▷ Fintech Tutorial 【Get Certified!】✅

What You Will Learn

1 FinTech Foundations
2 Why FinTech?
3 Myths about Fintech
4 Facts about Fintech
5 Fintech in Action: Case Studies from the Frontlines
6 Why Fintech Matters: Enhancing Security and Enabling Opportunity
7 Creating an ecosystem for Fintech to Thrive

FinTech Foundations

The term ‘fintech’ has now become a part of the modern lexicon. The term is often used to describe tech startups that are presumably going to upend traditional financial institutions ( ie. banks ) through the use of new technology. Such a characterization, however, misses a large amount of what is truly transforming the financial services ecosystem.

The singular term ‘fintech’ lumps together a broad variety of financial services offerings with different technologies, stakeholders, and risk profiles associated with each. The term also overlooks history as well as the true opportunity for fintech, namely to better serve customers (ie. simplifying experiences, lowering costs), and the enormous challenges associated with the financial services sector (ie. trust, security, and regulation).

At PayPal, we believe that our nearly two decades of experience gives us a strong position to speak about what fintech really is. This course is our attempt to provide an in- sider’s perspective on the potential and the reality of fintech. We hope that it is useful for newcomers to space, and those that are seasoned veterans. We intend this course not to be definitive, but rather to be a thought-starter that will stimulate a discussion on what we collectively want for the future of fintech.

The interaction of technology and financial services is not something entirely new, but rather financial services has always been driven by technology. Coinage is a technology, plastic cards are a technology, and Automated Teller Machines (ATMs) are a technology. The differentiator in the modern version of fintech is mobile technology, driven in particular by smartphones and the Internet. Moreover, fintech is a truly global phenomenon that has the potential to greatly improve people’s lives. It is also essential to recognize that a significant portion of modern fintech is built in partnership with financial institutions and is subject to regulatory scrutiny.

Fintech has resulted in a significant shift in several areas of financial services. There are certain fintech innovations like virtual currencies that would be completely transformative of the financial landscape, but those innovations have yet to demonstrate traction at scale. The innovations that have been successful at scale to this point tend to be improvements to the retail financial services experience, leveraging technology to enhance the user experience. In payments, PayPal has seen first-hand the shift from cash to mobile payments, but there is still a great deal of room for continued innovation in this space. Credit, both for small business and consumers, has also been impacted by introducing new data elements to the traditional metrics utilized in underwriting. Finally, people looking to build and manage their wealth no longer need to have access to elite advisors but rather can leverage big data and algorithms to manage and grow their savings.

The real impact of fintech, however, is not fancy new apps providing traditional financial experiences, but rather the meaningful improvements fintech can make in the lives of those using financial services. Fintech can result in enhanced trust and security with innovations like biometric authentication, cryptographic transaction protection through tokenization, and big data transaction monitoring. Fintech can also facilitate the democratization of finance by lowering the costs of financial services and expanding access and participation in every level of society.

The current financial services ecosystem was not designed for fintech, and the gaps that need to be reformed are in a variety of areas. Identity is a precursor to access to fintech, yet identity continues to languish in analogue forms that are difficult to build upon for the provision of digital services. Authentication is essential for safety and security, but classical methods and policy proposals continue to dominate the discussion of authentication. Security has been improved through fintech, but it has also shifted the risk profile to the security of data, and best practices on data security are not being adopted throughout the ecosystem. Finally, with the multitude of new actors entering the fintech ecosystem, there is a need for clarification on accountability and while regulatory sandboxes are an effective tool to defer questions about accountability, more thinking needs to be done on an ideal set of tools for regulating fintech.

We propose that financial services policymakers and regulators begin to think like fintech policymakers and regulators. That means embracing technology both in terms of the opportunities it brings for users and for regulation.

We propose that fintech policymakers adopt a platform with 4 ‘e’s’ in mind :

eIdentity – Digital forms of government-issued identification will be essential in a world where financial services can be offered without any physical presence. These e-ID tools should be accessible, user-friendly, and affordable (preferably free) to ensure their wide adoption by users.
eAuthentication – Authentication is a central element of enabling fintech to scale in a secure Regulations often have an analogue view of the world, but digital and mobile technology enables a host of new data elements to be used for improving authentication.

eSecurity – New forms of security are being enabled by technology, and the government can provide a platform for information sharing about security best practices and systemic threats.
eRegulation – Technology will continue to adapt in the fintech space; regulation must be created in a manner that is based upon performance rather than based upon the type of technology; moreover, regulators can now leverage technology to improve the way they collect information, analyze it, and engage in supervision.

This course will proceed in four parts. Part I will contrast some of the myths and facts surrounding fintech. Part II will provide concrete case studies that demonstrate precisely how fintech is changing the landscape of financial services. Part III will describe why fintech matters by pointing to the real impact that it is having on enhancing the security of and the economic opportunity provided by financial services. Finally, Part IV will point out gaps in the ecosystem that currently inhibit fintech and limit its ability to truly transform people’s lives.

Once again, we intend for this course to be a thought-starter on fintech. We are still in the early days of the modern fintech revolution, and we hope to work with all stakeholders to ensure that the fintech ecosystem is designed in such a manner that it will enable the maximum amount of people to benefit from the positive innovations that fintech can enable.

Why FinTech?

There is heterogeneity surrounding this sector in terms of its definition, its impact, its practices, and its regulatory standing. This piece is not an attempt to provide the conclusive insight on each of these areas, but rather to help to clarify elements that should help the reader to better understand recent fintech developments.

PayPal sits in a very unique position in the world of fintech. We are neither a startup business nor a traditional financial institution, which seems to be the dichotomy typically adopted when discussing fintech. We are a company with nearly 20 years in financial services and technology, operating in over 200 markets, and providing a suite of technology-enabled financial services either directly or through partnership. We invest in small fintech startups, partner with large bank networks, and build technology solutions for banks and non-banks alike. We serve individuals, businesses, non-profits, and government entities. We bring this broad view of financial services, historical knowledge of technology development, and a global perspective to this course. Much of what follows is written from the perspective of a company headquartered in the United States of America, but we have attempted to explore the issues of the fintech sector with due recognition to the global experience of fintech and the many influences that are shaping the future.

In the wake of the 2008 global financial crisis, there has been a great deal of global upheaval in the financial services sector. Traditional financial institutions have shifted their strategies as a result of economic realities, lack of trust, and a new regulatory landscape. Interestingly, at around the time that the housing bubble in the United States began to foreshadow a larger financial crisis, Apple launched the iPhone in February of 2007. The smartphone revolution that followed has transformed a range of sectors from retail to transportation, and financial services are no different. This course focuses on that nexus of technology and financial services in the modern era.

Fintech is a term that could apply to any application of technology to the financial system. But, for the purposes of this course, we will be excluding discussions of Insurance and Investment Banking, focusing instead on how technology is transforming Retail Banking. The disaggregation of the traditional retail bank is often displayed by referring to this graphic from CBinsights, which charts the multitude of technology firms that are providing services like credit, wealth management, and payments services.

One key factor to note from this graphic, however, is that the core functionality of “banking” is not being “disrupted” by technology firms (more to come on this later). There are also some important learnings that the graphic does not show. First, the graphic is heavily focused on the US landscape. Fintech is a global phenomenon and the experiences in other developed countries in the developing world is quite different. Second, the graphic does not take into account the fact that banks themselves (at times in partnership with fintech) are providing many of these services through technological means. The baseline for the graphic is a bank’s website, demonstrating that banks themselves are leveraging technology to offer their customers better services. Finally, the graphic does not evoke scale or impact in any way, and there are areas where fintech has already made meaningful differences in people’s financial lives, while in others it is still early days.

