Global Financial Crisis, the US Securities and Exchange Commission (SEC) faced similar criticisms of regulatory failure. As such, this article analyses the SEC regulatory structure, enforcement activities and governmental resources, and compares certain indicators of effectiveness with those of ASIC over the past quarter-century. By comparing ASIC with the world’s biggest capital market regulator this article analyses the viability of further reform of ASIC and argues that ASIC is woefully under-resourced to engage in increased enforcement action. 

Fintech Regulation and Disruption

'Dealing With Disruption: Emerging Approaches to FinTech Regulation' by Saule T Omarova in (2020) 61 Washington University Journal of Law and Policy 25 comments

 This article examines the emerging regulatory responses to an ongoing fintech disruption of traditional finance. Focusing primarily on the U.S. experience to date, it offers a three-part taxonomy of principal approaches to fintech taken by financial regulators: what I call the “experimentation” approach, the “incorporation” approach, and the “accommodation” approach. Within this framework, the article analyzes the pros and cons of establishing regulatory sandboxes and innovation hubs, issuing special fintech charters, and pursuing various regulatory-adjustment measures under a broad heading of RegTech.

'COVID-19 As a Force Majeure in Corporate Transactions' by Matthew Jennejohn, Julian Nyarko and Eric L. Talley comments

This paper surveys the use of pandemic-related provisions in Material Adverse Effects ("MAE") provisions in a large data set of publicly disclosed M&A transactions spanning the years 2003-2020. We document a trend towards greater use of such provisions, taking off particularly after the H1N1 crisis in 2009, and spiking again in late 2019 and early 2020. These terms are invariably located in the exclusions/carve-outs to the MAE, and they are overwhelmingly accompanied by "disproportionate effects" language that tends to dampen the effect of the carve out. There is little discernible statistical relationship between the inclusion of a pandemic-related carve-out and the inclusion of a reverse termination fee ("RTF") granting optionality to the buyer; but when an RTF is present, its magnitude tends to be smaller in the absence of any pandemic-specific carve-out, suggesting some degree of observational complementarity between these terms.

Exits

'Exit Strategy' (Stanford Law and Economics Olin Working Paper #542) by Mark A. Lemley and Andrew McCreary comments

 In Silicon Valley, the most important thing to think about when starting a company is how you’re going to end it. The venture capital funding model that dominates the tech industry is focused on the “exit strategy” — the ways funders and founders can cash out their investment. While in common lore the exit strategy is an initial public offering (IPO), in practice IPOs are increasingly rare. Most companies that succeed instead exit the market by merging with an existing firm. And for a variety of reasons, innovative startups are especially likely to be acquired by the dominant firm in the market, particularly when they are venture funded. 

In this paper, we argue that this focus on exit, particularly exit by acquisition, is pathological. It leads to concentration in the tech industry, reinforcing the power of dominant firms. It short-circuits the development of truly disruptive new technologies that have historically displaced incumbents in innovative industries. And because incumbents often buy startups only to shut them down, intentionally or not, it means that the public loses access to many of the most promising new technologies Silicon Valley has developed. 

There has to be a better way. We suggest a number of ways to break the cycle of acquisition by incumbents, including changing the incentives that favor acquisition over continued operation, finding other ways to fund startups or to allow venture capital firms to cash out without an acquisition, and changing the antitrust laws to focus on who is acquiring startups. These solutions won’t fix the problem of today’s entrenched tech monopolies. But they will allow the next generation of companies that might displace the tech giants to make it to market.

Payments, Risk and Info

'Mapping the Shadow Payment System' (SWIFT Institute Working Paper No. 2019-001 and Oxford Legal Studies Research Paper No. 55/2019) by Dan Awrey and Kristin van Zwieten comments 

Recent years have witnessed the emergence and rapid growth of a large, diverse, and constantly evolving shadow payment system. The shadow payment platforms (SPPs) that populate this system perform many of the same core payment functions as conventional deposit-taking banks: including custody, funds transfer, and liquidity. The crucial difference is that SPPs operate outside the perimeter of bank regulation, thereby depriving customers of the deposit guarantee schemes, lender of last resort facilities, special resolution regimes, and other legal protections typically enjoyed by bank depositors. This paper represents the first attempt to map the global shadow payment system and identify what mechanisms, if any, SPPs use to protect their customers. Examining the business models and customer contracts of over 100 SPPs, we find that it is often difficult to ascertain information essential to evaluating levels of customer protection and, where such information is available, that customers generally enjoy relatively limited structural, contractual, or other private legal protections. This puts enormous pressure on public regulatory frameworks to ensure a sufficient level of consumer protection. Regrettably, we also find that the applicable regulatory frameworks in several key jurisdictions often provide a level of protection that is far below that enjoyed by bank depositors. These findings suggest that, at least from a consumer protection perspective, SPPs are currently not an effective substitute for bank-based payment systems.

'The Dark Side of Digital Financial Transformation: The New Risks of FinTech and the Rise of TechRisk' by Ross P. Buckley, Douglas W. Arner, Dirk A. Zetzsche and Eriks Selga comments

Over the past decade a long-term process of digitization of finance has increasingly combined with datafication and new technologies including cloud computing, blockchain, big data and artificial intelligence in a new era of FinTech (“financial technology”). This process of digitization and datafication combined with new technologies is taking place in developed global markets and at times even faster in emerging and developing markets. The result: cybersecurity and technological risks are now evolving into major threats to financial stability and national security. In addition, the entry of major technology firms into finance – TechFins – brings two new issues. The first arises in the context of new forms of potentially systemically important infrastructure (such as data and cloud services providers). The second arises because data – like finance – benefits from economies of scope and scale and from network effects and – even more than finance – tends towards monopolistic or oligopolistic outcomes, resulting in the potential for systemic risk from new forms of “Too Big to Fail” and “Too Connected to Fail” phenomena. To conclude, we suggest some basic principles about how such risks can be monitored and addressed, focusing in particular on the role of regulatory technology (“RegTech”).

'Libra: Is Is Really About Money?' by Valerie Khan and Geoffrey Goodell comments

The announcement by Facebook that Libra will "deliver on the promise of 'the internet of money'" has drawn the attention of the financial world. Regulators, institutions, and users of financial products have all been prompted to react and, so far, no one managed to convince the association behind Libra to apply the brakes or to convince regulators to stop the project altogether. In this article, we propose that Libra might be best seen not as a financial newcomer, but as a critical enabler for Facebook to acquire a new source of personal data. By working with financial regulators seeking to address concerns with money laundering and terrorism, Facebook can position itself for privileged access to high-assurance digital identity information. For this reason, Libra merits the attention of not only financial regulators, but also the state actors that are concerned with reputational risks, the rule of law, public safety, and national defence. 

The authors argue

These days we are often too impatient to read a book or an article from beginning to end. But in today’s short attention-span culture, it might be ever more important to ensure you don’t miss out on the final message – or maybe something that was intentionally buried in a document to be hidden. In movies, this would be called a prolepsis: a scene that temporarily jumps the narrative forward in time. In the case of Libra, the prolepsis can be found in Section 5: “An additional goal of the association is to develop and promote an open identity standard. We believe that decentralized and portable digital identity is a prerequisite to financial inclusion and competition.” 

