EBA FINTECH Roadmap: Frequently Asked Questions

1. What is FINTECH?
Financial Technology (‘FINTECH’) is a broad concept. Examples of FINTECH include digital ledger technology, robo-advice, RegTech (technologies that can be used for compliance and reporting requirements), and virtual currencies.
At the EU and international levels ‘FINTECH’ is generally being defined as ‘technologically enabled financial innovation that could result in new business models, applications or processes or products with an associated material effect on financial markets and institutions and the provision of financial services’. The EBA is applying this definition for the purposes of its work.
2. Why is the EBA acting now?
The EBA recognises that FINTECH can offer a range of benefits, for example it can enhance consumer choice and experience, reduce the costs of financial products and services, promote financial inclusion, drive efficiencies in the provision of financial services, facilitate cost reduction and support more effective compliance and reporting processes.
The EBA has identified a need to support this innovation development with a consistent and technologically neutral regulatory and supervisory approach to FINTECH allowing the scaling-up of financial innovations across the Single Market without undermining consumer protection, the level playing field, the integrity of the financial markets, and the stability of the financial system taken as a whole.
3. What are the overarching aims of the EBA’s work?
The aims of the EBA are to ensure that regulation and supervisory practices allow opportunities presented by FINTECH to be fully realised without undermining consumer protection, the level playing field, the integrity of the financial markets and the stability of the financial system taken as a whole.

A common regulatory and supervisory approach will allow the scaling-up of financial innovations across the Single Market, benefitting consumers and supporting growth.

4. What is the FINTECH Roadmap?

The FINTECH Roadmap describes the EBA’s FINTECH priorities and indicative milestones for 2018/2019 in light of the feedback received to its 2017 FINTECH Discussion Paper and in alignment with the European Commission’s FINTECH Action Plan .

5. What is the FINTECH Knowledge Hub?

The EBA’s FINTECH Knowledge Hub is being established with the aim of enhancing the monitoring of financial innovation, enhancing knowledge sharing about FINTECH and fostering technological neutrality in regulatory and supervisory approaches on an ongoing basis. The Knowledge Hub will bring together competent authorities in a common setting and to enhance engagement with incumbent and new entrant institutions and other FINTECH firms, technology providers and other relevant parties.
The FINTECH Knowledge Hub will build on experience and knowledge of competent authorities and will interact with similar EU and national initiatives. In this context the FINTECH Knowledge Hub will complement the European Commission’s FINTECH Lab, covering the monitoring of the impact of FINTECH on the whole financial ecosystem and supervisory knowledge sharing.

6. How did the EBA determine its priorities and how do these relate to the European Commission’s FINTECH Action Plan?
The EBA determined its priorities for 2018/2019 based on the responses to the EBA’s Discussion Paper on FINTECH and taking account of the new mandates for the EBA, set out in the European Commission’s FINTECH Action Plan.

7. How does the work done by the EBA relate to the work of the other ESAs and international initiatives on FINTECH?

The EBA has worked in close cooperation with the other ESAs on FINTECH-related matters, for example in the context of work on automation in advice and virtual currencies, and will continue to do so consistent with its commitment to coordinated actions to foster technological neutrality in regulatory and supervisory approaches across the EU.
Additionally, the EBA will remain actively involved in international FINTECH and cybersecurity initiatives, including Basel Committee, G7 and Euro Cyber Resilience Board and in the context of assessing the impact of FinTech on anti-money laundering and countering the financing of terrorism.

8. Is the EBA creating a regulatory sandbox?

No.

Regulatory sandboxes can offer a range of benefits, including enabling low-risk experimentation with new technologies by financial and non-financial firms and facilitating mutual understanding by firms and supervisors of new technologies and their regulatory and supervisory treatment.

Consistent with the proposals set out in the EBA’s FINTECH Discussion Paper and the new mandates set out in the European Commission’s FINTECH Action Plan, in 2018 the EBA will carry out further analysis of regulatory sandboxes established in the Member States. The EBA will use this analysis to identify best practices for setting up regulatory sandboxes by competent authorities and, if appropriate, issue guidelines. Based on this work, and that of the other ESAs, the Commission will present a report with best practices for regulatory sandboxes by Q1 2019.

9. Is the EBA taking further action in relation to virtual currencies?

The EBA, jointly with ESMA and EIOPA has issued a series of warnings to consumers regarding the risks of buying and/or holding virtual currencies, noting that they are highly risky, generally not backed by any tangible assets and are unregulated under EU law, therefore do not offer any legal protection to consumers.
Other initiatives are also being taken to minimise the risks presented by virtual currencies, specifically regarding money laundering and terrorist financing risks associated with providers engaged in exchange services between virtual currencies and fiat currencies and the custodian wallet providers, and in terms of the holding of virtual assets by financial institutions.
Building on this previous work, in 2018 the EBA, in coordination with the other ESAs, will perform a regulatory mapping of the current requirements on virtual currencies in order to assess whether the current framework in place is appropriate with a view of publishing an EBA report and/or opinion addressed to EU legislators.

10. What are the EBA’s areas of focus in relation to consumers?

The EBA recognises that FINTECH can offer a range of benefits for consumers, for example, in terms of enhancing choice and user experience. However, the EBA has identified a number of areas in which it may be appropriate to adopt measures to enhance standards of consumer protection.
In particular, the EBA will assess conduct of business requirement applicable to FINTECH firms as part of its wider work on authorisation and regulatory perimeter issues. The EBA will also consider issues relating to disclosures to consumers (e.g. regarding the regulatory status of FINTECH firms), and to the provision of services cross-border (e.g. the allocation of responsibility for complaints handling between home and host states). Jointly with the other ESAs, the EBA will conduct an analysis of the evolution of ‘automation in financial advice’ further to the December 2016 Joint Committee Report on this topic.

11. What is the EBA doing to address cybersecurity issues?

Cybersecurity issues are relevant across the financial system and not only to FINTECH. However, in light of the emphasis respondents to the EBA’s FINTECH Discussion Paper placed on cybersecurity, the EBA refers in the FINTECH Roadmap to the EBA’s work in this area.
In 2018, building on previous work, the EBA will develop ICT risks guidelines for institutions setting out guidance for management of ICT risks including the evaluation and mitigation of cyber risk, harmonised supervisory practices for assessing cybersecurity management and take further steps in a common cyber threat testing framework in line with other initiatives such as TIBER-EU. ,. The EBA will also carry out further work for the purposes of assessing the need for follow-up actions in relation to security incident reports and supervisory convergence in relation to security-related provisions under the PSD2.

Acknowledging the importance of international harmonisation, the EBA will continue to liaise with relevant EU and international bodies on the topic of cybersecurity (e.g. Basel Committee, G7 and Euro Cyber Resilience Board)
12. What further actions are being taken in relation to AML/CFT?
The EBA is committed to the fight against money laundering and countering the financing of terrorism. In the context of its FINTECH -related work the EBA will take forward further initiatives to identify and assess money laundering/terrorist financing risks associated with regulated FINTECH firms, technology providers and FINTECH solutions.

13. What are the next steps?

The FINTECH Roadmap sets out an indicative timeline of next steps in relation to the policy priorities identified in the Roadmap. The EBA will issue in 2018 publications spanning all priority policy areas identified in the Roadmap and will continue to engage in EU and international FINTECH initiatives.