Fintech exists because people’s expectations and preferences have evolved as a result of always-on, always-available mobile technology. Fintech is also the result of people wanting, and in some cases needing, alternatives to the traditional system. Despite 700 million adults worldwide becoming bank account holders between 2011 and 2014, 2 billion are still unbanked; most of whom live in Africa and Asia. Many of those that are banked are still underserved; the US Federal Deposit Insurance Commission reports that nearly 20% of US households are underbanked (mean- ing they have a bank account, but also use products outside the financial system). In the US, underserved consumers spent $141 billion in fees and interests to manage their financial lives in 2015 alone. The problems in the current system go beyond just consumer finance. Over 50% of formal small and medium-sized enterprises in developing economies are estimated to be either unserved or underserved by the traditional financial sector. These are some of the gaps that fintech has the potential to step into and provide tremendous socio-economic value.

Regulators and policymakers have been working overtime to catch up to the developments in the fintech space. There is much to be done. Understanding fintech should be the primary goal for policymakers and regulators; engaging with industry is one of the best ways to foster learning. In areas where fintech is resulting in positive socio-economic outcomes, an enabling environment needs to be created to extend and expand that impact. Clear and precise rules and supervisory mechanisms should be used to reign in activities that result in negative outcomes for people. It is the outcome that should guide regulatory scrutiny of fintech rather than the technology or business model being used.

Myths about Fintech

As with any new technological development, fintech has had its fair share of hype. This hype has led to a wide variety of mischaracterizations. This lesson highlights some of the most egregious misconceptions surrounding fintech. Before understanding what fintech is, it is helpful to point out what it isn’t.

Myth #1: Fintech is New

The first myth worth busting about fintech is that it is something new. PayPal has sat at the nexus of tech and finance for nearly 20 years, but technology has been changing financial services for decades before PayPal was founded. Western Union built upon its telegram business to offer money transfers over 100 years ago. The Automated Teller Machine (ATM), check to image, and electronic bill payment is all examples of technology helping to improve financial services; these technologies are all over 30 years old. These products are not considered fintech, but they ought to be.

The truth is that financial services have often evolved right alongside technological advances. The development of the ATM is a perfect example. The precursor to the ATM appeared in the late 60s and required a customer to receive a one-time voucher from a teller before making deposits, pay- ing bills, or obtaining cash. In 1969, the first ATM was launched by engineer Donald Wetzel and his company Docutel, leveraging magnetic stripe technology, also being used in credit cards, to enable cash withdrawal without the involvement of a teller. IBM, which helped to develop the magnetic stripe technology, partnered with Lloyds Bank in 1972 to create the self-service ATM with an intuitive user interface, back end connectivity, and PIN numbers stored in a database that was linked to the cards for added security. IBM continues to work on “fintech innovations” with its recent announcement of a new Watson Financial Services unit, designed to leverage its expertise in artificial intelligence to improve financial services risk management and compliance.

“Indeed, there are numerous instances in which nonbanks have been able to provide “bank-like” services at a lower cost (or higher rate of return) to the individual or corporate customer…”

– US Federal Reserve Bank of Minneapolis

This quote is from 1982. Nonbanks have been offering financial services for many years before the modern Fintech revolution. There are unique innovations driving the current revolution, which we will discuss below. But, the notion that the role of technology and non-bank competition in the modern iteration of Fintech is something entirely new is simply false. Rather than focusing on the newness of fintech or the type of entity engaging in the activity, we ought to focus on the impact that innovations are having on improving the lives of people.

Myth #2: Fintech is Outside the Traditional Banking System

Often coupled with the notion that fintech is new is that fintech is occurring outside of the traditional system. The majority of fintech innovation, perhaps with the exception of certain developing countries, is happening in connection with the existing financial system, and oftentimes in partnership with traditional financial institutions. Moreover, this myth overlooks the fact that traditional financial institutions themselves are investing billions into fintech, both internally and through acquisition.

There are cases where the existing financial system is seemingly bypassed entirely in favour of new models:

Marketplace Lending – Instead of an individual or company going to a traditional bank for funding, they are instead matched to private investors. The financial products created in these cases can also exist outside the system because the entities engaging in the transactions are not registered security dealers.
Crowdfunding – Instead of private accredited investors providing funding, anyone can provide funding for a startup business or idea.

Mobile Money – Partnerships between telecom operators and retailers have enabled a new wave of financial services (ie. payments, credit, wealth management) to be offered outside the traditional financial ecosystem.
Prepaid or closed-loop debit cards – Often issued by non-bank entities like retailers and used by the unbanked
Bitcoin and other cryptocurrencies – these are an effort to revolutionize the concept of money by removing the fiat from issuance and removing trusted intermediaries from the transfer.

But, even with these models, the formal financial system is often a major part of the process. Much of the capital for market- place lending is provided by institutional investors. Crowdfunding campaigns often result in money being deposited into a formal bank. Even mobile money and Bitcoin often leverage the traditional financial system for trust and liquidity.

These innovative models garner a great deal of media fodder. But, their impact on the broader global financial system has actually been quite small to this point. In emerging markets, these newer models are seeing uptake because the existing financial system is not very robust. Moreover, in the UK products outside the traditional banking system are beginning to see traction, but in large part because a regulatory and policy framework has been created to encourage them. UK regulators have enabled the creation of “challenger banks,” which can independently accept deposits and offer the full range of financial services. In the US, the fintech products that have scale tend to be in collaboration with existing financial institutions; core functions like deposit-taking continue to reside solely with banks.

Newer fintech models may compete with traditional financial institutions at first, but have also ended up aligning with traditional players. Case in point is OnDeck (a marketplace lender) signing a partnership with JP Morgan Chase. Other examples include BBVA’s stake in Atom Bank in the UK, PayTm offering loans in partnership with 10 banks in India, and PayPal partnering with Equity Bank in Kenya.

Many fintech companies are often focused on collaborating with the existing financial system to create better user experiences.

The infrastructure and access to scale that traditional financial institutions provide is incredibly valuable, and very few fintech can expect to scale unless they partner with the broader ecosystem. Important- ly, fintech is not something that is alien to financial institutions. Banks spend an estimated $50-70 billion annually on internal technology investment; to give this number some context compare it to the $22 billion invested in fintech companies globally in 2015.

Myth #3: Fintech is Unregulated

NNew technologies tend to capture the attention of regulators, and, precisely be- cause these technologies are novel, there is often an assumption that there is a regulatory gap. But, as described above, most of fintech is about improving the user ex- perience and partnering with the existing financial system to hold deposits and en- able investments, which is where much of the risk associated with financial services lies. Moreover, very few fintech firms pro- vide an entire range of financial services, often choosing to focus on a single service where there is need of improvement in the user experience, limiting the systemic risks associated with these services. Many of these vertical offerings are also regulated at various levels.

Payments provide an interesting example. Fintech payments businesses are often regulated in a manner similar to “non-fintech” payment businesses. In the US, this means regulation at the state level under Money Transmitter laws, which also cover entities like Western Union and bike messengers delivering a check. In the EU, fintech payments companies have been brought under the regulatory umbrella of the Payment Services Directive. In- dia, the Federal Reserve Bank has created the notion of a Payments Bank to enable fintech payments providers to hold balances and provide services. In describing the multitude of laws that currently apply to fintech payments companies it is clear that the problem is not a lack of regulation, but rather a lack of coordination amongst domestic regulators.

There are certain cases where fintech enables money to be stored, transmitted, or managed outside the traditional system as described in the previous lesson, but regulations are beginning to be extended to many of these products as well. For example, the Jumpstart Our Business Startups (JOBS) Act in the US provides regulatory guidance on equity crowdfunding. Central Banks across Africa and Asia have created regulations to guide the entities providing mobile money services. The New York Department of Financial Services created a “BitLicense” for entities interested in providing exchange and payment services associated with Bitcoin.

The vast majority of fintech applications are in fact regulated under existing financial regulations. Moreover, because fintech is often about enhancing the user experience, non-financial consumer protection regulation often applies to fintech entities. For example, in the US, the Federal Trade Commission’s Section 5 Authority to combat unfair or deceptive practices applies to a broad swath of fintech companies. Privacy regulations in the European Union apply to fintech service providers. Thus, the notion that fintech firms are unregulated is simply false.