That is not to say that launching an association of members that aims to create “a reliable digital currency and infrastructure that together can deliver on the promise of ‘the internet of money’” is not a massive statement. It is! But it also keeps us busy trying to think about the reaction of regulators and banks: how will China respond and how will central banks deal with the accumulation of assets to guarantee a stable value for their coin-to-be? Will it still be possible to tax a transaction? These are all important questions. But what if this is a decoy? 

What if there is something more? What if Libra is actually aiming to own the solution to the even bigger and older problem of digital identity? As the classic “New Yorker” cartoon put it, “on the internet, nobody knows you’re a dog”. 

Analysing this question will unfold the massive potential of this space, and its specific interest for an advertising company like Facebook. Allowing Facebook to become a crucial player in digital identity for the financial sector will enable it to tighten the knot on the ‘transparent citizen’ by accessing a strong bastion of meaningful data. It will also allow everyone else to purchase the means to manipulate Facebook users, perhaps in pursuit of their respective advertising ideas – some harmless, some of corrupting influence. By dressing this up as a financial inclusion project, Facebook manages to draw financial services regulators to the table. Yet, this should also call everyone who is looking at reputational risks, the rule of law, public safety, and national defence. Otherwise, states and societies might just be designing their Maginot Line.

APRA Capability Review

The national government has released the 192 page report of the Australian Pridential Regulatory Authority (APRA) Capability Review, established following the damning findings in the Hayne Royal Commission reports regarding regulatory incapacity in the relation to supervision of banks, insurers and other finance sector entities.

The Review's Terms of Reference were

 1. Assess APRA’s capability to deliver upon its statutory mandate under the APRA Act and relevant industry acts. 

2. Undertake a forward-looking assessment of APRA’s ability to respond to an environment of growing complexity and emerging risks for APRA’s regulated sectors. 

3. Identify recommendations to enhance APRA’s future capability, having regard to the changing operating environment and any relevant organisational initiatives which are already underway. 

As part of its work the Panel should evaluate the extent to which the following factors support APRA to deliver its statutory mandate:

• well-considered and clear strategy that takes into account the future operating environment, effectively cascaded throughout the organisation; 

• decision-making that balances financial safety and financial stability, and considerations of efficiency, competition, contestability and competitive neutrality; 

• culture that supports supervisory and enforcement actions in support of strategic objectives; • robust internal governance arrangements, supported by fit-for-purpose internal reporting, performance monitoring and audit and assurance activities; 

• appropriate resource allocation, responsive to emerging issues, and efficient utilisation; 

• staff with necessary expertise (for example, industry, technical and data analytics) supported by appropriate tools; 

• sound process and outcomes realised across APRA’s core supervision, policy and resolution functions (including appropriate utilisation of enforcement tools); 

• appropriate engagement with Australian financial sector regulators, including suitable information sharing arrangements; and 

• fit-for-purpose statutory powers. 

In each case, the Panel should focus on those areas considered to be of greatest relevance to the Review objectives. The Panel should to the extent relevant take into account practices of, and benchmark APRA against, comparable international prudential regulators. 

The Panel should also take into account as a starting point relevant recent reviews and reports as they relate to APRA, including the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry Interim and Final Reports, the Productivity Commission’s final report Superannuation: Assessing Efficiency and Competitiveness, the Productivity Commission’s final report Competition in the Australian Financial System, the IMF’s Financial System Stability Assessment of Australia (scheduled for release in early 2019) and APRA’s own internal Enforcement Review (scheduled for completion in March 2019). 

In undertaking its assessment, the Panel should take as given APRA’s legislative framework, except as outlined above in relation to APRA’s statutory powers.

The Review offers the following recommendations -

Maintaining financial stability in an ever changing world 

3.1 While lifting organisational capability across the areas identified in this Review is important and necessary, APRA should retain its long-standing and core capability of fostering financial safety and financial stability. 

3.2 APRA should build credit risk capacity to simultaneously maintain high supervisory intensity in both non-retail and retail credit risk. 

3.3 Reflecting its role as an independent prudential regulator, APRA should take a more transparent and assertive role in articulating the objectives of its macro-prudential policies, the design of the instruments chosen and assessment of its impacts, including on the broader areas of its mandate. APRA should continue to develop its public communication around the extent of systemic risks, conditions required for macro-prudential actions and assessments of any actions taken. 

3.4 APRA should advise the Government of the current state of its resolution capability and crisis preparedness as a basis for assessing whether additional resources are required to advance this work more quickly. This should be completed by the end of 2019. 

3.5 APRA should seek to build strong allegiances with public and private sector experts, other regulators and financial firms to augment its internal capacity and to collaborate on ways to strengthen the cyber resilience of APRA’s regulated sectors. 

3.6 To better prepare for and respond to the consequences of digital innovation and disruption, APRA should increase its IT risk capacity and capability, including though increased collaboration and partnerships. In doing so, APRA should consider the implications of new business models, management and transformation of legacy IT landscapes, greater reliance on third-party providers (for example, cloud providers), and technology-enabled competition. 

3.7 To support its consideration of competition, APRA should: a. create a competition champion within APRA, preferably at Member level. Their role should be to ensure that issues of competition are embedded effectively across all areas of APRA; b. ensure that there is sufficient tension in the internal debate and analysis of competition. It should test how policies are developed and applied by supervisors. This could be done in the Quality Assurance function and reported to the competition champion; and c. report regularly on competition developments in its external accountability assessment (see recommendation 6.4). 

Governance, culture and accountability: Broadening APRA’s approach to supervision 

4.1 As part of its work to revise and enhance its supervisory and policy frameworks, APRA should:

a. ensure the policy framework is focussed on assessing appropriate outcomes around GCA risk in regulated entities, not just appropriate processes; 

b. further develop its toolkit for assessing GCA risks, including board and senior management performance, and ensure that it has an escalating suite of options for engaging with entities; 

c. embed the recent entity self-assessment process into its more intense supervision of GCA risks by making it a biennial requirement. The self-assessments should be more prescriptive than APRA’s recent program, including coverage of questions set out in Appendix 2. The self-assessments, APRA’s assessment of each of them, APRA’s thematic reviews, and any rectification requirements imposed by APRA in response to a self-assessment should be published; 

d. establish an external panel of experts to assist it in undertaking more in-depth assessments of individual entities; and e. explore ways to collaborate with regtech specialists and other experts to develop more efficient and effective tools to identify GCA risks. 

4.2 APRA should build on the CBA Prudential Inquiry and entity self-assessments by embedding CBA-style prudential inquiries as an ongoing part of its supervisory toolkit. The Panel would expect to see several prudential inquiries in the first few years to reinforce the need for rigorous self-assessments (see recommendation 4.1). In time, the inquiries should involve retail and industry superannuation, insurance and ADI entities. 

4.3 The Government should consider providing APRA with a non-objections power to veto the appointment or reappointment of directors and senior executives of regulated entities. This would bring it into line with international regulators and strengthen its capacity to pre-emptively regulate GCA risks. The power should be available to APRA only where the risks associated with the entity, including but not limited to member outcomes for superannuation funds, warrant it. 

Regulating the Superannuation System for members 

5.1 APRA should create a new Superannuation Division, headed by an Executive General Manager. A key focus of the Division should be the overall performance of the superannuation system for members. 

