Close panel

Close panel

Close panel

Close panel

Financial regulations 06 Feb 2018

Payments, data and cybersecurity: the future of regulation

PSD2 and GDPR are no longer strange-sounding terms. After digital regulation caught the attention of supervisors and financial regulators in Europe during 2017, it doesn't look like 2018 will be any different, according to the Financial Regulation Outlook report from BBVA Research.

As BBVA Research points out, the digitization of finances offers opportunities and challenges not only to financial service providers and customers, but also to regulators and supervisors. Therefore, the “regulation and supervision frameworks need to evolve and adapt” to the new environment.

Which sectors will digital regulation focus on?

In the opinion of BBVA Research, the payment industry—which has already been the focus of many regulatory efforts in recent years—will also be a priority in the future. In January 2018, the new EU Payment Services Directive (PSD2) entered into force. However, the application of the associated technical regulation standards will have to wait until 2019.

PSD2 seeks to establish a new regulatory framework that improves competency in the payment sector, and at the same time, boosts security in this segment in Europe. According to BBVA Research, this directive regulates access to customer payment accounts by third parties.

Regarding this last point, another of the most debated topics in 2017 was the access, use and protection of data. Digitization makes storing, processing and sharing large amounts of data technically feasible, and also presents concerns about how to guarantee privacy and the integrity of customers’ data.

BBVA Research: The growing importance of data has made ensuring the integrity of information more important than ever

This concern materialized in Europe in two new regulations: the General Data Protection Regulation (GDPR), which will enter into force in May 2018, and the e-Privacy Regulation, which is expected to be approved in 2018.

The increase in the frequency and sophistication of cyber attacks has made cybersecurity a concern for the financial industry.  In fact, as BBVA Research points out, “the growing importance of data has made ensuring the integrity of information more important than ever.” In Europe, the new framework of cybersecurity is confined to the directive on security of networks and information systems (NIS Directive), which has been in force since August 2016, and now must be applied by the Member States.

In addition, “PSD2 and GDPR include elements that reinforce the cybersecurity tool kit,” BBVA Research says in its report.

BBVA Research: The priority should be to define common principles at a global level that help to avoid fragmentation across countries when defining the regulatory approach to Fintech

New initiatives are likely to begin in Europe in the coming months. For example, the European Commission plans to publish its Fintech Action Plan, which will frame the EU road map. With this Action Plan, it is hoped that the

Commission will begin working during the first quarter of 2018 on legislative proposals to regulate ‘crowdfunding’ and P2P (peer-to-peer) loans.

BBVA Research: The work of international regulators, and more prominently the FSB (Financial Stability Board), in guiding the regulatory debate will be crucial in 2018

The debate over digital regulation has also reached Latin America

In the opinion of BBVA Research, “in 2018, the debate might move to other regions beyond Europe, such as Latin America.” For example, in Mexico, in the final months of 2017, the design of a Fintech law has been debated to regulate the use of financial technology.  The discussion is likely to continue in 2018. Once this project is approved, “Mexican authorities will face the challenge of shaping a large set of secondary rules,” says BBVA Research.

In the words of Lucía Pacheco, an economist in the Digital Regulation Unit at BBVA Research, “Going forward, the priority should be to define common principles at a global level that help to avoid fragmentation across countries when defining the regulatory approach to Fintech.”  The inform concludes, “To this end, the work of international regulators, and more prominently the FSB (Financial Stability Board), in guiding the regulatory debate will be crucial in 2018.”