Facts about Fintech

There are also some incredibly important facts about fintech that tend to get overlooked. This lesson seeks to highlight some of those facts and describe their importance.

Fact #1: Fintech is Mobile

Mobile technology is causing upheaval in a number of sectors from transportation to agriculture to retail. Financial services is no different. In October of 2016, mobile devices topped desktops in terms of global Internet usage for the first time in history. In 2015, there were an estimated 2.6 billion smartphone subscriptions globally – that number is expected to be 6.1 billion sub- scriptions by 2020.

This mobile revolution provides fintech service providers with an unprecedented instant potential customer base. Addi- tionally, it radically reduces the cost of of- fering a service because that product can be offered without building out any cost- ly physical infrastructure. Increasingly, mobile users The low barriers to entry in fintech also means that there is increased competition, which again lowers costs for end customers.

Mobile is transforming every aspect of fintech. In payments, mobile represents the first change in the device to initiate a payment since plastic cards were introduced to the market in the 1950s. And, the value of mobile is not that it is “faster” than plastic, but rather that it adds value to users in the form of enhanced product offerings and increased security. Coupons can be stored on a mobile device, fraud monitoring can be done actively through text messages, and authentication can be verified by biometric and/or device signatures. Mobile data can provide fintech companies in the credit space with important alternative data elements that they can use to assess credit. Mobile apps are becoming increasingly popular, particularly among Millennials, as a way to manage transaction accounts. These apps coupled with the Smartphone’s camera can also take pictures of physical checks in order to enable direct deposit or cards to enable funding of a digital wallet.

We are still in the early days of the evolution of mobile’s impact on fintech. The global mobile payments market is expect- ed to grow at a compound annual growth rate of 36% by 2020. Biometrics are only just being implemented into modern smartphones, enabling far more secure and accurate forms of authentication. Wealth management apps continue to evolve in the information they present and the control they provide users in analyzing and adjusting their savings. The mobile device provides a canvas upon which software will continue to develop and provide tailored financial services directly to customers in an always accessible, simple, and transparent format.

Fact #2: Fintech is about Partnerships

The scale and nature of the challenges for the future of the financial system require a range of skills and a portfolio of assets that can rarely be found within a single organization. Whether processes involve customer-facing interfaces or back-office automation, companies providing specialized technology are radically changing the way financial institutions and systems operate. Some of these innovations are in less-regulated aspects of financial services and are therefore able to rapidly scale. In heavily regulated segments of the industry, however, continued progress likely will involve cooperation and integration between regulated financial institutions and the providers of disruptive technologies.

The very term “financial technology” is indicative of the convergence of the worlds of “finance” and “technology.” The barriers between those worlds have fallen, or at least become much more porous, as the technological revolution has forced regulated financial institutions to innovate at a much more rapid rate than has been seen in the past, while technology providers that seek to disrupt calcified financial systems have begun to fall more fully under the financial regulatory umbrella.

For example, there is a long history of banks partnering with third parties in order to make various types of credit products more readily available to the mass market. Even a simple innovation like the credit card has reached ubiquitous levels of distribution in part through partnerships between banks and retailers or affinity partners who collaborate to produce ed way. While meeting an important consumer need to collect an overall financial picture based on data derived from multiple sources, the screen-scraping approach had drawbacks. Some implementations placed burdens on bank systems due to automated log-on designed to ensure that up-to-date information was presented to consumers. Further, the collection of banking credentials created another potential point of failure and the risk of unauthorized access to bank accounts. Through cooperative relationships with banks that hold consumer accounts, however, data aggregation sites are able to establish more secure data feeds without using consumer log-on credentials, improve data security and quality, enhance the customer experience and reduce risk.

Lastly, it is worthwhile to look at the partnership between the Royal Bank of Scot- land (RBS) and Funding Circle. RBS and Funding Circle have different methods and practices for underwriting loans. This partnership involves the RBS referring declined small business loan applications on to Funding Circle, increasing the likelihood that an entity will secure the financing it needs. Through a partnership, fintech and financial institutions are working together to serve those that are currently underserved; this is the ideal socio-economic outcome. It is through these types of partnerships that fintech will continue to thrive.

Fact #3: Fintech is Global

It is a fallacy to think of fintech solely in the context of Western Nations. The Monetary Authority of Singapore held a “fintech festival” in 2016, which attracted more than 10,000 people from over 50 countries. Investment in the fintech sector globally in 2016 was $24 billion; with a significant percentage of this investment coming in emerging markets. These emerging markets lack traditional financial systems and therefore are ripe for new models. Some of the most innovative fintech products have been created in the developing world. Moreover, the Internet now has 3.5 billion users globally, and most of the new users in the past few years and going forward will be in emerging markets.

Diego Comin, Professor of Economics at Dartmouth University, has done invaluable work on the topic of global technology diffusion. Professor Comin argues that over the last 200 years, the time lag in technological adoption between developed and developing countries has narrowed; in other words, technology is diffusing to the developing world faster than it ever has. Professor Richard Baldwin of the Geneva Institute builds upon the ideas of Professor Comin to argue that knowledge is now able to be diffused over this technological network faster than ever before, which is how Professor Baldwin explains the tremendous rise in development in emerging markets like China and India in recent years.

Fintech provides an amazing opportunity for emerging markets to leapfrog traditional financial services and move directly to the most cutting edge smartphone data-based applications, just as many countries leapfrogged traditional fixed-line telephony and moved directly to mobile. Given that the smartphone is a global phenomenon, data can be collected on customers in emerging markets and tailored solutions can be created to meet needs. Fintech players can also rapidly scale solutions from a local market to a global market; take the example of the Commercial Bank of Africa announcing that it would expand its mobile money credit offering M-Shewari from East to West Africa in 2017.

Fintech partnerships are also increasingly global. Alibaba made a strategic investment in India’s Paytm. Western Union has partnered with Japanese technology company Rakuten’s Viber service to enable Western Union money transfers between 200 countries via the Viber app. Global partnerships also are blossoming in the fintech regulatory space. The UK has been a leader at creating “fintech bridges” with policymakers in other countries [ie. South Korea, Hong Kong, among others] in an effort to create interoperable policies in the fintech space. Singapore has been a leader at reaching out to governments [India, Australia, among others] around the world to cooperate on the approach to fintech. These regulatory partnerships are incredibly important; since fintech can rapidly scale across borders and would be better served by international regulatory standards.

Fintech in Action: Case Studies from the Frontlines

Fintech is not just a single undertaking, but rather is the shifting of a broad variety of financial services verticals. Remote deposit-taking, automated compliance filing, crowdfunding, cryptocurrencies; these are all examples of specific innovations that underlie the broader phenomenon of fintech. Understanding each of these verticals, the technology taking shape, the stakeholders involved, and the risk profile is central to addressing issues of concern in these new models. This lesson will undertake a deep dive of three particular verticals where fintech has brought about a major change in the ecosystem.

Payments: Check to Mobile

Payments are arguably the baseline of financial services. The move from ancient barter-based payments to modern mobile payments is fascinating because nearly every step has involved technological change. Several excellent books have been written on the developments from barter to coins to cash to check; but, we choose to begin our discussion with the move into electronic-based technological methods for moving money.

Presenting physical checks for liquidity proved to be inefficient over time. Check usage fell by 50% between 2003 and 2013. The Automated Clearing House (ACH) system was launched in the 1970s to enable processing of bank payments through electronic means. ACH went from processing 500 million payments in 1971 to 84 billion in 2009. The ACH network, however, was designed for back-end bank-to-bank transfers and therefore did not achieve widespread consumer usage and only recently began to develop solutions like same-day clearing that would encourage more widespread use.