5.2 APRA should embed and reinforce its increasing focus on member outcomes, and continue to ensure that trustees prudently manage member funds. Consistent with this change of approach, APRA should: a. publish objective benchmarks on product performance and publicly take action to demonstrate its expectations for member outcomes; b. develop a superannuation performance tool that replaces PAIRS by the end of 2019. The tool should be focussed on member outcomes; c. update its superannuation reporting standards and collect product level data that facilitates accurate assessments of outcomes and comparability across funds; and d. increase the resourcing dedicated to the superannuation industry. 

5.3 In accordance with recommendation 23 of the Productivity Commission’s Superannuation Inquiry, the Government should legislate to make APRA’s member outcomes mandate more explicit. The Government should clearly outline its expectations for APRA on superannuation in its next Statement of Expectations. 

APRA in the System 

6.1 The Panel supports the direction of the APRA Enforcement Strategy Review. To effectively embed the Enforcement Approach, APRA should change its existing internal norms that create a low appetite for transparent supervisory challenge and enforcement by: a. departing from its behind closed doors approach with regulated entities; b. adopting a stronger approach towards recalcitrant institutions; c. building organisational confidence and improving management support; and d. increasing its risk appetite and use of the escalation toolkit. 

6.2 While APRA’s regulatory tools are generally fit-for-purpose, the Government should consider: a. reviewing the adequacy of penalties across APRA's legislative framework; b. providing APRA with the power to appoint a skilled person to undertake a review of a regulated entity; and c. enhancing its private health insurance licensing powers. 

6.3 APRA should reinvigorate its approach to collaboration and information sharing with regulators and its international peers including clear protocols for staff. 

6.4 APRA should use its existing external accountability framework more effectively, including a more assertive use of the Statement of Intent and it should publish a regular external accountability assessment. 

6.5 The Government should consider streamlining and improving the effectiveness of existing accountability arrangements when establishing the financial regulator oversight authority. 

6.6 APRA should take a more strategic, active and forceful approach in its public communications. As an independent regulator, it should use public communications to shape community and government expectations of it. In relation to specific areas, APRA should:

a. publish an interpretation of its mandate; 

b. clearly articulate its role and approach to macro-prudential policy (see recommendation 3.3); 

c. advise the Government of the current state of its resolution capability and crisis preparedness (see recommendation 3.4). Taking account of the impact on the market, part of this advice could be published; and 

d. be more transparent in relation to superannuation, including by publishing objective benchmarks for superannuation performance on member outcomes and a strategy to promote long-term industry performance.

The report comments

This Review was recommended by the Hayne Royal Commission. The damaging revelations revealed during the Commission’s inquiry have had a profound impact on the community. Boards, management and trustees of prominent and financially successful firms and superannuation funds face questions about their competence, integrity and commitment to customers and members. Questions of legality are yet to be determined in many cases. Questions about the inability of regulators to anticipate and deal forcefully with the misconduct revealed by the Hayne Royal Commission have also been raised. Trust in the financial system and its regulators has diminished. Community expectations about the role of regulators have been heightened. 

It is important that these problems of misconduct are rectified and that industry behaviour and customer outcomes become better aligned to community expectations. Where laws have been broken there is rightly an expectation that those responsible will be held to account. But for a prudential regulator a ‘litigation-first’ or a litigation-focussed enforcement strategy will not help it achieve its ex-ante mandate, although APRA should not resile from legal remedies when they are needed. 

APRA’s response to the community’s heightened concerns should be in a manner consistent with its mandate. It should retain its focus on maintaining financial safety and stability but focus more intensely on governance, culture and accountability (GCA) in the financial sector.1 It should accept that GCA risks have a major bearing on financial risk. This Review is careful not to make the distinction between financial and non-financial risks common in discussions of GCA. Weaknesses in GCA frameworks feed directly into financial safety and stability. For a prudential regulator there is no binary choice between supervising financial or GCA risks. Failures of GCA have often been at the heart of financial failures and systemic instability. The Global Financial Crisis (GFC) clearly demonstrated this. They are as much a part of a prudential regulator’s remit as capital and liquidity ratios. The Panel notes APRA’s attempts to build capability in this area but questions whether its importance for a prudential regulator has been recognised in the past. 

While APRA can supervise these risks more effectively, it cannot guarantee that all customers will have a good experience with their bank, insurance company or superannuation fund. Individual misconduct regulation resides with the Australian Securities and Investments Commission (ASIC). Closer collaboration between APRA and ASIC will be crucial, to agree their respective roles and to deliver the desired outcomes.

Importantly it states that 'Variability in leadership, a conformist culture and aversion to transparency are constraining APRA'

The main conclusion of this Review is that APRA’s internal culture and regulatory approach need to change. There is also variability in its leadership capability. There is no doubt that in matters of traditional financial risk APRA is an impressive and forceful regulator. But the Panel observes that APRA’s tolerance for operating beyond quantifiable financial risks has been low. APRA appears to have developed a culture that is unwilling to challenge itself, slow to respond and tentative in addressing issues that do not entail traditional financial risks. In combination with APRA’s organisational structure, these factors limit its ability to deliver on the breadth of its mandate and adapt to new challenges. 

The Panel does not want APRA to build capability elsewhere by diminishing its core capability and acknowledges that this will be a challenging task. APRA can do better in other areas without undermining its excellence in regulating financial risk. Changes in capability, focus and structure should occur in line with culture. Equally, changes in APRA’s external governance arrangements and more flexibility in its funding and compensation frameworks should be considered. APRA has a strong preference to do things behind the scenes with regulated entities. The Panel believes that this limits its impact and authority. There are good reasons for a prudential regulator to be discreet, particularly in cases of acute financial stress. However, APRA needs to shift the dial towards a more strategic and forceful use of communication to ensure that it maximises its impact with regulated entities. Its Enforcement Approach should move it in this direction. 

Some things need to be kept confidential. But APRA should consider what is appropriate to be communicated to the public. Its expectations of entities should be made public as should any failure by entities to meet those expectations, including responses by APRA to those failures. The Panel met a wide range of senior representatives of APRA-regulated entities during the Review. Almost universally, they praised the openness and integrity of APRA’s senior staff and the to effectiveness of APRA’s discreet approach. They note that this approach benefits both APRA and their firms. 

A common observation made in these discussions was that their entities were more willing to cooperate with and provide information to APRA when it worked behind the scenes with them. It was noted that more transparency on APRA’s part would threaten that relationship. The Panel is not persuaded by that argument or the implication that APRA would be less informed if it operated more openly. While cooperation is always to be preferred to compulsion, regulated entities must provide APRA with the information it needs. An approach involving protracted behind the scenes negotiations of prudential issues is out of step with public expectations of regulators following the Hayne Royal Commission. As the Bank of England has noted in a different context, reliance on the lift of ‘Governors’ eyebrows and fireside chats are no match for a clearly communicated framework’ in today’s financial system. 

