Banking Exchange Magazine Logo

Should fintech be regulated?

Better question: Can and should consumer financial services regulation evolve?

This viewpoints article looks at the regulation of financial innovation. We welcome responses in the comment section below. Proposals for viewpoints articles and UNconventional Wisdom guest blogs should be directed to This viewpoints article looks at the regulation of financial innovation. We welcome responses in the comment section below. Proposals for viewpoints articles and UNconventional Wisdom guest blogs should be directed to [email protected]

Guess where the following statement appears on the web:

“We promote competition through disruptive innovation— innovation that offers new services to customers and challenges existing business models.”

A fintech company? A bank vendor? A consulting firm? A think tank? A trade association?

None of the above. Actually, it’s a regulator. Can you guess which regulator?

Hints: It's not the Comptroller’s Office. Not the Federal Reserve Board. Not FDIC. Not even the Consumer Financial Protection Bureau.

It's the Financial Conduct Authority, in the UK.

“We promote … disruptive innovation … that challenges existing business models.”

Disruptive innovation—by a regulator?

Will fintech change regulatory philosophy?

The UK has a national strategy aimed at being the fintech capital of the world. To that end, it is actively working to attract and nurture innovative financial companies, using a range of tools that include regulatory policy.

This proactive stance contrasts sharply with traditional regulatory approaches worldwide, including those used in the U.S. (thus far). Normally, policymakers focus on addressing emerging risks as markets change. While many regulators may try to minimize interference with industry practices, it’s rare that regulatory strategy seeks, affirmatively, to embrace the upside potential of innovation.

Increasingly, however, innovative technology is forcing this kind of balanced thinking into the regulatory arena. In the UK, this is partly conceived as a national strategy for economic competition, but is also explicitly designed to capture the massive potential benefits that innovation is creating for consumers.

Regulators are striving to balance on the knife-edge of preventing new risks—which will undoubtedly develop—while still allowing pro-consumer fintech to flourish.

Upside of philosophical shift

The potential consumer benefits are enormous. Fintech innovation is driving the whole sector toward:

Sharply reduced costs, especially through mobile delivery channels.

High transparency to consumers.

More inclusiveness through, again, lower-cost channels and also use of alternative data that can fine-tune risk evaluation of people with limited or complex credit histories.

Consumer empowerment through easy personal financial management tools and simplified savings and investment.

Faster payments that reduce uncertainty about when payments will clear, thereby helping consumers who have timing problems covering their bills.

Regulators throughout the world are starting to realize that their own actions could inadvertently undermine such upside potential, as they pursue legitimate efforts to address downside risk.

Finding the right mix of policies is not a simple task.

UK’s regulatory innovation

The FCA has created a “Project Innovate” initiative and an “Innovation Hub.” Though a regulatory body, it is pursuing strategies that range from directly nurturing promising start-ups to adopting policies that foster innovation. [Read Jo Ann Barefoot’s earlier “Lessons from London? ‘Fair banking’—with English on it”]  

For example, the FCA has sought public comment on two questions. One, is what regulations are impeding innovation? The other is whether there is a need for new regulations to foster innovation. These reflect fundamental strategic thinking about the role of financial regulation.

Another example is the FCA's exploration of whether to create a formal “regulatory sandbox” to enable innovators to test new ideas that might raise regulatory concerns or that do not fit squarely into the structure of current rules. the image to view a video from FCA. (Scroll to bottom of page you land on.)

I had the chance to participate last year in FCA’s roundtable discussion of the sandbox proposal and was struck by the far-ranging new thinking underway.

For example, the agency invited input on whether to create a “virtual sandbox” in which consumer data could be collected and centralized so that innovators could test ideas without having to use real customers as “guinea pigs.”

Another idea is to permit industry associations to play an “umbrella” role, streamlining access to the sandbox approval process for small innovators.

Numerous other challenges are under discussion, from how to define and measure consumer benefit, to how to protect providers’ intellectual property and competitive positioning, to how to make a sandbox permission process simple enough that it would help, rather than hinder, fast-moving innovation.

UK regulators describe their efforts as experimental. (I notice that both public and private sector leaders often use the word “journey.”) No one I know, in government, banks, or startups, thinks they have figured out all the answers.

As a former bank regulator myself, what I find fascinating is that they are trying to move toward a different way of operating as they navigate the extreme uncertainties and rapid change ahead. There is an effort to be more flexible, more collaborative, and more nimble—faster.

While no one seems actually comfortable with this, there is palpable excitement about its potential.

Bear in mind, too, that innovators in the UK have the opportunity to “passport” their operations throughout the European Union. That, combined with this innovative regulatory strategy, makes the UK an excellent place for innovative companies to do business.

Principles versus rules

The UK contrasts with the US in another aspect of regulatory policy:  It relies much more heavily on “principles-based,” rather than rules-based, regulation for consumer financial protection.

The UK does have extensive technical rules governing consumer financial products and practices, but the regulators moved, years ago, toward emphasizing broad standards for “treating customers fairly.”

UK regulators also require senior executives to attest that their institutions have done so.

Here again, one hears people use the word “journey” to describe the difficulties of regulating “conduct,” as opposed to straightforward (if complex) compliance with procedural rules. Conduct and fairness are subjective concepts, difficult to apply.

Personal accountability standards can have unintended consequences, sometimes driving providers out of market sectors where regulatory risks are high and/or hard to predict.