Payment by card originated in the early 1900s when paper cards were given to trusted customers of retail establishments. The first widespread card was the closed-loop Diners Club, which by the end of its first year in business in 1950 had about 10,000 cardholders. The first plastic card, which was also closed-loop, was introduced by American Express in the late 1950s. Cards began to be more ubiquitous when in the 1970s they became fully electronic, authorization time was greatly reduced, and the paper was removed from the transaction. The 70s also saw the introduction of chips in cards that enabled the storage of information like transaction logs and limits. These chip cards are now becoming the norm due to the enhanced security they can provide. Debit card proliferation is another recent phenomenon. In 1995, debit cards only made up just 2% of non- cash payments, but by 2012 that number was 47%. It is estimated that by 2021 there will be 17 billion payments cards in circulation.

While checks and cards were largely bank-driven (or at least enabled) solutions, nonbank competitors have been in the payments space for well over a century. Telegram business Western Union introduced money transfers in 1871. Western Union payments were often cash transactions taking place completely outside of the traditional banking system whereas the recent rise of online and mobile payments has taken place largely through a partnership with the existing financial system, although there are important exceptions, particularly in the developing world.

Mobile payments in developed economies largely “ride-on-the-rails” of check and card payment mechanism. The ACH network continues to underlie mobile payments that are executed between bank accounts, and with the ACH network moving to same-day settlement mobile bank-to-bank payments will become even more attractive. Mobile payments also link into debit and credit cards to enable point of sale and card-not-present transactions. It should be noted that the above reflects the experience of western nations when it comes to payments; emerging markets have moved far more rapidly in the mobile payments space, largely due to a lack of a developed bank and card payments ecosystem.

The numbers on mobile payments demonstrate that technology is just starting to take off. A 2016 Pew survey demonstrates that 46% of consumers in the US have made a mobile payment. Visa’s 2016 Digital Payments Study found that the number of Eu- Europeans regularly using a mobile device for payments has tripled since 2015. Market research firm NOVONOUS estimates global mobile payments to have a compound annual growth rate of 36% by 2020.

Payments continue to be a highly heterogeneous space. For larger payments, checks and banks transfers continue to be the preferred method for transfers. For smaller retail payments, cards are ubiquitous and mobile payments are just starting to gain traction. For a person to person transactions, cash is king, but mobile payment solutions are beginning to prove attractive, particularly for younger users. With an estimated 6.1 billion smartphone users globally by 2020, mobile becoming the method of choice for payments seems ever more likely.

Credit : Standard to Alternative Data

Lending has been a particularly exciting area for fintech development. According to the World Economic Forum, 27% of to- tal fintech investment has gone into con- sumer lending, and 16% into small business lending. Credit scoring has traditionally been an area of heavy technology usage as companies sought to aggregate data about consumers and businesses in order to as- sess credit. But, the recent innovation in credit has been in the usage of alternative data elements that are now available in the digital era.

Credit reporting began over 100 years ago when small merchant associations were created in order to trade financial Information about customers. In the mid-1950s engineer Bill Fair and mathematician, Earl Issac created the company FICO and began creating credit scores for investments; those scores eventually expanded to consumers; and, the general-purpose FICO score was released in the late 1980s. A 2018 study demonstrated that these FICO scores were used by lenders in 90% of consumer and mortgage loan decisions. These scores were also used for small business loan decisions. The scores were generally based upon 5 categories of data: 1) payments owed; 2) payment history; 3) new credit; 4) length of credit history; 5) types of credit used. These data categories have not changed in the last decade or so, and largely come from traditional financial institutions. European credit reporting agencies report using similar sources of information in assessing credit, albeit with a larger focus on government sources of data than in the US. Limited access to traditional banking services and the data they produce means that emerging markets did not develop credit scoring models at scale.

Information asymmetries were a tremendous challenge in traditional credit scoring. Most of the data involved in calculating a traditional credit score came from traditional financial institutions. Lower-income, younger, and minority consumers and small businesses often lacked the prerequisite paper trail to document their historical payments and credit flows and therefore were considered risky lending propositions. New technologies have led to the rise of alternative data elements, which has shifted the landscape by introducing new competition into the marketplace.

An article by McKinsey highlights six new data elements that could be used for credit risk assessment that would not be considered as part of a traditional credit check :

Telecommunications –information on communication habits and connections can signal reliability to repay.
Utilities –information about how regularly utility bills are paid can be indicative of creditworthiness.
Wholesale Suppliers– payment history from small businesses to their suppliers demonstrates cash flow patterns.

Retailers – consumer purchases and history of repayment can reflect on the ability to take on further debt.
Governments – identity data can be helpful in combatting credit fraud.
Financial Institutions – newly designed algorithms can find patterns in balances and transaction patterns that could indicate creditworthiness.

Others look at customer feedback, reviews, and ratings on small businesses websites to assess credit. SoFi, which provides student loan services among other lending products, looks at a student’s course of study and university to understand credit risk. Accounting software services like Intuit or Xero enable plug-and-play integration with an invoice finance platform to rapidly enable credit assessment based upon receivables. In partnership with banks, Pay- Pal and Square are able to leverage transaction-level data to make credit decisions. Marketplace lending platforms, such as On Deck and Lending Club, match lenders with borrowers in an automated fashion.

It is not just new startups that are realizing the benefits of alternative data elements. A report from Vantage Score [a joint effort of Experian, Equifax, and TransUnion] found that it could use alternative data elements [like rent and utility payments and public records] to assess the credit of 30 to 35 million people who were previously unscorable. Vantage Score found that 10 million of these unscorable consumers were prime or near-prime and were not risky for lenders, but without this data, these individuals would unlikely secure credit. In April of 2015, Fair Issac Corp (FICO) – the creator of the most widely used consumer credit scores in the US – also announced that it would begin to use alternative data in its scoring models.

Alternative data elements enable lenders to say ‘yes’ in cases where previously they would have been unable to do so.

Wealth Management: Manual to Automated Advising

Asset management was traditionally an exclusive privilege of those who could afford private banking. Financial advisors provided high net worth individuals with a level of expertise and comfort in the notion that their money was being managed soundly and effectively. Yet again, one could identify the 2008 financial crisis as the moment where this trust was greatly reduced, leading to an opportunity for fintech to step in. The innovation in wealth management was the leveraging of data and automation to make available to the masses the knowledge and insights typically reserved only for the wealthy.

In the US, only 28% of individuals use the services of a financial advisor, 17% in Ger- many, and 14% in the Netherlands. Wealth managers often have minimum investment requirements, charge high fees, and can complicate the process by offering a confusing range of accounts, offerings, and strategies. Accenture estimates that some of the traditional costs associated with wealth management can be reduced by more than 70% through automation. Placing wealth management tools online, enabling access to information on a mobile device, and automating asset allocation, implementation, and rebalancing decisions have democratized wealth management thereby enabling a whole new class of individuals to plan and save for their futures.

Financial advisors have been using technology to assist in their research and trading for years. The differentiation of the current evolution of fintech in wealth management is putting the enhanced insights that technology can deliver directly in the hands of the customer. Automat- ed advisors like Nutmeg, Betterment, and Wealthfront automatically invest and manage money based upon preset parameters from the user. Large traditional advisory firms like Charles Schwab have also seen the benefits of offering automated advisory services alongside traditional advisory services. These automated platforms have intuitive user experiences where a client’s basic details can be captured, risk tolerance can be assessed, and asset allocation can be advised all in a matter of minutes. Moreover, these automated tools greatly speed back-office services such as tax reporting and billing functions. Estimations are that by 2020, $2 trillion will be invested with automated advisory services, which is 5.6% of Americans’ investment assets.

There have been significant improvements in automated wealth management tools since their inception, and as with other areas of fintech, the advances are present on a global scale. Vanguard began the trend of offering financial advisers alongside automated services, and now Capital One has also launched a “hybrid” service that combines automated services with financial advisers that can be reached by phone. Fintech startups like Acorns have used the mobile device to nudge users into better savings habits by rounding up payment transactions and investing the change in exchange-traded funds. Alipay’s Yu’e Bao (English translation: leftover treasure) started as a way for users of the Alipay service to earn a bit of interest on their balances and is now the largest money market fund in China. Nutmeg, based in the UK, enables users to specify goals that they are hoping to achieve (ie. own home) and tailor their investments towards achieving those goals.