APRA should use strategic communication to better define its authority and shape its own destiny. It is investing in capacity in this area. More effective communication of its priorities and mandate will provide a clear signal to the market as to what the regulator wants, making it more transparent and more effective in its supervision of the financial sector. APRA is independent of the government and has strong and wide-ranging standard-setting powers. It has the foundations of a powerful institution but needs to build on these foundations by better communicating its objectives and achievements. APRA’s current external governance arrangements are not effective in holding it to account against its mandate. These should be reviewed in line with the creation of a financial regulator oversight authority. Even within these constraints APRA could be more effective. As a starting point, a public statement of its interpretation of its mandate and how APRA implements it would benefit APRA and make it easier for others to hold it to account. A useful historical analogue is the Reserve Bank of Australia’s (RBA’s) public definition and ownership of its inflation target in the early 1990s. APRA should also use its Statement of Intent (SoI) more assertively. It is appropriate that APRA take into account the government’s broad objectives when pursuing its mandate. However, APRA should highlight areas where the government’s objectives are outside its Corporate Plan and areas in which APRA has more pressing resourcing priorities. This is entirely appropriate for an independent regulator.

Innovation Principle and Ctizen Fintech?

'The Case for an Innovation Principle: A Comparative Law and Economics Analysis' by Aurelien Portuese and Julien Pillot in (2018) 15(2) Manchester Journal of International Economic Law comments

 After the rise of the precautionary principle (or approach) in the late 1990s in a number of jurisdictions, the economic consequences of this newly created principle of law have unfolded. Such consequences were either acclaimed – for providing a minimisation of a number of externalities – or lambasted – for providing justificatory grounds for the prohibition of potentially propitious innovations due to the existence of scientific uncertainties. 

Whereas innovation has increasingly become of salient importance in today’s economies, European economies face sluggish economic growth rates partly caused by a regulatory framework where risk-aversion is incentivized. The precautionary principle induces and favours risk-aversion at the expense of innovation. 

This Article discusses the law and economic foundations and implications of the precautionary principle in the WTO, the European Union, France and the United Kingdom. Having introduced the importance of law in stifling innovation and discussed the current precautionary principle, this Article vouches for an innovation principle to come to the fore in order to counterbalance the innovation-costly precautionary principle. A number of recommendations are proposed at the end of the article.

"Money's Past is Fintech's Future: Wildcat Crypto, the Digital Dollar, and Citizen Central Banking' by Robert C Hockett in (2019) 2 Stanford Journal of Blockchain Law and Policy comments 

I argue that crypto-currencies will soon go the way of the ‘wildcat’ banknotes of the mid-19th century. As central banks worldwide upgrade their payments systems, the Fed will begin issuing a ‘digital dollar’ that leaves no licit function for what I call ‘wildcat crypto.’ But the imminent change heralds far more than a shakeout in ‘fintech.’ It will also make possible a new era of what I call ‘Citizen Central Banking.’ The Fed will administer a national system of what I call ‘Citizen Accounts.’ This will not only end the problem of the ‘unbanked,’ it also will simplify monetary policy. Instead of working through private bank ‘middlemen’ that it hopes will lend QE money to borrowers during a downturn, the Fed will be able to do ‘helicopter drops’ directly into Fed Citizen Accounts. And rather than rely solely on interbank lending rate hikes or countercyclical capital buffering during periods of froth, the Fed will be able to impound money through the more ‘carrot-like’ measure of interest credited to those accounts. We are at last on the verge of establishing a true ‘Fed for the People.’

Consumer Data Right and Fintech Disruption

Technological Change and Financial Innovation in Banking: Some Implications for Fintech (Federal Reserve Bank Atlanta Working Paper 2018-11) by W. Scott Frame, Larry Wall, and Lawrence J. White comments 

Financial intermediation has changed dramatically over the past 30 years, due in large part to technological change. The paper first describes the role of the financial system in a modern economy and how technological change and financial innovation can affect social welfare. We then survey the empirical literatures relating to several specific financial innovations, broadly categorized as new production processes, new products or services, or new organizational forms. In each case, we also include examples of significant fintech innovations that are transforming various aspects of banking. Drawing on the literature on innovations from the 1990s and 2000s informs what we might expect from recent developments.

 The authors state

 Financial intermediation has changed dramatically over the past 30 years, due in large part to technological change arising from advances in telecommunications, information technology, and financial practice. This technological progress has spurred financial innovations that have altered many financial products, services, production processes, and organizational structures. To the extent that such financial innovations reduce costs or risks, social welfare may be improved. Of course, many financial innovations fail owing to fundamental design flaws or simply being replaced by better alternatives. 

A good example of technological change that has been dramatically reshaping the financial services industry is the ongoing shift from relying on human judgment to automated analysis of consumer data. This has taken what had been largely local markets for banking services and opened them up to nationwide competition from other banks and nonbank financial institutions. For example, retail loan applications are now routinely evaluated using credit scoring tools built using comprehensive historical credit registry databases. This automated approach eliminates the need to have a local presence to make a loan and substantially reduces underwriting and compliance costs for lenders, and the resulting data can be leveraged to improve further their risk measurement and management. Such a reliance on hard information also makes underwriting transparent to third parties and hence facilitates secondary markets for retail loans through securitization, which allows nonbank firms that lack deposit funding to compete via capital market financing. 

Given the growing importance of technology to financial services, it is perhaps not too surprising that the latest trend has been for technology-based firms to offer financial services, a development that is often called “fintech”. Many fintech firms combine automated analysis of retail customers with more user-friendly interfaces to provide services that are more convenient, and sometimes lower cost, to consumers. For example, “marketplace lending” platforms have emerged as a new organizational form that attracts borrowers with a simplified loan application process, leverages credit scoring tools to analyze these applications, and then matches creditworthy borrowers directly to investors. Furthermore, in some jurisdictions, machine learning (artificial intelligence) is now being leveraged to further improve retail loan risk measurement. 

Another set of recent technological developments are being touted as having the potential to have an even more fundamental impact on the financial system, potentially eliminating the need for trusted third parties such as banks. Whether and to what extent blockchains and cryptocurrencies will disrupt the existing financial system remains to be seen, as the technology is too new and immature to draw firm conclusions. However, the potential benefits of cryptocurrencies and blockchain technology are sufficient to attract considerable interest from tech-knowledgeable individuals, large financial organizations, and even major governments. 

This chapter surveys the research literatures pertaining to several specific financial innovations that have appeared in recent decades that were specifically driven by technological change. Particular attention is paid to innovations that may provide insights into the prospects for certain widely discussed fintech applications. To set the stage, we begin by providing some additional clarity about what is meant by financial innovation.

One of the more interesting discussions, for instance in relation to Australia's emerging Consumer Data Right regime (eg noted here), is

Marketplace lenders, which match consumers and small firms with lenders/investors using online platforms, have been popping-up all over the world. In the United States, these lending arrangements generally work in the following way: First, borrowers apply on the platform and are subject to automated underwriting based on standard criteria (such as a credit score) plus additional information and assigned a proprietary risk rating. Second, institutional investors purchase loans in bulk from the marketplace lenders, principally based on the risk ratings. The online marketplaces themselves generally have no direct exposure to the credit risk of the loans through their platforms, as they do not typically hold the loans or otherwise retain an interest in them or guarantee their performance. Instead, marketplace lenders principally generate revenue from loan origination and servicing fees. Marketplace lending is growing rapidly, but it remains a very small part of the $3.3 trillion U.S. consumer lending market. 