Still, these regulatory strategies emerged in the UK before the US agencies began to emphasize similar approaches regarding unfair, deceptive and abusive practices (UDAAP). As a result, the UK has arguably moved further in clarifying broad principles and building consensus about what their regulators  mean.

The regulators have even taken steps toward trying to measure consumer outcomes, rather than compliance inputs, as the primary way to judge banks’ performance toward consumer protection goals.

Can US adopt this model?

None of this means that the UK is a fully apt model for the US.

As always with regulators and the regulated, there are many contentious issues between the financial industry and the FCA. Also, the UK’s challenges are simpler than ours in many ways. The country has a much more concentrated banking system, unlike the U.S. with our thousands of institutions.

The UK also has a vastly simpler regulatory structure, with two primary agencies—the FCA addressing “conduct” issues (and containing the semi-independent Payments Systems Regulator) and the Prudential Regulation Authority in the Bank of England overseeing prudential risk.

This contrasts sharply with our U.S. structure, in which we have five federal agencies directly overseeing financial institutions in addition to performing other critical missions, plus 50 states also chartering and regulating banks and also licensing and overseeing thousands of nonbank financial firms, especially lenders and money transmitters.

Nevertheless, the US can learn from observing the UK’s “journey.”

This side of the pond

Here in America, the regulators are moving in directions that parallel the UK’s efforts.

On principles-based regulation, they have already vigorously shifted to a proactive stance.

Coming out of the financial crisis, CFPB and also the prudential agencies have all emphasized UDAAP and fair lending as critical priorities. While technical rules continue to proliferate, the highest consumer regulatory risks for US banks today concentrate overwhelmingly in areas where product terms and practices are viewed by regulators as deceptive, unfair, or discriminatory.

Furthermore, this trend will only intensify as the sheer speed of technology change forces regulators to rely more on principles than rules, simply because detailed rules will increasingly lag behind market and product transformation.

On the innovation front, too, U.S. regulators are also starting to shift gears.

• Comptroller of the Currency Thomas Curry appointed a task force last year on Responsible Innovation, addressing both consumer protection and prudential regulation. In announcing the initiative, Curry noted that regulators have a cultural “tendency to say no,” and that the OCC needs to build a deep understanding of technology change, along with an ability to be “nimble.” The agency may issue a report this spring.

• Similarly, the Federal Reserve Bank of San Francisco held a first-ever conference last year on innovation and regulation, with participants drawn from industry, Silicon Valley, consumer advocates, and think tanks.

• The Treasury Department, too, held a conference on financial inclusion with a strong innovation focus late last year.

• CFPB has continued to evolve its Project Catalyst program, which seeks to identify pro-consumer fintech. Recently CFPB issued in final form its policy to facilitate consumer-friendly innovation.   

• At the state level, the Conference of State Bank Supervisors has been exploring the same kinds of challenges.

• Meanwhile the Federal Trade Commission is doing extensive work on privacy and fair usage of “big data,” including the Internet of Things (IoT).

Questions all should be asking

There is no shortage of meaty and critical topics:

1. How should fintech startups be able to access and partner with the banking system, under what sets of rules and standards?

2. How should we address rising concerns about data security and privacy?

3. How should we address the opportunities and risks involved with use of alternative and “big” data and data analytics in risk evaluation and fair lending?

4. What are the implications of digital currencies, the blockchain, and real-time payments?

5. Do we need regulatory standards regarding data aggregation practices? Should consumers’ banking data be portable, as in the UK, and who should actually “own” it? 

6. How can our bank-centric regulatory system cope with burgeoning innovation by nonbanks, from tiny startups with a cool new phone app, to some future Uber of finance, to, say, mold-breaking services from “Big Tech” firms like Facebook, Amazon, Apple, and Google—all of which have consumer financial services in some form, already?

The technology forces disrupting finance will also disrupt our regulatory framework, because this industry is subject to such pervasive rules and supervision.

All players are living through an epic shift. The story’s outcome will depend on how well regulators, industry, innovators, and consumer advocates work together to embrace and shape innovation.

Jo Ann Barefoot

Jo Ann Barefoot, a frequent contributor to, for many years was an ABA Banking Journal contributing editor and is now a member of the Banking Exchange Editorial Advisory Board. She is CEO of Barefoot Innovation Group, Cofounder of Hummingbird Regtech, and Senior Fellow Emerita of the Harvard Kennedy School Center for Business and Government. Barefoot has served on the Consumer Advisory Board of the Consumer Financial Protection Bureau. She has over 35 years of management, strategy, regulatory, and consulting experience focused on consumer financial protection. A former Deputy Comptroller of the Currency—the first woman to serve in that post—and partner at KPMG, she has advised most of America’s largest financial institutions, scores of community banks, and numerous non-profits and government agencies. She is a frequent speaker and media source on financial issues, has authored several books and over 150 articles, and has testified before Congress and other federal bodies. You can see Barefoot's periodic blog here, and follow her on Twitter on @JoAnnBarefoot

back to top


About Us

Connect With Us


Adaptive Authentication:

Superior User Experience and Growth through Intelligent Security

Banks and financial institutions find themselves trying to satisfy competing priorities. Fraud continues to grow at an alarming pace and in sophistication year-over-year.

Intelligent adaptive authentication is a new approach to combating fraud that solves this problem and achieves the twin goals of reducing fraud and delighting the customer.


OneSpan logo