What fintech firms have done is to identify opportunities where the traditional financial system has fallen short in providing a service or where a particular aspect of the process could be made more efficient. So fintech is transforming a number of different segments of financial services, but the methodology of these innovations is quite similar. Fintech utilizes the mobile phone, real-time information analytics, new forms of data, and highly-tailored algorithms and user interfaces to take a traditional financial services product and offer it in a new light. A recent Deutsch Bank report described fintech innovation aptly:

“ Across different corners of the industry, these developments all share common characteristics of improved interoperability, simplicity and added value. ”

But, beyond just serving customers with something they like, fintech has important socio-economic benefits as well, which will be described in the next lesson.

Why Fintech Matters: Enhancing Security and Enabling Opportunity

We have demonstrated the tremendous impact that fintech has had in delivering a more intuitive user experience, but the benefits of fintech go well beyond simpler slicker interfaces. Former US Treasury Deputy Secretary Sarah Bloom Raskin stated it well when she said:

“Financial innovation embodies the act of introducing new approaches to strengthen our financial system so that it can better serve people.”

This lesson follows the dual goals of Deputy Secretary Raskin and looks at the benefits for security and better serving financial services customers.

Enhancing Security

Security is paramount in financial innovation because the bedrock of the financial system is trust – trust in the security and reliability of the system among those who use it and trust among the myriad institutions that make up the system. If fintech firms don’t protect people’s data privacy, guard their data, and combat illegal activity then they won’t have customers. Person-to-person payments apps, marketplace lending platforms, and wealth management algorithms get a lot of the press, but enhancements in authentication tools [biometrics], cryptographic encryption designed to protect sensitive financial information [tokenization], and new forms of fraud detection that use big data to search for unorthodox behaviour [transaction monitoring] are equally important fintech innovations. This enhancements to authentication, data privacy, and fraud protection are important to understand as they are developments on the back end that are enablers of the development and scaling of front end innovations in segments like payments, credit, and wealth management described above.

Enhancing Authentication with Biometrics

Authentication is traditionally achieved through offering a static piece of paper with some personal details and a photograph. Passwords began to be used for authentication during the early computing and Internet age, but the ease of password theft and abuse has created a demand for better solutions. With ubiquitous mobile devices capable of authenticating sight, sound and touch, it is now becoming clear that biometrics may offer an efficient and effective form of authentication in the future. Juniper Research estimates that over 600 million mobile devices will have biometric authentication by 2025, up from an estimated 190 million mobile de- vices in 2019.

Innovations are occurring rapidly in the application of biometric authentication technology to financial services. India’s Aadhar is an excellent example of a multifactor authentication system leveraging a unique identifier number as well as fingerprints and retinal scans for authentication. The Aadhar system can be used to instantly sign up for a bank account and know-your-customer authentication can be performed remotely and electronically. The Citibank mobile app now contains voice, facial, and fingerprint recognition software. Alibaba’s Ant Financial acquired retina scanning startup Eye Verify in 2019 to help with remote authentication. The firm Bioconnect enables services to utilize multiple biometrics for authentication in case one fails. Biocon- next has partnered with Visa to demonstrate how this technology could greatly enhance the usage of biometrics. Master- card recently partnered with startup Zwipe to create the world’s first biometric contactless payment card.

Despite these innovations, biometrics is not a panacea for security and multifactor authentication. Moreover, biometric data introduces a new potential risk when it comes to data privacy and security. If biometric data is compromised, “resetting” it is not like resetting a password. But, combined with other factors like a pin, device, or some other unique identifier biometrics can greatly enhance security, simplify authentication, and scale security solutions. Biometrics does, however, have limitations especially with disabled individuals whose ability to interface with the technology may not be feasible. As a result, one of the innovations that Fintech can help drive is to provide access to biometric security alternatives for the disabled.

Standards are beginning to emerge in the biometric authentication space that should help coalesce the industry and scale solutions. Service providers must constantly assess and optimize their security toolset. The Fido Alliance’s UAF standard combines a transaction detail with a biometric or pin to authenticate. Authenticated items are stored cryptographically so that they can- not be stolen and then used. Cryptography is also at the heart next security innovation that fintech has scaled: tokenization.

Protecting Against Data Abuse with Tokenization

This report has demonstrated that one of the major benefits of modern fintech has been the ability to generate and utilize data, but one of the risks of increased data is breach and fraud. Major data breaches have seemingly become a regular occurrence. The personal information of millions of users has been stolen from a plethora of organizations.

Only 25% of organizations have the necessary technology to detect or respond to a hack or data breach. One of the major ways to lower the risk of a data breach, therefore, is to limit the number of entities that have access to personally identifiable information to those that have proper security practices in place; this is where tokenization comes in. Traditionally, an electronic retail transaction would involve the transfer of sensitive payment information to the merchant, with the merchant storing that information in a database. The Target data breach of 2018 demonstrates how credit cardholder information could be stolen from a centralized merchant system. Tokenization provides a solution that reduces the risk of a breach to a merchant leading to sensitive consumer financial information being revealed.

Tokenization involves replacing sensitive financial data with an alias (or token). Sensitive data is stored in a highly secure location and tokens are created to match the sensitive information. When information needs to be shared, then only the token is sent instead of the sensitive information. And in the most secure scenarios, “one-time” tokens are created every time a new transaction is undertaken. As with many of the “innovations” discussed in this article; tokenization is not an entirely new concept, as it has been used since the 1970s to isolate sensitive data elements, but how fintech is using tokenization to secure modern financial services is unique. Tokens can now be created in real-time and delivered securely over the Internet; tokens can be also used for mobile device transactions, and, tokens can be securely shared between a wide variety of entities in the financial services ecosystem.

Tokenization has been widely adopted across the fintech ecosystem and partnership has been at the centre of proliferating the technology. Visa and MasterCard recently announced a partnership to request tokenized payment credentials from one another to use with their respective digital wallet products. Moroccan electronic payment solutions firm HPS announced the partnership in 2019 with US-based security firm Gemalto to offer card issuers and acquirers mobile tokenization solutions that can apply across a variety of handset technologies. Tokenization is still an emerging technology, but if combined with other security best practices it can significantly lower the risk of data abuse across the ecosystem.

Uncovering Illicit Activity with Real-time Monitoring

When it comes to financial services, the risk of fraudulent transactions is real. In order to mitigate those risks financial service providers traditionally relied upon onerous sign-up procedures, customer diligence by monitoring monthly statements, and retroactive investigations of batched transactions conducted on a regular or ad hoc basis. Fintech enables financial service providers to use enhanced data capture and analysis techniques to monitor behaviour in real-time, detect anomalies, confirm suspicions and implement effective controls. Many fintech work in partnership with financial institutions as service providers working exclusively on combating illegal activity. Monitoring financial services account for unusual behaviour is not a new concept. Regulations across the world require financial service providers to monitor financial transactions and report suspicious activity. Fintech, however, makes possible more consistent real-time monitoring at scale. When financial transactions are conducted electronically they create an instant audit trail that can be monitored. The storage of data enabled by fintech means that financial service providers can compare real-time transactions instantly against a long-tail pattern of behaviour for any particular customer in order to estimate the likelihood of fraud. A real-time alert can be sent to the customer’s mobile device to determine if a transaction was in fact unauthorized. The response can be implemented instantly by shutting off access to the electronic account, creating a new authentication mechanism, and/ or restoring any money that was used in an unauthorized manner.