Much of what constitutes marketplace lending is actually not new. As discussed above, for many years, larger banks and finance companies have used credit registry data, credit scores, and borrower income information as inputs for statistical models to estimate risk and price consumer loans. However, marketplace lenders appear to be increasingly supplementing their models with additional information. Jagtiani and Lemieux (2018) find that LendingClub’s credit scores had an 80 percent correlation with FICO scores in 2007, but that the correlation drops about 35 percent for loans originated in 2014-15. The authors suggest that the change is likely due to a combination of LendingClub using alternative data and machine learning as the platform gains more experience with consumer lending. In complementary research that uses information from Prosper (which is a prominent marketplace lender), Balyuk and Davydenko (2018) discuss that lender’s use of secondary screening to identify suspicious applications and to verify automatically some borrower-provided information. The authors report that this additional screening has led to cancellation of 27 percent of the previously accepted loan applications since 2013. 

Vallee and Zeng (2018) observe that, while the fintech platforms are using their own models to grade loans and determine credit spreads, informationally sophisticated investors may be able to differentiate credit quality within these ratings grades. The authors derive a model allowing for such a split in investor sophistication, which results in a trade-off for the platform in terms of the contribution of sophisticated investors in improving loan quality but also creating adverse selection for less sophisticated investors. The volume-maximizing solution for the platform is to provide intermediate levels of screening and information to investors. Consistent with their model, the authors find that loans purchased by more informationally sophisticated investors were less likely to default for the universe of investments made through Lending Robot from 2014-2017. They also observe that one marketplace lender, LendingClub, reduced the amount of information it provided to investors and this caused a reduction in the ability of sophisticated investors to “cherry-pick” loans with lower default rates. 

Beyond marketplace lenders specifically, there has been a general increase in online lending. According to Fuster, Plosser, Schnabl, and Vickery (2018), fintech mortgage lenders have increased their market share from two to eight percent between 2010 and 2016. The authors find the biggest benefit provided by fintech lenders is an average reduction in the time from application to closing of 10 days (20 percent) after controlling for borrower and loan characteristics. They also find that fintech lenders can scale up the volume of mortgages they process more readily than can other lenders. 

The information technology underlying such an automated approach to underwriting is subject to significant scale economies (large fixed costs and very low marginal costs), which provides strong incentives to grow large quickly. This suggests that the consolidation of the marketplace lending industry is very likely. Moreover, as marketplace lenders become more successful, they are likely to find themselves facing increased competition from incumbent consumer lenders.

The paper complements the ACFS International competition policy and regulation of financial services report noted here.

EU Consumer Data Protection and the CDR

The EU Data Protection Supervisor has released an Opinion on data protection aspects of the EU 'A New Deal for Consumers' legislative package. That package is composed of the Proposal for a Directive as regards better enforcement and modernisation of EU consumer protection rules and the Proposal for a Directive on representative actions for the protection of the collective interests of consumers.

EDPS Opinion 8/2018 on the legislative package “A New Deal for Consumers”  notes that

 The European Data Protection Supervisor (EDPS) is an independent institution of the EU, responsible under Article 41(2) of Regulation 45/2001 ‘With respect to the processing of personal data... for ensuring that the fundamental rights and freedoms of natural persons, and in particular their right to privacy, are respected by the Community institutions and bodies’, and ‘...for advising Community institutions and bodies and data subjects on all matters concerning the processing of personal data’. Under Article 28(2) of Regulation 45/2001, the Commission is required, ‘when adopting a legislative Proposal relating to the protection of individuals’ rights and freedoms with regard to the processing of personal data...’, to consult the EDPS.

He was appointed in December 2014 together with the Assistant Supervisor with the specific remit of being constructive and proactive. The EDPS published in March 2015 a five-year strategy setting out how he intends to implement this remit, and to be accountable for doing so. This Opinion relates to the EDPS' mission to advise the EU institutions on the data protection implications of their policies and foster accountable policymaking - in line with Action 9 of the EDPS Strategy: 'Facilitating responsible and informed policymaking'. The EDPS considers that compliance with data protection requirements will be key to the success of EU consumer protection law in the Digital Single Market.

This Opinion outlines the position of the EDPS on the legislative package entitled: “A New Deal for Consumers” that is composed of the Proposal for a Directive as regards better enforcement and modernisation of EU consumer protection rules and the Proposal for a Directive on representative actions for the protection of the collective interests of consumers.

The EDPS welcomes the intention of the Commission to modernise existing rules in an area whose goals are closely aligned to those of the recently modernised data protection framework. He recognises the need to fill the gaps in the current consumer acquis in order to respond to the challenge presented by predominant business models for digital services which rely on massive collection and monetisation of personal data and on the manipulation of people’s attention through targeted content. This is a unique opportunity to improve consumer law to redress the growing imbalance and unfairness between individuals and powerful companies in digital markets.

In particular, the EDPS supports the aim to extend the scope of Directive 2011/83/EU in order to allow the consumers, who receive services not rendered against a monetary price, to benefit from the protection framework offered by this Directive, as this reflects today’s economic reality and needs.

The Proposal took into account the recommendations of the EDPS Opinion 4/2017 and refrains from using the term “counter-performance” or distinguishing between data “actively” or “passively” provided by consumers to suppliers of digital content. However, the EDPS notes with concern that the new definitions envisaged by the Proposal would introduce the concept of contracts for the supply of a digital content or digital service for which consumers can “pay” with their personal data, instead of paying with money. This new approach does not solve the problems caused by using the term “counter-performance” or by making an analogy between the provision of personal data and the payment of a price. In particular, this approach does not sufficiently take into consideration the fundamental rights nature of data protection by considering personal data as a mere economic asset.

The GDPR already laid down a balance regarding the circumstances under which the processing of personal data may take place in the digital environment. The Proposal should avoid promoting approaches that could be interpreted in a way inconsistent with the EU commitment to fully protect personal data as laid down in the GDPR. To provide broad consumer protection without risking to undermine the principles of data protection law, an alternative approach could be envisaged, such as based on the broad definition of a “service” from the e-commerce Directive, the provision defining the territorial scope of the GDPR or Article 3(1) of the Council General Approach on the Digital Content Proposal. The EDPS therefore recommends refraining from any reference to personal data in the definitions of the “contract for the supply of digital content which is not supplied on tangible medium” and the “digital service contract” and suggests to rely instead on a concept of a contract under which a trader supplies or undertakes to supply specific digital content or a digital service to the consumer “irrespective of whether a payment of the consumer is required”.

Furthermore, the EDPS draws attention to several potential interferences of the Proposal with the application of the EU data protection framework, in particular with the GDPR and provides recommendations.

First of all, the EDPS stresses that the processing of the personal data can only be done by the traders in accordance with the EU data protection framework, in particular the GDPR.

Second, the EDPS is concerned that if the concept of “contracts for the supply of a digital content or digital service for which consumers provide their personal data, instead of paying with money” were introduced by the Proposal, it could mislead service providers who would be led to believing that the processing of data based on consent in the context of a contract is legally compliant in all cases, even where the conditions for valid consent set out in the GDPR are not fulfilled. This would undermine legal certainty.

Third, the complex interplay between the right of withdrawal from the contract and the withdrawal of the consent for processing of personal data, as well as the obligation of the trader to reimburse the consumer in the event of withdrawal demonstrates the difficulties of reconciling the concept of “contracts for the supply of a digital content or digital service for which consumers provide their personal data, instead of paying with money” introduced by the Proposal with the fundamental right nature of personal data and the GDPR.

Also, the EDPS considers that the Proposal should amend Article 3 of Directive 2011/83/EU and introduce a provision that clearly states that in case of a conflict between the Directive 2011/83/EU and the data protection legal framework, the latter prevails.

Furthermore, the EDPS also welcomes the new Proposal on collective redress, which intends to facilitate redress for consumers where many consumers are victims of the same infringement, in a so-called mass harm situation. The EDPS assumes that the redress mechanism envisaged in the Proposal on collective redress aims to be complementary to the one in Article 80 of the GDPR on representation of data subjects.

Nevertheless, to the extent personal data protection-related matters would be included in the scope of the collective action under the Proposal, the EDPS considers that “the qualified entities” that will be able to bring the representative actions in this field under the Proposal should be subject to the same conditions as set out in Article 80 GDPR.

Along the same lines, the Proposal on collective redress should clarify that the representative actions regarding data protection issues can only be brought before administrative authorities that are the data protection supervisory authority within the meaning of Articles 4(21) and 51 GDPR.

In conclusion, the EDPS considers that the application of two different mechanisms on collective redress, to the GDPR and to the future e-Privacy Regulation, alongside other substantive points of interaction between consumer and data protection, requires more systematic cooperation between the consumer protection and data protection authorities that could be done, for instance, within the already existing voluntary network of the enforcement bodies from competition, consumer and data protection areas - the Digital Clearinghouse.

Finally, the EDPS welcomes the initiative to update the enforcement of consumer rules: the revision of the Consumer Protection Cooperation Regulation. In this context, the EDPS considers that it is important to further explore the synergies between the data protection and consumer law. The cooperation between the consumer protection and data protection authorities should become more systematic wherever specific issues that are of interest for both side arise, in which consumer welfare and data protection concerns appear to be at stake.

'The Proposed Australian Consumer Data Right: A European Comparison' by  Samson Esayas and Angela Daly in (2018) 3 European Competition and Regulatory Law Review comments

This article examines the new Australian consumer Comprehensive right to access and use data, also known as the Consumer Data Right, recently proposed by the Australian Productivity Commission, and adopts a comparative analysis with data protection, competition and consumer developments in the European Union (EU). Firstly, a brief overview is given of the legal context and relevant Big Data developments in Australia. Then, current EU developments, particularly the data portability right under the General Data Protection Regulation (GDPR), and recent proposals from the Commission aiming at fostering access and transfer of data including the data producer’s right to use and authorise the data and the portability of non-personal data for professional users are considered. This is followed by an explanation of the Australian Productivity Commission’s proposed Consumer Right to access and use data, before an analysis is conducted to understand the extent to which this proposed right accords with the European situation. Given the coming into force of the GDPR and its extraterritorial reach, and the EU-Australia Free Trade Agreement currently under negotiation, as well as the transnational reach of Big Data and Cloud services, standardisation across the two jurisdictions is desirable. In this regard, the article examines to what extent the recent initiatives contribute to such standardisation and their implications for the extent to which Australia’s legal framework for data may be considered ‘adequate’ by the EU.

Responsible Blockchain and Reintermediation in FinTech

Not-So-Smart Blockchain Contracts and Artificial Responsibility' by Adam J. Kolber in (2018) Stanford Technology Law Review comments

The first high-profile decentralized autonomous organization formed in 2016. Called “TheDAO,” it used smart contracts on a bitcoin-style blockchain to allow strangers to come together online to vote on and invest in venture capital proposals. Newspapers raved about the $160 million it quickly raised, even though it purported to have no central human authority, including no managers, executives, or board of directors.

Technologists have grand plans for smart contracts and autonomous organizations. Rather than staying at traditional hotels with elaborate human staff, we may pay for hotel rooms using bitcoin (or another cryptocurrency) which will automatically unlock the room door. If the toilet breaks, the room itself will contract with a plumber to fix it. Similarly, a smart contract may allow us to hire a self-driving car. The car will not only drive passengers around but arrange for its own routine maintenance.

TheDAO itself, however, is now a cautionary tale. A bug in its smart contract code was exploited to drain more than $50 million in value. Some purists denounced efforts to mitigate the problem, arguing that the alleged hacker simply withdrew money in accordance with the organization’s agreed-upon contractual terms in the form of computer code. Since the “code is the contract” in their minds, the alleged hacker did nothing wrong.

I defend two related claims. First, contra the purists, I argue that the code does not reflect the entirety of the parties’ agreement, and so the “code is the contract” slogan does not resolve whether TheDAO exploitation should have been mitigated. I take no position on whether mitigation was appropriate except to say that the matter depends on many considerations aside from smart contract code itself.

Second, I point to a broader danger lurking in the code-is-the-contract view. TheDAO had tremendous “artificial responsibility” in that we gave it considerable control that couldn’t be easily revoked or reined in. Not-so-smart contracts in the future may prove even more dangerous: hotel guests might be locked out of their rooms, and self-driving cars might drive off bridges. I argue that unadulterated commitment to the code-is-the-contract slogan increases artificial responsibility and its associated risks.

Given Australia's move to a Consumer Data Right it is interesting to sight comments in 'Reintermediation in Fintech: Evidence from Online Lending' by Tetyana Balyuk and Sergei A. Davydenko. They argue 

The peer-to-peer loan market was designed to allow borrowers and lenders to interact online without banks as middlemen. Yet we document that P2P lending platforms over time have evolved from trading venues into new credit intermediaries. Lenders now overwhelmingly outsource all decision-making to the platforms' software and adopt passive investment strategies. The dominant role of lending platforms with little skin in the game makes the market vulnerable to moral hazard, checked by the threat of institutional investors' withdrawal. Our findings suggest that the absence of private information spurs reintermediation as the platform's expertise in loan evaluation crowds out that of investors.

Cryptocurrencies and Fintech Futures

'Cryptocurrencies in the Common Law of Property' by David Fox comments 

The development of cryptocurrency technology has been driven by a desire to create autonomous systems for carrying out digital transactions. The people who use them may neither seek nor want extraneous legal intervention. Property law is as much a kind of state intervention as all the more familiar rules of financial or securities regulation that have attracted so much attention from legal commentators. Property law is default law. If a certain resource can be characterized as an object of property, then the rules of property law apply to it as far as the nature of the resource allows. The view advanced here is that many features of a common law system of property would apply to cryptocurrencies. Once the data comprising crypto-coins are understood for what they are, they should be a suitable object of property. The old binary conception of personal property consisting in chooses in possession and chooses in action should not be an obstacle, if indeed it ever was, to their recognition as property. With some necessary adaptation to allow for the intangibility of crypto-coins, the usual rules of derivative transfer of title and tracing could apply to them. Granted, the common law has no ready-made rules especially designed for cryptocurrencies. But that very absence of rules may be as much an adaptive strength as a systemic failing. The common law grows by a process of principled analogy between the old and the new. The common law provides a reserve of general principle that can provide a default set of property rules for cryptocurrencies without the need for targeted statutory intervention.