Customers now demand financial services decisions made in real-time, and therefore risk, monitoring, and redress must be done in real-time. There are numerous examples from across the ecosystem of how fintech is improving the process of detecting and controlling against illicit activity. IBM’s Trusteer service looks at “behavioural biometrics” like the way a mouse cursor is used, geo-location, and device to identify anomalies that might be indicative of fraud. Capital One’s mobile app provides real-time notifications about suspicious purchases, enabling a user to click an “all clear” button to authorize transactions that may have appeared suspicious due to location or type of purchase. Canadian startup Trulioo provides financial services companies with instantaneous identification verification for 4 billion people in over 45 countries. PayPal utilizes transaction monitoring and case management technology to identify potential money laundering risks in real-time. Oakhall, a London-based analytics firm, estimates that banks could save $12 billion annually by employing adaptive machine learning fraud management systems.

Trust and security in financial services have been eroded by the continuing parade of breaches, illicit transactions, and poor security management. Fintech is enabling more secure interfaces between consumers and their institutions, better protection again fraudulent or other suspicious activity, and better control over digital identities and other sensitive data. These innovations may not grab headlines, but they are an integral part of realizing the value of fintech.

Expanding Opportunity

Financial services enable individuals and businesses to take greater control of their financial lives, have better access to financing when they need it, and keep their money safe. Mobile technology has the potential to expand the benefits of financial services to every corner of the planet. The current wave of technological innovation in financial services is only the latest iteration in a series of technological developments that have democratized financial services:

Credit cards enabled the broad availability of unsecured consumer credit to the masses;
FICO scores enabled automated underwriting, dramatically improving the ability to offer credit to a mass market through gains in the efficiency and accuracy of the underwriting process; and
Mutual funds provided broad-based public access to the stock market while mitigating risks from imprudent concentrations in individual stock positions.

Modern technological services are continuing the trend. Fintech innovations are expanding access, improving transparency, enhancing choice, lowering costs, and enhancing financial health. This democratization of financial services has tremendous socio-economic benefits.

Access

Consider the example of M-Pesa proliferation in Kenya, which was enabled by the fact that the product came preloaded on Vodaphone mobile devices and therefore was able to proliferate rapidly across Kenya. Mobile money is now used by at least one individual in 96% of households in Kenya.

Prime Minister Narendra Modi of India has pledged universal bank account access for the country’s 1.2 billion residents. This vision can be achieved by leveraging the over 1 billion mobile phones in India coupled with the over 1 billion digital and biometric Aadhar identity accounts. In just the last three years, over 250 million accounts have been opened in India.

Fintech enables not only wide reach across a single nation, but also enables the proliferation of access to new services globally and with unprecedented speed. With over 3.5 billion people connected to the Internet, the ability to provide access to financial services to people around the world is now a reality. With regards to speed, consider that in one day in February 2019 PayPal released its One Touch technology, which makes online and mobile payments easier and more secure, to 100 international markets.

Transparency

Fintech creates visible and traceable data points at nearly every customer interaction. These data points create a picture of a customer’s financial life that is far more transparent than at any point in history. Clearer, more intuitive, user interfaces enhance customers’ understanding of their financial options. Customers can also easily compare the costs and other features of those options. These tools are available 24 hours a day 7 days a week.

In the area of wealth management, consumers have often worked with investment advisors because they felt that they were unable to understand the process.

These advisors, however, have not necessarily reduced complexity. A recent Charles Schwab commercial highlights this phenomenon. When a father offers to introduce his son to the family broker the son asks, “how much does he charge” and the father responds, “I don’t know.” Digital wealth management platforms provide customizable user interfaces that can provide the user with any level of detail on exactly how his/her money is being invested. A financial services customer now has complete transparency into how his/her money is being stored, moved, managed, and invested.

Choice

Technology enables the tailoring of products and services to customer needs in a way previously unthinkable. Instead of a few segmented payments, credit, or wealth management options, “Mass Customization” will enable customers to choose financial product characteristics most relevant to their needs.

Small business lending provides an interesting case study of the enhancement in choice brought about through fintech. In the wake of the financial crisis in the US and Europe, many retail bank branches were closed. One of the major impacts of this reduction in retail branches was a correspondent reduction in small business lending. Retail branches often served as the only choice by which a small business could secure funding; a local banker would know the small business and might be able to assess credit-worthiness in a manner that would enable financing. Fintech has stepped in to fill the gap in the small business financing arena left in the wake of the financial crisis. Research from PayPal demonstrates that 25% of PayPal Working Capital loans in the US go to 3% of counties in the US that lost 10 or more banks since the financial crisis.

Payments is another area where technology has led to enhanced choice. Apple Pay, Android Pay, Coinbase, Visa, Mastercard, Alipay, Venmo, China Union Pay, Samsung Pay; there is no shortage of options for customers in choosing a payment option that best meets their needs.

Costs

The cost savings from being able to pro- vide businesses and consumers with tai- lored financial services based upon data and directly through mobile devices are significant. Thomas Philippon, Professor of Finance at the Stern School of Business, New York University argues that despite information technology being leveraged heavily in the financial services industry the unit cost for financial intermediation has stayed steady over the past 130 years. Professor Philippon argues that fintech has the potential to pass along cost sav- ings to financial services consumers for the first time by offering new solutions and building more intuitive and customer fo- cused solutions.

The McKinsey Global institute’s report on Digital Finance contains excellent data on how fintech can help reduce the cost of financial services in the developing world. Perhaps the most insightful statistic is that digital technology may be able to cut the annual cost of serving one financial services customer in an emerging econ- omy by 80-90%, largely through the fact that services can be offered and managed remotely instead of forcing the customer to come into a centralized location. These savings could result in an estimated 95 million new jobs, $2.1 trillion in new cred- it, and $4.2 trillion in new deposits. Mobile removes the traditionally high cost of infrastructure costs associated with financial services, and those savings can be passed along to customers.

Let’s look at the area of remittance payments as this reflects an area where fintech has already born fruit in the form of lower costs. The average cost globally for sending remittances is nearly 7.5%. Recent studies have shown that fintech can cut those costs in half. A study by Xoom/Pay- Pal demonstrated that digital remittances through Xoom and PayPal cost just 3.9%, nearly half the cost of traditional channels. A study by the GSMA (Global System for Mobile Communications Association) had a surprisingly similar finding, namely that remittances sent between mobile networks in Africa were half the cost of traditional remittance services. With global remittances expected to be $600 billion in 2016, the cost savings from switching to digital remittances could be equivalent to $21 billion.

Financial Health

The World Bank has a stated goal of universal financial access by 2025. Fintech will no doubt be able to help in achieving that goal. But, more importantly, once every- one has access to basic financial services, fintech can help to solve the problem of usage. Despite the massive proliferation of bank accounts, in 2019, the World Bank reported that only 15% of Indian adults reported using a bank account to make payments. Fintech can help to tailor financial services to the needs of people regardless of the nationality or income level. Enhance- ing financial health is perhaps the most exciting potential benefit of fintech.

“People need the value-added ser- vices that are the standard in the developed world in order to reap the full benefits of Internet access and financial inclusion.”

– International Monetary Fund.

The Center for Financial Services Innovation defines financial health as being “achieved when an individual’s day-to-day financial system functions well and increases the likelihood of financial resilience and opportunity.” There is a need to build up the financial health of individuals around the world. Nearly half of Americans don’t have enough money to cover a $400 emergency expense. Only 7% of adults in the developing world have access to a credit card, which would be able to help with emergency expenses. Micro Small and Medium Enterprises in the developing world have an estimated financing gap of $2.1 to $2.6 trillion. The World Bank projects that by 2030, developing countries will account for half of the world’s savings and investment, but that the poor will still struggle to have adequate savings due to lack of financial literacy, education, and economic opportunity.

Fintech enhancements in savings, payments, and financial literacy are driving gains in financial health. A partnership between Walmart and Greendot in the US has resulted in increased savings for prepaid card users. The savings incentive program called Prize Savings, involves users logging in to Walmart’s MoneyCard App and transferring money to a savings account in order to be entered into a monthly drawing for cash prizes. The program has resulted in a 35% increase in savings for those that participate. An article in Science Magazine found that mobile money solutions in Kenya lifted 2% of the population or 194,000 households out of poverty. Fintech wealth management tools like Acorns can help with financial literacy by making customers aware of healthy financial behaviours through tailored articles delivered over the mobile device. These are the tangible benefits that fintech has brought to the financial health of individuals around the world, but we are just at the start of fintech democratizing the benefits of financial services.