The 141 page Australian Centre for Financial Studies report by Deborah Cope, Yvette Bauder and Lee Cope on International competition policy and regulation of financial services comments

Like many countries, Australia is examining the role of fintech in its financial services sector. Governments and regulators are considering whether consumers and businesses using financial services would benefit if policy and regulation were changed to recognise the specific characteristics and circumstances of fintech businesses. There are, however, no comprehensive data or analyses of the costs and benefits of such policies. Some information is emerging, but it is still limited. 

This paper looks at what international evidence is available and draws on various countries’ experiences with financial services reforms to provide data that could inform Australian policy discussions. 

Internationally, the demand for fintech services is strong and growing. It is no longer just techsavvy early adopters using these services; they are becoming more mainstream (EY 2017, p.7, 20). Many fintech business and commentators argue, however, that there are constraints on fintech’s ability to compete with traditional financial services and, as a result, consumers and businesses are not fully benefiting from the improvements in quality, price and new products that added competition could bring. They also argue that governments and regulators should change their policies and approaches to regulation to facilitate competition. 

Care is needed, however, when governments consider intervening in markets, even when the objective is to improve competition. To improve welfare, the benefits need to result in overall improvements in efficiency and economic growth, rather than benefitting one business, sector or industry at the expense of others. Regulators still need to be able to maintain acceptable standards of financial stability, and consumer and investor protection. Additionally, intervention can be costly, and those costs may be greater than the benefits of government action. 

While, as noted above, there data on the overall benefits and costs of overseas fintech policies are limited, international experience can still help inform Australian policy. It can help to identify areas where reform could be considered in Australia, because there are potential barriers to competition, and evidence of potential benefits from reform. Further analysis of the costs and benefits of specific proposals is needed, however, before concluding that such reforms would definitely benefit the Australian economy. 

International experience 

FinTech growth appears to happen under three types of country conditions. The first are conditions such as in the US, which has a history and culture of promoting startup businesses, and established processes for supporting new business investment. It has the world’s highest investment in fintech, built on a strong venture capital sector. In other countries such as China, fintech has grown because businesses have been able to operate in regulatory gaps, outside the existing rules. However, this has resulted in problems when poor practices have emerged. Some such countries are now introducing new rules to regulate these providers. The third group of countries, including the UK and Singapore, are adopting policies and regulation that recognise the specific characteristics of fintech businesses and using a sophisticated approach to fintech policy and regulation to increase competition in financial services. 

Regulation affects market entry 

There are regulatory and market barriers to businesses entering the financial services market. Since the global financial crisis, the cost and complexity of regulation have increased, and there is considerable evidence that the presence or absence of financial services regulations, and the form of those regulations, affects the cost of starting a fintech business and those businesses’ ability to compete (Deloitte 2017a, p.39). Individual fintech businesses report that regulation creates barriers to innovation, making it harder for them to enter the financial services market and compete with traditional providers. Where there are gaps in financial services regulation, there is often market entry, growth and innovation in fintech, indicating that the absence of regulation enables innovation. Finally, sector experts consistently report that investment grows when governments initiate changes to open up markets. 

Barriers to innovation and market entry often reduce competition. There may be benefits, therefore, to reforms that remove such barriers without undermining the objectives of the regulation. 

Competition and consumer benefits 

There is evidence that growth in fintech services results in new products and services that benefit consumers and stimulate competition. Such competition can put considerable pressure on established financial institutions, which creates incentives to reduce bank fees and interest rates. It can also increase access to financial services, and the range of services and service providers available to customers (section 2.2). 

International competition policy and regulation of financial services 

In areas such as small business lending, where the cost of finance is high and increasing, there are also potential benefits to having access to a broader range of financial services (ASBFEO 2017, p.2). FinTech can play a role in this area, as 16 per cent of investment in fintechs has been in business lending (World Economic Forum 2015, p.10). Businesses using these services believe they are essential; 33 per cent believe they would be unlikely to get funds elsewhere (Nesta 2014, p.10). Many of the initiatives that make markets conducive to fintech growth have broader competition benefits. Such policies allow fintech products and services into the market, but also encourage more competition among traditional financial services providers. There are extensive benefits to greater competition in broader financial services. The Digital Single Market Strategy, for example, is expected to add €415m to the EU economy (EC 2017c). The UK Competition and Markets Authority also conservatively estimated the direct benefits alone of its recommendations to improve competition in banking were £150m to £250m a year, accumulating to £700m to £1bn over five years (CMS 2016, p.xivii). 

These gains do not rely specifically on fintech growth. There is, therefore, a strong case for considering broad competition reforms in financial services that enable competition from fintech, but also facilitate competition across all financial services providers without compromising market stability or customer protection. Such policies can be valuable, even if the expected growth in fintech does not eventuate. 

International priority reform areas 

International commentary on fintech policy and consultation in preparing this report highlighted four areas of government policy and regulation that are seen as potentially significant:

1. A pro-competitive approach to financial services 

2. Open, transparent regulators that engage with fintech businesses 

3. Removing specific entry barriers 

4. Enabling connectivity. 

A pro-competitive approach to financial services

Financial services regulators commonly have objectives to maintain the integrity and stability of the financial system, including monitoring and managing business and financial risks, and protecting consumers’ and investors’ interests. Some are also required to deliver these objectives in a way that explicitly recognises the benefits of competition. The UK is the most prominent example where financial regulators have an explicit objective to promote competition in financial services markets. The UK Financial Conduct Authority’s competition mandate gives rise to a range of activities, including making new rules, issuing guidance, conducting market studies and undertaking investigations and enforcement. The Bank of England Prudential Regulatory Authority also has a competition objective, which it is required to pursue as far as possible without compromising its primary objectives. Regulators in some other countries are also required to consider competition, innovation and market entry when they make regulatory decisions (section 3.1). 

In Australia, the Australian Prudential Regulation Authority is required to consider competition and contestability in its decisions, and the Australian Government recently announced that the Australian Securities and Investments Commission (ASIC) has been given a competition mandate. 

Based on the UK experience, it appears that an explicit competition mandate with accompanying powers affects the type of work the regulator does, the issues it considers when making decisions and the outcomes against which it is held to account. In practice, the UK competition mandate has resulted in its regulators actively seeking to inform themselves and others about competition issues, and responding more proactively when such issues come to their attention. It makes it clear that the regulator’s decisions must take account of the effect on competition, and that the regulator needs to be transparent about how this is done. Overall, the regulator has a better understanding of competition issues and the authority to act if competition concerns arise. 

Open, transparent and engaged regulators 

Regulation can create barriers to competition because of the nature of the rules, or the way they are administered and enforced. FinTech businesses, advisors and investors value having a clear point of contact with the regulator, an open regulator that will engage with business, and clarity in their regulatory obligations. They also value clear and proportionate regulation that supports consumer confidence and trust. Open processes that engage businesses can help regulators to achieve their objectives without imposing costs or constraints on businesses that stifle innovation and competition. 

Regulatory uncertainty is, however, a continuing issue. Engaging with a regulator requires considerable time and resources, and businesses’ willingness to devote these resources shows the importance they place on such engagement. ASIC data indicate that early engagement has tangible benefits. Businesses that sought informal advice, for example through ASIC’s Innovation Hub, significantly reduced the time for their license approval (EY & FinTech Australia 2017, p.34). 

Two specific areas where industry has highlighted the need for strong engagement with regulators (and many regulators have responded) are regulatory sandboxes and licensing of new service providers More than 20 countries have, or are planning to, set up regulatory sandboxes. The UK sandbox is the most well-established, with 18 businesses entering testing from the first cohort and 31 businesses from the second cohort declared eligible. Interest in the sandbox is growing, and, while it is early days, the Financial Conduct Authority has analysed the results from the first year and concluded that the sandbox has been a success. Sandbox activities benefitted consumers by reducing prices and improving service quality. Participants also benefitted from reductions in the risk, time and cost of launching businesses to market, obtaining full authorisation and attracting external funding. This further reduces barriers to market entry. 

In Australia, legislation is before Parliament to expand the scope of activities and the timeframe for testing financial products and services in ASIC’s regulatory sandbox (Attachment A). 

Many fintech businesses can and do provide services that do not require a licence. But licensing is emerging as an issue, as Governments extend the range of activities that require authorisation and fintech businesses expand their activities in competition with traditional financial services. 

New bank entry is usually supported, to improve competition in financial services. There is some evidence that challenger banks have had an impact on competition, particularly in areas not well serviced by the traditional banking sector (section 3.2). There are, however, barriers to new businesses obtaining a licence, and while standards are needed to maintain security and trust in financial services markets, some countries are reviewing their licensing processes and minimum capital requirements to ensure they do not create unnecessary barriers. 

Removing specific entry barriers 

Regulatory systems and financial infrastructure were designed with established financial institutions in mind. They may therefore be costly to navigate or unsuitable for new fintech services, or unable to accommodate the technological innovation customers expect. Many countries are modernising their regulatory approaches in areas such as payments systems and opening up banking systems to facilitate innovation and competition. The aim is to remove barriers that unnecessarily restrict competition without undermining the objectives of the regulation. 

Payments systems reform is facilitating faster payments without compromising security. These reforms are generally not directed specifically at fintech businesses, but they result in considerable cost savings and, to the extent they enable more technologically-based payment services, they provide an opportunity for fintech innovation and competition. 

Countries are also looking to make their banking systems more open. There are currently practical barriers that make it difficult for new entrants to integrate their products or services with those that customers already use. However, the value added by many fintech services relies on them working with other types of financial services. Attracting customers away from incumbent providers is a significant challenge identified by fintech businesses, but it is necessary to allow the collaboration and innovation that best serves the financial sector. Policies to encourage more open banking fall into two broad categories: (1) giving customers more rights to own and control their data and requiring businesses holding that data to provide it to a third party at the customer’s request (data ownership and control); and (2) requiring incumbent providers to modify and open their systems to make it possible for third parties to connect and provide additional services at the customer’s request (open APIs). 

Lack of access to data and bank systems is hindering innovation. Regulators, consumer organisations and industry participants have all argued that open data policies would make it easier for customers to search and switch accounts, improving competition and encouraging innovation. While many open banking reforms are at an early stage, investment and interest in new services is already growing, and significant benefits are predicted (section 3.3). APIs are commonly used to generate innovation that disrupts traditional business models across a range of sectors outside financial services. There are also existing examples in the financial services sector, where open access has stimulated growth in services and competition. 

In some countries, some banks are becoming more open without government action. However, it is unlikely that an industry-wide, consistent approach will emerge on its own. While the benefits and efficiencies of an open system are recognised, there are significant first mover disadvantages. Individual banks are reluctant to open their systems without similar action by their competitors. There are also benefits in developing standards and approving service providers centrally, to avoid inconsistency and duplication. 

The Productivity Commission argued that data has tremendous value. It concluded that there are enormous benefits if data is widely used and more generally available, but that there are risks. Nevertheless, many of these risks can be managed with the right policies and processes (PC 2017, p.8-9). 

Enabling connectivity 

Some aspects of fintech are considered disruptive, such as replacing existing services with new services or methods of delivery. However, most of the growth opportunities require collaboration, either across fintech businesses or between fintechs and more traditional financial services providers. The need for collaboration is well recognised. Such collaboration can emerge through many mechanisms, and there is international evidence of interest in initiatives such as partnerships among businesses, participation in industry associations, and involvement in incubators, accelerators, innovation labs, hackathons and similar programs. 

The report argues that there are international lessons for Australia

In Australia, there is considerable opportunity for fintech growth, and the use and awareness of fintech services is high (EY 2017, p.12-13). Given the size of the Australian market and the newness of its fintech sector, Australia ranks relatively well internationally. While, as noted above, there is evidence of benefits from increased competition and greater access to services from growth in fintech, it is more difficult to establish the link between these benefits and government policies. Government policy and regulatory changes will benefit Australia when the broad benefits of those policies outweigh their costs. There are three main categories of potential intervention:

1. Policies that remove regulatory barriers to entry (more open and transparent regulation, industry sandboxes, licensing reforms and pro-competitive mandates) 

2. Policies that remove market barriers to entry (opening up banking and payments system modernisation) 

3. Industry promotion and support (grants and businesses assistance). 

Policies that remove regulatory barriers to entry 

It is good regulatory practice to remove unnecessary barriers to market entry and competition, so that policy focusses on managing the risk of harm and does not favour a particular business model or technology. 

This is an area where the benefits of reform often justify the costs, but such reforms are not costless, particularly in markets with a long-established regulatory framework. Reforms are likely to have community-wide benefits when they:

• Can be introduced without imposing excessive costs on businesses or taxpayers, and any risks such as fraud, corruption, consumer detriment or market instability can be managed 

• Result in significant growth in new products and services, service improvements or large cost reductions, or encourage existing financial services providers to improve their efficiency. 

Policies that remove market barriers to entry 

In some markets, there are natural barriers that make it hard for new businesses to compete, even with favourable policies and regulation. These can arise because of market characteristics, or because the incumbents have a strong entrenched market position (perhaps as a result of previous government regulation). In industries such as telecommunications, electricity and transport, governments have changed policies and regulation to facilitate competition. A lot of commentators argued that pro-competitive reforms are necessary to realise the full potential of competition in financial services. Changes that open up banking and facilitate access to data potentially have high compliance and implementation costs, but if they stimulate improvements in efficiency and innovation, and encourage cost reductions, they are also likely to deliver considerable benefits. 

Industry promotion and support 

Industry support programs run the greatest risk that their costs outweigh the benefits. Unless they are designed to address a clear market failure or achieve social policy objectives, they may simply transfer activity from one sector of the economy to another, without stimulating broader economic or social benefits. 

Should Australian-based businesses be a priority? 

Customers benefit from new products and services regardless of whether they are produced by Australian or overseas businesses. Business growth also benefits the Australian economy, as long as it is based on the competitiveness and efficiency of the businesses, rather than policies or supports that favour one activity over another. 

Policy should therefore be focussed on enabling competition wherever it comes from, removing barriers to setting up businesses in Australia, and addressing market failure. Australian consumers and business customers would then have access to the best possible financial services. In addition, Australian businesses that succeeded in a competitive domestic financial services market are likely to be well equipped to grow and compete overseas