The increased opportunity and enhanced security provided by fintech are far more exciting than the innovative technological methods of delivery. But, for these gains to be fully realized the right ecosystem must be in place, which is what will be discussed in the final lesson of this course.

Creating an ecosystem for Fintech to Thrive

Technological innovation and business partnerships will continue to evolve and create new and better solutions for customers. But, without the appropriate enabling environment in place, some of the most innovative fintech solutions could be stifled. Promoting policies that foster an ecosystem for fintech to thrive, while mitigating risks is the balanced approach that policymakers and regulators ought to adopt.

Policymakers need to understand the technological developments driving fintech and embrace the digital revolution to support their goals of serving, protecting, and empowering citizens. Industry engagement should be a central aspect of regulators and policymakers’ efforts in the fintech sector. We understand the tremendous challenges that policymakers face in this rapidly evolving ecosystem and we are seeking to provide thought starters that can move us on the path of creating a regulatory framework that better addresses policymakers’ concerns while enabling fintech to thrive. This lesson looks at four key areas of policy where a digital mindset (indicated by the letter ‘e’) would serve policymakers well in creating the balanced enabling environment required for fintech.

eID

Identity is essential for access to formal financial services. Regulation often requires that government-issued identification be presented in order to sign up for a service. Fintech players, however, rarely have a physical presence where users can present physical identification.

Digital identity is a means by which the identity of individuals can be authenticated in order to enable a range of trust principles remotely, or in person. Not all interactions/transactions require the same level of trust. However, some level of digital identity is the underpinning of virtually all transactions on the Internet.

The lack of a secure, reliable, digital identity framework poses a significant barrier to more efficient online interactions and economic participation by citizens least able to overcome those barriers. The fact that dozens of institutions are forced to repeat the same identity verification activities, for the same person, across multiple platforms to satisfy anti-money laundering, sanctions monitoring, and fraud risk management obligations is a material drain on economic resources.

While private-sector innovation is critical to the evolution of a digital identity model, the private sector alone will not easily achieve the kind of ubiquity necessary to enable transformative change in digital identity management. Rather, government leadership will be critical in providing a framework and basic standards by which a common digital identity can be adopted across institutions and industries. Once an individual is validated as “known” through a commonly accepted framework, digital credentials can be associated with the individual in a way that will materially reduce the amount of duplicative effort required for that individual to interface with different parties. Such digital credentials might identify specific characteristics of the credential holder. They might be associated with varying levels of identity validation and assurance for different applications and counterparties.

For example, the level of vetting necessary to enable an individual to engage in high-value fund transfers or transactions involving high-risk countries or counterparties (e.g., “enhanced due diligence” required of financial institutions for certain anti-money laundering applications) should be different from the vetting required for ordinary course consumer transactions. The key is that work must begin now if the government is to take leadership in establishing basic models on which the industry can build interoperable systems of identity.

Different models for digital identity would work in different contexts. In India, for ex- ample, the government has seen tremendous success with its Aadhar initiative. This does not mean that a single, government-run system of national digital identity is the only solution. Rather, by establishing basic standards and models and a legal framework that permits multiple parties to rely on a digital identity that satisfies those standards, the public sector could provide a significant catalyst to propel economic growth and financial inclusion for decades to come. The private sector would then have the foundation on which digital identity infrastructure could be built. In the case of a private sector-led digital identity infrastructure, the government must avoid picking a winner, technology must be open access, the process must be transparent, and the government should serve as an auditor to ensure that identity credentials are being stored securely and being used appropriately.

eVerficiation procedures must also be put in place to enable a digital ID to be used at scale. eVerification protocols enable the recipient of the credential to validate the association of the credential with the credential-holder, and thereby validate the functional equivalence of the credential with a flesh and blood human being. A strong authentication regime, therefore, works hand-in-glove with a strong digital identity regime by enabling recipients of digital identity credentials to rely on those credentials for meaningful validation of real identity.

Approximately, 1.5 billion people globally do not have an officially recognized document to prove their identity; the majority of whom are living in emerging markets in Asia and Africa. The benefits of a digital identity extend well beyond financial services, making it easier to access health, energy, and government resources. In Moldova, for example, the “MeID” program enables citizens to access 98 e-services online as well as significant legal documents remotely. Moreover, in developed nations like the US and Europe, while physical IDs are commonplace, digital IDs are largely non-existent. Digital identity solutions have a disproportionate impact on those who live away from city centres and may not have the resources to travel in order to secure resources; in other words, those who need it most.

eKYC

When a user signs up to a modern technology-based service he/she creates a login credential to provide an added layer of security and authenticate a transaction. The traditional model for this login credential has been a password. Unfortunately, passwords have proven to be a less than an ideal method for authentication both from a convenience and a security perspective. New methods for authentication based upon device, biometrics, and other tools can provide additional security and convenience.

As with the core digital identity regime, the government can play an important role by establishing a set of standards that clarifies risk tiers, metrics, and baselines for authentication. Although it can be argued that the risk allocation for use of inadequate authentication can be reasonably managed through private sector contracts, there is a baseline of acceptable practice that should be required for most financial transactions (and potentially other types of interactions). That is in part because trust in the security and integrity of the financial system is a public good that can be squandered by individual actors willing to cut corners in a way that creates doubt in the minds of the public as to the integrity of the system as a whole.

It is worthwhile to examine the Europe-an Banking Authority’s (EBA) consideration of “Strong Customer Authentication” (SCA) for electronic payments. The Proposal is to mandate strong customer authentication through strict technology mandates requiring specific data elements and multiple clicks in order to authenticate and process any online transaction over 10 euros. Visa reports that express online checkout with one click represents 50 percent of total e-commerce sales. The EBA does not demonstrate that these one-click solutions are any more likely to lead to fraud, and yet the SCA requirements would make these more convenient, and possibly more secure, methods illegal. Such a requirement is precisely the type of model to avoid when determining proper verification rules.

Importantly, the establishment of authentication standards can be done without requiring the use of particular technologies. Instead, baseline metrics can be set that will establish minimum acceptable practices, which can be implemented using a variety of competing technologies and models. For example, there is a tremen does amount of ongoing innovation, using a variety of technologies, in the space of multi-factor authentication regimes. Multi-factor authentication is commonly defined as an authentication regime that requires the presence of at least two different types of authentication tokens from the baskets of (i) something you know (e.g., password), (ii) something you have (e.g., mobile device) and (iii) something you are (e.g., fingerprint). The private sector is experimenting with a wide range of technologies in this regard that include elements such as device location, device, fingerprint, user behaviour, and biometrics beyond the fingerprint such as facial recognition and iris scans. Policymakers need not mandate the use of specific technological forms of multi-factor authentication but instead should enable the private sector to innovate in achieving the policymakers’ goals of lower fraud or anti-money laundering.

Policymakers need to create a flexible authentication regime that clarifies risk tiers and metrics, but does not mandate technological solutions and instead provides the private sector with the ability to innovate on the best way to achieve those metrics.

eSecurity

The final leg of the identity infrastructure that supports the financial industry is data security. Knowing who a customer or counterparty is with a sufficient level of assurance is critical to the continued growth of virtual commerce, but each of the preceding elements would be substantially undercut without a data security regime that ensures the integrity of critical personally identifiable information, including identity credentials. The security of personal financial information has received considerable attention over the past several years, and much of that attention has been adverse, with the continuing parade of the data breach- es that has compromised millions of identity and financial credentials.

The benefits of fintech for security were described above, namely, biometrics improving authentication, tokenization reducing risk of a data breach, and real-time monitoring lowering fraud risk. There is a role for policymakers in each of these three areas. Policies around biometrics and multifactor authentication were discussed in the preceding lesson on authentication.

The government should not mandate any technological standard, even tokenization despite its clear benefits. Tokenization is the best solution at this time, but a new and better solution could be created in the near future. Short of a mandate, the government can do a great deal to demonstrate support for a particular solution. The government itself can implement a form of tokenization in its own transactions. The government can also release open-source standards, partner with players in the ecosystem, and support the concept notionally in policy papers. All of these methods would help to support the proliferation of tokenization technology while providing flexibility for new security solutions to be developed.

Finally, on the topic of real-time fraud monitoring, the government can move away from rigid standards that currently govern suspicious activity reporting whereby specific thresholds trigger the filing of boilerplate reports. In 2018, more than 1.3 million “Suspicious Activity Reports” were filed with the US Treasury Department, up 3% from the previous year. In 1998, when the US Treasury began to require SARs, approximately 150,000 were filed. Real-time monitoring and data analysis gives financial services entities far more insight into potentially risky transactions, and therefore could greatly reduce the number of SARs filed, instead of helping the government to focus in on anomalous real-time behaviour that is far more indicative of fraud.

eRegulation

Financial service is a regulated ecosystem, and rightly so; there are risks associated with financial transactions and those risks need to be mitigated. There exists in every country around the world – and on an international level as well as countless regulations that affect financial services activity. The question that arises though is whether laws developed to regulate a particular financial activity conducted through traditional means can or should be applied in the same way to technology services that change the very nature of the underlying activity? In many cases, classical regulatory models associated with static licensing, information reporting, and supervisory regimes seem antiquated when dealing with modern fintech developments.

One of the fundamental promises of the fintech revolution is greater simplicity and transparency for end-users in financial transactions, financial planning and management of financial information. How- ever, the variety of participants in new financial services models creates some additional back-end complexity for those commercial relationships. As technology providers and financial institutions take on new roles, the allocation of responsibility among different players may become blurred. In some cases, those ambiguities can be clarified through the contract, however, in others, new legal constructs may be necessary to ensure the appropriate allocation of responsibility and accountability with the party best-positioned to address and mitigate risk within the system.

For example, it is now well understood that attempting to apply traditional money transmission laws to new cryptocurrency systems is a fundamental mismatch between principles established to regulate services and technologies that are now almost 100 years old and evolving cryptocurrency technologies that have no direct historical analogues. Another example in this regard is the so-called robot-advisers. These services, which provide cheap, automated investment advice based on simple financial models, do not fit easily within a regulatory infrastructure built around personalized, individual advice. Regulation of such activities must take into account the differences, as well as the similarities, between traditional advisory models and more automated models that permit more cost-effective service to a broader range of consumers, albeit at the expense of more customized service that may be better suited for consumers with additional resources and more complicated needs.

When the US Federal Reserve Board was opining on the possible regulation of pre-paid products they set out two important principles that hold true in the case of fintech: 1) a one-size-fits-all regulatory approach may not work; and 2) regulation should not unduly hinder innovation. Fintech is not a single-undertaking, but rather represents technology shifting a broad range of traditional financial services offerings. Regulation must treat each of those services individually, identify the particular risks associated with that service, and create regulation that is performance-based rather than design-driven.

The key questions to ask from a regulatory perspective are:

What is the service being provided?
What risks are associated with that service?
How do current regulations apply to that service?
How should updated regulations cover that service?

Financial Stability Board Secretary General Svein Andresen stated it well, “We have seen many interesting trends over last few years in fintech. However, it is quite possible that a number of the changes either do not pose new risks or may pose risks that are already effectively regulated.”

Beyond asking the right questions, using the right process for regulation is key. Current financial services regulation utilizes rigid design standards – that impose specific business methods on innovative businesses – and a methodology that cannot iterate with rapid developments in the industry. There is uniform agreement that the pace of the current model for regulation cannot keep pace with the rapid changes in the industry. There have been two responses to the current shortcomings in regulation: RegTech and Sandboxes.

RegTech: Utilizing software to automate traditional compliance functions. Compli- ance reports can now be generated automatically from a wide variety of aggregated datasets, at rapid speed, and anomalies can be detected in real-time, significantly lowering the costs of compliance. Regtech can also be helpful in analyzing compliance data, forecasting future procedures and costs, as well as compliance behaviour and culture. Regtech startups have raised $2.3 billion since 2018 and financial institutions are also beginning to invest heavily in the concept.

Sandboxes: Exempting fintech companies from regulatory requirements while they test a new product or service. New concepts need to be vetted and approved by a regulator, but once that process is complete, regulatory requirements are minimal. Sandboxes provide fintech with the ability to experiment with new concepts that otherwise might be cost-prohibitive due to initial regulatory requirements. Regulatory Sandboxes for fintech have been implemented in the UK, Singapore, and Australia and are under discussion in Malaysia, Estonia, Thailand, and several other countries around the world.

Regtech and Sandboxes are important developments that will help fintech continue to grow, however, they do not go far enough. Regtech does not solve the problem of static regulatory models, instead just easing the burden on regulated entities and making it easy for them to file documents that may or may not be particularly useful for achieving a regulatory goal. Sandboxes provide flexibility in the early stages, but it is not entirely clear what an entity born in a sandbox is to do once it graduates from the sandbox. If the traditional regulations continue to apply then the Sandbox does not provide a scalable solution.

Instead of these piecemeal solutions, regulators should consider changing their mindset from one that is rigid and focused on classical design standards and risks to one that is flexible and is able to account for new technological developments, risks, and data points. Regulation must be created in a technology-neutral fashion. Moreover, the goals of consumer protection, security and safety should guide regulatory requirements rather than classical data elements that may no longer actually relate to those goals. This has to be the approach taken; if not regulators and policymakers will continue to struggle to keep up with technological innovations.

There is the reason for optimism in the regulatory arena. Previous iterations of non-bank financial services leveraging technology have also “clashed” with regulations. And, financial regulation has been reinterpreted in light of technological changes in the past. Again, it is worth looking at the example of the ATM. There was a lack of clarity in the 70s as to whether an ATM constituted a bank branch and therefore should be subject to state and federal regulations on branches. State regulators and national policymakers realized that consumers valued the ATM, they were not high-risk products, and that they were linked in with the banking ecosystem. Thus, throughout the 70s and 80s state laws were adjusted to reflect the unique nature of the ATM and in the 2006 National Bank Act specific provisions were created for ATMs to enable their continued growth and usage. It is this type of regulation, taking into account the unique nature of the product, the consideration of the consumers, and the risks posed that will lead to appropriate regulation for fintech.

Finally, regulators and policymakers should think beyond their agency fiefdoms and national borders. 83% of financial services experts in the UK report that the biggest barriers to the progress of fintech are the multiplicity of regulatory authorities. Creating interoperability through passporting regimes is the ideal method for enabling fintech to develop. Regulators in those markets in which the fintech has a significant physical presence should have jurisdiction and supervisory authority. An example of a successful model comes from Singapore, where the Monetary Authority of Singapore has established a fintech office designed to foster partnership among a variety of government agencies that might impact fintech.

Fintech innovation will continue regardless of what policymakers and regulators do. If consumers demand it, technology will evolve, and businesses will offer new solutions. The key for regulators and policymakers in this area of rapid innovation is not more or less regulation, but rather smarter regulation. Policies that facilitate the rise of socio-economically beneficial fintech innovations should be embraced, albeit without picking winner or loser technologies. In cases where fintech innovations are offered without transparency, where they fail to respect the security or privacy of the user, or where they result in user harm then clear supervisory mechanisms should be utilized.

Conclusion

Digitization is going to continue to reshape the financial services landscape in the coming years, and the change will likely be more rapid and larger in scale because of improvements in and proliferation of mobile technology.

Understanding in-depth the technology, business models, and risks associated with fintech will be key to creating the ideal ecosystem for fintech where innovation is fostered, security is enhanced, and customers are better served.

The opportunity for technology to improve financial health and enhance security is the most exciting benefit of the fintech revolution and it is one that must be fostered through sound policymaking and effective collaboration within the private sector and between the public and private sector.